Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science

end - Wolfram Library Archive

advertisement 
Using Mathematica for modeling,
simulation and property checking of
hardware systems
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
Ghiath AL SAMMANE
VDS group : Verification & Modeling of Digital systems
TIMA Laboratory
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see thi s picture.
Techniques of Informatics and Microelectronics for computer Architecture
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see thi s picture.
Outline








What is TIMA?
Digital hardware design process
Modeling Hardware in Mathematica
VHDL simulation in Mathematica
Verification & symbolic simulation
Property checking
Successful applications
Conclusion
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
2
© Ghiath AL SAMMANE
Outline








What is TIMA?
Digital hardware design process
Modeling Hardware in Mathematica
VHDL simulation in Mathematica
Verification & symbolic simulation
Property checking
Successful applications
Conclusion
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
3
© Ghiath AL SAMMANE
What is TIMA ? (1)
 Public research lab of the university of Grenoble and CNRS,
located in the European equivalent to Silicon Valley
 Carrying out research in the field of
– Hardware design, architecture, test.
– Verification & CAD tools.
– Quality of integrated circuits and by means of data processing and
microelectronics technology.
 Transferring research results to industry
 Contributing to knowledge dissemination by organizing
conferences and editing journals
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
4
© Ghiath AL SAMMANE
What is TIMA ? (2)
 120 members including interns and staff
 67 PhD candidates
 17 patents since 1993 and 3 start ups since 1999
 7 conferences organized in 2004 and 6 conferences
to be organized in 2005
 100 publications/year since 1993 and 57 PhD theses
since 1999
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
5
© Ghiath AL SAMMANE
Outline








What is TIMA?
Digital hardware design process
Modeling Hardware in Mathematica
VHDL simulation in Mathematica
Verification & symbolic simulation
Property checking
Successful applications
Conclusion
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
6
© Ghiath AL SAMMANE
Digital Hardware Design Process
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
Design
Specifications
• In English
• Given by managers, customers…
• In Matlab, C, Java ….
Functional
Design
RTL
Design
• Property checking
• Done by R&D department
• In standard description Language, VHDL,
Verilog.
• Done by HW designers
7
© Ghiath AL SAMMANE
Digital Hardware Design Process
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
• In Matlab, C, Java ….
Functional
Design
RTL
Design
RTL
Verification
• Property checking
• Done by R&D department
• In standard description Language, VHDL,
Verilog.
• Done by HW designers
• By simulation, logical modeling &
automatic reasoning
•Property checking
• Done by HW designers & verification
experts
8
© Ghiath AL SAMMANE
Digital Hardware Design Process
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
RTL
Verification
Synthesis &
Optimization
Post-Synthesis
Verification
• By simulation, logical modeling &
automatic reasoning
• Property checking
• Equivalence checking
• Done by HW designers & verification
experts up to 75 % of design time !
Tech. mapping
Place & route
Fabrication
Post design process
Test &
Packaging
9
© Ghiath AL SAMMANE
Outline








