Luigi Di Guglielmo

HIFSuite: Tools for HDL code conversion and manipulation

HIFSuite ia a set of tools and application programming interfaces (APIs) that provide support for modeling and verification of HW/SW systems. The core of HIFSuite is the HDL Intermediate Format (HIF) language upon which a set of front-end and back-end tools have been developed to allow the conversion of HDL code into HIF code and vice versa. HIFSuite allows designers to manipulate and integrate heterogeneous components implemented by using different hardware description languages (HDLs). Moreover, HIFSuite includes tools, which rely on HIF APIs, for manipulating HIF descriptions in order to support code abstraction/refinement and post-refinement verification.

Model-driven design and validation of embedded software

This paper presents a model-based framework for designing and validating embedded software (ESW). The design infrastructure is a rapid-application-development suite for ESW, i.e., radCASE, which provides the user with an off the shelf designing environment based on model-driven paradigm. The validation infrastructure, i.e., radCHECK, is based on Property Editor. Such an editor simplifies the definition of PSL properties by exploiting PSL-based templates, that can be automatically compiled into executable checkers by using the integrated Checker Generator engine. Besides, radCHECK comprises a testcase generation infrastructure, i.e., Ulisse, which is based on an corner-case-oriented concolic approach for ESW, thus it is able to simulate the ESW and the checkers by using high-coverage testcases.

On the integration of model-driven design and dynamic assertion-based verification for embedded software

Model-driven design (MDD) aims at elevating design to a higher level of abstraction than that provided by third-generation programming languages. Concurrently, assertion-based verification (ABV) relies on the definition of temporal assertions to enhance functional verification targeting the correctness of the design execution with respect to the expected behavior. Both MDD and ABV have affirmed as effective methodologies for design and verification of HW components of embedded systems. Nonetheless, MDD and ABV individually suffer some limitations that prevent their integration in the embedded-software (ESW) design and verification flow. In particular, MDD requires the integration of an effective methodology for monitoring specification conformance, and dynamic ABV relies on simulation assumptions, satisfied in the HW domain, but which cannot be straightforward guaranteed during the execution of ESW. In this work, we present a suitable combination of MDD and dynamic ABV as an effective solution for ESW design and verification. A suite composed of two off-the-shelf tools has been developed for supporting this integrated approach. The MDD tool, i.e., radCASE, is a rapid-application-development environment for ESW that provides the user with a comprehensive approach to cover the complete modeling and synthesis process of ESW. The dynamic ABV environment, i.e., radCHECK, integrates computer-aided and template-based assertion definition, automatic checker generation, and effective stimuli generation, making dynamic ABV really practical to check the correctness of the radCASE outcome.

DDPSL: An easy way of defining properties

The paper proposes DDPSL (Drag and Drop PSL) a template library and a tool which simplifies the definition of PSL (Property Specification Language) formal properties by exploiting PSL-based templates. DDPSL allows users not expert in formal methods to define PSL properties by dragging and dropping logical and temporal operators, and variables from the design under verification (DUV) into predefined templates. Moreover, confident users or experts can extend the set of templates, reducing the effort required for formalizing complex properties. From the methodological point of view, DDPSL combines the advantages of both Open Verification Library (OVL) and PSL. Note that the templates are characterized by a parametric interface that separates the formal definition from its semantics, as provided by OVL. Moreover, the adoption of PSL as reference language guarantees the expressiveness of popular temporal logics such as Linear Temporal Logic (LTL) and Computational Tree Logic (CTL), which, on the contrary, are not fully supported by OVL. DDPSL has been successfully used to define properties for verifying an embedded application running on the microcontroller of an industrial oven.

