Curated Databases Peter Buneman School of Informatics University of Edinburgh.
Formal Methods for System Integration Michael Fourman Informatics The University of Edinburgh.
24
Formal Methods for System Integration Michael Fourman Informatics The University of Edinburgh
-
date post
20-Dec-2015 -
Category
Documents
-
view
218 -
download
0
Transcript of Formal Methods for System Integration Michael Fourman Informatics The University of Edinburgh.
Formal Methods for
System IntegrationMichael Fourman
InformaticsThe University of Edinburgh
Outline
System Integration Behaviour and abstraction Case study
– specification– design– implementation
Summary
System Integration
Specification Abstract Design Concrete Implementation
RFP
speech
ROM
DSPFPGA
custom
Synchronous Behaviour
Signal– sequence of values
– m( t )
Behaviour– relation imposed between
signals at ports
– D(c, p, q)
D
q
c
p
forall t. if c t then q t = F( p t ) else q t = G( p t )
Specification and Design
Specification– relation required between signals at ports
Design– Relating behaviour to specification
Implementation (x) Specification (x)
Abstraction
Relating levels of description – i : concreteSignals -> abstractSignal
The design taskImplementation (x) Specification (i x)
Data Abstraction
Egintegers binary representation
state state encoding
Simple case– f : concreteData -> abstractData– (interpretation x) t = f (x t)– Implementation (x) Specification (f o x)
Temporal Abstraction
Eg– micro-instructions– slowdown
Sampling as a Temporal Abstraction– s : abstractTime -> concreteTime
– (interpretation x) t = x (s t)– Implementation (x) Specification (x o s)
Synchronous Behaviour
Sampling– p when sD
s
d q
c
p
D(c when s, p when s, q when d) /\ ...
Stopclock
User-level Specification– 10 Hz clock– Display– Start/Stop button– Reset button
Stopclock
Implementation– 1MHz clock– Seven segment display
• digits need not all change on same cycle
– Buttons assumed synchronised at 1MHz • but may be pressed at any point in the 1Hz period.
Specifying the Stopclock
Stopclock(reset, stst,display) =
exists run.forall t.
display 0 = {tens = 0, secs = 0, tenths = 0}
/\ display (t+1) =
if (reset t) then {tens = 0, secs = 0, tenths = 0}
else if (run t) then (nextTime (display t))
else (display t)
...
Specifying the Stopclock
… /\ run 0 = false /\ run (t+1) = if (reset t) then false else if (stst t) then (not (run t)) else (run t)
Top-level partitioning
data and control
reset
stst runControl Data
Control Specification
Control(reset, stst, run) =
forall t.
run 0 = false
/\ run (t+1) =
if (reset t) then false
else if (stst t) then (not (run t))
else (run t)
Data Specification
Data ( reset, run, display ) =
forall t.
display 0 = {tens = 0, secs = 0, tenths = 0}
/\ display (t+1) =
if (reset t) then {tens = 0, secs = 0, tenths = 0}
else if (run t) then (nextTime (display t))
else (display t)
Abstract Hardware
6 10 10
reset
stst
run
Refinement of Control Logic to RT level abstract signals implemented by
sampling concrete signals
ideastst = STST when (rise tick)
reset = RESET when (rise tick)
run = RUN when (rise tick)
tick
latch
RESET
STST
RUN
rise tick
Abstraction for the reset button
Definitionreset n = exists t.
Timeof (rise tick) n <= t
/\ t < Timeof (rise tick) (n+1)
/\ resetButton t
Implementation
TheoremresetGlue (resetButton, rise tick, RESET) =>
reset n = (RESET when (rise tick)) (n+1)
Abstraction for the reset button
rise tick
resetButton
RESET
Implementation
TheoremststGlue (rise ststButton, rise tick, STST) =>
stst n = (STST when (rise tick)) (n+1)
Abstraction for start-stop button
rise ststButton
rise tick STST
RTL control logic
TheoremControlImp ( tick, ststButton, resetButton, RESET, RUN ) =>
forall n. reset n = (RESET when (rise tick)) (n+1)
/\ stst n = (STST when (rise tick)) (n+1)
latch
resetButton
tick
ststButton
RESET RUN
latch
resetButton
tick
ststButton
RESET RUN
6 10 10Final Design
Summary
Specification– declarative, high-level
Design– creative and abstract
Implementation– automated (in future)
