# Formal Analysis and Verification of an OFDM Modem Design using HOL

Abu Nasser M. Abdullah\*, Behzad Akbarpour<sup>§</sup> and Sofiène Tahar\* \*Department of ECE, Concordia University, Montreal, QC, H3G 1M8, Canada Email: {m\_nasser, tahar}@ece.concordia.ca <sup>§</sup> Computer Laboratory, University of Cambridge, Cambridge, CB3 0FD, UK Email: Behzad.Akbarpour@cl.cam.ac.uk

*Abstract*— In this paper we formally specify and verify an implementation of the IEEE802.11a standard physical layer based OFDM (Orthogonal Frequency Division Multiplexing) modem using the HOL (Higher Order Logic) theorem prover. The versatile expressive power of HOL helped model the original design at all abstraction levels starting from a floating-point model to the fixed-point design and then synthesized and implemented in FPGA technology. The paper also investigates the rounding error accumulated during ideal real to floating-point and fixedpoint transitions at the algorithmic level.

## I. INTRODUCTION

OFDM [7] is a modulation technique where data is spread over many channels and transmitted in parallel. In this method, an available bandwidth is divided into several subchannels which are independently modulated with different carrier frequencies. The name orthogonal comes from the fact that the subcarriers are orthogonal to each other. This orthogonality eliminates the need of guard band and the carriers can be placed very close to each other without causing interference and thus conserving bandwidth. Due to these characteristics of OFDM, it is used in many applications such as digital audio broadcasting and IEEE802.11a/g wireless LAN standard.

In this paper, we use theorem proving techniques based on the HOL system [2] to verify an implementation of an OFDM modem for the physical layer of the IEEE802.11a standard [6]. The specifications and implementations of the design blocks are modeled in formal logic and then mathematical theorems are proved for their correctness. Besides, we carry out a formal error analysis of the OFDM modem in order to analyze the round-off error accumulation while converting from one number domain to the other. They are a direct application of a general methodology proposed in [1] for the formal modeling and verification of DSP (Digital Signal Processing) designs. The results of this paper demonstrate the functional correctness of the OFDM system and proves the feasibility of applying formal methods for similar systems.

There exists a couple of work related to the application of formal methods for the IEEE802.11 using probabilistic model checking technique based on the PRISM tool [5, 8]. They are dealing with the protocol verification and address the verification issues related to the upper layers of the OSI model. In contrast, in this paper we concentrate on the physical layer and its hardware implementation. Moreover, instead of model checking with its inherent state space limitations, we use theorem proving based on HOL. Previous work on formal error analysis was done by a number of researchers including Harrison [3], Huhn *et al.* [4], and Akbarpour *et al.* [1]. In particular the work in [1] proposed an error analysis technique in HOL for the transition from ideal real to floating- and fixed-point levels. In this paper, we intend to extend this work using a larger case study (OFDM modem).

# II. OFDM MODEM AND VERIFICATION METHODOLOGY

A standard block diagram implementation of the IEEE802.11a OFDM modem is shown in Figure 1. The design is implemented in Xilinx Virtex II FPGA. The main RTL blocks are the quadrature amplitude modulation (QAM), the demodulation (DQAM), the serial to parallel (S/P), parallel to serial (P/S), and the guard interval insertion and removal blocks. The core computational blocks are fast Fourier transform (FFT) and inverse fast Fourier transform (IFFT). The OFDM modem design was first modeled in the floating-point domain. The second step in the design flow was fixed-point modeling and simulation. Then developed design blocks are implemented in VHDL. Finally, the RTL design is synthesized and mapped into FPGA.

The formal specification, verification and error analysis used in this paper is adopted from the DSP verification framework proposed by Akbarpour *et al.* [1] (see Figure 2). Thereafter, the ideal real specification of the OFDM modem algorithms and the corresponding floating-point (FP) and fixed-point (FXP) designs, as well as the RTL implementation are all provided in higher-order logic based on the idea of shallow embedding of languages. For the transition from real to FP and FXP levels, an error analysis is used in which the real values of the floating-point and fixed-point outputs are compared with the corresponding output of the ideal real



Fig. 1. OFDM Block Diagram [6]





Fig. 2. DSP Specification and Verification Approach [1]

specification. The verification of the RTL is performed using well-known classical hierarchical proof approaches in HOL.

### **III. VERIFICATION OF RTL BLOCKS**

For the formal verification of the RTL blocks, we first model the QAM, DQAM, S/P and P/S blocks using higher-order logic. Then a specification of the design is selected either from the IEEE802.11a standard or from existing generic behavioral models of S/P and P/S. Having both the specification and implementation embedded in HOL, we set a relationship between them as a mathematical theorem. We have used the HOL theories *wordTheory* and *realTheory* to build many helpful definitions and lemmas to prove the above theorems and thus established the correctness of the RTL blocks formally.

