Chapter 7 - Model Checking on Higher-Level Design Descriptions

Abstract

This chapter presents a model checking with abstraction method that mainly checks synchronization properties for concurrent processes. Synchronization properties are very important for ensuring that the concurrent computations, which are essential for HW/SW co-designs or high-level designs in general, are performed in the way that designers intend. By using synchronization verification methods for system-level designs, designers can make sure the behaviors on concurrent processes are within the behaviors that they intend. In the case of synchronization verification, the timing constraints can be formulated with equalities/inequalities that can be solved by integer linear programming (ILP) tools. This approach, along with abstractions of the design descriptions, can potentially deal with very large design descriptions, since no state traversals are required for the verification. The verification presented consists of two steps. First, the reachability of an error state in the absence of timing constraints is computed. Then, if a path to an error state exists, its feasibility is checked by using the ILP solver to evaluate the timing constraints along the path. This approach can drastically increase the size of the designs that can be verified. Abstraction and abstraction refinement techniques based on the Counterexample-Guided Abstraction Refinement (CEGAR) paradigm are applied so that entire synchronization verification processes can be automated. Methods to refine abstractions are presented with experimental results.