Zhibin Yang,Jean-Paul Bodeveix,Mamoun Filali,Kai Hu,Yongwang Zhao,Dianfu Ma

DOI: https://doi.org/10.1007/s11704-015-4364-y

IF: 2.6688

2016-01-01

Frontiers of Computer Science

Abstract:SIGNAL belongs to the synchronous languages family which are widely used in the design of safety-critical real-time systems such as avionics, space systems, and nuclear power plants. This paper reports a compiler prototype for SIGNAL. Compared with the existing SIGNAL compiler, we propose a new intermediate representation (named S-CGA, a variant of clocked guarded actions), to integrate more synchronous programs into our compiler prototype in the future. The front-end of the compiler, i.e., the translation from SIGNAL to S-CGA, is presented. As well, the proof of semantics preservation is mechanized in the theorem prover Coq. Moreover, we present the back-end of the compiler, including sequential code generation and multithreaded code generation with time-predictable properties. With the rising importance of multi-core processors in safety-critical embedded systems or cyber-physical systems (CPS), there is a growing need for model-driven generation of multithreaded code and thus mapping on multi-core. We propose a time-predictable multi-core architecture model in architecture analysis and design language (AADL), and map the multi-threaded code to this model.

Yanyan Gao,Xi Li

DOI: https://doi.org/10.1007/s10836-013-5406-8

2013-01-01

Journal of Electronic Testing

Abstract:SystemC has become a de-facto standard language for SoC and ASIP designs. The verification of implementation with SystemC is the key to guarantee the correctness of designs and prevent the errors from propagating to the lower levels. In this project, we attempt translate SystemC programs to formal models and use existing model checkers to implement the verification. The method we proposed is based on a semantic translation method which translates sequential execution statements described as software character to parallel execution ones which are more closely with the implementation of hardware. This kind of conversion is inevitable to verify hardware designs but is overlooked in related works. The main contribution of this work is a translation method which can preserve the semantic consistency while building SMV model for SystemC design. We present the translation rules and implement a prototype tool which supports a subset of SystemC to demonstrate the effectiveness of our method.

G. Sandmann,M. Conrad,T. Erkkinen,Thomas Maier-Komor,Marty Pomeroy

Abstract:With the advent of Model-Based Design and production code generation, the ability to demonstrate that the generated object code correctly implements the model used for code generation, i.e. to show the correctness of the model-to-code transformation result, becomes inherent. Various approaches to verify the model-to-code translation result in practice, i.e., to efficiently and effectively assess the correctness of translating real word Simulink models into embedded C code, have been proposed and applied by engineering professionals. Unfortunately, many of these approaches do not exploit the advantages of Model-Based Design and more or less carry out the translation validation of generated code in the same manner as for hand-written code. In this paper, the authors will present Code Generation Verification (CGV) an automated, testing-based approach to assess the numerical equivalence between Simulink models and the generated code. In the CGV approach, each individual model-tocode translation is followed by a verification phase to assess that the input (i.e., the Simulink model used for code generation) and the output (i.e., the target code produced during code generation and compilation) of this translation produce the same numerical results when stimulated with identical inputs. The paper describes the proposed verification approach, and illustrates it by using Simulink and Real-Time Workshop Embedded Coder. It also discusses this approach in the context of high-integrity application development by embedding it into code verification workflows for IEC 61508 and ISO 26262.

Engineering,Computer Science

P. LeGuernic,T. Gautier,M. Le Borgne,C. Le Maire

DOI: https://doi.org/10.1109/5.97301

IF: 20.6

1991-01-01

Proceedings of the IEEE

Abstract:The authors present the main features of the SIGNAL language and its compiler. Designed to provide safe real time system programming, the SIGNAL language is based on synchronous principles. Its semantics are defined via a mathematical model of multiple-clocked flows of data and events. SIGNAL programs describe relations on such objects, so that it is possible to program a real time application via constraints. The compiler calculates the solutions of the system and thus can be used as a proof system. The equational approach is a natural way to derive multiprocessor executions of a program. This approach uses a graphical interface of a block-diagram style, and the system is illustrated on a speech recognition application.<>

