A set-reset latch is an interesting example, which exercises many of the concepts we have discussed, and some intuition to provide a concept specification for a set-reset latch, but shows some problems with concepts which can be improved upon with future research.
A latch is a device used in digital circuits to store the value of an input signal, outputting this once stored. There are many types of latches, the differences between them are how to control the storing of the input signal. In a set-reset latch, there are two control signals for the latch, set and reset, which set the output high, and set the output low respectively, thus storing a high or low value.
First, let us describe the operation of a standard set-reset latch. This consists of
four signals, two input signals,s for set andr for reset, and two output signals,q, which
contains the value of the stored signal, andnq, which is the negated output of the stored
value.
If we describe the behaviour of the latch just based on the non-negated outputq, we
can do this with thecomplexGate function. Forq to rise,s must be high, and for q to
fall, rmust be high. This easily gives us the set and reset functions, and the concept is
as follows:
example19 = complexGate (s) (r)q
This concept causes the desired change in q, but there are issues that can occur with a
specification such as this: if s and r are both high at the same time, then what is the
change in q?
Figure 3.35 is the translated STG for this example. Notice that if s and r are both
high, thenq can transition both high and low, depending on it’s current polarity, but as
long as both input signals remain high, qcan continuously transition both high and low.
This is more clearly shown in the state graph format of this STG, found in Figure 3.36. In this state graph, we have highlighted the important arcs which show the issue when both inputs are high, i.e. when the states are 110 or 111. These arcs are optional [36]. Unfortunately, STGs do not support optional arcs, and neither do Asynchronous Con- cepts. These cannot specify what occurs in these situations. It may be possible to include optional arcs in Concepts, but this will be a challenging process, and is an opportunity for further research.
Figure 3.35: Translated STG ofexample19
Instead, with concepts, we aim to try and block access to the states where both input
signals are high. Ideally, we would apply mutual exclusion to s and r, but this is a
hard restriction to try and place on the environment, which we can specify for, but not
control. Instead, we use a never concept, which can then be verified to ensure that a
state where both the set and reset signals are high cannot be reached. Adding this to the concept specification becomes:
example19 = complexGate (s) (r) q <> never [s+, r+]
This now ensures that q only rises whens is high andr is low, and falls when r is high
and s is low. There can still be an issue when an input signal transitions high, then
low before the output has transitioned in the correct way. For example, if s rises and
falls before q transitions high, then the latch is not correctly storing the value. We can
therefore add two more concepts to ensure this does not occur. This concept is now the
specification for one output signal of a latch, which we namesrHalfLatch.
srHalfLatch s r q = complexGate (s) (r) q <> never [s+, r+]
<> q+~>s- <> q-~>r-
With these final two causality concepts, the output must transition before the inputs can transition low. These impose a constraint on the environment, which is not ideal. However these are not acting as a block for the system entering a state, but they simply imply timings on the signal transitions.
With srHalfLatch we can now use this to derive a concept for a full set-reset latch, srLatch, using srHalfLatch as a base. The full latch will use all four signals, s, r,
Figure 3.36: Translated FSM ofexample19
q and nq. Since the behaviours for s are already described in srHalfLatch, we can
include this for q.
nq however is somewhat different. Since this is the negation of q, we can say that
for it to rise, r must be high, and for it to fall, s must be high. The behaviours of nq
are the same as with q, just with r and s swapped, thus we can reuse srHalfLatch
and simply swap the two input signals. So far, the concept can be defined as follows: srLatch s r q nq = srHalfLatch s r q <> srHalfLatch r s nq
Due to the use of srHalfLatch we include the never concept stating that s and r
can never be high at the same time, and the concepts we used to state the timings that either input signal will only transition low after the output has changed, we also need
to ensure that the initial state does not violate the invariant as explained in the never
concept. We do this by forcing the initial states of signals q and nq to be 0 and 1
respectively.
srLatch s r q nq = srHalfLatch s r q <> srHalfLatch r s nq
<> initialise0 [q] <> initialise1 [nq]
Again this is not ideal, as it is entirely possible for a latch to have an initial state with
have differing initial states. Again, further improvements and research can be applied to concepts to allow these signals to have any initial states, providing they are different.
We can now synthesize a specification using srLatch, providing the environment
restrictions are made. The resulting circuit can be found in Figure 3.37. This concept can now be used as any other concept is, composing it with other concepts or applying transformations to it.
Figure 3.37: Synthesized set-reset latch circuit