1,492 research outputs found
Processor Verification Using Efficient Reductions of the Logic of Uninterpreted Functions to Propositional Logic
The logic of equality with uninterpreted functions (EUF) provides a means of
abstracting the manipulation of data by a processor when verifying the
correctness of its control logic. By reducing formulas in this logic to
propositional formulas, we can apply Boolean methods such as Ordered Binary
Decision Diagrams (BDDs) and Boolean satisfiability checkers to perform the
verification.
We can exploit characteristics of the formulas describing the verification
conditions to greatly simplify the propositional formulas generated. In
particular, we exploit the property that many equations appear only in positive
form. We can therefore reduce the set of interpretations of the function
symbols that must be considered to prove that a formula is universally valid to
those that are ``maximally diverse.''
We present experimental results demonstrating the efficiency of this approach
when verifying pipelined processors using the method proposed by Burch and
Dill.Comment: 46 page
Second-Order Functions and Theorems in ACL2
SOFT ('Second-Order Functions and Theorems') is a tool to mimic second-order
functions and theorems in the first-order logic of ACL2. Second-order functions
are mimicked by first-order functions that reference explicitly designated
uninterpreted functions that mimic function variables. First-order theorems
over these second-order functions mimic second-order theorems universally
quantified over function variables. Instances of second-order functions and
theorems are systematically generated by replacing function variables with
functions. SOFT can be used to carry out program refinement inside ACL2, by
constructing a sequence of increasingly stronger second-order predicates over
one or more target functions: the sequence starts with a predicate that
specifies requirements for the target functions, and ends with a predicate that
provides executable definitions for the target functions.Comment: In Proceedings ACL2 2015, arXiv:1509.0552
A BDD-representation for the logic of equality and uninterpreted functions (a full version with proofs).
The logic of equality and uninterpreted functions (EUF) has been proposed for processor verification. This paper presents a new data structure called Binary Decision Diagrams for representing EUF formulas (EUF-BDDs). We define EUF-BDDs similar to BDDs, but we allow equalities between terms as labels instead of Boolean variables. We provide an approach to build a reduced ordered EUF-BDD (EUF-ROBDD) and prove that every path to a leaf is satisfiable by construction. Moreover, EUF-ROBDDs are logically equivalent representations of EUF-formulae, so they can also be used to represent state spaces in symbolic model checking with dat
Z2SAL: a translation-based model checker for Z
Despite being widely known and accepted in industry, the Z formal specification language has not so far been well supported by automated verification tools, mostly because of the challenges in handling the abstraction of the language. In this paper we discuss a novel approach to building a model-checker for Z, which involves implementing a translation from Z into SAL, the input language for the Symbolic Analysis Laboratory, a toolset which includes a number of model-checkers and a simulator. The Z2SAL translation deals with a number of important issues, including: mapping unbounded, abstract specifications into bounded, finite models amenable to a BDD-based symbolic checker; converting a non-constructive and piecemeal style of functional specification into a deterministic, automaton-based style of specification; and supporting the rich set-based vocabulary of the Z mathematical toolkit. This paper discusses progress made towards implementing as complete and faithful a translation as possible, while highlighting certain assumptions, respecting certain limitations and making use of available optimisations. The translation is illustrated throughout with examples; and a complete working example is presented, together with performance data
Quantifier-Free Interpolation of a Theory of Arrays
The use of interpolants in model checking is becoming an enabling technology
to allow fast and robust verification of hardware and software. The application
of encodings based on the theory of arrays, however, is limited by the
impossibility of deriving quantifier- free interpolants in general. In this
paper, we show that it is possible to obtain quantifier-free interpolants for a
Skolemized version of the extensional theory of arrays. We prove this in two
ways: (1) non-constructively, by using the model theoretic notion of
amalgamation, which is known to be equivalent to admit quantifier-free
interpolation for universal theories; and (2) constructively, by designing an
interpolating procedure, based on solving equations between array updates.
