Managing Complexity through Abstraction: A Refinement-Based Approach to Formalize Instruction Set Architectures
Verifying the functional correctness of a processor requires a sound and complete specification of its Instruction Set Architecture (ISA). Current industrial practice is to describe a processor’s ISA informally using natural language often with added semi-formal notation to capture the functional intent of the instructions. This leaves scope for errors and inconsistencies. In this paper we present a method to specify, design and construct sound and complete ISAs by stepwise refinement and formal proof using the formal method Event-B. We discuss how the automatically generated Proof Obligations help to ensure self-consistency of the formal ISA model, and how desirable properties of ISAs can be enforced within this modeling framework. We have developed a generic ISA modeling template in Event-B to facilitate reuse. The key value of reusing such a template is increased model integrity. Our method is now being used to formalize the ISA of the XMOS XCore processor with the aim to guarantee that the documentation of the XCore matches the silicon and the silicon matches the architectural intent.
KeywordsProof Obligation Internal Storage Choice Point Program Counter Generic Template
Unable to display preview. Download preview PDF.
- 1.International Technology Roadmap for Semiconductors, chap. Design, p. 19 (2009), http://www.itrs.net
- 5.ARM Ltd: ARM Architecture Refernce Manual, AMVv7-A and ARMv7-R edn.Google Scholar
- 10.Fox, A.: A HOL specification of the ARM instruction set architecture. Tech. Rep. UCAM-CL-TR-545, University of Cambridge, Computer Laboratory (June 2001)Google Scholar
- 11.Fox, A.: An algebraic framework for modelling and verifying microprocessors using HOL. Tech. Rep. UCAM-CL-TR-512, University of Cambridge, Computer Laboratory (March 2001)Google Scholar
- 12.Fox, A., Myreen, M.: A trustworthy monadic formalization of the ARMv7 instruction set architecture. Interactive Theorem Proving, ITP (2010)Google Scholar
- 17.May, D.: The XMOS XS1 Architecture. XMOS Limited (2009)Google Scholar
- 18.Medeiros Jr., V., Déharbe, D.: Formal Modelling of a Microcontroller Instruction Set in B. In: Formal Methods: Foundations and Applications: 12th Brazilian Symposium on Formal Methods, pp. 282–289 (2009)Google Scholar
- 19.Page, D.: CRISP: A Cryptographic RISC Processor, pagecs.bris.ac.uk
- 21.Wile, B., Goss, J.C., Roesner, W.: Comprehensive Functional Verification. Morgan Kaufmann, San Francisco (2005)Google Scholar
- 23.Wright, S.: Automatic Generation of C from Event-B. In: IM_FMT 2009 Workshop on Integration of Model-based Formal Methods and Tools (February 2009)Google Scholar