Results 1  10
of
15
Partial Functions in ACL2
 Journal of Automated Reasoning
"... We describe a macro for introducing \partial functions" into ACL2, i.e., functions not dened everywhere. The function \denitions" are actually admitted via the encapsulation principle. We discuss the basic issues surrounding partial functions in ACL2 and illustrate theorems that can be ..."
Abstract

Cited by 32 (7 self)
 Add to MetaCart
We describe a macro for introducing \partial functions" into ACL2, i.e., functions not dened everywhere. The function \denitions" are actually admitted via the encapsulation principle. We discuss the basic issues surrounding partial functions in ACL2 and illustrate theorems that can be proved about such functions.
Mixed abstractions for floatingpoint arithmetic
 In FMCAD
, 2009
"... Abstract—Floatingpoint arithmetic is essential for many embedded and safetycritical systems, such as in the avionics industry. Inaccuracies in floatingpoint calculations can cause subtle changes of the control flow, potentially leading to disastrous errors. In this paper, we present a simple and ..."
Abstract

Cited by 15 (3 self)
 Add to MetaCart
Abstract—Floatingpoint arithmetic is essential for many embedded and safetycritical systems, such as in the avionics industry. Inaccuracies in floatingpoint calculations can cause subtle changes of the control flow, potentially leading to disastrous errors. In this paper, we present a simple and general, yet powerful framework for building abstractions from formulas, and instantiate this framework to a bitaccurate, sound and complete decision procedure for IEEEcompliant binary floatingpoint arithmetic. Our procedure benefits in practice from its ability to flexibly harness both over and underapproximations in the abstraction process. We demonstrate the potency of the procedure for the formal analysis of floatingpoint software. I.
Formal Verification of the VAMP Floating Point Unit
 In CHARME 2001, volume 2144 of LNCS
, 2001
"... We report on the formal verification of the floating point unit used in the VAMP processor. The FPU is fully IEEE compliant, and supports denormals and exceptions in hardware. The supported operations are addition, subtraction, multiplication, division, comparison, and conversions. The hardware is v ..."
Abstract

Cited by 13 (6 self)
 Add to MetaCart
We report on the formal verification of the floating point unit used in the VAMP processor. The FPU is fully IEEE compliant, and supports denormals and exceptions in hardware. The supported operations are addition, subtraction, multiplication, division, comparison, and conversions. The hardware is verified on the gate level against a formal description of the IEEE standard by means of the theorem prover PVS.
Verification of IEEE Compliant Subtractive Division Algorithms
 FORMAL METHODS IN COMPUTERAIDED DESIGN (FMCAD '96)
, 1996
"... A parameterized definition of subtractive floating point division algorithms is presented and verified using PVS. The general algorithm is proven to satisfy a formal definition of an IEEE standard for floating point arithmetic. The utility of the general specification is illustrated using a numb ..."
Abstract

Cited by 12 (1 self)
 Add to MetaCart
A parameterized definition of subtractive floating point division algorithms is presented and verified using PVS. The general algorithm is proven to satisfy a formal definition of an IEEE standard for floating point arithmetic. The utility of the general specification is illustrated using a number of different instances of the general algorithm.
Verification of executable pipelined machines with bitlevel interfaces
 In ICCAD2005, International Conference on ComputerAided Design
, 2005
"... Abstract — We show how to verify pipelined machine models with bitlevel interfaces by using a combination of deductive reasoning and decision procedures. While decision procedures such as those implemented in UCLID can be used to verify away the datapath, require the use of numerous abstractions, i ..."
Abstract

Cited by 6 (4 self)
 Add to MetaCart
Abstract — We show how to verify pipelined machine models with bitlevel interfaces by using a combination of deductive reasoning and decision procedures. While decision procedures such as those implemented in UCLID can be used to verify away the datapath, require the use of numerous abstractions, implement a small subset of the instruction set, and are far from executable. In contrast, we focus on verifying executable machines with bitlevel interfaces. Such proofs have previously required substantial expert guidance and the use of deductive reasoning engines. We show that by integrating UCLID with the ACL2 theorem proving system, we can use ACL2 to reduce the proof that an executable, bitlevel machine refines its instruction set architecture to a proof that a term level abstraction of the bitlevel machine refines the instruction set architecture, which is then handled automatically by UCLID. In this way, we exploit the strengths of ACL2 and UCLID to prove theorems that are not possible to even state using UCLID and that would require prohibitively more effort using just ACL2. I.
Formal Verification of a Theory of IEEE Rounding
 TPHOLs 2001: Supplemental Proceedings, Informatics Research Report EDIINFRR0046
, 2001
"... We report on the formal verification of a theory of IEEE rounding in the theorem prover PVS. The theory consists of a formalization of the IEEE standard, and notations and theorems facilitating the verification of floating point hardware. In particular, the concepts of #equivalence and round dec ..."
Abstract

