Results 1  10
of
16
Executing the formal semantics of the Accellera Property Specification Language by mechanised theorem proving
 Proc. 12 th Advanced Research Working Conference on Correct Hardware Design and Verification Methods (CHARME 2003), Lecture
, 2003
"... The Accellera Property Specification Language (PSL) is designed for the formal specification of hardware. The Reference Manual contains a formal semantics, which we previously encoded in a machine readable version of higher order logic. In this paper we describe how to `execute' the formal ..."
Abstract

Cited by 17 (2 self)
 Add to MetaCart
(Show Context)
The Accellera Property Specification Language (PSL) is designed for the formal specification of hardware. The Reference Manual contains a formal semantics, which we previously encoded in a machine readable version of higher order logic. In this paper we describe how to `execute' the formal semantics using proof scripts coded in the HOL theorem prover's metalanguage ML. The goal is to see if it is feasible to implement useful tools that work directly from the o#cial semantics by mechanised proof. Such tools will have a high assurance of conforming to the standard. We have implemented two experimental tools: an interpreter that evaluates whether a finite trace w, which may be generated by a simulator, satisfies a PSL formula f (i.e. w f ), and a compiler that converts PSL formulas to checkers in an intermediate format suitable for translation to HDL for inclusion in simulation testbenches. Although our tools use logical deduction and are thus slower than handcrafted implementations, they may be speedy enough for some applications. They can also provide a reference for more e#cient implementations.
Model checking the AMBA protocol in HOL
, 2004
"... Model checking the AMBA protocol in HOL ..."
(Show Context)
Verification of AMBA Using a Combination of Model Checking and Theorem
 Proving. Electronic Notes in Theoretical Computer Science, 145:45 – 61
, 2006
"... The Advanced Microcontroller Bus Architecture (AMBA) is an open SystemonChip bus protocol for highperformance buses on lowpower devices. We demonstrate the combined use of model checking and theorem proving to verify both control and datapath properties in a seamless manner. Key words: Systemon ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
(Show Context)
The Advanced Microcontroller Bus Architecture (AMBA) is an open SystemonChip bus protocol for highperformance buses on lowpower devices. We demonstrate the combined use of model checking and theorem proving to verify both control and datapath properties in a seamless manner. Key words: SystemonChip, theorem proving, model checking, tool combination. 1
Providing a Formal Linkage between MDG and HOL
, 2002
"... We describe an approach for formally verifying the linkage between a symbolic state enumeration system and a theorem proving system. This involves the following three stages of proof. Firstly we prove theorems about the correctness of the translation part of the symbolic state system. It interface ..."
Abstract

Cited by 2 (2 self)
 Add to MetaCart
We describe an approach for formally verifying the linkage between a symbolic state enumeration system and a theorem proving system. This involves the following three stages of proof. Firstly we prove theorems about the correctness of the translation part of the symbolic state system. It interfaces between low level decision diagrams and high level description languages. We ensure that the semantics of a program is preserved in those of its translated form. Secondly we prove linkage theorems: theorems that justify introducing a result from a state enumeration system into a proof system. Finally we combine the translator correctness and linkage theorems. The resulting new linkage theorems convert results to a high level language from the low level decision diagrams that the result was actually proved about in the state enumeration system.They justify importing lowlevel external verification results into a theorem prover. We use a linkage between the HOL system and a simplified version of the MDG system to illustrate the ideas and consider a small example that integrates two applications from MDG and HOL to illustrate the linkage theorems.
Shallow Lazy Proofs
"... Abstract. We show that delaying fullyexpansive proof reconstruction for noninteractive decision procedures can result in a more efficient workflow. In contrast with earlier work, our approach to postponed proof does not require making deep changes to the theorem prover. 1 ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
(Show Context)
Abstract. We show that delaying fullyexpansive proof reconstruction for noninteractive decision procedures can result in a more efficient workflow. In contrast with earlier work, our approach to postponed proof does not require making deep changes to the theorem prover. 1
Implementing abstraction refinement for model checking in HOL
 Supplementary Proceedings of the 16th International Conference on Theorem Proving in Higher Order Logics, number 187 in Technical Reports
, 2003
"... Abstract. Abstracting infinite or large state spaces to ones feasible for model checking has met with much success. We have implemented an abstraction framework in HOL, on top of a deepembedded model checker. We present the implementation, highlighting the role of HOL. 1 ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
(Show Context)
Abstract. Abstracting infinite or large state spaces to ones feasible for model checking has met with much success. We have implemented an abstraction framework in HOL, on top of a deepembedded model checker. We present the implementation, highlighting the role of HOL. 1
Formalizing the translation of CTL into Lµ
 Supplementary Proceedings of the 16th International Conference on Theorem Proving in Higher Order Logics, number 187 in Technical Reports
, 2003
"... Abstract. The translation of the temporal logic CTL [2] into the modal µcalculus Lµ [10] is formalised in the HOL theorem prover [8]. 1 ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
(Show Context)
Abstract. The translation of the temporal logic CTL [2] into the modal µcalculus Lµ [10] is formalised in the HOL theorem prover [8]. 1
A High Level Reachability Analysis using Multiway Decision Graph in the HOL Theorem Prover
"... Abstract. In this paper, we provide all the necessary infrastructure to define a high level states exploration approach within the HOL theorem prover. While related work has tackled the same problem by representing primitive BDD operations as inference rules added to the core of the theorem prover, ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
(Show Context)
Abstract. In this paper, we provide all the necessary infrastructure to define a high level states exploration approach within the HOL theorem prover. While related work has tackled the same problem by representing primitive BDD operations as inference rules added to the core of the theorem prover, we have based our approach on the Multiway Decision Graphs (MDGs). We define canonic MDGs as wellformed directed formulae in HOL. Then, we formalize the basic MDG operations following a deep embedding approach and we derive the correctness proof for each operation. Finally, a high level reachability analysis is implemented as a tactic that uses our MDG theory within HOL. 1
Symmetry Reduction for STE Model Checking using Structured Models
"... Symbolic trajectory evaluation (STE) is not sufficient to handle verification of circuits with large number of state holding elements such as memories. It is also the case that memory based circuits have plenty of symmetry, which can be exploited for computing reductions for STE model checking. This ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
(Show Context)
Symbolic trajectory evaluation (STE) is not sufficient to handle verification of circuits with large number of state holding elements such as memories. It is also the case that memory based circuits have plenty of symmetry, which can be exploited for computing reductions for STE model checking. This dissertation addresses the problem of symmetry reduction for STE model checking. There are two main challenges involved in achieving an efficient solution to the problem of symmetry reduction. First is the discovery of symmetry in the circuit, and second, a methodology of computing reductions in the size of the STE model checking run. To address the problem of finding symmetries in circuits, we propose a method of designing circuit models, so that symmetries in the structure of the circuit, can be recorded at the time of design. We propose a framework that allows us to model circuits using special functions, and a type system is provided to enforce discipline on the usage of these functions. A type soundness theorem then guarantees that circuits constructed using these functions have symmetry.