24 research outputs found
Verified AIG Algorithms in ACL2
And-Inverter Graphs (AIGs) are a popular way to represent Boolean functions
(like circuits). AIG simplification algorithms can dramatically reduce an AIG,
and play an important role in modern hardware verification tools like
equivalence checkers. In practice, these tricky algorithms are implemented with
optimized C or C++ routines with no guarantee of correctness. Meanwhile, many
interactive theorem provers can now employ SAT or SMT solvers to automatically
solve finite goals, but no theorem prover makes use of these advanced,
AIG-based approaches.
We have developed two ways to represent AIGs within the ACL2 theorem prover.
One representation, Hons-AIGs, is especially convenient to use and reason
about. The other, Aignet, is the opposite; it is styled after modern AIG
packages and allows for efficient algorithms. We have implemented functions for
converting between these representations, random vector simulation, conversion
to CNF, etc., and developed reasoning strategies for verifying these
algorithms.
Aside from these contributions towards verifying AIG algorithms, this work
has an immediate, practical benefit for ACL2 users who are using GL to
bit-blast finite ACL2 theorems: they can now optionally trust an off-the-shelf
SAT solver to carry out the proof, instead of using the built-in BDD package.
Looking to the future, it is a first step toward implementing verified AIG
simplification algorithms that might further improve GL performance.Comment: In Proceedings ACL2 2013, arXiv:1304.712
Implementing and reasoning about hash-consed data structures in Coq
We report on four different approaches to implementing hash-consing in Coq
programs. The use cases include execution inside Coq, or execution of the
extracted OCaml code. We explore the different trade-offs between faithful use
of pristine extracted code, and code that is fine-tuned to make use of OCaml
programming constructs not available in Coq. We discuss the possible
consequences in terms of performances and guarantees. We use the running
example of binary decision diagrams and then demonstrate the generality of our
solutions by applying them to other examples of hash-consed data structures
Efficient execution in an automated reasoning environment
We describe a method that permits the user of a mechanized mathematical logic to write
elegant logical definitions while allowing sound and efficient execution. In particular, the
features supporting this method allow the user to install, in a logically sound way, alternative
executable counterparts for logically defined functions. These alternatives are often much
more efficient than the logically equivalent terms they replace. These features have been
implemented in the ACL2 theorem prover, and we discuss several applications of the features
in ACL2.Ministerio de Educación y Ciencia TIN2004–0388
Formalizing and Verifying a Modern Build Language
CLOUDMAKE is a software utility that automatically builds executable programs and libraries from source code—a modern MAKE utility. Its design gives rise to a number of possible optimizations, like cached builds, and the exe-cutables to be built are described using a functional programming language. This paper formally and mechanically verifies the correctness of central CLOUDMAKE algorithms. The paper defines the CLOUDMAKE language using an operational semantics, but with a twist: the central operation exec is defined axiomatically, making it pluggable so that it can be replaced by calls to compilers, linkers, and other tools. The formalization and proofs of the central CLOUDMAKE algorithms are done entirely in DAFNY, the proof engine of which is an SMT-based program verifier
Verasco: un analyseur statique pour C formellement vérifié
In order to develop safer software for critical applications, some static analyzers aim at establishing, with mathematical certitude, the absence of some classes of bug in the input program. A possible limit to this approach is the possibility of a soundness bug in the static analyzer itself, which would nullify the guarantees it is supposed to deliver.In this thesis, we propose to establish formal guarantees on the static analyzer itself: we present the design, implementation and proof of soundness using Coq of Verasco, a formally verified static analyzer based on abstract interpretation handling most of the ISO C99 language, including IEEE754 floating-point arithmetic (except recursion and dynamic memory allocation). Verasco aims at establishing the absence of erroneous behavior of the given programs. It enjoys a modular extendable architecture with several abstract domains and well-specified interfaces. We present the abstract iterator of Verasco, its handling of bounded machine arithmetic, its interval abstract domain, its symbolic abstract domain and its abstract domain of octagons. Verasco led to the development of new techniques for implementing data structure with sharing in Coq.Afin de développer des logiciels plus sûrs pour des applications critiques, certains analyseurs statiques tentent d'établir, avec une certitude mathématique, l'absence de certains types de bugs dans un programme donné. Une limite possible à cette approche est l'éventualité d'un bug affectant la correction de l'analyseur lui-même, éliminant ainsi les garanties qu'il est censé apporter.Dans cette thèse, nous proposons d'établir des garanties formelles sur l'analyseur lui-même : nous présentons la conception, l'implantation et la preuve de sûreté en Coq de Verasco, un analyseur statique formellement vérifié utilisant l'interprétation abstraite pour le langage ISO C99 avec l'arithmétique flottante IEEE754 (à l'exception de la récursion et de l'allocation dynamique de mémoire). Verasco a pour but d'établir l'absence d'erreur à l'exécution des programmes donnés. Il est conçu selon une architecture modulaire et extensible contenant plusieurs domaines abstraits et des interfaces bien spécifiées. Nous détaillons le fonctionnement de l'itérateur abstrait de Verasco, son traitement des entiers bornés de la machine, son domaine abstrait d'intervalles, son domaine abstrait symbolique et son domaine abstrait d'octogones. Verasco a donné lieu au développement de nouvelles techniques pour implémenter des structures de données avec partage dans Coq
Recommended from our members
Improved methods for phylogenetics
textPhylogenetics is the study of evolutionary relationships. It is a scientific
endeavour to discover history, and it is not easy. Massive amounts of data
together with computationally difficult optimization problems mean that
heuristics are prevalent, and ever better techniques are sought. New
approaches are valuable if they are more accurate, but are considered even more
so if they are faster than pre-existing methods. Improvements to existing
algorithms, whether in terms of space requirements, or faster running times,
are also worthwhile. This dissertation explores three new techniques, each of
which is valuable according to the previous definitions.
The first contribution is TASPI, a system for storing collections of
phylogenetic trees, and performing post-tree analyses. TASPI stores collections
of trees more compactly than the previous method, and this compact structure
lends itself to post-tree analyses. This results in the ability to compute
strict and majority consensus trees faster than common alternatives. As an
added benefit, TASPI is written in ACL2, which allows properties of the
algorithms and data structures to be formally verified.
The second contribution is an improved method to generate phylogenetic trees.
A common methodology involves two steps, first estimating a Multiple Sequence
Alignment (MSA), and then estimating a tree using that MSA. This method
changes the way in which the MSA is estimated, and this leads to improved
accuracy of the resultant trees. Also, in some cases, the time required is
also reduced.
The third contribution is BLuTGEN, a method by which a phylogenetic tree is
estimated from sequence data, but without ever generating an MSA for the full
dataset. BLuTGEN is as accurate as one of the best published tree estimation
techniques (SATé), but takes a novel approach which allows it to be applied
to much larger datasets.Computer Science