Results 1  10
of
39
Formal Verification in Hardware Design: A Survey
 ACM TRANSACTIONS ON DESIGN AUTOMATION OF ELECTRONIC SYSTEMS
, 1999
"... ..."
An Integration of Model Checking with Automated Proof Checking
, 1995
"... Although automated proof checking tools for generalpurpose logics have been successfully employed in the verification of digital systems, there are inherent limits to the efficient automation of expressive logics. If the expressiveness is constrained, there are useful logic fragments for which effi ..."
Abstract

Cited by 88 (8 self)
 Add to MetaCart
Although automated proof checking tools for generalpurpose logics have been successfully employed in the verification of digital systems, there are inherent limits to the efficient automation of expressive logics. If the expressiveness is constrained, there are useful logic fragments for which efficient decision procedures can be found. The model checking paradigm yields an important class of decision procedures for establishing temporal properties of finitestate systems. Model checking is remarkably effective for automatically verifying finite automata with relatively small state spaces, but is inadequate when the state spaces are either too large or unbounded. For this reason, it is useful to integrate the complementary technologies of model checking and proof checking. Such an integration has to be carried out in a delicate manner in order to be more than just the sum of the techniques. We describe...
Verification of a Multiplier: 64 Bits and beyond
, 1993
"... Verifying a 64bit multiplier has a computational complexity that puts it beyond the grasp of current finitestate algorithms, including those based upon homomorphic reduction, the induction principle, and bdd fixedpoint algorithms. Theorem proving, while not bound by the same computational constra ..."
Abstract

Cited by 35 (6 self)
 Add to MetaCart
Verifying a 64bit multiplier has a computational complexity that puts it beyond the grasp of current finitestate algorithms, including those based upon homomorphic reduction, the induction principle, and bdd fixedpoint algorithms. Theorem proving, while not bound by the same computational constraints, may not be feasible for routinely coping with the complex, lowlevel details of a real multiplier. We show how to verify such a multiplier by applying COSPAN, a modelchecking algorithm, to verify local properties of the complex lowlevel circuit, and using TLP, a theorem prover based on the Temporal Logic of Actions, to prove that these properties imply the correctness of the multiplier. Both verification steps are automated, and we plan to mechanize the translation between the languages of TLP and COSPAN.
Specifying and Verifying FaultTolerant Systems
 FORMAL TECHNIQUES IN REALTIME AND FAULTTOLERANT SYSTEMS, VOLUME 863 OF LECTURE NOTES IN COMPUTER SCIENCE
, 1994
"... We formally specify a well known solution to the Byzantine generals problem and give a rigorous, hierarchically structured proof of its correctness. We demonstrate that this is an engineering exercise, requiring no new scientific ideas. ..."
Abstract

Cited by 33 (3 self)
 Add to MetaCart
We formally specify a well known solution to the Byzantine generals problem and give a rigorous, hierarchically structured proof of its correctness. We demonstrate that this is an engineering exercise, requiring no new scientific ideas.
The IOA Language and Toolset: Support for Designing, Analyzing, and Building Distributed Systems
, 1998
"... This report describes a new language for distributed programming, the IOA language, together with a highlevel design and preliminary implementation for a suite of tools, the IOA toolset, to support the production of highquality distributed software. The language and tools are based on the I/O a ..."
Abstract

Cited by 28 (9 self)
 Add to MetaCart
This report describes a new language for distributed programming, the IOA language, together with a highlevel design and preliminary implementation for a suite of tools, the IOA toolset, to support the production of highquality distributed software. The language and tools are based on the I/O automaton model, which has been used to describe and verify distributed algorithms. The toolset supports a development process that begins with a highlevel specification, refines that specification via successively more detailed designs, and ends by automatically generating distributed programs. The toolset encourages system decomposition, which helps make distributed programs understandable and easy to modify. It also provides a variety of validation methods (theorem proving, model checking, and simulation), which can be used to ensure that the generated programs are correct, subject to assumptions about externallyprovided system services (e.g., communication services), and about the correctness of handcoded data type implementations.
Formalizing Process Algebraic Verifications in the Calculus of Constructions
"... This paper reports on the first steps towards the formal verification of correctness proofs of reallife protocols in process algebra. We show that proofs can be verified, and partly constructed, by a general purpose proof checker. The process algebra we use is µCRL, ACP augmented with data, wh ..."
Abstract

