The Synergy between Logic Synthesis and Equivalence Checking R. Brayton UC Berkeley Thanks to SRC, NSF, California Micro Program and industrial sponsors,

The Synergy between The Synergy between Logic Synthesis and Logic Synthesis and

Equivalence CheckingEquivalence Checking

R. BraytonR. Brayton

UC BerkeleyUC Berkeley

Thanks to SRC, NSF, California Micro Program and industrial sponsors,

Actel, Altera, Calypto, Intel, Magma, Synplicity, Synopsys, Xilinx

OutlineOutline

Emphasize mostly synthesisEmphasize mostly synthesis Look at the operations of classical logic Look at the operations of classical logic

synthesissynthesis Contrast these with newer methods based on Contrast these with newer methods based on

ideas borrowed from verificationideas borrowed from verification Themes will be scalability and verifiabilityThemes will be scalability and verifiability

Look at new approaches to sequential logic Look at new approaches to sequential logic synthesis and verificationsynthesis and verification

Two Kinds of SynergyTwo Kinds of Synergy

1.1. Algorithms and advancements in verification Algorithms and advancements in verification used in synthesis and vice versa.used in synthesis and vice versa.

2.2. Verification enables synthesisVerification enables synthesis• Ability to equivalence check enables use and Ability to equivalence check enables use and

acceptance of sequential operationsacceptance of sequential operations retiming, unreachable states, sequential redundancy retiming, unreachable states, sequential redundancy

removal, etc.removal, etc.

3.3. Synthesis enables verificationSynthesis enables verification• Desire to use sequential synthesis operations spurs Desire to use sequential synthesis operations spurs

verification developmentsverification developments

Examples of The Synergy Examples of The Synergy

Similar solutionsSimilar solutions e.g. retiming in synthesis / retiming in verificatione.g. retiming in synthesis / retiming in verification

Algorithm migrationAlgorithm migration e.g. BDDs, SAT, induction, interpolation, rewritinge.g. BDDs, SAT, induction, interpolation, rewriting

Related complexity Related complexity scalable synthesis <=> scalable verification scalable synthesis <=> scalable verification

(approximately)(approximately) Common data-structures Common data-structures

e.g. combinational and sequential AIGse.g. combinational and sequential AIGs

Quick Overview of Quick Overview of “Classical” Logic Synthesis“Classical” Logic Synthesis

Boolean networkBoolean network Network manipulation (algebraic)Network manipulation (algebraic)

EliminationElimination Decomposition (common kernel extraction)Decomposition (common kernel extraction)

Node minimizationNode minimization EspressoEspresso Don’t caresDon’t cares

Resubstitution (algebraic or Boolean) Resubstitution (algebraic or Boolean)

““Classical” Logic SynthesisClassical” Logic Synthesis

Equivalent AIG in ABCEquivalent AIG in ABC

aa bb cc dd

ff

ee

xxyy

zz

Boolean network in SISBoolean network in SIS

aa bb cc dd

ee

xx yy

ff

zz

ze

xd yd xy

ab cd cd

AIG is a Boolean network of 2-input AND nodes and invertors (dotted lines)

One AIG Node – Many CutsOne AIG Node – Many Cuts

Combinational AIGCombinational AIG

aa bb cc dd

ff

ee

AIG can be used to compute many cuts for each node

Each cut in AIG represents a different SIS node

No a priori fixed boundaries Implies that AIG manipulation

with cuts is equivalent to working on many Boolean networks at the same time

Different cuts for the same nodeDifferent cuts for the same node

Combinational RewritingCombinational Rewriting

iterate iterate 1010 times { times {

for for eacheach AIG node { AIG node {

for for eacheach kk-cut-cut

derive node output as function of cut variablesderive node output as function of cut variables

if ( smaller AIG is in the pre-computed library )if ( smaller AIG is in the pre-computed library )

rewriterewrite using improved AIG structure using improved AIG structure

}}

}}Note: each AIG node has, on average, 5 4-cuts compared Note: each AIG node has, on average, 5 4-cuts compared to a SIS node with only 1 cutto a SIS node with only 1 cut

