The discrete time analysis of logic circuits is usually more efficient than the continuous time analysis, but the preciseness of the discrete time analysis is not guaranteed. The paper shows a method to decide a unit time for a logic circuit under which the analysis result is the same as the result based on the continuous time. The delay time of an element is specified with an interval between the minimum and maximum delay times, and we assume an analysis method which enumerates all possible delay cases under the deisrete time. Our main theorem is as follows: refine the unit time by a factor of 1/2, and if the analysis result with a unit time u and that with a unit time u/2 are the same, then u is the expected unit time.

Since, in a VLSI circuit, the number of transistors and the clock frequency are constantly increasing, it is important to analyze the voltage drop and current density on a full chip's power networks. We propose a new hierarchical power analysis system named XPOWER. A new reduction algorithm for the resistance and current source network is used in this system. The algorithm utilizes the design hierarchy in nature and is independent of network topology. Networks at each level are reduced into small and equivalent networks, and this reduction is performed recursively from the bottom levels of the design hierarchy. At each step of the reduction, the network under consideration consists of two kinds of objects: (1) reduced child networks, and (2) the interconnection between child networks. After all networks have been reduced, circuit equationa are solved recursively from the top. This allows to decrease the size of the matrix to be solved and to reduce the execution time. Experimental results show that the factor of reduction in matrix size is from 1/10 to 1/40 and execution is six times faster than with flat analysis. The power networks of a 16 bit digital signal processor was analyzed within 15 minutes using XPOWER.

We introduce automatic procedures for generating and verifying sufficient correctness properties of synchronous processors. The targeted circuits are synchronous array processors designed from localized, highly regular data dependency graphs (DDGs). The specification, in the form of a DDG, is viewed as a maximally parallel circuit. The implementation, on the other hand, is a (partially) serialized circuit. Since these circuits are not equivalent from an automata-theoretic viewpoint, we define the correctness of the implementation against the specification to mean that a certain relation (called the β-relation) holds between the two. We use a compositional approach to decouple the verification of the control circuitry from that of the data path, thereby gaining efficiency. An array processor in isolation may not have a definite flow of control, because control may reside in the data stream. Therefore, for the purpose of verification, we construct an auxiliary machine, which keeps a timing reference and generates control signals abstracted from a typical data stream. Sufficient correctness conditions are expressed as past-tense computation tree logic (CTL) formulae and verified by CTL model-checking procedures. Experimental results of the verification of a matrix multiplication array and a Gaussian elimination array are presented.

Test pattern generation is getting much harder as the circuit size becomes larger. One problem is that it tends to take much time and another one is that it is difficult to detect redundant faults. Aiming to cope with these problem, an enhanced unique sensitization technique is proposed in this paper. This powerful global implication reduces the number of backtracks with reasonable computational time. And a fast test pattern generator featuring this unique sensitization demonstrates its performance using large benchmark circuits with over ten thousands of gates. It takes only a minute to detect all testable faults and to identify all redundant faults of 20,000 gates circuit on a workstation.

We Propose an integrated design and test assistance method for pipelined processors. Our approach generates behavioral-level test environments for pipeline control mechanisms from a machine-readable specification. It includes automatic generation of test programs and behavioral descriptions. Verification can be done by applying logic simulation to both the designers' descriptions and the behavioral descriptions, and then comparing the results. We have implemented an experimental system that enumerates all hazard patterns--instruction patterns that cause pipeline hazards--from the specifications, and generates the test programs and the behavioral descriptions for the pipeline controllers. The test programs cover all of the hazard patterns. The behavioral descriptions can manipulate any instruction stream. Experimental results for several RISC processors show that actual hazard patterns are too numerous to be easily enumerated by hand. Using workstations, our system can generate the test programs that cover all of the patterns, taking a few minutes. Results suggest that the system can be used to evaluate pipeline design.

In this paper we propose a method of formal verfication of fault-tolerance of sequential machines using regular temporal logic. In this method, fault-tolerant properties are described in the form of input-output sequences in regular temporal logic formulas and they are formally verified by checking if they hold for all possible input-output sequences of the machine. We concretely illustrate the method of its application for formal verification of fail-safeness with an example of a comparator for redundant system. The result of verification shows effectiveness of the proposed method.

The locally exhaustive testing of multiple output combinational circuits is the test which provides exhaustive test patterns for each set of inputs on which each output depends. First, this paper presents a sufficient condition under which a minimum test set (MLTS) for the locally exhaustive testing has 2w test patterns, where w is the maximum number of inputs on which any output depends. Next, we clarify that any CUT with up to four outputs satisfies the condition, independently of w and n, where n is the number of inputs of the CUT. Finally, we clarify that any CUT with five outputs also satisfies the condition for 1w2 or n2wn.

