Formal Methods Technology Transfer: A View from NASA
Formal Methods in System Design - Special issue: industrial critical systems
Specification of a Smart Card Operating System
TYPES '99 Selected papers from the International Workshop on Types for Proofs and Programs
| Hi-index | 0.00 |
Consider a network of four processors that use the Oral Messages (Byzantine Generals) algorithm of Pease, Shostak and Lamport to achieve agreement in the presence of faults. Bevier and Young have published a functional description of a single processor that, when interconnected appropriately with three identical others, implements this network under the assumption that the four processors step in synchrony. By formalizing the original Pease, etal work, Bevier and Young mechanically proved that such a network achieves fault tolerance. In this paper we develop, formalize and discuss a hardware design that has been mechanically proved to implement their processor. In particular, we formally define mapping functions from the abstract state space of the Bevier-Young processor to a concrete state space of a hardware module and state a theorem that expresses the claim that the hardware correctly implements the processor. We briefly discuss the Brock-Hunt Formal Hardware Description Language which permits designs both to be proved correct with the Boyer-Moore theorem prover and to be expressed in a commercially supported hardware description language for additional electrical analysis and layout. We briefly describe our implementation.