Efficient Generation of Stimuli for Functional Verification by Backjumping Across Extended FSMs

Extended finite state machines (EFSMs) can be efficiently adopted to model the functionality of complex designs without incurring the state explosion problem typical of the more traditional FSMs. However, traversing an EFSM can be more difficult than an FSM because the guards of EFSM transitions involve both primary inputs and registers. This paper first analyzes the hardness of traversing an EFSM according to the characteristics of its transitions. Then, it presents a methodology to generate an EFSM which is easy to be traversed. Finally, it proposes a functional deterministic automatic test pattern generation (ATPG) approach that exploits such EFSMs for functional verification. In particular, the ATPG approach joins backjumping, learning, and constraint solving to (i) early identify possible symptoms of design errors by efficiently exploring the whole state space of the design under verification (DUV), and (ii) generate effective input sequences to be used in further verification steps which require to stimulate the DUV. The effectiveness of the proposed approach is confirmed in the experimental result section, where it is compared with both genetic and pseudo-deterministic techniques.

Open Problems in Verification and Refinement of Autonomous Robotic Systems

The relevance of formal verification methods is widely recognized in the computer science and embedded systems community. Recently, such methods have been introduced also within the control community, to help designers in developing control architectures for complex robotics systems. Robotic systems typically mix continuous and discrete behaviors that cannot be modeled faithfully using neither continuous-only nor discrete-only formalisms. The interaction of continuous and discrete dynamics makes the formal treatment of this kind of systems computationally very demanding, and justifies the need of studying new methods and algorithms. In this paper, we outline the current state-of-the-art, and describe some open problems in verification, refinement and implementation of autonomous robotic systems. We motivate the relevance of our analysis by means of an Autonomous Robotic Surgery test case.

Enabling dynamic assertion-based verification of embedded software through model-driven design

Assertion-based verification (ABV) is more and more used for verification of embedded systems concerning both HW and SW parts. However, ABV methodologies and tools do not apply to HW and SW components in the same way: for HW components, both static ABV and dynamic ABV are widely used; on the contrary, SW components are traditionally verified by means of static ABV, because dynamic approaches are based on simulation assumptions which could not be true during execution of general embedded SW and which cannot be controlled by the assertion language. This paper proposes to exploit model-driven design for guaranteeing such simulation assumptions. Then, it describes an ABV framework for embedded SW, that automatically synthesizes assertion checkers to verify the embedded SW accordingly to the simulation assumptions.

Correct-by-construction code generation from hybrid automata specification

In the last years hybrid automata have been applied in the design and verification of embedded systems. Once a hybrid model of the system has been proved to be correct with respect to the desired properties, it would be valuable to extract a correct-by-construction HW/SW implementation of it. This work discusses a methodology and a corresponding tool chain that allow to extract a HW/SW implementation of a controller modeled by a subclass of timed automata, named elastic controllers, operating in an environment represented by a hybrid automaton. The required tools have been either developed from scratch or extended from the current state-of-the-art in order to support an automated flow from hybrid automata specifications to correct-by-construction discrete implementations described in the SystemC language.

Vacuity analysis for property qualification by mutation of checkers

The paper tackles the problem of property qualification focusing in particular on the identification of vacuous properties. It proposes a methodology based on a combination of dynamic and static techniques that, given a set of properties defined to check the correctness of a design implementation, performs vacuity detection. Existing approaches for vacuity checking are as complex as model checking, and they require to define and model check further properties, thus increasing the verification time. Moreover, for some formulae they fail to detect vacuity, as for example in case of tautology. These problems are overcome by our approach. It is based on mutation analysis, thus, it does not require the definition of new properties granting a speed-up of the vacuity analysis process. Moreover, it provides highly accurate vacuity alerts which capture also propositional and temporal tautologies.

A formal support for homogeneous simulation of heterogeneous embedded systems

In the context of component-based design, this paper proposes a framework, for managing embedded system heterogeneity, that enriches an interchange format, the Heterogeneous Intermediate Format (HIF), with the universal model of computation UNIVERCM. The framework supports bottom-up design, system integration, adaptation and reuse by allowing automatic translation of heterogeneous components, described by means of different languages and according to different MoCs, towards a uniform intermediate description based on a rigorous semantics. The goal of the paper is to show how traditional semantics aspects coming from HW description language models, analog models and embedded SW can be effectively captured by UNIVERCM to produce a homogeneous model from heterogeneous components.