Results 1  10
of
17
Automated Correctness Proofs of Machine Code Programs for a Commercial Microprocessor
, 1991
"... We have formally specified a substantial subset of the MC68020, a widely used microprocessor built by Motorola, within the mathematical logic of the automated reasoning system Nqthm, i.e., the BoyerMoore Theorem Prover [4]. Using this MC68020 specification, we have mechanically checked the correctn ..."
Abstract

Cited by 34 (2 self)
 Add to MetaCart
(Show Context)
We have formally specified a substantial subset of the MC68020, a widely used microprocessor built by Motorola, within the mathematical logic of the automated reasoning system Nqthm, i.e., the BoyerMoore Theorem Prover [4]. Using this MC68020 specification, we have mechanically checked the correctness of MC68020 machine code programs for Euclid's GCD, Hoare's Quick Sort, binary search, and other wellknown algorithms. The machine code for these examples was generated using the Gnu C and the Verdix Ada compilers. We have developed an extensive library of proven lemmas to facilitate automated reasoning about machine code programs. We describe a two stage methodology we use to do our machine code proofs.
The BoyerMoore Theorem Prover and Its Interactive Enhancement
, 1995
"... . The socalled "BoyerMoore Theorem Prover" (otherwise known as "Nqthm") has been used to perform a variety of verification tasks for two decades. We give an overview of both this system and an interactive enhancement of it, "PcNqthm," from a number of perspectives. F ..."
Abstract

Cited by 34 (0 self)
 Add to MetaCart
. The socalled "BoyerMoore Theorem Prover" (otherwise known as "Nqthm") has been used to perform a variety of verification tasks for two decades. We give an overview of both this system and an interactive enhancement of it, "PcNqthm," from a number of perspectives. First we introduce the logic in which theorems are proved. Then we briefly describe the two mechanized theorem proving systems. Next, we present a simple but illustrative example in some detail in order to give an impression of how these systems may be used successfully. Finally, we give extremely short descriptions of a large number of applications of these systems, in order to give an idea of the breadth of their uses. This paper is intended as an informal introduction to systems that have been described in detail and similarly summarized in many other books and papers; no new results are reported here. Our intention here is merely to present Nqthm to a new audience. This research was supported in part by ONR Contract N...
On the Construction of Correct Compiler BackEnds: An ASM Approach
 Journal of Universal Computer Science
, 1997
"... : Existing works on the construction of correct compilers have at least one of the following drawbacks: (i) correct compilers do not compile into machine code of existing processors. Instead they compile into programs of an abstract machine which ignores limitations and properties of reallife proce ..."
Abstract

Cited by 32 (5 self)
 Add to MetaCart
: Existing works on the construction of correct compilers have at least one of the following drawbacks: (i) correct compilers do not compile into machine code of existing processors. Instead they compile into programs of an abstract machine which ignores limitations and properties of reallife processors. (ii) the code generated by correct compilers is orders of magnitudes slower than the code generated by unverified compilers. (iii) the considered source language is much less complex than reallife programming languages. This paper focuses on the construction of correct compiler backends which generate machinecode for reallife processors from realistic intermediate languages. Our main results are the following: (i) We present a proof approach based on abstract state machines for bottomup rewriting system specifications (BURS) for backend generators. A significant part of this proof can be parametrized with the intermediate and machine language. (ii) The performance of the code con...
Formal Verification of a Java Compiler in Isabelle
, 2002
"... This paper reports on the formal proof of correctness of a compiler from a substantial subset of Java source language to Java bytecode in the proof environment Isabelle. This work is based on extensive previous formalizations of Java, which comprise all relevant features of objectorientation. W ..."
Abstract

Cited by 31 (1 self)
 Add to MetaCart
This paper reports on the formal proof of correctness of a compiler from a substantial subset of Java source language to Java bytecode in the proof environment Isabelle. This work is based on extensive previous formalizations of Java, which comprise all relevant features of objectorientation. We place particular emphasis on describing the e#ects of design decisions in these formalizations on the compiler correctness proof.
A Theorem Prover for a Computational Logic
, 1990
"... We briefly review a mechanical theoremprover for a logic of recursive functions over finitely generated objects including the integers, ordered pairs, and symbols. The prover, known both as NQTHM and as the BoyerMoore prover, contains a mechanized principle of induction and implementations of line ..."
Abstract