engineering, electrical & electronic

Maher Fakih,Sebastian Warsitz

DOI: https://doi.org/10.48550/arXiv.1701.04217

2017-01-31

Abstract:Matlab/Simulink is a wide-spread tool for model-based design of embedded systems. Supporting hierarchy, domain specific building blocks, functional simulation and automatic code-generation, makes it well-suited for the design of control and signal processing systems. In this work, we propose an automated translation methodology for a subset of Simulink models to Synchronous dataflow Graphs (SDFGs) including the automatic code-generation of SDF-compatible embedded code. A translation of Simulink models to SDFGs, is very suitable due to Simulink actor-oriented modeling nature, allowing the application of several optimization techniques from the SDFG domain. Because of their well-defined semantics, SDFGs can be analyzed at compiling phase to obtain deadlock-free and memory-efficient schedules. In addition, several real-time analysis methods exist which allow throughput-optimal mappings of SDFGs to Multiprocessor on Chip (MPSoC) while guaranteeing upper-bounded latencies. The correctness of our translation is justified by integrating the SDF generated code as a software-in-the-loop (SIL) and comparing its results with the results of the model-in-the-loop (MIL) simulation of reference Simulink models. The translation is demonstrated with the help of two case studies: a Transmission Controller Unit (TCU) and an Automatic Climate Control.

Distributed, Parallel, and Cluster Computing,Software Engineering

Yu Zhang,Wenlong Feng,Mengxing Huang

DOI: https://doi.org/10.48550/arXiv.1602.06038

2016-02-19

Abstract:Register Transfer Level (RTL) design validation is a crucial stage in the hardware design process. We present a new approach to enhancing RTL design validation using available software techniques and tools. Our approach converts the source code of a RTL design into a C++ software program. Then a powerful symbolic execution engine is employed to execute the converted C++ program symbolically to generate test cases. To better generate efficient test cases, we limit the number of cycles to guide symbolic execution. Moreover, we add bit-level symbolic variable support into the symbolic execution engine. Generated test cases are further evaluated by simulating the RTL design to get accurate coverage. We have evaluated the approach on a floating point unit (FPU) design. The preliminary results show that our approach can deliver high-quality tests to achieve high coverage.

Software Engineering,Hardware Architecture

Shailja Thakur,Baleegh Ahmad,Zhenxing Fan,Hammond Pearce,Benjamin Tan,Ramesh Karri,Brendan Dolan-Gavitt,Siddharth Garg

DOI: https://doi.org/10.48550/arXiv.2212.11140

2022-12-13

Programming Languages

Abstract:Automating hardware design could obviate a significant amount of human error from the engineering process and lead to fewer errors. Verilog is a popular hardware description language to model and design digital systems, thus generating Verilog code is a critical first step. Emerging large language models (LLMs) are able to write high-quality code in other programming languages. In this paper, we characterize the ability of LLMs to generate useful Verilog. For this, we fine-tune pre-trained LLMs on Verilog datasets collected from GitHub and Verilog textbooks. We construct an evaluation framework comprising test-benches for functional analysis and a flow to test the syntax of Verilog code generated in response to problems of varying difficulty. Our findings show that across our problem scenarios, the fine-tuning results in LLMs more capable of producing syntactically correct code (25.9% overall). Further, when analyzing functional correctness, a fine-tuned open-source CodeGen LLM can outperform the state-of-the-art commercial Codex LLM (6.5% overall). Training/evaluation scripts and LLM checkpoints are available: https://github.com/shailja-thakur/VGen.

Dexi Wang,Chao Zhang,Guang Chen,Ming Gu,Jiaguang Sun

2016-01-01

Abstract:The C programming language is widely used in safety-critical software systems. With its large appliance and increasing complexity, the need of ensuring the correctness of C codes emerged. This paper presents Ceagle , a fully automated program verifier for finding assertion violations in C programs. It is decent in both accuracy and efficiency by using a semantically equivalent program model language that is specifically designed for C program, together with various optimizations that make the satisfiability checking faster and memoryfriendly. More specifically, Ceagle uses LLVM clang as front-end parser, an extended labeled transition system as program model, and Z3 SMT solver as the back-end satisfiability checker. Ceagle is designed to be fully automatic and requires no user interaction as long as the assertions are provided. For evaluation, we compare Ceagle with existing C program verifiers based on open benchmarks. Ceagle outperforms others in terms of accuracy, and time and memory consumption.