What is TIMA?
Digital hardware design process
Modeling Hardware in Mathematica
VHDL simulation in Mathematica
Verification & symbolic simulation
Property checking
Successful applications
Conclusion
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
10
© Ghiath AL SAMMANE
Designing Hardware in Mathematica
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
• In Mathematica, Matlab, C, Java ….
Functional
Design
RTL
Design
RTL
Verification
• Property checking
• Done by R&D department
• In standard description Language, VHDL,
Verilog.
• Done by HW designers
• By simulation, logical modeling &
automatic reasoning in Mathematica
•Property checking
• Done by HW designers & verification
experts
11
© Ghiath AL SAMMANE
Designing HW in Mathematica
 Functional Design
– Writing the early algorithms, formulas & equations
directly in Mathematica
– Checking property by numerical & symbolic
computation
 RTL (register transfer level) design
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
– Writing in standard VHDL
– Simulating VHDL in Mathematica numerically &
symbolically
– Checking properties
12
© Ghiath AL SAMMANE
Designing HW in Mathematica
 Functional Design
– Writing the early algorithms, formulas & equations
directly in Mathematica
– Checking property by numerical & symbolic
computation
 RTL (register transfer level) design
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
– Writing in standard VHDL
– Simulating VHDL in Mathematica numerically &
symbolically
– Checking properties
13
© Ghiath AL SAMMANE
Designing HW in Mathematica
 Functional Design
– Writing the early algorithms, formulas & equations
directly in Mathematica
– Checking property by numerical & symbolic
computation
 RTL (register transfer level) design
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
– Writing in standard VHDL
– Simulating VHDL in Mathematica numerically &
symbolically
– Checking properties
14
© Ghiath AL SAMMANE
Designing HW in Mathematica
 Functional Design
– Writing the early algorithms, formulas & equations directly in
Mathematica
– Checking property by numerical & symbolic computation
 RTL (register transfer level) design
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
– Writing in standard VHDL
– Simulating VHDL in Mathematica numerically & symbolically
– Checking properties
Finding bugs earlier  Less verification effort
15
© Ghiath AL SAMMANE
Outline