Existing algorithmic debugging methods which can locate faults under the guidance of a system have a number of shortcomings. For example, some cannot be applied to imperative languages with side effects; some can locate a faulty function but cannot locate a faulty statement; and some cannot detect faults related to missing statements. This paper presents an algorithmic critical slice-based fault-locating method for imperative languages. Program faults are first classified into two categories: wrong-value faults and missing-assignment faults. The critical slice with respect to a variable-value error is a set of statements such that (1) a wrong-value fault contained in any instruction in the critical slice may have caused that variable-value error, and (2) a wrong-value fault contained in any instruction outside the critical slice could never have caused that variable-value error. The paper also classifies errors found during program testing into three categories: wrong-output errors, missing-output errors, and infinite-loop errors with no output. It finally shows that it is possible to algorithmically locate any fault, including missing statements, for each type of error.

Formal verification has become an increasing prominent technique towards establishing the correctness of hardware designs. We present a framework to specifying and verifying the design of systolic architectures. Our approach allows users to represent systolic arrays in Z specification language and to justify the design semi-automatically using the verifier. Z is a notation based on typed set theory and enriched by a schema calculus. We describe how a systolic array for matrix-vector multiplication can be specified and justified with respect to its algorithm.

In this paper, we consider a class of the languages that have (constant round) perfect zero-knowledge interactive proofs without assuming any complexity assumptions. Especially, we investigate the interactive protocol with the restricted prover who runs in probabilistic polynomial time and knows the complete factorization as a trapdoor information of the integer associated with the input. We give a condition of the existence of constant round perfect zero-knowledge interactive proofs without assuming any complexity assumptions. The bit commitment based on the quadratic residuosity has an important role in our protocol and the simulation is based on the technique developed by Bellare, Micali, and Ostrovsky in Ref. (9), so call double running process. However, the proof of perfect zero-knowledgeness needs a more powerful simulation technique. Our simulation extracts more knowledge, the complete factorization of the integer associated with the input, from a (cheating) verifier than Bellare-Micali-Ostrovsky's simulation does. Furthermore, our main result implies that Blum integer has a five move perfect zero-knowledge interactive proof without assuming any complexity assumptions. (All previous known zero-knowledge protocols for Blum integer required either unproven cryptographic assumptions or unbounded number of rounds of message exchange.)

A method for the recognition of Arabic printed scripts entered from an image scanner is presented. The method uses the Hough transformation (HT) to extract features, Dynamic programming (DP) matching technique, and a topological classifier to recognize the characters. A process of characters recognition is further divided into four parts: preprocessing, segmentation of a word into characters, features extraction, and characters identification. The preprocessing consists of the following steps: smoothing to remove noise, baseline drift correction by using HT, and lines separation by making an horizontal projection profile. After preprocessing, Arabic printed words are segmented into characters by analysing the vertical and the horizontal projection profiles using a threshold. The character or stroke obtained from the segmentation process is normalized in size, then thinned to provide it skeleton from which features are extracted. As in the procedure of straight lines detection, a threshold is applied to every cell and those cells whose count is greater than the threshold are selected. The coordinates (R, θ) of the selected cells are the extracted features. Next, characters are classified in two steps: In the first one, the character main body is classified using DP matching technique, and features selected in the HT space. In the second one, simple topological features extracted from the geometry of the stress marks are used by the topological classifier to completely recognize the characters. The topological features used to classify each type of the stress mark are the width, the height, and the number of black pixels of the stress marks. Knowing both the main group of the character body and the type of the stress mark (if any), the character is completely identified.

We studied the manner of clarification and verification in real dialogs and developed a spoken dialog system that can cope with the disambiguation of meanings of user input utterances. We analyzed content, query types and responses of human clarification queries. In human-human communications, ten percent of all sentences are concerned with meaning clarification. Therefore, in human-machine communications, we believe it is important that the machine verifies ambiguities occurring in dialog processing. We propose an architecture for a dialog system with this capability. Also, we have investigated the source of ambiguities in dialog processing and methods of dialog clarification for each part of the dialog system.

It is difficult to decide whether or not a given cryptographic protocol is secure even though the cryptographic algorithm used for the protocol is assumed to be secure. We have proposed an algorithm to decide the security of cryptographic protocols under several conditions. In this paper, we review our algorithm and report a system to verify the security. The system has be implemented on a computer. By using this system, we have verified the security of several protocols efficiently.

The objective of this work is to demonstrate a new hierarchical timing analysis technique for multi-phase clocked designs with feedback loops including level sensitive latches. By using this technique, large synchronous designs can be analyzed accurately without loop breaking.

