Certifying circuits in Type Theory

We investigate how to take advantage of the particular features of the calculus of inductive constructions in the framework of hardware verification. First, we emphasize in a short case study the use of dependent types and of the constructive aspect of the logic for specifying and synthesizing combinatorial circuits. Then, co-inductive types are introduced to model the temporal aspects of sequential synchronous devices. Moore and Mealy automata are co-inductively axiomatized and are used to represent uniformly both the structures and the behaviors of the circuits. This leads to clear, general and elegant proof processes as is illustrated on the example of a realistic circuit: the ATM Switch Fabric. All the proofs are carried out using Coq.

[1]  Thierry Coquand,et al.  Constructions: A Higher Order Proof System for Mechanizing Mathematics , 1985, European Conference on Computer Algebra.

[2]  Eduardo Giménez,et al.  Un calcul de constructions infinies et son application a la verification de systemes communicants , 1996 .

[3]  George H. Mealy,et al.  A method for synthesizing sequential circuits , 1955 .

[4]  Sofiène Tahar,et al.  Practical approaches to the automatic verification of an ATM switch fabric using VIS , 1998, Proceedings of the 8th Great Lakes Symposium on VLSI (Cat. No.98TB100222).

[5]  Paul Curzon,et al.  The Formal Veri cation of the Fairisle ATM Switching Element , 1994 .

[6]  F. Hanna,et al.  Dependent types and formal synthesis , 1992, Philosophical Transactions of the Royal Society of London. Series A: Physical and Engineering Sciences.

[7]  Mark Longley,et al.  Specification and Verification Using Dependent Types , 1990, IEEE Trans. Software Eng..

[8]  Sofiène Tahar,et al.  Three Approaches to Hardware Verification: HOL, MDG and VIS Compared , 1998, FMCAD.

[9]  Steven D. Johnson,et al.  Verification of an optimized fault-tolerant clock synchronization circuit , 1996 .

[10]  Jeffrey D. Ullman,et al.  Introduction to Automata Theory, Languages and Computation , 1979 .

[11]  Randal E. Bryant,et al.  Graph-Based Algorithms for Boolean Function Manipulation , 1986, IEEE Transactions on Computers.

[12]  Thomas Kropf,et al.  Verifying Hardware Correctness by Combining Theorem Proving and Model Checking , 1995 .

[13]  Line Jakubiec,et al.  Hardware Verification Using Co-induction in COQ , 1999, TPHOLs.

[14]  Line Jakubiec,et al.  Coq and Hardware Verification: A Case Study , 1996, TPHOLs.

[15]  Paul Curzon,et al.  Experiences formally verifying a network component , 1994, Proceedings of COMPASS'94 - 1994 IEEE 9th Annual Conference on Computer Assurance.

[16]  Sofiène Tahar,et al.  Hierarchical formal verification using a hybrid tool , 2003, International Journal on Software Tools for Technology Transfer.

[17]  Sofiène Tahar,et al.  A Comparison of MDG and HOL for Hardware Verification , 1996, TPHOLs.

[18]  Derek McAuley,et al.  Fairisle: an ATM network for the local area , 1991, SIGCOMM 1991.

[19]  Miriam Leeser Using Nuprl for the verification and synthesis of hardware , 1992, Philosophical Transactions of the Royal Society of London. Series A: Physical and Engineering Sciences.

[20]  R. Bryant Graph-Based Algorithms for Boolean Function Manipulation12 , 1986 .

[21]  Sofiène Tahar,et al.  Modeling and Automatic Formal Verification of the Fairisle ATM Switch Fabric using MDGs , 1997 .

[22]  Taylor L. Booth,et al.  Sequential machines and automata theory , 1967 .

[23]  Edward F. Moore,et al.  Gedanken-Experiments on Sequential Machines , 1956 .

[24]  Sofiène Tahar,et al.  Comparing HOL and MDG: a Case Study on the Verification of an ATM Switch Fabric , 1999, Nord. J. Comput..

[25]  Sylvain Boulmé,et al.  Certifying Synchrony for Free , 2001, LPAR.