Verification of Parameterised FPGA Circuit Descriptions with Layout ...
Share Embed Flag
Download ePaper

Verification of Parameterised FPGA Circuit Descriptions with Layout ...

Verification of Parameterised FPGA Circuit Descriptions with Layout ... Verification of Parameterised FPGA Circuit Descriptions with Layout ...

doc.ic.ac.uk
from doc.ic.ac.uk More from this publisher
24.04.2013 Views

CHAPTER 4. VERIFYING CIRCUIT LAYOUTS 92 Block Type Theorems Intervention Required id Wiring 2 dash Wiring 2 dstl Composite wiring 5 Expand definition of mfork dstr Composite wiring 5 Expand definition of mfork pair Composite wiring 3 rcomp (R n ) Combinator 4 tri ( ) Combinator 4 irt ( ˜ ) Combinator 4 Manual containment & intersection beside (R↔S) Combinator 5 row Combinator 4 conjugate (R\S) Combinator 3 Handling of series composition 2 conjugate2 (R \S) Combinator 3 Handling of series composition Table 4.1: Statistics on the layout proofs for some of the prelude library blocks is slower than the tactical-only approach, requiring 1 minute 11 seconds to execute the full proofs. However, we are more interested in the amount of human intervention required to prove layouts rather than CPU run-time, so long as it remains reasonably low. 4.6.3 Building a Library Because the prelude library is used in virtually every Quartz circuit description it is desirable to not only prove its layout correct but also to ensure that the theorems the proofs make available are formatted in the most appropriate format to ease later proofs. This involves re-phrasing the height ge0 and width ge0 theorems for each block to remove unnecessary assumptions, since these would be unnecessary proof burdens on any later proof. At the same time we are also able to simplify the auto-generated proof scripts to remove redundant proof commands. Once final proof scripts for the prelude library are completed they are compiled into an Isabelle heap image that can be loaded directly in the same way as the HOL base system or the QuartzLayout library. This means that blocks which use prelude theories do not need to run the proofs before they can be used. In the Quartz placed prelude library all blocks are given the “layout-proved” attribute, indicating to the layout verification modules of the compiler that proof scripts do not need to be generated for them. 2 The application of the series composition decomposition theorems should be automated when supplied to auto, however the proof tools do not always apply them correctly.

CHAPTER 4. VERIFYING CIRCUIT LAYOUTS 93 R (3) R (2) R (1) R (0) (a) imap 4 R R (0) R (1) R (2) R (3) (b) irow 4 R Figure 4.13: Index operators R (3,0) R (3,1) R (3,2) R (2,0) R (2,1) R (2,2) R (1,0) R (1,1) R (1,2) R (0,0) R (1,0) R (2,0) (c) igrid 3,4 R The full definitions and proofs for some of the prelude library blocks are given in Appen- dix C.1. This appendix omits all wiring blocks, where proofs are usually trivial and many blocks where the block structures are very similar and thus the proofs identical to others (such as col, which is very similar to row ). 4.7 Proving Other Combinators While the prelude library consists of some extremely useful constructs, most of the blocks in it are quite simple. In Chapter 6 we will investigate the effectiveness of our verification framework when applied to full circuit descriptions, however we are also interested in the ease with which we can prove other useful libraries of combinators. 4.7.1 Index Operators The index operators are versions of some of the standard Quartz prelude blocks which pa- rameterise their blocks with an integer parameter. For example, the index-map combinator imap n R is similar to map n R except the it instantiates instances of R parameterised with 0, 1, . . .,n − 1 as shown in Figure 4.13(a). Operations such as irow n R (Figure 4.13(b)) and igrid n R (Figure 4.13(c)) correspond to rown R and grid n R respectively. The index operators are particularly important examples for our system because the extra parameterisation of the R block could lead to the size of each instance of R being different.

CHAPTER 4. VERIFYING CIRCUIT LAYOUTS 92<br />

Block Type Theorems Intervention Required<br />

id Wiring 2<br />

dash Wiring 2<br />

dstl Composite wiring 5 Expand definition <strong>of</strong> mfork<br />

dstr Composite wiring 5 Expand definition <strong>of</strong> mfork<br />

pair Composite wiring 3<br />

rcomp (R n ) Combinator 4<br />

tri ( ) Combinator 4<br />

irt ( ˜ ) Combinator 4 Manual containment & intersection<br />

beside (R↔S) Combinator 5<br />

row Combinator 4<br />

conjugate (R\S) Combinator 3 Handling <strong>of</strong> series composition 2<br />

conjugate2 (R \S) Combinator 3 Handling <strong>of</strong> series composition<br />

Table 4.1: Statistics on the layout pro<strong>of</strong>s for some <strong>of</strong> the prelude library blocks<br />

is slower than the tactical-only approach, requiring 1 minute 11 seconds to execute the full<br />

pro<strong>of</strong>s. However, we are more interested in the amount <strong>of</strong> human intervention required to<br />

prove layouts rather than CPU run-time, so long as it remains reasonably low.<br />

4.6.3 Building a Library<br />

Because the prelude library is used in virtually every Quartz circuit description it is desirable<br />

to not only prove its layout correct but also to ensure that the theorems the pro<strong>of</strong>s make<br />

available are formatted in the most appropriate format to ease later pro<strong>of</strong>s.<br />

This involves re-phrasing the height ge0 and width ge0 theorems for each block to remove<br />

unnecessary assumptions, since these would be unnecessary pro<strong>of</strong> burdens on any later pro<strong>of</strong>.<br />

At the same time we are also able to simplify the auto-generated pro<strong>of</strong> scripts to remove<br />

redundant pro<strong>of</strong> commands.<br />

Once final pro<strong>of</strong> scripts for the prelude library are completed they are compiled into an<br />

Isabelle heap image that can be loaded directly in the same way as the HOL base system or<br />

the Quartz<strong>Layout</strong> library. This means that blocks which use prelude theories do not need<br />

to run the pro<strong>of</strong>s before they can be used. In the Quartz placed prelude library all blocks<br />

are given the “layout-proved” attribute, indicating to the layout verification modules <strong>of</strong> the<br />

compiler that pro<strong>of</strong> scripts do not need to be generated for them.<br />

2 The application <strong>of</strong> the series composition decomposition theorems should be automated when supplied<br />

to auto, however the pro<strong>of</strong> tools do not always apply them correctly.

logo

products

Resources

Company

Terms of service
Privacy policy
Cookie policy
Cookie settings
Imprint
Change language
Made with love in Switzerland
© 2024 Yumpu.com all rights reserved

Hooray! Your file is uploaded and ready to be published.

Saved successfully!

Ooh no, something went wrong!