SlideShare a Scribd company logo

Using Formal Methods to Create Instruction Set Architectures

D
DVClub
Technology
1 of 23
Download to read offline
Using Formal Methods to Create Instruction Set Architectures Steve Wright Bristol University Department of COMPUTER SCIENCE
Steve Wright • Chartered Software Engineer. • 8 years at Rolls-Royce. • 2 years at STMicroelectronics. • 7 years at Airbus. • Now at University of Bristol.
ISA Applications
Objective Formally construct all possible outcomes for an instruction set during program execution.
Normal Operation “I'm completely operational, and all my circuits are functioning perfectly.” Actions easy to identify.
Failure Conditions “Open the pod bay doors, HAL.” “I'm sorry Dave, I'm afraid I can't do that.” Harder to identify.
Formal Methods • Define “events”: “actions” predicated by “guards”. • Use set theory to prove that one or more events is subset of a single more abstract event. • “Model Checking” needed to prove that refined events fully implement abstract.
ISA Common Properties • Binary image in contiguous memory. • Instructions selected by “Program Counter”. • All operations as bit-manipulations between registers. • Register data stored across multiple contiguous memory locations.
Top-level Abstraction RUNNING/FAILED/HALTED state and instruction: Iterate = BEGIN act1: inst :∈ INST act2: status :∈ STATE END
First Refinement Loading REFINES Iterate WHEN grd1: status = LOADING THEN act1: inst :∈ Inst act2: status :∈ { LOADING, RUNNING} END Running REFINES Iterate WHEN grd1: status = RUNNING THEN act1: inst :∈ Inst // Instruction is updated act3: status :∈ { RUNNING, HALTED, FAILED} END Halted // Explicit deadlock achieved REFINES Iterate WHEN grd1: status = HALTED THEN skip END Failed // Explicit deadlock achieved REFINES Iterate WHEN grd1: status = FAILED THEN skip END Create state machine to switch states RUNNING/FAILED/HALTED: =
32nd(!) Refinement NopOk REFINES NopOk ANY op opVal nextInstPtr WHERE grd6: op : DataByte grd7: op = mem(instPtr) grd5: opVal : 0..255 grd2: opVal = DataByte2Int(op) grd1: opVal = 16 grd3: instPtr <= 99992 grd4: statusCode = 2 grd8: nextInstPtr : -2147483647.. 2147483647 grd9: nextInstPtr = instPtr + 1 THEN act1: instPtr := nextInstPtr END For example, the humble NOP:
Proof Obligations status = RUNNING ⇒ status ∈ {LOADING,RUNNING,HALTED,FAILED}
Proof Obligations ∀x · x∈MemArrayDom ⇒ (memArrayDataLongmemIndex ↦DataBytes2DataLong(resByte(0) ↦resByte(1) ↦resByte(2) ↦resByte(3))})(x) = DataBytes2DataLong((memArrayDataBytememIndex ↦resByte(0)}memIndex+1 ↦resByte(1)}memIndex+2 ↦resByte(2)}memIndex+3 ↦resByte(3)})(x) ↦(memArrayDataBytememIndex ↦resByte(0)}memIndex+1 ↦resByte(1)}memIndex+2 ↦resByte(2)}memIndex+3 ↦resByte(3)})(x+1) ↦(memArrayDataBytememIndex ↦resByte(0)}memIndex+1 ↦resByte(1)}memIndex+2 ↦resByte(2)}memIndex+3 ↦resByte(3)})(x+2) ↦(memArrayDataBytememIndex ↦resByte(0)}memIndex+1 ↦resByte(1)}memIndex+2 ↦resByte(2)}memIndex+3 ↦resByte(3)})(x+3))
Tool Support
RODIN • Integrated Development Environment for Event-B. • Eclipse-based. • Windows, Linux and Mac. • Free, open-source. • Extensible via Java plug-ins.
“MIDAS” Example Machines • Stack and register machines. • 35 instructions. • “Modified Harvard” memory architecture. • Stack and Register Variants
MIDAS Events 35 instructions ⇒ 112 events i.e. Many more failure cases than OK cases.
VM Auto-generation NopOk REFINES NopOk ANY op opVal nextInstPtr WHERE grd6: op : DataSmall grd7: op = mem(instPtr) grd5: opVal : DataSmallNat grd2: opVal= DataSmall2Nat(op) grd1: opVal = 16 grd3: instPtr <= 99994 grd4: statusCode = 2 grd8: nextInstPtr : DataLargeNat grd9: nextInstPtr = instPtr + 1 THEN act1: instPtr := nextInstPtr END /* Event5 [NopOk] */ BOOL NopOk(void) { /* Local variable declarations */ DataLargeNat nextInstPtr; DataSmall op; DataSmallNat opVal; /* Guard 1 */ op = mem[instPtr]; DataSmall2Nat(op,&opVal); if(opVal!=16) return BFALSE; /* Guard 2 */ if(instPtr>99994) return BFALSE; /* Guard 3 */ if(statusCode!=2) return BFALSE; /* Local assignments in actions */ nextInstPtr = (instPtr+1); /* Actions */ instPtr = nextInstPtr; /* Report hit */ ReportEventbEvent("NopOk",5); return BTRUE; } > B2C >
Compiled Target Executable int x; for(x=0;x<10;x++) { /* Do nothing */ } .L3: # Addsi [fp] [fp] 1 # imm push 1 psh.si.im 1 # indirect push [fp] psh.si.in fp ari.si.add # indirect pop [fp] pop.si.in fp pop.si.di void pop.si.di void .L2: # Cmp [fp] 9 # CondBra [fp] 9 le # imm push 9 psh.si.im 9 # indirect push [fp] psh.si.in fp cmp.si.le pop.si.di void pop.si.di void # bra.tr .L3 psh.ad.im .L3 jmp.ad.tr pop.ad.di void > GCC >
Program Execution
Future Work • Expand Event-B to enhance the process. • Model checking (dead- lock/determinism). • Apply to existing ISAs.
Summary • EventB can capture generic properties and refine to example. • RODIN allows refinement to executable.
Questions ?

