2002 IEEE International Symposium on Circuits and Systems. Proceedings (Cat. No.02CH37353), 2002
ABSTRACT To validate an embedded network device it is important to insert it in a model of a real... more ABSTRACT To validate an embedded network device it is important to insert it in a model of a real system and test its interaction with the surrounding blocks and used protocols. The proposed methodology joins two simulation environments, both based on the C++ programming language. The first (SystemC) is both a hardware definition language and a simulation library designed to model and simulate hardware and software systems:. The second (Network Simulator 2) is both a network definition language and a simulation tool designed to model and simulate network topologies. The aim of the paper concerns the analysis of the efficient integration of the two modeling/simulation environments. The proposed methodology; joining together SystemC and Network Simulator 2, has been applied to an example embedded network device based on the IEEE 1355 protocol.
Proceedings. 4th International Workshop on Microprocessor Test and Verification - Common Challenges and Solutions, 2003
The use of model checking to validate descriptions of digital systems lacks a coverage metrics. H... more The use of model checking to validate descriptions of digital systems lacks a coverage metrics. How many properties has the verification engineer to define in order to assure the correctness of a design? An estimation methodology based on a high level fault model has been formally presented by A. Fedeli et al. (2003). It evaluates properties incompleteness. We propose a
Fourth ACM and IEEE International Conference on Formal Methods and Models for Co-Design, 2006. MEMOCODE '06. Proceedings., 2006
Transaction-level modeling (TLM) has been proposed as the leading strategy to address the always ... more Transaction-level modeling (TLM) has been proposed as the leading strategy to address the always increasing complexity of digital systems. However, modeling a complex system completely at transaction level (TL) could be inconvenient when IP cores are available on the market, usually modeled at RT level. In this context, modeling and verification methodologies based on transactors allow one to reuse RTL
Proceedings. Ninth IEEE International High-Level Design Validation and Test Workshop (IEEE Cat. No.04EX940), 2004
The paper presents a methodology for addressing hard-to-detect faults when a high-level ATPG is a... more The paper presents a methodology for addressing hard-to-detect faults when a high-level ATPG is applied to verify functional descriptions of sequential circuits. A particular kind of extended finite state machines is adopted to improve detectability of such faults.
The Second Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services, 2005
Mobile terminals are embedded systems with growing elaboration capacity, even still limited, whic... more Mobile terminals are embedded systems with growing elaboration capacity, even still limited, which are continuously connected to a worldwide communication network. Thus, the idea of embedding in mobile terminals remote computing services seems attractive and it is more and more exploited. This paper evaluates a middleware platform based on the simple object access protocol (SOAP) to develop distributed applications on mobile terminals.
This paper addresses the embedded design issues of the EPCglobal Architecture aiming at providing... more This paper addresses the embedded design issues of the EPCglobal Architecture aiming at providing RFID-based solutions. Some problems related to its porting on the embedded systems field have been analyzed. These problems concern the role of the operating system adopted by the embedded system, the SW architecture implementation (Single-Thread or Multi-Thread) to satisfy the EPCglobal Architecture constraints and the HS/SW
The paper presents a new tool for mutation analysis using the system model of high-level decision... more The paper presents a new tool for mutation analysis using the system model of high-level decision diagrams (HLDD). The tool is integrated into the APRICOT verification environment. It is based on HLDD simulation and graph perturbation. A strategy that relies on a restricted set of five key mutation operators is developed in order to speed up the mutation analysis. Experiments
Refinement of untimed TLM models into a timed HW/SW platform is a step by step design process whi... more Refinement of untimed TLM models into a timed HW/SW platform is a step by step design process which is a trade-off between timing accuracy of the used models and correct estimation of the final timing performance. The use of an RTOS on the target platform is mandatory in the case real-time properties must be guaranteed. Thus, the question is when
The generation of device drivers is a very time consuming and error prone activity. All the strat... more The generation of device drivers is a very time consuming and error prone activity. All the strategies proposed up to now to simplify this operation require a manual, even formal, specification of the device driver functionalities. In the system-level design, IP functionalities are tested by using testbenches, implemented to contain the communication protocols to correctly interact with the device. The
2012 IEEE International High Level Design Validation and Test Workshop (HLDVT), 2012
ABSTRACT One way to ensure the correct execution of embedded software is to keep debugging and te... more ABSTRACT One way to ensure the correct execution of embedded software is to keep debugging and testing even after shipping of the application, complemented with recovery/restart operations. In this context, the oracles, i.e., assertions and checkers, that have been widely used in the development process for design validation, can be deployed again in the final product. The application will use the oracles to monitor itself under the actual execution. In this way, erroneous out-of-the-specification behaviors can be captured at runtime. However, self-checking mechanisms come at a computational cost, which may affect time constrains of embedded software. Thus, the oracles shall be introduced while satisfying these time constraints. This work proposes a profiling approach for oracles in embedded software, which proves to be more accurate than traditional profiling approaches, e.g., statistical sampling techniques. Profiling the execution time of oracles permits to finely tune the execution rate of the application to avoid timing violation, and to increase application responsiveness. Experimental results have been carried out on an industrial deployment platform for real-time application, i.e., National Instruments PXI VeriStand.
