Effective Pre-Silicon Verification of Processor Cores by Breaking the Bounds of Symbolic Quick Error Detection

by   Karthik Ganesan, et al.

We present a novel approach to pre-silicon verification of processor designs. The purpose of pre-silicon verification is to find logic bugs in a design at an early stage and thus avoid time- and cost-intensive post-silicon debugging. Our approach relies on symbolic quick error detection (Symbolic QED, or SQED). SQED is targeted at finding logic bugs in a symbolic representation of a design by combining bounded model checking (BMC) with QED tests. QED tests are powerful in generating short sequences of instructions (traces) that trigger bugs. We extend an existing SQED approach with symbolic starting states. This way, we enable the BMC tool to select starting states arbitrarily when generating a trace. To avoid false positives, (e.g., traces starting in unreachable states that may not be-have in accordance with the processor instruction-set architecture), we define constraints to restrict the set of possible starting states. We demonstrate that these constraints, togeth-er with reasonable assumptions about the system behavior, allow us to avoid false positives. Using our approach, we discovered previously unknown bugs in open-source RISC-V processor cores that existing methods cannot detect. Moreover, our novel approach out-performs existing ones in the detection of bugs having long traces and in the detection of hardware Trojans, i.e., unauthorized modifications of a design.



page 1

page 2

page 3

page 4


Boosting the Bounds of Symbolic QED for Effective Pre-Silicon Verification of Processor Cores

Existing techniques to ensure functional correctness and hardware trust ...

Symbolic QED Pre-silicon Verification for Automotive Microcontroller Cores: Industrial Case Study

We present an industrial case study that demonstrates the practicality a...

A Theoretical Framework for Symbolic Quick Error Detection

Symbolic quick error detection (SQED) is a formal pre-silicon verificati...

MAVERICK: Proactively detecting network control plane bugs using structural outlierness

Proactive detection of network configuration bugs is important to ensure...

Automatic Microprocessor Performance Bug Detection

Processor design validation and debug is a difficult and complex task, w...

Hardware/Software Co-verification Using Path-based Symbolic Execution

Conventional tools for formal hardware/software co-verification use boun...

Deploying Static Analysis

Static source code analysis is a powerful tool for finding and fixing bu...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.