Automatic generation of inductive invariants from high-level microarchitectural models of communication fabrics

Authors:
Satrajit Chatterjee;Michael Kishinevsky
Affiliations:
Two Sigma Investments LLC, New York, USA 10012;Intel Corporation, Hillsboro, USA 97124
Venue:
Formal Methods in System Design
Year:
2012

Citing 10
Cited 0

Introduction to algorithms

Introduction to algorithms
Automatic generation of invariants and intermediate assertions

Theoretical Computer Science - Special issue: principles and practice of constraint programming
An axiomatic basis for computer programming

Communications of the ACM
Checking Safety Properties Using Induction and a SAT-Solver

FMCAD '00 Proceedings of the Third International Conference on Formal Methods in Computer-Aided Design
Microarchitecture Verification by Compositional Model Checking

CAV '01 Proceedings of the 13th International Conference on Computer Aided Verification
Convex geometry and semiflows in P/T nets. A comparative study of algorithms for computation of minimal P-semiflows

Proceedings of the 10th International Conference on Applications and Theory of Petri Nets: Advances in Petri Nets 1990
Principles and Practices of Interconnection Networks

Principles and Practices of Interconnection Networks
Replacing Testing with Formal Verification in Intel$^{\scriptsize\circledR}$ CoreTM i7 Processor Execution Engine Validation

CAV '09 Proceedings of the 21st International Conference on Computer Aided Verification
SAT-based model checking without unrolling

VMCAI'11 Proceedings of the 12th international conference on Verification, model checking, and abstract interpretation
Verifying deadlock-freedom of communication fabrics

VMCAI'11 Proceedings of the 12th international conference on Verification, model checking, and abstract interpretation

Quantified Score

Hi-index	0.00

Visualization

Abstract

Abstract microarchitectural models of communication fabrics present a challenge for verification. Due to the presence of deep pipelining, a large number of queues and distributed control, the state space of such models is usually too large for enumeration by protocol verification tools such as Murphi. On the other hand, we find that state-of-the-art rtl model checkers such as abc have poor performance on these models since there is very little opportunity for localization and most of the recent capacity advances in rtl model checking have come from better ways of discarding the irrelevant parts of the model. In this work we explore a new approach for verifying these models where we capture a model at a high level of abstraction by requiring that it be described using a small set of well-defined microarchitectural primitives. We exploit the high level structure present in this description, to automatically strengthen some classes of properties, in order to make them 1-step inductive, and then use an rtl model checker to prove them. In some cases, even if we cannot make the property inductive, we can dramatically reduce the number and complexity of lemmas that are needed to make the property inductive.