Rewriting at a node can be very fast – using hash-table Rewriting at a node can be very fast – using hash-table lookups, truth table manipulation, disjoint decompositionlookups, truth table manipulation, disjoint decomposition

Combinational Rewriting IllustratedCombinational Rewriting Illustrated

AIG rewriting looks at one AIG node, AIG rewriting looks at one AIG node, nn, at a time, at a time A set of new nodes replaces the old fanin cone of A set of new nodes replaces the old fanin cone of nn History AIG contains all nodes ever created in the AIG History AIG contains all nodes ever created in the AIG The old root and the new root nodes are grouped into an The old root and the new root nodes are grouped into an

equivalence class equivalence class (more on this later)(more on this later)

nn nn’’

Working AIG

nn nn’’

History AIG

Comparison of Two SynthesesComparison of Two Syntheses

“ “Classical” synthesisClassical” synthesis

Boolean networkBoolean network Network manipulation Network manipulation

(algebraic)(algebraic) EliminationElimination Decomposition (common Decomposition (common

kernel extraction)kernel extraction) Node minimizationNode minimization

EspressoEspresso Don’t cares computed using Don’t cares computed using

BDDsBDDs Resubstitution Resubstitution

““Contemporary” synthesisContemporary” synthesis

AIG networkAIG network DAG-aware AIG rewriting (Boolean)DAG-aware AIG rewriting (Boolean)

Several related algorithmsSeveral related algorithms• RewritingRewriting• RefactoringRefactoring• BalancingBalancing

Node minimizationNode minimization Boolean decompositionBoolean decomposition Don’t cares computed using Don’t cares computed using

simulation and SATsimulation and SAT Resubstitution with don’t caresResubstitution with don’t cares

Node Minimization ComparisonNode Minimization Comparison

aa bb cc dd

ee

xx yy

ff

zz

ze

xd yd xy

ab cd cd

Call ESPRESSO on node function Evaluate the gain for all k-cuts of the node and take the best result

aa bb cc dd

ff

ee

Note: Computing cuts becomes a fundamental computation

Types of Don’t-CaresTypes of Don’t-Cares

SDCs SDCs Input patterns that never appear as an input Input patterns that never appear as an input

of a node due to its transitive fanin of a node due to its transitive fanin ODCsODCs

Input patterns for which the output of a node Input patterns for which the output of a node is not observableis not observable

EXDCsEXDCs Pre-specified or computed external don’t Pre-specified or computed external don’t

cares (e.g. subsets of unreachable states)cares (e.g. subsets of unreachable states)

Illustration of SDCs and ODCs Illustration of SDCs and ODCs (combinational)(combinational)

aa bb cc

yyxx

FF

xx = 0, = 0, yy = 1 = 1

is an is an SDCSDC for node for node FF

Limited Limited satisfiability satisfiability

aa bbFF

a a = 1, = 1, bb = 1 = 1

is an is an ODCODC for for FF

Limited Limited observability observability

Scalability of Don’t-Care ComputationScalability of Don’t-Care Computation

Scalability is achieved by Scalability is achieved by windowingwindowing Window defines local Window defines local contextcontext of a node of a node

Don’t-cares are computed and used inDon’t-cares are computed and used in Post-mapping resynthesisPost-mapping resynthesis

• a a BooleanBoolean network derived from AIG network using network derived from AIG network using technology mappingtechnology mapping

High-effort AIG minimizationHigh-effort AIG minimization• an AIG with some nodes clusteredan AIG with some nodes clustered

Windowing a Node in the NetworkWindowing a Node in the Network

DefinitionDefinition A A windowwindow for a node in the for a node in the

network is the context in which network is the context in which the don’t-cares are computedthe don’t-cares are computed

