Advertisement

Journal of Automated Reasoning

, Volume 5, Issue 4, pp 461–492 | Cite as

A mechanically verified language implementation

  • J Strother Moore
Article

Abstract

This paper briefly describes a programming language, its implementation on a microprocessor via a compiler and link-assembler, and the mechanically checked proof of the correctness of the implementation. The programming language, called Piton, is a high-level assembly language designed for verified applications and as the target language for high-level language compilers. It provides executeonly programs, recursive subroutine call and return, stack based parameter passing, local variables, global variables and arrays, a user-visible stack for intermediate results, and seven abstract data types including integers, data addresses, program addresses and subroutine names. Piton is formally specified by an interpreter written for it in the computational logic of Boyer and Moore. Piton has been implemented on the FM8502, a general purpose microprocessor whose gate-level design has been mechanically proved to implement its machine code interpreter. The FM8502 implementation of Piton is via a function in the Boyer-Moore logic which maps a Piton initial state into an FM8502 binary core image. The compiler and link-assembler are both defined as functions in the logic. The implementation requires approximately 36K bytes and 1400 lines of prettyprinted source code in the Pure Lisp-like syntax of the logic. The implementation has been mechanically proved correct. In particular, if a Piton state can be run to completion without error, then the final values of all the global data structures can be ascertained from an inspection of an FM8502 core image obtained by running the core image produced by the compiler and link-assembler. Thus, verified Piton programs running on FM8502 can be thought of as having been verified down to the gate level.

Key words

Assembler automatic theorem proving code verification compiler computational logic correctness linker loader machine code microprocessor program verification programming language semantics system verification 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Boyer, R. S. and Moore, J S., A Computational Logic, Academic Press, New York, 1979.Google Scholar
  2. 2.
    Boyer, R. S. and Moore, J S., ‘A verification condition generator for FORTRAN’, in The Correctness Problem in Computer Sicence (R. S. Boyer and J S. Moore, eds), Academic Press, London, 1981.Google Scholar
  3. 3.
    Boyer, R. S. and Moore, J S., ‘A user's manual for a computational logic’, Tech. Rept 18, Computational Logic, Inc., Suite 290, 1717 West Sixth Street, Austin, TX 78703, 1988.Google Scholar
  4. 4.
    Craigen, Dan, A Description of m-Verdi [Working Draft], I.P. Sharp Associates, Ltd, 1986.Google Scholar
  5. 5.
    Gerhart, S. L., Musser, D. R., Thompson, D. H., Baker, D. A., Bates, R. L., Erickson, R. W., London, R. L., Taylor, D. G. and Wile, D. S., ‘An overview of AFFIRM: a specification and verification system’, Information Processing 80 (S. H. Lavington, ed.), North Holland, October, 1980, pp. 343–348.Google Scholar
  6. 6.
    Good, Donald I., ‘Mechanical proofs about computer programs’, in Mathematical Logic and Programming Languages (C. A. R. Hoare and J. C. Shepherdson, eds), Prentice-Hall International Series in Computer Science, 1985, pp. 55–75.Google Scholar
  7. 7.
    Good, D. I., Akers, R. L. and Smith, L. M., Report on Gypsy 2.05-January 1986, Computational Logic, Inc., Suite 290, 1717 West Sixth Street, Austin, TX 78703, 1986.Google Scholar
  8. 8.
    Smith, Michael K., Good, Donald I. and DiVito, Benedetto L., Using the Gypsy Methodology, Computational Logic, Inc., Suite 290, 1717 West Sixth Street, Austin, TX 78703, 1988. Revised January 1988.Google Scholar
  9. 9.
    Gordon, Mike, ‘Proving a computer correct’, Tech. Rept TR 42, Univ. of Cambridge, Computer Laboratory, 1983.Google Scholar
  10. 10.
    Hunt, W. A. Jr., ‘FM8501: A verified microprocessor’, Univ. of Texas at Austin, December, 1985. Also available through Computational Logic, Inc., Suite 290, 1717 West Sixth Street, Austin, TX 78703.Google Scholar
  11. 11.
    Melliar-Smith, P. M. and Schwartz, R., ‘Hierarchical specification of the SIFT fault-tolerant flight control system’, Tech. Rept CSL-123, Computer Science Laboratory, SRI International, Menlo Park, Ca., 1981.Google Scholar
  12. 12.
    Moore, J S., ‘Piton: a verified assembly level language’, Tech. Rept 22, Computational Logic, Inc., 1717 West Sixth Street, Suite 290, Austin, TX 78703, 1988.Google Scholar
  13. 13.
    Musser, David R. and Cyrluk, David A., AFFIRM-85 Installation Guide and Reference Manual Update, General Electric Corporate Research and Development, 1985.Google Scholar
  14. 14.
    Neumann, P. G., Robinson, L., Levitt, K., Boyer, R. and Saxena, A., ‘A provably secure operating system’, Tech. Rept CSL-116, Computer Science Laboratory, SRI International, 1977.Google Scholar
  15. 15.
    Polak, W., Compiler Specification and Verification, Springer-Verlag, Berlin, 1981.Google Scholar
  16. 16.
    Robinson, L. and Levitt, K., ‘Proof techniques for hierarchically structured programs’, Comm. ACM 20, 4 (April 1977).Google Scholar
  17. 17.
    Saaltink, Mark, The Verdi Logic [Working Draft], I.P. Sharp Associates, Ltd, 1986.Google Scholar
  18. 18.
    Stanat, D. F., Thomas, T. A. and Dunham, J. R., ‘Proceedings of a formal verification/design proof peer review’, Tech. Rept RTI/2094/13–01F, Research Triangle Institute, PO Box 12194, Research Triangle Park, N.C. 27709, 1984.Google Scholar
  19. 19.
    Stanford Verification Group, Stanford Pascal Verifier User Manual, Standford Univ., 1979.Google Scholar
  20. 20.
    Thompson, D. and Erikson, W., AFFIRM Reference Manual, USC Information Sciences Institute, 4676 Admiralty Way, Marina Del Rey, Ca. 90291, 1981.Google Scholar

Copyright information

© Kluwer Academic Publishers 1989

Authors and Affiliations

  • J Strother Moore
    • 1
  1. 1.Computational Logic, Inc.AustinU.S.A.

Personalised recommendations