Results 1 
3 of
3
Verification of executable pipelined machines with bitlevel interfaces
 In ICCAD2005, International Conference on ComputerAided Design
, 2005
"... Abstract — We show how to verify pipelined machine models with bitlevel interfaces by using a combination of deductive reasoning and decision procedures. While decision procedures such as those implemented in UCLID can be used to verify away the datapath, require the use of numerous abstractions, i ..."
Abstract

Cited by 6 (4 self)
 Add to MetaCart
Abstract — We show how to verify pipelined machine models with bitlevel interfaces by using a combination of deductive reasoning and decision procedures. While decision procedures such as those implemented in UCLID can be used to verify away the datapath, require the use of numerous abstractions, implement a small subset of the instruction set, and are far from executable. In contrast, we focus on verifying executable machines with bitlevel interfaces. Such proofs have previously required substantial expert guidance and the use of deductive reasoning engines. We show that by integrating UCLID with the ACL2 theorem proving system, we can use ACL2 to reduce the proof that an executable, bitlevel machine refines its instruction set architecture to a proof that a term level abstraction of the bitlevel machine refines the instruction set architecture, which is then handled automatically by UCLID. In this way, we exploit the strengths of ACL2 and UCLID to prove theorems that are not possible to even state using UCLID and that would require prohibitively more effort using just ACL2. I.
A Framework for Verifying BitLevel Pipelined Machines Based on Automated Deduction and Decision Procedures
 Journal of Automated Reasoning
, 2006
"... Abstract. We describe an approach to verifying bitlevel pipelined machine models using a combination of deductive reasoning and decision procedures. While theorem proving systems such as ACL2 have been used to verify bitlevel designs, they typically require extensive expert user support. Decision ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
Abstract. We describe an approach to verifying bitlevel pipelined machine models using a combination of deductive reasoning and decision procedures. While theorem proving systems such as ACL2 have been used to verify bitlevel designs, they typically require extensive expert user support. Decision procedures such as those implemented in UCLID can be used to automatically and efficiently verify termlevel pipelined machine models, but these models use numerous abstractions, implement a subset of the instruction set, and are far from executable. We show that by integrating UCLID with the ACL2 theorem proving system, we can use ACL2 to reduce the proof that an executable, bitlevel machine refines its instruction set architecture to a proof that a termlevel abstraction of the bitlevel machine refines the instruction set architecture, which is then handled automatically by UCLID. We demonstrate the efficiency of our approach by applying it to verify a complex seven stage bitlevel interface pipelined machine model that implements 593 instructions and has features such as branch prediction, exceptions, and predicated instruction execution. Such a proof is not possible using UCLID and would require prohibitively more effort using just ACL2.
The challenge of hardwaresoftware coverification
 in IFIP Working Conference on Verified Software: Theories, Tools, Experiments
, 2005
"... Abstract. Building verified computing systems such as a verified compiler or operating system will require both software and hardware verification. How can we decompose such verification efforts into mostly separate tasks, one involving hardware and the other software? What theorems should we prove? ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
Abstract. Building verified computing systems such as a verified compiler or operating system will require both software and hardware verification. How can we decompose such verification efforts into mostly separate tasks, one involving hardware and the other software? What theorems should we prove? What specification languages should we use? What tools should we build? To what extent can the process be automated? We address these issues, using as a running example our recent and ongoing work on refinementbased pipelined machine verification. 1