Xiaoqing Yang,Jinian Bian,Shujun Deng,Yanni Zhao

DOI: https://doi.org/10.1109/ats.2007.92

2007-01-01

Abstract:This paper presents a new method to translate Verilog HDT into RTL Model combining algorithm description for high level verification. The model could be used in the enhanced version of a state-of-the-art finite-domain satisfiability (SAT) solver EHSAT to check the verified properties. The enhanced version of EHSAT provides an efficient algorithm to solve the SAT problem for higher level abstraction RTL designs using a hybrid branch-and-bound strategy with conflict-driven learning. This modeling program analyses the control flow of Verilog source codes and generates corresponding statements for the enhanced version EHSAT. This method could largely reduce the scale of model checking and simplify the devices used in EHSAT. Experimental results show that this method can reduce verification problem sizes considerably while comparing with lower level methods.

Yu Jiang,Yixiao Yang,Han Liu,Hui Kong,Ming Gu,Jiaguang Sun,Lui Sha

DOI: https://doi.org/10.1109/rtas.2016.7461337

2016-01-01

Abstract:Simulink is widely used for model driven development (MDD) of industrial software systems. Typically, the Simulink based development is initiated from Stateflow modeling, followed by simulation, validation and code generation mapped to physical execution platforms. However, recent industrial trends have raised the demands of rigorous verification on safety-critical applications, which is unfortunately challenging for Simulink. In this paper, we present an approach to bridge the Stateflow based model driven development and a well- defined rigorous verification. First, we develop a self- contained toolkit to translate Stateflow model into timed automata, where major advanced modeling features in Stateflow are supported. Taking advantage of the strong verification capability of Uppaal, we can not only find bugs in Stateflow models which are missed by Simulink Design Verifier, but also check more important temporal properties. Next, we customize a runtime verifier for the generated nonintrusive VHDL and C code of Stateflow model for monitoring. The major strength of the customization is the flexibility to collect and analyze runtime properties with a pure software monitor, which opens more opportunities for engineers to achieve high reliability of the target system compared with the traditional act that only relies on Simulink Polyspace. We incorporate these two parts into original Stateflow based MDD seamlessly. In this way, safety-critical properties are both verified at the model level, and at the consistent system implementation level with physical execution environment in consideration. We apply our approach on a train controller design, and the verified implementation is tested and deployed on a real hardware platform.

Xiaoqing Yang,Jinian Bian,Shujun Deng,Yanni Zhao

DOI: https://doi.org/10.1109/icccas.2007.4348294

2007-01-01

Abstract:This paper presents a new method automatically translating the Verilog model to an RTL circuit model which can be used in a state-of-the-art finite-domain satisfiability solver EHSAT to check the verified properties. Different methods are used in the transformations of different data types and expressions of Verilog model. Effective backfilling technology is applied in the processes of if.. else and case blocks. Experimental results show that this method can make the transformation effective.

Xu Dong,Zhang Gaofei

DOI: https://doi.org/10.1177/0020294019847714

2019-01-01

Measurement and Control

Abstract:In order to improve the test capability of automated test systems to deal with complex systems, the concept of a signal-oriented test system model was proposed to guide the design of test systems and the implementation of test work and to analyze the test results. First, a method for establishing signal-oriented test system model is proposed, which is based on IEEE 1641 standard, and combined with the unit under test requirements and test objectives. Second, corresponding verification methods are proposed in the mathematical domain and signal domain. Finally, a verification method based on gene expression programming algorithm is designed to verify the complex signal-oriented test system model. In addition, the battery charge regulator module of the NS2 satellite verified the effectiveness of the signal-oriented test system model. Compared with the traditional identification method, the identification accuracy of the simple system (with mathematical model) has been significantly improved; for complex systems (no mathematical model), the traditional method is difficult to work, and the gene expression programming algorithm still has a good effect. The actual verification shows that the signal-oriented test system model, which combines the advantages of the mathematical model and the physical model, can well represent the testing requirements of the complex system.

