1. logic verification - university of southern california. logic verification tutorial on formal...

1. Logic verification

Tutorial on Formal Verification-

1-1

1Logic verification

© HE99

�Basic principles of OBDD´s�Variable ordering�Network of gates => OBDD´s�FDD´s and OKFDD´s�Reasoning abou t circuits�Structural method s�Satisfiability checker

2Logic verification

© HE99

�The basic problem: prove that two circuits implement thesame boo lean function, i.e., that f ≡≡ g is a tautology

ab

a

b

ab

f

&

&

g&&

=1

f ≡ g = f*g + f*g

≡ ≡ 1



1-2

3Logic verification

© HE99

�Ordered Binary Decision Diagrams�Decision d iagrams:

➤ one of many possible representations of boo leanfunctions

➤ based on Boole´s expansion theorem (1849)(also att ributed to Shannon)

➤ seminal paper by Bryant (1986) on the application tologic verification

Basic principles of OBDD´s

4Logic verification

© HE99

0 0 0 0 00 0 0 1 00 0 1 0 00 0 1 1 00 1 0 0 00 1 0 1 00 1 1 0 00 1 1 1 01 0 0 0 01 0 0 1 01 0 1 0 01 0 1 1 01 1 0 0 01 1 0 1 01 1 1 0 01 1 1 1 1

��

a b c d f

f(0, b, c, d)

f(1, b, c, d)

Principle:"Divide and conqu er"

two subfunctions thatdo not depend on variable a



1-3

5Logic verification

© HE99

0 0 0 0 00 0 0 1 00 0 1 0 00 0 1 1 00 1 0 0 00 1 0 1 00 1 1 0 00 1 1 1 01 0 0 0 01 0 0 1 01 0 1 0 01 0 1 1 01 1 0 0 01 1 0 1 01 1 1 0 01 1 1 1 1

��

a b c d f

f(0, b, c, d)

f(1, b, c, d)

0 0 0 00 0 1 00 1 0 00 1 1 01 0 0 01 0 1 01 1 0 01 1 1 0

0 0 0 00 0 1 00 1 0 00 1 1 01 0 0 01 0 1 01 1 0 01 1 1 1

f(0, b, c, d) f(1, b, c, d)

f

a0 1

f = a*f(0, b, c, d) + a*f(1, b, c, d)

6Logic verification

© HE99

�Notation:

➤ f(0,b,c,d) and f(1,b,c,d) are the cofactors of f w.r.t. a➤ we write also fa and fa , respectively➤ Boole´s expansion theorem:

f = a*fa + a*fa



1-4

7Logic verification

© HE99

c0 1

c0 1

b0 1

a0 1

1 1

c0 1

b0 1

c0 1

0 1 1 0 0 0

function values

0 0 0 00 0 1 10 1 0 10 1 1 01 0 0 11 0 1 01 1 0 01 1 1 1

a b c a b c⊕ ⊕a b c⊕ ⊕

�Apply Boole´s theorem to all variables: decision tree

➤ example: XOR in three variables

8Logic verification

© HE99�Variable ordering: order of application o f Boole´stheorem

c0 1

c0 1

b0 1

a0 1

1 1

c0 1

b0 1

c0 1

0 1 1 0 0 0

a b c⊕ ⊕variable order a, b, c



1-5

9Logic verification

© HE99

c0 1

c0 1

b0 1

a0 1

1 1

c0 1

b0 1

c0 1

0 1 1 0 0 0

�Observation: there are identical subtrees

10Logic verification

© HE99

b b

c c

0 1

a0

0

0

0

0

1

1

1 1

10 0 0 00 0 1 10 1 0 10 1 1 01 0 0 11 0 1 01 1 0 01 1 1 1

a b c a b c⊕ ⊕

�Sharing o f subtrees => decision g raph



1-6


© HE99Shannon : A symbolic analysis of relay and swi tchingcircuits (1938)


© HE99Some simple examples of decision d iagrams:

a0 1

0 1

a0 1

01

a

0 1

0 1

0

b1

a

0

1

0 1

0 b1

a a

a+b a * b



1-7


© HE99AND, OR, XOR in n variables

☛ #nod es grows linearly for AND, OR and XOR

0

1

0 1

0

1

x1

x2

1xn

0

...

