verifying large multipliers by combining sat and computer
play

VERIFYING LARGE MULTIPLIERS BY COMBINING SAT AND COMPUTER ALGEBRA - PowerPoint PPT Presentation

VERIFYING LARGE MULTIPLIERS BY COMBINING SAT AND COMPUTER ALGEBRA Daniela Kaufmann, Armin Biere and Manuel Kauers Johannes Kepler University Linz, Austria FMCAD 2019 October 23, 2019 San Jose, CA, USA Circuits Given: Gate-level multiplier for


  1. VERIFYING LARGE MULTIPLIERS BY COMBINING SAT AND COMPUTER ALGEBRA Daniela Kaufmann, Armin Biere and Manuel Kauers Johannes Kepler University Linz, Austria FMCAD 2019 October 23, 2019 San Jose, CA, USA

  2. Circuits Given: Gate-level multiplier for fixed bit-width n . a 1 b 1 a 0 b 1 a 1 b 0 a 0 b 0 Question: For all possible a i , b i ∈ B : g 1 g 2 g 3 (2 a 1 + a 0 ) ∗ (2 b 1 + b 0 ) = 8 s 3 + 4 s 2 + 2 s 1 + s 0 ? g 4 Verification Techniques � SAT using CNF encoding � Binary Moment Diagrams (BMD) � Algebraic reasoning s 3 s 0 s 2 s 1 1

  3. Basic Idea of Algebraic Approach Multiplier Polynomials a 1 b 1 a 0 b 1 a 1 b 0 a 0 b 0 B = { x − a 0 ∗ b 0 , g 1 g 2 g 3 y − a 1 ∗ b 1 , s 0 − x ∗ y , g 4 . . . } s 3 s 0 s 2 s 1 Specification Ideal Membership Test 2 n − 1 � 2 i s i − = 0 ✓ i =0 � = 0 ✗ � n − 1 �� n − 1 � 2 i a i � 2 i b i � i =0 i =0 2

  4. Contributions 1. Modular Reasoning 2. Combine SAT and Computer Algebra 3. Preprocessing Techniques 4. Tool: AM ULET 3

  5. Multiplier Specification Unsigned integers: 2 n − 1 � n − 1 �� n − 1 � � � � 2 i s i − 2 i a i 2 i b i U n = ∈ Z [ X ] i =0 i =0 i =0 4

  6. Multiplier Specification Unsigned integers: 2 n − 1 � n − 1 �� n − 1 � � � � 2 i s i − 2 i a i 2 i b i U n = ∈ Z [ X ] i =0 i =0 i =0 Signed integers: 2 n − 2 n − 2 n − 2 � �� � S n = − 2 2 n − 1 s 2 n − 1 + � − 2 n − 1 a n − 1 + � − 2 n − 1 b n − 1 + � 2 i s i − 2 i a i 2 i b i ∈ Z [ X ] i =0 i =0 i =0 4

  7. Multiplier Specification Unsigned integers: 2 n − 1 � n − 1 �� n − 1 � � � � 2 i s i − 2 i a i 2 i b i U n = ∈ Z [ X ] i =0 i =0 i =0 Signed integers: 2 n − 2 n − 2 n − 2 � �� � S n = − 2 2 n − 1 s 2 n − 1 + � − 2 n − 1 a n − 1 + � − 2 n − 1 b n − 1 + � 2 i s i − 2 i a i 2 i b i ∈ Z [ X ] i =0 i =0 i =0 Truncated multiplication of integers: 2 n − 1 � n − 1 �� n − 1 � � � � 2 i s i − 2 i a i 2 i b i T n = ∈ Z 2 n [ X ] i =0 i =0 i =0 4

  8. Circuit Polynomials Gate polynomials G ( C ) . a 1 b 1 a 0 b 1 a 1 b 0 a 0 b 0 s 3 = g 1 ∧ g 4 − s 3 + g 1 g 4 , s 2 = g 1 ⊕ g 4 − s 2 + g 1 + g 4 − 2 g 1 g 4 , g 4 = g 2 ∧ g 3 − g 4 + g 2 g 3 , g 1 g 2 g 3 s 1 = g 2 ⊕ g 3 − s 1 + g 2 + g 3 − 2 g 2 g 3 , g 1 = a 1 ∧ b 1 − g 1 + a 1 b 1 , g 2 = a 0 ∧ b 1 − g 2 + a 0 b 1 , g 4 g 3 = a 1 ∧ b 0 − g 3 + a 1 b 0 , s 0 = a 0 ∧ b 0 − s 0 + a 0 b 0 Boolean value constraints B 0 ( C ) . a 1 , a 0 ∈ B a 1 (1 − a 1 ) , a 0 (1 − a 0 ) , s 3 s 0 s 2 s 1 b 1 , b 0 ∈ B b 1 (1 − b 1 ) , b 0 (1 − b 0 ) 5

  9. Ideals Ideal. Let R be a ring. A nonempty subset I ⊆ R [ X ] is called an ideal if ∀ p, q ∈ I : p + q ∈ I and ∀ p ∈ R [ X ] ∀ q ∈ I : pq ∈ I Ideal membership test. Given a polynomial q ∈ R [ X ] and a (finite) set of polynomials P ⊆ R [ X ] , decide whether q ∈ � P � , where � P � is the smallest ideal containing all elements of P , also known as the ideal generated by P . U n ∈ � G ( C ) ∪ B 0 ( C ) � ⊆ Z [ X ] S n ∈ � G ( C ) ∪ B 0 ( C ) � ⊆ Z [ X ] T n ∈ � G ( C ) ∪ B 0 ( C ) � ⊆ Z 2 n [ X ] 6

