

Contents lists available at ScienceDirect

# Annals of Nuclear Energy



journal homepage: www.elsevier.com/locate/anucene

# CVEC: A customized VIS-based equivalence checker for verifying commercial field-programmable gate array synthesis software in small modular reactors

Yoona Heo<sup>a</sup>, Sejin Jung<sup>b</sup>, Eui-Sub Kim<sup>a</sup>, Junbeom Yoo<sup>a</sup>,\*

<sup>a</sup> Konkuk University, Seoul, Republic of Korea

<sup>b</sup> Chinju National University of Education, Chinju, Republic of Korea

# ARTICLE INFO

Keywords: COTS software dedication Equivalence checking Verilog EDIF VIS FPGA synthesis software

# $A \mathrel{B} S \mathrel{T} R \mathrel{A} C \mathrel{T}$

Field-programmable gate array (FPGA) is a hardware-based platform widely used in safety-related systems. FPGA development involves synthesis, placement and routing, with designs ultimately downloaded onto the device. Commercial FPGA synthesis software converts register-transfer level (RTL) designs into gate-level representations. Standards such as NUREG/CR-6421, IEEE Std 7-4.3.2, EPRI NP-5652, and EPRI TR-106439 require verification of these tools, while IEC 62566 mandates static analysis, including equivalence checking, for nuclear power plant applications. This paper introduces *CVEC*, a customized VIS-based equivalence checker that verifies the correctness of FPGA synthesis software. It performs equivalence checking between RTL designs and gate-level designs synthesized using *Synopsys Synplify Pro* within the *Libero IDE*. When verification is successful, it ensures that these softwares operate correctly at the synthesis level. Two case studies demonstrate the effectiveness of *CVEC* in verifying the functional correctness of commercial FPGA synthesis softwares.

#### 1. Introduction

A small modular reactor (SMR) is an advanced nuclear reactor currently gaining attention. Several documents and studies discuss the potential use of field-programmable gate arrays (FPGAs) in SMRs (NuScale, 2020; U.S. Nuclear Regulatory Commission, 2016; Cummins and Quinn, 2021). FPGA-based controllers are being utilized not only in SMRs but also in the broader nuclear power plant (NPP) domain, with several studies exploring their applications (Farias et al., 2016; Zhang and Wu, 2024; Piggin and Sampson, 2016). Moreover, FPGA technology is being applied in various applications, including cyberphysical systems (CPSs) (Gautham, 2020), electric vehicles (Bukya et al., 2024), internet of things (IoT) (Lee and Park, 2021), autonomous vehicles (Ahn et al., 2019), grid systems (Allani et al., 2021), neural networks (Wang et al., 2022), quantum processing (Xu et al., 2021), and more.

As stated in IEEE Std 1012-2016 (Institute of Electrical and Electronics Engineers (IEEE), 2016a), IEEE Std 7–4.3.2-2016 (Institute of Electrical and Electronics Engineers (IEEE), 2016b) and IEC 60880:2006 (International Electrotechnical Commission (IEC), 2006), digital devices used in safety systems of NPP should be thoroughly verified and validated throughout the entire software development life-cycle (SDLC). However, an FPGA is a hardware-based platform and works with a thoroughly different SDLC from micro-processor based platforms such as programmable logic controller (PLC). The FPGA software is first modeled with hardware description languages (HDLs) such as Verilog (Institute of Electrical and Electronics Engineers (IEEE), 2001) and VHDL (Institute of Electrical and Electronics Engineers (IEEE), 2008), and then subsequently synthesized into gate-level designs. Commercial logic synthesis tools and electronic design automation (EDA) tools (e.g. *Synopsys Synplify Pro* (Synopsys, 2015), etc.) automate the FPGA logic synthesis process. Then these designs are placed and routed into physical layouts by EDA tools.

According to NUREG/CR-6421 (U.S. Nuclear Regulatory Commission, 1996b), IEEE Std 7-4.3.2 (Institute of Electrical and Electronics Engineers (IEEE), 2016b), Electric Power Research Institute (EPRI) NP-5652 (Electric Power Research Institute (EPRI), 2014) and EPRI TR-106439 (Electric Power Research Institute (EPRI), 1996), commercial grade items (i.e., commercial-off-the-shelf (COTS) items) used in nuclear safety-related application must be verified through sufficient acceptance methods to assure their functionality. Also, in IEC 62566-2:2020 (International Electrotechnical Commission (IEC), 2020), it is stated that static analysis including equivalence checking is required for the HDL-programmed devices (HPD) (e.g., FPGA) used in the nuclear safety applications. While the logic synthesis tools can be formally verified with compiler verification techniques (Hoare, 2003) directly, it is hard to apply them to the products of 3rd-party developers. An alternative solution is to do the tool verification indirectly as part of the COTS software dedication (Yoo et al., 2015).

https://doi.org/10.1016/j.anucene.2025.111484

Received 6 January 2025; Received in revised form 23 March 2025; Accepted 12 April 2025

0306-4549/© 2025 Elsevier Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies.

<sup>\*</sup> Corresponding author. E-mail address: jbyoo@konkuk.ac.kr (J. Yoo).

"For a specific input program (e.g., Verilog program), if a synthesis tool produces a program (e.g., Netlist) which shows the same behavior **for all possible cases**, we can claim that the synthesis tool works correctly at least for the input program."

There are several studies or commercial formal verification tools which can be used for our purpose, *i.e., the correctness verification (dedication) of commercial FPGA logic synthesis tools*, such as *Formal-Pro* (Siemens, 0000a), *Conformal Equivalence Checker* (Cadence, 2017) and *Formality* (Synopsys, 2019). They are, however, too case-sensitive to be comfortable with various combinations of EDA and verification tools, as we summarized in Yoo et al. (2015). For instance, we cannot use *FormalPro*, a formal equivalence checking tool for FPGA design, in combination with *Libero IDE* (Microchip, 2014), an IDE for FPGA design, and *Synopsys Synplify Pro* (Synopsys, 2015) synthesizer, a logic synthesis tool for FPGA. This was the combination of the project we worked on. Since we cannot expect the vendors to provide a specific extension that cannot make a profit, we need to develop a new customized solution for this combination.

This paper proposes a Customized VIS-based Equivalence Checker (*CVEC*), to check behavioral equivalence of a Verilog program and a Netlist synthesized from it under the combination of the *Synopsys Synplify Pro* synthesizer in the *Libero IDE* EDA tool. In the FPGA industry, *Synopsys Synplify Pro* and *Libero IDE* are already being integrated and used together (Synopsys, 2009). *CVEC* uses verification engine, verification interacting with synthesis (*VIS*) (Brayton et al., 1996), a widely-used open-source system for formal verification, synthesis, and simulation of finite-state systems. It reads two input programs (*i.e.*, Verilog and electronic design interchange format (EDIF)) and checks their behavioral equivalence for all possible input combinations using *VIS*. This paper also proposes a set of assumptions, translation rules, and a translator to make the VIS-based equivalence checking possible, since VIS cannot read the Verilog and EDIF files directly.

In order to demonstrate the effectiveness and applicability of the proposed technique, *CVEC*, we performed a case study with two examples of bistable processor (BP) programs in reactor protection system (RPS), excerpted from a preliminary version of Korean nuclear power plants. We also tried to compare the performance of *CVEC* with a commercial verification tool *FormalPro*, although we had to change the logic synthesis tool into *Precision FPGA* (Siemens, 0000b) instead.

The paper is organized as follows: Section 2 provides background information about the conventional FPGA development process, EDIF and the VIS verification system. Section 3 surveys related researches, and Section 4 overviews the *CVEC* and explains the details of its verification process. The case studies with two RPS BPs of Korean nuclear power plants is presented in Section 5. In conclusion, Section 6 concludes the paper and provides remarks on future research extensions. Appendix includes examples of translations from EDIF to BLIF-MV (Brayton, 1991).

#### 2. Background

# 2.1. Development and V&V of FPGA

The development life-cycle of FPGA-based digital I&Cs basically follows IEC 61513 (International Electrotechnical Commission (IEC), 2011). An FPGA-based system, however, has a specific feature to consider further. The phase of the development life cycle involving HDL programming is classified as software, whereas the phase that begins after downloading it onto a chip is classified as hardware. Therefore, FPGA development should adhere to both IEC 60880 (International Electrotechnical Commission (IEC), 2006) for software compliance and IEC 60987 (International Electrotechnical Commission (IEC), 2007) for hardware compliance.  $\langle Fig. 1 \rangle$  (Jung et al., 2016) illustrates the V-model of FPGA development life-cycle described in IEC 62566 (International Electrotechnical Commission (IEC), 2012), integrating both software and hardware aspects. The left-hand side of the  $\langle Fig. 1 \rangle$ 



Fig. 1. The V-shaped life-cycle of FPGA development.

represents the software aspect of a typical FPGA development life-cycle, as guided in NUREG/CR-7006 (U.S. Nuclear Regulatory Commission, 1996a).

The FPGA software development is fully automated by synthesis softwares (*i.e.*, FPGA logic synthesis tools or EDA tools) of FPGA vendors. After programming a register transistor logic (RTL) design with HDLs, the design is transformed into a gate-level design (*i.e.*, netlist) by synthesis softwares such as *Synopsys Synplify Pro* (Synopsys, 2015), *Precision FPGA* (Siemens, 0000b) and *Cadence Virtuoso Digital Implementation* (Cadence, 2019).

For the verification and validation (V&V) of the FPGA development process, designers perform simulation-based verification at each stage of the FPGA software development life-cycle to ensure that each artifact complies with its requirements specification. The first simulation performed on RTL designs is behavioral simulation. The goal of behavioral simulation is to ensure that all requirements are correctly and accurately implemented into the RTL design. Since RTL designs are typically created manually by most designers, the process is time-consuming. After synthesis from RTL design to gate-level design, designers perform logic simulation to confirm that all functionalities were preserved during the synthesis. After the place & route (P&R) process, designers can validate the layout via post-layout simulation to ensure that the layout meets all timing requirements. Simulators such as ModelSim (Siemens, 0000c) and Questa Simulator (Siemens, 0000d) are widely used for the simulation-based verification. Every simulation-based verification at each step is performed individually and independently, and it is considered as one of the key factors for efficient FPGA development.

The V&V process for the FPGA development also includes equivalence checking (Burch et al., 1994). Equivalence checking is one of the formal verification techniques, which uses formal techniques to determine whether two versions of a design are behaviorally equivalent or not. Equivalence checking can prove that two given designs have the same functionality, i.e., it determines "whether they show the same behavior for all possible input sequences." It can ensure that an RTL design and the gate-level design synthesized from the RTL design always show the same behavior. This verification technique can be performed quickly and without the need for test vectors. As the automated synthesis by synthesis softwares becomes increasingly sophisticated, unintended and unexpected behaviors in FPGA designs may arise. At this point, equivalence checking can help us ensure that the synthesis process was executed correctly. Commercial tools such as FormalPro, Conformal Equivalence Checker, and Formality can be used for equivalence checking; however, their applicability is limited.

#### 2.2. EDIF

EDIF (Electronic Industries Association, 1998) is a vendor-neutral format in which to store netlists and schematics. It was one of the

first attempts to establish a neutral data exchange format for the EDA industries.

The latest version of EDIF is 4.0.0, but most FPGA vendors still use the version 2.0.0 which was first approved as the standard ANSI/EIA-548-1998. Nevertheless the effort for the neutral data exchange, FPGA vendors keep modifying the EDIF format slightly and appropriately for their own tools. The EDIFs of various FPGA vendors are now not compatible with each other, unfortunately. This paper uses the EDIF of *Libero IDE*.