01

0 1

0

1

x1

x2

1xn

0

..

.xn xn

0 1

0 01 1

x2 x2

x10

0 0

1

1 1

...


© HE99Many types of decision d iagramsmost favoured and successfull OBDD's (Ordered BinaryDecision Diagrams, Bryant ´86)properties of OBDD´s:

➤ same variable ordering on all paths ("ordered")— associate an index index(x) with each variable x— if var(v) is the variable associated with nod e v

then index(var(v)) is smaller than the index of allsuccessor nod es

➤ " reduced" :— there are no two nod es that represent the same

function— the two successors of each nod e are not

identical



1-8


© HE99

a

0

1

01

0b

1b

0 1

a

0

1

01

b1

0


© HE99�Given a variable ordering, OBDD´s are canonicalrepresentations of boo lean functions�two circuits implement the same boo lean function <=>the two OBDD´s are identical

=

a

b b

0 1

1

1

0

0 01

a

b b

0 1

1

1

0

0 01

ab

a

b

ab

f

g

&

&

&&

=1



1-9


© HE99�SN 74181 ALU:

&

&1

&

&

&

&

1

1

&

&

&

&1

&

&1

&

&

&

&

1

1

&

&

&

&1

&

1&

&

&

&

&

&

&

&

&

&1

1

&

&

&

&

&1

&

=1

=1

3

2

1

0

2

0

1

1

2

3

n

n+4

D

E

Q

S

B

A

Mc

G

c

P

F

F

A=B

F

F

SSS

3

A

3

2

2

E

1

1

3

D

B

B

A

D

E

E

D

B

A0

0

0

3

2

1

0

3

2

1

0

Q

Q

Q=1

=1

=1

=1

=1

=1

=1


© HE99

s3s2s1

s0

�SN 74181 OBDD ("shared OBDD" for several outputs):

b3

b2

b1

b0

a3

a2

a1

a0mc

g c4 p f3 f2 aeqb f1 f0



1-10


© HE99

&

&1

&

&

&

&

1

1

&

&

&

&1

&

&1

&

&

&

&

1

1

&

&

&

&1

&

1&

&

&

&

&

&

&

&

&

&1

1&

&

&

&

&1

&

=1

=1

3210

2

0

1

1

2

3

n

n+4

D

E

Q

S

B

A

Mc

G

c

P

F

F

A=B

F

F

SSS

3

A

3

2

2

E

1

1

3

D

B

B

A

D

E

E

D

B

A 0

0

0

3

2

1

0

3

2

1

0

Q

Q

Q=1

=1

=1

=1

=1

=1

=1

Implementation 2:=

OBDD´s

&

&1

&

&

&

&

1

1

&

&

&

&1

&

&1

&

&

&

&

1

1

&

&

&

&1

&

1&

&

&

&

&

&

&

&

&

&1

1&

&

&

&

&1

&

=1

=1

3210

2

0

1

1

2

3

n

n+4

D

E

Q

S

B

A

Mc

G

c

P

F

F

A=B

F

F

SSS

3

A

3

2

2

E

1

1

3

D

B

B

A

D

E

E

D

B

A0

0

0

3

2

1

0

3

2

1

0

Q

Q

Q=1

=1

=1

=1

=1

=1

=1

Implementation 1:


© HE99

TransistorNetlist

LayoutExtraction

TransistorNetlist

OBDD OBDD

Extraction

VHDL-Description

Specification

Synthesis

Synthesis

Synthesis Verification

Combination of synthesis, extraction, verification(BULL, AT&T, ...):

=



1-11


© HE99➤ OBDD´s become even more compact, if inverted

edges are provided. Example:

