source: vis_dev/vis-2.1/examples/arbiter/README @ 15

Last change on this file since 15 was 11, checked in by cecile, 14 years ago

Add vis
File size: 3.1 KB
Line 
1A simple arbitration circuit for VIS TTC
2Yuji Kukimoto
3kukimoto@eecs.berkeley.edu
4
5STG: see figures.ps
6circuit structure: see figures.ps
7
8Overall picture:
9
10Three requesting modules (called clients) are competing to get a bus
11access. At any point, only one module is allowed to get a bus access.
12Each client has a controller attached to it, from which an
13acknowledgment is given.  All the controllers communicate with an
14arbiter so that at any time at most one controller gives an
15acknowledgment.  The arbiter is a simple three-state machine. It has
16a single output indicating which controller can be selected among the
17three at each time tick.  If the "active" input of the controller is
180, the output is X, meaning that no one is selected.
19
20The protocol here is that a controller takes a control from the
21arbiter if it is selected by the arbiter and it has a request.
22Otherwise, the control is passed to the next controller.  A signal
23pass_ctrl is set to one iff the controller needs to pass a control to
24another controller. There are two cases: 1) when the controller is
25done processing a request, 2) when the controller has no request
26waiting, but is selected. In both cases, the variable is set to one in
27the next clock so that another controller waiting for an access can
28take a control. The "active" signal of the arbiter is set to one iff
29one of the pass_ctrl is set to one.
30
31A client has to keep a request signal high until an acknowledgment is
32given. Even after an acknowledgment is returned from the
33corresponding controller, req can be high for a finite amount of time.
34This means that different requests take different time to complete.
35Fairness constraints arise here since we do not want to keep req high
36for infinite time.
37
38I. CTL Model Checking
39
40A. Property:
41
42  1. mutual exclusion
43  2. AG(req->AF(ack))
44
45  # safety: mutual exclusion
46  AG ( !(ackA = 1 * ackB = 1 + ackB = 1 * ackC = 1 + ackC = 1 * ackA=1) );
47
48  # liveness:
49  AG( (reqA = 1) -> AF(ackA = 1) );
50  AG( (reqB = 1) -> AF(ackB = 1) );
51  AG( (reqC = 1) -> AF(ackC = 1) );
52
53B. Fairness:
54
55  !(clientA.state=HAVE_TOKEN);
56  !(clientB.state=HAVE_TOKEN);
57  !(clientC.state=HAVE_TOKEN);
58
59C. Files:
60
61  arbiter.v: a fair arbiter. the liveness property passes under fairness
62  constraints. arbiter_bug.v is another version of arbiter.v, where the state
63  transition graph of the arbiter is slightly different. This is not a
64  fair arbiter.
65
66  arbiter.fair: fairness constraints
67
68  arbiter.ctl: ctl files
69
70II. Language emptiness check:
71
72A. File: arbiter_le.v
73
74An observer is added to check if the liveness property for clientA is
75satisfied. The observer is a non-deterministic machine which
76represents the complement of the liveness property.  Ending up in
77state BAD in the observer means that the behavior is bad. Thus,
78observer.state=BAD is added to the fairness constraints.  The
79corresponding fairness file is arbiter_le.fair. The language emptiness
80check passes, implying that the design is correct.
81
82B. Note:
83
84Complementing the liveness property is not so intuitive even though
85the property is very simple. It turned out that we really need a
86non-deterministic machine to representing this property under Buchi
87constraint.
Note: See TracBrowser for help on using the repository browser.