The main purpose for using formal verification was to find bugs in the design. We did not find any major bugs except in one case. Namely, for the QAM block, it is given in the IEEE802.11a standard that the input for a 64-QAM modulation must follow a specific constellation diagram. The constellation gives output between -7 to 7, where the x and y axis are labeled as -1, -3, -5, -7, 1, 3, 5, 7-in total eight values, so, three bits should have been enough. But, the implementation used 16 bit 2's complement to represent these eight numbers. If the IEEE802.11a standard is to be followed exactly, then this issue might have resulted in a bug in the design; but the standard gives some flexibility to the designers and thus the design is implemented in such a way that the output from the modulation block reaches the IFFT block through S/P block with high resolution in order to get more precise computation after applying fast fourier transform. We encoded the specification in HOL as stated by the standard and same encoding is carried out for the implementation without delving into the designer's point of view. As, we were aware about the deviation in the implementation at the time of verification, we constrained it using the proper number of bits. The same comments are applied to the DQAM block. For the rest of the blocks, we did not find any issue like this.

## IV. ERROR ANALYSIS

In the error analysis of the OFDM modem, we focus on the two computational blocks, FFT and IFFT. Both blocks are probably the most widely used DSP cores, which do introduce computation errors and considered as *raison d'être* of OFDM system. We use HOL to model the computational blocks and the accumulated errors due to the conversion from one domain

Proceedings of the Formal Methods in Computer Aided Design (FMCAD'06) 0-7695-2707-8/06 \$20.00 © 2006 IEEE

to the next using different established theories and lemmas built in HOL. To accomplish the complete theory of error analysis, we proved three main theorems based on formalized real and imaginary parts of the combined FFT-IFFT expansion and also theorems related to the error for arithmetic operations. All definitions were derived from many existing HOL theories, e.g., *realTheory*, *boolTheory*, *ieeeTheory*, *wordTheory*, etc. In particular, we used the *floatTheory* and *fxpTheory* to overload the operators for establishing the real, floating-point and fixedpoint counterparts of the design.

Given the nature of the formal specification and proofs conducted for the above error analysis, the use of higherorder logic was imperative. No design flaws have been found through this error analysis as the implementation of the OFDM modem strictly adhered to the error boundaries provided in the IEEE802.11a standard specification.

# V. CONCLUSION

This paper is mainly an application of formal verification techniques, in a new domain-an implementation of an OFDM modem based on the IEEE standard. The OFDM design is fairly complex. Its verification in HOL took about 6 months to complete for a learned HOL user. We formally modeled and verified the RTL blocks against the corresponding specifications in the IEEE802.11a standard. We also analyzed the errors in the OFDM system occurring at the time of converting from one number domain to the other, for all three domainsideal real, floating-point, and fixed-point numbers. We used the IFFT-FFT combination as a model for the error analysis of the whole system. Then we derived fundamental theorems for the accumulation of round-off error in the OFDM system. This formalization can be considered as a large application of the formal error analysis using HOL theorem proving. As a future work, we will look at a hybrid verification approach linking HOL to some automated computer algebra tools such as Maple or Mathematica. The goal is to achieve more efficient verification process.

#### References

- B. Akbarpour and S. Tahar. A Methodology for the Formal Verification of FFT Algorithms in HOL. In *Formal Methods in Computer-Aided Design*, LNCS 3312, pages 37–51. Springer-Verlag, 2004.
- [2] M. J. C. Gordon and T. F. Melham. Introduction to HOL: A Theorem Proving Environment for Higher-Order Logic. Cambridge University Press, 1993.
- [3] J. Harrison. Floating Point Verification in HOL Light: the Exponential Function. Technical Report 428, University of Cambridge Computer Laboratory, Cambridge, UK, 1997.
- [4] M. Huhn, K. Schneider, T. Kropf, and G. Logothetis. Verifying Imprecisely Working Arithmetic Circuits. In *Design Automation and Test in Europe*, pages 65–69, Munich, Germany, March 1999.
- [5] M. Kwiatkowska, G. Norman, and J. Sproston. Probabilistic Model Checking of the IEEE802.11 Wireless Local Area Network Protocol. In *PAPM/PROBMIV*, LNCS 2399, pages 169–187. Springer-Verlag, 2002.
- [6] F. Manavi. Implementation of OFDM Modem for the Physical Layer of IEEE802.11a Standard Based on XILINX VIRTEX-II FPGA. Master's thesis, Dept. of ECE, Concordia University, Montreal, QC, Canada, 2004.
- [7] R. V. Nee and R. Prasad. OFDM for Wireless Multimedia Communications. Artech House Publishers, 2000.
- [8] A. Roy and K. Gopinath. Improved Probabilistic Models for 802.11 Protocol Verification. In *Computer Aided Verification*, LNCS 3576, pages 239–252. Springer-Verlag, 2005.