1

a

b b

c c

d d

e e

f f

g g

11 00

11 00

11 00

11 00

11 00

10

0

11 00

1

a

b

c

d

e

f

g

0 1

0 1

0 1

0 1

0 1

0 1

0 1


© HE99

#nod es depends critically on the variable ordering

➤ class ical example (Bryant ´86): f = x1x2 + x3x4 + x5x6x1

x3

x2

10

0

x5

x4

10

0

0

x6

10

0

1

1

1

x1

x3

10

0

x60

1

1

x3

x5

0 1

x5x5

0 1

x5

x2

0 1

x2x2

0 1

x2

11x4 x4

0 1

11 00

0 1 0 011 00

Variable ordering



1-12


© HE99

➤ n-bit adder:— variable ordering R1: an, bn, an-1, bn-1,..., a0, b0

— variable ordering R2: an, an-1,..., a0, bn, bn-1,..., b0

n= 8 16 32 64

time 0.02 0.03 0.11 0.19#nod es 35 75 155 315

time 0.39 16.34#nod es 750 196574

R1:

R2: ��


© HE99�Heuristics to determine a "goo d" variable ordering

➤ example: distribution o f a "weight"

➤ sum of weights: x=1/2, y=1/4, z=1/4,=> develop for x first

y

z

x

x1

1/2

1/2

1/4

1/4

1/4

1/4

1/21/4

1/4



1-13


© HE99

➤ delete variable and iterate

sum now: y=3/4, z=1/4,=> y is second variable

➤ hence variable ordering x, y, z

y

z

11/2

1/21/2

1/4

1/4

3/4

3/4


© HE99

�Sifting: dynamic variable ordering (Rudell ICCAD´93)

➤ basic s tep: exchange adjacent variables (Fujita et al.EDAC´91)

b b

c c

0 1

a0

0

0

0

0

1

1

1 1

1



1-14


© HE99

➤ Principle: exchange 0-1 and 1-0 path

c c

b0 1

1 10 0

g0 g1 g2 g3

b b

c0 1

1 10 0

g0 g2 g1 g3


© HE99

�Sifting: dynamic variable ordering

➤ basic s tep: exchange adjacent variables

b b

c c

0 1

a0

0

0

0

0

1

1

1 1

1 c c

b b

0 1

a0

0

0

0

0

1

1

1 1

1



1-15


© HE99

�Sifting procedure:

➤ find variable with max. #nodes (the " thickest" part ofan OBDD)

➤ shift variable over OBDD by pairwise exc hange ofadjacent variables until #nod es becomes minimum

0 1

minimum


© HE99



1-16


© HE99


© HE99



1-17


© HE99


© HE99



1-18


© HE99


© HE99



1-19


© HE99


© HE99

➤ in detail:

V3

V4 V4

V5 V5

1

V3

1

V4

V3

V5 V5

1 0



1-20


© HE99


© HE99



1-21


© HE99


© HE99



1-22


© HE99


© HE99



1-23


© HE99


© HE99



1-24


© HE99


© HE99



1-25


© HE99


© HE99



1-26


© HE99


© HE99



1-27


© HE99


© HE99



1-28


© HE99


© HE99



1-29


© HE99


© HE99

??

0

a

0

1

c

0

b1

0

1

1

Network of gates => OBDD´s

c&

a

b≥1



1-30


© HE99

C-programC-program ≥1

�Traverse network from inpu ts to outputs + build OBDD´s

*

C-programTraverser

C-program &c

&a

b≥1

a0 1

0 1

b0 1

0 1


© HE99�Traverse network from inpu ts to outputs + build OBDD´s

C-programTraverser

C-programc

&a

b≥1

a0 1

0 1

b0 1

0 1

a

0 1

0 1

0

b1

0 1

0 1

cC-program ≥1

C-program &C-program ≥1C-program ≥1



1-31


© HE99

C-programC-program ≥1

�Traverse network from inpu ts to outputs + build OBDD´s

C-programTraverser

C-program &c

&a

b≥1

a0 1

0 1

b0 1

0 1

a

0 1

0 1

0

b1

0 1

0 1

c

0

a

0

1

c

0

b1

0

1

1

C-program &


© HE99

�How does, e.g., the C-program & work?�basis: orthogon ali ty of Boolean expansion, i.e.,

f+g = x*(fx + gx) + x*(fx + gx),

f*g = x*(fx * gx) + x*(fx * gx),

f = x*fx + x*fx

*x

g

0 0x

f

1 1

fx fx gx gx

* *



1-32


© HE99

function AND(bdd 1, bdd2):