Recommended

New text document
New text documentNew text document
New text documentTam Ngo
 
Александр Терещук - Memory Analyzer Tool and memory optimization tips in Android
Александр Терещук - Memory Analyzer Tool and memory optimization tips in AndroidАлександр Терещук - Memory Analyzer Tool and memory optimization tips in Android
Александр Терещук - Memory Analyzer Tool and memory optimization tips in AndroidUA Mobile
 
Database c# connetion
Database c# connetionDatabase c# connetion
Database c# connetionChristofer Toledo
 
Database connectivity in python
Database connectivity in pythonDatabase connectivity in python
Database connectivity in pythonbaabtra.com - No. 1 supplier of quality freshers
 
Ruby on Rails Developer - Allerin
Ruby on Rails Developer - AllerinRuby on Rails Developer - Allerin
Ruby on Rails Developer - AllerinLauree R
 
Do something in 5 with gas 2-graduate to a database
Do something in 5 with gas 2-graduate to a databaseDo something in 5 with gas 2-graduate to a database
Do something in 5 with gas 2-graduate to a databaseBruce McPherson
 
Do something in 5 minutes with gas 1-use spreadsheet as database
Do something in 5 minutes with gas 1-use spreadsheet as databaseDo something in 5 minutes with gas 1-use spreadsheet as database
Do something in 5 minutes with gas 1-use spreadsheet as databaseBruce McPherson
 
Do something in 5 with gas 3-simple invoicing app
Do something in 5 with gas 3-simple invoicing appDo something in 5 with gas 3-simple invoicing app
Do something in 5 with gas 3-simple invoicing appBruce McPherson
 

Recommended

New text document
New text documentNew text document
New text documentTam Ngo
 
Александр Терещук - Memory Analyzer Tool and memory optimization tips in Android
Александр Терещук - Memory Analyzer Tool and memory optimization tips in AndroidАлександр Терещук - Memory Analyzer Tool and memory optimization tips in Android
Александр Терещук - Memory Analyzer Tool and memory optimization tips in AndroidUA Mobile
 
Database c# connetion
Database c# connetionDatabase c# connetion
Database c# connetionChristofer Toledo
 
Database connectivity in python
Database connectivity in pythonDatabase connectivity in python
Database connectivity in pythonbaabtra.com - No. 1 supplier of quality freshers
 
Ruby on Rails Developer - Allerin
Ruby on Rails Developer - AllerinRuby on Rails Developer - Allerin
Ruby on Rails Developer - AllerinLauree R
 
Do something in 5 with gas 2-graduate to a database
Do something in 5 with gas 2-graduate to a databaseDo something in 5 with gas 2-graduate to a database
Do something in 5 with gas 2-graduate to a databaseBruce McPherson
 
Do something in 5 minutes with gas 1-use spreadsheet as database
Do something in 5 minutes with gas 1-use spreadsheet as databaseDo something in 5 minutes with gas 1-use spreadsheet as database
Do something in 5 minutes with gas 1-use spreadsheet as databaseBruce McPherson
 
Do something in 5 with gas 3-simple invoicing app
Do something in 5 with gas 3-simple invoicing appDo something in 5 with gas 3-simple invoicing app
Do something in 5 with gas 3-simple invoicing appBruce McPherson
 
Fetch data from form
Fetch data from formFetch data from form
Fetch data from formShahriar Malik
 
Do something useful in Apps Script 5. Get your analytics pageviews to a sprea...
Do something useful in Apps Script 5. Get your analytics pageviews to a sprea...Do something useful in Apps Script 5. Get your analytics pageviews to a sprea...
Do something useful in Apps Script 5. Get your analytics pageviews to a sprea...Bruce McPherson
 
Do something in 5 with gas 7-email log
Do something in 5 with gas 7-email logDo something in 5 with gas 7-email log
Do something in 5 with gas 7-email logBruce McPherson
 
Bootstrap
BootstrapBootstrap
BootstrapNexThoughts Technologies
 
Do something in 5 with gas 4- Get your analytics profiles to a spreadsheet
Do something in 5 with gas 4- Get your analytics profiles to a spreadsheetDo something in 5 with gas 4- Get your analytics profiles to a spreadsheet
Do something in 5 with gas 4- Get your analytics profiles to a spreadsheetBruce McPherson
 
Java Performance Tweaks
Java Performance TweaksJava Performance Tweaks
Java Performance TweaksJim Bethancourt
 
