ATM Switch Design: Parametric High-Level Modeling and Formal Verification

摘要

Asynchronous Transfer Mode (ATM) has emerged as a backbone for high-speed broadband communications networks. In this paper we present ATM swith design, starting from a parametric high-level model and debugging the model using a combination of formal verification and simulation. The parametric model is written in a language that suspports concurrency and that can be used for both hardware and software design. The model has been used to synthesize ATM switches according to customers' choices, by choosing concrete values for each of the generic parameters. The difficulty in validating ATM switch design arises not only due to parametrization, but also due to delicate control module design arising form concurrent processes communicating through shared signals. ATM switch validation resulting from the exclusive use of either simulation or one of the formal verification methods such as theorem proving or finite-state model checking would be tedious and inefficient. We provide a pragmatic combination of simulation, model checking, and theorem proving to gain confidence in the ATM switch design correct-theorem proving to gain confidence in the ATM switch design correctness. We use a combination of theorem proving and model checking to discover bugs in the high-level model, which was presumed correct using simulation. Parametric design validation obviates the need to validate specific ATM switch designs derived from the parametric model. Our design methodology, in which begins with a reusable parametric model, to which formal verification is applied early in the design cycle, has a significant impact on drastically reducing design cost and time-to-market.