Automatic formal verification of DSP software
Proceedings of the 37th Annual Design Automation Conference
Rewriting for Symbolic Execution of State Machine Models
CAV '01 Proceedings of the 13th International Conference on Computer Aided Verification
Refinement and theorem proving
SFM'06 Proceedings of the 6th international conference on Formal Methods for the Design of Computer, Communication, and Software Systems
Specification and Verification of Concurrent Programs Through Refinements
Journal of Automated Reasoning
On the Behaviours Produced by Instruction Sequences under Execution
Fundamenta Informaticae
| Hi-index | 0.00 |
We describe our formal specification of Motorola's Complex Arithmetic Processor (CAP) DSP and our subsequent use of this specification to verify the correctness of several DSP algorithms. We wrote the specification in the ACL2 logic and carried out the mechanical proofs using the ACL2 theorem-proving system. Motorola's CAP is a super-scalar, pipelined DSP with seven memories and more than 20 functional units. Our formal specification is bit-for-bit exact, and was created by hand translating Motorola's drawings for the CAP. We believe that the specification developed is the largest of its kind, as this is the only formal specification of which we are aware for a complete commercial design. Proving the correctness of the DSP algorithms (programs) required proving the correctness of programs with 317-bit instructions and a non-interlocking execution pipeline. This Motorola DSP has a 1.8 million transistor implementation. This project involved both CLI and Motorola personnel and represents more than eight man-years of effort.