Structuring and automating hardware proofs in a higher-order theorem-proving environment

Kumar, Ramayya; Schneider, Klaus; Kropf, Thomas

doi:10.1007/bf01383880

Cited by 35 publications

(28 citation statements)

References 37 publications

(37 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Model checking and other decision procedures can thereby be integrated as particular proof rules [ScHo99,Gord00]. Although there was some early progress for register-transfer level hardware circuits, e.g., [KuSK93a], and general reactive systems as e.g., the STeP prover [BBCF00], there was little progress on automation for hardware descriptions at higher abstraction levels [Gord95].…”

Section: Theorem Provingmentioning

confidence: 99%

Interactive verification of synchronous systems

Gesell

Schneider

2012

Tenth ACM/IEEE International Conference on Formal Methods and Models for Codesign (MEMCODE2012)

Self Cite

View full text Add to dashboard Cite

Embedded systems, ranging from very simple systems up to complex controllers, may nowadays have quite challenging real-time requirements. Many embedded systems are reactive systems that have to respond to environmental events and have to guarantee certain real-time constrain. Their execution is usually divided into reaction steps, where in each step, the system reads inputs from the environment and reacts to these by computing corresponding outputs.The synchronous Model of Computation (MoC) has proven to be well-suited for the development of reactive real-time embedded systems whose paradigm directly reflects the reactive nature of the systems it describes. Another advantage is the availability of formal verification by model checking as a result of the deterministic execution based on a formal semantics. Nevertheless, the increasing complexity of embedded systems requires to compensate the natural disadvantages of model checking that suffers from the well-known state-space explosion problem. It is therefore natural to try to integrate other verification methods with the already established techniques. Hence, improvements to encounter these problems are required, e.g., appropriate decomposition techniques, which encounter the disadvantages of the model checking approach naturally. But defining decomposition techniques for synchronous language is a difficult task, as a result of the inherent parallelism emerging from the synchronous broadcast communication.Inspired by the progress in the field of desynchronization of synchronous systems by representing them in other MoCs, this work will investigate the possibility of adapting and use methods and tools designed for other MoC for the verification of systems represented in the synchronous MoC. Therefore, this work introduces the interactive verification of synchronous systems based on the basic foundation of formal verification for sequential programs -the Hoare calculus. Due to the different models of computation several problems have to be solved. In particular due to the large amount of concurrency, several parts of the program are active at the same point of time. In contrast to sequential programs, a decomposition in the Hoare-logic style that is in some sense a symbolic execution from one control flow location to another one requires the consideration of several flows here. Therefore, different approaches for the interactive verification of synchronous systems are presented.Additionally, the representation of synchronous systems by other MoCs and the influence of the representation on the verification task by differently embedding synchronous system in a single verification tool are elaborated.The feasibility is shown by integration of the presented approach with the established model checking methods by implementing the AIFProver on top of the Averest system.

show abstract

Section: Theorem Provingmentioning

confidence: 99%

Interactive verification of synchronous systems

Gesell

Schneider

2012

Tenth ACM/IEEE International Conference on Formal Methods and Models for Codesign (MEMCODE2012)

Self Cite

View full text Add to dashboard Cite

show abstract

“…With both specification and implementation descriptions, we can perform a formal verification (4) using the HOL. After we get the correctness theorem of the multiplier design, we use the implementation description to get a HOL printed theory file (5). The hol2gdt compiler (6) uses the printed theory to translates it into an L schematic description (7).…”

Section: N-bit Serial Pipelined Multiplier Examplementioning

confidence: 99%

HOL2GDT a Formal Verification-Based Design Methodology

Chavan¹,

Min²,

Chin³

2001

View full text Add to dashboard Cite

SUPPLEMENTARY NOTESAir 12b. DISTRIBUTION CODE ABSTRACT (Maximum 200 words)HOL2GDT is a VLSI design methodology. It starts with a design implementation description that is formally verified using the Higher Order Logic (HOL) theorem prover. This implementation description is translated into a hardware description language model by using a HOL2GDT compiler, and with this model a physical design layout is generated by using IC design placement and routing tools in Mentor Graphic's Generator Design Technology (GDT) package. Thus, the final IC layout is generated from a formally verified description. This document illustrates the design methodology in detail to serve as a manual for the HOL2GDT system. It covers (1) how to define formal implementation descriptions of the hardware design, (2) how to translate implementation descriptions into L language schematic generator models, and (3) how to get physical IC layouts from schematic models. A complete example of an n-bit Serial Multiplier design is used to illustrate the HOL2GDT design methodology. SUBJECT TERMS AbstractH0L2GDT is a VLSI design methodology. It starts with a design implementation description that is formally verified using the Higher Order Logic (HOL) theorem prover. This implementation description is translated into a hardware description language model by using a HOL2GDT compiler, and with this model a physical design layout is generated by using IC design placement and routing tools in Mentor Graphic's Generator Design Technology (GDT) package. Thus the final IC layout is generated from a formally verified description. This document illustrates the design methodology in detail to serve as a manual for the HOL2GDT system. It covers: (1) how to define formal implementation descriptions of the hardware design, (2) how to translate implementation descriptions into L language schematic generator models, and (3) how to get physical IC layouts from schematic models. A complete example of an n-bit Serial Multiplier design is used to illustrate the HOL2GDT design methodology.

show abstract

“…Unfortunately, these approaches require a considerable amount of manual interaction. Thus various approaches have been presented to partially automate the verification by incorporating automated reasoning procedures [5,6] or by adding abstraction and compositional verification techniques to allow larger systems to be verified than by finite state approaches [7,8,9].…”

Section: Introductionmentioning

confidence: 99%