Retrieving data from database using result set (1)
Retrieving data from database using result set (1)Retrieving data from database using result set (1)
Retrieving data from database using result set (1)rishisingh190
 
Discussion of NGRX-Entity
Discussion of NGRX-EntityDiscussion of NGRX-Entity
Discussion of NGRX-EntityNate Kidwell
 
Presentation cs313 (1)
Presentation cs313 (1)Presentation cs313 (1)
Presentation cs313 (1)ไกรสรวัฒน์ ปัญโญ
 
Lesson3
Lesson3Lesson3
Lesson3เจ้าพ่อ มาเฟีย
 
Managing Data and Operation Distribution In MongoDB
Managing Data and Operation Distribution In MongoDBManaging Data and Operation Distribution In MongoDB
Managing Data and Operation Distribution In MongoDBJason Terpko
 
The Singleton Pattern In Java
The Singleton Pattern In JavaThe Singleton Pattern In Java
The Singleton Pattern In JavaKohei Nozaki
 
Triggers In MongoDB
Triggers In MongoDBTriggers In MongoDB
Triggers In MongoDBJason Terpko
 
MongoDB Chunks - Distribution, Splitting, and Merging
MongoDB Chunks - Distribution, Splitting, and MergingMongoDB Chunks - Distribution, Splitting, and Merging
MongoDB Chunks - Distribution, Splitting, and MergingJason Terpko
 
MongoDB Scalability Best Practices
MongoDB Scalability Best PracticesMongoDB Scalability Best Practices
MongoDB Scalability Best PracticesJason Terpko
 
10 chapter6 heaps_priority_queues
10 chapter6 heaps_priority_queues10 chapter6 heaps_priority_queues
10 chapter6 heaps_priority_queuesSSE_AndyLi
 
Polyglot parallelism
Polyglot parallelismPolyglot parallelism
Polyglot parallelismPhillip Toland
 
No More Deadlocks; Asynchronous Programming in .NET
No More Deadlocks; Asynchronous Programming in .NETNo More Deadlocks; Asynchronous Programming in .NET
No More Deadlocks; Asynchronous Programming in .NETFilip Ekberg
 
Memory management
Memory managementMemory management
Memory managementKuban Dzhakipov
 
Przywitaj się z reactive extensions
Przywitaj się z reactive extensionsPrzywitaj się z reactive extensions
Przywitaj się z reactive extensionsMarcin Juraszek
 
LagaanLeadership
LagaanLeadershipLagaanLeadership
LagaanLeadershipSanjay Patil
 
Actualidade
ActualidadeActualidade
ActualidadeJose Rosa
 

More Related Content

What's hot

Do something useful in Apps Script 5. Get your analytics pageviews to a sprea...
Do something useful in Apps Script 5. Get your analytics pageviews to a sprea...Do something useful in Apps Script 5. Get your analytics pageviews to a sprea...
Do something useful in Apps Script 5. Get your analytics pageviews to a sprea...Bruce McPherson
 
Do something in 5 with gas 7-email log
Do something in 5 with gas 7-email logDo something in 5 with gas 7-email log
Do something in 5 with gas 7-email logBruce McPherson
 
Do something in 5 with gas 4- Get your analytics profiles to a spreadsheet
Do something in 5 with gas 4- Get your analytics profiles to a spreadsheetDo something in 5 with gas 4- Get your analytics profiles to a spreadsheet
Do something in 5 with gas 4- Get your analytics profiles to a spreadsheetBruce McPherson
 
Retrieving data from database using result set (1)
Retrieving data from database using result set (1)Retrieving data from database using result set (1)
Retrieving data from database using result set (1)rishisingh190
 
Discussion of NGRX-Entity
Discussion of NGRX-EntityDiscussion of NGRX-Entity
Discussion of NGRX-EntityNate Kidwell
 
Managing Data and Operation Distribution In MongoDB
Managing Data and Operation Distribution In MongoDBManaging Data and Operation Distribution In MongoDB
Managing Data and Operation Distribution In MongoDBJason Terpko
 
The Singleton Pattern In Java
The Singleton Pattern In JavaThe Singleton Pattern In Java
The Singleton Pattern In JavaKohei Nozaki
 
Triggers In MongoDB
Triggers In MongoDBTriggers In MongoDB
Triggers In MongoDBJason Terpko
 
MongoDB Chunks - Distribution, Splitting, and Merging
MongoDB Chunks - Distribution, Splitting, and MergingMongoDB Chunks - Distribution, Splitting, and Merging
MongoDB Chunks - Distribution, Splitting, and MergingJason Terpko
 
MongoDB Scalability Best Practices
MongoDB Scalability Best PracticesMongoDB Scalability Best Practices
MongoDB Scalability Best PracticesJason Terpko
 
10 chapter6 heaps_priority_queues
10 chapter6 heaps_priority_queues10 chapter6 heaps_priority_queues
10 chapter6 heaps_priority_queuesSSE_AndyLi
 
No More Deadlocks; Asynchronous Programming in .NET
No More Deadlocks; Asynchronous Programming in .NETNo More Deadlocks; Asynchronous Programming in .NET
No More Deadlocks; Asynchronous Programming in .NETFilip Ekberg
 
Przywitaj się z reactive extensions
Przywitaj się z reactive extensionsPrzywitaj się z reactive extensions
Przywitaj się z reactive extensionsMarcin Juraszek
 

What's hot (20)

Fetch data from form
Fetch data from formFetch data from form
Fetch data from form
 
Do something useful in Apps Script 5. Get your analytics pageviews to a sprea...
Do something useful in Apps Script 5. Get your analytics pageviews to a sprea...Do something useful in Apps Script 5. Get your analytics pageviews to a sprea...
Do something useful in Apps Script 5. Get your analytics pageviews to a sprea...
 