### 2.3. VIS verification system

VIS (Brayton et al., 1996) is a verification system that integrates formal verification, simulation and synthesis for hardware systems modeled as finite-state machines (FSMs). The VIS system supports fair computational tree logic (CTL) model checking (Clarke et al., 1999), language emptiness checking, sequential equivalence checking, cyclebased simulation, and hierarchical synthesis. It processes hardware designs described in (Synchronous) Verilog (Chouy, 1997) or BLIF-MV (Kukimoto, 1996) formats, using an in-house translator *vl2mv* to convert Verilog designs into the *BLIF-MV* representation for efficient analysis and synthesis.

In our earlier work (Yoo et al., 2009), we proposed a verification technique that translates a function block diagram (FBD), a graphical programming language defined in IEC 61131-3 (International Electrotechnical Commission (IEC), 2013), into a semantically equivalent Verilog program. We then attempted to prove the behavioral equivalence between two successive revisions using the sequential equivalence checking capabilities of VIS. We also developed *VIS Analyzer* (Jung et al., 2010) to provide a graphical interface designed to help domain experts fully utilize the powerful features of VIS without being overwhelmed by its primitive, text-based interface.

VIS has since been upgraded to newer versions, such as academic industrial-strength verification tool (ABC) (Brayton and Mishchenko, 2010) and incremental inductive model checker (IImc) (University of Colorado at Boulder, 2016). There are several differences between VIS and ABC, IImc. For model checking algorithms, ABC is based on andinverter graphs (AIGs) and IImc is based on IC3, while VIS is based on FSMs. Therefore, VIS can perform sequential equivalence checking based on FSM, while the other two tools cannot. Instead, ABC performs combinational equivalence checking, and IImc cannot perform equivalence checking, since it is optimized for solving model checking problems. Also, while VIS focuses on both synthesis and verification, ABC focuses more on synthesis than verification, and IImc focuses more on verification than synthesis. Many successful studies have demonstrated the value of VIS as one of the most mature equivalence checkers to date.

# 2.4. COTS software dedication and equivalence checking

As mentioned in Section 1, various standards and guidelines demand the verification of COTS items (especially software in this paper) to accept them in safety-related applications. In EPRI NP-5652 and EPRI TR-106439, there are 4 methods that can be used to accept COTS items as shown:

(1) Special Tests and Inspections

- (2) Commercial Grade Survey of Supplier
- (3) Source Verification
- (4) Acceptable Supplier/Item Performance Record

One of the ways to verify the COTS items is using the formal verification techniques such as equivalence checking. This can be an example for method (1) presented in EPRI NP-5652 and EPRI TR-106439. Also, in IEC 62566, equivalence checking is mentioned as one of the static analysis techniques to verify HPD used in nuclear safety applications.

In recent years, the verification by equivalence checking has become widely accepted in integrated circuits (ICs) fields, in place of the simulation-based techniques. There also exists some studies for logic equivalence checking with formal verification techniques (Hu and Chu, 2023; Ni et al., 2023). Many international standards (RTCA, 2000; International Electrotechnical Commission (IEC), 2000) gradually require to use the formal verification techniques, too. There are several well-known formal verification tools such as *FormalPro* (Siemens, 0000a), *Conformal Equivalence Checker* (Cadence, 2017), *Formality* (Synopsys, 2019) and *VIS* (Brayton et al., 1996) which is embedded in *CVEC*. Times (2001) provides further detailed information on the tools.

# 3. Related works

There are some research related to dedication of COTS software. In Kim et al. (2010), authors select safety features as functional and performance requirements for method (1). They applied functional benchmarking test method for the COTS dedication of QNX real time operating system (RTOS) to evaluate its sustainability for safety-related applications in the NPP domain. The results demonstrated that QNX RTOS has significant potential as a commercial operating system capable of meeting safety and performance requirements necessary for deployment in digital systems within NPPs. This study also established valuable criteria for comparing QNX RTOS with other commercial RTOS options, providing a reliable basis for selection.

In Kim et al. (2007), authors discuss the process and results of the COTS dedication of the PROFIBUS fieldbus message specification (FMS) driver software. PROFIBUS FMS driver is a high-level communication module used in NPP safety systems such as POSAFE-Q. In this research, methods 1, 2, and 4 presented in EPRI NP-5652 and TR-106439 are applied to PROFIBUS FMS driver software. These methods performed by telecommunication technology association (TTA) and Hilscher Company successfully validated the PROFIBUS FMS driver for safety-related applications. Also, a certification from PROFIBUS national organization (PNO) confirmed the reliability of software. The study highlights the importance of combining multiple methodologies to ensure comprehensive validation of COTS software.

In Jung et al. (2016), one of our previous works, a process for evaluating the suitability of commercial grade softwares indirectly used for FPGA logic synthesis in FPGA development is proposed. COTS software as the target of evaluation are identified and both the safety category of the target system and the usage category of the COTS software are determined. This categorization enables them to assign an appropriate safety category to the COTS software. Based on this, they define a list of dedication criteria for each category. Subsequently, they refine the acceptance criteria and select suitable acceptance methods, including specific V&V techniques. Finally, the selected acceptance methods and techniques are applied to the target software through the dedication process to verify compliance with the acceptance criteria. A case study on *Synopsys Synplify Pro* demonstrates that the proposed evaluation criteria and acceptance process are effective for assessing indirect tools used in FPGA development.

# 4. A customized VIS-based equivalence checker

(Fig. 2) shows an overview of the VIS-based equivalence checker CVEC, customized for the Synopsys Synplify Pro synthesizer in the Libero IDE EDA. There are 4 phases to perform equivalence checking in CVEC and each of them is described in the following subsections. (Phase I) VerilogtoV4VIS transformation (Phase II) EDIFtoBLIF-MV transformation (Phase III) VIS equivalence checking (Phase IV) Post-analysis and visualization



Fig. 2. A customized VIS-based equivalence checker: CVEC.

# 4.1. [Phase I] VerilogtoV4VIS transformation

In the first phase, we first provide Verilog program as the first input for CVEC. In VIS, the Verilog HDL front-end called vl2mv translator reads most elements of Verilog, then it compiles a subset of Verilog into BLIF-MV. While vl2mv reads Verilog, it either ignores or rejects some Verilog elements without notification. Therefore, CVEC transforms a typical Verilog program into a customized Verilog for VIS (i.e., Verilog4VIS (V4VIS) (Kim et al., 2015)) program, in order to make vl2mv read a typical Verilog programs correctly. Also, CVEC includes a rule checker called Verilog4VIS Checker to verify whether the assumptions and constraints for a Verilog program are satisfied, and recommends appropriate modifications to transform Verilog program into a Verilog4VIS program. A Verilog4VIS program can be developed through iterative verification and refinement. We introduce below a total of 7 assumptions and constraints for VerilogtoV4VIS transformation that must be followed in order to ensure the correct functioning of the VIS verification engine.

| Assumptions | and | constraints |
|-------------|-----|-------------|
|             |     |             |

- (1) Use the clock *clk* only at the statement *always* @(*posedge clk*)
- (2) Do not use the time delay
- (3) Do not use the non-blocking statement
- (4) All reg variables should be initialized with 0  $\,$
- (5) Do not use the integer type variable
- (6) Do not use the size of bits when defining parameter
- (7) Do not use the *negedge* edge

The assumptions and constraints on the Verilog modeling are as follows:

The first assumption states that the VIS interprets a Verilog program as a discrete-time finite state machine with an implicit global clock, *clk*. This alignes the Verilog program with the input format of Symbolic Model Verifier (SMV) used in SMV (Cimatti et al., 1999) or PROMELA language used in SPIN (SPIN, 2016). Since all behaviors within the *always* statements are synchronized to a single clock, *clk*, VIS can execute (or simulate) a BLIF-MV model without requiring the *clk*. Consequently, clocks are not utilized in BLIF-MV, and all *clks* are ignored. Additionally, all clock-related elements and conditions in *always* @(...) statement are ignored by *vl2mv*. Therefore, the *clk* should only be used for synchronization purposes, such as in *always* @(*posedge clk*), and not for any other purposes.

If constraints (2) and (3) are not satisfied, vl2mv may produce a compilation error. According to assumption (1), no time delays for gates or wires are allowed yet, since the BLIF-MV does not contain

an element to implement time delays. Additionally, non-blocking statements are not permitted; all statements must be written as blocking statements.

Constraint (4) requires that all *reg* variables to be initialized with 0. No other value is allowed, as *Libero IDE* assigns a default value of 0 to the EDIF elements corresponding to the *reg* variables, regardless of their initialization. However, VIS requires all *reg* variables to be initialized with an appropriate value. Our solution is to initialize all *reg* variables to 0, regardless of their original values. We anticipate that this will not result in any side-effect, since all DI&C systems have a distinguished procedure for the system boot-up, such as temporarily ignoring all output values (*i.e.*, shutdown alarms) during the initial phase of boot-up.

We cannot use *integer* type variables in the VIS verification, since the VIS lacks a mechanism to initialize them, as specified in constraint (5). Our suggestion is to replace an *integer* variable with a *reg* [31:0] variable during the initialization phase, as it functions in exactly the same way. Constraint (6) also restricts the detailed definition of *parameter* variables (*e.g.*, using [15:0] of bit array), as it may implicitly lead to a loss of information. We cannot use the *negedge* edge as constraint (7), since VIS only supports the *posedge* edge.

# 4.2. [Phase II] EDIFtoBLIF-MV transformation

In the second phase, we provide the second input, an EDIF program for *CVEC*. Synopsys Synplify Pro in Libero IDE synthesizes an EDIF program from the Verilog4VIS program. Then *CVEC* transforms mechanically synthesized gate-level design of EDIF (*i.e.*, Netlist) into a BLIF-MV program. We provide a transformation process of 3 steps and translation rules of 6 categories, which are specialized for the EDIF format of *Libero IDE*. We also provide the mechanical *EDIFtoBLIF-MV* translator in *CVEC* to implement the process and rules.

The transformation from EDIF to BLIF-MV includes a three-step process, consisting of (*II-1*) Parsing, (*II-2*) Pre-processing and (*II-3*) Translation. The first step (II-1) parses an EDIF file and stores it in an internal data structure. All EDIF elements except auxiliary information such as the *cell* information are converted into an internal data structure. The next step (II-2) performs a pre-processing such as deleting unnecessary information in the internal data structure. For example, as all *clks* in Verilog are ignored in BLIF-MV, we need to delete these information. Also, all ports not used but defined in an EDIF should explicitly have a default value of 0. The last step (II-3) transforms the pre-processed internal data into a BLIF-MV format according to the translation rules we developed.

The 3-step transformation transforms all of the information of *cells* in an EDIF into an equivalent BLIF-MV format, which serves as an internal input front-end of the VIS verification system. The whole process was also implemented into a CASE tool *EDIFtoBLIF-MV*, embedded in *CVEC*. The details of each transformation step, except (II-1 *Parsing*), is as follows.

