Content uploaded by Khaled Elleithy
Author content
All content in this area was uploaded by Khaled Elleithy
Content may be subject to copyright.
Content uploaded by Khaled Elleithy
Author content
All content in this area was uploaded by Khaled Elleithy
Content may be subject to copyright.
A
Rule-based Approach for High Speed Adders Design Verification
Khaled M.
Elleithy
&
Mostafa
A.
kef
College of Computer Science and Engineering
King Fahd University of Petroleum and Minerals
Dhahran
3
1262,
Saudi Arabia
Abstract--In this paper, a rule-based framework for formal
hardware verification is presented. The PROVER system
(PROduction system for hardware VERification)
is
implemented using CLIPS (C Language Integrated Production
System). The environment supports verification at different
levels of hardware specification. The rule-based framework has
been tested on the design of high speed adders.
1.
INTRODUCTION
With the current advances in Very Large Scale Integration
(VLSI) it is impossible to produce free
of
errors designs
using ad-hoc methods. It is essential to detect as many errors
as
possible before any fabrication stage. In the case of large
scale devices, e.g., microprocessors, the applicability of
automated theorem provers to prove the mathematical
theorem of equivalency between design and specification is
of considerable interest.
An input algorithm may be specified using a specific
algorithmic specification language. An architecture may be
specified using a realization specification language. The role
of Design can be viewed as
a
transformation process between
the algorithm specification language and the realization
specification language.
The objective of any design procedure is to produce an
architecture that correctly implements the required behavior
subject to a given set of constraints on area and timing. It is
very expensive to fabricate a design before verifying the
functional correctness of the design. There are two
approaches for verification; simulation and formal
verification. Simulation is efficient with small size
Architectures where it is possible to exhaustively run the
simulator. Formal verification
is
suitable for large size
architectures.
A verification methodology is formal
if
it satisfies the
following characteristics[ 11:
e
There is a formal framework to describe the architecture.
There
is
a formal technique
to
prove the equivalency of
the implementation and the specification without
physically construct or simulate the design.
0
It is possible to manipulate and study the design's
performance without the physical implementation.
The heart of any formal verification methodology, then, is
the availability
of
a formal specification language where
formal proofs can be driven. Logic is one
of
the widely used
specification languages for verification. First order logic has
been used in a number of systems[2-41. Higher order logic
has been used in a number of applications[5-8]. Joyce[7-81
used the HOL system to verify a microprocessor. Temporal
logic
is
an appropriate approach for specifying timing
characteristics of a design. Temporal logic has been
successfully used for verification in[9-
lo].
Automated 'Theorem Provers are efficient in proving the
correctness in large scale architectures where the proof of
correctness is done automatically. In this paper we are
introducing a novel approach for formal verification based on
a
production system. The
PROVER
(PROduction system for
hardware VERification)[ 1 1-12] (Figure
1)
is implemented
using the CLIPS (C Language Integrated Production
System)[l3]. CLIPS is written in
C
to support the goal of
high portability, extendibility, low-cost and ease of
integration with external systems [14]. CLIPS, as a
production system
[
151, provides pattern-directed control
of
a
problem-solving process. The paper is organized
as
follows:
in section
2
the PROVER system is introduced, the
verification of high speed adders using the PROVER
is
given in section 3. Finally, section
4
offers conclusions and
future extensions.
Knowledge
Base
Cell
Library
Figure
1.
PROVER'S
Block
Diagram.
2.
PROVER
SYSTEM
PROVER
is
a production based system for formal hardware
Verification.