Do something in 5 with gas 7-email log
Do something in 5 with gas 7-email logDo something in 5 with gas 7-email log
Do something in 5 with gas 7-email log
 
Bootstrap
BootstrapBootstrap
Bootstrap
 
Do something in 5 with gas 4- Get your analytics profiles to a spreadsheet
Do something in 5 with gas 4- Get your analytics profiles to a spreadsheetDo something in 5 with gas 4- Get your analytics profiles to a spreadsheet
Do something in 5 with gas 4- Get your analytics profiles to a spreadsheet
 
Java Performance Tweaks
Java Performance TweaksJava Performance Tweaks
Java Performance Tweaks
 
Retrieving data from database using result set (1)
Retrieving data from database using result set (1)Retrieving data from database using result set (1)
Retrieving data from database using result set (1)
 
Discussion of NGRX-Entity
Discussion of NGRX-EntityDiscussion of NGRX-Entity
Discussion of NGRX-Entity
 
Presentation cs313 (1)
Presentation cs313 (1)Presentation cs313 (1)
Presentation cs313 (1)
 
Lesson3
Lesson3Lesson3
Lesson3
 
Managing Data and Operation Distribution In MongoDB
Managing Data and Operation Distribution In MongoDBManaging Data and Operation Distribution In MongoDB
Managing Data and Operation Distribution In MongoDB
 
The Singleton Pattern In Java
The Singleton Pattern In JavaThe Singleton Pattern In Java
The Singleton Pattern In Java
 
Triggers In MongoDB
Triggers In MongoDBTriggers In MongoDB
Triggers In MongoDB
 
MongoDB Chunks - Distribution, Splitting, and Merging
MongoDB Chunks - Distribution, Splitting, and MergingMongoDB Chunks - Distribution, Splitting, and Merging
MongoDB Chunks - Distribution, Splitting, and Merging
 
MongoDB Scalability Best Practices
MongoDB Scalability Best PracticesMongoDB Scalability Best Practices
MongoDB Scalability Best Practices
 
10 chapter6 heaps_priority_queues
10 chapter6 heaps_priority_queues10 chapter6 heaps_priority_queues
10 chapter6 heaps_priority_queues
 
Polyglot parallelism
Polyglot parallelismPolyglot parallelism
Polyglot parallelism
 
No More Deadlocks; Asynchronous Programming in .NET
No More Deadlocks; Asynchronous Programming in .NETNo More Deadlocks; Asynchronous Programming in .NET
No More Deadlocks; Asynchronous Programming in .NET
 
Memory management
Memory managementMemory management
Memory management
 
Przywitaj się z reactive extensions
Przywitaj się z reactive extensionsPrzywitaj się z reactive extensions
Przywitaj się z reactive extensions
 

Viewers also liked

The merenda project by the newbies
The merenda project by the newbiesThe merenda project by the newbies
The merenda project by the newbiesIoulia Kyriakoulakou
 
Resumehandout foreducators
Resumehandout foreducatorsResumehandout foreducators
Resumehandout foreducatorsChandru Jangin
 
Mision especial04
Mision especial04Mision especial04
Mision especial04VictorSpeix
 
Meteor JavaScript Platform: The Perfect Match For (Lean) Startups
Meteor JavaScript Platform: The Perfect Match For (Lean) StartupsMeteor JavaScript Platform: The Perfect Match For (Lean) Startups
Meteor JavaScript Platform: The Perfect Match For (Lean) StartupsFahmi Fachreza
 
Dom. pernety maçonaria - ritual alquimico secreto
Dom. pernety maçonaria - ritual alquimico secretoDom. pernety maçonaria - ritual alquimico secreto
Dom. pernety maçonaria - ritual alquimico secretofalundile
 

Viewers also liked (11)

LagaanLeadership
LagaanLeadershipLagaanLeadership
LagaanLeadership
 
Actualidade
ActualidadeActualidade
Actualidade
 
Igor e wesley
Igor e wesleyIgor e wesley
Igor e wesley
 
The merenda project by the newbies
The merenda project by the newbiesThe merenda project by the newbies
The merenda project by the newbies
 
Resumehandout foreducators
Resumehandout foreducatorsResumehandout foreducators
Resumehandout foreducators
 
06 2016
06 201606 2016
06 2016
 
curriculum spa
curriculum spacurriculum spa
curriculum spa
 
Unidade5 2012 csa_v2_gabarit_op171a175
Unidade5 2012 csa_v2_gabarit_op171a175Unidade5 2012 csa_v2_gabarit_op171a175
Unidade5 2012 csa_v2_gabarit_op171a175
 
Mision especial04
Mision especial04Mision especial04
Mision especial04
 
Meteor JavaScript Platform: The Perfect Match For (Lean) Startups
Meteor JavaScript Platform: The Perfect Match For (Lean) StartupsMeteor JavaScript Platform: The Perfect Match For (Lean) Startups
Meteor JavaScript Platform: The Perfect Match For (Lean) Startups
 