# 4.2.1. (II-2) Pre-processing

After parsing an EDIF file into an internal data structure of *CVEC*, we need to perform a few pre-processing. First, all informations related to the clock *clk* should be deleted in accordance with the assumption (1) in *[Phase I]*. As EDIF is close to hardware layout, it includes the voltage *VCC* and ground *GND* cells, even if they are not presented in Verilog programs. We need to explicitly assign 1 and 0 to their output port, respectively. All unused ports (*i.e.*, bits) should have an explicit value by connecting them to the *GND* cell. If a port is not connected to any net, the translated BLIF-MV cannot be processed by the VIS. The processes included in this step is represented below.

| Pre-proce  | essing                                                          |
|------------|-----------------------------------------------------------------|
| (1) Delete | e all information (e.g., port, instance and net) related to the |
| clock clk  |                                                                 |
| (2) Assign | 1 to VCC                                                        |
| (3) Assign | 1 0 to GND                                                      |
| (4) Assign | 1 0 to all unused ports                                         |
| L          |                                                                 |

#### 4.2.2. (II-3) Translation into BLIF-MV

*CVEC* introduces translation rules from EDIF to BLIF-MV, and implements an automatic translation, EDIFtoBLIF-MV, which is a follow-up study of Lee (2013). The translation rules are divided into 5 categories, and each category is explained and described below as pseudo-code. The examples of these translations are demonstrated in Appendix: Examples of The Translations from EDIF to BLIF-MV.

# [Rule 1] Translation of cells

**Rule 1** defines a rule to express external structure of an EDIF unit, called *cell*, in BLIF-MV format. Each *cell* in working library is translated directly into a *.model* of BLIF-MV. The name of cell in EDIF would be the name of model in BLIF-MV. In pseudo-code, it would be expressed as in (Fig. 3).

| 1: | FUNCTION cellToModel(edifCell):                   |
|----|---------------------------------------------------|
| 2: | cellName = edifCell.name                          |
| 3: | <pre>blifModel = ".model" + cellName + "\n"</pre> |
| 4: | RETURN blifModel                                  |
|    |                                                   |

Fig. 3. Translation rule for cells.

# [Rule 2] Translation of ports and arrays

**Rule 2** defines the translation of each *port* in EDIF into *.inputs* or *.outputs* of BLIF-MV. In pseudo-code, it would be expressed as in  $\langle$ Fig. 4 $\rangle$ . The input and output ports in an EDIF cell are converted into .inputs and .outputs in BLIF-MV. If the port type of an input port is an *array*, the port name becomes the base name of the .inputs in BLIF-MV; EDIF does not have an array of the output ports. Additionally, in EDIF, an array of the input ports has a starting index (startIndex) and an ending index (endIndex). In BLIF-MV, the port names and their corresponding index values within the specified range are added to the .inputs section. On the other hand, if the port type is *not* an array, the port name is simply converted into the name of .inputs or .outputs in BLIF-MV.

| _   |                                                                               |
|-----|-------------------------------------------------------------------------------|
| 1:  | FUNCTION portToBLIFMV(edifCell):                                              |
| 2:  | blifModel = ""                                                                |
| 3:  |                                                                               |
| 4:  | FOR port IN edifCell.ports:                                                   |
| 5:  | IF port.type == "array": # only input port can have array                     |
| 6:  | baseName = port.name                                                          |
| 7:  | <pre>startIndex = port.startIndex IF port.startIndex IS NOT NONE ELSE 0</pre> |
| 8:  | endIndex = port.endIndex IF port.endIndex IS NOT NONE ELSE (port.size - 1)    |
| 9:  |                                                                               |
| 10: | <pre>blifModel += ".inputs "</pre>                                            |
| 11: |                                                                               |
| 12: | IF startIndex <= endIndex:                                                    |
| 13: | FOR i FROM startIndex TO endIndex:                                            |
| 14: | <pre>blifModel += baseName + ''['' + i + '']''</pre>                          |
| 15: | ELSE:                                                                         |
| 16: | FOR i FROM startIndex DOWNTO endIndex:                                        |
| 17: | <pre>blifModel += baseName + "[" + i + "]"</pre>                              |
| 18: |                                                                               |
| 19: | blifModel += "\n"                                                             |
| 20: |                                                                               |
| 21: | ELSE :                                                                        |
| 22: | direction = port.direction + "s"                                              |
| 23: | <pre>blifModel += "." + direction + " " + port.name + "\n"</pre>              |
| 24: |                                                                               |
| 25: | RETURN blifModel                                                              |

Fig. 4. Translation rule for ports and arrays.

# [Rule 3] Translation of property functions

**Rule 3** defines two ways of translating output ports of EDIF into BLIF-MV. In pseudo-code, it can be expressed as in (Fig. 5). The *output port* in the cell can include a keyword *property function*, which defines the function of the cell. If the cell is a sequential cell, function in an

EDIF is translated into *.latch* of BLIF-MV, and a keyword *.reset* has to be defined before the *.latch*. This is implemented by the function sequentialToBLIFMV(edifCell), shown from line 14 to line 28 in  $\langle$ Fig. 5 $\rangle$ . An example for the sequential D-Flip-Flop (DFF) cell is included in  $\langle$ Fig. A.3 $\rangle$  in Appendix.

On the other hand, if the cell is a combinational cell, the function is expressed as a *truth table* using the keyword *.table*. The *property function* in a cell defines the *truth table of functionality*. In the case of combinational cells, logic operators such as + (OR), &(AND),  $\land$ (XOR) and !(NOT) can be used. Also, multiple logic operators can be used to define the property function. For example, combinational cell can have the property function (*string* "A & (B + C)"), which can be expressed as *ABC* + & in postfix notation to be translated into BLIF-MV. The examples for the combinational cell are demonstrated in the second and the third example in (Fig. A.3).

```
FUNCTION getPortsByFunction(edifCell, functionName):
        inputPorts =
3:
        outputPorts = []
        FOR port IN edifCell.ports:
6:
7:
8:
               port function == functionName
             IF port.direction == "input":
                inputPorts.append(port.name)
             ELSE IF port.direction == "output"
9:
10:
                outputPorts.append(port.name)
11:
 12
        RETURN (inputPorts, outputPorts)
 13
14: FUNCTION sequentialToBLIFMV(edifCell):
15:
16:
        blifModel
        functionName = "
 17
18:
19:
        FOR property IN edifCell.properties:
           IF property.name == "function":
    functionName = property.value
20:
21 :
22 :
           IF property.type == "isSequential" && property.value == "TRUE":
             inputPorts, outputPorts = getPortsByFunction(edifCell,functionName)
inputOutputPorts = " ".join(inputPorts + outputPorts)
23
23:
24:
25:
26:
             blifModel += ".reset " + inputOutputPorts + " 0\n"
blifModel += ".latch " + functionName + " " + inputOutputPorts + "\n"
27:
28:
29
           RETURN blifModel
 30
31:
32: FUNCTION functionPropertiesToBLIFMV(edifCell):
33
        functionName = ""
34:
35
36 :
37 :
        FOR property IN edifCell.properties
           IF property.name == "function"
38:
39:
             functionName = property.value
             inputPorts, outputPorts = getPortsByFunction(edifCell, functionName)
40
             FOR inputPort IN inputPorts:
FOR outputPort IN outputPorts:
    blifModel += ".table " + inputPort + " " + outputPort + "\n"
41:
42:
43
44:
45:
             blifModel += ".default 0\n"
46
47
           RETURN blifModel
```

Fig. 5. Translation rule for property functions.

# [Rule 4] Translation of cells including instances

Each cell in EDIF has *contents* to implement its functionality. [**Rule 4**] defines the case where an EDIF cell includes *instance* inside its contents. The psuedo-code to express **Rule 4** is shown in  $\langle$ Fig. 6 $\rangle$ . cellRefName in line 6 of the code represents the referenced cell type in EDIF. When an instance is present within the cell, its name and the cell it represents determine the name of .subckt in the BLIF-MV format, as seen in line 8 of the code. From line 13 to line 20, each *connection* in the instance is represented, considering the multiple input and output ports in EDIF.

# [Rule 5] Translation of cells including connections

**Rule 5** connects the called cells with each other from input ports to output ports. The pseudo-code of **Rule 5** is represented in  $\langle$ Fig. 7 $\rangle$  If the *net* in EDIF contains only the *joined* keyword, the code from line 7 to line 18 is applied. The case of calling *member* cells using the *renamed* keyword is represented in from line 20 to line 31 of the code.

| 1:       | FUNCTION instanceToBLIFMV(edifCell):                                             |
|----------|----------------------------------------------------------------------------------|
| 2:       | blifModel = ""                                                                   |
| 3:       |                                                                                  |
| 4:       | FOR instance IN edifCell.instances:                                              |
| 5:       | instanceName = instance.name                                                     |
| 6:       | cellRefName = instance.cellRef                                                   |
| 7:       |                                                                                  |
| 8:       | <pre>subcktLine = ''.subckt '' + cellRefName + '' '' + instanceName</pre>        |
| 9:       |                                                                                  |
| 10:      | inputPorts = []                                                                  |
| 11:      | outputPorts = []                                                                 |
| 12:      |                                                                                  |
| 13:      | FOR connection IN instance.connections:                                          |
| 14:      | portName = connection.portName                                                   |
| 15:      | netName = instanceName + "_" + portName                                          |
| 16:      |                                                                                  |
| 17:      | IF connection.type == "input":                                                   |
| 18:      | <pre>inputPorts.append(portName + '' = '' + netName)</pre>                       |
| 19:      | ELSE IF connection.type == "output":                                             |
| 20:      | <pre>outputPorts.append(portName + '' = '' + netName)</pre>                      |
| 21:      |                                                                                  |
| 22:      | <pre>subcktLine += '' '' + '' '.join(inputs) + '' '' + '' ''.join(outputs)</pre> |
| 23:      | blifModel += subcktLine + "\n"                                                   |
| 24:      |                                                                                  |
| 25:      | RETURN blifModel                                                                 |
| <u> </u> |                                                                                  |

Fig. 6. Translation rule for cells including instances.



Fig. 7. Translation rule for cells including connections.

 $\langle$ Fig. 8 $\rangle$  depicts the *EDIFtoBLIF-MV* translator, implementing the proposed transformation process from EDIF to BLIF-MV. As other translators and compilers, it has simple GUI to read an input EDIF file and to store the transformed output BLIF-MV file. The console at the bottom shows the transformation process in steps, *i.e., EDIF Opening*  $\Rightarrow$  *Parsing*  $\Rightarrow$  *Pre-processing*  $\Rightarrow$  *Translation*  $\Rightarrow$  *BLIF-MV Saving.* It is now embedded into *CVEC*.

#### 4.3. [Phase III] VIS equivalence checking

In this phase, *CVEC* first transforms *Verilog4VIS* program into BLIF-MV program using *vl2mv* translator in VIS. Then it performs VIS-based equivalence checking upon two BLIF-MV programs, transformed from the *Verilog4VIS* program and the EDIF program, respectively. Then it automatically executes a series of VIS commands to perform sequential equivalence checking. (Fig. 9) shows a set of VIS commands to perform the sequential equivalence checking upon the *Verilog4VIS* and the EDIF programs used in the case study in Section 4. *CVEC* automates a series of all commands with a simple graphical user interface as depicted in



Fig. 8. The EDIFtoBLIF-MV translator.

 $\langle$ Fig. 10 $\rangle$ . In  $\langle$ Fig. 10 $\rangle$ , VIS equivalence checking determines that the two programs are not sequentially equivalent as "*Networks are NOT sequentially equivalent*.". It also shows a verification result of 6 steps (*i.e.*, a counterexample) which simulates an inequivalent state from the initial state step-by-step.



