Graph-Based Algorithms for Boolean Function Manipulation
IEEE Transactions on Computers
Notions of computation and monads
Information and Computation
Monad transformers and modular interpreters
POPL '95 Proceedings of the 22nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Verification of sequential and concurrent programs (2nd ed.)
Verification of sequential and concurrent programs (2nd ed.)
Denotational sematics of ANSI C
Computer Standards & Interfaces
ASIAN '00 Proceedings of the 6th Asian Computing Science Conference on Advances in Computing Science
Do You Trust Your Model Checker?
FMCAD '00 Proceedings of the Third International Conference on Formal Methods in Computer-Aided Design
Case Studies in Meta-Level Theorem Proving
Proceedings of the 11th International Conference on Theorem Proving in Higher Order Logics
Another Look at Nested Recursion
TPHOLs '00 Proceedings of the 13th International Conference on Theorem Proving in Higher Order Logics
Verification of non-functional programs using interpretations in type theory
Journal of Functional Programming
Imperative Functional Programming with Isabelle/HOL
TPHOLs '08 Proceedings of the 21st International Conference on Theorem Proving in Higher Order Logics
Adapting functional programs to higher order logic
Higher-Order and Symbolic Computation
A monad-based modeling and verification toolbox with application to security protocols
TPHOLs'07 Proceedings of the 20th international conference on Theorem proving in higher order logics
A monadic approach to automated reasoning for Bluespec SystemVerilog
Innovations in Systems and Software Engineering
Verification of BDD normalization
TPHOLs'05 Proceedings of the 18th international conference on Theorem Proving in Higher Order Logics
Hi-index | 0.00 |
Many symbolic model checkers use Binary Decision Diagrams (BDDs) to efficiently determine whether two Boolean formulas are semantically equivalent. For realistic problems, the size of the generated BDDs can be enormous, and constructing them can easily become a performance bottleneck. As a result, most state-of-the-art BDD programs are written as highly optimized imperative C programs, increasing the risk of soundness defects in their implementation. This paper describes the use of monadic interpreters to formally verify BDD algorithms at a higher level of abstraction than the original C program, but still at a concrete enough level to retain their essential imperative features. Our hope is then that verification of the original C program can be achieved by strictly localized refinement reasoning.During this work we encountered the surprising fact that modeling imperative recursive algorithms monadically often results in logical functions that are both partial and nestedly-recursive in their (hidden) state parameters, making termination proofs difficult.