VLSI Specification, Verification and Synthesis Proceedings of a workshop held in Calgary from 12-16 January 1987. The collection of papers in this book represents some of the discussions and presentations at a workshop on hardware verification held in Calgary, January 12-16 1987. The thrust of the workshop was to give the floor to a few leading researchers involved in the use of formal approaches to VLSI design, and provide them ample time to develop not only their latest ideas but also the evolution of these ideas. In contrast to simulation, where the objective is to assist in detecting errors in system behavior in the case of some selected inputs, the intent of hardware verification is to formally prove that a chip design meets a specification of its intended behavior (for all acceptable inputs). There are several important applications where formal verification of designs may be argued to be cost-effective. Examples include hardware components used in "safety critical" applications such as flight control, industrial plants, and medical life-support systems (such as pacemakers). The problems are of such magnitude in certain defense applications that the UK Ministry of Defense feels it cannot rely on commercial chips and has embarked on a program of producing formally verified chips to its own specification. Hospital, civil aviation, and transport boards in the UK will also use these chips. A second application domain for verification is afforded by industry where specific chips may be used in high volume or be remotely placed.

This report describes the partially completed correctness proof of the Viper 'block model'. Viper 7,8,9,11,23] is a microprocessor designed by W. J. Cullyer, C. Pygott and J. Kershaw at the Royal Signals and Radar Establishment in Malvern, England, (henceforth 'RSRE') for use in safety-critical applications such as civil aviation and nuclear power plant control. It is currently finding uses in areas such as the de ployment of weapons from tactical aircraft. To support safety-critical applications, Viper has a particulary simple design about which it is relatively easy to reason using current techniques and models. The designers, who deserve much credit for the promotion of formal methods, intended from the start that Viper be formally verified. Their idea was to model Viper in a sequence of decreasingly abstract levels, each of which concentrated on some aspect ofthe design, such as the flow ofcontrol, the processingofinstructions, and so on. That is, each model would be a specification of the next (less abstract) model, and an implementation of the previous model (if any). The verification effort would then be simplified by being structured according to the sequence of abstraction levels. These models (or levels) of description were characterized by the design team. The first two levels, and part of the third, were written by them in a logical language amenable to reasoning and proof."

This book presents five tutorial-style lectures on various approaches to the problem of verifying distributed systems: three chapters concentrate on linear-time or branching-time temporal logics; one addresses process equivalence with an emphasis on infinite-state systems; and the final one presents a novel category-theoretic approach to verification. The various formalisms for expressing properties of concurrent systems, based on automata-theoretic techniques or structural properties, are studied in detail.
Much attention is paid to the style of writing and complementary coverage of the relevant issues. Thus these lecture notes are ideally suited for advanced courses on logics for concurrent systems. Equally, they are indispensable reading for anyone researching the area of distributed computing.

As the costs of power and timing become increasingly difficult to manage in traditional synchronous systems, designers are being forced to look at asynchronous alternatives. Based on reworked and expanded papers from the VII Banff Higher Order Workshop, this volume examines asynchronous methods which have been used in large circuit design, ranging from initial formal specification to more standard finite state machine based control models. Written by leading practitioners in the area, the papers cover many aspects of current practice including practical design, silicon compilation, and applications of formal specification. It also includes a state-of-the-art survey of asynchronous hardware design. The resulting volume will be invaluable to anyone interested in designing correct asynchronous circuits which exhibit high performance or low power operation.

It is many years since Landin, Burge and others showed us how to apply higher order techniques and thus laid some foundations for modern functional programming. The advantage of higher order descriptions - that they can be very succinct and clear - has been percolating through ever since. Current research topics range from the design, implementation and use of higher order proof assistants and theorem provers, through program specification and verification, and programming language design, to its applications in hardware description and verification. The papers in this book represent the presentations made at a workshop held at Banff, Canada, September 10-14 1990 and organised by the Computer Science Department of the University of Calgary. The workshop gathered together researchers interested in applying higher order techniques to a range of problems. The workshop format had a few (but fairly long) presentations per day. This left ample time for healthy discussion and argument, many of which continued on into the small hours. With so much to choose from, the program had to be selective. This year's workshop was divided into five parts: 1. Expressing and reasoning about concurrency: Warren Burton and Ken Jackson, John Hughes, and Faron Moller. 2. Reasoning about synchronous circuits: Geraint Jones and Mary Sheeran (with a bonus on the fast Fourier transform from Geraint). 3. Reasoning about asynchronous circuits: Albert Camilleri, Jo Ebergen, and Martin Rem. 4. Categorical concepts for programming languages: Robin Cockett, Barry Jay, and Andy Pitts.