Dom. pernety maçonaria - ritual alquimico secreto
Dom. pernety maçonaria - ritual alquimico secretoDom. pernety maçonaria - ritual alquimico secreto
Dom. pernety maçonaria - ritual alquimico secreto
 

Similar to Using Formal Methods to Create Instruction Set Architectures

TAROT2013 Testing School - Leonardo Mariani presentation
TAROT2013 Testing School - Leonardo Mariani presentationTAROT2013 Testing School - Leonardo Mariani presentation
TAROT2013 Testing School - Leonardo Mariani presentationHenry Muccini
 
Functional Operations - Susan Potter
Functional Operations - Susan PotterFunctional Operations - Susan Potter
Functional Operations - Susan Potterdistributed matters
 
Jdbc oracle
Jdbc oracleJdbc oracle
Jdbc oracleyazidds2
 
Advance data structure & algorithm
Advance data structure & algorithmAdvance data structure & algorithm
Advance data structure & algorithmK Hari Shankar
 
Large volume data analysis on the Typesafe Reactive Platform
Large volume data analysis on the Typesafe Reactive PlatformLarge volume data analysis on the Typesafe Reactive Platform
Large volume data analysis on the Typesafe Reactive PlatformMartin Zapletal
 
Basic terminologies & asymptotic notations
Basic terminologies & asymptotic notationsBasic terminologies & asymptotic notations
Basic terminologies & asymptotic notationsRajendran
 
Java OOP Programming language (Part 8) - Java Database JDBC
Java OOP Programming language (Part 8) - Java Database JDBCJava OOP Programming language (Part 8) - Java Database JDBC
Java OOP Programming language (Part 8) - Java Database JDBCOUM SAOKOSAL
 
Jan vitek distributedrandomforest_5-2-2013
Jan vitek distributedrandomforest_5-2-2013Jan vitek distributedrandomforest_5-2-2013
Jan vitek distributedrandomforest_5-2-2013Sri Ambati
 
High Performance Systems Without Tears - Scala Days Berlin 2018
High Performance Systems Without Tears - Scala Days Berlin 2018High Performance Systems Without Tears - Scala Days Berlin 2018
High Performance Systems Without Tears - Scala Days Berlin 2018Zahari Dichev
 
SequoiaDB Distributed Relational Database
SequoiaDB Distributed Relational DatabaseSequoiaDB Distributed Relational Database
SequoiaDB Distributed Relational Databasewangzhonnew
 
Operating and Supporting Delta Lake in Production
Operating and Supporting Delta Lake in ProductionOperating and Supporting Delta Lake in Production
Operating and Supporting Delta Lake in ProductionDatabricks
 
Beyond Breakpoints: A Tour of Dynamic Analysis
Beyond Breakpoints: A Tour of Dynamic AnalysisBeyond Breakpoints: A Tour of Dynamic Analysis
Beyond Breakpoints: A Tour of Dynamic AnalysisFastly
 
ComputeFest 2012: Intro To R for Physical Sciences
ComputeFest 2012: Intro To R for Physical SciencesComputeFest 2012: Intro To R for Physical Sciences
ComputeFest 2012: Intro To R for Physical Sciencesalexstorer
 
Hierarchical free monads and software design in fp
Hierarchical free monads and software design in fpHierarchical free monads and software design in fp
Hierarchical free monads and software design in fpAlexander Granin
 
Functional Reactive Programming with RxJS
Functional Reactive Programming with RxJSFunctional Reactive Programming with RxJS
Functional Reactive Programming with RxJSstefanmayer13
 

Similar to Using Formal Methods to Create Instruction Set Architectures (20)

TAROT2013 Testing School - Leonardo Mariani presentation
TAROT2013 Testing School - Leonardo Mariani presentationTAROT2013 Testing School - Leonardo Mariani presentation
TAROT2013 Testing School - Leonardo Mariani presentation
 
Functional Operations - Susan Potter
Functional Operations - Susan PotterFunctional Operations - Susan Potter
Functional Operations - Susan Potter
 
Jdbc oracle
Jdbc oracleJdbc oracle
Jdbc oracle
 
Advance data structure & algorithm
Advance data structure & algorithmAdvance data structure & algorithm
Advance data structure & algorithm
 
Large volume data analysis on the Typesafe Reactive Platform
Large volume data analysis on the Typesafe Reactive PlatformLarge volume data analysis on the Typesafe Reactive Platform
Large volume data analysis on the Typesafe Reactive Platform
 
Basic terminologies & asymptotic notations
Basic terminologies & asymptotic notationsBasic terminologies & asymptotic notations
Basic terminologies & asymptotic notations
 
Lesson 39
Lesson 39Lesson 39
Lesson 39
 
AI Lesson 39
AI Lesson 39AI Lesson 39
AI Lesson 39
 
Java OOP Programming language (Part 8) - Java Database JDBC
Java OOP Programming language (Part 8) - Java Database JDBCJava OOP Programming language (Part 8) - Java Database JDBC
Java OOP Programming language (Part 8) - Java Database JDBC
 
Java
JavaJava
Java
 
Jan vitek distributedrandomforest_5-2-2013
Jan vitek distributedrandomforest_5-2-2013Jan vitek distributedrandomforest_5-2-2013
Jan vitek distributedrandomforest_5-2-2013
 
