The art of semi-formal bug hunting

Verification is a critical task in the development of correct computing systems. Simulation remains the predominantly used technique to identify design flaws, due to its scalability. However, simulation intrinsically suffers from low functional coverage, hence often fails to identify all design flaws. Formal verification (FV) is a promising approach to overcome the coverage limitations of simulation, due to its exhaustiveness - which enables it to identify intricate design flaws too complex to practically find using simulation. However, automated FV techniques have scalability drawbacks that limit the size of design components that can be formally verified. One of the key strengths of FV techniques is their use of symbolic reasoning, to efficiently explore a huge number of individual scenarios that would be intractable using simulation. When used in an incomplete manner, the scalability challenges of these algorithms are lessened, enabling efficient and relatively scalable semi-formal bug hunting. Nonetheless, to yield a robust industrial-strength solution, the individual components of such a system - many being heuristic - must be highly tuned, and integrated and orchestrated in an intricate manner. In this paper, we overview the various components useful in a scalable semi-formal search framework, introducing several novel powerful techniques and providing experimental data to illustrate the strengths, weaknesses, and complementary nature of the various techniques.

[1]  Adnan Aziz,et al.  Constraint synthesis for environment modeling in functional verification , 2003, DAC '03.

[2]  Armin Biere,et al.  Hardware model checking competition 2017 , 2017, 2017 Formal Methods in Computer Aided Design (FMCAD).

[3]  Jiang Long,et al.  Smart simulation using collaborative formal and simulation engines , 2000, IEEE/ACM International Conference on Computer Aided Design. ICCAD - 2000. IEEE/ACM Digest of Technical Papers (Cat. No.00CH37140).

[4]  Panagiotis Manolios,et al.  Fast and Accurate Bitstate Verification for SPIN , 2004, SPIN.

[5]  Viktor Schuppan,et al.  Liveness Checking as Safety Checking , 2002, FMICS.

[6]  Alan J. Hu,et al.  An Effective Guidance Strategy for Abstraction-Guided Simulation , 2007, 2007 44th ACM/IEEE Design Automation Conference.

[7]  Jason Baumgartner,et al.  Exploiting suspected redundancy without proving it , 2005, Proceedings. 42nd Design Automation Conference, 2005..

[8]  Roger D. Chamberlain,et al.  Parallel Logic Simulation of VLSI Systems , 1995, 32nd Design Automation Conference.

[9]  Adnan Aziz,et al.  Rarity based guided state space search , 2001, GLSVLSI '01.

[10]  Adnan Aziz,et al.  Optimal Constraint-Preserving Netlist Simplification , 2008, 2008 Formal Methods in Computer-Aided Design.

[11]  Fabio Somenzi,et al.  Guiding simulation with increasingly refined abstract traces , 2006, 2006 43rd ACM/IEEE Design Automation Conference.

[12]  Arie Gurfinkel,et al.  Pushing to the top , 2015, 2015 Formal Methods in Computer-Aided Design (FMCAD).

[13]  R. Brayton,et al.  Using Speculation for Sequential Equivalence Checking , 2012 .

[14]  Robert K. Brayton,et al.  Invariant-Strengthened Elimination of Dependent State Elements , 2008, 2008 Formal Methods in Computer-Aided Design.

[15]  Per Bjesse,et al.  Using counter example guided abstraction refinement to find complex bugs , 2004, Proceedings Design, Automation and Test in Europe Conference and Exhibition.