PROVERS
input has
two
components for the
verifiable circuit: implementation description and behavioral
description. The implementation description would be one or
a combination of different hardware descriptions. These
descriptions include transistors, gates, logical, functional, and
module descriptions. PROVER has a knowledge base
consists of a formal Cell Library and Rules. Cell library
274
0-7803-2428-5195
$4.00
0
1995
IEEE
Authorized licensed use limited to: University of Bridgeport. Downloaded on February 24,2010 at 13:26:21 EST from IEEE Xplore. Restrictions apply.
contains a predefined set of hardware components. It
Consists of five sub libraries to represent the five levels of
hardware descriptions. These sub libraries are Transistor-
level Library
(TL),
Gate-level Library
(GL),
Logic-level
Library
(LL),
Function-level Library
(FL),
and Module-level
Library
(ME).
The block diagram of PROVER is shown in
Figure
2.
The incremental approach is used in developing
PROVER. In this approach, a subset of the domain is
considered first and a prototype
is
built. Then this prototype
is expanded to the other subsets of the domain.
A
formal verification methodology based on
transformation rules between different levels
is
used.
Verification rules are required to prove that a given
specification at level
X
is equivalent to specification at level
X+I
.
The following verification rules are implemented:
T-to-G rules:
transform from transistor level to gate level,
G-to-L rules:
transform from gate level to logical level,
0
L-to-F rules:
transform from logical level to functional
0
F-to-M rules:
transform from functional level to module
level, and
level.
The rules define possible transformation from one level to
another. Also, they reflect the semantic of each level
description.
Any synchronouslasynchronous digital system can be
verified using pre-verified constructs from the cell library.
Verified components at any level are added to the cell library
in the appropriate level. For ease of expandability, verified
components are made modular
so
that they can be used for
verifying modules of different word length, e.g., a definition
of
a Conditional Sum adder can be used for verification in
cases of 16,32, and 64 bits.
3.
HIGH
SPEED ADDERS VERIFICATION
In this section a number of high speed adders are considered
as case studies for PROVER environment. The system is
used to prove the functional correctness of a Conditional
Sum Adder (CoSA), Carry Select Adder (CSA), a Carry
Look-ahead Adder (CLA) and a Block Carry Lookahead
Adder (BCLA) adder. The verification is carried for different
word lengths
to
study the verification complexity.
3.
I
Condition
Sum
Adder
Condition sum adder is an adder where
two
simultaneously
provisional
sums
are generated. Then, the true sum outputs
are selected based on the input carry. Figure
2
shows 7-bits
condition sum adder. The PROVERS input consists of the
modules functional description and the modules'
interconnections. The input description of a 7-bit Conditional
Sum Adder is shown in Figure 3.
Proof
Strategy:
The
Function-level Library
(FL)
is
activated
to prove the correctness of the conditional sum adder. The
following rules are fired.
A6
86
A5
85 A4
84
A3
83
A2
82
AI
81
A0
80
s:
c:*,
e
c
P,,
Figure 2. 7-Bit Conditional
Sum
Adder
(Conditional-sum-adder
8
(C-cell
8
INPUT
AO BO
