82 research outputs found
Triggered Clause Pushing for IC3
We propose an improvement of the famous IC3 algorithm for model checking
safety properties of finite state systems. We collect models computed by the
SAT-solver during the clause propagation phase of the algorithm and use them as
witnesses for why the respective clauses could not be pushed forward. It only
makes sense to recheck a particular clause for pushing when its witnessing
model falsifies a newly added clause. Since this trigger test is both
computationally cheap and sufficiently precise, we can afford to keep clauses
pushed as far as possible at all times. Experiments indicate that this strategy
considerably improves IC3's performance.Comment: 4 page
Resolution-based methods for linear temporal reasoning
The aim of this thesis is to explore the potential of resolution-based methods for linear temporal reasoning. On the abstract level, this means to develop new algorithms for automated reasoning about properties of systems which evolve in time. More concretely, we will: 1) show how to adapt the superposition framework to proving theorems in propositional Linear Temporal Logic (LTL), 2) use a connection between superposition and the CDCL calculus of modern SAT solvers to come up with an efficient LTL prover, 3) specialize the previous to reachability properties and discover a close connection to Property Directed Reachability (PDR), an algorithm recently developed for model checking of hardware circuits, 4) further improve PDR by providing a new technique for enhancing clause propagation phase of the algorithm, and 5) adapt PDR to automated planning by replacing the SAT solver inside with a planning-specific procedure. We implemented the proposed ideas and provide experimental results which demonstrate their practical potential on representative benchmark sets. Our system LS4 is shown to be the strongest LTL prover currently publicly available. The mentioned enhancement of PDR substantially improves the performance of our implementation of the algorithm for hardware model checking in the multi-property setting. It is expected that other implementations would benefit from it in an analogous way. Finally, our planner PDRplan has been compared with the state-of-the-art planners on the benchmarks from the International Planning Competition with very promising results.Das Ziel dieser Doktorarbeit ist es, das Potential resolutionsbasierter Methoden zur linearer, temporaler Beweisführung zu untersuchen. Von einem abstrakten Gesichtspunkt aus gesehen bedeutet dies, neue Algorithmen über die Eigenschaften von sich zeitlich entwicklenden Systemen im Bereich des automatischen Theorembeweisens zu entwickeln. Konkreter gesagt werden wir 1) aufzeigen, wie sich das Rahmenprogramm der Superposition so anpassen lässt, damit es Theoreme in propositionaler Linear Temporal Logic (LTL) beweist, 2) eine Verbindung zwischen der Superposition und dem CDCL-Kalkül moderner SAT-Solver nutzen, um mit einem effizienten LTL-Prover aufzuwarten, 3) das Vorangegangene auf Erreichbarkeitseigenschaften spezialisieren, und eine starke Verbindung zu der Property Directed Reachability (PDR), einem jüngst eintwickeltem Model-Checking-Algorithmus für Hardware-Schaltkreise, aufzudecken, 4) PDR durch die Einführung neuer Technik verbessern, die die Clause-Propagation-Phase des Algorithmus beschleunigt, und 5) PDR für das automatisierte Planen anpassen, indem wir den inneren SAT-Solver durch eine planungsspezifische Prozedur ersetzen. Wir haben die vorgeschlagenen Ideen implementiert, und es werden experimentelle Ergebnisse angegeben, die das praktische Potential dieser Ideen auf repräsentativen Benchmarks aufzeigt. Es hat sich herausgestellt, dass unser System LS4 der staerkste öffentlich zugängliche LTL-Prover ist. Die erwähnte Erweiterung von PDR verbessern die Leistungsfähigkeit unserer Implementierung des Hardware-Model-Checking-Algorithmus substantiell im Bereich der Multi-Property-Einstellungen. Wir erwarten, dass andere Implementierungen in ähnlicher Weise profitieren würden. Schließlich haben wir viel versprechende Ergebnisse durch den Vergleich unser Planer PDRplan mit anderen state-of-the-art Planer auf den Benchmarks der International Planning Competition erzielt
Leviathan: A New LTL Satisfiability Checking Tool Based on a One-Pass Tree-Shaped Tableau
The paper presents Leviathan, an LTL satisfiability checking tool based on a novel one-pass, tree-like tableau system, which is way simpler than existing solutions. Despite the simplicity of the algorithm, the tool has performance comparable in speed and memory consumption with other tools on a number of standard benchmark sets, and, in various cases, it outperforms the other tableau-based tools
Proceedings of the 21st Conference on Formal Methods in Computer-Aided Design – FMCAD 2021
