Abstract
The formal verification of a microprocessor involves demonstrating that a specification of the microprocessor is satisfied by its implementation. The incomplete proof of Viper (mostly because it became too time consuming) is of particular interest. Our view of the incomplete proof is that the jump in abstraction between the electronic block model and the specification is too great. By introducing intermediate levels between the two extreme models, the overall proof becomes one of establishing more, but simpler, proofs.
We present our effort to apply Windley's generic interpreter model to a microcoded version of Viper. We redesigned Viper as a hierarchy of five interpreters, each of which is an instance of the generic interpreter. The top level specifies the Viper instruction set and the lowest level specifies an abstraction of a conventional electronic block model. The design and verification was carried out in approximately one person-year.
This work was sponsored under Boeing Contract NAS1-18586, Task Assignment No. 3, with NASA-Langley Research Center.
This is a preview of subscription content, log in via an institution.
Preview
Unable to display preview. Download preview PDF.
References
Tej Arora, Mark Heckman, Sara Kalvala, Tony Leung, Karl Levitt, Tom Schubert, and Phillip Windley. Verification of a microcode implementation of the VIPER microprocessor. Technical report, University of California at Davis, September 1991.
Bishop Brock and Warren Hunt. Report on the formal specification and partial verification of the VIPER microprocessor. Contractor Report 187540, NASA Langley Research Center, 1991.
A. Cohn. A proof of correctness of the viper microprocessor: the first level. VLSI Specification, Verification, and synthesis, G. Birtwhistle and P. S ubrahmanyam, eds., pages 27–71, 1988.
A. Cohn. A proof of correctness of the viper microprocessor: the second level. University of Cambridge computer Laboratory Technical Report, 1989.
W. J. Cullyer. Implementing safety critical systems: The VIPER microprocessor. In G. Birtwhistle and P. A Subrahmanyam, editors, VLSI Specification, Verification, and Synthesis, pages 1–25. Kluwer Academic Press, 1988.
Brian Graham and Graham Birtwhisle. Formalising the design of an SECD chip. In M. Leeser and G. Brown, editors, Workshop on Hardware Specification, Verification, and Synthesis: Mathematical Aspects, Lecture Notes in Computer Science. Springer-Verlag, 1989.
W. A. Hunt. A verified microprocessor. Technical Report 47, The University of Texas at Austin, Dec. 1985.
Jeffrey J. Joyce. Multi-Level Verification of Microprocessor-Based Systems. PhD thesis, Cambridge University, December 1989.
P. J. Windley. The formal verification of generic interpreters. Ph.D Thesis, 1990.
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1994 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Arora, T., Leung, T., Levitt, K., Schubert, T., Windley, P. (1994). Report on the UCD microcoded Viper verification project. In: Joyce, J.J., Seger, CJ.H. (eds) Higher Order Logic Theorem Proving and Its Applications. HUG 1993. Lecture Notes in Computer Science, vol 780. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-57826-9_139
Download citation
DOI: https://doi.org/10.1007/3-540-57826-9_139
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-57826-0
Online ISBN: 978-3-540-48346-5
eBook Packages: Springer Book Archive