combining symbolic simulation and interval arithmetic for the verification of ams designs mohamed...
TRANSCRIPT
Combining Symbolic Simulation and Interval Arithmetic for the Verification of
AMS Designs
Mohamed Zaki, Ghiath Al Sammane, Sofiene Tahar,
Guy Bois
FMCAD'07November 14th , 2007
1
1 Hardware Verification Group, ECE Department, Concordia University
2 Génie Informatique, Ecole Polytechnique de Montréal
1 1
2
• Introduction• Related Work• Verification Methodology
– Modelling AMS Designs– Symbolic Simulation– Verification Algorithm
• Applications– ΔΣ Modulator– Analog Oscillator
• Conclusion
Outline
A cornerstone in embedded systems are analog and mixed signal (AMS) designs, usually needed at the interface with the real world.
A cornerstone in embedded systems are analog and mixed signal (AMS) designs, usually needed at the interface with the real world.
AMS applications
• Front-end: sensors, amp., filters, A/D
• Back-end: D/A, filters, oscillators, PLL
• High performance digital circuits
MicroprocessorMemory
DSP
AMS
Control Logic
ROM RAM
AnalogRF
TransceiverDAC ADC
DIGTAL
AMS
MicroprocessorMemory
DSP
AMS
Control Logic
ROM RAM
AnalogRF
TransceiverDAC ADC
DIGTAL
AMS
Introduction
One important issue in the design process is verification.Used verification methods: Simulation and Symbolic Analysis.One important issue in the design process is verification.Used verification methods: Simulation and Symbolic Analysis.
Formal Verification for AMS?Formal Verification for AMS?
Problem in AMS Verification
• Contains continuous components
• Infinite continuous state space
• Dense time
• Strong nonlinear behavior with digital components
Exhaustive simulation is out of reach
The closed form solution of differential equations is only possible for specific cases
Formal verification for AMS: Kurshan ’91, Greenstreet ’98, Gupta’04, Dang’04, Hartong’05, Myers’05, Frehse’06
Verified Designs: - modulators, filters, oscillators, VCO…Used Tools: d/dt, PHAVer, Checkmate, Coho…
• Basic Idea: Approximate Analysis using (e.g.: interval, polyhedral).• Pros: guaranteeing the inclusion of the solution, hence soundness• Cons: computationally expensive, low dimension systems.
Motivation
Motivation
Proposed Methodology
The idea is based on approximation byinterval Taylor model forms
We propose a recurrence equations based bounded model checking approach for AMS systems.
Symbolic part Interval part
Verification Methodology
Temporal Property
Symbolic Simulation
Interval based
Bounded Model Checking
Property is False (Counterexample Generated)
Combined SRE
RecurrenceEquations
AMS System
Continuous- Time Digital
Discrete-Time
Taylor Approximation
Property is Proved True for a Bounded Time
Temporal Property
Symbolic Simulation
Interval based
Bounded Model Checking
Property is False (Counterexample Generated)
Property is Proved True for a Bounded Time
Combined SRE
RecurrenceEquations
AMS System
Continuous- Time Digital
Discrete-Time
Taylor Approximation
AMS Modelling
A large class of AMS designs can be modeled using piecewise differential equations.
The analog behavior is governed by the differential equations:
Differential Equations
AMS exhibits piecewise behavior due to:
• Abrupt change in input signal, parameters• Change in the analog behavior• Events generated by control logic, switching conditions
AMS exhibits piecewise behavior due to:
• Abrupt change in input signal, parameters• Change in the analog behavior• Events generated by control logic, switching conditions
AMS designs are described using discrete time, continuous time analog behavior interacting with discrete digital components.
Extending System of ODEs using Generalized Piecewise Formula
Extending System of ODEs using Generalized Piecewise Formula
If-Expression (If[Cond, y, z])
Logical, comparison or arithmetic formula
►
►
►
►
►
A closed form solution is generally not available for ODE systems and discrete approximate models are used.
Differential Equations
RE indexRE index
Extending System of Recurrence EquationsExtending System of Recurrence Equations
The generalized If-formula is a class of expressions that extend recurrence equations [Al Sammane’05] to describe digital and mixed signal designs
If-Expression (If[Cond, y, z])
Logical, comparison or arithmetic formula
►
►
►
Recurrence Equations
Requirement:- Discrete sampling that captures all the different states in the continuous evolution.
Approximation of the ODE as truncated Taylor series expanded about time instant with a remainder term
Behavior Mapping
:=:
:=:
Map Piecewise ODE to SRE
The ODE system under certain assumptions, can be time descretized using Taylor Approximation
Taylor Approximation
Such representation allows an approximate polynomial description of the behavior of an ODE system using SRE.