Cited by 18 (7 self)
 Add to MetaCart
This paper reports on the first steps towards the formal verification of correctness proofs of reallife protocols in process algebra. We show that proofs can be verified, and partly constructed, by a general purpose proof checker. The process algebra we use is µCRL, ACP augmented with data, which is small enough to make the verification feasible, and at the same time expressive enough for the specification of reallife protocols. The proof checker we use is Coq, which is based on the Calculus of Constructions, an extension of simply typed lambda calculus. The focus is on the translation of the proof theory of µCRL and µCRLspecifications to Coq. As a case study, we verified the Alternating Bit Protocol.
Specification and Verification of Faulttolerance, Timing and Scheduling
 ACM TRANSACTIONS ON PROGRAMMING LANGUAGES AND SYSTEMS
, 1999
"... Faulttolerance and timing have often been considered to be implementation issues of a program, quite distinct from the functional safety and liveness properties. Recent work has shown how these nonfunctional and functional properties can be verified in a similar way. However, the more practical qu ..."
Abstract

Cited by 17 (5 self)
 Add to MetaCart
Faulttolerance and timing have often been considered to be implementation issues of a program, quite distinct from the functional safety and liveness properties. Recent work has shown how these nonfunctional and functional properties can be verified in a similar way. However, the more practical question of determining whether a realtime program will meet its deadlines, i.e. showing that there is a feasible schedule, is usually done using scheduling theory, quite separately from the verification of other properties of the program. This makes it hard to use the results of scheduling analysis in the design, or redesign, of faulttolerant, realtime programs. This paper shows how faulttolerance, timing and schedulability can be specified and verified using a single notation and model. This allows a unified view to be taken of the functional and nonfunctional properties of programs and a simple transformational method to be used to combine these properties. It also permits results fro...
Program Verification using HOLUNITY
 Higher Order Logic Theorem Proving and Its Applications: HUG ’93, LNCS 780
, 1994
"... . HOLUNITY is an implementation of Chandy and Misra's UNITY theory in the HOL88 and HOL90 theorem provers. This paper shows how to verify safety and progress properties of concurrent programs using HOLUNITY. As an example it is proved that a liftcontrol program satisfies a given progress property ..."
Abstract

Cited by 16 (1 self)
 Add to MetaCart
. HOLUNITY is an implementation of Chandy and Misra's UNITY theory in the HOL88 and HOL90 theorem provers. This paper shows how to verify safety and progress properties of concurrent programs using HOLUNITY. As an example it is proved that a liftcontrol program satisfies a given progress property. The proof is compositional and partly automated. The progress property is decomposed into basic safety and progress properties, which are proved automatically by a developed tactic based on a combination of Gentzenlike proof methods and Pressburger decision procedures. The proof of the decomposition which includes induction is done mechanically using the inference rules of the UNITY logic implemented as theorems in HOL. The paper also contains some empirical results of running the developed tactic in HOL88 and HOL90, respectively. It turns out that HOL90 in average is about 9 times faster than HOL88. Finally, we discuss various ways of improving the tactic. 1 Introduction This paper pres...
Implementing a Model Checker for LEGO
 Proc. of the 4th Inter Symp. of Formal Methods Europe, FME'97: Industrial Applications and Strengthened Foundations of Formal Methods
, 1997
"... . Interactive theorem proving gives a general approach for modelling and verification of both hardware and software systems but requires significant human efforts to deal with many tedious proofs. To be used in practical, we need some automatic tools such as model checkers to deal with those tedious ..."
Abstract

Cited by 14 (3 self)
 Add to MetaCart
. Interactive theorem proving gives a general approach for modelling and verification of both hardware and software systems but requires significant human efforts to deal with many tedious proofs. To be used in practical, we need some automatic tools such as model checkers to deal with those tedious proofs. In this paper, we formalise a verification system of both CCS and an imperative language in LEGO which can be used to verify both finite and infinite problems. Then a model checker, LegoMC, is implemented to generate the LEGO proof terms of finite models automatically. Therefore people can use LEGO to verify a general problem and throw some finite subproblems to be verified by LegoMC. On the other hand, this integration extends the power of model checking to verify more complicated and infinite models as well. 1 Introduction Interactive theorem proving gives a general approach for modelling and verification of both hardware and software systems but requires significant human effor...