compositional correctness of ip based system design
play

Compositional correctness of IP-based system design: Translating - PowerPoint PPT Presentation

Feb 04, 2023 •269 likes •526 views

Compositional correctness of IP-based system design: Translating C/C++ Models into SIGNAL Processes Rennes, November 04, 2005 Hamoudi Kalla and Jean-Pierre Talpin Espresso Team Outline Introduction Preliminaries Translating C/C++

  1. Compositional correctness of IP-based system design: Translating C/C++ Models into SIGNAL Processes Rennes, November 04, 2005 Hamoudi Kalla and Jean-Pierre Talpin Espresso Team

  2. Outline � Introduction � Preliminaries � Translating C/C++ Models into SIGNAL Processes � Principles � Example � Implementation � Conclusion and Future works 2

  3. Introduction C/C++ System Design Validation � Simulators and test tools � They may not cover all design errors � We need formal verification to ensure the quality of system designs � we need formal models 3

  4. System Design Validation Using Formal Models Our Methodology C/C++ Models C/C++ Models automatic translation Formal Models : Formal Models : SIGNAL processes SIGNAL processes 4

  5. Preliminaries � Control Data-Flow Graph (CDFG) � Single Statement Assignment (SSA) 5

  6. Preliminaries Control Data Flow Graph � Represents a procedure or a program as a directed graph G=(V, E), where the set V represents control flow nodes and E represents jumps in the control flow � Control Flow nodes are Basic blocks, Test blocks, and Join Blocks 6

  7. Preliminaries Control Data Flow Graph: Nodes int example(int a, int b, int c) { int x, y, z, result; y = a * b; z = a * c; if (y>z) x = y – z; else x = z – y; result = x * a; return result; } C/C++ program CDFG 7

  8. Preliminaries Control Data Flow Graph: Nodes � Basic Blocks (BB) are instructions without any jumps. � Test blocks (T) describe conditional branching expressions. � Join blocks (J) represent the end of conditional branches. CDFG 8

  9. Preliminaries Single Statement Assignment (SSA) Form � SSA is a form of Control Data Flow Graph that allows optimizations to be done efficiently and easily � In SSA, every variable receives exactly one assignment during its lifetime … … x = a * b; SSA x1 = a * b; x = a * c; x2 = a * c; … … 9

  10. Preliminaries Single Statement Assignment (SSA) Form New function its associated Static Single Control Data Flow Graph Assignment form 10

  11. Translating C/C++ Models into SIGNAL Processes C/C++ Models C/C++ Models SSA Form GCC ? SIGNAL processes SIGNAL processes 11

  12. Translating C/C++ Models into SIGNAL Processes C/C++ Models C/C++ Models functions f 1 , …, f n f 1 � SSA 1 GCC … ? f n � SSA n … SSA 1 � process 1 … SSA n � process n SIGNAL processes SIGNAL processes 12

  13. Translating C/C++ Models into SIGNAL Processes Principle Encode nodes, edges, assignment statement, conditional branching, and Ф function Function f Process f (SSA) (SIGNAL) 13

  14. Translating C/C++ Models into SIGNAL Processes Encoding SSA Nodes (blocks) Boolean BB1, T2, BB2, x BB3, J1, BB4; Instants t1 t2 t3 t4 t5 … t1 t2 t3 t4 t5 … BB1 true false false false false … BB1 true false false false false … T2 false true false false false … T2 false true false false false … BB2 false false true false false … BB2 false false true false false … blocks BB3 false false false true false … BB3 false false false true false … J1 false false false false true … J1 false false false false true … BB4 false false false false true … BB4 false false false false true … 14

  15. Translating C/C++ Models into SIGNAL Processes Encoding SSA Edges : for Basic and Test blocks B1 | B2 : = true when pre_B1 default false B2 | pre_B1 : = B1$ init false t1 t2 t3 t4 t5 … t1 t2 t3 t4 t5 … B1 true false false false false … B1 true false false false false … pre_B1 false true false false false … pre_B1 false true false false false … B2 false true false false false … B2 false true false false false … 15

  16. Translating C/C++ Models into SIGNAL Processes Encoding SSA Edges : for Join blocks B1 B2 | J1 : = true when pre_B1 default true when pre_B2 default J1 false t1 t2 t3 t4 t5 … t1 t2 t3 t4 t5 … pre_B2 false true false false false … pre_B2 false true false false false … pre_B1 false false false false false … pre_B1 false false false false false … J1 false false true false false … J1 false false true false false … 16