High Performance Systems Without Tears - Scala Days Berlin 2018
High Performance Systems Without Tears - Scala Days Berlin 2018High Performance Systems Without Tears - Scala Days Berlin 2018
High Performance Systems Without Tears - Scala Days Berlin 2018
 
SequoiaDB Distributed Relational Database
SequoiaDB Distributed Relational DatabaseSequoiaDB Distributed Relational Database
SequoiaDB Distributed Relational Database
 
Operating and Supporting Delta Lake in Production
Operating and Supporting Delta Lake in ProductionOperating and Supporting Delta Lake in Production
Operating and Supporting Delta Lake in Production
 
Beyond Breakpoints: A Tour of Dynamic Analysis
Beyond Breakpoints: A Tour of Dynamic AnalysisBeyond Breakpoints: A Tour of Dynamic Analysis
Beyond Breakpoints: A Tour of Dynamic Analysis
 
ComputeFest 2012: Intro To R for Physical Sciences
ComputeFest 2012: Intro To R for Physical SciencesComputeFest 2012: Intro To R for Physical Sciences
ComputeFest 2012: Intro To R for Physical Sciences
 
Clojure functions midje
Clojure functions midjeClojure functions midje
Clojure functions midje
 
RxJava on Android
RxJava on AndroidRxJava on Android
RxJava on Android
 
Hierarchical free monads and software design in fp
Hierarchical free monads and software design in fpHierarchical free monads and software design in fp
Hierarchical free monads and software design in fp
 
Functional Reactive Programming with RxJS
Functional Reactive Programming with RxJSFunctional Reactive Programming with RxJS
Functional Reactive Programming with RxJS
 

More from DVClub

IP Reuse Impact on Design Verification Management Across the Enterprise
IP Reuse Impact on Design Verification Management Across the EnterpriseIP Reuse Impact on Design Verification Management Across the Enterprise
IP Reuse Impact on Design Verification Management Across the EnterpriseDVClub
 
Cisco Base Environment Overview
Cisco Base Environment OverviewCisco Base Environment Overview
Cisco Base Environment OverviewDVClub
 
Intel Xeon Pre-Silicon Validation: Introduction and Challenges
Intel Xeon Pre-Silicon Validation: Introduction and ChallengesIntel Xeon Pre-Silicon Validation: Introduction and Challenges
Intel Xeon Pre-Silicon Validation: Introduction and ChallengesDVClub
 
Verification of Graphics ASICs (Part II)
Verification of Graphics ASICs (Part II)Verification of Graphics ASICs (Part II)
Verification of Graphics ASICs (Part II)DVClub
 
Verification of Graphics ASICs (Part I)
Verification of Graphics ASICs (Part I)Verification of Graphics ASICs (Part I)
Verification of Graphics ASICs (Part I)DVClub
 
Stop Writing Assertions! Efficient Verification Methodology
Stop Writing Assertions! Efficient Verification MethodologyStop Writing Assertions! Efficient Verification Methodology
Stop Writing Assertions! Efficient Verification MethodologyDVClub
 
Validating Next Generation CPUs
Validating Next Generation CPUsValidating Next Generation CPUs
Validating Next Generation CPUsDVClub
 
Verification Automation Using IPXACT
Verification Automation Using IPXACTVerification Automation Using IPXACT
Verification Automation Using IPXACTDVClub
 
Validation and Design in a Small Team Environment
Validation and Design in a Small Team EnvironmentValidation and Design in a Small Team Environment
Validation and Design in a Small Team EnvironmentDVClub
 
Trends in Mixed Signal Validation
Trends in Mixed Signal ValidationTrends in Mixed Signal Validation
Trends in Mixed Signal ValidationDVClub
 
Verification In A Global Design Community
Verification In A Global Design CommunityVerification In A Global Design Community
Verification In A Global Design CommunityDVClub
 
Design Verification Using SystemC
Design Verification Using SystemCDesign Verification Using SystemC
Design Verification Using SystemCDVClub
 
Verification Strategy for PCI-Express
Verification Strategy for PCI-ExpressVerification Strategy for PCI-Express
Verification Strategy for PCI-ExpressDVClub
 
SystemVerilog Assertions (SVA) in the Design/Verification Process
SystemVerilog Assertions (SVA) in the Design/Verification ProcessSystemVerilog Assertions (SVA) in the Design/Verification Process
SystemVerilog Assertions (SVA) in the Design/Verification ProcessDVClub
 
Efficiency Through Methodology
Efficiency Through MethodologyEfficiency Through Methodology
Efficiency Through MethodologyDVClub
 
Pre-Si Verification for Post-Si Validation
Pre-Si Verification for Post-Si ValidationPre-Si Verification for Post-Si Validation
Pre-Si Verification for Post-Si ValidationDVClub
 
OpenSPARC T1 Processor
OpenSPARC T1 ProcessorOpenSPARC T1 Processor
OpenSPARC T1 ProcessorDVClub
 
Intel Atom Processor Pre-Silicon Verification Experience
Intel Atom Processor Pre-Silicon Verification ExperienceIntel Atom Processor Pre-Silicon Verification Experience
Intel Atom Processor Pre-Silicon Verification ExperienceDVClub
 