IF bdd 1=0 OR bdd 2=0 THEN return 0;

ELSEIF bdd 1=1 THEN return bdd2;


ELSE var1:=var(bdd 1);var2:=var(bdd 2);

IF var1=var2 THEN x:=var1; v0:= AND(low(bdd1), low(bdd2)), v1:= AND(high(bdd1),high(bdd 2));

ELSEIF index(var1) < index(var2) THEN x:=var1; v0:= AND(low(bdd 1), bdd2), v1:= AND(high(bdd1), bdd 2); ELSEIF ... IF v0 = v1 THEN return v0 ELSE return (x,v0,v1); ...

�The AND-Operation between two OBDD´s bdd1 and bdd 2

➤ assume nod es of form (x,v0,v1)

var low high


© HE99

a

0 1

0 1

0

b1

3

*c

0 1

0 14

bdd 1 bdd 2

var1=a var2=c => index(var1) < index(var2)

35

4c

&

a

b≥1



1-33


© HE99

a

0 1

0 1

0

b1

3

*c

0 1

0 14

bdd 1 bdd 2


x:=var1 := a v0:= and(low(bdd 1),bdd2), v1:= and(high(bdd 1),bdd 2)

35

4c

&

a

b≥1


© HE99

a

0 1

0 1

0

b1

3

*c

0 1

0 14

bdd 1 bdd 2

var1=b var2=c => index(var1) < index(var2)

35

4c

&

a

b≥1



1-34


© HE99

a

0 1

0 1

0

b1

3

*c

0 1

0 14

0

a

0

1

c

0

b1

0

1

1

5

bdd 1 bdd 2

var1=b var2=c => index(var1) < index(var2)

x:=var1 := b v0:= and(low(bdd 1),bdd2), v1:= and(high(bdd 1),bdd 2)

35

4c

&

a

b≥1


© HE99

var2=c => index(var1) < index(var2)


3

*c

0 1

0 14

0

a

0

1

c

0

b1

0

1

1

5

bdd 1 bdd 2

var1=b

35

4c

&

a

b≥1

a

0 1

0 1

0

b1



1-35


© HE99



var2=c

a

0 1

0 1

0

b1

3

*c

0 1

0 14

bdd 1 bdd 2

0

a

0

1

c

0

b1

0

1

1

5

35

4c

&

a

b≥1

bdd 1 bdd 2

var1=b

��


© HE99

*c

0 1

0 14

bdd 1 bdd 2



0

a

0

1

c

0

b1

0

1

1

5

35

4c

&

a

b≥1

�

a

0 1

0 1

0

b1

3



1-36


© HE99



a

0 1

0 1

0

b1

3

*c

0 1

0 14

bdd 1 bdd 2

var1=a

0

a

0

1

c

0

b1

0

1

1

5

35

4c

&

a

b≥1


© HE99



a

0 1

0 1

0

b1

3

*c

0 1

0 14

bdd 1 bdd 2

var1=a

0

a

0

1

c

0

b1

0

1

1

5

35

4c

&

a

b≥1

��



1-37


© HE99

➤ problem:

1

a

b b

c c

d d

e e

f f

g g

11 00

11 00

11 00

11 00

11 00

10

0

11 00

0

a

b b

c c

d d

e e

f f

g g

11 00

11 00

11 00

11 00

11 00

10

1

11 00

a b c d e f g⊕ ⊕ ⊕ ⊕ ⊕ ⊕

a b c d e f g⊕ ⊕ ⊕ ⊕ ⊕ ⊕

*


© HE99

1

a

b b

c c

d d

e e

f f

g g

11 00

11 00

11 00

11 00

11 00

10

0

11 00

0

a

b b

c c

d d

e e

f f

g g

11 00

11 00

11 00

11 00

11 00

10

1

11 00

*

* *

*



1-38


© HE99

�"OBDD-packages" maintain two tables:

➤ the computed table ct has entries of the form

ct stores results ca lculated before

➤ the unique table ut has entries of the form

x v0 v1

Operation bdd 1 bdd 2 Result bdd


© HE99

function AND(bdd 1, bdd2):

IF (AND,bdd 1,bdd 2,x) ∈∈ ct THEN return x;

