Abstract

In previous work, we explored the interaction between different formal hardware development techniques in the implementation of a fault-tolerant clock synchronization circuit. This case study presents a clever optimization of the earlier design and illustrates how we have extended our framework to support its incremental design refinement. The primary design tool represents circuits as systems of stream equations, where each stream corresponds to a signal within the circuit. These signals are annotated with invariants which can be established using proof by co-induction. These invariants are exploited to verify localized design refinements. This study lays groundwork for a more formal integration of disparate reasoning tools.

Highlights

  • A significant amount of effort within the formal methods community has been focused on how to verify hardware using particular verification systems

  • The circuit was developed using a combination of the Prototype Verification System (PVS) developed at SRI [8], the DDD system developed at Indiana University [1], and a BDD-based tautology checker

  • We adopt the convention that for every stream defined in PVS, we introduce lemmas for simplifying the hd and tl

Read more

Summary

Introduction

A significant amount of effort within the formal methods community has been focused on how to verify hardware using particular verification systems. Hunt’s implementation of a functional memory model by an explicitly synchronized process exposed a gap in the derivation path While this particular kind of problem has been addressed [17, 10], we believe that derivation gaps are an inevitable consequence of creativity in design and engineering. Even if one has somehow incorporated automatic provers and rewriters for lower level tasks, we believe that reasoning environments should support a variety of reasoning formalisms At some point, such a system may employ the more unified view of a logical framework, but, for the present, experience is needed in the coordinated use of multiple interactive systems. Our goal is to develop a formalized design environment that supports annotation of signals with invariants (and handles all the associated bookkeeping aspects), so that a designer can explore various optimizations in a rigorous manner

Related Work and Prior Developments
Verification Strategy
Overview of DDD
Overview of PVS
Reasoning about Streams in PVS
Stream Definition
Stream Equivalence
Signal Invariants
Fault-Tolerant Clock Synchronization
Description of the sub-circuit
Optimization
Verification
Establishing Invariants
Concluding Remarks
Full Text
Paper version not known

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.