A window includes A window includes nn levels of the TFI levels of the TFI mm levels of the TFO levels of the TFO all re-convergent paths all re-convergent paths

captured in this scopecaptured in this scope Window with its PIs and POs can Window with its PIs and POs can

be considered as a separate be considered as a separate networknetwork

Window POs

Window PIs

n = 3

m = 3

Boolean network

Don’t-Care Computation FrameworkDon’t-Care Computation Framework

…

““Miter” constructed for the window POsMiter” constructed for the window POs

nn

XX

YY

WindowWindow

nn

XX

YY

Same window Same window with inverterwith inverter

Implementation of Don’t-Care Implementation of Don’t-Care ComputationComputation

Compute the Compute the carecare set set SimulationSimulation

• Simulate the miter using random patternsSimulate the miter using random patterns• Collect PI (X) minterms, for which the output Collect PI (X) minterms, for which the output

of miter is 1of miter is 1• This is a subset of a care setThis is a subset of a care set

SatisfiabilitySatisfiability• Derive set of network clausesDerive set of network clauses• Add the negation of the current care set, Add the negation of the current care set, • Assert the output of miter to be 1, Assert the output of miter to be 1, • Enumerate through the SAT assignmentsEnumerate through the SAT assignments• Add these assignments to the care setAdd these assignments to the care set

Illustrates a typical use of simulation Illustrates a typical use of simulation and SATand SAT

Simulate to filter out possibilitiesSimulate to filter out possibilities Use SAT to check if the remainder is OK Use SAT to check if the remainder is OK

(or if a property holds)(or if a property holds)

X X

Y Yn n

11

ResubstitutionResubstitution Resubstitution considers a Resubstitution considers a nodenode in a Boolean network in a Boolean network

and expresses it using a different set of faninsand expresses it using a different set of fanins

X X

Computation can be enhanced by use of don’t caresComputation can be enhanced by use of don’t cares

Resubstitution with Don’t-Cares - Resubstitution with Don’t-Cares - OverviewOverview

Consider all or some nodes in Boolean networkConsider all or some nodes in Boolean network Create windowCreate window Select possible fanin nodes (divisors)Select possible fanin nodes (divisors) For each candidate For each candidate subsetsubset of divisors of divisors

Rule out some subsets using Rule out some subsets using simulationsimulation Check resubstitution feasibility using Check resubstitution feasibility using SATSAT Compute resubstitution function using Compute resubstitution function using interpolationinterpolation

• A low-cost by-product of completed SAT proofsA low-cost by-product of completed SAT proofs

Update the network if there is an improvementUpdate the network if there is an improvement

Resubstitution with Don’t CaresResubstitution with Don’t Cares Given: Given:

node function node function FF((xx)) to be replaced to be replaced care set care set CC((xx)) for the node for the node candidate set of divisors candidate set of divisors {{ggii((xx)})} for for

re-expressing re-expressing FF((xx))

Find:Find: A resubstitution function A resubstitution function hh((yy)) such such

that that FF((xx) = ) = hh((gg((xx)))) on the care set on the care set

SPFD TheoremSPFD Theorem: : Function Function hh exists exists if and only if every pair of if and only if every pair of carecare minterms, minterms, xx11 and and xx22, distinguished , distinguished by by FF((xx),), is also distinguished by is also distinguished by ggii((xx)) for some for some ii

C(x) F(x) g1 g2 g3

C(x) F(x)

g1 g2 g3

h(g)

= F(x)

Example of ResubstitutionExample of Resubstitution Any minterm pair distinguished by Any minterm pair distinguished by FF((xx)) should also be should also be

distinguished by at least one of the candidates distinguished by at least one of the candidates ggii((xx))

Given:Given:F(x)F(x) = = (x(x11 x x22)()(xx2 2 xx33))

Two candidate sets:Two candidate sets:{g{g11= = xx11’’xx22, , gg22 = = xx11 xx22’’xx33}}, ,

{g{g33= = xx11 xx22, , gg44 = = xx22 xx33}}

Set Set {{gg33, , gg44}} cannot be cannot be

used for resubstitutionused for resubstitutionwhile set while set {g{g11, g, g22}} can. can.

xx F(x)F(x) gg11(x)(x) gg22(x)(x) gg33(x)(x) gg44(x)(x)

000000 00 00 00 00 00

001001 00 00 00 00 00

010010 11 11 00 11 00

011011 11 11 00 11 11

100100 00 00 00 11 00

101101 11 00 11 11 00

110110 00 00 00 11 00

111111 00 00 00 11 11

Checking Resubstitution using SATChecking Resubstitution using SAT

x1

f g1 g2 g3

1 1

1

0 1

f g3 g2 g1 C

x2

B A

C

Note use of care set.Note use of care set.

