Correct Hardware Design Methodology: Towards Formal Design and Verification for Provably Correct VLSI Hardware

Ziel

Functional verification is the bottleneck of VLSI design systems. For economic and industrial reasons, VLSI circuit designs must be completely validated before manufacturing begins. Current VLSI validation is done mainly through simulation with a limitedset of test stimuli. This does not guarantee correctness.
Formal verification methods, on the other hand, are analytic, and have the potential to guarantee the correctness of implemented circuits. Most formal verification approaches, however, suffer from complexity.
The aim of the CHARME Action was to investigate which verification approaches are appropriate for particular classes of hardware designs and specific levels of abstraction in the hardware design trajectory.
A suite of promising methods for formal very large scale integration (VLSI) hardware verification has been investigated, resulting in a methodology of 'design for verifiability' with the appropriate verification algorithms and methods for all levels of abstraction, ranging from the transistor switch up to the instruction level. This technology will enable VLSI designers to prove their designs correct before production begins.

Based on a suite of benchmark circuits, with representations at several levels of abstraction, different verification methods were investigated. The benchmark circuits consist of combinatorial logic, controllers, finite state machines, multipliers, arithmetic logic units (ALU), parameterized module generators, and microprocessors. The levels of abstraction considered were metal oxide semiconductor (MOS) transistor, structural register transfer, behavioural register transfer, and microprogram, microinstruction and instruction.
To verify the correctness of the specification versus the implementations at these levels, a number of basic verification techniques were used: Boolean provers, proof of automata, and general purpose theorem provers. These support verification at the following levels: microprogramme architecture, structural register transfer (RT) versus behavioural RT, and RT versus switch level.

Different aspects in the area of the formal verification of very large scale integration (VLSI) hardware have been studied. Formal verification, given the appropriate methodologies, algorithms and formalisms, will find its place in actual computer aided design (CAD) systems for industrial hardware designs. Research results include a link-up of formal verification tools to the computer hardware description language VHDL as well as the demonstrated formal verification of actual VLSI chips of over 32 000 transistors from the layout up to high level algorithmic specifications. This is the largest full verification of a complete integrated circuit done thus far.
APPROACH AND METHODS
Based on a suite of benchmark circuits, with representations at several levels of abstraction, different verification methods were investigated. The benchmark circuits consist of combinatorial logic, controllers, finite state machines, multipliers, arithmetic logic units (ALUs), parameterised module generators, and microprocessors. The levels of abstraction considered were MOS transistor, structural register transfer, behavioural register transfer, and microprogram, micro-instruction and instruction.To verify the correctness of the specifications versus the implementations at these levels, a number of basic verification techniques were used: Boolean provers, proof of automata, and general-purpose theorem-provers. These support verification at the following levels: microprogramme architecture, structural register transfer (RT) versus behavioural RT, and RT versus switch level.
PROGRESS AND RESULTS
The Action has concentrated on the behavioural correctness verification, as follows:
-Transistor switch-level circuits extracted from the layout are used as the starting point. Symbolic analysis techniques that model different transistor strengths and node sizes have been developed and implemented, including appropriate modelling of thebi-directional characteristics of MOS transistors.
-An efficient OBDD package, TAUTO, has been implemented and successfully compared with other top-level packages. TAUTO is used as a basic abstract data type in other verification tools of the Action.
-An RT-versus-RT verification tool, LOVERT, has been developed.
-Efficient algorithms for FSM specification versus implementation checking using implicit as well as symbolic enumeration methods have been developed and benchmarked.
-The Boyer-Moore theorem-prover has been integrated in a CAD system for the formal verification of high-level synthesis libraries and parameterised hardware modules from layout up to specification (for the complete range of allowable parameters).
-A translation has been realised from VHDL to the verification tools LOVERT, TACHE and Boyer-Moore.
-A comparison has been made between Boyer-Moore and HOL for the verification of generic datapath-dominated hardware.
-The OTTER resolution-based theorem provers have been investigated for hardware verification.
-A micro instruction specification editor, micro-SPEED, has been implemented.
-A first prototype of the CIRCAL system, based on the concept of process algebras, has been implemented. XCIRCAL, a user-friendly language, has been defined and implemented.
-Aspects of design for verificability rules, as well as design for verificability methodologies, have been worked out.
-The SFG-Tracing methodology for the specification versus implementation verification has been defined and applied to the correctness verification from high-level algorithm specifications down to layout-extracted transistor circuits. This has been succes sfully used in the full formal proof of a 32000 transistor modem chip.
POTENTIAL
By using similar design applications on different levels and employing different approaches, this Action will result in the determination of methodologies for enabling provably correct VLSI hardware. Proving hardware correct during the design stage, and the resulting avoidance of errors, will result in the quick introduction of competitive products onto the market.

Wissenschaftliches Gebiet (EuroSciVoc)

CORDIS klassifiziert Projekte mit EuroSciVoc, einer mehrsprachigen Taxonomie der Wissenschaftsbereiche, durch einen halbautomatischen Prozess, der auf Verfahren der Verarbeitung natürlicher Sprache beruht. Siehe: Das European Science Vocabulary.

• Technik und Technologie Elektrotechnik, Elektronik, Informationstechnik Elektrotechnik Hardware Computerprozessor
• Naturwissenschaften Chemiewissenschaften anorganische Chemie anorganische Verbindungen
• Naturwissenschaften Mathematik reine Mathematik Arithmetik
• Naturwissenschaften Mathematik reine Mathematik Algebra
• Naturwissenschaften Naturwissenschaften Elektromagnetismus und Elektronik Halbleiterbauelement

Programm/Programme

Mehrjährige Finanzierungsprogramme, in denen die Prioritäten der EU für Forschung und Innovation festgelegt sind.

• FP2-ESPRIT 2 - European strategic programme (EEC) for research and development in information technologies (ESPRIT), 1987-1992

Thema/Themen

Aufforderungen zur Einreichung von Vorschlägen sind nach Themen gegliedert. Ein Thema definiert einen bestimmten Bereich oder ein Gebiet, zu dem Vorschläge eingereicht werden können. Die Beschreibung eines Themas umfasst seinen spezifischen Umfang und die erwarteten Auswirkungen des finanzierten Projekts.

Aufforderung zur Vorschlagseinreichung

Verfahren zur Aufforderung zur Einreichung von Projektvorschlägen mit dem Ziel, eine EU-Finanzierung zu erhalten.

Finanzierungsplan

Finanzierungsregelung (oder „Art der Maßnahme“) innerhalb eines Programms mit gemeinsamen Merkmalen. Sieht folgendes vor: den Umfang der finanzierten Maßnahmen, den Erstattungssatz, spezifische Bewertungskriterien für die Finanzierung und die Verwendung vereinfachter Kostenformen wie Pauschalbeträge.

Daten nicht verfügbar

Koordinator

Beteiligte (4)