Sandip Ray

A Survey of Hybrid Techniques for Functional Verification

This article surveys recent advances in hybrid approaches for functional verification. These approaches combine multiple verification techniques so that they complement one another, resulting in superior verification effectiveness.

Verification condition generation via theorem proving

We present a method to convert (i) an operational semantics for a given machine language, and (ii) an off-the-shelf theorem prover, into a high assurance verification condition generator (VCG). Given a program annotated with assertions at cutpoints, we show how to use the theorem prover directly on the operational semantics to generate verification conditions analogous to those produced by a custom-built VCG. Thus no separate VCG is necessary, and the theorem prover can be employed both to generate and to discharge the verification conditions. The method handles both partial and total correctness. It is also compositional in that the correctness of a subroutine needs to be proved once, rather than at each call site. The method has been used to verify several machine-level programs using the ACL2 theorem prover.

Optimizing equivalence checking for behavioral synthesis

Behavioral synthesis is the compilation of an Electronic system-level (ESL) design into an RTL implementation. We present a suite of optimizations for equivalence checking of RTL generated through behavioral synthesis. The optimizations exploit the high-level structure of the ESL description to ameliorate verification complexity. Experiments on representative benchmarks indicate that the optimizations can handle equivalence checking of synthesized designs with tens of thousands of lines of RTL.

Efficient trace signal selection using augmentation and ILP techniques

A key problem in post-silicon validation is to identify a small set of traceable signals that are effective for debug during silicon execution. Most signal selection techniques rely on a metric based on circuit structure. Simulation-based signal selection is promising but have major drawbacks in computation overhead and restoration quality. In this paper, we propose an efficient simulation-based signal selection technique to address these bottlenecks. Our approach uses (1) bounded mock simulations to determine state restoration effectiveness, and (2) an ILP-based algorithm for refining selected signals over different simulation runs. Experimental results demonstrate that our algorithm can provide significantly better restoration ratio (up to 515%, 51% on average) compared to the state-of-the-art techniques.

Efficient execution in an automated reasoning environment

We describe a method that permits the user of a mechanized mathematical logic to write elegant logical definitions while allowing sound and efficient execution. In particular, the features supporting this method allow the user to install, in a logically sound way, alternative executable counterparts for logically defined functions. These alternatives are often much more efficient than the logically equivalent terms they replace. These features have been implemented in the ACL2 theorem prover, and we discuss several applications of the features in ACL2.

Correctness and security at odds: post-silicon validation of modern SoC designs

We consider the conflicts between requirements from security and post-silicon validation in SoC designs. Post-silicon validation requires hardware instrumentations to provide observability and controllability during on-field execution; this in turn makes the system prone to security vulnerabilities, resulting in potentially subtle security exploits. Mitigating such threats while ensuring that the system is amenable to post-silicon validation is challenging, involving close collaboration among security, validation, testing, and computer architecture teams. We examine the state of the practice in this area, the trade-offs and compromises made, and their limitations. We also discuss an emerging approach that we are contemplating to address this problem.

The Changing Computing Paradigm With Internet of Things: A Tutorial Introduction

This Tutorial paper is about the Internet of Things, its applications, challenges, and how it may change the way of computing. Besides a comprehensive introduction, it focuses on two major design constraints, namely, security and power management.

Deductive Verification of Pipelined Machines Using First-Order Quantification

We outline a theorem-proving approach to verify pipelined machines. Pipelined machines are complicated to reason about since they involve simultaneous overlapped execution of different instructions. Nevertheless, we show that if the logic used is sufficiently expressive, then it is possible to relate the executions of the pipelined machine with the corresponding Instruction Set Architecture using (stuttering) simulation. Our methodology uses first-order quantification to define a predicate that relates pipeline states with ISA states and uses its Skolem witness for correspondence proofs. Our methodology can be used to reason about generic pipelines with interrupts, stalls, and exceptions, and we demonstrate its use in verifying pipelines mechanically in the ACL2 theorem prover.

A Flexible Architecture for Systematic Implementation of SoC Security Policies

Modern SoC designs incorporate several security policies to protect sensitive assets from unauthorized access. The policies affect multiple design blocks, and may involve subtle interactions between hardware, firmware, and software. This makes it difficult for SoC designers to implement these policies, and system validators to ensure adherence. Associated problems include complexity in upgrading these policies, IP reuse for systems targeted for markets with differing security requirement, and consequent increase in design time and time-to-market. In this paper, we address this important problem by developing a generic, flexible architectural framework for implementing arbitrary security policies in SoC designs. Our architecture has several distinctive features: (1) it relies on a dedicated, centralized, firmware-upgradable plug-and-play IP block that can implement diverse security policies; (2) it interfaces with individual IP blocks through their “security wrapper”, which exploits and extends test/debug wrappers; (3) it implements a security policy as firmware code following existing security policy languages; (4) it can implement any security policy as long as relevant observable and controllable signals from the constituent IPs are accessible through the security wrappers; and (5) it realizes a low-overhead communication link between security wrappers of IP blocks and the centralized, dedicated controller. The approach builds on and extends the recent work on developing a centralized infrastructure IP for SoC security, referred to as IIPS, that interface with IP blocks using their boundary scan based wrappers. While this architecture is generic and independent of security policy types, we provide case studies with several common policies to show the flexibility and extendibility of the architecture. We also evaluate its viability in terms of overhead in area and power.

Formal Verification for High-Assurance Behavioral Synthesis

We present a framework for certifying hardware designs generated through behavioral synthesis, by using formal verification to certify the associated synthesis transformations. We show how to decompose this certification into two components, which can be respectively handled by the complementary verification techniques, theorem proving and model checking. The approach produces a certified reference flow, composed of transformations distilled from production synthesis tools but represented as transformations on graphs with an associated formal semantics. This tool-independent abstraction disentangles our framework from the inner workings of specific synthesis tools while permitting certification of hardware designs generated from a broad class of behavioral descriptions. We provide experimental results suggesting the scalability on practical designs.