Resubstitution function exists if and only if SAT problem is unsatisfiable.Resubstitution function exists if and only if SAT problem is unsatisfiable.

F F

Miter for resubstitution checkMiter for resubstitution check

Computing Dependency Function Computing Dependency Function hh by Interpolation (Theory)by Interpolation (Theory)

Consider two sets of clauses, Consider two sets of clauses, AA((x, yx, y)) and and BB((y, zy, z),), such that such that AA((x, yx, y) ) BB((y, zy, z) = 0) = 0 yy are the only variables common to are the only variables common to AA and and BB. .

An An interpolant interpolant of the pair of the pair ((AA((x, yx, y), ), BB((y, zy, z)))) is a is a function function hh((yy)) depending only on the common depending only on the common variables variables yy such that such that AA((x, yx, y) ) hh((yy)) BB((y, zy, z))

AA((x, yx, y)) BB((y, zy, z))

hh((yy))

Boolean space Boolean space (x,y,z)(x,y,z)

Computing Dependency Function Computing Dependency Function hh by Interpolation (Implementation)by Interpolation (Implementation)

Problem: Problem: Find function Find function hh((yy)), such that , such that CC((xx) ) [ [hh((gg((xx)) )) FF((xx)])], i.e. , i.e. FF((xx)) is expressed in is expressed in

terms of terms of {{ggii}}. . Solution:Solution: Prove the corresponding SAT problem “unsatisfiable”Prove the corresponding SAT problem “unsatisfiable” Derive unsatisfiability resolution proof [Goldberg/Novikov, DATE’03]Derive unsatisfiability resolution proof [Goldberg/Novikov, DATE’03] Divide clauses into A clauses and B clausesDivide clauses into A clauses and B clauses Derive interpolant from the unsatisfiability proof [McMillan, CAV’03]Derive interpolant from the unsatisfiability proof [McMillan, CAV’03] Use interpolant as the dependency function, Use interpolant as the dependency function, hh((gg)) Replace Replace FF((xx)) by by hh((gg)) if cost function improved if cost function improved

Notes on this solutionNotes on this solution uses don’t caresuses don’t cares does not use Espressodoes not use Espresso is more scalableis more scalable

x1

f g1 g2 g3

1 1

1

0 1

f g3 g2 g1 C

x2

B A

C

AA BB

yy

AA BBhh

Sequential Synthesis and Sequential Synthesis and Sequential Equivalence Checking (SEC)Sequential Equivalence Checking (SEC)

Sequential SAT sweepingSequential SAT sweeping RetimingRetiming Sequential equivalence checkingSequential equivalence checking

Theme – ensuring verifiability Theme – ensuring verifiability

SAT SweepingSAT Sweeping

?

Applying SAT to the output of a miter

SATSAT • Naïve approachNaïve approach• Build output miter – call SATBuild output miter – call SAT

• works well for many easy problemsworks well for many easy problems

• Better approach - SAT sweepingBetter approach - SAT sweeping • based on incremental SAT solvingbased on incremental SAT solving

• Detects possibly equivalent nodes using Detects possibly equivalent nodes using simulationsimulation

• Candidate constant nodesCandidate constant nodes• Candidate equivalent nodesCandidate equivalent nodes

• Runs Runs SATSAT on the intermediate miters in a on the intermediate miters in a topological ordertopological order

• Refines the candidates using Refines the candidates using counterexamplescounterexamples

Proving internal equivalences in a topological order

A

B

SAT-1SAT-1D CC

SAT-2SAT-2

?

?

PIPIkk

Combinational CECCombinational CEC

Sequential SAT SweepingSequential SAT Sweeping

Similar to combinational in that it detects node Similar to combinational in that it detects node equivalencesequivalences

ButBut the equivalences are the equivalences are sequential sequential – – guaranteed to hold only guaranteed to hold only in the reachable state spacein the reachable state space

Every combinational equivalence is a sequential one, Every combinational equivalence is a sequential one, not vice versanot vice versa run combinational SAT sweeping beforehandrun combinational SAT sweeping beforehand

Sequential equivalence is proved by Sequential equivalence is proved by kk-step induction-step induction Base caseBase case Inductive caseInductive case

Efficient implementation of induction is key!Efficient implementation of induction is key!