Carlos Ivan Castro Marquez,M. Strum,J. Wang

DOI: https://doi.org/10.1109/IDT.2013.6727074

2013-12-01

Abstract:Formal techniques allow exhaustive verification on circuit design (at least in theory), but due to actual computational limitations, workarounds must always be adopted to check only a portion of the design at a time. Sequential equivalence checking is an effective approach, but it can only be applied between circuit descriptions where a one-to-one correspondence for states, as well as for memory elements, is expected. This paper presents a formal methodology to verify RTL descriptions through direct comparison with high-level reference models. By doing so, there is no need to specify or analyze formal properties, as the complete behavior is already contained in the reference model. We also consider the natural discrepancies between system level and RTL code, including non-matching interface and memory elements, and state mapping. In this manner, we are able to prove the functional coherence for the overall sequential behavior of the design under verification.

Engineering,Computer Science

Bryan Olmos,Daniel Gerl,Aman Kumar,Djones Lettnin

2024-10-24

Abstract:The design of Systems on Chips (SoCs) is becoming more and more complex due to technological advancements. Missed bugs can cause drastic failures in safety-critical environments leading to the endangerment of lives. To overcome these drastic failures, formal property verification (FPV) has been applied in the industry. However, there exist multiple hardware designs where the results of FPV are not conclusive even for long runtimes of model-checking tools. For this reason, the use of High-level Equivalence Checking (HLEC) tools has been proposed in the last few years. However, the procedure for how to use it inside an industrial toolchain has not been defined. For this reason, we proposed an automated methodology based on metamodeling techniques which consist of two main steps. First, an untimed algorithmic description written in C++ is verified in an early stage using generated assertions; the advantage of this step is that the assertions at the software level run in seconds and we can start our analysis with conclusive results about our algorithm before starting to write the RTL (Register Transfer Level) design. Second, this algorithmic description is verified against its sequential design using HLEC and the respective metamodel parameters. The results show that the presented methodology can find bugs early related to the algorithmic description and prepare the setup for the HLEC verification. This helps to reduce the verification efforts to set up the tool and write the properties manually which is always error-prone. The proposed framework can help teams working on datapaths to verify and make decisions in an early stage of the verification flow.

Hardware Architecture,Artificial Intelligence

Yanzhao Wang,Fei Xie,Zhenkun Yang,Pasquale Cocchini,Jin Yang

DOI: https://doi.org/10.1142/s021819402450030x

IF: 1.007

2024-07-20

International Journal of Software Engineering and Knowledge Engineering

Abstract:International Journal of Software Engineering and Knowledge Engineering, Ahead of Print. This paper introduces an innovative translation validation framework designed for MLIR-based compilers, which has garnered considerable prominence in fields such as machine learning, high-performance computing and hardware design. Despite rigorous testing, compilers based on MLIR might still induce incorrect results and undefined behaviors, necessitating verification work. Our framework first takes a pair of MLIR programs as inputs and check their function signature's compatibility before encoding them into SMT expressions. Then it uses the Z3 SMT solver to check whether the target program refines the source program. Our framework transcends the dialect limitations of past solutions, thereby providing validation support to a wider range of MLIR-based compilers. We demonstrate its effectiveness through evaluations on prominent open-source MLIR-based compilers, where we identified bugs and undefined behaviors. We further demonstrate the capability of this framework by validating two practical deep-learning accelerator designs.

computer science, artificial intelligence,engineering, electrical & electronic, software engineering

Youhui Zhang,Dongsheng Wang,Jinglei Wang,Weimin Zheng

DOI: https://doi.org/10.1007/11535409_80

2005-01-01

Abstract:The continuous advances in microelectronics design are creating a significant challenge to design validation in general. Tackling pipelined microprocessors is remarkably more demanding. This paper presents a methodology to automatically produce a test program for simulation-based validation of microprocessors maximizing the given verification constraints. The approach integrates an accurate c-simulator to trace internal states, including memory access patterns, cache states, pipeline states and so on, of the target processor to generate test vectors with higher efficiency. The test program generator is integrated into a co-verification environment, which is used to verify an embedded processor with a 7-statge pipeline developed by our team and gained remarkable effects.