2009 7th IEEE/ACM International Conference on Formal Methods and Models for Co-Design, 2009
ABSTRACT The paper proposes a comprehensive methodology for property qualification based on a com... more ABSTRACT The paper proposes a comprehensive methodology for property qualification based on a combination of dynamic and static techniques. In particular, given a set of properties defined to check the correctness of a design implementation, the methodology first evaluates property coverage, property overspecification, and it identifies vacuous properties. This is commonly performed by exploiting mutation analysis and automatic testbenches generation, i.e., dynamic strategies. This phase allows us to quickly evaluate the quality of properties with respect to the use of formal approaches. Then, a second phase, based on model checking, is applied to the restricted number of situations, where the dynamic approach is not exhaustive. Experimental results show the effectiveness and efficiency of the proposed methodology.
2002 IEEE International Symposium on Circuits and Systems. Proceedings (Cat. No.02CH37353), 2002
ABSTRACT To validate an embedded network device it is important to insert it in a model of a real... more ABSTRACT To validate an embedded network device it is important to insert it in a model of a real system and test its interaction with the surrounding blocks and used protocols. The proposed methodology joins two simulation environments, both based on the C++ programming language. The first (SystemC) is both a hardware definition language and a simulation library designed to model and simulate hardware and software systems:. The second (Network Simulator 2) is both a network definition language and a simulation tool designed to model and simulate network topologies. The aim of the paper concerns the analysis of the efficient integration of the two modeling/simulation environments. The proposed methodology; joining together SystemC and Network Simulator 2, has been applied to an example embedded network device based on the IEEE 1355 protocol.
Proceedings. 4th International Workshop on Microprocessor Test and Verification - Common Challenges and Solutions, 2003
The use of model checking to validate descriptions of digital systems lacks a coverage metrics. H... more The use of model checking to validate descriptions of digital systems lacks a coverage metrics. How many properties has the verification engineer to define in order to assure the correctness of a design? An estimation methodology based on a high level fault model has been formally presented by A. Fedeli et al. (2003). It evaluates properties incompleteness. We propose a
Fourth ACM and IEEE International Conference on Formal Methods and Models for Co-Design, 2006. MEMOCODE '06. Proceedings., 2006
Transaction-level modeling (TLM) has been proposed as the leading strategy to address the always ... more Transaction-level modeling (TLM) has been proposed as the leading strategy to address the always increasing complexity of digital systems. However, modeling a complex system completely at transaction level (TL) could be inconvenient when IP cores are available on the market, usually modeled at RT level. In this context, modeling and verification methodologies based on transactors allow one to reuse RTL
Proceedings. Ninth IEEE International High-Level Design Validation and Test Workshop (IEEE Cat. No.04EX940), 2004
The paper presents a methodology for addressing hard-to-detect faults when a high-level ATPG is a... more The paper presents a methodology for addressing hard-to-detect faults when a high-level ATPG is applied to verify functional descriptions of sequential circuits. A particular kind of extended finite state machines is adopted to improve detectability of such faults.
