Memory Interface Analysis Using the Real-Time Model Checker UPPAAL Egle Sasnauskaite Marius...
-
Upload
kameron-warton -
Category
Documents
-
view
224 -
download
0
Transcript of Memory Interface Analysis Using the Real-Time Model Checker UPPAAL Egle Sasnauskaite Marius...
Memory Interface Analysis Using the Real-Time Model Checker UPPAAL
Egle Sasnauskaite Marius Mikucionis
Supervisor: Gerd Behrmann
Co-cupervisor: Thomas Hune
Aalborg University
Computer science departement
Software systems Engineering
31 May, 2002
Motivation Radar principles:
1. Frequency diversity
2. Sweep integration
MI system: (adders, FIFO buffers,register, an arbiter, SDRAM):
Synchronize.
Storing data in the memory module Combine
Sliding window sum calculation
Sum d,i=e d,i +sum d-1,i - e d-m,i
21
1 2´´
1´´
2 e0,3 e1,3e2,3
e3,3
e0,4 e1,4
e2,4
e4,4
e1,2e0,2
e2,2
e3,2
e4,2e3,4
e3,4
2`
1`
The Main Goals
To analyse and to model the MI between input, output and the memory.
To verify the model within a reasonable amount of time and memory space.
To optimise the model in terms of buffer sizes and an arbiter algorithm.
To summarise the modelling methods for similar systems.
Modelling
Modelling tool – UPPAAL (a modelling toolbox of symbolic simulation and verification)
The model of the MI is a combination of timed automata with UPPAAL extensions
Verification
Model based techniques – Simulation and automated model checking
Verification method –
Partial order reduction
Optimisation technique for full verification –
Heuristical periodical approximation
Partial-order Reduction Method Purpose – to avoid combinatorial explosion of states due to the
modelling concurrency by interleaving.
Implementation – by introducing additional components.
Gain:
Event serialization order and determinism Problem:
State space is still too big to verify the model Disadvantage:
Only particular ordering is examined
Heuristic Periodic Approximation
Purpose – to predict how many states should be explored to fully verify the model
Implementation: find smaller subsystems in the compound system, define periods of subsystems in a bigger system, calculate the system period, which is expected to be
the least common multiple of the subsystem periods.
Definitions in Heuristical Periodical Approximation
ai – delay-transitionai´ – action-transition
A state of an automaton changes if changes:
•Valuation of clocks
•Valuation of data variables
•Location of the automaton.
S=(l, v)
Si
ai Si+1A Path
l0,v0
a0 a`0l0,v0´ l1,v1
a1l1,v1´
a1`li,vi
aili,vi´
ai´…A compressed path
ak+1 a`k+1
a`k+n-1
l0,v0a0
a`0l0,v0´ lk,vkak lk,vk´
ak` lk+1,vk+1lk+1,vk+1´… lk+n-1,vk+n-1
lk+n-1,v´k+n-1ak+n-1…
A state cycle
A period of a state cycle:
Memory Interface Architecture
Bus1 Bus2 Arbiter
10-100MHz 100MHz 2x100MHz
TimerStarter2x100MHz
Adder2
Adder1
Buff1 Reg1
Buff6 Reg6
Buff8
Buff7
Buff5
Buff4
Buff2
Buff0
Reg8
Reg7
Reg5
Reg4
Reg2
Reg0
Buff3 Reg3
Memory
Serialization Example
starter:=Starter();
timer:=Timer(21, 5, 3);
bus1:=Bus(1, 0, wireCount0, 1, bus0Wire, begSig, endSig);
buf0:=inBuffer(2, 0, 1024, 0, 0, 0, 1, bus0Wire, bus1Wire,
begSig, endSig, 8, begBuff, endBuff, 32);
buf1:=inBuffer(3, 1, 1024, 0, 1, 1, 3, bus0Wire, bus1Wire,
begSig, endSig, 8, begBuff, endBuff, 32);
buf2:=outBuffer(4, 2, 512, 512, 2, 5, 2, bus1Wire, bus0Wire,
begBuff, endBuff, 32, begSig, endSig, 8);
...
buf8:=inBuffer(10, 8, 2048, 0, 8, 8, 17, bus0Wire, bus1Wire,
begSig, endSig, 16, begBuff, endBuff, 32);
bus2:=Bus(11, 1, wireCount1, 1, bus1Wire, begBuff, endBuff);
reg0:=Register(12, 0, 0, 0, 0, bus1Wire, begBuff, endBuff, begMem, endMem);
reg1:=Register(13, 1, 2, 1, 0, bus1Wire, begBuff, endBuff, begMem, endMem);
...
reg8:=Register(20, 8, 16, 8, 0, bus1Wire, begBuff, endBuff, begMem, endMem);
arbiter:=Arbiter(0, 2, begMem, endMem);
Periods in the ModelArbiter
int counter;const unsafe 15625/5;const refreshCycle 100/5;const maxSafe unsafe-6;const maxUnsafe unsafe+refreshCycle;
Small vs. Complete MI (without refresh)
Adder2
Adder1
Buff1 Reg1
Buff6 Reg6
Buff8
Buff7
Buff5
Buff4
Buff2
Buff0
Reg8
Reg7
Reg5
Reg4
Reg2
Reg0
Buff3 Reg3
Memory
Buff1 Reg1
Buff0 Reg0
Memory
Period length: 640ns=27·5nsCycle start: 80nsCycle end: 720ns
Period length: 5760ns=27 ·32 ·5nsCycle start: 520nsCycle end: 6280ns
Small MI with Memory Refresh
Verification space is proportional to LCM(PMI, PR)
Complete MI with Memory Refresh
The verification space can hardly be characterized by LCM(PMI, PR)
4E+6
Arbiter Algorithm Synthesis (future)Round-robin Non-deterministic Heuristic (fullest buffer)Optimal
No halting problem for particular buffer sizes:
If algorithm exists it contains a finite cycle, since the number of states is finite
If algorithm does not exist buffer over/under-flow in all verification branches
Conclusions
The biggest challenge - state explosion problem. Proposed a UPPAAL model of MI which is small enough to
verify with an approximate memory refresh timing. The model is flexible for various configurations. We used eight times smaller buffer sizes. We introduced ideas for optimisations in the future.
Questions?