The design and proof of correctness of a fault-tolerant circuit

Abstract

The flowing achievements are presented in view graph form: (1) a formal statement of interactive consistency conditions in the Boyer-Moore logic; (2) a formal statement of the oral messages (OM) algorithm in the Boyer-Moore logic; (3) a mechanically checked proof that OM satisfies the interactive consistency conditions; (4) a mechanically checked proof of the optimality result--no algorithm can tolerate fewer faults than OM yet still achieve interactive consistency; (5) the use of OM in a functional specification for a fault-tolerant device; (6) a formal description of the design of the device; (7) a mechanically checked proof that the device design satisfies the specification; and (8) an implementation of the design in programmable logic arrays