436 research outputs found
PrIC3: Property Directed Reachability for MDPs
IC3 has been a leap forward in symbolic model checking. This paper proposes
PrIC3 (pronounced pricy-three), a conservative extension of IC3 to symbolic
model checking of MDPs. Our main focus is to develop the theory underlying
PrIC3. Alongside, we present a first implementation of PrIC3 including the key
ingredients from IC3 such as generalization, repushing, and propagation
Safety Model Checking with Complementary Approximations
Formal verification techniques such as model checking, are becoming popular
in hardware design. SAT-based model checking techniques such as IC3/PDR, have
gained a significant success in hardware industry. In this paper, we present a
new framework for SAT-based safety model checking, named Complementary
Approximate Reachability (CAR). CAR is based on standard reachability analysis,
but instead of maintaining a single sequence of reachable- state sets, CAR
maintains two sequences of over- and under- approximate reachable-state sets,
checking safety and unsafety at the same time. To construct the two sequences,
CAR uses standard Boolean-reasoning algorithms, based on satisfiability
solving, one to find a satisfying cube of a satisfiable Boolean formula, and
one to provide a minimal unsatisfiable core of an unsatisfiable Boolean
formula. We applied CAR to 548 hardware model-checking instances, and compared
its performance with IC3/PDR. Our results show that CAR is able to solve 42
instances that cannot be solved by IC3/PDR. When evaluated against a portfolio
that includes IC3/PDR and other approaches, CAR is able to solve 21 instances
that the other approaches cannot solve. We conclude that CAR should be
considered as a valuable member of any algorithmic portfolio for safety model
checking
Generating Property-Directed Potential Invariants By Backward Analysis
This paper addresses the issue of lemma generation in a k-induction-based
formal analysis of transition systems, in the linear real/integer arithmetic
fragment. A backward analysis, powered by quantifier elimination, is used to
output preimages of the negation of the proof objective, viewed as unauthorized
states, or gray states. Two heuristics are proposed to take advantage of this
source of information. First, a thorough exploration of the possible
partitionings of the gray state space discovers new relations between state
variables, representing potential invariants. Second, an inexact exploration
regroups and over-approximates disjoint areas of the gray state space, also to
discover new relations between state variables. k-induction is used to isolate
the invariants and check if they strengthen the proof objective. These
heuristics can be used on the first preimage of the backward exploration, and
each time a new one is output, refining the information on the gray states. In
our context of critical avionics embedded systems, we show that our approach is
able to outperform other academic or commercial tools on examples of interest
in our application field. The method is introduced and motivated through two
main examples, one of which was provided by Rockwell Collins, in a
collaborative formal verification framework.Comment: In Proceedings FTSCS 2012, arXiv:1212.657
SimpleCAR: An Efficient Bug-Finding Tool Based on Approximate Reachability
We present a new safety hardware model checker SimpleCAR that serves as a reference implementation for evaluating Complementary Approximate Reachability (CAR), a new SAT-based model checking framework inspired by classical reachability analysis. The tool gives a “bottom-line” performance measure for comparing future extensions to the framework. We demonstrate the performance of SimpleCAR on challenging benchmarks from the Hardware Model Checking Competition. Our experiments indicate that SimpleCAR is particularly suited for unsafety checking, or bug-finding; it is able to solve 7 unsafe instances within 1 h that are not solvable by any other state-of-the-art techniques, including BMC and IC3/PDR, within 8 h. We also identify a bug (reports safe instead of unsafe) and 48 counterexample generation errors in the tools compared in our analysis
SAT-Based Synthesis Methods for Safety Specs
Automatic synthesis of hardware components from declarative specifications is
an ambitious endeavor in computer aided design. Existing synthesis algorithms
are often implemented with Binary Decision Diagrams (BDDs), inheriting their
scalability limitations. Instead of BDDs, we propose several new methods to
synthesize finite-state systems from safety specifications using decision
procedures for the satisfiability of quantified and unquantified Boolean
formulas (SAT-, QBF- and EPR-solvers). The presented approaches are based on
computational learning, templates, or reduction to first-order logic. We also
present an efficient parallelization, and optimizations to utilize reachability
information and incremental solving. Finally, we compare all methods in an
extensive case study. Our new methods outperform BDDs and other existing work
on some classes of benchmarks, and our parallelization achieves a super-linear
speedup. This is an extended version of [5], featuring an additional appendix.Comment: Extended version of a paper at VMCAI'1
- …