Fig. 9. A series of the VIS commands and a verification result from the VIS (excerpted).

|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |       |              |                                                       |                   | 1                                       | B DCAEC **                                                                                              | ST . R IMPE                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 |
|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------|--------------|-------------------------------------------------------|-------------------|-----------------------------------------|---------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| CVEC 22                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |       |              |                                                       |                   |                                         |                                                                                                         |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
| Verilog4VIS Checker                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | No.   | Rule No.     | Location                                              | Key               |                                         | Description                                                                                             |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
| Checking Verling/VIS                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           | 1     | No.3         | R_o in initial                                        | non-blocking      | Do not use                              | the non-blocking state                                                                                  | ement                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                | 2     | No.7         | "cik" in always                                       | negedge           | Doing                                   | t use the negedge edg                                                                                   | e                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                | 3     | No.3         | B o io alerter                                        | non-blocking      | Do not use                              | the non-blocking state                                                                                  |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
| CHART T                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        | 5     | No.3         | out trop in always                                    | non-blocking      | Do not use                              | the non-blocking state                                                                                  | errect                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
| Paty Circumstribometente Onen Bules                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            | 6     | No.2         | "R.o" in always                                       | delay             | Don                                     | not use the time delay                                                                                  |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                | 7     | No.3         | R <sub>o</sub> in always                              | non-blocking      | Do not use                              | the non-blocking state                                                                                  | ement                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                | 8     | No.2         | "end" in always                                       | delay             | Dor                                     | not use the time delay                                                                                  |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |       |              |                                                       |                   |                                         |                                                                                                         |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
| The vi2my Transformation                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       | 010   | leger format | O Binary format                                       |                   |                                         |                                                                                                         |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
| stimu                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |       | # state      | input                                                 | File1Output       | File2Output                             | File1State                                                                                              | File2State                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                | 0     |              | ALEANDA ELOB                                          | 10000000000       | 100000000000000000000000000000000000000 | 0000000000000                                                                                           | 0000000000000                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                | 2     |              | A EDMOL ETOB                                          | 100000000000      | 100000000000                            | 10000000000                                                                                             | 10000000001                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                 |
| Market Transition DISTANC                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      | 3     |              | ALEO MOL_EI OB                                        | 11000000000       |                                         | 01000000000.                                                                                            | 0100000001                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  |
| Verlog Translation BLIP-MV                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     | Close | winitiometex | lest.my                                               |                   | Cicyowinihomelezi                       | lest2 my                                                                                                |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
| Pate Crojgwinnomeextest/ Pate Crojgwinnomeextest/                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              | b F   | 00110        |                                                       | 10                |                                         |                                                                                                         | 00010                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
| Tv .                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |       |              |                                                       | 000100            |                                         |                                                                                                         | 000010                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
| The EDIEtoBLIE-MV Transformation                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               |       |              |                                                       |                   |                                         |                                                                                                         |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
| Entendi (E. Mil) Checking                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |       | OUTPU        | T.1111000000000                                       | N_E0 MOL_E1 O     | OUT                                     | PUT: 1 1 1 1 0 0 0 0                                                                                    | S ALLES MOLLET OF                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |       |              | B2 00010000                                           | 000100            |                                         | #1:000100                                                                                               | 000010                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |       |              |                                                       |                   | _                                       |                                                                                                         |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |       |              |                                                       | ALEGNOL ET OF     |                                         | 0                                                                                                       | ALEOMOLE1 OF                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
|                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |       | 0100010      | N                                                     | NULL ROUGHT OF    | 04.077                                  | N 175 4 0 0 0 4 0 0 0 A                                                                                 |                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
| EDIF Translation BLIF-MV                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |       | OUTPUT       | 1000100000                                            | - Canada - Canada | OUTF                                    | >UT:10001000∲0                                                                                          | 0010                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |
| EDIF Translation BLIF-MV Path: ClogowrithomelexFIX_ Path: ClogowrithomelexExEX_                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |       |              | 1000100000<br>#10 1001000                             | 0000100           | OUTF                                    | #10:1001000                                                                                             | 000010                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
| EDF Translation BLIF-MV<br>Patr. C'toppwritrometextext2                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |       |              | 1000100000                                            | ALEONOL E10       |                                         | #10.1001000                                                                                             | 000010                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      |
| EDF Tandaton BUFAV Pate: Clogernitomeextext2                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |       |              | #10:100000#0<br>#10:1001000                           | A_E0 MOL_E1 0     |                                         | *UT:10001000 <b>*</b> 0<br>#10:100100                                                                   | 000010<br>(ALEOMOL_E100                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                     |
| EDF Tanulation BUFAW<br>Pate: Citygwintometestrot, Pate: Citygwintometestest                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   |       |              | 10001000000000000000000000000000000000                | A_E0MOL_E10       |                                         | *UT:10001000*0<br>#10:100100                                                                            | 000010<br>CALEOMDLE10                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |
| EDF Translation BUFAM<br>EDF Translation BUFAM<br>Path: Chyperitomeexted                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       |       |              | *1000100000000000000000000000000000000                | ALEONOL_E10       |                                         | *10:10001000<br>#10:100100                                                                              | 00010<br>000010<br>(ALEOMOLLE100                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |
| EV Tandalo UFAV<br>Pat: Ctopperformedite:<br>Pat: Ctopperformedite:                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            |       |              | #10:10010000                                          | A_E0MOL_E10       |                                         | *10:10001000<br>*10:100100                                                                              | 00010<br>000010<br>(ALEOMDLE100                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
| Patri Copyertoneedite                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |       |              | #10:100000000                                         | ALEONOL_E10       |                                         | *UT:1000100040<br>#10:100100<br>#10:100100                                                              | 00010<br>000010<br>EALEOMOLEIO<br>MAURINE 11001000<br>C V V V V                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |
| EX Transloss EL-MAN<br>Patt. (Copyerformeeting)                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |       |              | #10.001000000                                         | ALEONOL_E10       | •                                       | *10:10001000*0<br>*10:100100<br>*10:100100                                                              | 00010<br>000010<br>CALEOMOLE100<br>11001000<br>20 0 + 11001000                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |
| EV Translow ULA<br>Patt, Copyerthomedray, Patt, Copyerthomedrat                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |       |              | #10.10010000<br>#10.10010000<br> <br>#11:00<br>#11:00 | ALEONOL_E10       |                                         | *10:10001000<br>#10:100100                                                                              | 00010<br>000010<br>CALEOMDL_E100<br>000010<br>CALEOMDL_E100<br>00010<br>00010<br>00010<br>00010<br>00010<br>00010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>000010<br>0000000<br>000000<br>000000<br>000000<br>000000                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
| EX Transform ULAY EX Compensioneration Faits (Compensioneration) Faits (Compensioneration) Faits (Compensioneration) Faits (Compensioneration) Faits (Faits (Faits)) Faits (Faits) Faits |       |              | #10:10000000                                          | ALEONOLE10        |                                         | ۳۱۵:1000<br>۱۵:100<br>۳۱۵:100100<br>۳۱۵:100100<br>۳۱۵:100100<br>۳۱۵:100100<br>۳۱۵:100100<br>۳۱۵:1001000 | 00010<br>CALEOMOLEIO<br>HUN 11001000                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |
| Part [Coperformance]   |       |              | #10:10:00:00                                          | ALEONOL_E10       | •                                       |                                                                                                         | 00010<br>CALEOMOLE10<br>CALEOMOLE10<br>CALEOMOLE10<br>CALEOMOLE100                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          |
| EV EVALUATION EVALUATION FILENCE EN                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        |       |              | 100010000000<br>10101001000<br>10101001<br>100100     | ALEOMOLE10        |                                         | UT: 10:001:00.040                                                                                       | 0010<br>CALEO MOL_E1 OF<br>CALEO MOL<br>CALEO MOL |
| Comparisonmental Part (Comparisonmental)      |       |              | 100010000000<br>9121001000<br>9121001000              | ALEONOL.E10       | •                                       | 407.100010004<br>#10100100<br>#10100100<br>#10100100                                                    | 001010<br>cH_E0MDL_E10<br>H<br>H<br>11001000                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                |
| EV     Torondone     EV        |       |              | 10001000000<br>912-1001200                            | ALEONOL_E10       | •                                       | 407.10001000¥0<br>#10:100100<br>↓<br>                                                                   | 0010<br>000010<br>CALEOMOLEIO<br>HAVE 11001000                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              |

Fig. 10. The CVEC's main window.

An in-depth analysis of the counterexample allows a detailed examination of the cause of the inequivalence. The example demonstrates that the VIS discards overflowed values during the *vl2mv* translation,

whereas the *Synopsys Synplify Pro* synthesizes the overflowed parameter values fairly well. To enhance understanding, we excerpted and modified the verification results graphically, as VIS lacks a graphical interface. We can notice that all repeated information is omitted and we have to reorganize it in order to understand the error trace clearly. The verification results are then analyzed in the following phase.

# 4.4. [Phase IV] Post-analysis and visualization

Lastly, *CVEC* processes the results of the VIS-based equivalence checking and performs additional analyses. If the verification succeeds (*i.e.*, two BLIF-MV programs are equivalent), we can assure that the synthesis process from Verilog to EDIF (*i.e.*, Netlist) was performed correctly for the given Verilog program. If the verification fails (*i.e.*, two BLIF-MV programs are *not* equivalent), it indicates that there was an issue in the synthesis process. In such cases, VIS provides a scenario comprising a sequence of inputs and internal states/variables that leads to the inequivalent state, *i.e.*, a counterexample. Unfortunately, VIS presents it on the console in a textual format, omitting repeated or unchanged details, which makes understanding the prompt almost impossible. However, *CVEC* offers post-analysis functions to reorganize and visualize the data in various formats to enhance understanding.

 $\langle$ Fig. 10 $\rangle$  shows the *CVEC* GUI performing all phases on a single window. *Verilog4VIS Checker* and *EDIFtoBLIF-MV* are embedded, allowing all transformations and equivalence checking to be performed mechanically and seamlessly with just a few button clicks. The series of the VIS commands and analysis on the verification results shown in  $\langle$ Fig. 9 $\rangle$  can be performed mechanically by *CVEC*, as illustrated.

If the verification fails, *CVEC* analyzes the counterexample (*i.e.*, reconstructs skipped information) and visualizes it in various formats such as flow-chart, table and text on console. The visualization helps identifying the cause of the inequivalence between the Verilog design and the synthesized EDIF. We are working on improving the post-analysis and visualization to provide more convenience and useful information to analyzers.

#### 5. Case study

We performed a case study with two types of RPS BP software in DI&C systems of Korean nuclear power plants, in order to demonstrate the effectiveness and potential of the customized VIS-based equivalence checker, *CVEC*. Using *CVEC*, the case study aimed to demonstrate the correct functioning of the commercial FPGA logic synthesis tool *Synopsys Synplify Pro* in the *Libero IDE* EDA environment. If *CVEC* succeeds to prove the behavioral equivalence between Verilog and EDIF, we can claim that the tools function correctly, at least for the given input program. (Fig. 11) summarizes the whole process of the case study.

The first example is an FBD program for a preliminary version of KNICS APR-1400 RPS BP (Korea Atomic Energy Research Institute (KAERI), 2006), while the second example is a Verilog program of the PLD-based RPS BP (Choi and Lee, 2012). The first one is much complicated and detailed than the second one, since it is kind of a mock-up of commercial nuclear power plants. They both consist of 18 independent shutdown logics. The BP softwares read 18 external sensor inputs and make a decision whether to shutdown nuclear reactors or not, periodically. Since the BP software is one of the most safetycritical components in DI&C of nuclear power plants, standards and regulations (U.S. Nuclear Regulatory Commission, 1996b, 2012; Electric Power Research Institute (EPRI), 2014, 1996) strictly encourage developers to verify its correct and safe functioning.