IF bdd 1=0 OR bdd 2=0 THEN return 0;



ELSE var1:=var(bdd 1);var2:=var(bdd 2);

IF var1=var2 THEN x:=var1; v0:= AND(low(bdd1), low(bdd2)), v1:= AND(high(bdd1),high(bdd 2));

ELSEIF index(var1) < index(var2) THEN x:=var1; v0:= AND(low(bdd 1), bdd2), v1:= AND(high(bdd1), bdd 2); ELSEIF ... IF v0 = v1 THEN return v0 ELSEIF (x,v0,v1) ∉ ∉ ut THEN put in ut; ELSE return (x,v0,v1); ...



1-39


© HE99

➤ the result OBDD of a boo lean operation o f twoOBDD´s of size m and n nod es, respectively, has notmore than n*m nodes

➤ complexity of boo lean op erations between twoOBDD´s is O(n*m)


© HE99

�Many OBDD-packages in the pub lic domain�in many cases based on the ite(p, f, g)-operator (if p then felse g)�very eff icient: the CUDD package from Boulder�see also the TUD DD-package home page by Stefan Hörethwith on-line demo´s of, e.g., sifting http://www.rs.e-technik.th-darmstadt.de/~sth/

☛ the OBDD technique is a very efficientdecision p rocedure for the propo sitionalcalculus and incorporated into many theoremprovers, e.g., PVS and ACL2



1-40


© HE99

�FDD´s (Functional Decision Diagrams, Kebschull et al. 92)

➤ f = fx ⊕⊕ x*(fx ⊕⊕ fx)— for x = 0 we get f x

— for x = 1 we get f x ⊕⊕ fx ⊕⊕ fx = fx

— same graph structure, distinct interpretation:

f

x0 1

fx (fx ⊕⊕ fx)

FDD´s and OKFDD´s

rule: variable = 1 =>exor both branches


© HE99

�FDD´s are canon ical representations

➤ fixed variable ordering➤ reduction rule:

f

x0

0

(fx ⊕⊕ fx) : if the boo lean difference is 0, then the function does not depend on x

fx

f

fx

1



1-41


© HE99

�Difference between XOR and AND for FDD´s:

➤ f ⊕⊕ g = fx ⊕⊕ x*(fx ⊕⊕ fx) ⊕⊕ gx ⊕⊕ x*(gx ⊕⊕ gx) = (fx ⊕⊕ gx ) ⊕⊕ x*((fx ⊕⊕ fx) ⊕⊕ (gx ⊕⊕ gx))

➤ f ∗∗ g = (fx ⊕⊕ x*(fx ⊕⊕ fx)) ∗∗ (gx ⊕⊕ x*(gx ⊕⊕ gx)) = (fxgx) ⊕⊕ x*(fx (gx ⊕⊕ gx) ⊕⊕ (fx ⊕⊕ fx )gx ⊕⊕ (fx ⊕⊕ fx) (gx ⊕⊕ gx))

☛ for the calculation o f the AND, all 4 combinationsof high and low successors have to beconsidered


© HE99�OBDD and FDD for 4-bit adder (both wi th inverted edges)



1-42


© HE99�OKFDD´s (Ordered Kronecker FDD´s, Drechsler et al. 94)

➤ three types of decomposition:— Shannon : f = x*fx + x*fx

— positive Davio: f = fx ⊕⊕ x*(fx ⊕⊕ fx)— negative Davio: f = fx ⊕⊕ x*(fx ⊕⊕ fx)

a0

0

1

0 1

b 1

Shannon

p.Davio

1c0 p.Davio

f = a*[(0⊕⊕c*(1⊕⊕0)) ⊕ ⊕ b*(1⊕⊕(0⊕⊕c*(1 ⊕⊕0)))] + a*[0⊕⊕c*(1⊕⊕0)] = a*(c⊕⊕bc) + a*c

Decompositiontype list (DTL)


© HE99

�OBDD´s:

➤ AND, OR, XOR of two OBDD´s of size n and m ofcomplexity O(n*m)�

FDD´s/OKFDD´s:➤ XOR of complexity O(n*m), but AND and OR

expon ential➤ #nod es of FDD´s/OKFDD´s may be < #nod es of

OBDD´s => synthesis applications➤ OKFDD´s: determining the decomposition-type list

