Design verification

• Requirements of a design are formalized as predicates constraining the computation. E.g. two grant signals never given simultaneous access.

• Example: Let us verify invariant in a design.

• I(s) on a state S is invariant

• I(pre) ? t(pre,post) ? I(post)

• To show that ? (grl ? grr) is an invariant for arbiter, four implications must be shown. I.e. reql ? ?grr ? grl ? ? (grl ? grr)

Invariant: Sub set of state space containing initial state.

Further, there must not be any transition from a state with in

the subset to a state.

Hence, invariant describes properties that hold through

the computation.

Previous slide

Next slide

Back to first slide

View graphic version