Abstract
We describe a methodology for using a mechanical theorem proving system, ACL2, to verify correctness properties for digital system models. After introducing some of the basic terminology and some of the decisions facing those who wish to formalize digital systems, we introduce ACL2, A Computational Logic for Applicative Common Lisp, which is a functional programming language, a first-order mathematical logic, and a proof development environment including a powerful interactive automated theorem prover. We then show how a simple digital system can be formalized in ACL2 and exhibit or describe formal properties provable about it. We conclude with some bibliographic references to examples of variations of the illustrated approach, various proof strategies, and examples of industrial interest.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bevier W, Hunt WA Jr, Moore JS, Young W (1989) Special issue on system verification. J Autom Reason 5(4):409–530
Boyer RS, Moore JS (1979) A computational logic. Academic, New York
Boyer RS, Moore JS (1981) Metafunctions: proving them correct and using them efficiently as new proof procedures. In: Boyer RS, Moore JS (eds) The correctness problem in computer science. Academic, London
Boyer RS, Moore JS (1997) A computational logic handbook, 2nd edn. Academic, New York
Boyer RS, Moore JS (2002) Single-threaded objects in ACL2. In: PADL 2002, LNCS 2257. Springer, Heidelberg, pp 9–27. http://www.cs.utexas.edu/users/moore/publications/stobj/main.ps.gz
Boyer RS, Yu Y (1996) Automated proofs of object code for a widely used microprocessor. J ACM 43(1):166–192
Brock B, Hunt WA Jr (1999) Formal analysis of the motorola CAP DSP. In: Hinchey M, Bowen J (eds) Industrial-strength formal methods. Springer, Heidelberg
Flatau AD (1992) A verified implementation of an applicative language with dynamic storage allocation. PhD thesis, University of Texas at Austin
Flatau A, Kaufmann M, Reed D, Russinoff D, Smith E, Sumners R (2002) Formal verification of microprocessors at AMD. In: Proceedings of designing correct circuits 2002. http://www.cs.chalmers.se/~ms/DCC02/Slides.html
Goerigk W, Hoffmann U (1998) Rigorous compiler implementation correctness: how to prove the real thing correct. In: Proceedings FM-TRENDS’98 international workshop on current trends in applied formal methods, Boppard, LNCS
Goodstein RL (1964) Recursive number theory. North-Holland, Amsterdam
Greve D, Wilding M (2002) Evaluatable, high-assurance microprocessors. In: NSA high-confidence systems and software conference (HCSS), Linthicum, MD. http://hokiepokie.org/docs/hcss02/proceedings.pdf
Greve D, Wilding M, Hardin D (2000) High-speed, analyzable simulators. In: Kaufmann M, Manolios P, Moore JS (eds) Computer-aided reasoning: ACL2 case studies. Kluwer, Boston, MA, pp 113–136
Greve D, Wilding M, Vanfleet WM (2003) A separation kernel formal security policy. In: ACL2 workshop 2003, Boulder, CO. http://www.cs.utexas.edu/users/moore/acl2/workshop-2003/
Greve D, Richards R, Wilding M (2004) A summary of intrinsic partitioning verification. In: ACL2 workshop 2004, Austin, TX. http://www.cs.utexas.edu/users/moore/acl2/workshop-2003/
Greve D, Wilding M, Richards R, Vanfleet M (2005) Formalizing security policies for dynamic and distributed systems. In: Proceedings of systems and software technology conference (SSTC) 2005, Salt Lake City, UT. http://hokiepokie.org/docs/sstc05.pdf
Greve D, Kaufmann M, Manolios P, Moore JS, Ray S, Ruiz-Reina JL, Sumners R, Vroon D, Wilding M (2008) Efficient execution in an automated reasoning environment. J Funct Program 18(01):15–46
Hardin D, Wilding M, Greve D (1998) Transforming the theorem prover into a digital design tool: from concept car to off-road vehicle. In: Hu AJ, Vardi MY (eds) Computer-aided verification – CAV ’98, Lecture notes in computer science, vol 1427. Springer, Heidelberg. See http://pobox.com/users/hokie/docs/concept.ps