(DTL) is an additional problem



1-43


© HE99

Reasoning abou t circuits

�A circuit with n inpu ts and m outputs can be modelled asa vec tor of boo lean functions, F: Bn --> Bm

�reasoning abou t circuits is facilitated if the characteristicfunction o f such a circuit is bu ilt�let R be a subset of Bn, R ⊂ Bn. Then the characteristicfunction o f this se t, χR : Bn --> B, is defined by:

1 if x ∈ R χR (x) =

0 if x ∉ R


© HE99

a b x y χχC

0 0 0 0 10 0 0 1 00 0 1 0 00 0 1 1 00 1 0 0 00 1 0 1 10 1 1 0 00 1 1 1 01 0 0 0 01 0 0 1 11 0 1 0 01 0 1 1 01 1 0 0 01 1 0 1 01 1 1 0 01 1 1 1 1

�The characteristic function χC of a circuit

χχC = (x ≡ a*b)*(y ≡ a+b)ab

x

y

&

≥1

r ≡ s = r*s + r*s



1-44


© HE99

a b x y χχC

0 0 0 0 10 0 0 1 00 0 1 0 00 0 1 1 00 1 0 0 00 1 0 1 10 1 1 0 00 1 1 1 01 0 0 0 01 0 0 1 11 0 1 0 01 0 1 1 01 1 0 0 01 1 0 1 01 1 1 0 01 1 1 1 1

�The characteristic function χI of all circuit output-values(the " image" of Bn --> Bm)

➤ e.g., the combination x=1 and y=0 is not possible

χχC = (x ≡ a*b)*(y ≡ a+b)

x y χχI

0 0 10 1 11 0 01 1 1

χχI = x+y

ab

x

y

&

≥1


© HE99�How to calculate χI ?

➤ if a = 1 and b = 0 thenχC = (x ≡≡ a*b)*(y ≡≡ a+b) = (x ≡≡ 0)*(y ≡≡ 1) = x*y,i.e., the characteristic function o f the output values!

a b x y χχC

0 0 0 0 10 0 0 1 00 0 1 0 00 0 1 1 00 1 0 0 00 1 0 1 10 1 1 0 00 1 1 1 01 0 0 0 01 0 0 1 11 0 1 0 01 0 1 1 01 1 0 0 01 1 0 1 01 1 1 0 01 1 1 1 1

x y χχI

0 0 10 1 11 0 01 1 1

The existential quantification of several inpu ts means to build the sum of all inpu t combinations.Hence, χχI = ∃ a, b: (x ≡ a*b)*(y ≡ a+b) = x + y χχC

ab

x

y

&

≥1



1-45


© HE99!3 basic operations between cofactors:

➤ existential quantification

∃∃ x: f(x) = fx + fx

➤ universal quantification

∀∀ x: f(x) = fx * fx

☛ QBF´s: quantified boolean formulas☛ note:

∃∃ x, y: f(x,y) = f(0,0) + f(0,1) + f(1,0) + f(1,1),i.e., existential quantification o f a number ofboo lean variables means: build the sum of thefunction-values for all combinations of variables

➤ boo lean d ifference

∂∂f(x)/∂∂x = fx ⊕⊕ fx


© HE99!How can we characterize all values of x and y for a=1(" image calculation und er a restriction" ) ?

a b x y χχC

0 0 0 0 10 0 0 1 00 0 1 0 00 0 1 1 00 1 0 0 00 1 0 1 10 1 1 0 00 1 1 1 01 0 0 0 01 0 0 1 11 0 1 0 01 0 1 1 01 1 0 0 01 1 0 1 01 1 1 0 01 1 1 1 1

χχ = ∃ a, b: ((x ≡ a*b)*(y ≡ a+b) * a) = y

"

"

χχC

ab

x

y

&

≥1



1-46


© HE99#How can we characterize all input values of a and b so thatx=0 and y=1 ("pre-image calculation" ) ?