[Case study I] begins with an FBD program, as the implementation platform for the KNICS APR-1400 RPS BP is a programmable logic controller (PLC). We first had to transform the FBD program into a



Fig. 11. An overview of the case study with two examples.

behaviorally-equivalent Verilog program. *FBDtoVerilog v2.1* embedded in *FBD Editor* (Lee et al., 2014) reads the FBD program and mechanically translates it into a behaviorally-equivalent Verilog program. On the other hand, [Case study II] starts from a Verilog program, and we do not need such transformation.

# 5.1. [Case study I] KNICS APR-1400 RPS BP

It uses 5 shutdown logics of the KNICS APR-1400 RPS BP, e.g., fixed set-point rising/falling trip, variable set-point rising/falling trip and manual reset trip. They can represent the whole 18 shutdown logics in BP. The maximum size of all variables in the BP is 16 bits. (Table 1) summarizes important features of the input Verilog program and the synthesized EDIF.

The table also presents the verification result and the time taken by the VIS verification system. In case of the simple logics such as *fixed set-point rising/falling logics*, the VIS could perform the equivalence checking in reasonable time, *e.g.*, 198.22 and 30.11 s, respectively. The transformations time is not considered here. On the other hand, for more complex logics, such as *variable set-point rising/falling trip*, the maximum size of all variables is 9 bits. The VIS successfully completed the equivalence checking for these logics in 5613 s (about 90 min). For all 5 logics, the VIS proved that the Verilog and the subsequently synthesized EDIF are equivalent for all cases.

We also performed a comparison analysis with the commercial equivalence checker *FormalPro*. As *Formal Pro* cannot work for the *Synopsys Synplify Pro*, we had to use *Precision FPGA*. Although the comparison is not entirely precise, we expect that it is generally acceptable. *FormalPro* produced the same result as *CVEC* for all logic cases. (Fig. 12) indicates that the commercial tool is faster than the proposed technique in several orders of magnitude. As shown in (Fig. 12) and (Table 1), the *CVEC* verification performance decreases sharply as the number of *reg* and *latch* increase. As *CVEC* uses the VIS verification engine, it is not straightforward to improve the verification performance (*i.e.*, time) dramatically, but we are planning to improve the verification performance of *CVEC*, including development of an equivalence checking engine from scratch.

In summary, *CVEC* could judge that "*The FPGA logic synthesis tool* worked correctly for the Verilog programs of 5 trip logics in KNICS APR-1400 RPS BP." Further consideration to improve the verification performance will be addressed in Section 4.3.

# Table 1

A summary information of the case study I.

|          |         |             |          |                  |          |          | •            |            |            |
|----------|---------|-------------|----------|------------------|----------|----------|--------------|------------|------------|
|          |         |             | Fix      | ed Set-          | Point F  | tising T | rıp          |            |            |
|          | model   | comb        | pi       | ро               | latch    | const    | edges        | time(sec)  | Equivalent |
| 10bits   | Verilog | 461         | 16       | 22               | 37       | 39       | 1075         | 3.48       | YES        |
|          | EDIF    | 1216        | 16       | 22               | 36       | 38       | 1709         |            |            |
| 11bits   | Verilog | 501         | 17       | 24               | 40       | 42       | 1170         | 5.55       | YES        |
|          | EDIF    | 1528        | 17       | 17 24 40 42 2150 |          |          |              |            |            |
| 12bits   | Verilog | 541         | 18       | 26               | 43       | 45       | 1265         | 8.90       | YES        |
|          | EDIF    | 1786        | 18       | 26               | 44       | 46       | 2511         |            |            |
| 13bits   | Verilog | 583         | 19       | 28               | 46       | 50       | 1362         | 18.49      | YES        |
|          | EDIF    | 1782        | 19       | 28               | 45       | 47       | 2504         |            |            |
| 14bits   | Verilog | 623         | 20       | 30               | 49       | 53       | 1457         | 67.64      | YES        |
|          | EDIF    | 2035        | 20       | 30               | 49       | 51       | 2865         |            |            |
| 15bits   | Verilog | 663         | 21       | 32               | 52       | 56       | 1552         | 162.17     | YES        |
| 10010    | EDIF    | 2148        | 21       | 32               | 52       | 54       | 3016         | 10211/     |            |
| 16bits   | Verilog | 703         | 22       | 34               | 55       | 59       | 1647         | 198.22     | YES        |
| TODICS   | EDIF    | 2341        | 22       | 34               | 56       | 58       | 3285         | 150.22     | 125        |
|          |         |             | Fix      | ed Set-          | Point F  | alling T | rip          |            |            |
|          | model   | comb        | pi       | ро               | latch    | const    | edges        | time(sec)  | Equivalent |
| 106:44   | Verilog | 792         | 15       | 44               | 58       | 61       | 1812         | 4 5 0      | VEC        |
| TODIts   | EDIF    | 2224        | 15       | 44               | 58       | 60       | 3109         | 4.58       | TES        |
|          | Verilog | 863         | 16       | 48               | 63       | 66       | 1978         | 5 70       | VEC        |
| 11bits - | EDIF    | 2506        | 16       | 48               | 63       | 65       | 3500         | 5.70       | YES        |
|          | Verilog | 938         | 17       | 52               | 68       | 75       | 2148         |            |            |
| 12bits   | EDIF    | 2703        | 17       | 52               | 66       | 68       | 3767         | 6.86       | YES        |
|          | Verilog | 1009        | 18       | 56               | 73       | 80       | 2314         |            |            |
| 13bits   | EDIF    | 2784        | 18       | 56               | 71       | 73       | 3880         | 8.81       | YES        |
|          | Verilog | 1080        | 19       | 60               | 78       | 85       | 2480         |            |            |
| 14bits   | EDIF    | 3160        | 19       | 60               | 79       | 78       | 4403         | 15.45      | YES        |
|          | Verilog | 1151        | 20       | 64               | 83       | 90       | 2646         |            |            |
| 15bits   | EDIF    | 3531        | 20       | 64               | 82       | 84       | 4928         | 18.46      | YES        |
|          | Verilog | 1222        | 21       | 68               | 88       | 95       | 2812         |            |            |
| 16bits   | EDIF    | 3682        | 21       | 68               | 85       | 87       | 5131         | 30.11      | YES        |
|          |         |             | M        | anual R          | eset Fa  | lling Tr | ip           |            |            |
|          | model   | comb        | ni       | no               | latch    | const    | edges        | time(sec)  | Equivalent |
|          | Verilog | 650         | 15       | 30               | 44       | 50       | 1467         | (1110(500) | Equivalent |
| 7bits    | FDIE    | 1994        | 15       | 30               | 44       | 46       | 2801         | 16.56      | YES        |
|          | Verilog | 726         | 16       | 34               | 49       | 51       | 1649         |            |            |
| 8bits -  | EDIE    | 2009        | 16       | 34               | 45       | 51       | 2828         | 640.05     | YES        |
|          | Verilog | 813         | 17       | 39               | 5/       | 63       | 18/12        |            |            |
| 9bits -  | EDIE    | 2020        | 17       | 20               | 54       | 56       | 2840         | 1160.17    | YES        |
|          | Vorilog | 2033        | 19       | 12               | 50       | 60       | 2045         |            |            |
| 10bits   | EDIE    | 2224        | 10       | 42               | 55       | 63       | 2028         | 1295.10    | YES        |
|          | Varilag | 071         | 10       | 42               | 64       | 71       | 2212         |            |            |
| 11bits - | Verilog | 2806        | 19       | 40               | 67       | /1<br>60 | 2212         | 11216.6    | YES        |
|          | EDIF    | 2800        | 19       | 40               | 0/       |          | 5945         |            |            |
|          |         |             | Varia    | able Se          | t-Point  | Falling  | Trip         |            |            |
|          | model   | comb        | pi       | ро               | latch    | const    | edges        | time(sec)  | Equivalent |
| 7bits    | Verilog | 724         | 12       | 44               | 55       | 65       | 1664         | 89.65      | YES        |
|          | EDIF    | 1597        | 12       | 44               | 48       | 60       | 2214         |            |            |
| 8bits    | Verilog | 820         | 13       | 50               | 62       | 75       | 1866         | 285.10     | YES        |
|          | EDIF    | 1885        | 13       | 50               | 54       | 56       | 2629         |            |            |
| 9bits    | Verilog | 916         | 14       | 56               | 69       | 85       | 2088         | 4677.80    | YES        |
|          | EDIF    | 2026        | 14       | 56               | 60       | 62       | 2810         |            |            |
|          |         |             | Vari     | able Se          | t-Point  | Rising   | Trip         |            |            |
|          | model   | comb        | pi       | ро               | latch    | const    | edges        | time(sec)  | Equivalent |
| 71.14    | Verilog | 726         | 12       | 44               | 55       | 67       | 1646         | 222.52     |            |
| /bits    | EDIF    | 2745        | 12       | 44               | 49       | 51       | 3853         | 323.53     | YES        |
|          | Varilag | 819         | 13       | 50               | 62       | 74       | 1865         |            |            |
| _        | verlig  |             |          |                  |          |          |              | 126.00     | VEC.       |
| 8bits -  | EDIF    | 2167        | 13       | 50               | 54       | 56       | 3029         | 126.88     | TES        |
| 8bits -  | EDIF    | 2167<br>916 | 13<br>14 | 50<br>56         | 54<br>69 | 56<br>85 | 3029<br>2088 | 126.88     | TES        |



Fig. 12. The comparison of verification time in seconds (CVEC with VIS vs. FormalPro) for fixed set-point rising trip logic.

with 18 trip logics as commercial RPS BPs, but it is an experimental system consisting of fundamental functionalities.  $\langle Table 2 \rangle$  summarizes important features of all inputs and outputs and verification results of 18 trip logics. All logics were verified through *CVEC*, and the comparison with *Formal Pro* was also performed.

CVEC found two non-equivalent cases for  $Lo_SG1\_ESF\_FSF$  and  $Lo_SG2\_ESF\_FSF$  trip logics, whereas FormalPro with Precision FPGA judged that they were equivalent. An in-depth analysis found the reason that the VIS (actually vl2mv in the VIS) has an error at interpreting parameters in Verilog. If a conditional statement includes an arithmetic operation of parameters, such as + or -, the VIS restricts the size of the result of the arithmetic operation into the maximum size of the parameters, without notification.

For example, the Verilog program in  $\langle Fig. 13 \rangle$  reads an input *in* [3:0] and checks "*if*(*in* > *a*+*b*)". The parameter *a* and *b* are defined with 3 of 2 bits (*i.e.*, b11). The condition statement is then equivalent to "*if*(*in* > 6)". However, the *vl2mv* translator interprets the statement as "*if*(*in* > 2)" since the maximum size of two parameters is 2 bits and the maximum size of the + operation is also regarded as 2 bits. 6 (b<u>10</u>10) is truncated into 2 (b10).

The figure also shows the simulation trace of the Verilog program with the VIS and the subsequently synthesized EDIF with *ModelSim*. In the VIS simulation of the Verilog program, *out* gets changed into 1 when the input *in* becomes greater than 2 not 6. The value of *out* (*i.e.*, the calculation result) can be recognized at the next simulation step in the VIS. On the other hands, *ModelSim* shows that the *out* is only changed into 1 when *in* is greater than 6, as intended by the Verilog program.



# 5.2. [Case study II] The RPS trip logics based on PLD technology

In this case study, *CVEC* uses the Verilog programs developed for an experimental RPS (Choi and Lee, 2012), based on Programmable Logic Device (PLD) technology such as FPGA. The target is a system Fig. 13. A Verilog program demonstrating the reason of the non-equivalence.

