Correct Hardware Design Methodology: Towards Formal Design and Verification for Provably Correct VLSI Hardware

Objetivo

Functional verification is the bottleneck of VLSI design systems. For economic and industrial reasons, VLSI circuit designs must be completely validated before manufacturing begins. Current VLSI validation is done mainly through simulation with a limitedset of test stimuli. This does not guarantee correctness.
Formal verification methods, on the other hand, are analytic, and have the potential to guarantee the correctness of implemented circuits. Most formal verification approaches, however, suffer from complexity.
The aim of the CHARME Action was to investigate which verification approaches are appropriate for particular classes of hardware designs and specific levels of abstraction in the hardware design trajectory.
A suite of promising methods for formal very large scale integration (VLSI) hardware verification has been investigated, resulting in a methodology of 'design for verifiability' with the appropriate verification algorithms and methods for all levels of abstraction, ranging from the transistor switch up to the instruction level. This technology will enable VLSI designers to prove their designs correct before production begins.

Based on a suite of benchmark circuits, with representations at several levels of abstraction, different verification methods were investigated. The benchmark circuits consist of combinatorial logic, controllers, finite state machines, multipliers, arithmetic logic units (ALU), parameterized module generators, and microprocessors. The levels of abstraction considered were metal oxide semiconductor (MOS) transistor, structural register transfer, behavioural register transfer, and microprogram, microinstruction and instruction.
To verify the correctness of the specification versus the implementations at these levels, a number of basic verification techniques were used: Boolean provers, proof of automata, and general purpose theorem provers. These support verification at the following levels: microprogramme architecture, structural register transfer (RT) versus behavioural RT, and RT versus switch level.

Different aspects in the area of the formal verification of very large scale integration (VLSI) hardware have been studied. Formal verification, given the appropriate methodologies, algorithms and formalisms, will find its place in actual computer aided design (CAD) systems for industrial hardware designs. Research results include a link-up of formal verification tools to the computer hardware description language VHDL as well as the demonstrated formal verification of actual VLSI chips of over 32 000 transistors from the layout up to high level algorithmic specifications. This is the largest full verification of a complete integrated circuit done thus far.
APPROACH AND METHODS
Based on a suite of benchmark circuits, with representations at several levels of abstraction, different verification methods were investigated. The benchmark circuits consist of combinatorial logic, controllers, finite state machines, multipliers, arithmetic logic units (ALUs), parameterised module generators, and microprocessors. The levels of abstraction considered were MOS transistor, structural register transfer, behavioural register transfer, and microprogram, micro-instruction and instruction.To verify the correctness of the specifications versus the implementations at these levels, a number of basic verification techniques were used: Boolean provers, proof of automata, and general-purpose theorem-provers. These support verification at the following levels: microprogramme architecture, structural register transfer (RT) versus behavioural RT, and RT versus switch level.
PROGRESS AND RESULTS
The Action has concentrated on the behavioural correctness verification, as follows:
-Transistor switch-level circuits extracted from the layout are used as the starting point. Symbolic analysis techniques that model different transistor strengths and node sizes have been developed and implemented, including appropriate modelling of thebi-directional characteristics of MOS transistors.
-An efficient OBDD package, TAUTO, has been implemented and successfully compared with other top-level packages. TAUTO is used as a basic abstract data type in other verification tools of the Action.
-An RT-versus-RT verification tool, LOVERT, has been developed.
-Efficient algorithms for FSM specification versus implementation checking using implicit as well as symbolic enumeration methods have been developed and benchmarked.
-The Boyer-Moore theorem-prover has been integrated in a CAD system for the formal verification of high-level synthesis libraries and parameterised hardware modules from layout up to specification (for the complete range of allowable parameters).
-A translation has been realised from VHDL to the verification tools LOVERT, TACHE and Boyer-Moore.
-A comparison has been made between Boyer-Moore and HOL for the verification of generic datapath-dominated hardware.
-The OTTER resolution-based theorem provers have been investigated for hardware verification.
-A micro instruction specification editor, micro-SPEED, has been implemented.
-A first prototype of the CIRCAL system, based on the concept of process algebras, has been implemented. XCIRCAL, a user-friendly language, has been defined and implemented.
-Aspects of design for verificability rules, as well as design for verificability methodologies, have been worked out.
-The SFG-Tracing methodology for the specification versus implementation verification has been defined and applied to the correctness verification from high-level algorithm specifications down to layout-extracted transistor circuits. This has been succes sfully used in the full formal proof of a 32000 transistor modem chip.
POTENTIAL
By using similar design applications on different levels and employing different approaches, this Action will result in the determination of methodologies for enabling provably correct VLSI hardware. Proving hardware correct during the design stage, and the resulting avoidance of errors, will result in the quick introduction of competitive products onto the market.

Ámbito científico (EuroSciVoc)

CORDIS clasifica los proyectos con EuroSciVoc, una taxonomía plurilingüe de ámbitos científicos, mediante un proceso semiautomático basado en técnicas de procesamiento del lenguaje natural. Véas: El vocabulario científico europeo..

• ingeniería y tecnología ingeniería eléctrica, ingeniería electrónica, ingeniería de la información ingeniería electrónica hardware informático procesador informático
• ciencias naturales ciencias químicas química inorgánica compuestos inorgánicos
• ciencias naturales matemáticas matemáticas puras aritmética
• ciencias naturales matemáticas matemáticas puras álgebra
• ciencias naturales ciencias físicas electromagnetismo y electrónica dispositivo semiconductor

Programa(s)

Programas de financiación plurianuales que definen las prioridades de la UE en materia de investigación e innovación.

• FP2-ESPRIT 2 - European strategic programme (EEC) for research and development in information technologies (ESPRIT), 1987-1992

Tema(s)

Las convocatorias de propuestas se dividen en temas. Un tema define una materia o área específica para la que los solicitantes pueden presentar propuestas. La descripción de un tema comprende su alcance específico y la repercusión prevista del proyecto financiado.

Convocatoria de propuestas

Procedimiento para invitar a los solicitantes a presentar propuestas de proyectos con el objetivo de obtener financiación de la UE.

Régimen de financiación

Régimen de financiación (o «Tipo de acción») dentro de un programa con características comunes. Especifica: el alcance de lo que se financia; el porcentaje de reembolso; los criterios específicos de evaluación para optar a la financiación; y el uso de formas simplificadas de costes como los importes a tanto alzado.

Datos no disponibles

Coordinador

Participantes (4)