  17. Translating C/C++ Models into SIGNAL Processes Encoding Assignment Statement B1 | x1 : = ( y1 + z1 ) when B1 default x1$ X1 = y1 + z1 X1 = y1 + z1 t1 t2 t3 t4 t5 … t1 t2 t3 t4 t5 … B1 false true false false false false … B1 false true false false false false … Pre_B1 false false true false false false … Pre_B1 false false true false false false … x1 0 5 5 5 5 5 … x1 0 5 5 5 5 5 … y1 2 2 2 2 2 2 … y1 2 2 2 2 2 2 … z1 3 3 3 3 3 3 … z1 3 3 3 3 3 3 … 17

  18. Translating C/C++ Models into SIGNAL Processes Encoding Conditional Branching Statement T1 | test1 : = (x>y) when T1default false If (x>y) goto B1; If (x>y) goto B1; | pre_test1 : = test1$ init false else goto B2; else goto B2; | B1 : = true when pre_test1 B1 B2 when pre_T1 default false | B2 : = true when not pre_test1 when pre_T1 default false t1 t2 t3 t4 t5 … t1 t2 t3 t4 t5 … T1 false true false false false … T1 false true false false false … pre_T1 false false true false false … pre_T1 false false true false false … Test1 false true false false false … Test1 false true false false false … pre_test1 false false true false false … pre_test1 false false true false false … B1 false false true false false … B1 false false true false false … B2 false false false false false … B2 false false false false false … 18

  19. Translating C/C++ Models into SIGNAL Processes Encoding Ф Function B1 B2 X1 = … X2 = … X1 = … X2 = … J1 | x3 : = x1 when pre_B1 default x2 X3 = Ф (x1,x2) X3 = Ф (x1,x2) B3 Y = x3 + … Y = x3 + … 19

  20. Translating C/C++ Models into SIGNAL Processes Encoding Loop Statement : Blocks B0 … … | test1 : = (x>y) when T1default false J1 | pre_test1 : = test1$ init false … … T1 | T1 : = true when pre_B0 default If (x>y) goto B1; If (x>y) goto B1; true when pre_B1 default false else goto B2; else goto B2; | B1 : = true when pre_test1 B1 when pre_T1 default false … … B2 | B2 : = true when not pre_test1 … … when pre_T1 default false 20

  21. Translating C/C++ Models into SIGNAL Processes Encoding Loop Statement : statements B0 | i1 : = 1 when B0 default i1$ i1 := 1 i1 := 1 J1 | i2 : = i1 when pre_B0 default i3 i2 := Ф (i1,i3) i2 := Ф (i1,i3) T1 If (i2<10) goto B1; If (i2<10) goto B1; else goto B2; else goto B2; B1 | i3 : = i2$ +1 when pre_B1 default i3$ i3 := i2 + 1 i3 := i2 + 1 B2 … … 21

  22. Translating C/C++ Models into SIGNAL Processes Encoding pointers (1) B0 X = 10 X = 10 x = 10; T1 SSA if (T) p = &x ; If (T) goto B1; If (T) goto B1; else goto B2; else p = &y ; else goto B2; z = *p; B1 B2 p1 = &x p2 = &y p1 = &x p2 = &y Signal J1 p3 = Ф (p1,p2) p3 = Ф (p1,p2) p = (p_tag,p_star) p_tag = 0 � p = &x B3 p_start = x z = *p3 z = *p3 p_tag = 1 � p = &y p_start = y 22

Recommend

Proving Correctness of a KRK Chess Endgame Strategy by SAT-based Constraint Solving Marko

Proving Correctness of a KRK Chess Endgame Strategy by SAT-based Constraint Solving Marko

Introduction Reduction to SAT and URSA system Chess Endgame Strategies and Bratkos Strategy for KRK URSA Specification of KRK Endgame and of Strategy Correctness of Strategy Discussion and Conclusions Proving Correctness of a KRK Chess

390 views • 27 slides
Asynchronous system design flow based on Petri nets Microelectronics System Design Research Group

Asynchronous system design flow based on Petri nets Microelectronics System Design Research Group

Asynchronous system design flow based on Petri nets Microelectronics System Design Research Group School of Electrical, Electronic and Computer Engineering University of Newcastle upon Tyne DATE-2005 Asynchronous system design flow based on

741 views • 49 slides
Avionics Compositional System of Systems Simulation and Modeling Tool Chain ASSIST October 28,

Avionics Compositional System of Systems Simulation and Modeling Tool Chain ASSIST October 28,

Avionics Compositional System of Systems Simulation and Modeling Tool Chain ASSIST October 28, 2019 Tool Expo for Model Based Embedded Systems Development Contact Information: Phillip Suematsu, Dhruv Monga, Howard Warner, Juan Gutierrez

