## Providing a Formal Linkage between MDG and HOL Based on a Veri MDG System (2001)

Citations: | 2 - 2 self |

### BibTeX

@TECHREPORT{Xiong01providinga,

author = {Haiyan Xiong and Paul Curzon and Ann Bl},

title = {Providing a Formal Linkage between MDG and HOL Based on a Veri MDG System},

institution = {},

year = {2001}

}

### OpenURL

### Abstract

Abstract. We describe a methodology which can provide a formal link-age between a symbolic state enumeration system and a theorem prov-ing system based on a veried symbolic state enumeration system. The methodology has been partly realized in a simplied version of the MDG system (a symbolic state enumeration system) and the HOL system (a theorem proving system) which involves the following three steps. First, we have veried aspects of correctness of the simplied version of the MDG system. We have made certain that the semantics of a program is preserved in those of its translated form. Secondly, we have provided a formal linkage between the MDG system and the HOL system based on importing theorems. The MDG verication results can be formally imported into HOL to form the HOL theorem. Thirdly, we have com-bined the translator correctness theorems with importing theorems. This combination allows the MDG verication results to be imported in terms of a high level language (MDG-HDL) rather than a low level language. We have also summarized a general method which is used to prove the existential theorem for the specication and implementation of the design. The feasibility of this approach is demonstrated in a case study: the verication of the correctness and usability theorems of a vending machine. 1

### Citations

3212 | Graph-based algorithms for boolean function manipulation
- Bryant
- 1986
(Show Context)
Citation Context ... diagram. Techniques such as reachability analysis are used to automatically verify given properties of the design or machine equivalence. Much of this work is based on Binary Decision Diagrams (BDD) =-=[2]-=-. Deductive theorem proving systems use interactive proof methods. The user interactively constructs a formal proof which proves a theorem stating the correctness of this implementation.Theorem provin... |

955 | Symbolic Boolean Manipulation with Ordered Binary-Decision Diagrams
- Bryant
- 1992
(Show Context)
Citation Context ...DG-HDL). 3 The MDG system The MDG system is a hardware verication system based on Multiway Decision Graphs (MDGs). MDGs subsume the class of Bryant's Reduced Ordered Binary Decision Diagrams (ROBDD) =-=[3]-=- while accommodating abstract sorts and uninterpreted function symbols. The system combines a variety of dierent hardware verication applications implemented using MDGs [23]. The applications develo... |

558 |
Introduction to HOL: A Theorem Proving Environment for Higher Order Logic
- Gordon, Melham
- 1993
(Show Context)
Citation Context ...CARE then the output y is equal to false, if x1 is equal to true and x2 is equal to false then the output y is equal to false, otherwise the output y is equal to true. 4 The HOL System The HOL system =-=[12]-=- is an LCF [10] (Logic of Computable Functions) style proof system. It uses higher-order logic to model and verify a system. There are two main proof methods used: forward and backward proof. In forwa... |

387 |
ML for the Working Programmer
- Paulson
- 1991
(Show Context)
Citation Context ...ps are safe. All divided inference rules are built on top of a small number of primitive inference rules. In backward proof, the user sets the desired theorem as a goal. Small programs written in SML =-=[18]-=- called tactics and tacticals are applied that break the goal into a list of subgoals. Tactics and tacticals are repeatedly applied to the subgoals until they can be proved. A justication function is... |

137 |
Edinburgh LCF: A Mechanised Logic of Computation
- Gordon, Milner, et al.
- 1979
(Show Context)
Citation Context ...utput y is equal to false, if x1 is equal to true and x2 is equal to false then the output y is equal to false, otherwise the output y is equal to true. 4 The HOL System The HOL system [12] is an LCF =-=[10]-=- (Logic of Computable Functions) style proof system. It uses higher-order logic to model and verify a system. There are two main proof methods used: forward and backward proof. In forward proof, the s... |

107 | A working memory model of a common procedural error - Byrne, Bovair - 1997 |

99 | An integration of model-checking with automated proof checking - Rajan, Shankar, et al. - 1995 |

91 | C.P.: Edinburgh LCF: A Mechanised Logic - Gordon, Milner, et al. - 1979 |

86 | Multiway Decision Graphs for Automated Hardware Verification
- Corella, Zhou, et al.
- 1997
(Show Context)
Citation Context ... theorem in the current theory of the theorem proving system? The research describe here investigates the answers to the above two questions. Some symbolic state enumeration based systems such as MDG =-=[6]-=- consist of a series of translators and a set of algorithms. Higher level languages such as hardware description languages are used to describe the specication and implementation of the design. The s... |