  10. Ideals Ideal. Let R be a ring. A nonempty subset I ⊆ R [ X ] is called an ideal if ∀ p, q ∈ I : p + q ∈ I and ∀ p ∈ R [ X ] ∀ q ∈ I : pq ∈ I Ideal membership test. Given a polynomial q ∈ R [ X ] and a (finite) set of polynomials P ⊆ R [ X ] , decide whether q ∈ � P � , where � P � is the smallest ideal containing all elements of P , also known as the ideal generated by P . UMLT. Let P ⊆ R [ X ] . If for a certain term order, all leading terms of P only consist of a single variable with exponent 1 and are unique and further lc( p ) ∈ R × for all p ∈ P , then we say P has unique monic leading terms . 6

  11. Soundness and completeness � P ⊢ R q ⇐ ⇒ q ∈ � P � + � B 0 ( P ) � � P | = R q ⇐ ⇒ ∀ ϕ : ∀ p ∈ P : ϕ ( p ) = 0 ⇒ ϕ ( q ) = 0 Theorem (Soundness) Let P ⊆ R [ X ] be a finite set of polynomials with UMLT and q ∈ R [ X ] , then P ⊢ R q ⇒ P | = R q. Theorem (Completeness) Let P ⊆ R [ X ] be a finite set of polynomials with UMLT. Then for every q ∈ R [ X ] we have P | = R q ⇒ P ⊢ R q. 7

  12. Modular reasoning Previous work: Q [ X ] Now: Z l [ X ] for l ∈ N � truncated multiplication � unsigned integers � elimination of monomials � contains Z [ X ] � Q is a field � Gröbner basis theory 8

  13. Modular reasoning Unsigned integers: 2 n − 1 � n − 1 �� n − 1 � � � � 2 i s i − 2 i a i 2 i b i U n = ∈ Z 2 2 n [ X ] i =0 i =0 i =0 Signed integers: 2 n − 2 n − 2 n − 2 � �� � S n = − 2 2 n − 1 s 2 n − 1 + � − 2 n − 1 a n − 1 + � − 2 n − 1 b n − 1 + � 2 i s i − 2 i a i 2 i b i ∈ Z 2 2 n [ X ] i =0 i =0 i =0 Truncated multiplication of integers: n − 1 n − 1 n − 1 − i � � � 2 i s i − 2 i + j a i b j T n = ∈ Z 2 n [ X ] i =0 i =0 j =0 8

  14. Modular reasoning Previous work: Q [ X ] Now: Z l [ X ] for l ∈ N � truncated multiplication � unsigned integers � elimination of monomials � contains Z [ X ] � Q is a field � Gröbner basis theory Z [ X ] � Z is a principal ideal domain � D-Gröbner basis theory 8

  15. D-Gröbner basis � Gröbner bases theory, where coefficient domains D are PIDs. � Offers decision procedure (D-reduction) for ideal membership test in D [ X ] . P Let q ∈ D [ X ] and P ⊆ D [ X ] : q ∈ � P � ⇔ q − → 0 � Every ideal of D [ X ] has a D-Gröbner basis. � There is an (expensive) algorithm which, given an arbitrary basis of an ideal, computes a D-Gröbner basis. 9

  16. D-Gröbner basis applied to circuit verification Theorem Let R be a PID and let G ( C ) ∪ B 0 ( C ) ⊆ R [ X ] have UMLT. Then G ( C ) ∪ B 0 ( C ) is a D-Gröbner basis of � G ( C ) ∪ B 0 ( C ) � ⊆ R [ X ] . 10

  17. D-Gröbner basis applied to circuit verification Theorem Let R be a PID and let G ( C ) ∪ B 0 ( C ) ⊆ R [ X ] have UMLT. Then G ( C ) ∪ B 0 ( C ) is a D-Gröbner basis of � G ( C ) ∪ B 0 ( C ) � ⊆ R [ X ] . � We want R = Z l for l ∈ N . � Z l is not a PID. � Z is a PID. 10

  18. D-Gröbner basis applied to circuit verification Theorem Let R be a PID and let G ( C ) ∪ B 0 ( C ) ⊆ R [ X ] have UMLT. Then G ( C ) ∪ B 0 ( C ) is a D-Gröbner basis of � G ( C ) ∪ B 0 ( C ) � ⊆ R [ X ] . � We want R = Z l for l ∈ N . � Z l is not a PID. � Z is a PID. Lemma Let l ∈ N and let G ( C ) ∪ B 0 ( C ) ⊆ Z [ X ] have UMLT. Then G ( C ) ∪ B 0 ( C ) ∪ { l } is a D-Gröbner basis of � G ( C ) ∪ B 0 ( C ) � + � l � ⊆ Z [ X ] . 10

  19. Correspondence lemma Lemma Let l ∈ N and let I ⊆ Z [ X ] be an ideal. There is a bijective correspondence from q ∈ I + � l � ⊆ Z [ X ] [ q ] ∈ { [ p ] | p ∈ I } ⊆ Z [ X ] / � l � , to where [ q ] is the equivalence class of q . Furthermore Z [ X ] / � l � ∼ = Z l [ X ] . 11

Recommend


More recommend