Hardin DS, Smith EW, Young WD (2006) A robust machine code proof framework for highly secure applications. In: ACL2 ’06: proceedings of the sixth international workshop on the ACL2 theorem prover and its applications. ACM, New York, NY, pp 11–20. DOI http://doi.acm.org/10.1145/1217975.1217978
Hunt WA Jr (1994) FM8501: a verified microprocessor. LNAI 795. Springer, Heidelberg
Hunt WA Jr (2000) The DE language. In: Kaufmann M, Manolios P, Moore JS (eds) Computer-aided reasoning: ACL2 case studies. Kluwer, Boston, MA, pp 151–166
Hunt WA Jr, Brock B (1992) A formal HDL and its use in the FM9001 verification. Philosophical Transactions of the Royal Society: Physical and Engineering Sciences, 339(1652):35–47
Hunt WA Jr, Kaufmann M, Krug RB, Moore JS, Smith EW (2005) Meta reasoning in ACL2. In: Hurd J, Melham T (eds) 18th international conference on theorem proving in higher order logics: TPHOLs 2005, Lecture notes in computer science, vol 3603. Springer, Heidelberg, pp 163–178
Kaufmann M (2008) Aspects of ACL2 User interaction (Invited talk, 8th international workshop on user interfaces for theorem provers (UITP 2008), Montreal, Canada, August, 2008). See www.ags.uni-sb.de/~omega/workshops/UITP08/kaufmann-UITP08/talk.html
Kaufmann M (2009) Abbreviated output for input in ACL2: an implementation case study. In: Proceedings of ACL2 workshop 2009. http://www.cs.utexas.edu/users/sandip/acl2-09
Kaufmann M, Moore JS (1997) A precise description of the ACL2 logic. Technical report, Deparment of Computer Sciences, University of Texas at Austin. http://www.cs.utexas.edu/users/moore/publications/km97a.ps.gz
Kaufmann M, Moore JS (2001) Structured theory development for a mechanized logic. J Autom Reason 26(2):161–203
Kaufmann M, Moore JS (2008a) An ACL2 tutorial. In: Proceedings of theorem proving in higher order logics, 21st international conference, TPHOLs 2008. Springer, Heidelberg. See http://dx.doi.org/10.1007/978-3-540-71067-7_4
Kaufmann M, Moore JS (2008b) Proof search debugging tools in ACL2. In: A Festschrift in honour of Prof. Michael J. C. Gordon FRS. Royal Society, London
Kaufmann M, Moore JS (2009) The ACL2 home page. http://www.cs.utexas.edu/users/moore/acl2/
Kaufmann M, Manolios P, Moore JS (eds) (2000a) Computer-aided reasoning: ACL2 case studies. Kluwer, Boston, MA
Kaufmann M, Manolios P, Moore JS (2000b) Computer-aided reasoning: an approach. Kluwer, Boston, MA
Kaufmann M, Moore JS, Ray S, Reeber E (2009) Integrating external deduction tools with ACL2. J Appl Logic 7(1):3–25
Kaufmann M, Moore JS, Ray S (in press) Foundations of automated induction for a structured mechanized logic
Liu H (2006) Formal specification and verification of a jvm and its bytecode verifier. PhD thesis, University of Texas at Austin
Manolios P (2000) Correctness of pipelined machines. In: Formal methods in computer-aided design, FMCAD 2000, LNCS 1954. Springer, Heidelberg, pp 161–178
Manolios P, Vroon D (2003) Ordinal arithmetic in ACL2. In: ACL2 workshop 2003, Boulder, CO. http://www.cs.utexas.edu/users/moore/acl2/workshop-2003/
Manolios P, Namjoshi K, Sumners R (1999) Linking theorem proving and model-checking with well-founded bisimulation. In: Computed aided verification, CAV ’99, LNCS 1633. Springer, Heidelberg, pp 369–379
Matthews J, Moore JS, Ray S, Vroon D (2006) Verification condition generation via theorem proving. In: Proceedings of 13th international conference on logic for programming, artificial intelligence, and reasoning (LPAR 2006), vol LNCS 4246, pp 362–376
Moore JS (1996) Piton: a mechanically verified assembly-level language. Automated reasoning series. Kluwer, Boston, MA
