Formal Methods in System Design

, Volume 50, Issue 2–3, pp 317–352 | Cite as

Symbolic trajectory evaluation for word-level verification: theory and implementation

  • Supratik ChakrabortyEmail author
  • Zurab Khasidashvili
  • Carl-Johan H. Seger
  • Rajkumar Gajavelly
  • Tanmay Haldankar
  • Dinesh Chhatani
  • Rakesh Mistry


Symbolic trajectory evaluation (STE) is a model checking technique that has been successfully used to verify many industrial designs. Existing implementations of STE reason at the level of bits, allowing signals in a circuit to take values from a lattice comprised of three elements: 0, 1, and X. This limits the amount of abstraction that can be achieved, and presents limitations to scaling STE to even larger designs. The main contribution of this paper is to show how much more abstract lattices can be derived automatically from register-transfer level descriptions, and how a model checker for the general theory of STE instantiated with such abstract lattices can be implemented in practice. We discuss several implementation issues, including how word-level circuits can be symbolically simulated using a new encoding for words that allows representing X values of sub-words succinctly. This gives us the first practical word-level STE engine, called \(\mathsf {STEWord}\). Experiments on a set of designs similar to those used in industry show that \(\mathsf {STEWord}\) scales better than bit-level STE, as well as word-level bounded model checking.


Symbolic trajectory evaluation Word-level verification SMT solving X-based abstraction Hardware verification RTL verification Invalid-bit encoding Symbolic simulation 



We thank Taly Hocherman and Dan Jacobi for their help and advice in designing a SystemVerilog symbolic simulator. We thank Ashutosh Kulkarni and Soumyajit Dey for their help in implementing and debugging \(\mathsf {STEWord}\). Rajkumar Gajavelly, Tanmay Haldankar, Dinesh Chhatani and Rakesh Mistry were supported by a research grant from Intel Corporation, which is gratefully acknowledged. Funding was provided by Intel Corporation as a research grant to IIT Bombay.


