Issue No. 01 - January (1995 vol. 44)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/12.368009
<p><it>Abstract—</it>Formal verification has long been promised as a means of reducing the amount of testing required to ensure correct VLSI devices. Verification requires at least two mathematical models: one that describes the structure of a computer system and another that models its intended behavior. These models are called <it>specifications</it>. Verification is a mathematical analysis showing that the behavior follows from the structure. Formal verification of microprocessor designs has been quite successful. Indeed, several verified microprocessors have been presented in the literature, and one microprocessor where formal modeling has been applied is commercially available. These efforts were virtuoso performances—largely academic exercises carried out by experts in logic and specification.</p><p>This paper presents a methodology for microprocessor verification that significantly reduces the learning curve for performing verification. The methodology is formalized in the HOL theorem-proving system. The paper includes a description of a large case study performed to evaluate the methodology.</p><p>The novel aspects of this research include the use of abstract theories to formalize hardware models. Because our model is described using abstract theories, it provides a framework for both the specification and the verification. This framework reduces the number of ad hoc modeling decisions that must be made to complete the verification. Another unique aspect of our research is the use of hierarchical abstractions to reduce the number of difficult lemmas in completing the verification. Our formalism frees the user from directly reasoning about the difficult aspects of modeling the hierarchy, namely the temporal and data abstractions.</p><p>We believe that our formalism, coupled with case studies and tools, allows microprocessor verification to be done by engineers with relatively little experience in microprocessor specification or logic. We are currently testing that hypothesis by using the methodology to teach graduate students formal microprocessor modeling.</p>
P. J. Windley, "Formal Modeling and Verification of Microprocessors," in IEEE Transactions on Computers, vol. 44, no. , pp. 54-72, 1995.