180 likes | 401 Views
David Harty MSE 595 2004. Model Based Verification: MP3 Player Model. Introduction. The Project Xilinx MP3 Reference Design The Goal Model subfunctionality of MP3 player components The Tools Statemate – state machine creation and modeling SMV - SMV testing. Statement of Scope.
E N D
David Harty MSE 595 2004 Model Based Verification:MP3 Player Model
Introduction • The Project • Xilinx MP3 Reference Design • The Goal • Model subfunctionality of MP3 player components • The Tools • Statemate – state machine creation and modeling • SMV - SMV testing
SMV • Challenges • Learning SMV • Understanding CTL (limited) • Converting Hierarchical State Charts to SMV • Not orthogonal like lectures • Solutions • Hack and test, hack and test. • Basic spec statements • SPEC EF(state=idle) • Hierarchical modules, with variable “drilling” • module main; state := port_cntrl.cntrl_state; • module port_cntrl; cntrl_state:=port_dnld.dnld_state;
SMVMODULE port_dnld MODULE port_dnld (nstrobe, next_data) VAR -- outputs nack : {0, 1}; trs_rdy : {0, 1}; -- states dnld_state : {mp3_rdy, data_rdy, data_ack}; ASSIGN -- assign states init(dnld_state) := mp3_rdy; next(dnld_state) := case dnld_state = mp3_rdy & (nstrobe = 1): mp3_rdy; dnld_state = mp3_rdy & (nstrobe = 0): data_rdy; dnld_state = data_rdy & (next_data = 0): data_rdy; dnld_state = data_rdy & (next_data = 1): data_ack; dnld_state = data_ack & (nstrobe = 0): data_ack; dnld_state = data_ack & (nstrobe = 1): data_ack; 1 : dnld_state; esac;
SMVMODULE port_cntrl MODULE port_cntrl (downld, dnld_rdy, nstrobe, next_data) VAR -- states cntrl_state : {idle, port_rdy, mp3_rdy, data_rdy, data_ack, test}; -- modules port_dnld : port_dnld (nstrobe, next_data); ASSIGN -- set the state init(cntrl_state ) := idle; next(cntrl_state ) := case cntrl_state = idle & downld : port_rdy; cntrl_state = port_rdy & !downld : idle; cntrl_state = port_rdy & dnld_rdy & downld : port_dnld.dnld_state; cntrl_state = port_dnld.dnld_state & !dnld_rdy & downld : port_rdy; cntrl_state = port_dnld.dnld_state & !downld : idle; 1 : cntrl_state ; esac;
SMVMODULE main:VAR VAR -- inputs to port_ctrl -- nstrobe uses inverse logic (i.e. 0 is on) nstrobe : {1,0}; downld : {0,1}; dnld_rdy : {0,1}; next_data : {0,1}; -- states state : {idle, port_rdy, mp3_rdy, data_rdy, data_ack, test}; -- modules port_cntrl : port_cntrl (downld, dnld_rdy, nstrobe, next_data);
SMVmain:ASSIGN, SPEC ASSIGN -- get the output values next(dnld_mode) := port_cntrl.dnld_mode; next(dld_rdy) := port_cntrl.dld_rdy; next(nack) := port_cntrl.nack; -- get the port_cntrl state values state := port_cntrl.cntrl_state; -- assign input variables to cause a SPEC false results -- downld := 0; -- states will not leave idle -- dnld_rdy := 0; -- states will not leave port_rdy -- nstrobe := 1; -- states will not leave mp3_rdy -- next_data := 0; -- states will not leave data_rdy, data_ack is never hit
SMVmain: SPEC -- test all states SPEC EF(state=idle) SPEC EF(state=port_rdy) SPEC EF(state=mp3_rdy) SPEC EF(state= data_rdy) SPEC EF(state= data_ack) -- test some outputs SPEC EF(dnld_mode = 0) SPEC EF(dnld_mode = 1) SPEC EF(dld_rdy = 0) SPEC EF(dld_rdy = 1) SPEC EF(nack = 0) SPEC EF(nack = 1)
Summary (1) • Statemate • Issues • How to use orthogonality? Always applicable? • How to more data on graphical editor. • Leasons learned • Define data early • Define top level structures first • Save often
Summary (2) • SMV • Issues • SMV doesn't run sample code included with distribution. • Correct use of hierarchies? • Learn CTL • Need for a verification of verifier. • Lessons learned • SMV syntax isn't checked if it doesn't run • i.e. If it is never reached or a SPEC doesn't check it. • Designed for breadth first verification, not depth.