Formal verification of a processor with memory management units

In this thesis we present formal verification of a memory management unit which operates under specific conditions. We also present formal verification of a complex processor VAMP with support of address translation by means of a memory management unit. The is an out-of-order 32 bit RISC CPU with DLX instruction set, fully IEEE-compliant floating point units, and a memory unit. The VAMP also supports precise internal and external interrupts. It is modeled on the gate level and verified with respect to its specification. Subject of this thesis is based on the formal proof of the VAMP without address translation [Bey05] and on paper and pencil specification, implementation, and correctness proof of a memory management unit.In dieser Dissertation stellen wir die formale Verifikation einer Memory Management Unit vor, welche nur unter bestimmten Operationsbedingungen korrekt arbeitet. Wir stellen auch die formale Verifikation des VAMP vor, eines komplexen Prozessors, der Adressübersetzung unterstützt. Der VAMP ist eine out-of-order 32-Bit RISC CPU mit DLX Instruktionssatz, vollständig IEEE-konformen Fließkommaeinheiten und einer Speichereinheit. Der VAMP unterstützt präzise interne und externe Interrupts. Er ist auf der Gatterebene modelliert und bezüglich einer formalen Spezifikation verifiziert. Diese Arbeit basiert auf dem formalen Beweis des VAMP ohne Adressübersetzung [Bey05] und auf der Papier-und-Bleistift Spezifikation, Implementierung, und dem Korrektheitsbeweis einer Memory Management Unit aus [Hil05]

Towards composition of verified hardware devices

Computers are being used where no affordable level of testing is adequate. Safety and life critical systems must find a replacement for exhaustive testing to guarantee their correctness. Through a mathematical proof, hardware verification research has focused on device verification and has largely ignored system composition verification. To address these deficiencies, we examine how the current hardware verification methodology can be extended to verify complete systems

Initial flight qualification and operational maintenance of X-29A flight software

A discussion is presented of some significant aspects of the initial flight qualification and operational maintenance of the flight control system softward for the X-29A technology demonstrator. Flight qualification and maintenance of complex, embedded flight control system software poses unique problems. The X-29A technology demonstrator aircraft has a digital flight control system which incorporates functions generally considered too complex for analog systems. Organizational responsibilities, software assurance issues, tools, and facilities are discussed