Results 1  10
of
23
Formal Verification of the AAMP5 Microprocessor  A Case Study in the . . .
, 1995
"... This paper describes the experiences of Collins Commercial Avionics and SRI International in formally specifying and verifying the microcode for the AAMP5 microprocessor with the PVS verification system. This project was conducted to determine if an industrial microprocessor designed for use in real ..."
Abstract

Cited by 63 (1 self)
 Add to MetaCart
This paper describes the experiences of Collins Commercial Avionics and SRI International in formally specifying and verifying the microcode for the AAMP5 microprocessor with the PVS verification system. This project was conducted to determine if an industrial microprocessor designed for use in realtime embedded systems could be formally specified at the instruction set and register transfer levels and if formal proofs could be used to prove the microcode correct. The paper provides a brief technical overview, but its emphasis is on the lessons learned in using PVS for an example of this size and the implications for using formal methods in an industrial setting. Keywords: Formal Methods, Formal Specification, Formal Verification, Microprocessor Verification, Microcode Verification, Hardware Verification, High Integrity Systems, Safety Critical Systems, PVS #### Software and digital hardware are increasingly being used in situations where failure could be life threatening, such as a...
Telescoping languages: A strategy for automatic generation of scientific problemsolving systems from annotated libraries. www.netlib.org/utk/people/JackDongarra/PAPERS/ Telescope.pdf
, 2000
"... As machines and programs have become more complex, the process of programming applications that can exploit the power of highperformance systems has become more difficult and correspondingly more laborintensive. This has substantially widened the software gap the discrepancy between the need for n ..."
Abstract

Cited by 46 (7 self)
 Add to MetaCart
As machines and programs have become more complex, the process of programming applications that can exploit the power of highperformance systems has become more difficult and correspondingly more laborintensive. This has substantially widened the software gap the discrepancy between the need for new software and the aggregate capacity of the workforce to produce it. This problem has been compounded by the slow growth of programming productivity, especially for highperformance programs, over the past two decades. One way to bridge this gap is to make it possible for end users to develop programs in highlevel domainspecific programming systems. In the past, a major impediment to the acceptance of such systems has been the poor performance of the resulting applications. To address this problem, we are developing a new compilerbased infrastructure, called
Defining the IEEE854 FloatingPoint Standard in PVS
 in PVS. Technical Memorandum 110167, NASA, Langley Research
, 1995
"... A significant portion of the ANSI/IEEE854 Standard for RadixIndependent FloatingPoint Arithmetic is defined in PVS (Prototype Verification System). Since IEEE854 is a generalization of the ANSI/IEEE754 Standard for Binary FloatingPoint Arithmetic, the definition of IEEE854 in PVS also formall ..."
Abstract

Cited by 29 (3 self)
 Add to MetaCart
A significant portion of the ANSI/IEEE854 Standard for RadixIndependent FloatingPoint Arithmetic is defined in PVS (Prototype Verification System). Since IEEE854 is a generalization of the ANSI/IEEE754 Standard for Binary FloatingPoint Arithmetic, the definition of IEEE854 in PVS also formally defines much of IEEE754. This collection of PVS theories provides a basis for machine checked verification of floatingpoint systems. This formal definition illustrates that formal specification techniques are sufficiently advanced that it is reasonable to consider their use in the development of future standards. keywords: Floatingpoint arithmetic, Formal Methods, Specification, Verification. 1 Introduction This document describes a definition of the ANSI/IEEE854 [3] Standard for RadixIndependent FloatingPoint Arithmetic in the PVS verification system (developed at SRI International) [4]. IEEE854 is a generalization of the ANSI/IEEE754 [2] Standard for Binary FloatingPoint Ari...
Specification of the IEEE854 FloatingPoint Standard in HOL and PVS
, 1995
"... The IEEE854 Standard for radixindependent floatingpoint arithmetic has been partially defined within two mechanical verification systems. We present the specification of key parts of the standard in both HOL and PVS. This effort to formalize IEEE854 has given the opportunity to compare the st ..."
Abstract

Cited by 23 (1 self)
 Add to MetaCart
The IEEE854 Standard for radixindependent floatingpoint arithmetic has been partially defined within two mechanical verification systems. We present the specification of key parts of the standard in both HOL and PVS. This effort to formalize IEEE854 has given the opportunity to compare the styles imposed by the two verification systems on the specification.
Verification of IEEE Compliant Subtractive Division Algorithms
 FORMAL METHODS IN COMPUTERAIDED DESIGN (FMCAD '96)
, 1996
"... A parameterized definition of subtractive floating point division algorithms is presented and verified using PVS. The general algorithm is proven to satisfy a formal definition of an IEEE standard for floating point arithmetic. The utility of the general specification is illustrated using a numb ..."
Abstract

Cited by 11 (1 self)
 Add to MetaCart
A parameterized definition of subtractive floating point division algorithms is presented and verified using PVS. The general algorithm is proven to satisfy a formal definition of an IEEE standard for floating point arithmetic. The utility of the general specification is illustrated using a number of different instances of the general algorithm.
Formal Verification of the VAMP Floating Point Unit
 In CHARME 2001, volume 2144 of LNCS
, 2001
"... We report on the formal verification of the floating point unit used in the VAMP processor. The FPU is fully IEEE compliant, and supports denormals and exceptions in hardware. The supported operations are addition, subtraction, multiplication, division, comparison, and conversions. The hardware is v ..."
Abstract

