Single-Threaded Formal Processor Models: Enabling Proof and High-Speed Execution

Formal veriication can be integrated into conventional computer system development by reasoning directly about system simula-tors. However, such simulators must be extremely fast to be usable in a real development eeort. We have developed a methodology for the construction of single-threaded processor models that support both formal analysis and eecient execution. This approach can, in principle, be used with any theorem prover. We describe an instantiation of our approach for models written in the logic of ACL2, and demonstrate its scalability by constructing an executable formal model of the Rockwell JEM1 Java microprocessor. We connrm that this model is single-threaded using a tool we have developed. This check permits the safe use of destructive state update optimizations that bring the performance level of the compiled formal model to that of a conventional simulator written in C.

[1]  Robert S. Boyer,et al.  Automated proofs of object code for a widely used microprocessor , 1996, JACM.

[2]  William R. Bevier,et al.  Kit: A Study in Operating System Verification , 1989, IEEE Trans. Software Eng..

[3]  Matthew Wilding,et al.  Robust Computer System Proofs in PVS , 1997 .

[4]  Matthew Wilding,et al.  Transforming the Theorem Prover into a Digital Design Tool: From Concept Car to Off-Road Vehicle , 1998, CAV.

[5]  Robert S. Boyer,et al.  Mechanized formal reasoning about programs and computing machines , 1997 .

[6]  Mandayam K. Srivas,et al.  Formal verification of the AAMP5 microprocessor: a case study in the industrial use of formal methods , 1995, Proceedings of 1995 IEEE Workshop on Industrial-Strength Formal Specification Techniques.

[7]  Matthew Wilding,et al.  Efficient Simulation of Formal Processor Models , 2001, Formal Methods Syst. Des..

[8]  Robert Veroff,et al.  Automated Reasoning and Its Applications: Essays in Honor of Larry Wos , 1997 .

[9]  J. Strother Moore,et al.  An Industrial Strength Theorem Prover for a Logic Based on Common Lisp , 1997, IEEE Trans. Software Eng..

[10]  Martyn Thomas The industrial use of formal methods , 1993, Microprocess. Microsystems.

[11]  Bishop Brock,et al.  ACL2 Theorems About Commercial Microprocessors , 1996, FMCAD.

[12]  Robert S. Boyer,et al.  A computational logic handbook , 1979, Perspectives in computing.

[13]  Frank Yellin,et al.  The Java Virtual Machine Specification , 1996 .

[14]  Frank Yellin,et al.  The java virtual machine , 1996 .

[15]  K Srivas Mandayam,et al.  Formal Verification of the AAMP-FV Microcode , 1999 .

[16]  John Rushby,et al.  User guide for the pvs specification and verification system (beta release) , 1991 .

[17]  S. Purushothaman Iyer,et al.  A Uniform Treatment of Order of Evalaution and Aggregate Update , 1993, Theor. Comput. Sci..

[18]  David A. Greve Symbolic Simulation of the JEM1 Microprocessor , 1998, FMCAD.