Base CaseBase Case

Symbolic stateSymbolic state

Candidate equivalences: {A = B}, {C = D}

A

B

SAT-3D C

SAT-4

A

B

SAT-1D C

SAT-2

??

??

??

??

PI0

PI1

Init stateInit state

Proving internal equivalencesinternal equivalences in initialized frames 1 through k

Proving Proving internal internal equivalencesequivalences in in a topological a topological order in frame order in frame kk+1+1

A

B

SAT-1SAT-1D C

SAT-2SAT-2

A

B

D C

A

B

D C

AssumingAssuming internal internal equivalences to in equivalences to in uninitializeduninitialized frames frames 1 through 1 through kk

00

00

00

00

??

??

PI0

PI1

PIk

Inductive CaseInductive Case

kk-step Induction-step Induction

Efficient ImplementationEfficient ImplementationTwo observations:Two observations:1.1. Both base and inductive cases of Both base and inductive cases of kk-step induction are runs of -step induction are runs of

combinational SAT sweepingcombinational SAT sweeping Tricks and know-how from the above are applicable Tricks and know-how from the above are applicable The same integrated package can be usedThe same integrated package can be used

• starts with simulationstarts with simulation• performs node checking in a topological orderperforms node checking in a topological order• benefits from the counter-example simulationbenefits from the counter-example simulation

2.2. Speculative reductionSpeculative reduction Deals with how assumptions are used in the inductive caseDeals with how assumptions are used in the inductive case

Speculative ReductionSpeculative ReductionGiven:Given:

Sequential circuitSequential circuit The number of frames to unroll (The number of frames to unroll (kk)) Candidate equivalence classes Candidate equivalence classes

• One node in each class is designated as One node in each class is designated as the representativethe representative

Speculative reductionSpeculative reduction moves fanouts to the representatives moves fanouts to the representatives Makes 80% of the constraints redundantMakes 80% of the constraints redundant Dramatically simplifies the timeframes (observed 3x reductions)Dramatically simplifies the timeframes (observed 3x reductions) Leads to saving 100-1000x in runtime during incremental SATLeads to saving 100-1000x in runtime during incremental SAT

AB

Adding assumptions without speculative reduction

0

AB

Adding assumptions with speculative reduction

0

Guaranteed VerifiabilityGuaranteed Verifiabilityfor Sequential SAT Sweepingfor Sequential SAT Sweeping

Theorem:Theorem: The resulting circuit after sequential SAT The resulting circuit after sequential SAT

sweeping using sweeping using kk-step induction can be -step induction can be sequentially verified by sequentially verified by kk-step induction.-step induction.

(use some other (use some other kk-step induction prover)-step induction prover)

D2D2

K-step K-step inductioninductionD1D1

SynthesisSynthesis

D2D2

K-step K-step inductioninduction

D1D1

VerificationVerification

0

Experimental Synthesis ResultsExperimental Synthesis Results Academic benchmarksAcademic benchmarks

25 test cases (25 test cases (ITCITC ’99’99, , ISCASISCAS ’89’89, , IWLSIWLS ’05’05)) Industrial benchmarksIndustrial benchmarks

50 test cases50 test cases

Comparing three experimental runsComparing three experimental runs BaselineBaseline

• comb synthesis and mappingcomb synthesis and mapping Register correspondence (Reg Corr)Register correspondence (Reg Corr)

• structural register sweepstructural register sweep• register correspondence using partitioned inductionregister correspondence using partitioned induction• comb synthesis and mappingcomb synthesis and mapping

Signal correspondence (Sig Corr)Signal correspondence (Sig Corr)• structural register sweepstructural register sweep• register correspondence using partitioned inductionregister correspondence using partitioned induction• signal correspondence using non-partitioned inductionsignal correspondence using non-partitioned induction• comb synthesis and mappingcomb synthesis and mapping

