English

Hardware/Software Co-verification Using Path-based Symbolic Execution

Formal Languages and Automata Theory 2020-01-07 v1 Logic in Computer Science

Abstract

Conventional tools for formal hardware/software co-verification use bounded model checking techniques to construct a single monolithic propositional formula. Formulas generated in this way are extremely complex and contain a great deal of irrelevant logic, hence are difficult to solve even by the state-of-the-art Satis ability (SAT) solvers. In a typical hardware/software co-design the firmware only exercises a fraction of the hardware state-space, and we can use this observation to generate simpler and more concise formulas. In this paper, we present a novel verification algorithm for hardware/software co-designs that identify partitions of the firmware and the hardware logic pertaining to the feasible execution paths by means of path-based symbolic simulation with custom path-pruning, property-guided slicing and incremental SAT solving. We have implemented this approach in our tool COVERIF. We have experimentally compared COVERIF with HW-CBMC, a monolithic BMC based co-verification tool, and observed an average speed-up of 5X over HW-CBMC for proving safety properties as well as detecting critical co-design bugs in an open-source Universal Asynchronous Receiver Transmitter design and a large SoC design.

Keywords

Cite

@article{arxiv.2001.01324,
  title  = {Hardware/Software Co-verification Using Path-based Symbolic Execution},
  author = {Rajdeep Mukherjee and Saurabh Joshi and John O'Leary and Daniel Kroening and Tom Melham},
  journal= {arXiv preprint arXiv:2001.01324},
  year   = {2020}
}

Comments

6 pages, 3 tables, 5 figures

R2 v1 2026-06-23T13:03:21.949Z