Cited by 11 (6 self)
 Add to MetaCart
We report on the formal verification of the floating point unit used in the VAMP processor. The FPU is fully IEEE compliant, and supports denormals and exceptions in hardware. The supported operations are addition, subtraction, multiplication, division, comparison, and conversions. The hardware is verified on the gate level against a formal description of the IEEE standard by means of the theorem prover PVS.
The Verified Software Repository: a step towards the verifying compiler
"... Abstract. The Verified Software Repository is dedicated to a longterm vision of a future in which all computer systems justify the trust that society increasingly places in them. This would be accompanied by a substantial reduction in the current high costs of programming error, incurred during the ..."
Abstract

Cited by 9 (2 self)
 Add to MetaCart
Abstract. The Verified Software Repository is dedicated to a longterm vision of a future in which all computer systems justify the trust that society increasingly places in them. This would be accompanied by a substantial reduction in the current high costs of programming error, incurred during the design, development, testing, installation, maintenance, evolution, and retirement of computer software. An important technical contribution to this vision will be a Verifying Compiler: a toolset that automatically proves that a program will always meet its specification, insofar as this has been formalised, without even needing to run it. This has been a challenge for computing research for over thirty years, but the current state of the art now gives grounds for hope that it may be implemented in the foreseeable future. Achievement of the overall vision will depend also on continued progress of research into dependability and software evolution, as envisaged by the UKCRC Grand Challenge project in Dependable Systems Evolution. The Verified Software Repository is a first step towards the realisation of this longterm vision. It will maintain and develop an evolving collection of stateofthe art tools, together with a representative portfolio of real programs and specifications on which to test, evaluate, and develop the tools. It will contribute initially to the interworking of tools, and eventually to their integration. It will promote transfer of the relevant technology to industrial tools and into software engineering practice. It will build on the recognised
Formal Verification of Iterative Algorithms in Microprocessors
, 2000
"... Contemporary microprocessors implement many iterative algorithms. For example, the frontend of a microprocessor repeatedly fetches and decodes instructions while updating internal state such as the program counter; floatingpoint circuits perform divide and square root computations iteratively. Ite ..."
Abstract

Cited by 8 (0 self)
 Add to MetaCart
Contemporary microprocessors implement many iterative algorithms. For example, the frontend of a microprocessor repeatedly fetches and decodes instructions while updating internal state such as the program counter; floatingpoint circuits perform divide and square root computations iteratively. Iterative algorithms often have complex implementations because of performance optimizations like result speculation, retiming and circuit redundancies. Verifying these iterative circuits against highlevel specifications requires two steps: reasoning about the algorithm itself and verifying the implementation against the algorithm. In this paper we discuss the verification of four iterative circuits from Intel microprocessor designs. These verifications were performed using Forte, a custombuilt verification system; we discuss the Forte features necessary for our approach. Finally, we discuss how we maintained these proofs in the face of evolving design implementations.
Integrating formal methods into a professional master of software engineering program
 Z User Workshop, Cambridge 1994, Workshops in Computing
, 1994
"... A critical issue in the design of a professional software engineeringdegree program is the way in which formal methods are integrated into the curriculum. The approach taken by most programs is to teach formal techniques for software development in a separate course on formal methods. In this paper ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
A critical issue in the design of a professional software engineeringdegree program is the way in which formal methods are integrated into the curriculum. The approach taken by most programs is to teach formal techniques for software development in a separate course on formal methods. In this paper we detail some of the problems with that approach and describe an alternative in which formal methods are integrated across the curriculum. We illustrate the strengths and weaknesses of this alternative in terms of our experience of using it in the Master of Software Engineering Program at Carnegie Mellon University. 1
Formal Methods: Why Should I Care?  The development of the T800 transputer floatingpoint unit
 In Proc. 13th New Zealand Computer Society Conference
, 1993
"... The term `formal methods' is a general term for precise mathematicallybased techniques used in the development of computer systems, both hardware and software. This paper discusses formal methods in general, and in particular describes their successful role in specifying, constructing and proving c ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
The term `formal methods' is a general term for precise mathematicallybased techniques used in the development of computer systems, both hardware and software. This paper discusses formal methods in general, and in particular describes their successful role in specifying, constructing and proving correct the floatingpoint unit of the Inmos T800 transputer chip. 1. Introduction The need for reliable computer systems is increasing rapidly, in step with our growing dependence on computers in daily life. This need can only be met by developing more rigorous methods for constructing these systems. The term `formal methods' is a blanket term for such precise, mathematicallybased techniques for the development of computer systems. In this paper, we aim to give an introduction to formal methods in general, and to discuss how they helped in constructing the floatingpoint unit of the Inmos T800 transputer chip. The transputer [Inmos Ltd 1988b] is a microprocessor chip designed specificall...