Formal program verification provides mathematical methods to increase the assurance of software correctness. Most approaches are either fully automatic and prove only weak properties, or, alternatively, are manual and labour-intensive; few target realistically modelled machine code. The work presented in this dissertation aims to ease the effort required in proving properties of programs on top of detailed models of machine code. The contributions are novel methods for both the verification of existing programs and for automatically constructing correct code. For verification, the problem is reduced, via fully-automatic deduction, to proving properties of recursive functions. For program construction, a compiler maps mathematical functions, via proof, down to multiple carefully modelled commercial machine languages. As a case study in combining bottom-up verification and top-down compilation, formally verified ARM, x86 and PowerPC machine code implementations of a LISP interpreter were created. The automation and proofs have been implemented in the HOL4 theorem prover using specifications of instructions based on machine-code Hoare triples derived mechanically from processor architecture models.

Author Biography

Magnus O. Myreen did his BA in Computer Science at the University of Oxford, tutored by Dr Jeff Sanders. During the summers of his undergraduate degree, he worked as a research assistant at Abo Akademi University in Finland for Prof. Ralph-Johan Back. Magnus completed his PhD on program verification in 2008 at the University of Cambridge, supervised by Prof. Mike Gordon. Currently Magnus is a research associate and co-investigator on an EPSRC grant entitled 'Trustworthy programming for multiple instruction sets'.