Toward a Human-Readable State Machine Extraction

Abstract

The target of sequential reverse engineering is to extract the state machine of a design. Sequential reverse engineering of a gate-level netlist consists of the identification of so-called state flip-flops (sFFs), as well as the extraction of the state machine. The second step can be solved with an exact approach if the correct sFFs and the correct reset state are provided. For the first step, several more or less heuristic approaches exist. This work investigates sequential reverse engineering with the objective of a human-readable state machine extraction. A human-readable state machine reflects the original state machine and is not overloaded by additional design information. For this purpose, the work derives a systematic categorization of sFF sets, based on properties of single sFFs and their sets. These properties are determined by analyzing the degrees of freedom in describing state machines as the well-known Moore and Mealy machines. Based on the systematic categorization, this work presents an sFF set definition for a human-readable state machine, categorizes existing sFF identification strategies, and develops four post-processing methods. The results show that post-processing predominantly improves the outcome of several existing sFF identification algorithms.