AI
RI
A2 B2 A3
B3 A4B4 A5B5 A6B6 A7B7
s1-0 c1-0 s1-1 c1-1 s2-0 C2-0
S2,-1 C2-1 S3-0 C3-0 S3-1 C3-1
S4,-0 C4-0 S4-1 C4-1 S5-0
C5-0 S5-1 C5-1 S6-0 C6-0
S6-1 C6-1 S7-0 C7-0 S7-1 C7-1)
OUTPUT
SO-0
CO-0
SO-I
CO-1
(Mux
2 INPUT
SO-0
SO-1
CO-0
CO-1
cin
OUTPUT
sOc0)
(MUX
2 INPUT
~2-0
~2-1 ~2-0 ~2-1
CI-0
OUTPUT ~2-2-0 ~2-2-0)
(MUX
2 INPUT ~2-0~2-1 ~2-0~2-1 cl-1
OUTPUT ~2-2-1 ~2-2-1)
(Mux
2 INPUT ~4-0 ~4-1 ~4-0 ~4-1 ~3-0
OUTPUT ~4-2-0 ~4-2-0)
(MUX
2 mpur
~4- OS^-I
~4-o
~4-I c3-~
OUTPUT ~4-2-1 ~4-2-1)
(MUX
2 INPUT ~6-0 ~6-1 ~6-0 ~6-1 ~5-0
OUTPUT ~6-2-0 ~6-2-0)
(MUX
2 INPUT ~6-0~6-1 ~6-0 ~6-1 ~5-1
OUTPUT ~6-2-1 ~6-2-1)
(MUX
3 INPUT sl-Osl-1 ~2-2-0~2-2-1
c2-2-0 c2-2-1
CO
OUTPUT
SI
s2 c2)
(MUX
3 INPUT ~5-0 ~5-1 ~6-2-0 ~6-2-1
~6-2-0 ~6-2-1 ~4-2-0
OUTPUT ~5-3-0 ~6-3-0 ~6-3-0)
(MUX
3 INPUT
~5-0
~5-1 ~6-2-0 ~6-2-1
~6-2-0 ~6-2-1 ~4-2-1
OUTPUT ~5-3-1 ~6-3-1 ~6-3-1)
(MUX
5
INPUT ~3-0 ~3-1 ~4-2-0 ~4-2-1
~5-3-0 ~5-3-1 ~6-3-0
~6-3-1 ~6-3-0 ~6-3-1 ~2
OUTPUT s3 s4 s5 s6 c6)
OUTPUT s7 cout)
(Mux
2 PIPUT ~7-0 ~7-1 ~7-0 ~7-1 ~6
Figure
3.
Input Description
of
7-bit
Conditional Sum Adder.
275
Authorized licensed use limited to: University of Bridgeport. Downloaded on February 24,2010 at 13:26:21 EST from IEEE Xplore. Restrictions apply.
(a) full-adder rule
if
y 1 is the sum of a full adder with three inputs
xl,
x2
and y2
=
is the carry of a full adder with three inputs
then
express the full adder with three inputs xl, x2 and x3
(b)
sum-rule
if
and x3
XI,
x2 and x3
and
two
outputs yl and y2
there is a Conditional-sum with
two
inputs x and
y
and
and a multiplexer of
two
inputs
SO,
sl and control c
then
express the output
o
as the sum of a full adder with
(c)
carry-rule
if
outputs
SO
and
SI
and output
o
three inputs x, y and c
there is a Conditional-carry with
two
inputs x and y and
and a multiplexer of
two
inputs
SO
and
s
1, control c
then
express the ouiput
o
as the carry
of
a full adder with
(d) Conditional-cell rule-1
if
there is a Conditional-cell
of
two
inputs x and y
then
express the conditional-sum and conditional-carry as
outputs
SO
and sl
and output
o
three inputs x, y and c
and four outputs
SO,
sl,
CO
and cl
follows:
outputs
SO
and
sl
outputs
CO
and cl
(e) Conditional-cell rule-2
if
there is a conditional-cell of n bits
then
express each bit by itself
(f)
Multiplexer rule
if
there are three multiplexers as follows:
Conditional-sum has two inputs
x
and
y
and
two
Conditional-carry has
two
inputs x and y and
two
multiplexer1 has inputs
il,
i2
&
cl and output
01
multiplexer 2 has inputs
il,
i2 and c2 and output 02
multiplexer
3
has inputs 01,
02
and c3
&
output
03
then
combine the three multiplexers in one multiplexer
as: multiplexer has inputs
il,
i2 and c3 output
03
First, the Multiplexer rule expands all circuit bus
multiplexer into single bit multiplexer. Then Multiplexer
Composition rule combines as many single bit as possible.
This rule generates multiplexers with outputs as
SO
S1
..
S7.
Second, Conditional-cell rule-2 expands the
bus
conditional
cells into single bit conditional cell. Then conditional-cell
rule express each bit as conditional sum and conditional carry
functions. Sum and carry rules combines the multiplexer
generated from step one and the conditional sum and
conditional carry to
form
the equations of sum and carry
functions. Some of these equations will be combined to form
the full-adder descriptions.