Industrial BenchmarksIndustrial Benchmarks Baseline Reg Corr Ratio Sig Corr Ratio

Registers 1583 1134 0.71 1084 0.68

6-LUTs 7472 6751.5 0.90 6360 0.85

Depth 8.5 8.5 1.00 8.5 1.00

Runtime, sec 40.6 3.3 0.08 74.2 1.82

Experimental Synthesis ResultsExperimental Synthesis ResultsAcademic BenchmarksAcademic Benchmarks

Baseline Reg Corr Ratio Sig Corr Ratio

Registers 809.9 610.9 0.75 544.3 0.67

6-LUTs 2141 1725 0.80 1405 0.65

Delay 6.8 6.33 0.93 5.83 0.86

Runtime, sec 16.7 7.2 0.43 29.8 1.78

Single clock domain

Numbers are geometric averages and their ratios

Sequential Synthesis and Sequential Synthesis and Equivalence CheckingEquivalence Checking

Sequential SAT sweepingSequential SAT sweeping RetimingRetiming Sequential equivalence checkingSequential equivalence checking

Retiming and ResynthesisRetiming and Resynthesis

Sequential equivalence checking after Sequential equivalence checking after 1) combinational synthesis, followed by1) combinational synthesis, followed by

2) retiming, followed by2) retiming, followed by

3) combinational synthesis3) combinational synthesis

……

is PSPACE-complete is PSPACE-complete

How to make it simpler?How to make it simpler?

How to Make It Simpler?How to Make It Simpler?

Like Hansel and Gretel – leave a trail of Like Hansel and Gretel – leave a trail of bread crumbsbread crumbs

Recording Synthesis HistoryRecording Synthesis History

Two AIG managers are usedTwo AIG managers are used Working AIG (WAIG) Working AIG (WAIG) History AIG (HAIG)History AIG (HAIG)

• Combinational structural hashing is Combinational structural hashing is used in both managersused in both managers

Two node-mappings are supportedTwo node-mappings are supported Every node in WAIG points to a node Every node in WAIG points to a node

in HAIGin HAIG Some nodes in HAIG point to other Some nodes in HAIG point to other

nodes in HAIG that are sequentially nodes in HAIG that are sequentially equivalentequivalent

WAIG

HAIG

Recording History for RetimingRecording History for Retiming

backward retiming is similarbackward retiming is similar

Step 1

Create retimed node

Step 2

Transfer fanout in WAIG and note equivalence in HAIG

Step 3

Recursively remove old logic

and continue building new logic

WAIG HAIG

Sequential RewritingSequential Rewriting

Sequential Sequential cut: cut: {a,b,b{a,b,b11,c,c11,c},c}

rewriterewrite

Rewriting step.

SequentiallSequentiallyyequivalentequivalent

History AIG after rewriting step.History AIG after rewriting step.

The History AIG The History AIG accumulates sequential accumulates sequential

equivalence classesequivalence classes..

new new nodesnodes

History AIG

Recording History with Windowing Recording History with Windowing and ODCsand ODCs

In window-based synthesis using ODCs, In window-based synthesis using ODCs, sequential behavior at window PIs and POs is preservedsequential behavior at window PIs and POs is preserved

HAIG

Multi-input, multi-output window

In HAIG, equivalence classes of window outputs can In HAIG, equivalence classes of window outputs can be used independently of each otherbe used independently of each other

not necessarily not necessarily sequentially equivalentsequentially equivalent

AIG Procedures Used for AIG Procedures Used for Recording HistoryRecording History

WAIGWAIG createAigManager createAigManager deleteAigManagerdeleteAigManager createNode createNode

replaceNodereplaceNode deleteNode_recurdeleteNode_recur

HAIGHAIG createAigManager createAigManager deleteAigManagerdeleteAigManager createNode, createNode,

setWaigToHaigMappingsetWaigToHaigMapping setEquivalentHaigMappingsetEquivalentHaigMapping do nothingdo nothing

Using HAIG for Tech-MappingUsing HAIG for Tech-Mapping

HAIG contains all AIG structures HAIG contains all AIG structures Original and derivedOriginal and derived

