verification & validation by: amir masoud gharehbaghi email: [email protected]
TRANSCRIPT
![Page 2: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/2.jpg)
2V&V Techniques
Outline
Overview Selective History Theorem Proving Model Checking Hardware Verification Assertion-Based Verification Conclusions
![Page 3: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/3.jpg)
3V&V Techniques
What is Verification (Validation)
Functional Verification:
Task of establishing that a given design accurately implements the intended behavior
![Page 4: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/4.jpg)
4V&V Techniques
Verification&Validation Techniques
Simulation-basedApply inputs to design, simulate (or run), and
check the results Formal
Mathematically proof the correctness of system against the properties
Semi-formalCombine simulation and formal verification
![Page 5: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/5.jpg)
5V&V Techniques
V&V Techniques Comparison
Simulation-basedEasy to useFastLow coverage
FormalPerfect coverageNot easy to useNot applicable for large designs
![Page 6: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/6.jpg)
6V&V Techniques
Using Formal Methods
Writing formal specifications Proving properties about the specification
Theorem proving
Deriving implementation from a given specification Refinement
Verifying properties for a given implementation Property checking
![Page 7: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/7.jpg)
7V&V Techniques
Selective History
Early 1960’s Suggestions: McCarthy and Dijkstra
Late 1960’s and Early 1970’s Proof systems: Floyd-Hoar, Boyer-Moore,…
Late 1970’s Temporal Logic for reactive systems (Pnueli, …)
Early 1980’s Model checking (Clarke, Emerson, …)
Late 1980’s Symbolic model checking using BDDs
![Page 8: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/8.jpg)
8V&V Techniques
Selective History (cont.)
1990’s -> mostly hardware Non-BDD based model checking Satisfiability Equivalence checking Symbolic simulation & symbolic trajectory evaluation
2000’s Assertion-based verification Software model checking Probabilistic verification Automated theorem proving Hybrid systems verification
![Page 9: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/9.jpg)
9V&V Techniques
Theorem Proving
Formally specify the system in a logic system
Formally specify the properties of system Prove the correctness of properties of
system in a proof system
![Page 10: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/10.jpg)
10V&V Techniques
Theorem Provers & Logic Systems
First-Order LogicACL2Nqthm
High-Order LogicHOLPVS
![Page 11: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/11.jpg)
11V&V Techniques
Temporal Logic
First-Order Logic + Temporal Operations
Linear Temporal Logic (LTL) Computational Tree Logic (CTL)
![Page 12: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/12.jpg)
12V&V Techniques
LTL Temporal Operations
X: next F: finally G: globally U: until
![Page 13: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/13.jpg)
13V&V Techniques
LTL Example
p X p alert F halt G (alert F halt ) G (alert (alarm U halt ) )
![Page 14: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/14.jpg)
14V&V Techniques
CTL Path Operations
A: always E: there exists
Combine with temporal operations of LTL:AX, AF, AG, AUEX, EF, EG, EU
![Page 15: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/15.jpg)
15V&V Techniques
CTL Example
AG p AF halt E ( alaram U halt ) AX alarm EF close
![Page 16: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/16.jpg)
16V&V Techniques
Properties
Safety Something never occurs.
Liveness Something will ultimately occur.
Reachability Some particular situation can be reached.
Fairness Something will (not) occur infinitely often.
Properties are checked under certain conditions
![Page 17: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/17.jpg)
17V&V Techniques
Model Checking
Model is a state machine (or automata) Property is defined in a temporal logic
CTL model checking O(|Q| * |p|)
LTL model checking O (|Q| * 2^|p| )
|Q|: number of states |p|: number of sub-formulas in property
![Page 18: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/18.jpg)
18V&V Techniques
State Explosion Problem
Both in LTL and CTL:An automata is generated (explicitly)
Number of states grow exponentially
![Page 19: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/19.jpg)
19V&V Techniques
Symbolic Model Checking
Symbolically (implicitly) represent states (and transition between states)
Use Binary Decision Diagram (BDD) to represent state variables
Uses CTL properties
![Page 20: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/20.jpg)
20V&V Techniques
Reduced Order BDD (ROBDD)
A directed acyclic graph (DAG) with two leaf nodes (1,0)
Represent Boolean functionsCompactCanonicalEfficient operations (linear or quadratic)Simple to use
![Page 21: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/21.jpg)
21V&V Techniques
Satisfiability (SAT) Checking
Satisfiability Checking: Check existence of a combination of values
for a Boolean function that function is 1 Check that ~f is unsatisfiable
![Page 22: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/22.jpg)
22V&V Techniques
Bounded Model Checking
Search for counter example by unfolding system in time until a bound is reached.
Use SAT checkers
What about unbounded model checking?
![Page 23: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/23.jpg)
23V&V Techniques
Symbolic Simulation
Simulate with symbolic (not explicit) values. Inputs: expressionsOutputs: expressions
Originally based on BDD.
![Page 24: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/24.jpg)
24V&V Techniques
Symbolic Trajectory Evaluation
Check properties of A=>C form. A: input variables’ values over time C: expected output variables’ values over time
Symbolically simulate with given input values (A).
Check that expected results (C) to be compatible (subset of) simulated output results.
![Page 25: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/25.jpg)
25V&V Techniques
Equivalence Checking
Check equivalent behavior between two designsSame level of abstraction Different levels of abstraction
Combinational Sequential
![Page 26: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/26.jpg)
26V&V Techniques
Equivalence Checking Methods
Combinational Compare the canonical representation of two circuits. (may be
not feasible) Use SAT checker …
Sequential Find equivalent FFs and Compare combinational circuits
between them. Construct the multiplicative state machine and check the
equivalency of outputs in all states. Bounded model checking
![Page 27: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/27.jpg)
27V&V Techniques
Assertion-Based Verification
Assertion: property
Do property checking during simulationEmbed in designCheck in run-time
![Page 28: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/28.jpg)
28V&V Techniques
Assertion Languages
OVL: Open Verification library PSL: Property Specification Language
Formerly “Sugar” SystemVerilog …
![Page 29: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/29.jpg)
29V&V Techniques
Coverage
Percentage of design covered during simulation Code
Statement Path Condition …
Signal …
![Page 30: Verification & Validation By: Amir Masoud Gharehbaghi Email: amgh@mehr.sharif.edu](https://reader036.vdocument.in/reader036/viewer/2022062315/5697bfd81a28abf838caebed/html5/thumbnails/30.jpg)
30V&V Techniques
Conclusions
Verification is a serious bottleneck for current designs Up to 80 percent of design time
Formal methods cannot be applied to real designs
Simulation cannot guarantee correctness of designs
Embedded system verification containing Hw/Sw requires new techniques