  1. 1.
    Barrett C, Conway CL, Deters M, Hadarean L, Jovanovic D, King T, Reynolds A, Tinelli C (2011) CVC4. In: Proceedings of the 23rd international conference on computer aided verification, CAV 2011, Snowbird, UT, USA, 14–20 July 2011, pp 171–177Google Scholar
  2. 2.
    Brayton R, Mishchenko A (2010) ABC: an academic industrial-strength verification tool. In: Proceedings of the 22nd international conference on computer aided verification, CAV’10. Springer, Berlin, pp 24–40Google Scholar
  3. 3.
    Brummayer R, Biere A (2009) Boolector: an efficient SMT solver for bit-vectors and arrays. In: TACAS, pp 174–177Google Scholar
  4. 4.
    Bryant RE, Seger C-JH (1990) Formal verification of digital circuits using symbolic ternary system models. In: CAV, pp 33–43Google Scholar
  5. 5.
    Bryant Randal E (1986) Graph-based algorithms for Boolean function manipulation. IEEE Trans Comput 35(8):677–691CrossRefzbMATHGoogle Scholar
  6. 6.
    Chakraborty S, Gupta A, Jain R (2017) Matching multiplications in bit-vector formulas. In: Verification, model checking and abstract interpretation (VMCAI). Springer, Berlin, pp 131–150Google Scholar
  7. 7.
    Chakraborty S, Khasidashvili Z, Seger C-JH, Gajavelly R, Haldankar T, Chhatani D, Mistry R (2015) Word-level symbolic trajectory evaluation. In: Computer-aided verification (CAV). Springer, Berlin, pp 128–143Google Scholar
  8. 8.
    Cimatti A, Griggio A, Schaafsma B, Sebastiani R (2013) The MathSAT5 SMT solver. In: Piterman N, Smolka S (eds) Proceedings of TACAS, volume 7795 of LNCS. Springer, BerlinGoogle Scholar
  9. 9.
    Cimatti A, Griggio A, Schaafsma B, Sebastiani R (2013) The MathSAT5 SMT solver. In: Piterman N, Smolka S (eds) Proceedings of TACAS, volume 7795 of LNCS. Springer, BerlinGoogle Scholar
  10. 10.
    Dutertre B (2014) Yices 2.2. In: Biere A, Bloem R (eds) Computer-aided verification (CAV’2014), volume 8559 of Lecture notes in computer science, pp 737–744. Springer, BerlinGoogle Scholar
  11. 11.
    Dutertre B, De Moura L (2006) The yices SMT solver. Tool paper at, 2(2)
  12. 12.
    Eén N, Sörensson N (2012) The minisat pageGoogle Scholar
  13. 13.
    Emerson EA (1995) Temporal and modal logic. In: Hanbook of theoretical computer science, pp 995–1072. Elsevier, AmsterdamGoogle Scholar
  14. 14.
    IEEE standard for SystemVerilog—unified hardware design, specification, and verification language. IEEE Std 1800-2012 (Revision of IEEE Std 1800-2009), pp 1–1315 (2013)Google Scholar
  15. 15.
    Jha S, Limaye R, Seshia SA (2009) Beaver: engineering an efficient SMT solver for bit-vector arithmetic. In: Proceedings of the 21st international conference on computer aided verification, CAV 2009, Grenoble, France, June 26–July 2, 2009, pp 668–674Google Scholar
  16. 16.
    Johannsen P (2001) Reducing bitvector satisfiability problems to scale down design sizes for RTL property checking. In: HLDVT, pp 123–128Google Scholar
  17. 17.
    Jones RB, O’Leary JW, Seger C-JH, Aagaard M, Melham TF (2001) Practical formal verification in microprocessor design. IEEE Des Test Comput 18(4):16–25CrossRefGoogle Scholar
  18. 18.
    Kaivola R, Ghughal R, Narasimhan N, Telfer A, Whittemore J, Pandav S, Slobodová A, Taylor C, Frolov V, Reeber E, Naik A (2009) Replacing testing with formal verification in intel \(\text{Core}^\text{ TM }\) i7 processor execution engine validation. In: CAV, pp 414–429Google Scholar
  19. 19.
    KiranKumar VMA, Gupta A, Ghughal R (2012) Symbolic trajectory evaluation: the primary validation vehicle for next generation intel\(^{\textregistered }\) processor graphics fpu. In: FMCAD, pp 149–156Google Scholar
  20. 20.
    Kroening D, Strichman O (2008) Decision procedures: an algorithmic point of view. Texts in theoretical computer science. An EATCS series. Springer, BerlinGoogle Scholar
  21. 21.
    Malvar HS, Li-Wei H, Cutler R (2004) High-quality linearinterpolation for demosaicing of Bayer-patterned color images. In: ICASSP, vol 3, pp 485–488Google Scholar
  22. 22.
    Roorda J-W, Claessen K (2005) A new SAT-based algorithm for symbolic trajectory evaluation. In: CHARME, pp 238–253Google Scholar
  23. 23.
    Seger C-JH, Bryant RE (1995) Formal verification by symbolic evaluation of partially-ordered trajectories. Form Methods Syst Des 6(2):147–189CrossRefGoogle Scholar
  24. 24.
    Seger C-JH, Jones RB, O’Leary JW, Melham TF, Aagaard M, Barrett C, Syme D (2005) An industrially effective environment for formal hardware verification. IEEE Trans CAD Integr Circuits Syst 24(9):1381–1405CrossRefGoogle Scholar
  25. 25.
    Somenzi F (2012) CUDD: CU decision diagram package-release 2.5.0. University of Colorado at BoulderGoogle Scholar
  26. 26.
    Stump A, Barrett CW, Dill DL (2001) A decision procedure for an extensional theory of arrays. In: Logic in computer science (LICS). IEEE Computer Society, pp 29–37Google Scholar

Copyright information

© Springer Science+Business Media New York 2017

Authors and Affiliations

  1. 1.Department of Computer Science and EngineeringIIT BombayMumbaiIndia
  2. 2.Intel IDCHaifaIsrael
  3. 3.Department of Computer Science and EngineeringChalmers University of TechnologyGothenburgSweden

Personalised recommendations