This book shows how formal logic can be used to reason about the behaviour of digital hardware designs. The main focus is on a fundamental tool for dealing with the complexity of this activity—namely the use of abstraction in bridging the gaps between logical descriptions of hardware at different levels of detail.

The text of this book was adapted from a Ph.D. dissertation on abstraction mechanisms for reasoning about hardware, written at the University of Cambridge Computer Laboratory. This work was originally motivated by my experience with using the LCF_LSM theorem prover to verify the correctness of an associative memory device intended for use in a local area network. This device comprised 37 SSI and MSI TTL chips, the most complex of which was an AM 2910 microprogram controller. Although the design was straightforward, its verification using the LCF_LSM system was remarkably difficult. The main problem was simply the almost intractably large size of the intermediate theorems generated during the proof. Single theorems were generated that were hundreds of lines long, and several minutes or even several hours of CPU time were needed to manipulate them. The proof was completed only with considerable difficulty—unfortunately, some time after the LCF_LSM system had become obsolete.

These difficulties were for the most part due not to problems with the LCF_LSM theorem prover itself, but to deficiencies in the underlying formalism for hardware verification supported by the system.