Using Assertions in AMS Verification
Using Assertions in AMS VerificationUsing Assertions in AMS Verification
Using Assertions in AMS VerificationDVClub
 
Low-Power Design and Verification
Low-Power Design and VerificationLow-Power Design and Verification
Low-Power Design and VerificationDVClub
 

More from DVClub (20)

IP Reuse Impact on Design Verification Management Across the Enterprise
IP Reuse Impact on Design Verification Management Across the EnterpriseIP Reuse Impact on Design Verification Management Across the Enterprise
IP Reuse Impact on Design Verification Management Across the Enterprise
 
Cisco Base Environment Overview
Cisco Base Environment OverviewCisco Base Environment Overview
Cisco Base Environment Overview
 
Intel Xeon Pre-Silicon Validation: Introduction and Challenges
Intel Xeon Pre-Silicon Validation: Introduction and ChallengesIntel Xeon Pre-Silicon Validation: Introduction and Challenges
Intel Xeon Pre-Silicon Validation: Introduction and Challenges
 
Verification of Graphics ASICs (Part II)
Verification of Graphics ASICs (Part II)Verification of Graphics ASICs (Part II)
Verification of Graphics ASICs (Part II)
 
Verification of Graphics ASICs (Part I)
Verification of Graphics ASICs (Part I)Verification of Graphics ASICs (Part I)
Verification of Graphics ASICs (Part I)
 
Stop Writing Assertions! Efficient Verification Methodology
Stop Writing Assertions! Efficient Verification MethodologyStop Writing Assertions! Efficient Verification Methodology
Stop Writing Assertions! Efficient Verification Methodology
 
Validating Next Generation CPUs
Validating Next Generation CPUsValidating Next Generation CPUs
Validating Next Generation CPUs
 
Verification Automation Using IPXACT
Verification Automation Using IPXACTVerification Automation Using IPXACT
Verification Automation Using IPXACT
 
Validation and Design in a Small Team Environment
Validation and Design in a Small Team EnvironmentValidation and Design in a Small Team Environment
Validation and Design in a Small Team Environment
 
Trends in Mixed Signal Validation
Trends in Mixed Signal ValidationTrends in Mixed Signal Validation
Trends in Mixed Signal Validation
 
Verification In A Global Design Community
Verification In A Global Design CommunityVerification In A Global Design Community
Verification In A Global Design Community
 
Design Verification Using SystemC
Design Verification Using SystemCDesign Verification Using SystemC
Design Verification Using SystemC
 
Verification Strategy for PCI-Express
Verification Strategy for PCI-ExpressVerification Strategy for PCI-Express
Verification Strategy for PCI-Express
 
SystemVerilog Assertions (SVA) in the Design/Verification Process
SystemVerilog Assertions (SVA) in the Design/Verification ProcessSystemVerilog Assertions (SVA) in the Design/Verification Process
SystemVerilog Assertions (SVA) in the Design/Verification Process
 
Efficiency Through Methodology
Efficiency Through MethodologyEfficiency Through Methodology
Efficiency Through Methodology
 
Pre-Si Verification for Post-Si Validation
Pre-Si Verification for Post-Si ValidationPre-Si Verification for Post-Si Validation
Pre-Si Verification for Post-Si Validation
 
OpenSPARC T1 Processor
OpenSPARC T1 ProcessorOpenSPARC T1 Processor
OpenSPARC T1 Processor
 
Intel Atom Processor Pre-Silicon Verification Experience
Intel Atom Processor Pre-Silicon Verification ExperienceIntel Atom Processor Pre-Silicon Verification Experience
Intel Atom Processor Pre-Silicon Verification Experience
 
Using Assertions in AMS Verification
Using Assertions in AMS VerificationUsing Assertions in AMS Verification
Using Assertions in AMS Verification
 
Low-Power Design and Verification
Low-Power Design and VerificationLow-Power Design and Verification
Low-Power Design and Verification
 

Recently uploaded

Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Principled Technologies
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024SynarionITSolutions
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024The Digital Insurer
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 

Recently uploaded (20)

Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
Deploy with confidence: VMware Cloud Foundation 5.1 on next gen Dell PowerEdg...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024Top 10 Most Downloaded Games on Play Store in 2024
Top 10 Most Downloaded Games on Play Store in 2024
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024Manulife - Insurer Innovation Award 2024
Manulife - Insurer Innovation Award 2024
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 

