Abstract
Refinement of a directory based cache coherence protocol specification, to a pipelined hardware implementation is described. The hardware that is analyzed is the most complex part of a 1M-gate ASIC. The design consists of 30,000 lines of synthesizable register transfer-level verilog code, amounting to approximately 200,000 gates. The design contains a pipeline that is 5 levels deep and approximately 150 bits wide. It has a 16 entry, 150 bit wide, context addressable memory (CAM), and includes a 256 × 72 bit RAM. Refinement maps relate the behavior of the high-level protocol model to the hardware implementation. The Cadence Berkeley Labs SMV model checker was used to create the maps and to prove their correctness. There are approximately 1500 proof obligations. The formal model has been used for three tasks. First, to formally diagnose, and then fix broken features in a legacy version of the design. Second, to integrate the legacy sub-system design with a new system design. Finally, it has been used to formally design additional sub-system features required for the new system design. The same hardware designer enhanced the design, created the refinement maps, and formally proved the correctness of the refinements.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Á Th. Eiriksson and K.L. McMillan, "Using formal verification/analysis methods on the critical path in system design," in P. Wolper (Ed.), '95, Lecture Notes in Computer Science, Vol. 939, Springer Verlag, 1995, pp. 367–380.
ÁTh. Eiríksson, "Integrating formal verification methods with a conventional project design flow," in 33rd Design Automation Conference, Las Vegas NV, 1996, pp. 666–671.
ÁTh. Eiríksson, J. Keen, A. Silbey, S. Venkataramam, and M. Woodacre, "Origin system design methodology and experience: 1M-gate ASICs and beyond," in Proceedings of the Compcon Conference, San Jose, 1997, pp. 157–164.
J. Laudon and D. Lenoski, "System overview of the origin 200/2000 product line," in Proceedings of the Compcon Conference, San Jose, 1997, pp. 150–156.
J. Laudon and D. Lenoski, "The SGI origin: a ccNUMA highly scalable server," in Proceedings from the International Symposium on Computer Architecture (ISCA), Denver, Colorado, 1997, pp. 241–251.
Silicon Graphics Incorporated, 2011 N. Shoreline Blvd., Mountain View, CA, "Origin Technology," http://www.sgi.com/origin/technology.html
C.H. Seger and R.E. Bryant, "Formal verification by symbolic evaluation of partially-ordered trajectories," Formal Methods in System Design, Vol. 6, Kluwer Academic Press, New York, 1995, pp. 147–189.
K.L. McMillan, "A compositional rule for hardware design refinement," in Orna Grumberg (Ed.), Computer-Aided Verification Conference: 9th International Conference, CAV'97, Haifa, Israel, June 1997, Lecture Notes in Computer Science, Vol. 1254, pp. 24–35.
K.L. McMillan, "Verification of an implementation of Tomasulo's algorithm by compositional model checking," in Alan J. Hu and Moshe Y. Vardi (Eds.), '98, Vancouver, Canada, July 1998, Lecture Notes in Computer Science, Vol. 1427, pp. 110–121.
ÁIP. Eiríksson, "The Formal Design of 1M-gate ASICs," in Ganesh Gopalakrishnan and Phillip Windley (Eds.), '98, Palo Alto, CA, USA, November 1998, Lecture Notes in Computer Science, Vol. 1522.
Author information
Authors and Affiliations
Rights and permissions
About this article
Cite this article
Eiríksson, Á.þ. The Formal Design of 1M-gate ASICs. Formal Methods in System Design 16, 7–22 (2000). https://doi.org/10.1023/A:1008773308108
Issue Date:
DOI: https://doi.org/10.1023/A:1008773308108