Formal Methods in System Design

, Volume 4, Issue 1, pp 5–31

A proof of the nonrestoring division algorithm and its implementation on an ALU

  • D. Verkest
  • L. Claesen
  • H. De Man


This article describes a proof of the functional correctness of a nonrestoring division algorithm and its implementation on an ALU. The first part of the proof deals with the correctness of the division algorithm with respect to a specification of division on the integer level. The second part is concerned with the correctness of the actual implementation, which is proven by checking several refinements of the algorithm. All the proofs have been mechanically checked with the Boyer-Moore theorem-proving system, in some cases making use of the interactive proof checker for the system.


nonrestoring division algorithm correctness ALU implementation Boyer-Moore theoremproving system 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    H. De Man, J. Rabaey, P. Six, and L. Claesen. Cathedral-II: a silicon compiler for digital signal processing.IEEE Design & Test of Computers, 3(6):73–85, December 1986.Google Scholar
  2. 2.
    P.N. Hilfinger. A high level language and silicon compiler for digital signal processing. InProceedings of IEEE 1985 Custom Integrated Circuits Conference, Portland Oregon, May, IEEE, New York, pp. 213–216, 1985.Google Scholar
  3. 3.
    P. Six, L. Claesen, J. Rabaey, and H. De Man. An intelligent module generation environment. InProceedings of the 23rd Design Automation Conference, Las Vegas, IEEE Computer Society Press, pp. 730–735, July 1986.Google Scholar
  4. 4.
    A. Cohn. A proof of correctness of the VIPER microprocessor: The first level. InVLSI: Specification, Verification and Synthesis, G. Birtwistle and P. Subrahmanyam (eds), Kluwer Academic Publishers, Boston, 1988, pp. 27–71.Google Scholar
  5. 5.
    W.A. Hunt, FM8501: A verified microprocessor. InFrom HDL Descriptions to Guaranteed Correct Circuit Designs, D. Borrione, ed., pp. 85–114, Elsevier Science Publishers, Amsterdam, 1987.Google Scholar
  6. 6.
    D. Verkest, L. Claesen, and H. De Man. Correctness proofs of parameterized hardware modules in the Cathedral-II synthesis environment. InProceedings of EDAC-90, pp. 62–66, Glasgow, Scotland, March 1990.Google Scholar
  7. 7.
    D. Verkest. Verification of parameterized modules using the Boyer-Moore theorem prover. Intermediate Report IMEC-2.A.2-01 of CHARME BRA 3216, July 1990.Google Scholar
  8. 8.
    R.S. Boyer and J.S. Moore.A Computational Logic Handbook. Academic Press, New York, 1988.Google Scholar
  9. 9.
    M. Kaufmann. A user's manual for an interactive enhancement to the Boyer-Moore theorem prover. Technical Report 19. Computational Logic Inc., Austin, TX, May 1988.Google Scholar
  10. 10.
    Schlomo Waser and Michael J. Flynn.Introduction to Arithmetic for Digital System Designers. Holt, Rinehart and Winston, New York, NY, 1982.Google Scholar
  11. 11.
    L. Pierre. The formal proof of sequential circuits described in CASCADE using the Boyer-Moore theorem prover. InFormal VLSI Correctness Verification, VLSI Design Methods, II, L.J.M. Claesen (ed.). Elsevier Science Publishers B.V. (North-Holland), Amsterdam, 1990, pp. 309–328.Google Scholar
  12. 12.
    M. Pauwels. The division operation on the IMEC ALU. Internal report, IMEC, Kapeldreef 75, B-3001 Leuven, Belgium, March 1988.Google Scholar
  13. 13.
    M. Pauwels, D. Lanneer, F. Catthoor, G. Goossens, and H. De Man. Models for bit-true simulation and high-level synthesis of DSP applications. InSecond Great Lakes Symposium on VLSI, pp. 52–59. Kalamazoo, Michigan USA, IEEE Computer Society Press, Los Alamos, CA, February 1992.Google Scholar

Copyright information

© Kluwer Academic Publishers 1994

Authors and Affiliations

  • D. Verkest
    • 1
  • L. Claesen
    • 1
  • H. De Man
    • 1
  1. 1.IMECLeuvenBelgium

Personalised recommendations