The Formal Verification of Safety-critical Assembly Code
暂无分享,去创建一个
Abstract This paper describes the use of the SPADE static analysis and verification tools to model, analyse and formally verify the LUCOL assembly code modules used in the fuel control unit of the Rolls-Royce RB211-524G jet engine. This is probably the first tool-supported formal proof of correctness of safety-critical assembly code in the U.K. The work described is further novel in a number of aspects: the construction of a rigorous model of Z8002 assembly code amenable to analysis and formal verification by SPADE, the rapid development in Prolog of a translator from Z8002 assembly code to FDL (SPADE’s modelling language), the formalisation of the written specifications provided into pre- and post-conditions expressed in first-order predicate calculus, and the use of the SPADE Proof Checker to carry out the proofs of correctness.
[1] D. L. Clutterbuck,et al. The verification of low-level code , 1988, Softw. Eng. J..
[2] Bernard Carré,et al. Information-flow and data-flow analysis of while-programs , 1985, TOPL.