The formal verification of generic interpreters

The task assignment 3 of the design and validation of digital flight control systems suitable for fly-by-wire applications is studied. Task 3 is associated with formal verification of embedded systems. In particular, results are presented that provide a methodological approach to microprocessor verification. A hierarchical decomposition strategy for specifying microprocessors is also presented. A theory of generic interpreters is presented that can be used to model microprocessor behavior. The generic interpreter theory abstracts away the details of instruction functionality, leaving a general model of what an interpreter does

Verification of the FtCayuga fault-tolerant microprocessor system. Volume 2: Formal specification and correctness theorems

Presented here is a formal specification and verification of a property of a quadruplicately redundant fault tolerant microprocessor system design. A complete listing of the formal specification of the system and the correctness theorems that are proved are given. The system performs the task of obtaining interactive consistency among the processors using a special instruction on the processors. The design is based on an algorithm proposed by Pease, Shostak, and Lamport. The property verified insures that an execution of the special instruction by the processors correctly accomplishes interactive consistency, providing certain preconditions hold, using a computer aided design verification tool, Spectool, and the theorem prover, Clio. A major contribution of the work is the demonstration of a significant fault tolerant hardware design that is mechanically verified by a theorem prover

Functional Verification of Power Electronic Systems

This project is the final work of the degree in Industrial Electronics and Automatic Engineering. It has global concepts of electronics but it focuses in power electronic systems. There is a need for reliable testing systems to ensure the good functionality of power electronic systems. The constant evolution of this products requires the development of new testing techniques. This project aims to develop a new testing system to accomplish the functional verification of a new power electronic system manufactured on a company that is in the power electronic sector . This test system consists on two test bed platforms, one to test the control part of the systems and the other one to test their functionality. A software to perform the test is also designed. Finally, the testing protocol is presented. This design is validated and then implemented on a buck converter and an inverter that are manufactured at the company. The results show that the test system is reliable and is capable of testing the functional verification of the two power electronic system successfully. In summary, this design can be introduced in the power electronic production process to test the two products ensuring their reliability in the market

A real-time simulator of a turbofan engine

A real-time digital simulator of a Pratt and Whitney F100 engine has been developed for real-time code verification and for actuator diagnosis during full-scale engine testing. This self-contained unit can operate in an open-loop stand-alone mode or as part of closed-loop control system. It can also be used for control system design and development. Tests conducted in conjunction with the NASA Advanced Detection, Isolation, and Accommodation program show that the simulator is a valuable tool for real-time code verification and as a real-time actuator simulator for actuator fault diagnosis. Although currently a small perturbation model, advances in microprocessor hardware should allow the simulator to evolve into a real-time, full-envelope, full engine simulation

Report on the formal specification and partial verification of the VIPER microprocessor

The formal specification and partial verification of the VIPER microprocessor is reviewed. The VIPER microprocessor was designed by RSRE, Malvern, England, for safety critical computing applications (e.g., aircraft, reactor control, medical instruments, armaments). The VIPER was carefully specified and partially verified in an attempt to provide a microprocessor with completely predictable operating characteristics. The specification of VIPER is divided into several levels of abstraction, from a gate-level description up to an instruction execution model. Although the consistency between certain levels was demonstrated with mechanically-assisted mathematical proof, the formal verification of VIPER was never completed

Using ACL2 to Verify Loop Pipelining in Behavioral Synthesis

Behavioral synthesis involves compiling an Electronic System-Level (ESL) design into its Register-Transfer Level (RTL) implementation. Loop pipelining is one of the most critical and complex transformations employed in behavioral synthesis. Certifying the loop pipelining algorithm is challenging because there is a huge semantic gap between the input sequential design and the output pipelined implementation making it infeasible to verify their equivalence with automated sequential equivalence checking techniques. We discuss our ongoing effort using ACL2 to certify loop pipelining transformation. The completion of the proof is work in progress. However, some of the insights developed so far may already be of value to the ACL2 community. In particular, we discuss the key invariant we formalized, which is very different from that used in most pipeline proofs. We discuss the needs for this invariant, its formalization in ACL2, and our envisioned proof using the invariant. We also discuss some trade-offs, challenges, and insights developed in course of the project.Comment: In Proceedings ACL2 2014, arXiv:1406.123

Heuristic Backtracking Algorithms for SAT

In recent years backtrack search SAT solvers have been the subject of dramatic improvements. These improvements allowed SAT solvers to successfully replace BDDs in many areas of formal verification, and also motivated the development of many new challenging problem instances, many of which too hard for the current generation of SAT solvers. As a result, further improvements to SAT technology are expected to have key consequences in formal verification. The objective of this paper is to propose heuristic approaches to the backtrack step of backtrack search SAT solvers, with the goal of increasing the ability of the SAT solver to search different parts of the search space. The proposed heuristics to the backtrack step are inspired by the heuristics proposed in recent years for the branching step of SAT solvers, namely VSIDS and some of its improvements. The preliminary experimental results are promising, and motivate the integration of heuristic backtracking in state-of-the-art SAT solvers. 1