From mjcg%cam.sri.com Fri, 2 Jun 89
Date: Fri, 2 Jun 89 11:25 BST
From: mjcg%cam.sri.com%Warbucks.AI.SRI.COM (Mike Gordon)
To: info-hol@clover.ucdavis.edu
Subject:  A formal verification benchmark
Status: RO

-------------- forwarded message ---------------
> From: Lars Philipson Dt/LTH <lars@se.sunet.pan>
> Subject: A formal verification benchmark

Dear Dr Gordon,

I have been working in the field of VLSI design tools and
silicon compilation since 1980 and within my department
some 200 chips have been designed during that time. Some
of them have been designed using the Genesil silicon
compilation system and have a size in the range 50K-250K
transistors.

>From time to time I have been exposed to ideas about formal
verification, but have not been impressed by the results I
have seen. Inspired by recent claims on what the current
theories in the field potentially can achieve and pressed
by the urgent need for better verification methods I have
decided to find out if there is now something that we can
make practical use of.

For that purpose I have put together a small test case, you
can call it a benchmark test if you like. It consists of a
single finite-state machine expressed in two different ways,
as a schematics of gates and flip-flops and as a transistor
netlist. It is rather small, the transistor netlist contains
only some 50 devices. The challenge is to prove that these
two versions are functionally quivalent, i.e. that for all
possible sequences of inputs the first one always produce
the same output sequence as the second.

This may seem easy, but there are two circumstances that makes
it a little harder. The first one is that I have designed
the example so that the two descriptions are fundamentally
non-isomorphic. This means that there are no structural clues
whatsoever, yet the systems are indeed functionally equivalent.
The other circumstance is that I require that the computations
involved in the proof must be much less that what is required
for an exhaustive search of all possible input sequences
(in this case 2**32 such sequences).

If you are interested in looking at this example, please
send me your address for regular mail and I will send it
promptly. Please also give me names and addresses of other
people that you think may be interested in looking at this.

Sincerely,
Lars Philipson
Professor of Computer Engineering
Lund University
P.O. Box 118
S-221 00 LUND, Sweden
Phone: +46-46-107518    Internet: lars@dit.lth.se