(Interestingly, rewriting techniques are used in the key steps of the solver
and its proof of correctness.) To the best of our knowledge, this is the first
successful attempt of computing quantifier- free interpolants for a variant of
the theory of arrays with extensionality
Formalization and Validation of Safety-Critical Requirements
The validation of requirements is a fundamental step in the development
process of safety-critical systems. In safety critical applications such as
aerospace, avionics and railways, the use of formal methods is of paramount
importance both for requirements and for design validation. Nevertheless, while
for the verification of the design, many formal techniques have been conceived
and applied, the research on formal methods for requirements validation is not
yet mature. The main obstacles are that, on the one hand, the correctness of
requirements is not formally defined; on the other hand that the formalization
and the validation of the requirements usually demands a strong involvement of
domain experts. We report on a methodology and a series of techniques that we
developed for the formalization and validation of high-level requirements for
safety-critical applications. The main ingredients are a very expressive formal
language and automatic satisfiability procedures. The language combines
first-order, temporal, and hybrid logic. The satisfiability procedures are
based on model checking and satisfiability modulo theory. We applied this
technology within an industrial project to the validation of railways
requirements
Designing Normative Theories for Ethical and Legal Reasoning: LogiKEy Framework, Methodology, and Tool Support
A framework and methodology---termed LogiKEy---for the design and engineering
of ethical reasoners, normative theories and deontic logics is presented. The
overall motivation is the development of suitable means for the control and
governance of intelligent autonomous systems. LogiKEy's unifying formal
framework is based on semantical embeddings of deontic logics, logic
combinations and ethico-legal domain theories in expressive classic
higher-order logic (HOL). This meta-logical approach enables the provision of
powerful tool support in LogiKEy: off-the-shelf theorem provers and model
finders for HOL are assisting the LogiKEy designer of ethical intelligent
agents to flexibly experiment with underlying logics and their combinations,
with ethico-legal domain theories, and with concrete examples---all at the same
time. Continuous improvements of these off-the-shelf provers, without further
ado, leverage the reasoning performance in LogiKEy. Case studies, in which the
LogiKEy framework and methodology has been applied and tested, give evidence
that HOL's undecidability often does not hinder efficient experimentation.Comment: 50 pages; 10 figure
Unbounded Scalable Hardware Verification.
Model checking is a formal verification method that has been successfully applied to real-world hardware and software designs. Model checking tools, however, encounter the so-called state-explosion problem, since the size of the state spaces of such designs is exponential in the number of their state elements. In this thesis, we address this problem by exploiting the power of two complementary approaches: (a) counterexample-guided abstraction and refinement (CEGAR) of the design's datapath; and (b) the recently-introduced incremental induction algorithms for approximate reachability. These approaches are well-suited for the verification of control-centric properties in hardware designs consisting of wide datapaths and complex control logic. They also handle most complex design errors in typical hardware designs. Datapath abstraction prunes irrelevant bit-level details of datapath elements, thus greatly reducing the size of the state space that must be analyzed and allowing the verification to be focused on the control logic, where most errors originate. The induction-based approximate reachability algorithms offer the potential of significantly reducing the number of iterations needed to prove/disprove given properties by avoiding the implicit or explicit enumeration of reachable states. Our implementation of this verification framework, which we call the Averroes system, extends the approximate reachability algorithms at the bit level to first-order logic with equality and uninterpreted functions. To facilitate this extension, we formally define the solution space and state space of the abstract transition system produced by datapath abstraction. In addition, we develop an efficient way to represent sets of abstract solutions involving present- and next-states and a systematic way to project such solutions onto the space of just the present-state variables. To further increase the scalability of the Averroes verification system, we introduce the notion of structural abstraction, which extends datapath abstraction with two optimizations for better classification of state variables as either datapath or control, and with efficient memory abstraction techniques. We demonstrate the scalability of this approach by showing that Averroes significantly outperforms bit-level verification on a number of industrial benchmarks.PhDComputer Science and EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/133375/1/suholee_1.pd
- …