S. Owre, J. M. Rushby, N. Shankar, and M. K. Srivas. A tutorial on using PVS for hardware verification. TPCD`94:258--279, 1994.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....for a matching serial execution to be built, and the algorithm to be proved sequentially consistent. We believe that this methodology is suitable for the verification of the sequential consistency of many non coherent memory models, as demonstrated by our applying this proof method, using the PVS [27] theorem prover, to two examples, lazy caching [2, 15] and a ring algorithm [6] 1 . While this methodology is theoretically applicable to coherent snoopy protocols, we believe that it is more complicated than is required for such algorithms. Current work considers increasing the automation of ....

....detailed in Figure 5. In order to construct the serial execution we prove a one to one relationship between executed operations and history table entries. The bulk of the proof effort involved manually defining properties of the lazy caching algorithm and then proving their invariance in the PVS[27] system. We list some of the invariants used in the proof. For every two entries H [x] and H [y] of history table H with timestamps (t x ; r x ; id x ) and (t y ; r y ; id y ) respectively, and x; y size(H) If x 6= y then (t x ; r x ; id x ) 6= t y ; r y ; id y ) Distinct entries have ....

[Article contains additional citation context not shown here]

S. Owre, J. M. Rushby, N. Shankar, and M. K. Srivas. A tutorial on using PVS for hardware verification. TPCD`94:258--279, 1994.

....The framework described is very flexible, but, we believe, firm enough to provide structure and direction to the proof. 4 Using predicted values: three case studies In this section we discuss three applications in which we used predicted values. All of our proofs were verified in the PVS [ORSS94] theorem prover. 4.1 Tomasulo s Algorithm This is the first, and the simplest, of the three applications, and is detailed in [AP99] Tomasulo s algorithm is a simple out of order execution, out of order retirement, scheduling algorithm. The version that we verified dealt only with register to ....

S. Owre, J. M. Rushby, N. Shankar, and M. K. Srivas. A tutorial on using PVS for hardware verification. In R. Kumar and T. Kropf, editors, Theorem Provers in Circuit Design (TPCD '94), volume 910 of Lecture Notes in Computer Science, pages 258--279, Bad Herrenalb, Germany, Sept. 1994. Springer-Verlag. 15

....quite new systems such as PVS [46] Isabelle [42] Nuprl [12] and Coq [5] All of the systems quoted below implement a higher order logic. ffl PVS (Prototype Verification System) is a proof checker based on sequent calculus in a classical logic. It includes numerous decision procedures. 19] and [38] give some examples of its use in hardware. ffl Isabelle is sometimes said to belong to a new category of theorem provers since it is generic in the sense that it allows to encode any logic one wants to consider. It is possible to declare theories using the Isabelle metalogic. Some works about ....

S. Owre, J.M. Rushby, N. Shankar, and M.K. Srivas. A tutorial on using PVS for hardware verification. In Ramayya Kumar and Thomas Kropf, editors, Theorem Provers in Circuit Design -- Theory, Practice & Experience. FZI-Publication, September 1994.

....fhrt hingegen in der Regel auf unentscheidbare Probleme und erfordert eine grundstzlich andere Vorgehensweise. Datenpfade werden meist mit Prdikatenlogik erster oder hherer Stufe beschrieben und durch den Einsatz von interaktiven Theorembeweisern, wie z.B. Nqthm [24] RRL [25] HOL [26] oder PVS [27] verifiziert. Diese Theorembeweiser wurden von verschiedenen Forschungsgruppen bereits eingesetzt (etwa zur Verifikation von Prozessoren [28, 29, 30, 31] Auch wenn in diesem Bereich keine vollstndige Automatisierung erzielbar ist, so lt sich durch geeignete Strukturierung der Beweisziele eine ....

S. Owre, J.M. Rushby, N. Shankar und M.K. Srivas. A tutorial on using PVS for hardware verification. In T. Kropf and R. Kumar, Editoren, Conference on Theorem Provers in Circuit Design (TPCD), volume 901 of Lecture Notes in Computer Science, pp. 258--279, Bad Herrenalb, Germany, 1994. Springer Verlag.

....mechanisms are given in [PS96] Many approaches to the deductive verification of reactive systems and hardware circuits were proposed over the years, accompanied by systems supporting their automation. Examples of applications for hardware verification are the methods described in [Gor86] and [ORSS94] An effective system for the deductive verification of linear temporal logic properties of reactive programs is reported in [MAB 94] There have been also several approaches which combine deductive and algorithmic verification methods. The work in [JS93] combines the HOL theorem prover with ....

S. Owre, J.M. Rushby, N. Shankar, and M.K. Srivas. A tutorial on using PVS for hardware verification. In R. Kumar and T. Kropf, editors, Proc. of the 2nd Conf. on Theorem Provers in Circuit Design, pages 167--188. FZI Publication, Universitat Karlsruhe, 1994. Preiminary Version.