Cited by 28 (0 self)
 Add to MetaCart
(Show Context)
We briefly review a mechanical theoremprover for a logic of recursive functions over finitely generated objects including the integers, ordered pairs, and symbols. The prover, known both as NQTHM and as the BoyerMoore prover, contains a mechanized principle of induction and implementations of linear resolution, rewriting, and arithmetic decision procedures. We describe some applications of the prover, including a proof of the correct implementation of a higher level language on a microprocessor defined at the gate level. We also describe the ongoing project of recoding the entire prover as an applicative function within its own logic.
PSOS Revisited
, 2003
"... This paper provides a retrospective view of the design of SRI's Provably Secure Operating System (PSOS), a formally specified taggedcapability hierarchical system architecture. It examines PSOS in the light of what has happened in computer system developments since 1980, and assesses the relev ..."
Abstract

Cited by 18 (3 self)
 Add to MetaCart
This paper provides a retrospective view of the design of SRI's Provably Secure Operating System (PSOS), a formally specified taggedcapability hierarchical system architecture. It examines PSOS in the light of what has happened in computer system developments since 1980, and assesses the relevance of the PSOS concepts in that light.
Automatic Verification of Arithmetic Circuits in RTL using Term Rewriting Systems
 In Accepted in IEEE Transactions on Computers
, 2003
"... for being my quest... for showing me the way... Acknowledgments I’d like to thank my advisor, Dr. Jacob Abraham for his invaluable support and guidance through the course of this work. His novel ideas, infectious enthusiasm and intellectually stimulating discussions kept me motivated and encouraged ..."
Abstract

Cited by 9 (3 self)
 Add to MetaCart
(Show Context)
for being my quest... for showing me the way... Acknowledgments I’d like to thank my advisor, Dr. Jacob Abraham for his invaluable support and guidance through the course of this work. His novel ideas, infectious enthusiasm and intellectually stimulating discussions kept me motivated and encouraged through the entire course of my Graduate Studies. Thank you Sir, for your firm belief in me. It kept me going in the most trying times. I’d also like to thank my colleague and fellow PhD student, Vinod Viswanath, for his support and assistance through my Masters. His experience, insight, resourcefulness, skills and alacrity have been a priceless source of inspiration and and help in obtaining this degree. Without his contribution, I don’t imagine I could have got this far. I’d like to thank Linda, Andrew, Shirley and Ruth for their promptness and efficiency in matters that required their attention. I’d also like to thank my labmates for their cooperation. I’d like to thank my friends Siddarth and Kunal, for bringing a lot of joy in my life in the U.S. Lastly, I’d like to thank my parents and sister for making me who I am. v
The Use of a Formal Simulator to Verify a Simple Real Time Control Program
 In Beauty Is Our Business
, 1990
"... We present an initial and elementary investigation of the formal specification and mechanical verification of programs that interact with environments. We describe a formal, mechanically produced proof that a simple, real time control program keeps a vehicle on a straightline course in a variable cr ..."
Abstract

Cited by 8 (4 self)
 Add to MetaCart
We present an initial and elementary investigation of the formal specification and mechanical verification of programs that interact with environments. We describe a formal, mechanically produced proof that a simple, real time control program keeps a vehicle on a straightline course in a variable crosswind. To formalize the specification we define a mathematical function which models the interaction of the program and its environment. We then state and prove two theorems about this function: the simulated vehicle never gets farther than three units away from the intended course and homes to the course if the wind ever remains steady for at least four sampling intervals.
Mechanically Verifying Safety and Liveness Properties of Delay Insensitive Circuits
 the BoyerMoore Prover. 1991 International Workshop on Formal Methods in VLSI Design
, 1994
"... This paper describes, by means of an example, how one may mechanically verify delay insensitive circuits on an automated theorem prover. It presents the verification of both the safety and liveness properties of an nnode delay insensitive FIFO circuit[20]. The proof system used is a mechanized impl ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
(Show Context)
This paper describes, by means of an example, how one may mechanically verify delay insensitive circuits on an automated theorem prover. It presents the verification of both the safety and liveness properties of an nnode delay insensitive FIFO circuit[20]. The proof system used is a mechanized implementation of Unity[7] on the BoyerMoore prover[4], described in [12]. This paper describes the circuit formally in the BoyerMoore logic and presents the mechanically verified correctness theorems. The formal description also captures the protocol that the circuit expects its environment to obey and specifies a class of suitable initial states. This paper demonstrates how a general purpose automated proof system for concurrent programs may be used to mechanically verify both the safety and liveness properties of arbitrary sized delay insensitive circuits. Keywords: Automated theorem proving, hardware verification, delay insensitive circuits. Author's Address: Naval Research Laboratory, C...