220 views • 20 slides
Cap6 Snoop-based Multiprocessor Design Design Goals Performance and cost depend on design and

Cap6 Snoop-based Multiprocessor Design Design Goals Performance and cost depend on design and

Cap6 Snoop-based Multiprocessor Design Design Goals Performance and cost depend on design and implementation too Adaptado dos slides da editora por Mario Crtes IC/Unicamp Goals Correctness High Performance Minimal Hardware

690 views • 58 slides
A Compositional Logic A Compositional Logic for Control Flow for Control Flow Gang Tan, Boston

A Compositional Logic A Compositional Logic for Control Flow for Control Flow Gang Tan, Boston

A Compositional Logic A Compositional Logic for Control Flow for Control Flow Gang Tan, Boston College g , g Andrew W. Appel, Princeton University Jan 8 2006 Jan 8, 2006 1 Mobile Code Security Protect trusted system against

561 views • 26 slides
Snoop-based Multiprocessor Design Design Goals Performance and cost depend on design and

Snoop-based Multiprocessor Design Design Goals Performance and cost depend on design and

Snoop-based Multiprocessor Design Design Goals Performance and cost depend on design and implementation too Goals Correctness High Performance Minimal Hardware Often at odds High Performance =&gt; multiple outstanding low-level

1.51k views • 57 slides
Cap6 Snoop-based Multiprocessor Design Design Goals Adaptado dos slides da editora por Mario

Cap6 Snoop-based Multiprocessor Design Design Goals Adaptado dos slides da editora por Mario

Cap6 Snoop-based Multiprocessor Design Design Goals Adaptado dos slides da editora por Mario Crtes IC/Unicamp 2009s2 Performance and cost depend on design and implementation too Goals Correctness High Performance Minimal

733 views • 58 slides
SECURIFY: A COMPOSITIONAL APPROACH OF BUILDING SECURITY VERIFIED SYSTEM Liu Yang, Associate

SECURIFY: A COMPOSITIONAL APPROACH OF BUILDING SECURITY VERIFIED SYSTEM Liu Yang, Associate

1 SECURIFY: A COMPOSITIONAL APPROACH OF BUILDING SECURITY VERIFIED SYSTEM Liu Yang, Associate Professor, NTU SG-CRC 2018 28 March 2018 2 Securify Approach Compositional Security Securify Architecture Reasoning with Untrusted Components

418 views • 13 slides
Introducing Design Pattern-based Abstract Modeling Construct as a Software Architecture

Introducing Design Pattern-based Abstract Modeling Construct as a Software Architecture

Outline Introduction Integration Problem Need Theory Practice Process Case Study Conclusion Notes Introducing Design Pattern-based Abstract Modeling Construct as a Software Architecture Compositional Technique Sargon Hasso 1 and C. R.

665 views • 22 slides
Proving Program Correctness The Axiomatic Approach What is Correctness? Correctness:

Proving Program Correctness The Axiomatic Approach What is Correctness? Correctness:

3/10/10 Proving Program Correctness The Axiomatic Approach What is Correctness? Correctness: partial correctness + termination Partial correctness: Program implements its specification 1 3/10/10 Proving Partial Correctness

420 views • 13 slides
K V 5 S 4 T 3 A P Path 1 2 1 0 0 200 400 600 800 1000 T (deg C) B. Two

K V 5 S 4 T 3 A P Path 1 2 1 0 0 200 400 600 800 1000 T (deg C) B. Two

A. One component system (c = 1) Example: SiO 2 system. Since all phases in this system have the same composition, there are no compositional variables to consider. Phase equilibria can be shown completely on a pressure (P) versus temperature (T)

273 views • 9 slides
Outline Introduction System Design Overview of AutoT une Design of AutoT une

Outline Introduction System Design Overview of AutoT une Design of AutoT une

AutoTune: Game-based Adaptive Bitrate Streaming in P2P-Assisted Cloud-Based VoD Systems Yuhua Lin and Haiying Shen Dept. of Electrical and Computer Engineering Clemson University, SC, USA Outline Introduction System Design Overview of

632 views • 27 slides
Learning Dependency-Based Compositional Semantics Semantic Representations for Textual Inference

Learning Dependency-Based Compositional Semantics Semantic Representations for Textual Inference

Learning Dependency-Based Compositional Semantics Semantic Representations for Textual Inference Workshop Mar. 10, 2012 Percy Liang Google/Stanford joint work with Michael Jordan and Dan Klein Motivating Problem: Question Answering 2

1.74k views • 142 slides
Objects, Design, and Concurrency Achieving and Maintaining Correctness in the Face of Change