Remainder
AMS Example
AMS Example
To preserve the original behavior, the remainder term should not be discarded and instead bounds must be specified.
Intervals are numerical domains that enclose the original states of a system of equations at each discrete step
Intervals are numerical domains that enclose the original states of a system of equations at each discrete step
Taylor Models Approximation
Symbolic part Interval part
Taylor Model ApproximationTaylor Model Approximation
• Taylor model arithmetic developed as an interval extension to Taylor approximations
• Allowing the over- approximation of system reachable states using non-linear enclosure sets.
• Preserve relationships between state variables.
Taylor Models Approximation
A Taylor model for a given function f consists of a multivariate polynomial pn(x) of order n, and a remainder interval I, which encloses Lagrange remainder of the Taylor approximation
Symbolic SimulationSymbolic Simulation
Verification Methodology
Temporal Property
Symbolic Simulation
Interval based Bounded Model Checking
Symbolic Rewriting Phase
Verification Phase
Property is False (Counterexample Generated)
Property is Proved True for a Bounded Time
Next Interval States
Combined SRE
RecurrenceEquations
AMS System
Continuous- Time Digital
Discrete-Time
Taylor Approximation
The symbolic simulation algorithm to obtain the generalized SRE is based on rewriting by substitution.
The symbolic simulation algorithm to obtain the generalized SRE is based on rewriting by substitution.
Substitution rules
Symbolic Simulation
Polynomial symbolic expressions
Logical symbolic expressions
If-formula expressions
Interval expressions
Interval-Logical expressions
Taylor Models expressions
Substitution Fixpoint
Symbolic Simulation Algorithm
Symbolic Simulation
Rewrites using two rules
►
►
Example
Interval Rules
To preserve the original behavior, the remainder term should not be discarded and instead bounds must be specified.
Intervals are numerical domains that enclose the original states of a system of equations at each discrete step
Intervals are numerical domains that enclose the original states of a system of equations at each discrete step
Basic interval arithmetic operators can be defined as follows:Basic interval arithmetic operators can be defined as follows:
Interval analysis provides methods for checking truth values of Boolean propositions over intervals by using the notion of inclusion test
Interval analysis provides methods for checking truth values of Boolean propositions over intervals by using the notion of inclusion test
Inclusion test:Inclusion test:
Examples:Examples:
►
Interval Rules
• The evaluation of a function is transformed to symbolically computing the Taylor polynomial of the function.
• Taylor polynomial will be propagated throughout the evaluation steps.
• Only the interval remainder term and polynomial terms of high orders are bounded using intervals.
Taylor Models Rules
Example:
Arithmetic over Taylor Model
id
Vid Vid
Example
x, y bound
Verification Methodology
Temporal Property
Symbolic Simulation
Interval based Bounded Model Checking
Symbolic Rewriting Phase
Verification Phase
Property is False (Counterexample Generated)
Property is Proved True for a Bounded Time
Next Interval States
Combined SRE
RecurrenceEquations
AMS System
Continuous- Time Digital
Discrete-Time
Taylor Approximation
Bounded model checking (BMC) algorithm relying on symbolic and interval computational methods
Properties
Bounded Model Checking
Computing the (overapproximate) reachable states is based on image computation.
Bounded Model Checking
Divergence problem in the interval based reachability calculation due to: 1) Dependency problem. 2) Wrapping effect
Evaluation of the reachable states over interval domains
Over-approximation guarantee: Every trajectory in the initial system, is included in the interval-based reachable states.
Example: x - x = 0 for x in [1, 2], but X – X = [-1, 1] for X = [1, 2]
Bounded Model Checking
is an interval evaluation of Taylor model form of the function
Overapproximation guarantee: Every trajectory in the initial system, is included in the Taylor Model based reachable states.
Computing the (overapproximate) reachable states is based on image computation.
Bounded Model Checking
Bounded Model Checking
3rd ModulatorExample
Application
VerifiedVerifiedNot Verified with Counterexample
Not Verified with Counterexample
Divergence
Application
• We presented a formal verification methodology for AMS designs.• Methodology based on symbolic rewriting and Interval methods• Continuous time is approximated using Taylor models• Avoiding conventional Interval arithmetic like wrapping effect.• Continuous state space is handled using symbolic-interval computations• Allowing the over- approximation of reachable states using non-linear
enclosure sets.•Methodology implemented using the Mathematica computer algebra system
Conclusion
Future Work:Future Work:• Automatic extraction of SREs form HDL-AMS designs.• Definition of an expressive property language for specifying properties of AMS designs.• Explore more complex case studies.
THANKS!
More Info at hvg.ece.concordia.ca