Ziyad Hanna

Bounded model checking with QBF

Current algorithms for bounded model checking (BMC) use SAT methods for checking satisfiability of Boolean formulas. These BMC methods suffer from a potential memory explosion problem. Methods based on the validity of Quantified Boolean Formulas (QBF) allow an exponentially more succinct representation of the checked formulas, but have not been widely used, because of the lack of an efficient decision procedure for QBF. We evaluate the usage of QBF in BMC, using general-purpose SAT and QBF solvers. We also present a special-purpose decision procedure for QBF used in BMC, and compare our technique with the methods using general-purpose SAT and QBF solvers on real-life industrial benchmarks. Our procedure performs much better for BMC than the general-purpose QBF solvers, without incurring the space overhead of propositional SAT.

Parallel Multithreaded Satisfiability Solver

We describe the design and implementation of a highly optimized, multithreaded algorithm for the propositional satisfiability problem. The algorithm is based on the Davis-Putnam-Logemann-Loveland sequential algorithm, but includes many of the optimization techniques introduced in recent years. We provide experimental results for the execution of the parallel algorithm on a variety of multiprocessor machines with shared memory architecture. In particular, the detrimental effect of parallel execution on the performance of processor cache is studied.

A Signal Correlation Guided ATPG solver and its applications for solving difficult industrial cases

The developments of efficient SAT solvers have attracted tremendous research interest in recent years. The merits of these solvers are often compared in terms of their performance based upon a wide spread of benchmarks. In this paper, we extend an earlier-proposed solver design concept called (SCGL) Signal Correlation Guided Learning that is ATPG-based into a family of heuristics. Along with this SCGL family of heuristics, we classify benchmark examples according to their performance using the SCGL heuristics. With this study, we identify the class of problems that are uniquely suitable to be solved by using the SCGL approach. In particular, for solving difficult circuit-based problems at INTEL, our SCGL-based ATPG solver is able to achieve at least an order of magnitude speedup over the state-of-the-art SAT solvers. Our conclusion is that SCGL is an unique solver design concept that can complement heuristics proposed by others for solving circuit-oriented difficult problems.

A proof engine approach to solving combinational design automation problems

There are many approaches available for solving combinational design automation problems encoded as tautology or satisfiability checks. Unfortunately there exists no single analysis that gives adequate performance for all problems of interest, and it is therefore critical to be able to combine approaches.In this paper, we present a proof engine framework where individual analyses are viewed as strategies---functions between different proof states. By defining our proof engine in such a way that we can compose strategies to form new, more powerful, strategies we achieve synergistic effects between the individual methods. The resulting framework has enabled us to develop a small set of powerful composite default strategies.We describe several strategies and their interplay; one of the strategies, variable instantiation, is new. The strength of our approach is demonstrated with experimental results showing that our default strategies can achieve up to several magnitudes of speed-up compared to BDD-based techniques and search-based satisfiability solvers such as ZChaff.

A clause-based heuristic for SAT solvers

We propose a new decision heuristic for DPLL-based propositional SAT solvers. Its essence is that both the initial and the conflict clauses are arranged in a list and the next decision variable is chosen from the top-most unsatisfied clause. Various methods of initially organizing the list and moving the clauses within it are studied. Our approach is an extension of one used in Berkmin, and adopted by other modern solvers, according to which only conflict clauses are organized in a list, and a literal-scoring-based secondary heuristic is used when there are no more unsatisfied conflict clauses. Our approach, implemented in the 2004 version of zChaff solver and in a generic Chaff-based SAT solver, results in a significant performance boost on hard industrial benchmarks.

CLEVER: Divide and Conquer Combinational Logic Equivalence VERification with False Negative Elimination

Formal equivalence verifiers for combinational circuits rely heavily on BDD algorithms. However, building monolithic BDDs is often not feasible for todays complex circuits. Thus, to increase the effectiveness of BDD-based comparisons, divide-and-conquer strategies based on cut-points are applied. Unfortunately, these algorithms may produce false negatives. Significant effort must then be spent for determining whether the failures are indeed real. In particular, if the design is actually incorrect, many cut-point based algorithms perform very poorly. In this paper we present a new algorithm that completely removes the problem of false negatives by introducing normalized functions instead of free variables at cut points. In addition, this approach handles the propagation of input assumptions to cut-points, is significantly more accurate in finding cut-points, and leads to more efficient counter-example generation for incorrect circuits. Although, naively, our algorithm would appear to be more expensive than traditional cut-point techniques, the empirical data on more than 900 complex signals from a recent microprocessor design, shows rather the opposite.

Industrial Strength SAT-based Alignability Algorithm for Hardware Equivalence Verification

Automatic synchronization (or reset) of sequential synchronous circuits is considered one of the most challenging tasks in the domain of formal sequential equivalence verification of hardware designs. Earlier attempts were based on Binary Decision Diagrams (BDDs) or classical reachability analysis, which by nature suffer from capacity limitations. A previous attempt to attack this problem using non-BDD based techniques was essentially a collection of heuristics aimed at toggling of the latches, and it is not guaranteed that a synchronization sequence will be computed if it exists. In this paper we present a novel approach for computing reset sequences (and reset states) in order to perform sequential hardware equivalence verification between circuit models. This approach is based on the dual-rail modeling of circuits and utilizes efficient SAT-based engines for Bounded Model Checking (BMC). It is implemented in Intels sequential verification tool, Seqver, and has been proven to be highly successful in proving the equivalence of complex industrial designs. The synchronization method described in this paper can be used in many other CAD applications, including formal property verification, automatic test generation, and power estimation.

Simultaneous SAT-Based model checking of safety properties

We present several algorithms for simultaneous SAT (propositional satisfiability) based model checking of safety properties. More precisely, we focus on Bounded Model Checking and Temporal Induction methods for simultaneously verifying multiple safety properties on the same model. The most efficient among our proposed algorithms for model checking are based on a simultaneous propositional satisfiability procedure (SSAT for short), which we design for solving related propositional objectives simultaneously, by sharing the learned clauses and the search. The SSAT algorithm is fully incremental in the sense that all clauses learned while solving one objective can be reused for the remaining objectives. Furthermore, our SSAT algorithm ensures that the SSAT solver will never re-visit the same sub-space during the search, even if there are several satisfiability objectives, hence one traversal of the search space is enough. Finally, in SSAT all SAT objectives are watched simultaneously, thus we can solve several other SAT objectives when the search is oriented to solve a particular SAT objective first. Experimental results on Intel designs demonstrate that our new algorithms can be orders of magnitude faster than the previously known techniques in this domain.

An enhanced cut-points algorithm in formal equivalence verification

BDD-based cut-points verification is widely used informal verification. The authors have recently developed a cut-points verification algorithm that is unique in that it avoids generation of false-negatives and allows simplification of the circuits to be compared based on reconvergence of input variables. Here we describe several refinements and enhancements that lead both to drastic speedup as well increase in capacity. These methods are already implemented in Intels combinational verifier CLEVER and show very promising results on real life examples from the pentium design family.

SAT-Based Methods for Sequential Hardware Equivalence Verification without Synchronization

The BDD- and SAT-based model checking and verification methods normally require an initial state. Here we are concerned with sequential hardware verification, where an initial state must be one of the reset states. In practice, a reset state is not always given by the designer, and computing a reset state of a circuit is a hard problem. In this paper we propose a method allowing usage of SAT-based verification methods without a need for a user-given or a computed initial state. The idea is to employ a binary encoding of 3-valued modeling of circuits, and use the undefined state X as a reset state.