In summary, *CVEC* checked 18 trip logics of Verilog program for an experimental RPS logics in Korea, and found 2 cases of non-equivalence between the Verilog programs and subsequently synthesized EDIFs.

#### Table 2

A summary information of the case study II.

|    | RPS BP                                                                     |         |      |    |          |          |          |            |         |             |             |
|----|----------------------------------------------------------------------------|---------|------|----|----------|----------|----------|------------|---------|-------------|-------------|
|    |                                                                            |         |      |    |          |          |          |            | time    | Equivalent? | <b>5</b> 10 |
|    | name                                                                       | model   | comp | рі | ро       | latch    | const    | eages      | (sec)   | (FormalPro) | Etc.        |
|    | UL ONT DOG FOD                                                             | Verilog | 417  | 33 | 2        | 40       | 42       | 558        | 2.440   | YES         | 221/14      |
| 1  | H_CNI_PRS_FSK                                                              | EDIF    | 17   | 4  | 2        | 5        | 5        | 34         | 2.419   | 2.419 (YES) |             |
| 2  | Hi_Local_Power                                                             | Verilog | 17   | 4  | 2        | 5        | 5        | 34         | 0.074   | YES         | 1 hite      |
| 2  | _Density_OF                                                                | EDIF    | 43   | 4  | 2        | 5        | 7        | 53         | 0.074   | (YES)       | 1 bits      |
| 2  | Hi Log Power ESP                                                           | Verilog | 550  | 36 | 3        | 45       | 56       | 1311       | 2 4 4 2 | YES         | 22 bits     |
| 5  | TIL_LOB_FOWEI_F5K                                                          | EDIF    | 472  | 36 | 3        | 45       | 47       | 636        | 5.445   | (YES)       | 52 013      |
|    | Hi D7D Droccuro ECD                                                        | Verilog | 527  | 33 | 2        | 40       | 45       | 1259       | 2 208   | YES         | 22 hite     |
| ~  | HI_F2K_FIESSUIE_F5K                                                        | EDIF    | 448  | 33 | 2        | 40       | 42       | 606        | 5.200   | (YES)       | 52 0105     |
| c  |                                                                            | Verilog | 525  | 33 | 2        | 40       | 47       | 1227       | 2 260   | YES         | 22 hite     |
| 5  | H_3GCI_NK_F3K                                                              | EDIF    | 417  | 33 | 2        | 39       | 41       | 561        | 2.200   | (YES)       | 32 010      |
| 6  | HI SCLO NR ESP                                                             | Verilog | 463  | 33 | 2        | 40       | 46       | 1083       | 2 480   | YES         | 22 hite     |
| 0  | HI_JOL2_NK_FJK                                                             | EDIF    | 440  | 33 | 2        | 39       | 41       | 597        | 2.480   | (YES)       | 52 013      |
| 7  |                                                                            | Verilog | 540  | 33 | 2        | 40       | 58       | 1314       | 2 1 4 9 | YES         | 22 hite     |
|    | HIHI_CERS_NK_FSK                                                           | EDIF    | 417  | 33 | 2        | 40       | 42       | 560        | 5.140   | (YES)       | 52 013      |
|    | LO DNRR OF                                                                 | Verilog | 17   | 4  | 2        | 5        | 5        | 34         | 0.094   | YES         | 1 hite      |
| °  | LO_DNBK_OF                                                                 | EDIF    | 43   | 4  | 2        | 5        | 7        | 53         | 0.094   | (YES)       | 1 Dits      |
|    | Lo P7R Proceuro MRE                                                        | Verilog | 613  | 13 | 4        | 68       | 72       | 1443       | Over    | YES         | Size Down   |
|    | CO_F2N_Fressure_With                                                       | EDIF    | 1362 | 13 | 4        | 67       | 69       | 1914       | 10h     | (YES)       | (32> 8)     |
| 10 | Lo RC1 ELW VSE                                                             | Verilog | 746  | 11 | 2        | 48       | 56       | 2007       | 46 636  | YES         | Size Down   |
| 10 | LO_NCI_ILW_VOI                                                             | EDIF    | 1421 | 11 | 2        | 48       | 50       | 2010       | 40.050  | (YES)       | (48> 10)    |
| 11 | Lo BC2 FLW VSF                                                             | Verilog | 746  | 11 | 2        | 48       | 56       | 2007       | 42 566  | YES         | Size Down   |
|    |                                                                            | EDIF    | 1421 | 11 | 2        | 48       | 50       | 2010       | 12.000  | (YES)       | (48> 10)    |
| 12 | Lo SG1 PRS MRF                                                             | Verilog | 542  | 11 | 2        | 59       | 61       | 1279       | 473 498 | YES         | Size Down   |
|    | 0000101000000                                                              | EDIF    | 1260 | 11 | 2        | 58       | 60       | 1776       | 475.450 | (YES)       | (48> 8)     |
| 13 | Lo SG2 PRS MRF                                                             | Verilog | 542  | 11 | 2        | 59       | 61       | 1279       | 589,266 | YES         | Size Down   |
|    |                                                                            | EDIF    | 1260 | 11 | 2        | 58       | 60       | 1776       |         | (YES)       | (48> 8)     |
| 14 | Lo SGL1 ESE ESE                                                            | Verilog | 525  | 33 | 2        | 40       | 47       | 1277       |         | NO          | 32 bits     |
|    |                                                                            | EDIF    | 466  | 33 | 2        | 40       | 42       | 610        |         | (YES)       |             |
| 15 | Lo SGL1 RPS ESE                                                            | Verilog | 525  | 33 | 2        | 40       | 47       | 1227       | 3.20    | YES         | 32 bits     |
|    |                                                                            | EDIF    | 457  | 33 | 2        | 40       | 42       | 598        |         | (YES)       |             |
| 16 | Lo SGL2 ESE ESE                                                            | Verilog | 525  | 33 | 2        | 40       | 47       | 1277       |         | NO          | 32 hits     |
|    |                                                                            | EDIF    | 466  | 33 | 2        | 40       | 42       | 610        |         | (YES)       |             |
| 17 | Lo SGL2 RPS ESE                                                            | Verilog | 525  | 33 | 2        | 40       | 47       | 1227       | 3.18    | YES         | 32 bits     |
|    |                                                                            | EDIF    | 457  | 33 | 2        | 40       | 42       | 598        |         | (YES)       |             |
| 18 | Variable OverPower VSR                                                     | Verilog | 1185 | 17 | 2        | 56       | 71       | 3100       | 437.49  | YES         | Size Down   |
|    |                                                                            | EDIF    | 2912 | 17 | 2        | 56       | 58       | 4128       |         | (YES)       | (48> 16)    |
|    | * Note                                                                     |         |      |    |          |          |          |            |         |             |             |
|    | FSR - Fixed Set-Point Rising Tr                                            | ip      |      |    | FSF - Fi | ked Set- | Point Fa | lling Trip | )       |             |             |
|    | MRF - Manual Reset Falling Tr                                              | rip     |      |    | OF - Or  | /OFF     |          |            |         |             |             |
|    | VSR - Variable Set-Point Rising Trip VSF - Variable Set-Point Falling Trip |         |      |    |          |          |          |            |         |             |             |

An in-depth analysis, however, found that the two non-equivalence resulted from incorrect operation of the VIS (actually the *vl2mv* translator), and a simple remedy such as replacing "a + b" with 6 could resolve the non-equivalence. Therefore, *CVEC* could judge that "*The FPGA logic synthesis tool functioned correctly for the Verilog programs of 18 trip logics in an experimental RPS BP.*" The verification performance was reasonably acceptable for the PLD-based 18 trips logics of RPS BP, since the system do not include implementation details such as operation bypass, periodic tests or heart bits.

#### 5.3. Further consideration on the verification performance

The proposed technique *CVEC* uses the verification engine of the VIS to prove the behavioral (*i.e.*, sequential not combinational) equivalence between RTL designs in Verilog and Netlists in EDIF. VIS is an open-source, widely-used tool that has been successfully utilized and validated by many researchers in public. Those success stories clearly demonstrate the value of VIS as one of the mature equivalence checker among various tools in HWMCC (Hardware Model Checking Competition) (Johannes Kepler University Linz, 2015), even though the tool is since been upgraded to newer versions (ABC (Brayton and Mishchenko, 2010) and IImc (University of Colorado at Boulder, 2016)).

There are several commercial formal verification tools which can be used for our purpose – "Correctness verification of commercial FPGA logic synthesis tools." FormalPro (Siemens, 0000a), Conformal Equivalence Checker (Cadence, 2017) and Formality (Synopsys, 2019) are the candidates. However, they require additional information such as register/variable matching or libraries from synthesis tools. Which means, we cannot use the tools without vendor's support. For instance, we cannot use *FormalPro* for *Libero IDE* with *Synopsys Synplify Pro* synthesizer, which was the combination of the project we were working on.

Since *CVEC* is based on the VIS verification engine, it is tightly coupled with the input front-end BLIF-MV as well as the sequential equivalence checking engine of the VIS. As sequential equivalence checking has inherent limitations on the size of targets and verification speed (Brand, 2003), commercial tools often use combinational equivalence checking hierarchically through decoupling sequential logics into combinational ones (Rahim et al., 2012). They also use additional information such as Formal Verification Interface (FVI), Tcl script, Synopsys setup Verification File (SVF) and various libraries to make the strategy possible. *CVEC*, on the other hand, requires no additional information. It only needs transformation of a Verilog program into a *Verilog4VIS* program, which is the results from the limitation due to the in-house translator *vl2mv* in the VIS.

We are planning to improve the verification performance of *CVEC* in two ways. First, we plan to explore the use of combinational equivalence checking instead of sequential one, following the approach commonly adopted by typical commercial equivalence checkers. The decision to use the VIS verification engines or to develop a new solution from scratch should be made after conducting an in-depth analysis. Secondly, the input front-end BLIF-MV can be replaced with AIGER (Johannes Kepler University Linz, 2011), which can handle various input formats successfully. AIGER is a format, library, and set of utilities for And-Inverter Graphs (AIGs), providing a convenient and compact representation for circuits. It is known to describe combinational and sequential circuits efficiently.

#### 6. Conclusion and future work

This paper proposes a customized VIS-based equivalence checker *CVEC* which can contribute to the correctness demonstration of the combination – the *Synopsys Synplify Pro* synthesizer in the *Libero IDE* EDA. *CVEC* can formally check the behavioral equivalence between a Verilog HDL and a Netlist (*i.e.*, EDIF) synthesized in this environment. It uses the VIS verification system as a verification engine, and also provides two model transformations and a rule checker. It also provides a graphical interface to perform all transformations mechanically and analyze verification results visually and efficiently. If the formal verification with *CVEC* succeeds, then we can claim that the logic synthesis from Verilog into EDIF worked correctly at least for the given Verilog program. Therefore, *CVEC* can verify the functional correctness of FPGA synthesis tools through equivalence checking, which is one of the ways to dedicate COTS items used in safety-related applications.

In order to demonstrate the effectiveness and applicability of the proposed technique, we performed a case study with two examples of RPS BP (Bistable Processor) programs excerpted from Korean nuclear power plants. We also tried to compare the performance of *CVEC* with a commercial verification tool *FormalPro*, although we had to change the logic synthesis tool into *Precision FPGA*. The comparison indicates that the commercial tool is faster than the proposed technique in many orders of magnitude. It is not straightforward to improve the verification performance dramatically, since *CVEC* uses the VIS verification engine and the input front-end if VIS, *vl2mv*. We are planning to strategically adopt combinational equivalence checking, similar to other commercial tools, and are also considering replacing BLIF-MV with AIGER. We also have a plan to develop a dedication of different commercial grade FPGAs, focusing on addressing different types of FPGAs in the SMR design to mitigate the common cause failure (CCF) problem.