Using Formal Methods to Create Instruction Set Architectures

  • 1. Using Formal Methods to Create Instruction Set Architectures Steve Wright Bristol University Department of COMPUTER SCIENCE
  • 2. Steve Wright • Chartered Software Engineer. • 8 years at Rolls-Royce. • 2 years at STMicroelectronics. • 7 years at Airbus. • Now at University of Bristol.
  • 4. Objective Formally construct all possible outcomes for an instruction set during program execution.
  • 5. Normal Operation “I'm completely operational, and all my circuits are functioning perfectly.” Actions easy to identify.
  • 6. Failure Conditions “Open the pod bay doors, HAL.” “I'm sorry Dave, I'm afraid I can't do that.” Harder to identify.
  • 7. Formal Methods • Define “events”: “actions” predicated by “guards”. • Use set theory to prove that one or more events is subset of a single more abstract event. • “Model Checking” needed to prove that refined events fully implement abstract.
  • 8. ISA Common Properties • Binary image in contiguous memory. • Instructions selected by “Program Counter”. • All operations as bit-manipulations between registers. • Register data stored across multiple contiguous memory locations.
  • 9. Top-level Abstraction RUNNING/FAILED/HALTED state and instruction: Iterate = BEGIN act1: inst :∈ INST act2: status :∈ STATE END
  • 10. First Refinement Loading REFINES Iterate WHEN grd1: status = LOADING THEN act1: inst :∈ Inst act2: status :∈ { LOADING, RUNNING} END Running REFINES Iterate WHEN grd1: status = RUNNING THEN act1: inst :∈ Inst // Instruction is updated act3: status :∈ { RUNNING, HALTED, FAILED} END Halted // Explicit deadlock achieved REFINES Iterate WHEN grd1: status = HALTED THEN skip END Failed // Explicit deadlock achieved REFINES Iterate WHEN grd1: status = FAILED THEN skip END Create state machine to switch states RUNNING/FAILED/HALTED: =
  • 11. 32nd(!) Refinement NopOk REFINES NopOk ANY op opVal nextInstPtr WHERE grd6: op : DataByte grd7: op = mem(instPtr) grd5: opVal : 0..255 grd2: opVal = DataByte2Int(op) grd1: opVal = 16 grd3: instPtr <= 99992 grd4: statusCode = 2 grd8: nextInstPtr : -2147483647.. 2147483647 grd9: nextInstPtr = instPtr + 1 THEN act1: instPtr := nextInstPtr END For example, the humble NOP:
  • 12. Proof Obligations status = RUNNING ⇒ status ∈ {LOADING,RUNNING,HALTED,FAILED}
  • 13. Proof Obligations ∀x · x∈MemArrayDom ⇒ (memArrayDataLongmemIndex ↦DataBytes2DataLong(resByte(0) ↦resByte(1) ↦resByte(2) ↦resByte(3))})(x) = DataBytes2DataLong((memArrayDataBytememIndex ↦resByte(0)}memIndex+1 ↦resByte(1)}memIndex+2 ↦resByte(2)}memIndex+3 ↦resByte(3)})(x) ↦(memArrayDataBytememIndex ↦resByte(0)}memIndex+1 ↦resByte(1)}memIndex+2 ↦resByte(2)}memIndex+3 ↦resByte(3)})(x+1) ↦(memArrayDataBytememIndex ↦resByte(0)}memIndex+1 ↦resByte(1)}memIndex+2 ↦resByte(2)}memIndex+3 ↦resByte(3)})(x+2) ↦(memArrayDataBytememIndex ↦resByte(0)}memIndex+1 ↦resByte(1)}memIndex+2 ↦resByte(2)}memIndex+3 ↦resByte(3)})(x+3))
  • 15. RODIN • Integrated Development Environment for Event-B. • Eclipse-based. • Windows, Linux and Mac. • Free, open-source. • Extensible via Java plug-ins.
  • 16. “MIDAS” Example Machines • Stack and register machines. • 35 instructions. • “Modified Harvard” memory architecture. • Stack and Register Variants
  • 17. MIDAS Events 35 instructions ⇒ 112 events i.e. Many more failure cases than OK cases.
  • 18. VM Auto-generation NopOk REFINES NopOk ANY op opVal nextInstPtr WHERE grd6: op : DataSmall grd7: op = mem(instPtr) grd5: opVal : DataSmallNat grd2: opVal= DataSmall2Nat(op) grd1: opVal = 16 grd3: instPtr <= 99994 grd4: statusCode = 2 grd8: nextInstPtr : DataLargeNat grd9: nextInstPtr = instPtr + 1 THEN act1: instPtr := nextInstPtr END /* Event5 [NopOk] */ BOOL NopOk(void) { /* Local variable declarations */ DataLargeNat nextInstPtr; DataSmall op; DataSmallNat opVal; /* Guard 1 */ op = mem[instPtr]; DataSmall2Nat(op,&opVal); if(opVal!=16) return BFALSE; /* Guard 2 */ if(instPtr>99994) return BFALSE; /* Guard 3 */ if(statusCode!=2) return BFALSE; /* Local assignments in actions */ nextInstPtr = (instPtr+1); /* Actions */ instPtr = nextInstPtr; /* Report hit */ ReportEventbEvent("NopOk",5); return BTRUE; } > B2C >
  • 19. Compiled Target Executable int x; for(x=0;x<10;x++) { /* Do nothing */ } .L3: # Addsi [fp] [fp] 1 # imm push 1 psh.si.im 1 # indirect push [fp] psh.si.in fp ari.si.add # indirect pop [fp] pop.si.in fp pop.si.di void pop.si.di void .L2: # Cmp [fp] 9 # CondBra [fp] 9 le # imm push 9 psh.si.im 9 # indirect push [fp] psh.si.in fp cmp.si.le pop.si.di void pop.si.di void # bra.tr .L3 psh.ad.im .L3 jmp.ad.tr pop.ad.di void > GCC >
  • 21. Future Work • Expand Event-B to enhance the process. • Model checking (dead- lock/determinism). • Apply to existing ISAs.
  • 22. Summary • EventB can capture generic properties and refine to example. • RODIN allows refinement to executable.