The accumulated structures can be used to improve The accumulated structures can be used to improve the quality of technology mapping the quality of technology mapping

By reducing structural bias (Chatterjee et al, ICCAD’05)By reducing structural bias (Chatterjee et al, ICCAD’05) By performing integrated mapping and retiming By performing integrated mapping and retiming

(Mishchenko et al, ICCAD’07)(Mishchenko et al, ICCAD’07)

HAIG-based mapping is scalable and leads to delay HAIG-based mapping is scalable and leads to delay improvements (~20-30%) with small area degradationimprovements (~20-30%) with small area degradation

Using HAIG for Equivalence Using HAIG for Equivalence CheckingChecking

Sequential depthSequential depth of a window-based of a window-based sequential synthesis transform is the sequential synthesis transform is the largest number of registers on any largest number of registers on any path from an input to an output of the path from an input to an output of the windowwindow

Theorem 1:Theorem 1: If transforms recorded in If transforms recorded in HAIG have sequential depth 0 or 1, HAIG have sequential depth 0 or 1, the equivalence classes of HAIG the equivalence classes of HAIG nodes can be proved by simple nodes can be proved by simple induction (induction (kk=1) over two time-frames=1) over two time-frames

Theorem 2:Theorem 2: If the inductive proof of If the inductive proof of HAIG passes without counter-HAIG passes without counter-examples, thenexamples, then the original and final designs are the original and final designs are

sequentially equivalentsequentially equivalent

A A’ B B’

A A’ B B’

11

0 0

unsat unsat

#1

#2

Sequential depth = 1

Experimental SEC ResultsExperimental SEC Results

Notes:Notes:1.1. Comparison is done before and after register/signal correspondenceComparison is done before and after register/signal correspondence2.2. RegCorr, SigCorr and Mapping are synthesis runtimes RegCorr, SigCorr and Mapping are synthesis runtimes 3.3. SEC is comparison done in usual way without HAIGSEC is comparison done in usual way without HAIG4.4. ““HAIG” is the runtime of HAIG-based SECHAIG” is the runtime of HAIG-based SEC

• Includes the runtime of speculative reduction and inductive provingIncludes the runtime of speculative reduction and inductive proving• Does not include the runtime of collecting HAIG (~1% of synthesis time)Does not include the runtime of collecting HAIG (~1% of synthesis time)

Example Statistics Runtime Distribution (seconds) Example PI PO Lat RegCorr SigCorr SEC Mapping HAIG

b15 36 70 449 0.34 6.26 11.79 12.24 0.13 b17 37 97 1415 0.67 11.32 19.23 12.46 0.16 s13207 31 121 669 0.06 0.22 0.31 0.46 0.05 s35932 35 320 1728 0.57 1.83 5.43 5.47 0.07 s38417 28 106 1636 1.05 2.65 8.59 6.09 0.12 s38584 12 278 1452 0.70 1.12 4.11 3.36 0.05 systemcaes 260 129 670 0.07 1.42 2.81 11.17 0.10 tv80 14 32 359 0.22 0.94 1.28 0.46 0.05 usb_funct 128 121 1746 1.95 12.65 29.64 11.36 0.08 wb_conmax 1130 1416 770 0.64 17.08 2.03 45.03 0.05 wb_dma 217 215 563 0.11 0.49 1.29 2.54 0.15 aes_core 259 129 530 0.14 1.25 1.65 27.51 0.12 ethernet 98 115 10544 4.93 3.68 19.66 4.15 0.08 GeoMean Ratios 11.13 60.49 90.87 141.45 1.00

Summary and ConclusionsSummary and Conclusions

Development of algorithms from either synthesis Development of algorithms from either synthesis or verification are effective in the otheror verification are effective in the other

Leads to new improved ways toLeads to new improved ways to synthesizesynthesize equivalence checkequivalence check

Sequential synthesis can be effective but must Sequential synthesis can be effective but must be able to equivalence checkbe able to equivalence check Limit scope of sequential synthesisLimit scope of sequential synthesis Leave a trail of bread crumbsLeave a trail of bread crumbs

endend