230 likes | 339 Views
Fangfang Yuan, Stephen Wright , Kerstin Eder, David May . Managing Complexity through Abstraction:. A refinement-based approach to formalize Instruction Set Architectures. Department of COMPUTER SCIENCE. Instruction Set Architecture. Instructions Basic data types
E N D
Fangfang Yuan, Stephen Wright, Kerstin Eder, David May Managing Complexity through Abstraction: A refinement-based approach to formalize Instruction Set Architectures Department of COMPUTER SCIENCE
Instruction Set Architecture • Instructions • Basic data types • Register file definition • Memory space(s) definition • Exception handing
Motivation • Assembler programming • Spec for design verification • ISA evolution • Tools development
Motivation Component Manufacturer Specification Specification, Tools, Software Tools, Software 3rd Party Product Manufacturer
Formal Analysis of ISAs • Examples: • 6800 (Z) • 68020 (Nqthm) • VIPER (LCF-LSM/HOL) • DLX (PVS) • JVM (HOL,ACL2) • ARM6 (HOL) • 6500 Lines HOL4 script • …etc, etc • Objectives: • Specification checking • Micro-architecture verification • Binary executable checking
Can we do better? Need to introduce more structure: J. P. Bowen. Formal specification and documentation of microprocessor instruction sets. Microprocess. Microprogram.,21(1-5):223–230, 1987. • Define a set of “easily assimilated concepts” • each “readily understandable” to • layer such a formal specification with the • aim to facilitate its construction, • to ease readability and comprehension, and • to enable re-use.
Event-B • Set-based • Events are guarded atomic actions • Step-wise formal refinement • Property-preserving • Maintain consistency • Hierarchy of abstraction levels • Mature tool support: Rodin platform
A Fresh Approach to Formally Constructing ISAs Objective: • Complete formal derivation of an ISA • From first principles • Down to code generation Method: • Rigorous use of Abstraction/Refinement • Stepwise refinement in Event-B based on Common ISA properties • Hierarchy of abstraction levels • Top-down “narrative” of overall functionality • Individual instructions at leaves • Systematic use of Formal Proof
Atomic Actions vs IF/ELSE Event1a refines Evt1 Event1b refines Evt1 Event2 refines Evt2 Event3a refines Evt3 Event3b refines Evt3 If Guard1 Then Action1 Action1 ElseIfGuard2 Then Action2 ElseIfGuard3 Then Action3 Else Guard4 Then Action4 ? ?? ???
ISA Formalization Portfolio • MIDAS – 33 instructions
Model Structure - Reuse StateMch ControlFlowMch RegMch MemMch XMch1 … … … Reusable Formal Modelling Framework(Template) Generic Processor Specific
ISA Formalization Portfolio • MIDAS – 33 instructions • CRISP – 50 instructions • XCore – 209 instructions
Benefits of Modelling Framework • Step-wise refinement – abstraction levels • Provides structure • Remains comprehensible • Property-preserving refinement • Maintains consistency within model • Early definition of properties • Source for code/document generation • Animation/Simulation • Traceability of requirements
Summary Method and Framework for formal ISA Modelling and Analysis Framework is generic (template) Method is transferable Proof of concept: MIDAS, CRISP 1st industrial application completed: XCore ISA Available from http://deploy-eprints.ecs.soton.ac.uk/346/
Demo !
Tool Flow Rodin XCore B2C Support .c/h XCoreB .c Testsuite .c MS Dev Studio XCore Gcc XCoreB.exe Test .out
Server XCore VM Loader Console Testsuite Execution Socket Executable Text Output
Thank you Questions? Department of COMPUTER SCIENCE