Abstract
Embedded systems usually consist of deeply integrated hardware and software components. As a consequence, modular verification is not easily possible. One important step towards modular verification of integrated HW/SW systems is to automatically compute abstractions of components that influence the overall system behavior but are not relevant for a given property. In this paper, we present an automatic abstraction technique for HW/SW co-designs modeled in SystemC. The key idea is to use a variant of classical abstract interpretation that is tailored for the specific semantics of SystemC. Our main contributions are the following: First, we present an analysis that determines data-dependencies between variables and equivalent data values with respect to conditional branches while taking the timing behavior and scheduling policies of SystemC into consideration. Second, we use the results for slicing and variable abstraction to significantly reduce the semantic state space of a given SystemC design and again produce a valid abstract design. Our abstraction technique makes it possible to automatically verify properties for comparatively large designs with the UPPAAL model checker, which cannot be handled without our approach. We demonstrate this with two case studies from the SystemC reference implementation.
- G. Behrmann, A. David, and K. G. Larsen. A Tutorial on Uppaal. In Formal Methods for the Design of Real-Time Systems, LNCS 3185, pages 200--236. Springer, 2004. Google Scholar
Cross Ref
- D. Beyer, T. A. Henzinger, R. Jhala, and R. Majumdar. The software model checker BLAST: Applications to software engineering. Intl. Journal on Software Tools and Technology Transfer, 2007. Google Scholar
Digital Library
- C.-N. Chou, C.-K. Chu, and C.-Y. R. Huang. Conquering the scheduling alternative explosion problem of systemc symbolic simulation. In Intl. Conference on Computer-Aided Design (ICCAD), pages 685--690. IEEE, 2013. Google Scholar
Cross Ref
- C.-N. Chou, Y.-S. Ho, C. Hsieh, and C.-Y. R. Huang. Symbolic model checking on SystemC designs. In Design Automation Conference (DAC), pages 327--333. ACM, 2012. Google Scholar
Digital Library
- A. Cimatti, A. Griggio, A. Micheli, I. Narasamdya, and M. Roveri. Kratos - A Software Model Checker for SystemC. In Computer-Aided Verification (CAV), volume 6806 of LNCS, pages 310--316. Springer, 2011.Google Scholar
Cross Ref
- A. Cimatti, I. Narasamdya, and M. Roveri. Software model checking systemc. IEEE Transactions on CAD of Integrated Circuits and Systems, 32(5):774--787, 2013. Google Scholar
Digital Library
- E. Clarke, D. Kroening, and F. Lerda. A tool for checking ANSI-C programs. In Intl. Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS), volume 2988 of LNCS, pages 168--176. Springer, 2004. Google Scholar
Cross Ref
- P. Cousot and R. Cousot. Static determination of dynamic properties of programs. In Intl. Symposium on Programming, pages 106--130, 1976.Google Scholar
- P. Cousot and R. Cousot. Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Principles of programming languages, pages 238--252. ACM, 1977. Google Scholar
Digital Library
- M. Elshuber, S. Kandl, P. P. Puschner, C. Choppy, and J. Sun. Improving System-Level Verification of SystemC Models with SPIN. In French Singaporean Workshop on Formal Methods and Applications (FSFMA), pages 74--79. Schloss Dagstuhl-Leibniz-Zentrum für Informatik, 2013.Google Scholar
- H. Garavel, C. Helmstetter, O. Ponsini, and W. Serwe. Verification of an industrial SystemC/TLM model using LOTOS and CADP. In Formal Methods and Models for Codesign (MEMOCODE), pages 46--55. IEEE Computer Society, 2009.Google Scholar
Cross Ref
- S. Graf and H. Saidi. Construction of abstract state graphs with PVS. In Computer Aided Verification, volume 1254 of LNCS, pages 72--83. Springer, 1997. Google Scholar
Cross Ref
- D. Große, H. M. Le, and R. Drechsler. Proving Transaction and System-level Properties of Untimed SystemC TLM Designs. In Formel Methods and Models for Codesign (MEMOCODE), pages 113--122. IEEE Computer Society, 2010.Google Scholar
Digital Library
- A. Habibi, H. Moinudeen, and S. Tahar. Generating Finite State Machines from SystemC. In Design, Automation and Test in Europe, pages 76--81. IEEE, 2006.Google Scholar
Digital Library
- A. Habibi and S. Tahar. An Approach for the Verification of SystemC Designs Using AsmL. In Automated Technology for Verification and Analysis, LNCS 3707, pages 69--83. Springer, 2005. Google Scholar
Digital Library
- N. Harrath, B. Monsuez, and K. Barkaoui. Verifying SystemC with predicate abstraction: A component based approach. In Intl. Conference on Information Reuse and Integration, pages 536--545. IEEE, 2013. Google Scholar
Cross Ref
- C. Heitmeyer, J. Kirby, B. Labaw, M. Archer, and R. Bharadwaj. Using abstraction and model checking to detect safety violations in requirements specifications. IEEE Transactions on Software Engineering, 24(11):927--948, Nov 1998. Google Scholar
Digital Library
- C. Helmstetter. TLM.open: a SystemC/TLM Frontend for the CADP Verification Toolbox. Leibniz Transactions on Embedded Systems, 1(1), 2014.Google Scholar
- T. A. Henzinger, R. Jhala, R. Majumdar, and G. Sutre. Lazy abstraction. In Symposium on Principles of Programming Languages (POPL), pages 58--70. ACM, 2002. Google Scholar
Digital Library
Recommendations
HW/SW co-verification of embedded systems using bounded model checking
GLSVLSI '06: Proceedings of the 16th ACM Great Lakes symposium on VLSIToday, the underlying hardware of embedded systems is often verified successfully. In this context formal verification techniques allow to prove the functional correctness. But in embedded system design the integration of software components becomes ...
Automatic Abstraction Using Generalized Model Checking
CAV '02: Proceedings of the 14th International Conference on Computer Aided VerificationGeneralized model checking is a framework for reasoning about partial state spaces of concurrent reactive systems. The state space of a system is only "partial" (partially known) when a full state-space exploration is not computationally tractable, or ...






Comments