Formal Methods in System Design

, Volume 51, Issue 2, pp 395–418 | Cite as

A methodology to take credit for high-level verification during RTL verification

  • Frederic Doucet
  • Robert Kurshan


High-level verification and synthesis of SystemC models has become increasingly popular as a means to reduce the high RTL verification cost of today’s complex designs. However, the saving derived from performing verification at a higher level of abstraction is largely negated if the RTL then must be completely reverified. We demonstrate how global (system-level) properties may be verified at a behavioral level in a manner that reduces the required RTL verification. Our methodology entails using high-level control models together with semantic stubs for control and data-path refinements. The consequence is that cover goals met during high-level verification are then “virtually” met (in a semantically sound fashion) for RTL verification, and need not be re-established in the RTL. Moreover, it can be significantly more efficient (in terms of required verification cycles) to meet these cover goals at the higher level. This can lead both to less costly verification and earlier debug, providing a better structured, faster and more reliable path to implementation than is possible through conventional RTL verification.


SystemC High-level synthesis Micro-architecture High-level verification Coverage Abstraction Refinement 



We thank the reviewers for their very helpful suggestions.


  1. 1.
    Kurshan RP (1994) Computer-aided verification of coordinating processes. Princeton University Press, PrincetonzbMATHGoogle Scholar
  2. 2.
    Kurshan RP (2008) Verification technology transfer. In: 25 Years of model checking, LNCS no. 5000, Springer, pp 46–64Google Scholar
  3. 3.
    Bloem R, Jacobs S, Khalimov A, Konnov I, Rubin S, Veith H, Widder J (2016) Decidability of parameterized verification. ACM SIGACT News 47(2):53–64CrossRefMathSciNetGoogle Scholar
  4. 4.
    Konnov I, Kotek T, Wang Q, Veith H, Bliudze S, Sifakis J (2016) Parameterized systems in BIP: design and model checking. In: Desharnais J, Jagadeesan R (eds) 27th International conference on concurrency theory (CONCUR 2016), volume 59 of Leibniz international proceedings in informatics (LIPIcs). Schloss Dagstuhl–Leibniz-Zentrum fuer Informatik, pp 30:1–30:16Google Scholar
  5. 5.
    Bloem R, Jacobs S, Khalimov A, Konnov I, Rubin S, Veith H, Widder J (2015) Decidability of parameterized verification. Synth Lect Distributed Comput Theory 6:1–170CrossRefGoogle Scholar
  6. 6.
    Aminof B, Kotek T, Rubin S, Spegni F, Veith H (2014) Parameterized model checking of rendezvous systems. In: Baldan P, Gorla D (eds) CONCUR 2014: concurrency theory, volume 8704 of lecture notes in computer science. Springer, Berlin, Heidelberg, pp 109–124Google Scholar
  7. 7.
    John A, Konnov I, Schmid U, Veith H, Widder J (2013) Parameterized model checking of fault-tolerant distributed algorithms by abstraction. In: FMCAD, pp. 201–209Google Scholar
  8. 8.
    Berry G, Kishinevsky M, Singh S (2003) System-level design and verification using a synchronous language. In: ICCAD ’03: proceedings of the 2003 IEEE/ACM international conference on Computer-aided design. IEEE Computer Society, Washington, DC, USA, p 433Google Scholar
  9. 9.
    Berry G, Gonthier G (1992) The Esterel synchronous programming language: design, semantics, implementation. Sci Comput Program 19(2):87–152CrossRefzbMATHGoogle Scholar
  10. 10.
    Berry G (2000) The foundations of Esterel. MIT Press, CambridgeGoogle Scholar
  11. 11.
    Harel D (1987) Statecharts: a visual formalism for complex systems. Sci Comput Program 8(3):231–274CrossRefzbMATHMathSciNetGoogle Scholar
  12. 12.
    Harel D, Naamad A (1996) The STATEMATE semantics of statecharts. ACM Trans Softw Eng Methodol 5(4):293–333CrossRefGoogle Scholar
  13. 13.
    Alur R, Henzinger TA (1999) Reactive modules. Form Methods Syst Des 15(1):7–48CrossRefGoogle Scholar