# Declaration of competing interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

# Acknowledgments

This work was supported by the Nuclear Safety Research Program through the Regulatory Research Management Agency for SMRS (RMAS) and the Nuclear Safety and Security Commission (NSSC) of the Republic of Korea (No. RS-2024-00509643).

#### Appendix. Examples of the translations from EDIF to BLIF-MV

In this appendix, the examples of the translations according to EDIF to BLIF-MV translation rules, **Rule 1** to **Rule 5**, presented in Section 4.2.2 are demonstrated. There are total of 11 examples, especially more than one example for **Rule 2**, **Rule 3**, and **Rule 5**, considering various cases dealth with in the same rule.

#### [Case 1] Cells

(Fig. A.1) demonstrates an example of translation of cells according to **Rule 1**. When the name of cell in EDIF is example\_cell, then the name of the model in BLIF-MV is also example\_cell. This cell would be the cell inside working library, example\_library.

| EDIF                                           | BLIF-MV             |
|------------------------------------------------|---------------------|
| (library example_library<br>(cell example_cell | .model example_cell |
| )<br>)                                         |                     |

Fig. A.1. Example of translation of cells.

# [Case 2] Ports and arrays

 $\langle$ Fig. A.2 $\rangle$  depicts 4 examples of translations according to **Rule 2**. When there are only input and output ports in EDIF file, these input and output ports can simply be translated into .inputs and .outputs in BLIF-MV, as shown in the first example. Also, there are 3 examples of using the keyword *array* inside the port. However, we do not have an example for array of the output ports, since such expression is not used in EDIF.

There is an *array* for input port, with index of 4, in the second example. If there is only one index, the starting index *i* automatically becomes 0, and the ending index becomes (i - 1). So in the second example, input ports named *input* in array with index of 4 would become .inputs input[0] input[1] input[2] input[3] in BLIF-MV.

In the third example, there is *downto* keyword in the array, with the starting index of 3 and the ending index of 0. In this case, input ports named *input* would become .inputs input[3] input[2] input[1] input[0], since the keyword *downto* shows the index would be in descending order.

The last example, includes the case of *to* keyword used in the array, which gives an index in ascending order. It might seem the same as the second example, but we can designate the starting index and the ending index from 1 to 4, as shown in the last example of  $\langle$ Fig. A.2 $\rangle$ . The case of using the *downto* keyword also works the same.

# [Case 3] Property functions

 $\langle$ Fig. A.3 $\rangle$  shows 3 examples of using the keyword *property function* in the cell. If the function is a sequential logic, there would exist an expression property isSequential ''TRUE'' in EDIF. Then this function is simply expressed with .reset and .latch keywords in BLIF-MV.

In the first example in  $\langle$ Fig. A.3 $\rangle$ , there is a function ''DFF'', which means *D-Flip-Flop*. In this cell, the input ports are D, CLK and RST, and the output port is Q. The RST port works as reset input signal,

| EDIF                                                                                                                                                                                                  | BLIF-MV                                                                                                                      |
|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------------------------------------------------------------------------------------|
| <pre>(cell example_cell<br/>(view example_view<br/>(interface<br/>(port input_A (direction INPUT))<br/>(port input_B (direction INPUT))<br/>(port output_X (direction OUTPUT))<br/><br/>)<br/>)</pre> | .model example_cell<br>.inputs input_A<br>.inputs input_B<br>.outputs output_X<br>                                           |
| EDIF                                                                                                                                                                                                  | BLIF-MV                                                                                                                      |
| <pre>(cell example_cell<br/>(view example_view<br/>(interface<br/>(port<br/>(array input 4 (direction INPUT))<br/>(port output (direction OUTPUT))<br/><br/>)<br/>)</pre>                             | .model example_cell<br>.inputs input[0] input[1] input[2] input[3]<br>.outputs output<br><br>.end                            |
|                                                                                                                                                                                                       |                                                                                                                              |
| EDIF                                                                                                                                                                                                  | BLIF-MV                                                                                                                      |
| EDIF<br>(cell example_cell<br>(view example_view<br>(interface<br>(port<br>(array input 3 downto 0 (direction INPUT))<br>(port output (direction OUTPUT))<br><br>)<br>)                               | BLIF-MV<br>.model example_cell<br>.inputs input[3] input[2] input[1] input[0]<br>.outputs output_port<br><br>.end            |
| EDIF<br>(cell example_cell<br>(view example_view<br>(interface<br>(port<br>(array input 3 downto 0 (direction INPUT))<br>(port output (direction OUTPUT))<br><br>)<br>EDIF                            | BLIF-MV<br>.model example_cell<br>.inputs input[3] input[2] input[1] input[0]<br>.outputs output_port<br><br>.end<br>BLIF-MV |

Fig. A.2. Examples of translation of ports and arrays.

while CLK port works as clock input signal and D port means data input signal. Using the given input and output ports, it can be expressed as .reset RST Q O and .latch D Q DFF in BLIF-MV. .reset RST Q O means that when RST signal is activated, Q has to be reset into initial value 0. .latch D Q DFF means that according to data input D, DFF is activated and the result is saved in output Q. The reason for omitting the input port CLK is due to the first step of pre-processing before translation into BLIF-MV, as stated in Section 4.2.1.

On the other hand, if there is no expression of isSequential "TRUE", then the function would be combinational logic, *i.e.*, the cell is a combinational cell. If the cell is a combinational cell, then the  $\langle truth table of functionality \rangle$  must be represented.

In the second example of  $\langle Fig. A.3 \rangle$  uses AND2 gate, which means there are 2 operands with AND operator. After the keyword .table, the name of input ports (*i.e.*, A B) are listed and then output port (*i.e.*, X) is placed after them. The truth table is represented in translation result in the right-hand side of the table, under the .default 0 line. In here, an example of AND gate using operand A and B is expressed.

In the last example of  $\langle Fig. A.3 \rangle$ , multiple operators are used. There is a function of A & (B + C). In this case, an expression of .table A B C X is used. A postfix notation, which would express the function A & (B + C) in ABC+&, is used internally during the translation from EDIF to BLIF-MV. Then the truth table is represented after the .default 0 line, same as the second example.

# [Case 4] Cells including instances

 $\langle$ Fig. A.4 $\rangle$  demonstrates an example of **Rule 4**. When there is an *instance* in the cell, it would be translated into .subckt in BLIF-MV. In the example, there are input ports A and B, and output port X. Also there is instance U1 in the contents, and cellRef AND2 is in the viewRef inside the instance U1. These are translated as .subckt AND2 U1 A = U1\_A B = U1\_B X = U1\_X by following **Rule 4**.

| EDIF                                                                                                                                                                                                                                                                           | BLIF-MV                                                                                                                                                     |
|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------|
| <pre>(coll sxample_coll<br/>(view example_view<br/>(Interface<br/>(port D (direction INPUT))<br/>(port CLK (direction UNPUT))<br/>(port SLT (direction INPUT))<br/>(property function "DFF")<br/>(property function "DFF")<br/>(property isSequential "TRUE")<br/><br/>)</pre> | .model example_cell<br>.inputs D CLK RST<br>.outputs Q<br>.reset RST Q O<br>.latch D Q DFF<br><br>.end                                                      |
| EDIF                                                                                                                                                                                                                                                                           | BLIF-MV                                                                                                                                                     |
| <pre>(cell example_cell<br/>(view example_view<br/>(interface<br/>(port A (direction INPUT))<br/>(port B (direction UNPUT))<br/>(property function "AND2")<br/><br/>)<br/>)</pre>                                                                                              | .model example_cell<br>.inputs A B<br>.outputs X<br>.table A B X<br>.default 0<br>0 0 0<br>0 1 0<br>1 1 1<br><br>.end                                       |
| EDIF                                                                                                                                                                                                                                                                           | BLIF-MV                                                                                                                                                     |
| <pre>(cell example_cell<br/>(view example_view<br/>(interface<br/>(port &amp; (direction INPUT))<br/>(port &amp; (direction INPUT))<br/>(port X (direction INPUT))<br/>(port X (direction OUTPUT))<br/>)<br/>(property function (string "A &amp; (B + C)"))<br/><br/>)</pre>   | model example_cell<br>inpute A B C<br>outputs X<br>table A B C X<br>default 0<br>0 0 0 0<br>0 1 0<br>0 1 1 0<br>1 0 0 0<br>1 0 0<br>1 1 0<br>1 1 1<br>1 1 1 |

Fig. A.3. Examples of translation of property functions.



Fig. A.4. Example of translation of cells including instances.

# [Case 5] cells including connections

(Fig. A.5) shows examples following **Rule 5**. When a keyword *joined* only exists in the *net*, and keywords *portRef* and *instanceRef* are used, it would be also translated into .table in BLIF-MV.

In the first example, there is a net N1, portRefs input1 and output1, and instanceRefs inst1 and inst2. When it is translated into BLIF-MV format, it would be expressed as .table inst1 input1 inst2 output1, and in the next sentence, the name of instanceRef of input instance (*i.e.*, inst1) has to be placed after "- =".

The second example deals with the case where the keyword *rename* is used. In this case, net is renamed and there can exist members inside it. In the second example, there is a net renamed as original[1], and there are members memberA and memberB, and order for each of them is 1 and 2. The renamed name of the net becomes original1 in BLIF-MV, and the name of members become memberA1 and memberB2.

# Data availability

Data will be made available on request.

| EDIF                                                                                                                                                                                                                | BLIF-MV                                                                           |
|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------|
| <pre>(cell example_cell<br/>(view example_view<br/>(contents</pre>                                                                                                                                                  | .model example_cell<br>.table inst1 input1 inst2 output1<br>- = inst1<br><br>.end |
| EDIF                                                                                                                                                                                                                | BLIF-MV                                                                           |
| <pre>(cell example_cell<br/>(view example_view<br/>(contents<br/>(net (rename net_renamed "original[1]"<br/>(joined<br/>(portRef (member memberR 1))<br/>(portRef (member memberB 2))<br/>))<br/><br/>)<br/>)</pre> | .model example_cell<br>.table original1 →<br>memberA1<br>memberB2<br><br>.end     |

Fig. A.5. Examples of translation of cells including connections.