Moore JS (2008) Mechanized operational semantics: lectures and supplementary material. In: Marktoberdorf summer school 2008: engineering methods and tools for software safety and security. http://www.cs.utexas.edu/users/moore/publications/talks/marktoberdorf-08/index.html
Moore JS, Lynch T, Kaufmann M (1998) A mechanically checked proof of the correctness of the kernel of the AMD5K86 floating point division algorithm. IEEE Trans Comput 47(9): 913–926
Ray S, Hunt WA Jr (2004) Deductive verification of pipelined machines using first-order quantification. In: Proceedings of the 16th international conference on computer-aided verification (CAV 2004), vol LNCS 3117. Springer, Heidelberg, pp 31–43
Ray S, Moore JS (2004) Proof styles in operational semantics. In: Hu AJ, Martin AK (eds) Formal methods in computer-aided design (FMCAD-2004), Lecture notes in computer science, vol 3312. Springer, Heidelberg, pp 67–81
Ray S, Hunt WA Jr, Matthews J, Moore JS (2008) A mechanical analysis of program verification strategies. J Autom Reason 40(4):245–269
Reeber E, Hunt WA Jr (2005) Formalization of the DE2 language. In: Correct hardware design and verification methods (CHARME 2005), vol LNCS 3725. Springer, Heidelberg, pp 20–34
Reeber E, Hunt WA Jr (2006) A SAT-based decision procedure for the subclass of unrollable list functions in ACL2 (SULFA). In: Proceedings of 3rd international joint conference on automated reasoning (IJCAR 2006). Springer, Heidelberg, pp 453–467
Russinoff DM, Flatau A (2000) RTL verification: a floating-point multiplier. In: Kaufmann M, Manolios P, Moore JS (eds) Computer-aided reasoning: ACL2 case studies. Kluwer, Boston, MA, pp 201–232
Russinoff D, Kaufmann M, Smith E, Sumners R (2005) Formal verification of floating-point RTL at AMD using the ACL2 theorem prover. In: IMACS’2005 world congress
Sawada J (2000) Verification of a simple pipelined machine model. In: Kaufmann M, Manolios P, Moore JS (eds) Computer-aided reasoning: ACL2 case studies. Kluwer, Boston, MA, pp 137–150
Sawada J (2002) Formal verification of divide and square root algorithms using series calculation. In: Proceedings of the ACL2 workshop, 2002, Grenoble. http://www.cs.utexas.edu/users/moore/acl2/workshop-2002
Sawada J, Hunt WA Jr (1998) Processor verification with precise exceptions and speculative execution. In: Computer aided verification, CAV ’98, LNCS 1427. Springer, Heidelberg, pp 135–146
Sawada J, Hunt WA Jr (2002) Verification of FM9801: an out-of-order microprocessor model with speculative execution, exceptions, and program modification capability. Formal Methods Syst Des 20(2):187–222
Shankar N (1994) Metamathematics, machines, and Godel’s proof. Cambridge University Press, Cambridge
Shoenfield JR (1967) Mathematical logic. Addison-Wesley, Reading, MA
Steele GL Jr (1990) Common lisp the language, 2nd edn. Digital Press, Burlington, MA
Wilding M (1993) A mechanically verified application for a mechanically verified environment. In: Courcoubetis C (ed) Computer-aided verification – CAV ’93, Lecture Notes in Computer Science, vol 697. Springer, Heidelberg. See ftp://ftp.cs.utexas.edu/pub/boyer/nqthm/wilding-cav93.ps
Young WD (1988) A verified code generator for a subset of Gypsy. Technical report 33. Computational Logic Inc., Austin, TX
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer Science+Business Media, LLC
About this chapter
Cite this chapter
Kaufmann, M., Moore, J.S. (2010). ACL2 and Its Applications to Digital System Verification. In: Hardin, D. (eds) Design and Verification of Microprocessor Systems for High-Assurance Applications. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-1539-9_1
Download citation
DOI: https://doi.org/10.1007/978-1-4419-1539-9_1
Published:
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4419-1538-2
Online ISBN: 978-1-4419-1539-9
eBook Packages: EngineeringEngineering (R0)