Brief description

Inferring a functional specification from an existing digital design is a challenge that is suitable with reverse-engineering methods. One of the most widely used functional specification formats is a finite state machine (FSM). This article studies the possibility of blind passive specification mining for a digital device, where the device is treated as a “black box”. The presented approach treats an input and output signal waveform as the transition graph of an incomplete deterministic FSM and learns the FSM through FSM minimization. It employs a Boolean satisfiability problem (SAT) solver to find a minimal FSM that complies with observed object behavior. The known approach to identifying state machines in discrete event systems is adapted to operate with variables in the form of coloring and transition tables. The developed implementation produces a synthesizable specification in hardware description language (HDL) and a state diagram in unified modeling language (UML). The proposed approach for inferring an FSM from a waveform trace can serve as a supplementary tool during reverse engineering to provide developers with meaningful insight regarding the analyzed device. The presented case study defines metrics of successful FSM inference and applies them to a synthetic FSM and a real-world example FSM to demonstrate the applicability of the approach.