The Second Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services, 2005
Mobile terminals are embedded systems with growing elaboration capacity, even still limited, whic... more Mobile terminals are embedded systems with growing elaboration capacity, even still limited, which are continuously connected to a worldwide communication network. Thus, the idea of embedding in mobile terminals remote computing services seems attractive and it is more and more exploited. This paper evaluates a middleware platform based on the simple object access protocol (SOAP) to develop distributed applications on mobile terminals.
This paper addresses the embedded design issues of the EPCglobal Architecture aiming at providing... more This paper addresses the embedded design issues of the EPCglobal Architecture aiming at providing RFID-based solutions. Some problems related to its porting on the embedded systems field have been analyzed. These problems concern the role of the operating system adopted by the embedded system, the SW architecture implementation (Single-Thread or Multi-Thread) to satisfy the EPCglobal Architecture constraints and the HS/SW
The paper presents a new tool for mutation analysis using the system model of high-level decision... more The paper presents a new tool for mutation analysis using the system model of high-level decision diagrams (HLDD). The tool is integrated into the APRICOT verification environment. It is based on HLDD simulation and graph perturbation. A strategy that relies on a restricted set of five key mutation operators is developed in order to speed up the mutation analysis. Experiments
Refinement of untimed TLM models into a timed HW/SW platform is a step by step design process whi... more Refinement of untimed TLM models into a timed HW/SW platform is a step by step design process which is a trade-off between timing accuracy of the used models and correct estimation of the final timing performance. The use of an RTOS on the target platform is mandatory in the case real-time properties must be guaranteed. Thus, the question is when
The generation of device drivers is a very time consuming and error prone activity. All the strat... more The generation of device drivers is a very time consuming and error prone activity. All the strategies proposed up to now to simplify this operation require a manual, even formal, specification of the device driver functionalities. In the system-level design, IP functionalities are tested by using testbenches, implemented to contain the communication protocols to correctly interact with the device. The
2012 IEEE International High Level Design Validation and Test Workshop (HLDVT), 2012
ABSTRACT One way to ensure the correct execution of embedded software is to keep debugging and te... more ABSTRACT One way to ensure the correct execution of embedded software is to keep debugging and testing even after shipping of the application, complemented with recovery/restart operations. In this context, the oracles, i.e., assertions and checkers, that have been widely used in the development process for design validation, can be deployed again in the final product. The application will use the oracles to monitor itself under the actual execution. In this way, erroneous out-of-the-specification behaviors can be captured at runtime. However, self-checking mechanisms come at a computational cost, which may affect time constrains of embedded software. Thus, the oracles shall be introduced while satisfying these time constraints. This work proposes a profiling approach for oracles in embedded software, which proves to be more accurate than traditional profiling approaches, e.g., statistical sampling techniques. Profiling the execution time of oracles permits to finely tune the execution rate of the application to avoid timing violation, and to increase application responsiveness. Experimental results have been carried out on an industrial deployment platform for real-time application, i.e., National Instruments PXI VeriStand.
2009 7th IEEE/ACM International Conference on Formal Methods and Models for Co-Design, 2009
ABSTRACT The paper proposes a comprehensive methodology for property qualification based on a com... more ABSTRACT The paper proposes a comprehensive methodology for property qualification based on a combination of dynamic and static techniques. In particular, given a set of properties defined to check the correctness of a design implementation, the methodology first evaluates property coverage, property overspecification, and it identifies vacuous properties. This is commonly performed by exploiting mutation analysis and automatic testbenches generation, i.e., dynamic strategies. This phase allows us to quickly evaluate the quality of properties with respect to the use of formal approaches. Then, a second phase, based on model checking, is applied to the restricted number of situations, where the dynamic approach is not exhaustive. Experimental results show the effectiveness and efficiency of the proposed methodology.
Uploads
Papers by Franco Fummi