17,178 research outputs found
QRAT+: Generalizing QRAT by a More Powerful QBF Redundancy Property
The QRAT (quantified resolution asymmetric tautology) proof system simulates
virtually all inference rules applied in state of the art quantified Boolean
formula (QBF) reasoning tools. It consists of rules to rewrite a QBF by adding
and deleting clauses and universal literals that have a certain redundancy
property. To check for this redundancy property in QRAT, propositional unit
propagation (UP) is applied to the quantifier free, i.e., propositional part of
the QBF. We generalize the redundancy property in the QRAT system by QBF
specific UP (QUP). QUP extends UP by the universal reduction operation to
eliminate universal literals from clauses. We apply QUP to an abstraction of
the QBF where certain universal quantifiers are converted into existential
ones. This way, we obtain a generalization of QRAT we call QRAT+. The
redundancy property in QRAT+ based on QUP is more powerful than the one in QRAT
based on UP. We report on proof theoretical improvements and experimental
results to illustrate the benefits of QRAT+ for QBF preprocessing.Comment: preprint of a paper to be published at IJCAR 2018, LNCS, Springer,
including appendi
Strengthening Model Checking Techniques with Inductive Invariants
This paper describes optimized techniques to efficiently compute and reap benefits from inductive invariants within SAT-based model checking. We address sequential circuit verification, and we consider both equivalences and implications between pairs of nodes in the logic networks. First, we present a very efficient dynamic procedure, based on equivalence classes and incremental SAT, specifically oriented to reduce the set of checked invariants. Then, we show how to effectively integrate the computation of inductive invariants within state-of-the-art SAT-based model checking procedures. Experiments (on more than 600 designs) show the robustness of our approach on verification instances on which stand-alone techniques fai
Circuit Based Quantification: Back to State Set Manipulation within Unbounded Model Checking
In this paper a non-canonical circuit-based state set representation is used to efficiently perform quantifier elimination. The novelty of this approach lies in adapting equivalence checking and logic synthesis techniques, to the goal of compacting circuit based state set representations resulting from existential quantification. The method can be efficiently combined with other verification approaches such as inductive and SAT-based pre-image verifications
Identifying Security-Critical Cyber-Physical Components in Industrial Control Systems
In recent years, Industrial Control Systems (ICS) have become an appealing
target for cyber attacks, having massive destructive consequences. Security
metrics are therefore essential to assess their security posture. In this
paper, we present a novel ICS security metric based on AND/OR graphs that
represent cyber-physical dependencies among network components. Our metric is
able to efficiently identify sets of critical cyber-physical components, with
minimal cost for an attacker, such that if compromised, the system would enter
into a non-operational state. We address this problem by efficiently
transforming the input AND/OR graph-based model into a weighted logical formula
that is then used to build and solve a Weighted Partial MAX-SAT problem. Our
tool, META4ICS, leverages state-of-the-art techniques from the field of logical
satisfiability optimisation in order to achieve efficient computation times.
Our experimental results indicate that the proposed security metric can
efficiently scale to networks with thousands of nodes and be computed in
seconds. In addition, we present a case study where we have used our system to
analyse the security posture of a realistic water transport network. We discuss
our findings on the plant as well as further security applications of our
metric.Comment: Keywords: Security metrics, industrial control systems,
cyber-physical systems, AND-OR graphs, MAX-SAT resolutio
Partial Quantifier Elimination
We consider the problem of Partial Quantifier Elimination (PQE). Given
formula exists(X)[F(X,Y) & G(X,Y)], where F, G are in conjunctive normal form,
the PQE problem is to find a formula F*(Y) such that F* & exists(X)[G] is
logically equivalent to exists(X)[F & G]. We solve the PQE problem by
generating and adding to F clauses over the free variables that make the
clauses of F with quantified variables redundant. The traditional Quantifier
Elimination problem (QE) is a special case of PQE where G is empty so all
clauses of the input formula with quantified variables need to be made
redundant. The importance of PQE is twofold. First, many problems are more
naturally formulated in terms of PQE rather than QE. Second, in many cases PQE
can be solved more efficiently than QE. We describe a PQE algorithm based on
the machinery of dependency sequents and give experimental results showing the
promise of PQE
Boolean Satisfiability in Electronic Design Automation
Boolean Satisfiability (SAT) is often used as the underlying model for a significant and increasing number of applications in Electronic Design Automation (EDA) as well as in many other fields of Computer Science and Engineering. In recent years, new and efficient algorithms for SAT have been developed, allowing much larger problem instances to be solved. SAT “packages” are currently expected to have an impact on EDA applications similar to that of BDD packages since their introduction more than a decade ago. This tutorial paper is aimed at introducing the EDA professional to the Boolean satisfiability problem. Specifically, we highlight the use of SAT models to formulate a number of EDA problems in such diverse areas as test pattern generation, circuit delay computation, logic optimization, combinational equivalence checking, bounded model checking and functional test vector generation, among others. In addition, we provide an overview of the algorithmic techniques commonly used for solving SAT, including those that have seen widespread use in specific EDA applications. We categorize these algorithmic techniques, indicating which have been shown to be best suited for which tasks
Partial Quantifier Elimination By Certificate Clauses
We study partial quantifier elimination (PQE) for propositional CNF formulas.
In contrast to full quantifier elimination, in PQE, one can limit the set of
clauses taken out of the scope of quantifiers to a small subset of target
clauses. The appeal of PQE is twofold. First, PQE can be dramatically simpler
than full quantifier elimination. Second, it provides a language for performing
incremental computations. Many verification problems (e.g. equivalence checking
and model checking) are inherently incremental and so can be solved in terms of
PQE. Our approach is based on deriving clauses depending only on unquantified
variables that make the target clauses . Proving redundancy
of a target clause is done by construction of a ``certificate'' clause implying
the former. We describe a PQE algorithm called that employs
the approach above. We apply to generating properties of a
design implementation that are not implied by specification. The existence of
an property means that this implementation is buggy. Our
experiments with HWMCC-13 benchmarks suggest that can be used
for generating properties of real-life designs
- …