Objects, Design, and Concurrency Achieving and Maintaining Correctness in the Face of Change

Principles of Software Construction: Objects, Design, and Concurrency Achieving and Maintaining Correctness in the Face of Change Pt. 2 Josh Bloch Charlie Garrod School of Computer Science 15-214 1 Outline Java programming basics -

879 views • 84 slides
Correctness? Principles of Software Construction: Learning Goals Objects, Design, and

Correctness? Principles of Software Construction: Learning Goals Objects, Design, and

Correctness? Principles of Software Construction: Learning Goals Objects, Design, and Concurrency Integrating unit testing into the development (Part 2: Designing (Sub-)Systems) process Understanding and applying coverage metrics More

293 views • 8 slides
Simplifying Game-Based Definitions Indistinguishability up to correctness and its application to

Simplifying Game-Based Definitions Indistinguishability up to correctness and its application to

Simplifying Game-Based Definitions Indistinguishability up to correctness and its application to stateful AE Phillip Rogaway Yusi (James) Zhang University of California, Davis, USA C RYPTO 2018 1. Introduction 2. IND|C 3. Examples 1

523 views • 20 slides
Compositional Certification for MILS John Rushby Computer Science Laboratory SRI International

Compositional Certification for MILS John Rushby Computer Science Laboratory SRI International

Compositional Certification for MILS John Rushby Computer Science Laboratory SRI International Menlo Park CA USA John Rushby, SR I Compositional Cert for MILS: 1 Intuitive Security Architecture Almost all system designs are portrayed in

548 views • 28 slides
Part Sizes of Smooth Supercritical Compositional Structures Part Sizes of Smooth Supercritical

Part Sizes of Smooth Supercritical Compositional Structures Part Sizes of Smooth Supercritical

Part Sizes of Smooth Supercritical Compositional Structures Part Sizes of Smooth Supercritical Compositional Structures Jason Z. Gao Carleton University, Ottawa, Canada Based on joint work with Ed Bender A simple example Ordinary compositions:

824 views • 50 slides
Traditional Model Based System Requirements are incomplete and Requirements not integrated in

Traditional Model Based System Requirements are incomplete and Requirements not integrated in

Traditional Model Based System Requirements are incomplete and Requirements not integrated in the design process Control System Design Analysis Program Design Coding Errors found too late in the process while exhausting expensive

233 views • 21 slides
Compositional Certification John Rushby Computer Science Laboratory SRI International Menlo

Compositional Certification John Rushby Computer Science Laboratory SRI International Menlo

Compositional Certification John Rushby Computer Science Laboratory SRI International Menlo Park CA USA John Rushby, SR I Compositional Certification: 1 Systems, Components, and Properties Security, for example, is a system property

522 views • 17 slides
SentiBERT: A Transferable Transformer-based Architecture for Compositional Sentiment Semantics Da

SentiBERT: A Transferable Transformer-based Architecture for Compositional Sentiment Semantics Da

SentiBERT: A Transferable Transformer-based Architecture for Compositional Sentiment Semantics Da Yin 1 , Tao Meng 2 , Kai-Wei Chang 2 1 Peking University 2 University of California, Los Angeles 1 Motivation Sentiment composition is

1.28k views • 13 slides
Evaluating Neural Word Representations in Tensor- Based Compositional Settings Dmitrijs Milajevs

Evaluating Neural Word Representations in Tensor- Based Compositional Settings Dmitrijs Milajevs

Evaluating Neural Word Representations in Tensor- Based Compositional Settings Dmitrijs Milajevs QM , Dimitri Kartsaklis OX , Mehrnoosh Sadrzadeh QM , Matthew Purver QM QM Queen Mary University of London OX University of Oxford School of

466 views • 25 slides
Design of a UAV-based Hyperspectral Scanning System and Application in Agricultural and

Design of a UAV-based Hyperspectral Scanning System and Application in Agricultural and

Design of a UAV-based Hyperspectral Scanning System and Application in Agricultural and Environmental Research Harm Bartholomeus, Juha Suomalainen, Jappe Franke*, Lammert Kooistra Wageningen University, the Netherlands *Alterra, the

795 views • 23 slides
Refinement Calculus for Compositional System Reasoning Viorel Preoteasa Joint work with Stavros

Refinement Calculus for Compositional System Reasoning Viorel Preoteasa Joint work with Stavros

Relational Interfaces and Refinement Calculus for Compositional System Reasoning Viorel Preoteasa Joint work with Stavros Tripakis and Iulia Dragomir 08.12.2015 Computational Logic Day 2015 1 Overview Motivation General refinement

341 views • 20 slides

More recommend