Modular Verification of SRT Division

We describe a formal specification and verification in PVS for the general theory of SRT division, and for the hardware design of a specific implementation. The specification demonstrates how attributes of the PVS language (in particular, predicate subtypes) allow the general theory to be developed in a readable manner that is similar to textbook presentations, while the PVS table construct allows direct specification of the implementation's quotient look-up table. Verification of the derivations in the SRT theory and for the data path and look-up table of the implementation are highly automated and performed for arbitrary, but finite precision; in addition, the theory is verified for general radix, while the implementation is specialized to radix 4. The effectiveness of the automation derives from PVS's tight integration of rewriting with decision procedures for equality, linear arithmetic over integers and rationals, and propositional logic. This example demonstrates that the resources of an expressive specification language and of a general-purpose theorem prover are not inimical to highly automated verification in this domain, and can contribute to clarity, generality, and reuse.

[1]  D. Verkest,et al.  A proof of the nonrestoring division algorithm and its implementation on an ALU , 1994, Formal Methods Syst. Des..

[2]  Edmund M. Clarke,et al.  Verifying the SRT Division Algorithm Using Theorem Proving Techniques , 1996, CAV.

[3]  Shiu-Kai Chin Verified functions for generating signed-binary arithmetic hardware , 1992, IEEE Trans. Comput. Aided Des. Integr. Circuits Syst..

[4]  Ansi Ieee,et al.  IEEE Standard for Binary Floating Point Arithmetic , 1985 .

[5]  K. D. Tocher TECHNIQUES OF MULTIPLICATION AND DIVISION FOR AUTOMATIC BINARY COMPUTERS , 1958 .

[6]  Edmund M. Clarke,et al.  Word level model checking—avoiding the Pentium FDIV error , 1996, DAC '96.

[7]  Limor Fix,et al.  Automatic Datapath Extraction for Efficient Usage of HDD , 1997, CAV.

[8]  Michael J. Flynn,et al.  Design Issues in Floating-Point Division , 1994 .

[9]  James E. Robertson,et al.  A New Class of Digital Division Methods , 1958, IRE Trans. Electron. Comput..

[10]  R. Bryant,et al.  Verification of Arithmetic Functions with Binary Moment Diagrams , 1994 .

[11]  Michael J. C. Gordon,et al.  Edinburgh LCF: A mechanised logic of computation , 1979 .

[12]  Vaughan R. Pratt Anatomy of the Pentium Bug , 1995, TAPSOFT.

[13]  Miriam Leeser,et al.  Verification of a subtractive radix-2 square root algorithm and implementation , 1995, Proceedings of ICCD '95 International Conference on Computer Design. VLSI in Computers and Processors.

[14]  E.M. Clarke,et al.  Hybrid decision diagrams. Overcoming the limitations of MTBDDs and BMDs , 1995, Proceedings of IEEE International Conference on Computer Aided Design (ICCAD).

[15]  Natarajan Shankar,et al.  Formal Verification for Fault-Tolerant Architectures: Prolegomena to the Design of PVS , 1995, IEEE Trans. Software Eng..

[16]  Xudong Zhao,et al.  Word Level Symbolic Model Checking: A New Approach for Verifying Arithmetic Circuits , 1995 .

[17]  George S. Taylor Compatible hardware for division and square root , 1981, 1981 IEEE 5th Symposium on Computer Arithmetic (ARITH).

[18]  S Miner Paul,et al.  Defining the IEEE-854 Floating-Point Standard in PVS , 1995 .

[19]  O. L. Macsorley High-Speed Arithmetic in Binary Computers , 1961, Proceedings of the IRE.

[20]  Damiel E. Atkins Higher-Radix Division Using Estimates of the Divisor and Partial Remainders , 1968, IEEE Transactions on Computers.

[21]  Randal E. Bryant,et al.  Verification of Arithmetic Circuits with Binary Moment Diagrams , 1995, 32nd Design Automation Conference.

[22]  Randal E. Bryant Bit-level analysis of an SRT divider circuit , 1996, DAC '96.

[23]  Robert E. Shostak,et al.  On the SUP-INF Method for Proving Presburger Formulas , 1977, JACM.

[24]  Michael J. Flynn,et al.  Design Issues in Division and Other Floating-Point Operations , 1997, IEEE Trans. Computers.