Hunt Warren A, Kaufmann Matt, Moore J Strother, Slobodova Anna
Department of Computer Science, University of Texas at Austin, Austin, TX, USA.
Centaur Technology, Inc., 7600-C N. Capital of Texas Hwy, Suite 300, Austin, TX 78731, USA
Philos Trans A Math Phys Eng Sci. 2017 Oct 13;375(2104). doi: 10.1098/rsta.2015.0399.
The ACL2 theorem prover has seen sustained industrial use since the mid-1990s. Companies that have used ACL2 regularly include AMD, Centaur Technology, IBM, Intel, Kestrel Institute, Motorola/Freescale, Oracle and Rockwell Collins. This paper introduces ACL2 and focuses on how and why ACL2 is used in industry. ACL2 is well-suited to its industrial application to numerous software and hardware systems, because it is an integrated programming/proof environment supporting a subset of the ANSI standard Common Lisp programming language. As a programming language ACL2 permits the coding of efficient and robust programs; as a prover ACL2 can be fully automatic but provides many features permitting domain-specific human-supplied guidance at various levels of abstraction. ACL2 specifications and models often serve as efficient execution engines for the modelled artefacts while permitting formal analysis and proof of properties. Crucially, ACL2 also provides support for the development and verification of other formal analysis tools. However, ACL2 did not find its way into industrial use merely because of its technical features. The core ACL2 user/development community has a shared vision of making mechanized verification routine when appropriate and has been committed to this vision for the quarter century since the Computational Logic, Inc., Verified Stack. The community has focused on demonstrating the viability of the tool by taking on industrial projects (often at the expense of not being able to publish much).This article is part of the themed issue 'Verified trustworthy software systems'.
自20世纪90年代中期以来,ACL2定理证明器一直在持续应用于工业领域。经常使用ACL2的公司包括AMD、半人马座技术公司、IBM、英特尔、凯斯特勒研究所、摩托罗拉/飞思卡尔、甲骨文和罗克韦尔柯林斯公司。本文介绍了ACL2,并重点关注其在工业中使用的方式和原因。ACL2非常适合在众多软件和硬件系统中进行工业应用,因为它是一个集成的编程/证明环境,支持ANSI标准通用Lisp编程语言的一个子集。作为一种编程语言,ACL2允许编写高效且健壮的程序;作为一个证明器,ACL2可以完全自动化,但也提供了许多功能,允许在不同抽象层次上进行特定领域的人工指导。ACL2规范和模型通常充当所建模工件的高效执行引擎,同时允许对属性进行形式化分析和证明。至关重要的是,ACL2还为其他形式化分析工具的开发和验证提供支持。然而,ACL2进入工业应用不仅仅是因为其技术特性。ACL2的核心用户/开发社区有一个共同的愿景,即在适当的时候使机械化验证成为常规操作,并且自计算逻辑公司的验证堆栈问世后的四分之一个世纪里一直致力于这一愿景。该社区一直专注于通过承接工业项目来证明该工具的可行性(通常以无法大量发表成果为代价)。本文是主题为“经过验证的可信软件系统”的特刊的一部分。