  14. 14.
    Alur R, Grosu R (2000) Modular refinement of hierarchical reactive machines. In: POPL ’00: proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages. ACM Press, New York, NY, USA, pp 390–402Google Scholar
  15. 15.
    Alur R, Grosu R (2004) Modular refinement of hierarchic reactive machines. ACM Trans Program Lang Syst 26(2):339–369CrossRefzbMATHGoogle Scholar
  16. 16.
    Abdi S, Gajski D (2004) System-level verification with model algebra. CECS, UCI, Technical Report 04-29Google Scholar
  17. 17.
    Abdi S (2005) Functional verification of system-level model refinements. Ph.D. dissertation, University of California, IrvineGoogle Scholar
  18. 18.
    Abdi S, Gajski D (2006) Verification of system-level model transformations. Int J Parallel Program 34(1):29–59CrossRefzbMATHGoogle Scholar
  19. 19.
    Berry G, Ramesh S, Shyamasundar RK (1993) Communicating Reactive Processes. In: POPLGoogle Scholar
  20. 20.
    Kollmann R, Gogolla M (2001) Capturing dynamic program behaviour with UML collaboration diagrams. In: Proceedings fifth European conference on software maintenance and reengineering, Lisbon, pp 58–67Google Scholar
  21. 21.
    Cartaxo EG, Neto FGO, Machado PDL (2007) Test case generation by means of UML sequence diagrams and labeled transition systems. In: 2007 in Proceedings of IEEE international conference on systems, man and cybernetics, Montreal, pp 1292–1297Google Scholar
  22. 22.
    Broy M, Krüger I, Meisinger M (2004) Automotive software-connected services in mobile networks: first automotive software workshop, ASWSD 2004, San Diego, CA, USA, January 10–12, 2004, Revised selected papers, Broy M, Krüger I, Meisinger M (eds), Lecture Notes in Computer Science. Springer, Berlin, Heidelberg, 2006Google Scholar
  23. 23.
    Seiter J, Wille R, Kahne U, Drechsler R (2014) Automatic refinement checking for formal system models. In: Proceedings of the 2014 forum on specification and design languages (FDL), Munich, pp 1–8Google Scholar
  24. 24.
    Groetker T, Liao S, Martin G, Swan S (2002) System design with SystemC. Kluwer Academic Publishers, DordrechtGoogle Scholar
  25. 25.
    Flaisher A, Gluska A, Singerman E (2007) Case study: integrating fv and dv in the verification of the intel core 2 duo microprocessor. In: FMCAD ’07: proceedings of the formal methods in computer aided design. IEEE Computer Society, Washington, DC, USA, pp 192–195Google Scholar
  26. 26.
    Beers R (2008) Pre-RTL formal verification: an intel experience. In: DAC ’08: proceedings of the 45th annual design automation conference. ACM, New York, NY, USA, pp 806–811Google Scholar
  27. 27.
    Gluska A, Libis L (2009) Shortening the verification cycle with synthesizable abstract models. In: DAC ’09: proceedings of the 46th annual design automation conference. ACM, New York, NY, USA, pp 454–459Google Scholar
  28. 28.
    Grobe D, Peraza H, Klingauf W, Drechsler R (2008) Measuring the quality of a SystemC Testbench by using code coverage techniques. In: Embedded systems specification and design languages: selected contributions from FDL’07. Springer, Netherlands, pp 73–86Google Scholar
  29. 29.
    Herber P, Glesner S (2013) A HW/SW co-verification framework for SystemC. ACM Trans Embed Comput Syst 12(1s):61Google Scholar
  30. 30.
    Junior AD, da Silva DJC (2007) Code-coverage based test vector generation for SystemC designs. In: IEEE computer society annual symposium on VLSI (ISVLSI ’07), Porto Alegre, pp 198–206Google Scholar
  31. 31.
    Lin B, Yang Z, Cong K, Xie F (2016) Generating high coverage tests for SystemC designs using symbolic execution. In: Design automation conference (ASP-DAC) 2016 21st Asia and South Pacific, pp 166–171Google Scholar

Copyright information

© Springer Science+Business Media, LLC 2017

Authors and Affiliations

  1. 1.Qualcomm Technologies, Inc.San JoseUSA
  2. 2.New YorkUSA

Personalised recommendations