Cited by 6 (1 self)
 Add to MetaCart
We report on the formal verification of a theory of IEEE rounding in the theorem prover PVS. The theory consists of a formalization of the IEEE standard, and notations and theorems facilitating the verification of floating point hardware. In particular, the concepts of #equivalence and round decomposition are formalized, allowing for a subdivision of floating point units into smaller building blocks, which then can be verified separately. The theory has been successfully applied to the verification of a fully IEEE compliant floating point unit.
Ordinal arithmetic: Algorithms and mechanization
 Journal of Automated Reasoning
, 2006
"... Abstract. Termination proofs are of critical importance for establishing the correct behavior of both transformational and reactive computing systems. A general setting for establishing termination proofs involves the use of the ordinal numbers, an extension of the natural numbers into the transfini ..."
Abstract

Cited by 5 (3 self)
 Add to MetaCart
Abstract. Termination proofs are of critical importance for establishing the correct behavior of both transformational and reactive computing systems. A general setting for establishing termination proofs involves the use of the ordinal numbers, an extension of the natural numbers into the transfinite which were introduced by Cantor in the nineteenth century and are at the core of modern set theory. We present the first comprehensive treatment of ordinal arithmetic on compact ordinal notations and give efficient algorithms for various operations, including addition, subtraction, multiplication, and exponentiation. Using the ACL2 theorem proving system, we implemented our ordinal arithmetic algorithms, mechanically verified their correctness, and developed a library of theorems that can be used to significantly automate reasoning involving the ordinals. To enable users of the ACL2 system to fully utilize our work required that we modify ACL2, e.g., we replaced the underlying representation of the ordinals and added a large library of definitions and theorems. Our modifications are available starting with ACL2 version 2.8. 1.
A suite of hard ACL2 theorems arising in refinementbased processor verification
 Fifth International Workshop on the ACL2 Theorem Prover and Its Applications (ACL22004), November 2004. See URL http://www.cs.utexas.edu/users/moore/acl2/workshop2004
, 2004
"... Abstract. We have been using ACL2 to verify pipelined machine models for several years and have compiled a suite of 18 problems that arose in the theorem proving process. We believe that this suite will be useful for the future development of ACL2 because it consists of difficult problems that arise ..."
Abstract

Cited by 4 (3 self)
 Add to MetaCart
Abstract. We have been using ACL2 to verify pipelined machine models for several years and have compiled a suite of 18 problems that arose in the theorem proving process. We believe that this suite will be useful for the future development of ACL2 because it consists of difficult problems that arise in practice, and furthermore, these problems can be handled efficiently by other methods. For example, ACL2 was able to prove the simplest problem in the suite after 15 1 2 days, but UCLID was able to prove the same theorem in seconds. 1
Multiplicative square root algorithms for FPGAs
 INTERNATIONAL CONFERENCE ON FIELD PROGRAMMABLE LOGIC AND APPLICATIONS
, 2010
"... Most current square root implementations for FPGAs use a digit recurrence algorithm which is well suited to their LUT structure. However, recent computingoriented FPGAs include embedded multipliers and RAM blocks which can also be used to implement quadratic convergence algorithms, very high radix ..."
Abstract

Cited by 3 (3 self)
 Add to MetaCart
Most current square root implementations for FPGAs use a digit recurrence algorithm which is well suited to their LUT structure. However, recent computingoriented FPGAs include embedded multipliers and RAM blocks which can also be used to implement quadratic convergence algorithms, very high radix digit recurrences, or polynomial approximation algorithms. The cost of these solutions is evaluated and compared, and a complete implementation of a polynomial approach is presented within the opensource FloPoCo framework. This polynomial approach allows a shorter latency and higher frequency than the digit recurrence approach, and improves over previous multiplicative approaches. However, the cost of IEEEcompliant correct rounding is shown to be very high.
Provably faithful evaluation of polynomials
 In Proceedings of the 21st Annual ACM Symposium on Applied Computing
, 2006
"... We provide sufficient conditions that formally guarantee that the floatingpoint computation of a polynomial evaluation is faithful. To this end, we develop a formalization of floatingpoint numbers and rounding modes in the Program Verification System (PVS). Our work is based on a wellknown formali ..."
Abstract

Cited by 3 (1 self)
 Add to MetaCart
We provide sufficient conditions that formally guarantee that the floatingpoint computation of a polynomial evaluation is faithful. To this end, we develop a formalization of floatingpoint numbers and rounding modes in the Program Verification System (PVS). Our work is based on a wellknown formalization of floatingpoint arithmetic in the proof assistant Coq, where polynomial evaluation has been already studied. However, thanks to the powerful proof automation provided by PVS, the sufficient conditions proposed in our work are more general than the original ones.