5,372 research outputs found
Extending ACL2 with SMT Solvers
We present our extension of ACL2 with Satisfiability Modulo Theories (SMT)
solvers using ACL2's trusted clause processor mechanism. We are particularly
interested in the verification of physical systems including Analog and
Mixed-Signal (AMS) designs. ACL2 offers strong induction abilities for
reasoning about sequences and SMT complements deduction methods like ACL2 with
fast nonlinear arithmetic solving procedures. While SAT solvers have been
integrated into ACL2 in previous work, SMT methods raise new issues because of
their support for a broader range of domains including real numbers and
uninterpreted functions. This paper presents Smtlink, our clause processor for
integrating SMT solvers into ACL2. We describe key design and implementation
issues and describe our experience with its use.Comment: In Proceedings ACL2 2015, arXiv:1509.0552
Tortoise: Interactive System Configuration Repair
System configuration languages provide powerful abstractions that simplify
managing large-scale, networked systems. Thousands of organizations now use
configuration languages, such as Puppet. However, specifications written in
configuration languages can have bugs and the shell remains the simplest way to
debug a misconfigured system. Unfortunately, it is unsafe to use the shell to
fix problems when a system configuration language is in use: a fix applied from
the shell may cause the system to drift from the state specified by the
configuration language. Thus, despite their advantages, configuration languages
force system administrators to give up the simplicity and familiarity of the
shell.
This paper presents a synthesis-based technique that allows administrators to
use configuration languages and the shell in harmony. Administrators can fix
errors using the shell and the technique automatically repairs the higher-level
specification written in the configuration language. The approach (1) produces
repairs that are consistent with the fix made using the shell; (2) produces
repairs that are maintainable by minimizing edits made to the original
specification; (3) ranks and presents multiple repairs when relevant; and (4)
supports all shells the administrator may wish to use. We implement our
technique for Puppet, a widely used system configuration language, and evaluate
it on a suite of benchmarks under 42 repair scenarios. The top-ranked repair is
selected by humans 76% of the time and the human-equivalent repair is ranked
1.31 on average.Comment: Published version in proceedings of IEEE/ACM International Conference
on Automated Software Engineering (ASE) 201
Applying Formal Methods to Networking: Theory, Techniques and Applications
Despite its great importance, modern network infrastructure is remarkable for
the lack of rigor in its engineering. The Internet which began as a research
experiment was never designed to handle the users and applications it hosts
today. The lack of formalization of the Internet architecture meant limited
abstractions and modularity, especially for the control and management planes,
thus requiring for every new need a new protocol built from scratch. This led
to an unwieldy ossified Internet architecture resistant to any attempts at
formal verification, and an Internet culture where expediency and pragmatism
are favored over formal correctness. Fortunately, recent work in the space of
clean slate Internet design---especially, the software defined networking (SDN)
paradigm---offers the Internet community another chance to develop the right
kind of architecture and abstractions. This has also led to a great resurgence
in interest of applying formal methods to specification, verification, and
synthesis of networking protocols and applications. In this paper, we present a
self-contained tutorial of the formidable amount of work that has been done in
formal methods, and present a survey of its applications to networking.Comment: 30 pages, submitted to IEEE Communications Surveys and Tutorial
An Instantiation-Based Approach for Solving Quantified Linear Arithmetic
This paper presents a framework to derive instantiation-based decision
procedures for satisfiability of quantified formulas in first-order theories,
including its correctness, implementation, and evaluation. Using this framework
we derive decision procedures for linear real arithmetic (LRA) and linear
integer arithmetic (LIA) formulas with one quantifier alternation. Our
procedure can be integrated into the solving architecture used by typical SMT
solvers. Experimental results on standardized benchmarks from model checking,
static analysis, and synthesis show that our implementation of the procedure in
the SMT solver CVC4 outperforms existing tools for quantified linear
arithmetic
Conflict Detection for Edits on Extended Feature Models using Symbolic Graph Transformation
Feature models are used to specify variability of user-configurable systems
as appearing, e.g., in software product lines. Software product lines are
supposed to be long-living and, therefore, have to continuously evolve over
time to meet ever-changing requirements. Evolution imposes changes to feature
models in terms of edit operations. Ensuring consistency of concurrent edits
requires appropriate conflict detection techniques. However, recent approaches
fail to handle crucial subtleties of extended feature models, namely
constraints mixing feature-tree patterns with first-order logic formulas over
non-Boolean feature attributes with potentially infinite value domains. In this
paper, we propose a novel conflict detection approach based on symbolic graph
transformation to facilitate concurrent edits on extended feature models. We
describe extended feature models formally with symbolic graphs and edit
operations with symbolic graph transformation rules combining graph patterns
with first-order logic formulas. The approach is implemented by combining
eMoflon with an SMT solver, and evaluated with respect to applicability.Comment: In Proceedings FMSPLE 2016, arXiv:1603.0857
On Counterexample Guided Quantifier Instantiation for Synthesis in CVC4
We introduce the first program synthesis engine implemented inside an SMT
solver. We present an approach that extracts solution functions from
unsatisfiability proofs of the negated form of synthesis conjectures. We also
discuss novel counterexample-guided techniques for quantifier instantiation
that we use to make finding such proofs practically feasible. A particularly
important class of specifications are single-invocation properties, for which
we present a dedicated algorithm. To support syntax restrictions on generated
solutions, our approach can transform a solution found without restrictions
into the desired syntactic form. As an alternative, we show how to use
evaluation function axioms to embed syntactic restrictions into constraints
over algebraic datatypes, and then use an algebraic datatype decision procedure
to drive synthesis. Our experimental evaluation on syntax-guided synthesis
benchmarks shows that our implementation in the CVC4 SMT solver is competitive
with state-of-the-art tools for synthesis
- …