50 | Introduction to Maple - Heck - 2003 |

48 | Integrating Gandalf and HOL
- Hurd
- 1999
(Show Context)
Citation Context ...not only could the standard state algorithms be eÆciently and safely programmed in HOL, but it also made it possible to achieve the advantages of both theorem proving tools and state algorithms. Hurd =-=[14]-=- used a dierent method to combine the strengths of two theoremprover systems { Gandalf and HOL. He wrote functions to simulate the Gandalf proof according to the Gandalf loggedsle so reconstructing t... |

43 | An overview of SAL - Bensalem, Ganesh, et al. - 2000 |

43 | The PROSPER Toolkit
- Dennis, Collins, et al.
- 2000
(Show Context)
Citation Context ...l which has been deeply embedded in itself so as to be lifted. In other words, the system can execute fl functions in Voss and reason about the behavior of fl functions in ThmTac. The PROSPER toolkit =-=[9]-=- provides a uniform way of linking HOL with external proof tools. The specication of its integration interface has been implemented in several language allowing components written in these languages ... |

40 | J.Van-Tassel. Experience with Embedding Hardware Description Languages in HOL - Boulton, Gordon, et al. - 1992 |

39 |
Linking BDD-based symbolic evaluation to interactive theorem-proving
- Joyce, Seger
- 1993
(Show Context)
Citation Context ...ven in section 5. Finally, our conclusion and ideas for further work are presented in Section 6. 2 Related Work Many dierent technologies have been used to link two dierent systems. Joyce and Seger =-=[15]-=- presented a hybrid verication system: HOL-Voss. Several predicates were dened in the HOL system, which presented a mathematical link between the specication language of the Voss system (symbolic t... |

30 | Hardware verification using Higher-Order Logic - Camilleri, Gordon, et al. - 1986 |

29 | Higher Order Logic and Hardware Verification,” Cambridge Tracts - Melham - 1993 |

28 |
Toward compiler implementation correctness proofs
- Chirica, Martin
- 1986
(Show Context)
Citation Context ...ets the requirement of preserving semantics. We are concerned with the latter step here. This split between implementation correctness and specication correctness was advocated by Chirica and Martin =-=[4]-=- with respect to compiler correctness. 8The MDG system is based on Multiway Decision Graphs which extend ROBDDs with concrete sorts, abstract sorts and uninterpreted function symbols. we dene the dee... |

28 | L.: A skeptic’s approach to combining HOL and Maple - Harrison, Théry - 1998 |

26 | Symbolic trajectory evaluation
- Hazelhurst, Seger
- 1997
(Show Context)
Citation Context ...rication system: HOL-Voss. Several predicates were dened in the HOL system, which presented a mathematical link between the specication language of the Voss system (symbolic trajectory evaluation) =-=[13]-=- and that of the HOL system. Aagaard et al developed the Forte verication system [1]. Forte is a combined model checking (in Voss via symbolic trajectory evaluation) and theorem proving system (ThmTa... |

26 | Combining theorem proving and model checking through symbolic analysis - Shankar |

20 | Formal verification of a partial-order reduction technique for model checking - Chou, Peled - 1999 |

19 | Computer algebra meets automated theorem proving: Integrating Maple and pvs - Adams, Dunstan, et al. - 2001 |

16 | Programming a Symbolic Model Checker in a Fully Expansive Theorem Prover - Amjad - 2003 |

16 |
Reachability programming in HOL98 using BDDs
- Gordon
- 2000
(Show Context)
Citation Context ...L system [16] used PROSPER/Harness Plug-in Interface to link the HOL system and the MDG system. 1 ThmTac is written in fl and is an LCF style implementation of a higher order classical logic. 4Gordon =-=[11]-=- integrated the BDD based verication system BuDDY into HOL by implementing BDD-based verication algorithms inside HOL building on top of primitives provided. Since \LCF-Style" general infrastructure... |

14 | Demonstrating the cognitive plausibility of interactive systems - Butterworth, Blandford, et al. |

13 | Detecting multiple classes of user errors - Curzon, Blandford |

12 | a binary decision diagram package. http://www.itu.dk/research/buddy - BuDDy |

12 | A Machine-Checked Implementation of Buchberger’s Algorithm, in "Journal of Automated Reasoning - THÉRY |

