A language of relations and combining forms is presented in which to describe both the behaviour of circuits and the specifications which they must meet. We illustrate a design method that starts by selecting representations for the values on which a circuit operates, and derive the circuit from these representations by a process of refinement entirely within the language. Formal methods have always been used in circuit design. It would be unthinkable to attempt to design combinational circuits without using Boolean algebra. This means that circuit designers, unlike programmers, already use mathematical tools as a matter of course. It also means that we have a good basis on which to build higher level formal design methods. Encouraged by these observations, we have been investigating the application of formal program development techniques to circuit design. We view circuit design as the transformation of a program describing the required behaviour into an equivalent program that is s...

: The expressive power of higher order logic makes it possible to define a wide variety of data types within the logic and to prove theorems that state the properties of these types concisely and abstractly. This paper describes how such defined data types can be used to support formal reasoning in higher order logic about the behaviour of hardware designs. First printed: May 1988 Reprinted with revisions: April 1990 An earlier version of this paper appears in: The Fusion of Hardware Design and Verification, ed. G.J. Milne (North-Holland, 1988), pp. 27--50. Contents Introduction 5 1 Hardware Verification using Higher Order Logic 5 1.1 Notation : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 5 1.2 Specifying Hardware Behaviour : : : : : : : : : : : : : : : : : : 6 1.3 Specifying Hardware Structure : : : : : : : : : : : : : : : : : : 7 1.4 Formulating Correctness : : : : : : : : : : : : : : : : : : : : : : 8 2 Recursive Types in Higher Order Logic 8 2.1 Type Definit...

Proof Search According to [12], abstract proof search is a process by which, starting from a representation of a problem at a so-called ground level, we construct a new and simpler representation at a so-called abstract level and use it to solve the original problem. That is, we abstract the given goal, prove its abstracted version and then use the information about the resulting abstract proof as an outline to construct the proof at the ground level. Dierent techniques to abstract from details have been studied in the literature. The problem is to nd out which details should be abstracted away. On one hand, if we abstract too much information then we often obtain abstract solutions that cannot be transferred to the ground level. Then, planning at the abstract level is even more dicult than planning at the ground level because the abstraction removes necessary control information, or we obtain only little information from the abstract proof how to guide the proof at the ground leve...

syntax for design annotations : : : : : : : : : : : : : : : : : 45 4.3 Semantic algebras for design annotations : : : : : : : : : : : : : : : : 46 4.4 Semantic algebras, continued : : : : : : : : : : : : : : : : : : : : : : : 47 4.5 Valuation functions for design annotations : : : : : : : : : : : : : : : 48 4.6 Devices : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : : 50 5.1 Constant dummy in the basic library : : : : : : : : : : : : : : : : : : 58 5.2 Interconnection devices in the basic library : : : : : : : : : : : : : : : 58 5.3 Devices in the comp library : : : : : : : : : : : : : : : : : : : : : : : 59 5.4 Timing analysis of the design in session box 7 : : : : : : : : : : : : : 66 5.5 Scheduling the design in session box 7 : : : : : : : : : : : : : : : : : : 67 5.6 The design after session box 8 : : : : : : : : : : : : : : : : : : : : : : 68 5.7 The design after session box 15 : : : : : : : : : : : : : : : : : : : : : 74 5.8 The design after session box 16 : : :...

Formal methods promises designers increased assurance in and understanding of their designs. Assurance is gained via proof; understanding is gained via the construction of proof. Researchers have developed powerful proof techniques; they have not focused sufficiently on creating tools to support reasoning. As a result, formal methods fails to attain its full potential. We argue that by formalizing the notations provided by diagrammatic representations, we can build tools that provide support for both proof and reasoning, thereby making formal methods more widely applicable by designers. 1 Introduction Formal methods offer much more to computer science than just "proofs of correctness" for programs and digital circuits, however. Many of the problems in software and hardware design are due to imprecision, ambiguity, incompleteness, misunderstanding, and just plain mistakes in the statement of top-level requirements, in the description of intermediate designs, or in the specification of ...

Diagrams have been left as an informal tool in hardware reasoning, thus rendering them unacceptable representations within formal reasoning systems. We demonstrate some advantages of formally supporting diagrams in hardware verification systems via a simple example and provide a logical formalization of hardware diagrams upon which we are constructing a verification tool. 1 Introduction The increased use of formal methods for verifying hardware specifications has generated a wealth of research into the formal models and representations of hardware that best facilitate the verification task. Most such models are based on combinations of temporal and higher-order logic which, while effective, do not necessarily reflect the models used during the design process. The hardware design process involves the use of a collection of diagrammatic forms, such as circuit diagrams and timing diagrams, which depict certain characteristics of hardware components more naturally than purely sentential r...

We propose that the concept of "formal methods" be expansive enough to include a rigorous, integrated use of diagrams for automated reasoning tasks. Applications to hardware design provide an especially rich domain to explore visually oriented extensions of traditional logic. This domain has an established methodology embracing the use of diagrams; it promises to light the way toward modernizing the foundations of formal logic. In this paper we examine some of the issues exposed when one attempts to develop a rigorous basis for heterogeneous and visually oriented reasoning. . Toward the Rigorous Use of Diagrams in Reasoning about Hardware Steven D. Johnson , Jon Barwise, and Gerard T. Allwein. Johnson's research supported, in part, by the National Science Foundation under grants numbered MIP89-21842 and MIP92-08745. 2 Author's name Introduction The logician's conventional notion of proof has grown increasingly anachronistic through the twentieth century as computing capabilities...

Abstract. In this work a mutual exclusion algorithm is modeled using Transition Assertions. The main feature of a mutual exclusion algorithm is to prevent simultaneous access of a shared resource by two or more systems. The specification of the algorithm is a collection of transition assertions with each transition assertion containing a precondition and postcondition. The Transition Assertions model is formalized in higher order logic and the HOL mechanized theorem prover is used to show that the Transition Assertions model complies with the mutual exclusion requirement. 1

ion for Verification of Large Scale Designs Viresh Paruthi , Nazanin Mansouri and Ranga Vemuri y Laboratory for Digital Design Environments Department of ECECS P.O. Box 210030 University of Cincinnati Cincinnati, OH 45221--0030 ICCD '98 Topic : Verification and Test All appropriate clearances for the publication of this paper have been obtained, and if accepted the authors will prepare the final manuscript in time for inclusion in the Conference Proceedings and will present the paper at the Conference. Designated presenter, should the paper be accepted y Author for Correspondence,(513)-556-4784 (Voice), (513)-556-7326 (FAX), Ranga.Vemuri@UC.EDU Automatic Data Path Abstraction for Verification of Large Scale Designs Abstract The state space explosion problem is a hurdle in the acceptance of model checking as a viable tool for verification of large-scale designs. Abstractions may be used to simplify the designs in order to reduce the number of reachable states, while ...

. Interpreters are the model of choice for much of the hardware design-verification community. In part, by restricting behavior to a single level of abstraction, interpreters provide a highly desirable conciseness of expression. However, this single-level extent necessarily requires some other means to `bridge the gap' between interpreters in a multi-level hierarchy; i.e., to define the abstraction between the levels. This paper presents an interpreter interface language that we have found to be well suited to the task of modeling interpreter abstraction. We describe our formal embedding of this language within the HOL theorem proving system, and we overview some of the proof support provided by our implementation. Finally, we describe a fundamental role of interface languages in the practical insertion of formal methods concepts into mainstream simulation environments. 1 Introduction Finite-state machines (FSMs) are the modeling workhorses for digital system design and verification....