....combined with model checking. Many approaches to the deductive verification of reactive systems and hardware circuits were proposed over the years, accompanied by systems supporting their automation. Examples of applications for hardware verification are the methods described in [Gor86] and [ORSS94] An effective system for the deductive verification of linear temporal logic properties of reactive programs is reported in [MAB 94] There have been also several approaches which combine deductive and algorithmic verification methods. The work in [JS93] combines the HOL theorem prover with ....

S. Owre, J.M. Rushby, N. Shankar, and M.K. Srivas. A tutorial on using PVS for hardware verification. In R. Kumar and T. Kropf, editors, Proceedings of the Second Conferences on Theorem Provers in Circuit Design, pages 167--188. FZI Publication, Universitat Karlsruhe, 1994. Preiminary Version.

.... for first order logic [3] 9] have gained high attention due to their ability to naturally cope with abstractions from data computations when analyzing complex control circuitry while allowing full automation of the proof (in contrast to approaches relying on interactive theorem proving such as [6, 13, 15]) In this paper we introduce the new computational model of Execution Automata and the model of Herbrand Engines based on it. This model combines finite state control with uninterpreted data and function registers, thus yielding a finite representation of infinite state machines. Herbrand engines ....

S. Owre, J.M. Rushby, N. Shankar, and M.K. Srivas. A tutorial on using PVS for hardware verification. In R. Kumar and T. Kropf, editors, Proceedings of the Second Conference on Theorem Provers in Circuit Design, pages 167--188. FZI Publication, Universitat Karlsruhe, 1994. Preliminary Version.

....instruction level time scale. A translation from the relational description used by Gordon into a functional description required by Clam was done by hand. This translation can be automated. For instance, PVS provides assistance in producing the functional representation from the relational one [15]. The correctness theorem asserts that the state of the computer at the specification level is equal to an abstract state of the implementation level each time an instruction is executed. After doing the extensions explained in the next section, the verification proceeded without user ....

....Still, we have tried to compare like with like: both the Clam and Nqthm proofs were carried out by relative beginners to both automated theorem proving and formal reasoning about hardware. 5. 2 PVS The n bit adder, the n bit alu, and the Tamarack microprocessor 6 have been implemented in PVS [10, 15]. The run time for verifying each of these circuits was 2:07, 1:27 and 9:05 minutes respectively in a Sun SparcStation 10. These low run times are explained by the built in decision procedures available to PVS. In these verifications the user must provide the induction parameters and use a ....

S. Owre, J.M. Rushby, N. Shankar, and M.K. Srivas. A Tutorial on Using pvs for Hardware Verification. In 2nd TPCD Conference, Springer-Verlag, 1994.

....grant from the Israeli Ministry of Science and the Arts. y OFFIS, Oldenburg, Germany z Weizmann Institute of Science, Rehovot, Israel complex control circuitry while allowing full automation of the proof (in contrast to approaches relying on interactive theorem proving such as [GM93, ORSS94, SM96] In this paper we propose a proof method for proving correctness of such processor designs based on refinement , and illustrate it by showing correctness of the Tomasulo algorithm [HP96] supporting out of order execution of floating point instructions. The key features of our approach ....

S. Owre, J.M. Rushby, N. Shankar, and M.K. Srivas. A tutorial on using PVS for hardware verification. In R. Kumar and T. Kropf, editors, Proceedings of the Second Conference on Theorem Provers in Circuit Design, pages 167--188. FZI Publication, Universitat Karlsruhe, 1994. Preliminary Version.

....algorithms, data structures and optimizations, they rely crucially on unification. Interactive systems let the user direct each step of the proof. They can implement complicated formalisms, chosen for maximum expressiveness, and typically based on the typed calculus. hol [7, 8] and pvs [23] are used for verification of hardware and real time systems, while Coq [4] is used for formalizing mathematics. Large numbers of axioms say, the description of a cpu design do not overwhelm them, because finding the proof is the user s job. Partial automation is sometimes provided, but a ....

S. Owre, J. M. Rushby, N. Shankar, and M. K. Srivas. A tutorial on using PVS for hardware verification. In R. Kumar, editor, Theorem Provers in Circuit Design: Theory, Practice, and Experience, LNCS 901, pages 258--279. Springer, 1995.

.... the language [42] prover [43] system [44] and semantics [45] Some of the motivation and design decisions for PVS are described in [46] and the utility of its type system is argued in [47] Tutorials provide general introductions to PVS [48 50] plus more specialized treatments for hardware [51], abstract data types [52] tabular and requirements specifications [53] and distributed systems [54] 1 Although the SIFT verification was a significant accomplishment at the time, the paper describing it [21] leaves the impression that the full operating system was verified, as opposed to ....

S. Owre, J. M. Rushby, N. Shankar, and M. K. Srivas. A tutorial on using PVS for hardware verification. In Ramayya Kumar and Thomas Kropf, editors, Theorem Provers in Circuit Design (TPCD '94), volume 910 of Lecture Notes in Computer Science, pages 258--279, Bad Herrenalb, Germany, September 1994. Springer-Verlag.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC