Modular Verification of SRT Division

We describe a formal speciication and veriication in PVS for the general theory of SRT division, and for the hardware design of a spe-ciic implementation. The speciication demonstrates how attributes of the PVS language (in particular, predicate subtypes) allow the general theory to be developed in a readable manner that is similar to textbook presentations, while the PVS table construct allows direct speciication of the implementation's quotient look-up table. Veriication of the derivations in the SRT theory and for the data path and look-up table of the implementation are highly automated and performed for arbitrary, but nite precision; in addition, the theory is veriied for general radix, while the implementation is specialized to radix 4. The eeectiveness of the automation derives from PVS's tight integration of rewriting with decision procedures for equality, linear arithmetic over integers and rationals, and propositional logic. This example demonstrates that the resources of an expressive speciication language and of a general-purpose theorem prover are not inimical to highly automated veriication in this domain, and can contribute to clarity, generality, and reuse.