547 research outputs found
Interpolation Properties and SAT-based Model Checking
Craig interpolation is a widespread method in verification, with important
applications such as Predicate Abstraction, CounterExample Guided Abstraction
Refinement and Lazy Abstraction With Interpolants. Most state-of-the-art model
checking techniques based on interpolation require collections of interpolants
to satisfy particular properties, to which we refer as "collectives"; they do
not hold in general for all interpolation systems and have to be established
for each particular system and verification environment. Nevertheless, no
systematic approach exists that correlates the individual interpolation systems
and compares the necessary collectives. This paper proposes a uniform
framework, which encompasses (and generalizes) the most common collectives
exploited in verification. We use it for a systematic study of the collectives
and of the constraints they pose on propositional interpolation systems used in
SAT-based model checking
Strengthening Model Checking Techniques with Inductive Invariants
This paper describes optimized techniques to efficiently compute and reap benefits from inductive invariants within SAT-based model checking. We address sequential circuit verification, and we consider both equivalences and implications between pairs of nodes in the logic networks. First, we present a very efficient dynamic procedure, based on equivalence classes and incremental SAT, specifically oriented to reduce the set of checked invariants. Then, we show how to effectively integrate the computation of inductive invariants within state-of-the-art SAT-based model checking procedures. Experiments (on more than 600 designs) show the robustness of our approach on verification instances on which stand-alone techniques fai
Automatically Verifying Railway Interlockings using SAT-based Model Checking
In this paper, we demonstrate the successful application of various SAT-based model checking techniques to verify train control systems. Starting with a propositional model for a control system, we show how execution of the system can be modelled via a finite automaton. We give algorithms to perform SAT-based model checking over such an automaton. In order to tackle state-space explosion we propose slicing. Finally we comment on results obtained by applying these methods to verify two real-world railway interlocking systems
Counterexample Guided Abstraction Refinement Algorithm for Propositional Circumscription
Circumscription is a representative example of a nonmonotonic reasoning
inference technique. Circumscription has often been studied for first order
theories, but its propositional version has also been the subject of extensive
research, having been shown equivalent to extended closed world assumption
(ECWA). Moreover, entailment in propositional circumscription is a well-known
example of a decision problem in the second level of the polynomial hierarchy.
This paper proposes a new Boolean Satisfiability (SAT)-based algorithm for
entailment in propositional circumscription that explores the relationship of
propositional circumscription to minimal models. The new algorithm is inspired
by ideas commonly used in SAT-based model checking, namely counterexample
guided abstraction refinement. In addition, the new algorithm is refined to
compute the theory closure for generalized close world assumption (GCWA).
Experimental results show that the new algorithm can solve problem instances
that other solutions are unable to solve
Safety Model Checking with Complementary Approximations
Formal verification techniques such as model checking, are becoming popular
in hardware design. SAT-based model checking techniques such as IC3/PDR, have
gained a significant success in hardware industry. In this paper, we present a
new framework for SAT-based safety model checking, named Complementary
Approximate Reachability (CAR). CAR is based on standard reachability analysis,
but instead of maintaining a single sequence of reachable- state sets, CAR
maintains two sequences of over- and under- approximate reachable-state sets,
checking safety and unsafety at the same time. To construct the two sequences,
CAR uses standard Boolean-reasoning algorithms, based on satisfiability
solving, one to find a satisfying cube of a satisfiable Boolean formula, and
one to provide a minimal unsatisfiable core of an unsatisfiable Boolean
formula. We applied CAR to 548 hardware model-checking instances, and compared
its performance with IC3/PDR. Our results show that CAR is able to solve 42
instances that cannot be solved by IC3/PDR. When evaluated against a portfolio
that includes IC3/PDR and other approaches, CAR is able to solve 21 instances
that the other approaches cannot solve. We conclude that CAR should be
considered as a valuable member of any algorithmic portfolio for safety model
checking
SimpleCAR: An Efficient Bug-Finding Tool Based on Approximate Reachability
We present a new safety hardware model checker SimpleCAR that serves as a reference implementation for evaluating Complementary Approximate Reachability (CAR), a new SAT-based model checking framework inspired by classical reachability analysis. The tool gives a ābottom-lineā performance measure for comparing future extensions to the framework. We demonstrate the performance of SimpleCAR on challenging benchmarks from the Hardware Model Checking Competition. Our experiments indicate that SimpleCAR is particularly suited for unsafety checking, or bug-finding; it is able to solve 7 unsafe instances within 1 h that are not solvable by any other state-of-the-art techniques, including BMC and IC3/PDR, within 8 h. We also identify a bug (reports safe instead of unsafe) and 48 counterexample generation errors in the tools compared in our analysis
Fast LTL Satisfiability Checking by SAT Solvers
Satisfiability checking for Linear Temporal Logic (LTL) is a fundamental step
in checking for possible errors in LTL assertions. Extant LTL satisfiability
checkers use a variety of different search procedures. With the sole exception
of LTL satisfiability checking based on bounded model checking, which does not
provide a complete decision procedure, LTL satisfiability checkers have not
taken advantage of the remarkable progress over the past 20 years in Boolean
satisfiability solving. In this paper, we propose a new LTL
satisfiability-checking framework that is accelerated using a Boolean SAT
solver. Our approach is based on the variant of the \emph{obligation-set
method}, which we proposed in earlier work. We describe here heuristics that
allow the use of a Boolean SAT solver to analyze the obligations for a given
LTL formula. The experimental evaluation indicates that the new approach
provides a a significant performance advantage
SAT-based Explicit LTL Reasoning
We present here a new explicit reasoning framework for linear temporal logic
(LTL), which is built on top of propositional satisfiability (SAT) solving. As
a proof-of-concept of this framework, we describe a new LTL satisfiability
tool, Aalta\_v2.0, which is built on top of the MiniSAT SAT solver. We test the
effectiveness of this approach by demonnstrating that Aalta\_v2.0 significantly
outperforms all existing LTL satisfiability solvers. Furthermore, we show that
the framework can be extended from propositional LTL to assertional LTL (where
we allow theory atoms), by replacing MiniSAT with the Z3 SMT solver, and
demonstrating that this can yield an exponential improvement in performance
A Faithful Semantics for Generalised Symbolic Trajectory Evaluation
Generalised Symbolic Trajectory Evaluation (GSTE) is a high-capacity formal
verification technique for hardware. GSTE uses abstraction, meaning that
details of the circuit behaviour are removed from the circuit model. A
semantics for GSTE can be used to predict and understand why certain circuit
properties can or cannot be proven by GSTE. Several semantics have been
described for GSTE. These semantics, however, are not faithful to the proving
power of GSTE-algorithms, that is, the GSTE-algorithms are incomplete with
respect to the semantics.
The abstraction used in GSTE makes it hard to understand why a specific
property can, or cannot, be proven by GSTE. The semantics mentioned above
cannot help the user in doing so. The contribution of this paper is a faithful
semantics for GSTE. That is, we give a simple formal theory that deems a
property to be true if-and-only-if the property can be proven by a GSTE-model
checker. We prove that the GSTE algorithm is sound and complete with respect to
this semantics
- ā¦