1,255 research outputs found
Interpolation Properties and SAT-based Model Checking
Craig interpolation is a widespread method in verification, with important
applications such as Predicate Abstraction, CounterExample Guided Abstraction
Refinement and Lazy Abstraction With Interpolants. Most state-of-the-art model
checking techniques based on interpolation require collections of interpolants
to satisfy particular properties, to which we refer as "collectives"; they do
not hold in general for all interpolation systems and have to be established
for each particular system and verification environment. Nevertheless, no
systematic approach exists that correlates the individual interpolation systems
and compares the necessary collectives. This paper proposes a uniform
framework, which encompasses (and generalizes) the most common collectives
exploited in verification. We use it for a systematic study of the collectives
and of the constraints they pose on propositional interpolation systems used in
SAT-based model checking
Counterexample Guided Abstraction Refinement with Non-Refined Abstractions for Multi-Agent Path Finding
Counterexample guided abstraction refinement (CEGAR) represents a powerful
symbolic technique for various tasks such as model checking and reachability
analysis. Recently, CEGAR combined with Boolean satisfiability (SAT) has been
applied for multi-agent path finding (MAPF), a problem where the task is to
navigate agents from their start positions to given individual goal positions
so that the agents do not collide with each other.
The recent CEGAR approach used the initial abstraction of the MAPF problem
where collisions between agents were omitted and were eliminated in subsequent
abstraction refinements. We propose in this work a novel CEGAR-style solver for
MAPF based on SAT in which some abstractions are deliberately left non-refined.
This adds the necessity to post-process the answers obtained from the
underlying SAT solver as these answers slightly differ from the correct MAPF
solutions. Non-refining however yields order-of-magnitude smaller SAT encodings
than those of the previous approach and speeds up the overall solving process
making the SAT-based solver for MAPF competitive again in relevant benchmarks
Counterexample Guided Abstraction Refinement Algorithm for Propositional Circumscription
Circumscription is a representative example of a nonmonotonic reasoning
inference technique. Circumscription has often been studied for first order
theories, but its propositional version has also been the subject of extensive
research, having been shown equivalent to extended closed world assumption
(ECWA). Moreover, entailment in propositional circumscription is a well-known
example of a decision problem in the second level of the polynomial hierarchy.
This paper proposes a new Boolean Satisfiability (SAT)-based algorithm for
entailment in propositional circumscription that explores the relationship of
propositional circumscription to minimal models. The new algorithm is inspired
by ideas commonly used in SAT-based model checking, namely counterexample
guided abstraction refinement. In addition, the new algorithm is refined to
compute the theory closure for generalized close world assumption (GCWA).
Experimental results show that the new algorithm can solve problem instances
that other solutions are unable to solve
Automatic Abstraction in SMT-Based Unbounded Software Model Checking
Software model checkers based on under-approximations and SMT solvers are
very successful at verifying safety (i.e. reachability) properties. They
combine two key ideas -- (a) "concreteness": a counterexample in an
under-approximation is a counterexample in the original program as well, and
(b) "generalization": a proof of safety of an under-approximation, produced by
an SMT solver, are generalizable to proofs of safety of the original program.
In this paper, we present a combination of "automatic abstraction" with the
under-approximation-driven framework. We explore two iterative approaches for
obtaining and refining abstractions -- "proof based" and "counterexample based"
-- and show how they can be combined into a unified algorithm. To the best of
our knowledge, this is the first application of Proof-Based Abstraction,
primarily used to verify hardware, to Software Verification. We have
implemented a prototype of the framework using Z3, and evaluate it on many
benchmarks from the Software Verification Competition. We show experimentally
that our combination is quite effective on hard instances.Comment: Extended version of a paper in the proceedings of CAV 201
On abstraction refinement for program analyses in Datalog
A central task for a program analysis concerns how to efficiently find a program abstraction that keeps only information relevant for proving properties of interest. We present a new approach for finding such abstractions for program analyses written in Datalog. Our approach is based on counterexample-guided abstraction refinement: when a Datalog analysis run fails using an abstraction, it seeks to generalize the cause of the failure to other abstractions, and pick a new abstraction that avoids a similar failure. Our solution uses a boolean satisfiability formulation that is general, complete, and optimal: it is independent of the Datalog solver, it generalizes the failure of an abstraction to as many other abstractions as possible, and it identifies the cheapest refined abstraction to try next. We show the performance of our approach on a pointer analysis and a typestate analysis, on eight real-world Java benchmark programs
Combining k-Induction with Continuously-Refined Invariants
Bounded model checking (BMC) is a well-known and successful technique for
finding bugs in software. k-induction is an approach to extend BMC-based
approaches from falsification to verification. Automatically generated
auxiliary invariants can be used to strengthen the induction hypothesis. We
improve this approach and further increase effectiveness and efficiency in the
following way: we start with light-weight invariants and refine these
invariants continuously during the analysis. We present and evaluate an
implementation of our approach in the open-source verification-framework
CPAchecker. Our experiments show that combining k-induction with
continuously-refined invariants significantly increases effectiveness and
efficiency, and outperforms all existing implementations of k-induction-based
software verification in terms of successful verification results.Comment: 12 pages, 5 figures, 2 tables, 2 algorithm
- …