Analysis:
The previous proof can be easily extended
to
n-bit
conditional sum adder through the general definitions
of
the
used modules. PROVER results are obtained for verifying
8,
16,24 and 32 bits conditional sum adders.
3.2
Carry Select Adder
(CSA)
Carry select adder is a fast asynchronous adder based on a
carry acceleration approach. The adder
is
partitioned into
fixed size sections where section additions are processed
simultaneously with appropriate carry input selecting the
right
Sum.
A
section size
is
set to 4-bits. This adder is
verified using PROVER. The methodology is applied to
verify an n-bit adder, where n is
8,
16,24 and 32 bits. The
PROVER'S input consists of the modules functional
description and interconnections of modules represented
using
CLIPS.
3.3
Curry
Look
Ahead (CLA) Adder
A
carry lookahead (CLA) technique is used to speed up the
carry propagation in a ripple carry adder. A carry look ahead
adder consists of carry-generate-propagate unit
(CGP),
summation unit, and carry-look-ahead (CLA) unit. The
PROVERS input consists of the modules functional
description and interconnections of the modules. The
methodology is applied to verify an n-bit adder, where n is
8,
16,24 and 32 bits.
3.4
Curry
Look
Ahead Adder based
on
4-bits blocks
A
two
level carry look ahead adder can be implemented
using 4-bit block
of
carry look ahead blocks. The PROVER'S
input consists of the modules functional description and the
modules' interconnections. The methodology is applied to
verify an n-bit adder, where n is
8,
16,24 and 32 bits.
4.
DISCUSSION
AND
CONCLUSIONS
The verification time, number of rules fired and numbers of
facts used versus the word length are shown in Figures
4,
5
and
6.
The verification time is a function of the adder size.
The adder size is a function of the word length. It has been
proved in
[
161 that Carry lookahead and Carry Select adders
have an area of
@(E),
n
is the number
of
bits, while the
Conditional Sum Adder has an area
of
@(E
log
n)
.
The
verification time, number of rules fired and numbers of facts
are consistent with the asymptotic complexities of the
adders' area versus the number of bits, i.e., the verification
time increases linearly in the cases of Carry Lookahead and
Carry select adders while increases
in
order
n
log
M
in case
of Conditional Sum Adder. In summary, the verification time
is increased linearly with the circuit size.
We have argued in this paper that verifying large scale
systems is no more a straight forward process that can be
completely achieved using traditional approaches
of
simulation.
A
rule-based framework for formal hardware
verification has been presented. The PROVER system is
implemented using CLIPS. The framework has a knowledge
base consists of a Cell Library and Rules. The functional
276
Authorized licensed use limited to: University of Bridgeport. Downloaded on February 24,2010 at 13:26:21 EST from IEEE Xplore. Restrictions apply.
correctness of Conditional
Sum
adder, Carry select adder,
and Carry Lookahead adder using both
a
direct and indirect
implementation have been proved for different word sizes.
Results
show
that
32
bit adders can be verified functionally
in few seconds and the verification time is increasing linearly
with the circuit size.
rm
C
,/
3
Bo1
.E
I
/
m
IO
0
but
aut
16Ut
u-w
32611
Adder
size
Figure
4.
Runtime Versus Adder Size
18
0
I
but
BYt
16M
2dm
32M
Adder
Size
Figure
5.
Number of Facts used versus Adder Size.
IYI
1M
Ea
I
cblt
Bbn
16M
26M
UM
Adder
Sue
Figure
6.
Number
of
Rules Fired Versus Adder Size
ACKNOWLEDGMENTS
The authors
wish
to
acknowledge King Fahd
University
of
Petroleum and Minerals for utilizing the various facilities
in
preparation and presentation
of
this paper.
REFERENCES
Elleithy,
"Formal
Hardware Verification:
of
VLSI Architectures:
Current Status and Future directions," 5th International Conference
on
Microelectronics, Dhahran, Saudi Arabia,
1993,
pp.
