No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
Complete and Efficient Verification for a RISC-V Processor Using Formal Verification
... This subsection covers the verification of various RISC processors for which formal verification methods were used primarily. In classical formal verification techniques Binary Decision Diagram (BDD), Binary Moment Diagram (BMD), Boolean Satisfiability (SAT), or Symbolic Computer Algebra (SCA) are used [55]. ...
... This verification method took less time (16 min) and utilized less memory too for the 32-bit single-cycle RISC-V processor (RV32I) while addressing the challenges of BDDs very well. [55] successfully verified all functional units of the multicycle, MicroRV32 processor completely with sequential sub-circuits. Using Polynomial Formal verification (PFV) gave an upper bound with respect to the time and space complexity for the given function for many subcircuits. ...
... ALU misbehavior were detected by both, faulty comparisons were detected through formal verification, data hazards detected by μGP torture tests, and interrupt execution was detected Fig. 19 The Verification methodology. Source: Adapted from [55] by the μGP simulations as well. Combining both simulation and formal verification is beneficial to cover different types of error detection. ...
This paper is a survey of the various verification methods available for RISC based processors. The RISC-V processors are open standard that can have user-based extensions. This makes their verification complex and prone to errors. There is ongoing research in this area. This paper illustrates the criteria for deciding a Verification Plan while considering various available verification methods, verification time, and software costs. Several hardware design verification approaches from Formal Verification to Simulation based, Fully Automated Verification Plan to Security and Trojans are discussed. A Comparison between features and verification methods employed for Intel, ARM and RISC based processors is also done. The current RISC-V hardware design verification methods in use like self-checking tests, testbench use of standards, virtual verification peripherals and many more along with the required software and tools are described. In depth analysis of previous and current research on various available and newly developed RISC-V processors is chronicled with their code coverage, functional coverage, limitations and bug detection details.
... Other circuit classes for which polynomial upper bounds could be proven include tree-like circuits [12], circuits with a constant cutwidth [13], symmetric functions [14] and many more. Recently, PFV has also been applied to simple sequential circuits [15] and a simple RISC-V CPU [16][17][18]. ...
... Furthermore, examples for which PFV has proven to be possible are circuits for symmetric functions [14], as well as tree-like circuits without fanouts [12] or circuits resulting from BDDs or Kronecker Functional Decision Diagrams (KFDDs) [25]. In recent research, PFV could even be applied to first sequential circuits, such as counters and shift registers [15], as well as to a simple RISC-V CPU [16][17][18]. ...
With the ongoing digitization, digital circuits have become increasingly present in everyday life. However, as circuits can be faulty, their verification poses a challenging but essential challenge. In contrast to formal verification techniques, simulation techniques fail to fully guarantee the correctness of a circuit. However, due to the exponential complexity of the verification problem, formal verification can fail due to time or space constraints. To overcome this challenge, recently Polynomial Formal Verification (PFV) has been introduced. Here, it has been shown that several circuits and circuit classes can be formally verified in polynomial time and space. In general, these proofs have to be conducted manually, requiring a lot of time. However, in recent research, a method for automated PFV has been proposed, where a proof engine automatically generates human-readable proofs that show the polynomial size of a Binary Decision Diagram (BDD) for a given function. The engine analyses the BDD and finds a pattern, which is then proven by induction. In this article, we formalize the previously presented BDD patterns and propose algorithms for the pattern detection, establishing new possibilities for the automated proof generation for more complex functions. Furthermore, we show an exemplary proof that can be generated using the presented methods.
This article is part of the theme issue ‘Emerging technologies for future secure computing platforms’.
... Existing RISC-V verification efforts include formal methods [19], dedicated test generators, and UVM-based functional testbenches [20]. Performance modeling often relies on tools like gem5 [21] or custom SystemC/TLM models, typically separate from UVM flows. ...
The burgeoning RISC-V ecosystem necessitates efficient verification methodologies for complex processors. Traditional approaches often struggle to concurrently evaluate functional correctness and performance, or balance simulation speed with modeling accuracy. This paper introduces an integrated co-simulation framework leveraging Universal Verification Methodology (UVM) and Transaction-Level Modeling (TLM) for RISC-V processor validation. We present a configurable UVM-TLM model (vmodel) of a superscalar, out-of-order RISC-V core, featuring key microarchitectural modeling techniques such as credit-based pipeline flow control. This environment facilitates unified functional verification via co-simulation against the Spike ISA simulator and enables early-stage performance assessment using benchmarks like CoreMark, orchestrated within UVM. The methodology prioritizes integration, simulation efficiency, and acceptable fidelity for architectural exploration over cycle-level precision. Experimental results validate functional correctness and significant simulation speedup over RTL approaches, accelerating design iterations and enhancing verification coverage.