#### References

- Ahn, D.-r., Shin, S.-g., Baek, Y.-s., Lee, H.-k., Park, K.-h., Choi, I.-s., 2019. A study on simulation based fault injection test scenario and safety measure time of autonomous vehicle using STPA. J. Korea Inst. Intell. Transp. Syst. 18 (2), 129–143.
- Allani, M.Y., Riahi, J., Vergura, S., Mami, A., 2021. FPGA-based controller for a hybrid grid-connected PV/wind/battery power system with AC load. Energies 14 (8), 2108.
- Brand, D., 2003. Verification of large synthesized designs. In: The Best of ICCAD. Springer, pp. 65–72.
- Brayton, R.K., 1991. Blif-mv: an interchange format for design verification and synthesis. Tech. Rep., University of California.
- Brayton, R.K., Hachtel, G.D., Sangiovanni-Vincentelli, A., Somenzi, F., Aziz, A., Cheng, S.-T., Edwards, S.A., Khatri, S.P., Kukimoto, Y., Pardo, A., Qadeer, S., Ranjan, R.K., Sarwary, S., Shiple, T.R., Swamy, G., Villa, T., 1996. VIS : A system for verification and synthesis. In: The Eighth International Conference on Computer Aided Verification. CAV '96, pp. 428–432.
- Brayton, R., Mishchenko, A., 2010. ABC: An academic industrial-strength verification tool. In: Computer Aided Verification. Springer, pp. 24–40.
- Bukya, M., Padma, B., Kumar, R., Mathur, A., Prasad, N., 2024. FPGA-based VFF-RLS algorithm for battery insulation detection in electric vehicles. World Electr. Veh. J. 15 (4), 129.
- Burch, J.R., Clarke, E.M., Long, D.E., McMillan, K.L., Dill, D.L., 1994. Symbolic model checking for sequential circuit verification. Comput.- Aided Des. Integr. Circuits Syst. IEEE Trans. on 13 (4), 401–424.
- Cadence, Conformal Equivalence Checker, https://www.cadence.com/en\_US/home/ tools/digital-design-and-signoff/logic-equivalence-checking/conformal-equivalencechecker.html.
- Cadence, Cadence Virtuoso Digital Implementation, https://www.cadence. com/en\_US/home/tools/digital-design-and-signoff/soc-implementation-andfloorplanning/virtuoso-digital-implementation.html.
- Choi, J., Lee, D., 2012. Development of RPS trip logic based on PLD technology. Nucl. Eng. Technol. 44 (6), 697–708.
- Chouy, C.-T., 1997. Synchronous verilog: A proposal.
- Cimatti, A., Clarke, E., Giunchiglia, F., Roveri, M., 1999. Nusmv: A new symbolic model verifier. In: 11th International Conference on Computer Aided Verification. CAV '99, pp. 495–499.
- Clarke, E.M., Grumberg, O., Peled, D.A., 1999. Model Checking. MIT Press.
- Cummins, D., Quinn, E.T., 2021. Instrumentation and control technologies for small modular reactors (SMRs). In: Handbook of Small Modular Nuclear Reactors. Elsevier, pp. 117–145.
- Electric Power Research Institute (EPRI), 1996. Guideline on evaluation and acceptance of commercial grade digital equipment for nuclear safety applications (EPRI TR-106439).
- Electric Power Research Institute (EPRI), 2014. Plant engineering: Guideline for the acceptance of commercial-grade items in nuclear safety-related applications (EPRI NP-5652). Revision 1 to EPRI NP-5652 and TR-102260.
- Electronic Industries Association, 1998. Electronic design interchange format (EDIF). EIA-548, Version 2.0.0.
- Farias, M.S., Martins, R.H., Teixeira, P.I., Carvalho, P., 2016. FPGA-based I&C systems in nuclear plants. Chem. Eng. Trans. 52.
- Gautham, S.M., 2020. Multilevel runtime verification for safety and security critical cyber physical systems from a model based engineering perspective.
- Hoare, T., 2003. The verifying compiler: A grand challenge for computing research. J. ACM 50 (1), 63–69.
- Hu, K., Chu, Z., 2023. An efficient circuit-based SAT solver and its application in logic equivalence checking. Microelectron. J. 142, 106005.

- Institute of Electrical and Electronics Engineers (IEEE), 2001. IEEE std 1364-2005: Verilog - hardware description language.
- Institute of Electrical and Electronics Engineers (IEEE), 2008. IEEE std 1076-2019: VHDL language reference manual.
- Institute of Electrical and Electronics Engineers (IEEE), 2016a. IEEE Std 1012-2016: IEEE Standard for System, Software, and Hardware Verification and Validation. Tech. Rep..
- Institute of Electrical and Electronics Engineers (IEEE), 2016b. IEEE Std 7-4.3.2-2016: IEEE Standard Criteria for Programmable Digital Devices in Safety Systems of Nuclear Power Generating Stations. Tech. Rep..
- International Electrotechnical Commission (IEC), 2000. IEC 61508, functional safety of electrical, electronic and programmable electronic (e/e/PE) safety-related systems.
- International Electrotechnical Commission (IEC), 2006. Nuclear Power Plants Instrumentation and Control Systems Important to Safety - Software Aspects for Computer-Based Systems Performing Category a Functions (IEC 60880). Tech. Rep.
- International Electrotechnical Commission (IEC), 2007. Nuclear power plants instrumentation and control important to safety - hardware design requirements for computer-based systems (iec 60987). Tech. Rep., International Electrotechnical Commission (IEC).
- International Electrotechnical Commission (IEC), 2011. Nuclear power plants instrumentation and control important to safety - general requirements for systems (iec 61513). Tech. Rep., International Electrotechnical Commission (IEC).
- International Electrotechnical Commission (IEC), 2012. Nuclear Power Plants Instrumentation and Control Important to Safety - Development of HDL-Programmed Integrated Circuits for Systems Performing Category a Functions (IEC 62566). Tech. Rep., International Electrotechnical Commission (IEC).
- International Electrotechnical Commission (IEC), 2013. IEC 61131-3:2013 Programmable controllers - Part 3: Programming Languages. Tech. Rep., IEC.
- International Electrotechnical Commission (IEC), 2020. Nuclear Power Plants Instrumentation and Control Important to Safety – Development of HDL-Programmed Integrated Circuits – Part 2: HDL-Programmed Integrated Circuits for Systems Performing Category B or C Functions (IEC 62566-2). Tech. Rep..
- Johannes Kepler University Linz, AIGER, http://fmv.jku.at/aiger/.
- Johannes Kepler University Linz, Hardware Model Checking Competition' 15, http: //fmv.jku.at/hwmcc15/index.html.
- Jung, S., Kim, E.-S., Yoo, J., Kim, J.-Y., Choi, J.G., 2016. An evaluation and acceptance of COTS software for FPGA-based controllers in NPPs. Ann. Nucl. Energy 94, 338–349.
- Jung, S., Yoo, J., Cha, S., 2010. VIS analyzer : A visual assistant for VIS verification and analysis. In: The 13th IEEE Computer Society Symposium Dealing with the Rapidly Expanding Field of Object/Component/Service-Oriented Real-Time Distributed Computing (ORC) Technology, ISORC 2010 Symposium.
- Kim, E.-S., Jung, S., Kim, J., Yoo, J., Chang, C.-H., 2015. Verilog4VIS-EC: A manipulated verilog format for VIS equivalence checking. In: KIISE 2015 Winter Conference. pp. 461–463.
- Kim, J.Y., Lee, Y.J., Cha, K.H., Cheon, S.W., Lee, J.S., Kwon, K.C., 2007. Experience on the COTS software dedication of the PROFIBUS FMS-driver. In: Transactions of the Korean Nuclear Society Spring Meeting Jeju, Korea, May. pp. 10–11.
- Kim, J.Y., Lee, Y.J., Cheon, S.W., Lee, J.S., Kwon, K.C., 2010. A commercial-off-theshelf (COTS) dedication of a QNX real time operating system (RTOS). In: 2010 2nd International Conference on Reliability, Safety and Hazard-Risk-Based Technologies and Physics-of-Failure Methods. ICRESH, IEEE, pp. 123–126.
- Korea Atomic Energy Research Institute (KAERI), 2006. Software Design Specification for Reactor Protection System KNICS-RPS-SD231-01. Tech. Rep., Rev.02.
- Kukimoto, Y., 1996. Blif-mv. The VIS Group, University California, Berkely.
- Lee, J.-H., 2013. Automatic Translation for Equivalence Checking between Verilog and EDIF Netlist with VIS Master's thesis. Konkuk University.

- Lee, D.-A., Kim, E.-S., Seo, Y.-J., Yoo, J., 2014. Fbdeditor: An FBD design program for developing nuclear digital i&c systems. In: Korea Conference on Software Engineering. KCSE 2014, in: 315–318 (Ed.)in Korean.
- Lee, D., Park, D., 2021. Hardware and software co-design platform for energy-efficient FPGA accelerator design. J. Korea Inst. Inf. Commun. Eng. 25 (1), 20–26.
- Microchip, Libero IDE, https://www.microchip.com/en-us/products/fpgas-and-plds/ fpga-and-soc-design-tools/fpga/libero-ide.
- Ni, L., Yang, Z., Zhang, J., Feng, C., Liu, J., Luo, G., Li, H., Xie, B., Li, X., 2023. MEC: An open-source fine-grained mapping equivalence checking tool for FPGA. In: 2023 International Symposium of Electronics Design Automation. ISEDA, IEEE, pp. 131–136.
- NuScale, 2020. NuScale Standard Plant Design Certification Application Chapter 7 Instrumentation and Controls. Tech. Rep., NUSCALE.
- Piggin, R., Sampson, C., 2016. Security and safety of FPGAS in nuclear safety systems: benefits and challenges. In: 11th International Conference on System Safety and Cyber-Security (SSCS 2016). IET, pp. 1–6.
- Rahim, S., Rouzeyre, B., Torres, L., 2012. A flip-flop matching engine to verify sequential optimizations. Comput. Inform. 23 (5–6), 437–460.
- RTCA, 2000. DO-254: Design assurance guidance for airborne electronic hardware. Siemens, FormalPro, https://eda.sw.siemens.com/en-US/ic/formalpro-equivalence-
- checking/.
- Siemens, Precision FPGA, https://eda.sw.siemens.com/en-US/ic/precision/. Siemens, ModelSim, https://eda.sw.siemens.com/en-US/ic/modelsim/.
- Siemens, Questa Simulator, https://eda.sw.siemens.com/en-US/ic/questa/simulation/ advanced-simulator/.

SPIN. http://spinroot.com/.

- Synopsys, Synopsys and Actel Renew OEM Relationship for FPGA Design Software, https://news.synopsys.com/home?item=123057.
- Synopsys, Synopsys Synplify Pro, http://www.synopsys.com/.
- Synopsys, Formality, http://www.synopsys.com/.
- Times, E., 2001. Survey compares formal verification tools. http://www.eetimes.com/ document.asp?doc\_id=1216123.
- University of Colorado at Boulder, IImc, https://github.com/mgudemann/iimc.
- U.S. Nuclear Regulatory Commission, 1996a. NUREG/CR-7006 : Review Guidelines for Field-Programmable Gate Arrays in Nuclear Power Plant Safety Systems. Tech. Rep., U.S. Nuclear Regulatory Commision (NRC).
- U.S. Nuclear Regulatory Commission, 1996b. A proposed acceptance process for commercial off-the-shelf (COTS) software in reactor applications (NUREG/CR-6421, UCRL-ID-112526).
- U.S. Nuclear Regulatory Commission, 2012. Reporting of defects and noncompliance (10 CFR 21).
- U.S. Nuclear Regulatory Commission, 2016. Instrumentation and Controls Introduction and Overview of Review Process. Tech. Rep., U.S. Nuclear Regulatory Commission.
- Wang, J., Li, M., Jiang, W., Huang, Y., Lin, R., 2022. A design of FPGA-based neural network PID controller for motion control system. Sensors 22 (3), 889.
- Xu, Y., Huang, G., Balewski, J., Naik, R., Morvan, A., Mitchell, B., Nowrouzi, K., Santiago, D.I., Siddiqi, I., 2021. QubiC: An open-source FPGA-based control and measurement system for superconducting quantum information processors. IEEE Trans. Quantum Eng. 2, 1–11.
- Yoo, J., Cha, S., Jee, E., 2009. Verification of PLC programs written in FBD with VIS. Nucl. Eng. Technol. 41 (1), 79–90.
- Yoo, J., Kim, E.-S., Jung, S., 2015. Verification techniques for COTS dedication of commercial FPGA tools. In: The 10th International Symposium on Embedded Technology. ISET 2015, pp. 150–151.
- Zhang, D., Wu, W., 2024. Radiation environment-constrained FPGA reinforcement technology and reliability research utilizing error control coding. IEEE Access.