Monitor - Based Formal Speci cation of

Bus protocols are hard to specify correctly, and yet it is often critical and highly beneecial that their speciications are correct, complete , and unambiguous. The informal speciications currently in use are not adequate because they are diicult to read and write, and cannot be functionally verred by automated tools. Formal speciications, promise to eliminate these problems, but in practice, the diiculty of writing them limits their widespread acceptance. This paper presents a new style of speciication based on writing the interface speciication as a formal monitor , which enables the formal speciication to be simple to write, and even allows the description to be written in existing HDLs. Despite the simplicity, monitor speciications can be used to specify industry-grade protocols. Furthermore, they can be checked automatically for internal consistency using standard model checker tools, without any protocol implementations. They can be used without modiication for several other purposes, such as formal veriication and system simulation of implementations. Additionally, it is proved that speciications written in this style are receptive, guaranteeing that implementations are possible. The eeectiveness of the monitor speciication is demonstrated by formally specifying a large subset of the PCI 2.2 standard and nding several bugs in the standard.