This paper describes a nonstationary spectral analysis method and its application to prognosis and diagnosis of automobiles. An instantaneous frequency spectrum is considered first at a single point of time based on the instantaneous representation of autocorrelation. The spectral distortion is then considered on two-dimensional spectrum, and the filtering is introduced into the instantaneous autocorrelations. By the above procedure, the Instantaneous Covariance method (ICOV), the Instantaneous Maximum Entropy Method (IMEM), and the Wigner method are shown and they are unified. The IMEM is used for the time-dependent spectral estimation of vibration and acoustic sound signals of automobiles. A multi-dimensional (M-D) space is composed based on the variables which are obtained by the IMEM. The M-D space is transformed into a simple two-dimensional (2-D) plane by a projection matrix chosen by the experiments. The proposed method is confirmed useful to analyze nonstationary signals, and it is expected to implement automatic supervising, prognosis and diagnosis for a traffic system.

This paper describes a new method for verifying designs at the RTL with respect to their specifications at the functional level. The base of the verification method shown here is the translation of the specification and design representations to graph models, where the descriptions common to both representations have a symbolic representation. These symbol labeled graphs are then simplified and, by solving the all node-pair path expression problem for them, a pair of regular expressions is obtained for every two nodes in the graphs. The first regular expression in each pair represents the flow of control and the second one the flow of data between the corresponding nodes. The process of verification is carried out by checking whether or not every pair of regular expressions of the specification has a corresponding pair in the design.

To develop highly reliable switching software efficiently, a more powerful computer-aided verification system is needed. In this paper, we present an object-oriented switching software verification system, focusing on the basic concept and verification method. The system consists of three basic functions: a model of the switching system, a simulation control mechanism, and a verification mechanism. We also give our evaluation of this system.

This paper presents a protocol verification method which verifies that the behaviors of a protocol meet requirements. In this method, a protocol specification is expressed as Extended Finite State Machines (EFSM's) that can handle variables, and requirements are expressed using a branching-time temporal logic for a concise and unambiguous description. Using the acyclic expansion algorithm extended such that it can deal with EFSM's, the verification method first generates a state transition graph consisting of executable transitions for each process. Then a branching-time temporal logic formula representing a requirement is evaluated on one of the generated graphs which is relevant to the requirement. An executable state transition graph for each process is much smaller than a global state transition graph which has been used in the conventional verification techniques to represent the behaviors of the whole protocol system consisting of all processes. The computation for generating the graphs is also reduced to much extent for a large complex protocol. As a result, the presented method achieves efficient verification for requirements regarding a state of a process, transmission and reception of messages by a process, varibales of a process and sequences that interact among processes. The validity of the method is illustrated in the paper by the verification of a path-updating protocol for requirements such as process state reachability or fair termination among processes.

This paper describes MENDELS ZONE, a Petri-net-based concurrent programming environment, which is especially suitable for cooperating discrete event systems. MENDELS ZONE adopts MENDEL net, which is a type of high level (hierarchical colored) Petri net. One of the characteristics of the MENDEL nets is a process-oriented hierarchy like CCS, which is different from the subnet-oriented hierarchy in the Jensen's hierarchical colored Petri net. In a process-oriented hierarchy, a hierarchical unit is a process, which is more natural for cooperating and decentralized discrete event control systems. This paper also proposes a design methodology for MENDEL nets. Although many Petri net tools have been proposed, most tools support only drawing, simulation, and analysis of Petri nets; few tools support the design methodology for Petri nets. While Petri nets are good final design documents easy to understand, analyzable, and executable it is often difficult to write Petri nets directly in an earlier design phase when the system structure is obscure. A proposed design methodology makes a designer to construct MENDEL nets systematically using causality matrices and temporal logic. Furthemore, constructed MENDEL nets can be automatically compiled into a concurrent programming language and executed on a parallel computer.

The paper proposes a combined delay model to manipulate the variance of the delay time of logic elements and a new timing verification method based on the theory of regular expressions. With the delay time of logic elements such as TTL SN7400, the minimum delay time (dm), the maximum delay time (dM), and the typical delay time are specified in the manual, and the delay time of an element is one in the interval between dm and dM. Here we assume a discrete time, and we manipulate the variance of the delay time as a set of output strings corresponding to each delay time. We call the model as the combined delay model. Since many output strings are generated with a single input string, the usual timing simulation method cannot be applied. We propose a timing verification method using a behavior extraction method of logic circuits with respect to a time string set: with respect to the specified input set, the method extracts the output string set of each element in the circuit. We devised (1) a mechanism to keep the correspondence between a primary input string and an output string with respect to the primary input string, (2) a mechanism to manipulate the nondeterminism included in the combined delay model, and (3) an event-driven like data compaction method in representing finite automata. We focused on the hazard detection problem and the verification of asynchronous circuits, and show the effectiveness of our method with medium sized circuit with 100 elements or so. The method includes the state explosion, but the data compaction method and the extraction for only the specified input set are useful to control the state explosion.