197-201.
Uehara,
T.,
et al., "DDL Verifier and Temporal Logic,"
Proc. CHDL
83:
IFIP
6th
Int?
Symp. Computer Hardware Description Lung. and
their Applications,
Pittsburgh, May
1983,
pp.
91-102.
Eveking, "Formal Verification of Synchronous Systems,"
Formal
Aspects of VLSI Design: Proc. 1985 Edinburgh Con$ VLSI,
G. J.
Milne and
P.
A.
Subrahmanyam, eds., North Holland Publishing,
Amsterdam,
1986,
pp.
137-151.
Hunt,
W.
A.,
"FM8501:
A
verified Microprocessor,"
IFIP
WG
10.2
Workshop, From HDL Descriptions to Guaranteed Correct Circuits
Design,
North Holland Publishing, Amsterdam, Sept.
1986,
pp.
85-
114.
Hanna, F. K. and Daeche, "Specification and Verification of Digital
Systems Using Higher order Logic,"
IEEproc.,
Vol.
133,
Pt.
E,
No.
5,
Sept.
1986,
pp.
242-254.
Gordon, M.
J.
C.,
"Why High-Order Logic is a Good Formalism for
Specifying and Verifying Hardware,"
Formal Aspects of
VLSI
Design: Proc. 1985 Edinburgh Con$ VLSI,
G.
Milne
&
P.
Subrahmanyam, eds., North Holland Pub., Amsterdam,
1986,
pp.
Joyce,
J.,
Birtwistle, and Gordon,
M.
"Proving a Computer Correct in
Higher Order Logic,"
Tech. Rept.
No.
100, Computer Laboratory,
The Univ. ofcambridge,
Cambridge, England,
1986.
Joyce, J., "Formal Verification and Implementation of a
Microprocessor,"
VLSI
Specification, Verrjcation, and Synthesis,
Birtwistle,
G.
and Subrahmanyam,
P.A.,
eds., North Holland,
Amsterdam, The Netherlands,
1988,
pp.
371-378.
Bochmann,
G.
V., "Hardware Specification with Temporal Logic:
An
Example,"
IEEE
Trans. Computers,
Mar.
1982,
pp.
223-23
1.
Fujita, M., et al., "Logic Design Assistance with Temporal Logic,"
Proc. CHDL
85:
IFIP 7th Int'l Symp. Computer Hardware
Description Lung.
Cy:
their Applications,
Aug.
1985,
pp.
129-137.
Aref, M. A. and Elleithy,
K.
M.,
"PROVER:
A
Production System
for Formal Hardware Verification,"
Fgth International ConJe
on
Microelectronics,
Dhahran, Dec.
1993,
pp.
210-213.
Elleithy,
K.
M.
and Mostafa Aref, M.
A.,
"A
ProductionBased
System for Formal Verification of Digital Signal Processing
Architectures,"
TwenpSeventh Asilomar Conf
on
Signals, Systems
&
Computers,
Pacific Grove, California, Nov.
1-3, 1993.
CLIPS Reference Manual,
Version
6,
Software Technology Branch,
Lyndon B. Johnson Space Center, June
1993.
Mettrey, "A Comparative Evaluation of Expert System
Tools,"
IEEE
Computer,
Vol.
24,
No.
2,
Feb.
1991,
pp.
19-31.
George
F.
Luger, William A. Stubblefield,
Artzjcial Intelligence and
the design of Expert System,
The BenjamidCummings publishing
Company,
1989.
Sklansky,
J.,
"An
Evaluation ofSeveral Two-Summand Binary
Adders,"
IRE
Trans.
EC-9,
No.
2,
June
1960,
pp.
213-226.
153-177.
277
Authorized licensed use limited to: University of Bridgeport. Downloaded on February 24,2010 at 13:26:21 EST from IEEE Xplore. Restrictions apply.
