1,384 research outputs found
Sciduction: Combining Induction, Deduction, and Structure for Verification and Synthesis
Even with impressive advances in automated formal methods, certain problems
in system verification and synthesis remain challenging. Examples include the
verification of quantitative properties of software involving constraints on
timing and energy consumption, and the automatic synthesis of systems from
specifications. The major challenges include environment modeling,
incompleteness in specifications, and the complexity of underlying decision
problems.
This position paper proposes sciduction, an approach to tackle these
challenges by integrating inductive inference, deductive reasoning, and
structure hypotheses. Deductive reasoning, which leads from general rules or
concepts to conclusions about specific problem instances, includes techniques
such as logical inference and constraint solving. Inductive inference, which
generalizes from specific instances to yield a concept, includes algorithmic
learning from examples. Structure hypotheses are used to define the class of
artifacts, such as invariants or program fragments, generated during
verification or synthesis. Sciduction constrains inductive and deductive
reasoning using structure hypotheses, and actively combines inductive and
deductive reasoning: for instance, deductive techniques generate examples for
learning, and inductive reasoning is used to guide the deductive engines.
We illustrate this approach with three applications: (i) timing analysis of
software; (ii) synthesis of loop-free programs, and (iii) controller synthesis
for hybrid systems. Some future applications are also discussed
On Deciding Local Theory Extensions via E-matching
Satisfiability Modulo Theories (SMT) solvers incorporate decision procedures
for theories of data types that commonly occur in software. This makes them
important tools for automating verification problems. A limitation frequently
encountered is that verification problems are often not fully expressible in
the theories supported natively by the solvers. Many solvers allow the
specification of application-specific theories as quantified axioms, but their
handling is incomplete outside of narrow special cases.
In this work, we show how SMT solvers can be used to obtain complete decision
procedures for local theory extensions, an important class of theories that are
decidable using finite instantiation of axioms. We present an algorithm that
uses E-matching to generate instances incrementally during the search,
significantly reducing the number of generated instances compared to eager
instantiation strategies. We have used two SMT solvers to implement this
algorithm and conducted an extensive experimental evaluation on benchmarks
derived from verification conditions for heap-manipulating programs. We believe
that our results are of interest to both the users of SMT solvers as well as
their developers
Applying Formal Methods to Networking: Theory, Techniques and Applications
Despite its great importance, modern network infrastructure is remarkable for
the lack of rigor in its engineering. The Internet which began as a research
experiment was never designed to handle the users and applications it hosts
today. The lack of formalization of the Internet architecture meant limited
abstractions and modularity, especially for the control and management planes,
thus requiring for every new need a new protocol built from scratch. This led
to an unwieldy ossified Internet architecture resistant to any attempts at
formal verification, and an Internet culture where expediency and pragmatism
are favored over formal correctness. Fortunately, recent work in the space of
clean slate Internet design---especially, the software defined networking (SDN)
paradigm---offers the Internet community another chance to develop the right
kind of architecture and abstractions. This has also led to a great resurgence
in interest of applying formal methods to specification, verification, and
synthesis of networking protocols and applications. In this paper, we present a
self-contained tutorial of the formidable amount of work that has been done in
formal methods, and present a survey of its applications to networking.Comment: 30 pages, submitted to IEEE Communications Surveys and Tutorial
Satisfiability Modulo Transcendental Functions via Incremental Linearization
In this paper we present an abstraction-refinement approach to Satisfiability
Modulo the theory of transcendental functions, such as exponentiation and
trigonometric functions. The transcendental functions are represented as
uninterpreted in the abstract space, which is described in terms of the
combined theory of linear arithmetic on the rationals with uninterpreted
functions, and are incrementally axiomatized by means of upper- and
lower-bounding piecewise-linear functions. Suitable numerical techniques are
used to ensure that the abstractions of the transcendental functions are sound
even in presence of irrationals. Our experimental evaluation on benchmarks from
verification and mathematics demonstrates the potential of our approach,
showing that it compares favorably with delta-satisfiability /interval
propagation and methods based on theorem proving
On relating CTL to Datalog
CTL is the dominant temporal specification language in practice mainly due to
the fact that it admits model checking in linear time. Logic programming and
the database query language Datalog are often used as an implementation
platform for logic languages. In this paper we present the exact relation
between CTL and Datalog and moreover we build on this relation and known
efficient algorithms for CTL to obtain efficient algorithms for fragments of
stratified Datalog. The contributions of this paper are: a) We embed CTL into
STD which is a proper fragment of stratified Datalog. Moreover we show that STD
expresses exactly CTL -- we prove that by embedding STD into CTL. Both
embeddings are linear. b) CTL can also be embedded to fragments of Datalog
without negation. We define a fragment of Datalog with the successor build-in
predicate that we call TDS and we embed CTL into TDS in linear time. We build
on the above relations to answer open problems of stratified Datalog. We prove
that query evaluation is linear and that containment and satisfiability
problems are both decidable. The results presented in this paper are the first
for fragments of stratified Datalog that are more general than those containing
only unary EDBs.Comment: 34 pages, 1 figure (file .eps
- …