M Matthias Raffelsieper

Automated termination proofs for haskell by term rewriting

There are many powerful techniques for automated termination analysis of term rewriting. However, up to now they have hardly been used for real programming languages. We present a new approach which permits the application of existing techniques from term rewriting to prove termination of most functions defined in Haskell programs. In particular, we show how termination techniques for ordinary rewriting can be used to handle those features of Haskell which are missing in term rewriting (e.g., lazy evaluation, polymorphic types, and higher-order functions). We implemented our results in the termination prover AProVE and successfully evaluated them on existing Haskell libraries.

A Transformational Approach to Prove Outermost Termination Automatically

We present transformations from a generalized form of left-linear TRSs, called quasi left-linear TRSs, to TRSs such that outermost termination of the original TRS can be concluded from termination of the transformed TRS. In this way we can apply state-of-the-art termination tools for automatically proving outermost termination of any given quasi left-linear TRS. Experiments show that this works well for non-trivial examples, some of which could not be automatically proven outermost terminating before. Therefore, our approach substantially increases the class of systems that can be shown outermost terminating automatically.

Model Checking Verilog Descriptions of Cell Libraries

We present a formal semantics for a subset of Verilog, commonly used todescribe cell libraries, in terms of transition systems.Such transition systems can serve as input to symbolic model checking,for example equivalence checking with a transistor netlist description. Weimplement our formal semantics as an encoding from the subset of Verilog tothe input language of the SMV model-checker.Experiments show that this approach is able to verify complete cell libraries.

Stream productivity by outermost termination

Streams are infinite sequences over a given data type. A stream specification is a set of equations intended to define a stream. A core property is productivity: unfolding the equations produces the intended stream in the limit. In this paper we show that productivity is equivalent to termination with respect to the balanced outermost strategy of a TRS obtained by adding an additional rule. For specifications not involving branching symbols balancedness is obtained for free, by which tools for proving outermost termination can be used to prove productivity fully automatically.

Formal Analysis of Non-determinism in Verilog Cell Library Simulation Models

Cell libraries often contain a simulation model in a system design language, such as Verilog. These languages usually involve non-determinism, which in turn, poses a challenge to their validation. Simulators often resolve such problems by using certain rules to make the specification deterministic. This however is not justified by the behavior of the hardware that is to be modeled. Hence, simulation might not be able to detect certain errors. In this paper we develop a technique to prove whether non-determinism does not affect the behavior of the simulation model, or whether there exists a situation in which the simulation model might produce different results. To make our technique efficient, we show that the global property of equal behavior for all possible evaluations is equivalent to checking only a certain local property.

Order-Independence of Vector-Based Transition Systems

Semantics of many specification languages, particularly those used in the domain of hardware, is described in terms of vector-based transition systems. In such a transition system, each macro-step transition is labeled by a vector of inputs. When performing a macro-step, several inputs may potentially change. Each macro-step can thus be decomposed in a number of micro-steps, taking one input change at a time into account. This is akin to an interleaving semantics, where a concurrent step is represented by an interleaving of its constituting components. We present criteria on vector-based transition systems, which guarantee that the next state computation is independent of the order in which these micro-steps are executed. If our criteria are satisfied by the semantic definition of a certain specification, then its state-space generation or exploration algorithm needs to only consider one representative among all possible permutations of such micro-steps. We demonstrate the applicability of our criteria to the specification of transistor netlists.

Productivity of non-orthogonal term rewrite systems

Productivity is the property that finite prefixes of an infinite constructor term can be computed using a given term rewrite system. Hitherto, productivity has only been considered for orthogonal systems, where non-determinism is not allowed. This paper presents techniques to also prove productivity of non-orthogonal term rewrite systems. For such systems, it is desired that one does not have to guess the reduction steps to perform, instead any outermost-fair reduction should compute an infinite constructor term in the limit. As a main result, it is shown that for possibly non-orthogonal term rewrite systems this kind of productivity can be concluded from context-sensitive termination. This result can be applied to prove stabilization of digital circuits, as will be illustrated by means of an example.

Symbolic power analysis of cell libraries

Cell libraries are collections of logic cores (cells) used to construct larger chip designs; hence, any reduction in their power consumption may have a major impact in the power consumption of larger designs. The power consumption of a cell is often determined by triggering it with all possible input values in all possible orders at each state. In this paper, we first present a technique to measure the power consumption of a cell more efficiently by reducing the number of input orders that have to be checked. This is based on symbolic techniques and analyzes the number of (weighted) wire chargings taking place. Additionally, we present a technique that computes for a cell all orders that lead to the same state, but differ in their power consumption. Such an analysis is used to select the orders that minimize the required power, without affecting functionality, by inserting sufficient delays. Both techniques have been evaluated on an industrial cell library and were able to efficiently reduce the number of orders needed for power characterization and to efficiently compute orders that consume less power for a given state and input-vector transition.

Long-run order-independence of vector-based transition systems

Semantics of many specification languages, particularly those used in the domain of hardware, is described in terms of vector-based transition systems. In such transition systems, each macro-step transition is labeled by a vector of inputs in which several inputs may change simultaneously. Each macro-step can thus be decomposed into a number of micro-steps, considering one input change at a time. This is akin to an interleaving semantics, where a concurrent step is represented by an interleaving of its constituting components. In this paper, the authors present abstract criteria on vector-based transition systems, which guarantee the next state computation to be independent of the execution order of micro-steps. If these abstract criteria are satisfied, then state-space generation or exploration algorithms only need to consider one representative among all possible permutations of micro-steps. For most practical applications only the systems long-run behaviour is of relevance and the transient start-up phase can be ignored. Hence, the authors customise their generic techniques to focus on the long-run behaviour and identify orders of interleaving input changes that may behave differently during start-up, but compute the same next states in the long-run behaviour. Applicability of the developed abstract criteria is demonstrated for specifications of transistor netlists.

Process Algebra as a Common Framework for Hardware/Software Coverification

This letter presents the practical issues concerning late and insufficient verification of low-level software on hardware platforms developed by our industrial partner. To overcome these issues, we propose a coverification platform based on process algebra. The descriptions of hardware and software, and their interface are translated into a common process-algebraic platform, and formal verification techniques are used to check the conformance of the two descriptions. We present the results of our first attempt towards this goal, discuss the lessons learned, and present the road-map for future research.