a b x y χχC

0 0 0 0 10 0 0 1 00 0 1 0 00 0 1 1 00 1 0 0 00 1 0 1 10 1 1 0 00 1 1 1 01 0 0 0 01 0 0 1 11 0 1 0 01 0 1 1 01 1 0 0 01 1 0 1 01 1 1 0 01 1 1 1 1

(x*y)[x->a*b, y->a+b]=

(a*b)*(a+b) = a*b + a*b

$

$

ab

x

y

&

≥1

χχC

= ∃ x, y: ((x ≡ a*b)*(y ≡ a+b) *(x*y))


© HE99

#Functional substitution: substitute function g vor variable x

f[x->g] = g*fx + g*fx

Note: ∃∃ x : (f*(x ≡≡ g)) = [fx*(0 ≡≡ g)] + [fx*(1 ≡≡ g)] = fx*g + fx *g = f[x->g]

☛ functional substitution can be reduced to theapplication o f the ∃∃ -operator



1-47


© HE99

Structural method s

%Functional method s limited by memory consumption ofOBDD´s%many circuits "similar" , e.g., after simple technologymapping, buffer insertion, etc.%basic idea: divide and conqu er

➤ partition circuit into sub-circuits by introdu cing cut-points

➤ express functions of sub-circuits in terms of cut-point variables


© HE99%Problems:

➤ how to find cut-points?— simple method s: equality by name, random

simulation➤ how to cope with false negatives?



1-48


© HE99

&Observation (Kühlmann DAC´97):

➤ in 80% of all circuit-pairs there 80% or more nod esthat have equivalent nod es in the other circuit&

equivalence-proof based on circuit structure:➤ conclude the equivalence of two gate-outputs from

— pairwise equivalence of gate inpu ts— same gate-function


© HE99&Example (Matsunaga DAC´96, modified)

1. Method :prove v1(a,b,c,d) ≈ v2(a,b,c,d)and w1(a,b,c,d) ≈ w2(a,b,c,d)

a

db

c

c

s2

t2

v2

w2

adb

c

c

s1

t1

v1

w1=1

&

&

&

&

&

&&

≥1

2. Method :- prove s1(a,b,d) ≈ s2(a,b,d) and t1(b,c) ≈ t2(b,c). If equivalent, s1/s2 and t1/t2 are cut-points- prove v1(c,s1) ≈ v2(c,s2) and w1(s1,t1) ≈ w2(s2,t2)



1-49


© HE99'Non-canon ical graph representation o f circuits(Kühlmann DAC´97) (similar representations are well-known from techno logy-mapping problems)

a

b

a

b

etc.

a

d&

a

d≥1


© HE99'Non-canon ical graph representation (Kühlmann DAC´97)

ca

d

b

c

v2

w2

ca

bd

c

v1

w1

s2

t2

s1

t1

a

db

c

c

s2

t2

v2

w2

adb

c

c

s1

t1

v1

w1=1

&

&

&

&

&

&&

≥1



1-50


© HE99➤ two nod es are equivalent iff the predecessors areequivalent (modu lo negation)

☛ t1 and t2 are equivalentca

d

b

c

v2

w2

ca

bd

c

v1

w1

s2

t2

s1

t1


© HE99➤ building the (small !) OBDD´s

for s1 and s2 we can prove thats1 and s2 are equivalent

➤ development of OBDD´s iscontrolled by their size

➤ by pure structural reasoning,we can show that v1 and v2are equivalent

ca

d

b

c

v2

w2

ca

bd

c

v1

w1

s2

t2

s1

t1



1-51


© HE99➤ it remains to show that

w1 and w2 are equivalent➤ express ing w1 and w2 in terms

of cut-point variables s1/t1 ands2/t2, respectively we concludethat w1 is not equivalent to w2

☛ a false negative

ca

d

b

c

v2

w2

ca

bd

c

v1

w1

s2

t2

s1

t1


© HE99(Method 1: substitute functions in output functions

00 01 01 00

00 00 00 00

00 00 10 10

00 01 01 00a

b

c

d

s2 t2s1 t1

Substitute s1/t1 in w1 and s2/t2 in w2 and p rove equivalence:w1 = s1 ⊕ t1 = abd ⊕ bc,w2 = s2 + t2 = abd + bc

a

db

c

c

s2

t2

v2

w2

adb

c

c

s1

t1

v1

w1=1

&

&

&

&

&

&&

≥1



1-52


© HE99)Method 2: work on the exor of the outputs bysubstitution (Matsunaga DAC´97) or case analys is (Kunzet al. DAC´95)