Verification plays a major role in ensuring the functional correctness of any design. In recent years with growing complexity of processor designs, verification has assumed utmost importance. Simulation-based techniques cannot ensure completeness in verification, and in this regard formal methods prove crucial. Although formal methods guarantee completeness it is hard to quantify the exact time and space complexities. Recently some works have demonstrated that it is possible to achieve polynomial space and time complexities for various arithmetic circuits as well as for processors. In this paper we propose a Binary Decision Diagram (BDD) based Polynomial Formal Verification (PFV) approach for verifying processors. As a case study, we discuss the PFV for a multi-cycle processor (viz., MicroRV32) with support for combinational and sequential sub-systems. New data structures and code base are utilized to verify all the functional components. Experimental results reveal that the verification can indeed be performed in polynomial time.
Not long ago, completely automatical formal verification of multipliers was not feasible, even for small input word sizes. However, with Multiplicative Binary Moment Diagrams (*BMD), which is a new data structure for representing arithmetic functions over Boolean variables, methods were proposed by which verification of multipliers with input word sizes of up to 256 Bits is now feasible. Unfortunately, only experimental data has been provided for these verification methods until now.
In this paper, we give a formal proof that logic verification with *BMDs is polynomially bounded in both, space and time, when applied to the class of Wallace-tree like multipliers. Using this knowledge online detection of design errors becomes feasible during a verification run.
In this paper we propose μRV32 (MicroRV32) an open source RISC-V platform for education and research. μRV32 integrates several peripherals alongside a configurable 32 bit RISC-V core interconnected with a generic bus system. It supports bare-metal applications as well as the FreeRTOS operating system. Beside an RTL implementation in the modern SpinalHDL language (μRV32 RTL) we also provide a corresponding binary compatible Virtual Prototype (VP) that is implemented in standard compliant SystemC TLM (μRV32 VP). In combination the VP and RTL descriptions pave the way for advanced cross-level methodologies in the RISC-V context. Moreover, based on a readily available open source tool flow, μRV32 RTL can be exported into a Verilog description and simulated with the Verilator tool or synthesized onto an FPGA. The tool flow is very accessible and fully supported under Linux. As part of our experiments we provide a set of ready to use application benchmarks and report execution performance results of μRV32 at the RTL, VP and FPGA level together with a proof-of-concept FPGA synthesis statistic for different processor configurations. We believe that our μRV32 platform is a suitable foundation for further research and education purposes due to it’s open source nature, accessible toolchain working in Linux and support for small low-priced FPGAs in combination with a solid feature set.
Multiplier circuit covers a more extensive area of embedded system application in Digital Signal Processing, Cryptography, and Multimedia. Non-standard implementations and custom optimization are being done to reduce the size of multipliers. The circuit became prone to a buggy, and hence the demand for verification increased. Formal verification methods such as Satisfiability (SAT), Symbolic Computer Algebra (SCA), and Binary Decision Diagrams (BDDs) have made massive progress over the last few decades. However, these methods are insufficient to verify the optimized multipliers. SAT-based equivalence checking is computationally expensive. SCA-based backward rewriting is limited to algebraic friendly multipliers. The complexity of BDDs is exponential with the input size. Although, by allowing an additional variable method, the size of the BDD is limited to 4th degree polynomial of the number of the inputs, this method is not explored to verify optimized multipliers. This paper focus on verifying integer multipliers with diverse architectures. We propose an algorithm for the direct construction of BDDs without traversing circuits and generate BDDs up to 1,024bits. We utilize the additional variable method and constructing BDDs using high-to-low variable ordering. We reduce the complexity of BDD size to a 3rd degree polynomial. We generate BDDs and verify the multipliers with various architectures up to 64bits. We propose a method to verify optimized multipliers by checking equivalence and verifying up to 32bits optimized multipliers. We do the error tolerance analysis of our approach by inserting bugs in a circuit at various locations.
Despite significant progress in formal hardware verification in the past decade, little has been published on the verification of microcode. Microcode is the heart of every microprocessor and is one of the most complex parts of the design: it is tightly connected to the huge machine state, written in an assembly-like language that has no support for data or control structures, and has little documentation and changing semantics. At the same time it plays a crucial role in the way the processor works.
We describe the method of formal microcode verification we have developed for an x86-64 microprocessor designed at Centaur Technology. While the previous work on high and low level code verification is based on an unverified abstract machine model, our approach is tightly connected with our effort to verify the register-transfer level implementation of the hardware. The same microoperation specifications developed to verify implementation of teh execution units are used to define operational semantics for the microcode verification.
While the techniques used in the described verification effort are not inherently new, to our knowledge, our effort is the first interconnection of hardware and microcode verification in context of an industrial size design. Both our hardware and microcode verifications are done within the same verification framework.