C.H. Pygott. Formal Proof of Correspondence Between the Specification of a Hardware Module and its Gate Level Implementation. Report 85012, Royal Signals and Radar Establishment, Malvern, Worcestershire (United Kingdom), November, 1985.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....one s interpretation of proven , could be called a false claim; no formal proofs of Viper (to the author s knowledge) have thus far been done at or near the gate level. The gate level design of Viper has been checked by C. Pygott using an innovative simulation method called intelligent exhaustion [25], but it has not yet been formally verified. Such assertions as those quoted, taken as assurances of the impossibility of design failure in safety critical applications, could have catastrophic results. To summarize: ffl Neither an intended behaviour nor a physical chip is an object to which the ....

C. H. Pygott, Formal Proof of a Correspondence between the Specification of a Hardware Module and its Gate Level Implementation, RSRE Report No. 85012, Nov. 1985

....describes an Nqthm based mechanized proof system Unity. Our work finds its closest relatives in the very active field of hardware verification. See [Yoe90] for a tutorial introduction to and overview of the field. In common with our work, many formal models of microprocessors, e.g. Hun85] [Pyg85], and [Joy90] quantitatively measure time in cycles. A particularly intriguing title, given the title of this work, is J. Joyce s Formal Specification and Verification of Asynchronous Processes in Higher Order Logic [Joy88] The report deals with the same problem confronted in [Hun85] namely ....

Pygott, C.H.: Formal proof of correspondence between the specification of a hardware module and its gate level implementation. Report 85012, Royal Signals and Radar Establishment, Malvern, Worcestershire (United Kingdom), November 1985.

....simulation without explicit simulation of every possible input pattern. The remainder of this Section consists of an introduction to the IE tech13 The Formal Specification and Partial Verification of VIPER Technical Report #46 14 VIPER Proof Efforts Levels Ref. Notes Block ( Implementation [Pyg85] ELLA specifications were analyzed by Intelligent Exhaustion simulation. The reference is to the method; the analyses are not documented. Top ( Major State [CP85,Cul86] A hand proof, later invalidated. The first reference is to the method, the second documents the proof attempt. Top ( Major ....

....realizations of the blocklevel designs in the proprietary CAD languages HILO and FDL. These gatelevel designs were automatically translated to ELLA for IE simulation. The IE simulations uncovered errors in the initial designs that would have been virtually impossible to find by simulation [Pyg85]. The low level verification of VIPER by Intelligent Exhaustion remains incomplete, however, for two important reasons. Most importantly, RSRE never proved that the input patterns used for IE simulation provided complete coverage of every possible case [Pyg] The complete IE analysis of VIPER ....

[Article contains additional citation context not shown here]

C H Pygott. Formal Proof of Correspondence Between the Specification of a Hardware Module and its Gate Level Implementation. Report 85002, Royal Signals and Radar Establishment, Malvern, Worcestershire (United Kingdom), November 1985.

No context found.

C.H. Pygott. Formal Proof of Correspondence Between the Specification of a Hardware Module and its Gate Level Implementation. Report 85012, Royal Signals and Radar Establishment, Malvern, Worcestershire (United Kingdom), November, 1985.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC