The Design and Implementation of P2V, An Architecture for Zero-Overhead Online Verification of Software Programs

The PSL-to-Verilog (P2V) compiler can translate a set of assertions about a block-structured software program into a hardware design to be executed concurrently with the execution of the software program. The assertions validate the correctness of the software program without altering its temporal behavior in any way, a result that has never been previously achieved by any online model-checking system. The technique and the implementation apply to any general purpose program and the absence of execution overheads makes the system ideal for the verification and debugging of real-time systems. The assertions are expressed in the simple subset of the Property Specification Language PSL, an IEEE standard originally intended for the behavioral specification of hardware designs. The target execution system is the eMIPS processor, a dynamically self-extensible processor realized with an FPGA. The system can concurrently execute and check multiple programs at a time. Assertions are compiled into eMIPS Extensions, which are loaded by the operating system software into a portion of the FPGA at program loading time, and discarded once the program terminates. If an assertion is violated the program receives an exception, otherwise it executes fully unaware of its verifier. The software program does not need to be modified in any way, it can be compiled separately with full optimizations and executes with or without the corresponding hardware checker. The P2V compiler is implemented in Python. It generates code for the implementation of the eMIPS processor running on the Xilinx ML401 development board. It is currently used to verify software properties in such areas as testing and debugging, intrusion detection, and the behavioral verification of concurrent and realtime programs.