Fangfang Yuan, Stephen Wright, Kerstin Eder, David May Department of COMPUTER SCIENCE Managing...
-
date post
19-Dec-2015 -
Category
Documents
-
view
214 -
download
0
Transcript of Fangfang Yuan, Stephen Wright, Kerstin Eder, David May Department of COMPUTER SCIENCE Managing...
Fangfang Yuan, Stephen Wright, Kerstin Eder, David May
Department of COMPUTER SCIENCE
Managing Complexity through Abstraction:
A refinement-based approach to formalize
Instruction Set Architectures
Instruction Set Architecture
• Instructions• Basic data types
• Register file definition• Memory space(s) definition
• Exception handing
Motivation
• Assembler programming
• Spec for design verification
• ISA evolution
• Tools development
Motivation
Specification,
Tools,
Software
Specification
Tools,
Software
Component
Manufacturer
Product
Manufacturer
3rd Party
Formal Analysis of ISAs
Examples:• 6800 (Z)• 68020 (Nqthm)• VIPER (LCF-LSM/HOL)• DLX (PVS)• JVM (HOL,ACL2)• ARM6 (HOL)
– 6500 Lines HOL4 script
…etc, etc
Objectives:• Specification checking• Micro-architecture
verification • Binary executable
checking
Can we do better?
Need to introduce more structure:J. P. Bowen. Formal specification and documentation of
microprocessor instruction sets. Microprocess. Microprogram.,21(1-5):223–230, 1987.
– Define a set of “easily assimilated concepts” – each “readily understandable” to – layer such a formal specification with the – aim to facilitate its construction, – to ease readability and comprehension, and – to enable re-use.
Event-B
• Set-based• Events are guarded atomic actions
• Step-wise formal refinement–Property-preserving– Maintain consistency
• Hierarchy of abstraction levels• Mature tool support: Rodin platform
A Fresh Approach to Formally Constructing ISAs
Objective:– Complete formal derivation of an ISA
• From first principles• Down to code generation
Method:– Rigorous use of Abstraction/Refinement
• Stepwise refinement in Event-B based on Common ISA properties
– Hierarchy of abstraction levels• Top-down “narrative” of overall functionality• Individual instructions at leaves
– Systematic use of Formal Proof
Atomic Actions vs IF/ELSE
Event1a refines Evt1
Event1b refines Evt1
Event2 refines Evt2
Event3a refines Evt3
Event3b refines Evt3
If Guard1 Then Action1
Action1
ElseIf Guard2 Then Action2
ElseIf Guard3 Then Action3
Else Guard4 Then Action4
???
?
??
Model Structure - Reuse
Generic
Processor
Specific
StateMch
RegMch
MemMch
ControlFlowMch
XMch1
…
…
…
Reusable Formal
Modelling Framework(Template)
ISA Formalization Portfolio
• MIDAS – 33 instructions
• CRISP – 50 instructions
• XCore – 209 instructions
Benefits of Modelling Framework
• Step-wise refinement – abstraction levels– Provides structure– Remains comprehensible
• Property-preserving refinement– Maintains consistency within model– Early definition of properties
• Source for code/document generation– Animation/Simulation
• Traceability of requirements
Summary
• Method and Framework for formal ISA Modelling and Analysis– Framework is generic (template) – Method is transferable
• Proof of concept: – MIDAS, CRISP
• 1st industrial application completed: – XCore ISA– Available from http://deploy-eprints.ecs.soton.ac.uk/346/
Tool Flow
Rodin
Testsuite .c
XCore
B2C
XCoreB .cSupport .c/h
MSDev
Studio
XCoreB.exe
XCoreGcc
Test .out