00 01 01 00

00 00 00 00

00 00 10 10

00 01 01 00a

b

c

d

s2 t2s1 t1

Prove:(w1 ⊕ w2) = s1*t1 = 0by substitution:adb*bc = 0

a

db

c

c

s2

t2

v2

w2

adb

c

c

s1

t1

v1

w1=1

&

&

&

&

&

&&

≥1


© HE99)Method 3: calculate characteristic function of image

00 01 01 00

00 00 00 00

00 00 10 10

00 01 01 00a

b

c

d

s2 t2s1 t1

Prove tautology:χχI => (w1 ≡ w2) = 1by image calculation:(s1 + t1) => (w1 ≡ w2) (s1 + t1) => (s1 + t1) = 1

a

db

c

c

s2

t2

v2

w2

adb

c

c

s1

t1

v1

w1=1

&

&

&

&

&

&&

≥1



1-53


© HE99

Satisfiability Checker*

SAT checker➤ rather than to demonstrate the tautology f = 1

positively, show that f = 0 leads to a contradiction➤ many modern SAT checker represent logical formulas

as a conjunction o f " triplets" of the form x = a * b orx = a ≡ b where a, b are literals

➤ correspond ence: x1 = x2 * a, x2 = b * c

☛ projection o f SAT check ing on circuitrepresentation:

ax1

b

x2c

~


© HE99*example: prove tautology [a(b + c) => ab + ac] = 1

➤ derive corresponding circuit with 2-inpu t AND´s andinverters

ac

ba

ba

c

11

1

01

0?

?

0

➤ try to produce a 0 at the output➤ propagate effect of value(s) until contradiction found

1

xy

x=y



1-54


© HE99

+example: prove tautology [a(b + c) => ab + ac] = 1

ac

ba

ba

c

01

1

1

1

10

1

1

0

0

1

0

10

00

11

contradiction

0-saturation


© HE99+another example: prove tautology [a(b + c) <= ab + ac] = 1

ac

ba

ba

c

01

1

1

0

0

a=0 0

0

0

0

0

1

1

contradiction



1-55


© HE99,another example: prove tautology [a(b + c) <= ab + ac] = 1

ac

ba

ba

c

01

1

1

0

0

a=1 1

1

1

01

1

1

0

0

contradiction

0

00

0 11


© HE99

,1-saturation: case-split

➤ for all (inpu t+intervenient) variables x:— 0-saturation with x=1 and x=0

— if both lead to a contradiction: -— otherwise, record information common for both

cases, proceed wi th next variable☛ breadth-first process,

2-saturation➤ 0-saturation with all combinations of 2 variables,

etc.



1-56


© HE99

ac

ba

ba

c

01

1

1

0

0

01

1

1

0

0

0

00

0 11

ac

ba

ba

c

01

1

1

0

0

0

0

1

1

a=0a=1


© HE99

.Current renaissance of SAT procedures, in particular:.Stålmarcks procedure

➤ patented algorithm (commercialized by Logikkonsult)➤ see tutorial Sheeran/Stålmarck a t FMCAD´98.

Intelligent hou se-keeping o f derived equalities in SATcheckers.very large (105) #variables tractable.application to various indu strial problems (railwayinterlock ing sys tems, engine managment units, ...).some similarity to " recursive learning" by Kunz/Pradhan



1-57


© HE99

/Different techniques are appropriate for different classesof circuits/Verification too ls combine several techniques

➤ Kuehlmann/Krohm DAC´97 (simulation, OBDD´s,structural method s)

➤ Mukherjee et al. IWLS´97 (simulation, OBDD´s,structural method s, SAT-checker)

➤ Burch/Singh al ICCAD´98 (simulation, OBDD´s,structural method s, SAT-checker)

1. logic verification - university of southern california. logic verification tutorial on formal...

Documents