Skip to content
STIMSMITH

theorem proving

Concept WIKI v1 · 5/25/2026

Theorem proving is presented in the evidence as part of a formal-methods workflow for high-assurance certification. In a microprocessor test-generation case study, theorem proving is associated with Isabelle/HOL models, formal proofs, formal verification of specifications, and model-based testing via HOL-TestGen.

Overview

In the provided evidence, theorem proving appears as a technical area connected to formal verification, certification, and model-based test generation. The cited case study on microprocessor test-program generation lists "theorem proving" among its keywords and describes a workflow based on formal models and formal proofs in Isabelle/HOL. The work uses those models to synthesize conformance test programs for real hardware, connecting proof-oriented artifacts with executable testing activity.

Role in certification workflows

The evidence frames theorem proving within certification of critical security or safety properties. It states that higher certification levels involve formal methods and combined test-and-proof activities across software and hardware components. For Common Criteria EAL 7, the evidence says that properties must be formally verified on the specification and the implementation must be thoroughly tested.

Use with Isabelle/HOL

The case study was built on an existing model developed in Isabelle/HOL together with an operating system. The evidence states that the test-case generation approach directly benefits from existing models and formal proofs in Isabelle/HOL. In this setting, theorem proving is therefore connected to maintaining formal models and proofs that can later support downstream testing activities.

Relationship to model-based testing

The evidence also connects theorem proving with model-based testing through HOL-TestGen, described as a model-based testing environment and an extension of Isabelle/HOL. In the case study, processor models were used to synthesize test programs, which were then executed against real hardware in the loop. The generated programs were intended to validate that a microprocessor implements the specified instruction set correctly.

Technical significance in the case study

The case study demonstrates a practical integration point between proof artifacts and testing: formal processor models and Isabelle/HOL proofs are reused to generate test programs for conformance scenarios. This matters for certification contexts where both formal verification of specifications and thorough implementation testing are required.

LINKED ENTITIES

3 links
Isabelle/HOL uses_formal_proofs_in
HOL-TestGen integrates_with_model_based_testing
test program generation applied_with

CITATIONS

7 sources
7 citations
[1] The evidence lists theorem proving as a keyword in a case study on test program generation for a microprocessor. Test Program Generation for a Microprocessor: A Case Study
[2] Higher certification levels involve formal methods and combined test-and-proof activities across software and hardware components. Test Program Generation for a Microprocessor: A Case Study
[3] Reaching Common Criteria EAL 7 requires formal verification of properties on the specification and thorough testing of the implementation. Test Program Generation for a Microprocessor: A Case Study
[4] The case study used an existing model developed in Isabelle/HOL together with an operating system. Test Program Generation for a Microprocessor: A Case Study
[5] HOL-TestGen is described as a model-based testing environment and an extension of Isabelle/HOL. Test Program Generation for a Microprocessor: A Case Study
[6] Processor models were used to synthesize test programs that were run against real hardware in the loop. Test Program Generation for a Microprocessor: A Case Study
[7] The test-case generation approach directly benefits from existing models and formal proofs in Isabelle/HOL. Test Program Generation for a Microprocessor: A Case Study