• Top
  • Documentation
    • Xdoc
    • ACL2-doc
    • Recursion-and-induction
    • Loop$-primer
    • Operational-semantics
      • Operational-semantics-3__annotated-bibliography
        • Bib::bhmy89
        • Bib::liu06
        • Bib::bm96
        • Bib::plotkin04b
        • Bib::bgm90
        • Bib::hkms17
        • Bib::bkm96
        • Bib::moore15
        • Bib::bh99
        • Bib::wilding93
        • Bib::plotkin04a
        • Bib::moore03b
        • Bib::mp02
        • Bib::moore19
        • Bib::manolios00
        • Bib::flatau92
        • Bib::hb92
        • Bib::bm05
        • Bib::goel16
        • Bib::bm73
        • Bib::ghk17
        • Bib::wilding92
        • Bib::moore17
        • Bib::moore96
        • Bib::ghkg14
        • Bib::yu92
        • Bib::hunt85
        • Bib::boh03
        • Bib::mmrv06
        • Bib::bm80
        • Bib::bh97
        • Bib::moore99b
        • Bib::moore14
        • Bib::rm04
        • Bib::by96
        • Bib::sawada00
        • Bib::mccarthy62
        • Bib::bm79
        • Bib::moore99a
        • Bib::sh98
        • Bib::rhmm07
        • Bib::kmm00a
        • Bib::ghk13
        • Bib::moore03a
        • Bib::hk12
        • Bib::mp67
        • Bib::young88
        • Bib::bm97
        • Bib::moore73
        • Bib::kmm00b
        • Bib::bevier87
      • Operational-semantics-1__simple-example
      • Operational-semantics-2__other-examples
      • Operational-semantics-5__history-etc
      • Operational-semantics-4__how-to-find-things
    • Pointers
    • Doc
    • Documentation-copyright
    • Course-materials
    • Args
    • ACL2-doc-summary
    • Finding-documentation
    • Broken-link
    • Doc-terminal-test-2
    • Doc-terminal-test-1
  • Books
  • Boolean-reasoning
  • Projects
  • Debugging
  • Std
  • Proof-automation
  • Macro-libraries
  • ACL2
  • Interfacing-tools
  • Hardware-verification
  • Software-verification
  • Math
  • Testing-utilities

• Operational-semantics-3__annotated-bibliography

Bib::hb92

W. A. Hunt, Jr. and B. Brock, “A Formal HDL and its use in the FM9001 Verification”, Proceedings of the Royal Society, North Holland, April, 1992.



Relevance: a formalized hardware description language and the verification of a fabricated microprocessor described with it; this describes three foundational achievements in formal methods

———

Abstract

A synchronous, hierarchical, occurrence-oriented, hardware description language (HDL) has been formalized with the Boyer-Moore logic. Well-formed HDL circuits are recognized by a predicate, and a unit-clock simulator defines the meaning of circuits expressed in the HDL. This HDL has been used to specify an implementation of the FM9001 microprocessor that has been mechanically proved to implement the FM9001 instruction-level specification. All proofs were mechanically checked using the Boyer-Moore theorem-proving system. The formalization of the HDL, the FM9001 user-level specification, and the FM9001 HDL implementation architecture specification required more than 700 function definitions. The mechanical proof is composed of thousands of theorem prover proof requests and millions of theorem prover inference steps.

———

The verified fabricated microprocessor described here was used in the final hosting of the CLI Verified Stack bib::bhmy89.

But aside from its importance to the Verified Stack, this paper describes three foundational achievements in formal methods:

• the first formal definition of a hardware description language (HDL),
• the first complete proof of a microprocessor design -- including its embedded test logic -- with respect to its high-level ISA specification, and
• the first (and still, only) verified microprocessor that was manufactured and demonstrated to function properly.

For complete details, see the Nqthm script examples/fm9001-piton/fm9001/fm9001-replay.events.