P. Martín,E. Bueno,Fco. J. Rodríguez,O. Machado,B. Vuksanovic

DOI: https://doi.org/10.1016/j.matcom.2012.07.004

IF: 3.601

2013-05-01

Mathematics and Computers in Simulation

Abstract:When used for specifying control systems, system level design tools such as Xilinx System Generator (XSG) allows the use of Simulink for designs based on Field Programmable Gate Arrays (FPGAs). This increases productivity by reducing the wide gap between control system designers and FPGA-based implementations. However, there is still a need for new methods to bridge the gap since a direct implementation from XSG may not be an optimal solution when constraints are imposed. This is particularly true for resource-dominated circuits, where the number of operational units exceed the number of available resources. This paper presents both a methodology and a tool aimed at automatically reducing the required resources, in particular in systems where the required sampling period is greater than the computation time delay. An automatic process of converting XSG specifications into efficient Very High Speed Integrated Circuit Hardware Description Language (VHDL) code is described. The process mainly involves customized fixed-point hardware definition, Data Flow Graph (DFG) extraction, resource-constrained and latency-constrained scheduling and VHDL specification of the system, inter alia. This solution considerably improves on the results obtained by XSG.

mathematics, applied,computer science, software engineering, interdisciplinary applications

Vivek Vishal,Sagar Gugwad,Sanjay Singh

DOI: https://doi.org/10.5120/8402-2321

2012-08-17

Abstract:This paper addresses the issue of modeling and verification of a Multi Agent System (MAS) scenario. We have considered an agent based adaptive traffic signal system. The system monitors the smooth flow of traffic at intersection of two road segment. After describing how the adaptive traffic signal system can efficiently be used and showing its advantages over traffic signals with predetermined periods, we have shown how we can transform this scenario into Finite State Machine (FSM). Once the system is transformed into a FSM, we have verified the specifications specified in Computational Tree Logic(CTL) using NuSMV as a model checking tool. Simulation results obtained from NuSMV showed us whether the system satisfied the specifications or not. It has also showed us the state where the system specification does not hold. Using which we traced back our system to find the source, leading to the specification violation. Finally, we again verified the modified system with NuSMV for its specifications.

Software Engineering,Logic in Computer Science

Rajdeep Mukherjee,Saurabh Joshi,Andreas Griesmayer,Daniel Kroening,Tom Melham

DOI: https://doi.org/10.48550/arXiv.1609.00169

2016-09-01

Abstract:Semiconductor companies have increasingly adopted a methodology that starts with a system-level design specification in C/C++/SystemC. This model is extensively simulated to ensure correct functionality and performance. Later, a Register Transfer Level (RTL) implementation is created in Verilog, either manually by a designer or automatically by a high-level synthesis tool. It is essential to check that the C and Verilog programs are consistent. In this paper, we present a two-step approach, embodied in two equivalence checking tools, VERIFOX and HW-CBMC, to validate designs at the software and RTL levels, respectively. VERIFOX is used for equivalence checking of an untimed software model in C against a high-level reference model in C. HW-CBMC verifies the equivalence of a Verilog RTL implementation against an untimed software model in C. To evaluate our tools, we applied them to a commercial floating-point arithmetic unit (FPU) from ARM and an open-source dual-path floating-point adder.

Software Engineering,Logic in Computer Science

Sneha Swaroopa,Rijoy Mukherjee,Anushka Debnath,Rajat Subhra Chakraborty

2024-08-06

Abstract:The ever-growing popularity of large language models (LLMs) has resulted in their increasing adoption for hardware design and verification. Prior research has attempted to assess the capability of LLMs to automate digital hardware design by producing superior-quality Register Transfer Logic (RTL) descriptions, particularly in Verilog. However, these tests have revealed that Verilog code production using LLMs at current state-of-the-art lack sufficient functional correctness to be practically viable, compared to automatic generation of programs in general-purpose programming languages such as C, C++, Python, etc. With this as the key insight, in this paper we assess the performance of a two-stage software pipeline for automated Verilog RTL generation: LLM based automatic generation of annotated C++ code suitable for high-level synthesis (HLS), followed by HLS to generate Verilog RTL. We have benchmarked the performance of our proposed scheme using the open-source VerilogEval dataset, for four different industry-scale LLMs, and the Vitis HLS tool. Our experimental results demonstrate that our two-step technique substantially outperforms previous proposed techniques of direct Verilog RTL generation by LLMs in terms of average functional correctness rates, reaching score of 0.86 in pass@1 metric.

Hardware Architecture