Modular Verification of SRT Division

AbstractWe describe a formal specification and mechanized verification in PVS of the general theory of SRT division along with a specific hardware realization of the algorithm. The specification demonstrates how attributes of the PVS language (in particular, predicate subtypes) allow the general theory to be developed in a readable manner that is similar to textbook presentations, while the PVS $$table$$ construct allows direct specification of the implementation's quotient lookup table. Verification of the derivations in the SRT theory and for the data path and lookup table of the implementation are highly automated and performed for arbitrary, but finite precision; in addition, the theory is verified for general radix, while the implementation is specialized to radix 4. The effectiveness of the automation stems from the tight integration in PVS of rewriting with decision procedures for equality, linear arithmetic over integers and rationals, and propositional logic. This example demonstrates that the resources of an expressive specification language and of a general-purpose theorem prover are not inimical to highly automated verification in this domain, and can contribute to clarity, generality, and reuse.

[1]  K. D. Tocher TECHNIQUES OF MULTIPLICATION AND DIVISION FOR AUTOMATIC BINARY COMPUTERS , 1958 .

[2]  James E. Robertson,et al.  A New Class of Digital Division Methods , 1958, IRE Trans. Electron. Comput..

[3]  O. L. Macsorley High-Speed Arithmetic in Binary Computers , 1961, Proceedings of the IRE.

[4]  Damiel E. Atkins Higher-Radix Division Using Estimates of the Divisor and Partial Remainders , 1968, IEEE Transactions on Computers.

[5]  Robert E. Shostak,et al.  On the SUP-INF Method for Proving Presburger Formulas , 1977, JACM.

[6]  Michael J. C. Gordon,et al.  Edinburgh LCF: A mechanised logic of computation , 1979 .

[7]  George S. Taylor Compatible hardware for division and square root , 1981, 1981 IEEE 5th Symposium on Computer Arithmetic (ARITH).

[8]  Ansi Ieee,et al.  IEEE Standard for Binary Floating Point Arithmetic , 1985 .

[9]  Shiu-Kai Chin Verified functions for generating signed-binary arithmetic hardware , 1992, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[10]  D. Verkest,et al.  A proof of the nonrestoring division algorithm and its implementation on an ALU , 1994, Formal Methods Syst. Des..

[11]  R. Bryant,et al.  Verification of Arithmetic Functions with Binary Moment Diagrams , 1994 .

[12]  Natarajan Shankar,et al.  Effective Theorem Proving for Hardware Verification , 1994, TPCD.

[13]  Michael J. Flynn,et al.  Design Issues in Floating-Point Division , 1994 .

[14]  Natarajan Shankar,et al.  Formal Verification for Fault-Tolerant Architectures: Prolegomena to the Design of PVS , 1995, IEEE Trans. Software Eng..

[15]  Vaughan R. Pratt Anatomy of the Pentium Bug , 1995, TAPSOFT.

[16]  E.M. Clarke,et al.  Hybrid decision diagrams. Overcoming the limitations of MTBDDs and BMDs , 1995, Proceedings of IEEE International Conference on Computer Aided Design (ICCAD).

[17]  Randal E. Bryant,et al.  Verification of Arithmetic Circuits with Binary Moment Diagrams , 1995, 32nd Design Automation Conference.

[18]  Miriam Leeser,et al.  Verification of a subtractive radix-2 square root algorithm and implementation , 1995, Proceedings of ICCD '95 International Conference on Computer Design. VLSI in Computers and Processors.

[19]  Deepak Kapur,et al.  Mechanically Verifying a Family of Multiplier Circuits , 1996, CAV.

[20]  Edmund M. Clarke,et al.  Verifying the SRT Division Algorithm Using Theorem Proving Techniques , 1996, CAV.

[21]  Edmund M. Clarke,et al.  Word level model checking—avoiding the Pentium FDIV error , 1996, DAC '96.

[22]  Edmund M. Clarke,et al.  Verification of All Circuits in a Floating-Point Unit Using Word-Level Model Checking , 1996, FMCAD.

[23]  Harald Ruess Hierarchical Verification of Two-Dimensional High-Speed Multiplication in PVS: A Case Study , 1996, FMCAD.

[24]  Natarajan Shankar,et al.  Modular Verification of SRT Division , 1996, CAV.

[25]  Paul S. Miner,et al.  Verification of IEEE Compliant Subtractive Division Algorithms , 1996, FMCAD.

[26]  Randal E. Bryant Bit-level analysis of an SRT divider circuit , 1996, DAC '96.

[27]  Limor Fix,et al.  Automatic Datapath Extraction for Efficient Usage of HDD , 1997, CAV.

[28]  Michael J. Flynn,et al.  Design Issues in Division and Other Floating-Point Operations , 1997, IEEE Trans. Computers.

[29]  Natarajan Shankar,et al.  Integration in PVS: Tables, Types, and Model Checking , 1997, TACAS.

[30]  J. Strother Moore,et al.  A Mechanically Checked Proof of the AMD5K86TM Floating Point Division Program , 1998, IEEE Trans. Computers.

[31]  David M. Russinoff A Mechanically Checked Proof of Correctness of the AMD K5 Floating Point Square Root Microcode , 1999, Formal Methods Syst. Des..

[32]  Edmund M. Clarke,et al.  Verifying the SRT Division Algorithm Using Theorem Proving Techniques , 1996, Formal Methods Syst. Des..