Roland J. Weiss

Modeling and Formal Verification of Production Automation Systems

This paper presents the real-time model checker RAVEN and related theoretical background. RAVEN augments the efficiency of traditional symbolic model checking with possibilities to describe real-time systems. These extensions rely on multi-terminal binary decision diagrams to represent time delays and time intervals. The temporal logic CCTL is used to specify properties with time constraints. Another noteworthy feature of our model checker is its ability to compose a system description out of communicating modules, so called I/O-interval structures. This modular approach to system description alleviates the omnipresent state explosion problem common to all model checking tools.

Dynamic guiding of bounded property checking

Current statistics attribute up to 75% of the overall design costs of digital hardware and embedded system development to the verification task. In recent years, the trend to augment functional with formal verification tries to alleviate this problem. Efficient property checking algorithms allow automatic verification of middle-sized designs nowadays. However, the steadily increasing design sizes still leave verification the major bottleneck, because formal methodologies do not yet scale to very large designs. In this paper we present the formal verification tool SymC based on forward state space traversal and so-called AR-automata for property checking, both internally represented with BDDs. Furthermore, we introduce a new methodology called dynamic guiding. This methodology best suits multimodule concurrent finite state machine (FSM) designs. The aim of guiding is to reduce the intermediate and final BDD size, which in turn makes this verification technique applicable to larger designs. Our approach exploits abstract information of the design in the form of regular expressions and effectively guides the symbolic traversal depending on the verified property.

Advanced Assertion-Based Design for Mixed-Signal Verification

Functional and formal verification are important methodologies for complex mixed-signal design validation. However the industry is still verifying such systems by pure simulation. This process lacks on error localization and formal verifications methods. This is the existing verification gap between the analog and digital blocks within a mixed-signal system. Our approach improves the verification process by creating temporal properties named mixed-signal assertions which are described by a combination of digital assertions and analog properties. The proposed method is a new assertion-based verification flow for designing mixed-signal circuits. The effectiveness of the approach is demonstrated on a Σ/Δ-converter.

Exploring Template Template Parameters

The generic programming paradigm has exerted great influence on the recent development of C++, e.g., large parts of its standard library [2] are based on generic containers and algorithms. While templates, the language feature of C++ that supports generic programming, have become widely used and well understood in the last years, one aspect of templates has been mostly ignored: template template parameters ([2], 14.1). In the first part, this article will present an in depth introduction of the new technique. The second part introduces a class for arbitrary precision arithmetic, whose design is based on template template parameters. Finally, we end with a discussion of the benefits and drawbacks of this new programming technique and how it applies to generic languages other than C++.

Distributed Symbolic Bounded Property Checking

In this paper we describe an algorithm for distributed, BDD-based bounded property checking and its implementation in the verification tool SymC. The distributed algorithm verifies larger models and returns results faster than the sequential version. The core algorithm distributes partitions of the state set to computation nodes after reaching a threshold size. The nodes proceed with image computation on the nodes asynchronously. The main scalability problem of this scheme is the overlap of state set partitions. We present static and dynamic overlap reduction techniques.

Overlap reduction in symbolic system traversal

A divide-and-conquer approach in BDD-based verification to handle larger designs is to partition BDDs exceeding a threshold size and to deal with the partitions separately. Crossover transitions to the same state cause the main problem of this methodology, because they result in overlap of the partitions and thus introduce redundant computations when dealing with the partitions. In this paper we describe an algorithm for splitting Boolean functions representing state sets of synchronous systems such that in subsequent symbolic traversal of the resulting subsets the state set overlap is reduced. We demonstrate the effectiveness of our splitting algorithm by applying it in sequential and distributed versions of a bounded property checking algorithm. Also, a dynamic extension to static overlap reduction is sketched.

Heterogeneous, Nested STL Containers in C++

The incentive to write a nested, heterogeneous container in C++ surfaced in the SuchThat project [11]. Therein we are working on the implementation of a SuchThat compiler. The first prototype’s back-end [14], as well as many of the other components, were implemented in Scheme [8]. One of Scheme’s main advantages is the powerful list data structure, which can hold arbitrary data types1. This allows the user to build nested lists, e.g. to represent a parse tree or symbol table.

Fast falsification based on symbolic bounded property checking

Symbolic property verification is an increasingly popular debugging method based on binary decision diagrams (BDDs). The lack of optimization of the state space search is often responsible for the excessive growth of the BDDs. In this paper, we present accelerated symbolic property verification by means of a new guiding technique that automatically finds the set of interesting variables by exploiting the property and the transition relation of a design. Our property based state space guiding can substantially speed up the verification process. The heuristic picks up the interesting state or the input variables automatically and utilizes them in guiding the state space traversal. This guiding approach is automatic, efficient and stable for fast falsification. Furthermore it does not degrade as much for full validation

Storing Properties in Grouped Tagged Tuples

A technique is presented that allows one to store groups of properties in C++, and single properties out of these groups can later be accessed by their name. Our approach refines previous work in this area and is an example for the application of template metaprogramming [1]. Typical usage examples of the introduced class templates are internal representations of serialized data, well suited for semi-automatic as well as manual generation of the corresponding class types.

Perseverance in sustainable software architecting

In the recent past, there has been an increased interest in better managing the evolution of existing software systems and improving the software engineering practices for this now common task. In this paper, we take a look at the efforts at ABB to advance in this area, with special emphasis on architectures of long-living systems. The review consists of detailing the introduced methods and tools, as well as sharing experiences from applying them. In addition, we present two current case studies from the industrial automation domain that will be used as additional test fields for the developed methods.