What is TIMA?
Digital hardware design process
Modeling Hardware in Mathematica
VHDL simulation in Mathematica
Verification & symbolic simulation
Property checking
Successful applications
Conclusion
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
16
© Ghiath AL SAMMANE
First step :VHDL in Mathematica
 Modeling the semantic of a VHDL subset
– The model must meet the VHDL synthesizable standard
– Accept numeric & symbolic inputs
– A hierarchical functional model
 Simulating the VHDL descriptions
– The same results in numeric cases as within standard
simulators
– Optimized for symbolic simulation
 Checking properties about the symbolic results
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
– Pattern matching, sat solving, BDD, theorem proving…
17
© Ghiath AL SAMMANE
Mathematica symbolic simulatior
nsimulation cycles
VHDL Translator
File In Mathematica
Simulation
Constraints
+
Assertions
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
M-Code
Symbolic
test cases
Event-based Symbolic
Simulator
Constraints Resolution
+
symbolic Verification
of assertions
18
Results
Simulation
Rules
© Ghiath AL SAMMANE
Mathematica symbolic simulatior
nsimulation cycles
VHDL Translator
File In Mathematica
Simulation
Constraints
+
Assertions
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
M-Code
Symbolic
test cases
Event-based Symbolic
Simulator
Constraints Resolution
+
symbolic Verification
of assertions
19
Results
Simulation
Rules
© Ghiath AL SAMMANE
A VHDL example
A VHDL example :
entity two_arbiter is
Clock
port ( Clock : in bit;
Reset : in bit;
Req1 : in bit;
Req2 : in bit;
Ack1 : out bit;
Ack2 : out bit);
end two_arbiter ;
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
Reset
Req1
Req2
Two requests arbiter
Ack1
Ack2
Priority is given to the request Req2
20
© Ghiath AL SAMMANE
A VHDL example
A VHDL example :
if req1='1' and req2='0' then
ack1<='1';
architecture behavior of two_arbiter
ack2<='0';
is
elsif req2='1' then
begin -- behavior
ack2<='1';
synchronous: process (clock, reset)
ack1<='0';
begin -- process synchronous
else
if reset = '0' then
ack1<='0';
ack1<='0';
ack2<='0';
ack2<='0';
end if;
elsif clock'event and clock = '1'
end if;
then -- rising clock edge
end process synchronous;
end behavior;
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
21
© Ghiath AL SAMMANE
The M-code
 The Mathematica function that models the
execution of the VHDL entity-architecture for one
clock cycle
 M-code (Mathematica COnditional DEscription)
 Extracted automatically from the VHDL
description
 Hierarchy is supported
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
22
© Ghiath AL SAMMANE
The M-code of the example
A VHDL example : The Mathematica equivalent :
entity two_arbiter is
port ( Clock : in bit;
Reset : in bit;
Req1 : in bit;
Req2 : in bit;
Ack1 : out bit;
Ack2 : out bit);
Clear[two$arbiter$behavior];
SetAttributes[two$arbiter$behavior,
HoldAll];
two$arbiter$behavior[ack1_, ack1$1_,
ack2_, ack2$1_, clock_, clock$0_, req1_,
req2_, reset_, reset$0_]:=
end two_arbiter ;
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
23
© Ghiath AL SAMMANE
The M-code of the example
A VHDL example : The Mathematica equivalent :
entity two_arbiter is
port ( Clock : in bit;
Reset : in bit;
Req1 : in bit;
Req2 : in bit;
Ack1 : out bit;
Ack2 : out bit);
Clear[two$arbiter$behavior];
SetAttributes[two$arbiter$behavior,
HoldAll];
two$arbiter$behavior[ack1_, ack1$1_,
ack2_, ack2$1_, clock_, clock$0_, req1_,
req2_, reset_, reset$0_]:=
end two_arbiter ;
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
24
© Ghiath AL SAMMANE
The M-code of the example
A VHDL example : The Mathematica equivalent :
entity two_arbiter is
port ( Clock : in bit;
Reset : in bit;
Req1 : in bit;
Req2 : in bit;
Ack1 : out bit;
Ack2 : out bit);
Clear[two$arbiter$behavior];
SetAttributes[two$arbiter$behavior,
HoldAll];
two$arbiter$behavior[ack1_, ack1$1_,
ack2_, ack2$1_, clock_, clock$0_, req1_,
req2_, reset_, reset$0_]:=
end two_arbiter ;
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
25
© Ghiath AL SAMMANE
The M-code of the example
A VHDL example : The Mathematica equivalent :
entity two_arbiter is
port ( Clock : in bit;
Reset : in bit;
Req1 : in bit;
Req2 : in bit;
Ack1 : out bit;
Ack2 : out bit);
Clear[two$arbiter$behavior];
SetAttributes[two$arbiter$behavior,
HoldAll];
two$arbiter$behavior[ack1_, ack1$1_,
ack2_, ack2$1_, clock_, clock$0_, req1_,
req2_, reset_, reset$0_]:=
end two_arbiter ;
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
26
© Ghiath AL SAMMANE
Signal modeling
 Three values are needed
 The current value at time t, (S)
 The old value at time (t-1), (S$0)
 The next value at time (t+1), (S$1)
 Old values are used only for detecting events
(Sig(t)  Sig (t-1))
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
27
© Ghiath AL SAMMANE
The M-code body
 Each concurrent statement in the architecture is
rewritten as a sequential process
 From these processes we extract automatically a
list of assignments
 One assignment for each object in the design :the
transfer function of the object (signal or variable)
 Simulates the behavior of the circuit for an abstract
time unit called cycle
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
28
© Ghiath AL SAMMANE
Modeling assignments
 The signal assignment function :
NextSig[ S, F(S1,S2,…,Sn)]]
 It gives the next value of S knowing the
current and the old values of design objects
(S1,S2,…,Sn)
 F is an if-then-else expression (Ife)
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
29
© Ghiath AL SAMMANE
A VHDL example
A VHDL example :
if req1='1' and req2='0' then
ack1<='1';
ack2<='0';
elsif req2='1' then
ack2<='1';
ack1<='0';
else
ack1<='0';
ack2<='0';
end if;
end if;
end process synchronous;
end behavior;
architecture behavior of two_arbiter is
begin -- behavior
synchronous: process (clock, reset)
begin -- process synchronous
if reset = '0' then
ack1<='0';
ack2<='0';
elsif clock'event and clock = '1' then
-- rising clock edge
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
30
© Ghiath AL SAMMANE
The M-code of the architecture
 The process is a set of signal assignments :
{NextSig[ack1$1,
Ife[equal[reset, 0],
0,
Ife[and[event[clock], equal[clock,
1]],
Ife[and[equal[req1, 1],
equal[req2, 0]],
1,
0],
ack1]
]
]
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
31
, NextSig[ack2$1,
Ife[equal[reset, 0],
0 ,
Ife[and[event[clock],
equal[clock, 1]],
Ife[and[equal[req1, 1],
equal[req2, 0]],
0,
Ife[equal[req2, 1],
1,
0]
], ack2]]
] }
© Ghiath AL SAMMANE
Outline








