The DUAL-EVAL Hardware Description Language and Its Use in the Formal Specification and Verification of the FM9001 Microprocessor

We present the full formal semantics of the DUAL-EVAL hardware description language. DUAL-EVAL is a hierarchical, occurrence-oriented simulator for synchronous Mealy machines. We briefly describe the FM9001 microprocessor, whose design has been formally specified with the DUAL-EVAL language and mechanically proved correct with respect to a behavioral specification. The FM9001 has been fabricated as a CMOS ASIC and tested extensively.

[1]  W. Young Verified compilation in micro-Gypsy , 1989 .

[2]  Warren A. Hunt FM8501: A Verified Microprocessor , 1994, Lecture Notes in Computer Science.

[3]  W. J. Cullyer Implementing Safety-Critical Systems: The VIPER Microprocessor , 1988 .

[4]  Arthur David Flatau,et al.  A verified implementation of an applicative language with dynamic storage allocation , 1992 .

[5]  Avra Cohn,et al.  A Proof of Correctness of the Viper Microprocessor: The First Level , 1988 .

[6]  John McCarthy It’s Past Time for Practical Computer Checked Proofs of Program Correctness , 1990 .

[7]  Robert S. Boyer,et al.  A computational logic handbook , 1979, Perspectives in computing.

[8]  Randal E. Bryant,et al.  Formal verification by symbolic evaluation of partially-ordered trajectories , 1995, Formal Methods Syst. Des..

[9]  Tom Melham,et al.  Hardware Verification using Higher−Order Logic , 1986 .

[10]  Michael J. C. Gordon,et al.  The semantic challenge of Verilog HDL , 1995, Proceedings of Tenth Annual IEEE Symposium on Logic in Computer Science.

[11]  M. Gordon,et al.  Introduction to HOL: a theorem proving environment for higher order logic , 1993 .

[12]  Steven D. Johnson,et al.  DDD-FM9001: Derivation of a Verified Microprocessor , 1993, CHARME.

[13]  Phillip J. Windley Formal Modeling and Verification of Microprocessors , 1995, IEEE Trans. Computers.

[14]  Sérgio Vale Aguiar Campos,et al.  Symbolic Model Checking , 1993, CAV.

[15]  J. Strother Moore Piton: A Mechanically Verified Assembly-Level Language , 1996 .

[16]  Michael Yoeli Formal Verification of Hardware Design , 1990 .

[17]  Randal E. Bryant Verification of Synchronous Circuits by Symbolic Logic Simulation , 1989, Hardware Specification, Verification and Synthesis.

[18]  W. Hunt,et al.  A formal HDL and its use in the FM9001 verification , 1992, Philosophical Transactions of the Royal Society of London. Series A: Physical and Engineering Sciences.

[19]  Mark Bickford,et al.  Formal verification of a pipelined microprocessor , 1990, IEEE Software.

[20]  Carlos Delgado Kloos,et al.  Formal Semantics for VHDL , 1995 .

[21]  M. Gordon,et al.  PROVING A COMPUTER CORRECT IN HIGHER ORDER LOGIC , 1986 .

[22]  Richard J. Boulton,et al.  The HOL verification of ELLA designs , 1990 .

[23]  Steven D. Johnson Manipulating Logical Organization with System Factorizations , 1989, Hardware Specification, Verification and Synthesis.

[24]  Bishop Brock,et al.  Introduction to a Formally Defined Hardware Description Language , 1992, TPCD.

[25]  Miriam Leeser,et al.  From Programs to Transistors: Verifying Hardware Synthesis Tools , 1989, Hardware Specification, Verification and Synthesis.

[26]  K Srivas Mandayam,et al.  Formal Verification of an Avionics Microprocessor , 1995 .

[27]  Matthew Wilding,et al.  A Mechanically Verified Application for a Mechanically Verified Environment , 1993, CAV.