12 | Formal verification of the island tunnel controller using multiway decision graphs - Zhou, Song, et al. |

11 | Combinations of model checking and theorem proving - Uribe - 2000 |

10 | Using decision procedures with a higher-order logic - Shankar - 2001 |

9 | Formal Verification of Iterative Algorithms in Microprocessors - Aagaard, Jones, et al. - 2000 |

9 | Towards the automated synthesis of a Gröbner bases algorithm - Buchberger - 2004 |

9 | Veri of the MDG Components Library in HOL
- Curzon, Tahar, et al.
- 1998
(Show Context)
Citation Context ...ch depends on its input value and output value at the current time or an earlier time instance. 15 In our research, we prove the existential theorems based on the syntax and semantics of MDG-HDL [21] =-=[8]-=-. We provide the output representation for each component (mainly logic gates andsip- ops). The existential term of a design, which reduces the goal 9 x. t to t[u/x], is determined in terms of the cor... |

7 | Verified bytecode model checkers - Basin, Friedrich, et al. - 2002 |

7 | A Tutorial Introduction to PVS. http://www.dcs.gla.ac.uk/proper/papers.html - Crow, Owre, et al. |

6 |
Higher Order Logic and Hardware Veri Cambridge Tracts in Theoretical Computer Science 31
- Melham
- 1993
(Show Context)
Citation Context ...ON ip op (9) This representation might meet an inconsistent model that trivially satises any specication. We need to verify a stronger consistency theorem against the implementation as suggested in =-=[17]-=-, which has the form: ` thm 8 ip. 9 op. IMPLEMENTATION ip op (10) This means that for any set of input values ip there is a set of output values op which is consistent with it. This shows that the mod... |

5 | Reasoning about order errors in interaction - Curzon, Blandford |

5 |
Formal veri of a partial-order reduction technique for model checking
- Chou, Peled
- 1996
(Show Context)
Citation Context ...ase of the MDG system (see 1, Figure 1) using the HOL theorem prover and importing the MDG results into HOL to form the HOL theorems (see 3, Figure 1) [20]. Step 2 is similar to Chou and Peled's work =-=[5]-=- which veries a partial-order reduction technique for model checking. Verifying the algorithms is beyond the scope of this paper. As we are primarily concerned with the linkage and how it could be co... |

5 |
Hierarchical Veri using an MDG-HOL Hybrid Tool
- Kort, Tahar, et al.
- 2001
(Show Context)
Citation Context ...tems. We chose HOL and MDG because this research is part of a large project in collaboration with the Hardware Verication group at Concordia University. They are developing a hybrid system (MDG-HOL) =-=[16]-=- which combines the MDG system and the HOL system. Our aim is dierent to theirs. We are not developing a practical tool. We are doing theoretical research about how to verify the MDG system and provi... |

5 |
Importing MDG veri results into HOL
- Xiong, Curzon, et al.
- 1999
(Show Context)
Citation Context ...cation of the algorithms. (b) We then must prove theorems (step 3), which formally convert the verication results of dierent MDG applications into the traditional HOL hardware verication theorems =-=[20]-=-. (c) By combining the correctness theorems (theorems obtained from step 1 and 2) of the verication of the MDG system with the importing theorems (theorems obtained from step 3), the MDG verication ... |

4 | Importing MDG verification results into HOL - Xiong, Curzon, et al. |

4 | Proving existential theorems when importing results from MDG to HOL
- Xiong, Curzon, et al.
- 2001
(Show Context)
Citation Context ...m of the design, the corresponding theorem will be proved. We also provide HOL tactics for expanding the semantics of the circuit and proving the existential theorem. More detail can be found in [19] =-=[22]-=-. 5.5 Case Study: Verication of the Correctness and Usability Theorems of a Vending Machine So far, we have discussed how to prove translator correctness theorems and importing theorems. We have comb... |

3 | Using a verification system to reason about postcompletion errors - Curzon, Blandford - 2000 |

3 | VeriTech: Translating among specifications and verification tools - Katz, Grumberg - 1999 |

3 | Hierarchical formal verification using a hybrid tool, Software Tools for Technology Transfer - Kort, Tahar, et al. - 2003 |

3 | Integrating model checking and theorem proving in a reflective functional language - Melham - 2004 |

3 | Three approaches to hardware verification - Tahar, Curzon, et al. - 1998 |

2 | Providing automated verification in HOL using MDGs - Mhamdi, Tahar - 2004 |