What is TIMA?
Digital hardware design process
Modeling Hardware in Mathematica
VHDL simulation in Mathematica
Verification & symbolic simulation
Property checking
Successful applications
Conclusion
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
32
© Ghiath AL SAMMANE
Second step : simulation VHDL
nsimulation cycles
VHDL Translator
File In Mathematica
Simulation
Constraints
+
Assertions
M-Code
Symbolic
test cases
Event-based Symbolic
Simulator
Constraints Resolution
+
symbolic Verification
of assertions
Results
Simulation
Rules
Executing the M-code function for n cycle (clock cycle for synchronous circuits)
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
33
© Ghiath AL SAMMANE
Mathematica symbolic simulator
nsimulation cycles
VHDL Translator
File In Mathematica
Simulation
Constraints
+
Assertions
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
M-Code
Symbolic
test cases
Event-based Symbolic
Simulator
Constraints Resolution
+
symbolic Verification
of assertions
Results
Simulation
Rules
During simulation : applying test cases and simulation rules
34
© Ghiath AL SAMMANE
Simulation algorithm
Initialize(DesignObject)
For cycle := 1 to n do
Apply-test-vectors(inputs)
Mcode(DesignObject)
Verify(Assertion)
Update(DesignObject)
Print(SelectedResults)
End for
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
35
© Ghiath AL SAMMANE
Simulation Rules
 Used during the execution of M-code
 Simplification rules
– Ife[True,x_,_]  x;
– Ife[False,_,y_]  y;
– Ife[_,y_,y_]  y;
 Normalization rules
– Ife[Ife[a_,b_,c_],x_,y_]  Ife[a,Ife[b,x,y],Ife[c,x,y]];
 Evaluation rules
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
– Ife[cond_,x_,y_] 
IFE[cond,Assuming[cond,simplify[x]],Assuming[Not[cond],
simplify[y]]];
36
© Ghiath AL SAMMANE
The M-code of the architecture
 The process is a set of signal assignments :
{NextSig[ack1$1,
Ife[equal[reset, 0],
0,
Ife[and[event[clock], equal[clock,
1]],
Ife[and[equal[req1, 1],
equal[req2, 0]],
1,
0],
ack1]
]
]
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
37
, NextSig[ack2$1,
Ife[equal[reset, 0],
0 ,
Ife[and[event[clock],
equal[clock, 1]],
Ife[and[equal[req1, 1],
equal[req2, 0]],
0,
Ife[equal[req2, 1],
1,
0]
], ack2]]
] }
© Ghiath AL SAMMANE
Simulation of the example
 Most inputs are symbols, one simulation test case
is equivalent to a lot of numeric ones
 The symbolic expression of Ack1
– IFE[RESET == 0, 0, IFE[REQ1 == 1 && REQ2 == 0,
1, 0]]
 The symbolic expression of Ack2
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
– IFE[RESET == 0, 0, IFE[REQ1 == 1 && REQ2 == 0,
0, IFE[REQ2 == 1, 1, 0]]]
38
© Ghiath AL SAMMANE
Outline








