Automatic verification of finite-state concurrent systems using temporal logic specifications
ACM Transactions on Programming Languages and Systems (TOPLAS)
Model checking and modular verification
ACM Transactions on Programming Languages and Systems (TOPLAS)
New techniques for efficient verification with implicitly conjoined BDDs
DAC '94 Proceedings of the 31st annual Design Automation Conference
RuleBase: an industry-oriented formal verification tool
DAC '96 Proceedings of the 33rd annual Design Automation Conference
Symbolic Model Checking
Communication and Concurrency
Switching and Finite Automata Theory: Computer Science Series
Switching and Finite Automata Theory: Computer Science Series
Input Elimination and Abstraction in Model Checking
FMCAD '98 Proceedings of the Second International Conference on Formal Methods in Computer-Aided Design
Circuit Design Techniques for a Gigahertz Integer Microprocessor
ICCD '98 Proceedings of the International Conference on Computer Design
Comparing Symbolic and Explicit Model Checking of a Software System
Proceedings of the 9th International SPIN Workshop on Model Checking of Software
An Algorithmic Approach to Design Exploration
FME '02 Proceedings of the International Symposium of Formal Methods Europe on Formal Methods - Getting IT Right
| Hi-index | 0.00 |
A common technique in high-performance hardware design is to intersperse combinatorial logic freely between level-sensitive latch layers (wherein one layer is transparent during the "high" clock phase, and the next during the "low"). Such logic poses a challenge to verification - unless the two-phase netlist N may be abstracted to a full-cycle model N′ (wherein each memory element may sample every cycle), model checking of N requires at least twice as many state variables as would be necessary to obtain equivalent coverage for N′. We present an algorithm to automatically obtain such an abstraction by selectively eliminating latches from both layers. The abstraction is valid for model checking CTL* formulae which reason solely about latches of a single phase. This algorithm has been implemented in IBM's model checker, RuleBase, and has been used to enable model checking of IBM's Gigahertz Processor, which may not have been feasible otherwise. This abstraction has furthermore allowed verification engineers to write properties and environments more efficiently.