What is TIMA?
Digital hardware design process
Modeling Hardware in Mathematica
VHDL simulation in Mathematica
Verification & symbolic simulation
Property checking
Successful applications
Conclusion
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
39
© Ghiath AL SAMMANE
Checking properties
 What can we do with huge If-then-else
expressions?
– The designer writes a property that the circuit should
satisfy
– After the simulation, the symbolic expression of the
assertion should be evaluated to true or false
 Property are checked by
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
– Using comparison to direct specifications written in
Mathematica
– Using a Boolean prover in Mathematica
– Using an external theorem prover
40
© Ghiath AL SAMMANE
Boolean prover in Mathematica
 A prototype is under test
 Take a normalized if-then-else and gives a counter
example if the theorem is wrong and prove it
otherwise
 Built by the association of :
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
– an implementation of the shared-BDD rewriting in
Mathematica
– Make use of the FindInstance function in Mathematica
41
© Ghiath AL SAMMANE
Checking properties of the example
 mutex : assert not (Ack1 and Ack2)
 serve : assert Req1 or Req2  Ack1 or Ack2
 waste : assert Ack1  req1
 waste : assert Ack2  req2
 All these properties are proved by by our Boolean
prover in Mathematica and by ACL2
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
42
© Ghiath AL SAMMANE
SatBit : checking the arbiter
SatBit : Gives an example that the expression is
satisfaisable, False other wise.
In[24]:= SatBit[ack2]
Sat, example:
Out[24]= {{REQ1 -> 1, REQ2 -> 1, RESET -> 1}}
In[25]:= SatBit[ack1&&ack2]
Out[25]= False
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
43
© Ghiath AL SAMMANE
Proving properties by ACL2
 An inductive theorem prover
 An automatic link with Mathematica
 The main function is ImpliesAcl2[p,q]
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
– Prove by Acl2 that p  q
Example:
– ImpliesAcl2[
And[
bitp[REQ1, REQ2, RESET], RESET == 1
,ack1 == 1
],
REQ1 == 1]
True
44
© Ghiath AL SAMMANE
Outline








What is TIMA?
Digital hardware design process
Modeling Hardware in Mathematica
VHDL simulation in Mathematica
Verification & symbolic simulation
Property checking
Successful applications
Conclusion
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
45
© Ghiath AL SAMMANE
Successful applications
 Validation on research and academic cases
 Symbolic simulation and a verification of a
network on chip (a university circuit)
 Symbolic simulation of an industrial cryptographic
component implementation
 Symbolic simulation and property verification of a
DRAM specification that comes from
STMicroelectronics
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
46
© Ghiath AL SAMMANE
Outline








What is TIMA?
Digital hardware design process
Modeling Hardware in Mathematica
VHDL simulation in Mathematica
Verification & symbolic simulation
Property checking
Successful applications
Conclusion
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
47
© Ghiath AL SAMMANE
Conclusion : achievements
 A VHDL to Mathematica compiler is built
 A hardware simulator in Mathematica is implemented
 We prove properties about results
– A Boolean prover is implemented in Mathematica (automatic)
– A link to an external theorem prover is achieved (expert in proof
may be needed when proof fails)
 Application on various industrial circuits
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
48
© Ghiath AL SAMMANE
Conclusion : What is next ?
 Writing a user manual
 Building an interface
 Supporting Property Specification Language (PSL)
 A Demo at DATE 2005 (Design Automation &
Test in Europe)
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
49
© Ghiath AL SAMMANE
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
Thank you
50
© Ghiath AL SAMMANE
If-then-else expression (Ife)
Ife_expr ::=
Symbol
| Number
| True | False
| Boolean_Expression
| Arithmetic_Expression
| Ife[Ife_expr, Ife_expr, Ife_expr]
QuickTime™ and a
TIFF (Uncompressed) decompressor
are needed to see this picture.
51
© Ghiath AL SAMMANE
Related documents
Chapter 9 Section 1
Chapter 9 Section 1
Moliere
Moliere
Document
Document
Cognition & Learning
Cognition & Learning
Chapter 9 Section 3
Chapter 9 Section 3
Creation and Implementation of Hand Hygiene
Creation and Implementation of Hand Hygiene
Download
advertisement