The Conference on Formal Methods in Computer-Aided Design (FMCAD) is an annual conference on the theory and applications of formal methods in hardware and system verification. FMCAD provides a leading forum to researchers in academia and industry for presenting and discussing groundbreaking methods, technologies, theoretical results, and tools for reasoning formally about computing systems. FMCAD covers formal aspects of computer-aided system design including verification, specification, synthesis, and testing
Tools and Algorithms for the Construction and Analysis of Systems
This open access book constitutes the proceedings of the 28th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, TACAS 2022, which was held during April 2-7, 2022, in Munich, Germany, as part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2022. The 46 full papers and 4 short papers presented in this volume were carefully reviewed and selected from 159 submissions. The proceedings also contain 16 tool papers of the affiliated competition SV-Comp and 1 paper consisting of the competition report. TACAS is a forum for researchers, developers, and users interested in rigorously based tools and algorithms for the construction and analysis of systems. The conference aims to bridge the gaps between different communities with this common interest and to support them in their quest to improve the utility, reliability, exibility, and efficiency of tools and algorithms for building computer-controlled systems
Formal Specification and Verification for Automated Production Systems
Complex industrial control software often drives safety- and mission-critical
systems, like automated production plants or control units embedded into devices in automotive systems. Such controllers have in common that they are reactive systems, i.e., that they periodically read sensor stimuli and cyclically execute the same program to produce actuator signals.
The correctness of software for automated production is rarely verified using
formal techniques. Although, due to the Industrial Revolution 4.0 (IR4.0), the
impact and importance of software have become an important role in industrial automation.
What is used instead in industrial practice today is testing and simulation,
where individual test cases are used to validate an automated production system.
Three reasons why formal methods are not popular are: (a) It is difficult to
adequately formulate the desired temporal properties. (b) There is a lack of
specification languages for reactive systems that are both sufficiently
expressive and comprehensible for practitioners. (c) Due to the lack of an
environment model the obtained results are imprecise. Nonetheless, formal
methods for automated production systems are well studied academically---mainly on the verification of safety properties via model checking.
In this doctoral thesis we present the concept of (1) generalized test tables
(GTTs), a new specification language for functional properties, and their
extension (2) relational test tables (RTTs) for relational properties. The
concept includes the syntactical notion, designed for the intuition of
engineers, and the semantics, which are based on game theory. We use RTTs for a novel confidential property on reactive systems, the provably forgetting of information. Moreover, for regression verification, an important relational
property, we are able to achieve performance improvements by (3) creating
a decomposing rule which splits large proofs into small sub-task. We implemented the verification procedures and evaluated them against realistic case studies, e.g., the Pick-and-Place-Unit from the Technical University of Munich.
The presented contribution follows the idea of lowering the obstacle of
verifying the dependability of reactive systems in general, and automated
production systems in particular for the engineer either by introducing a new
specification language (GTTs), by exploiting existing programs for the
specification (RTTs, regression verification), or by improving the verification
performance
Tools and Algorithms for the Construction and Analysis of Systems
This open access book constitutes the proceedings of the 28th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, TACAS 2022, which was held during April 2-7, 2022, in Munich, Germany, as part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2022. The 46 full papers and 4 short papers presented in this volume were carefully reviewed and selected from 159 submissions. The proceedings also contain 16 tool papers of the affiliated competition SV-Comp and 1 paper consisting of the competition report. TACAS is a forum for researchers, developers, and users interested in rigorously based tools and algorithms for the construction and analysis of systems. The conference aims to bridge the gaps between different communities with this common interest and to support them in their quest to improve the utility, reliability, exibility, and efficiency of tools and algorithms for building computer-controlled systems
Software Model Checking with Uninterpreted Functions
Software model checkers attempt to algorithmically synthesize an inductive
proof that a piece of software is safe.
Such proofs are composed of complex logical assertions about program variables
and control structures, and are computationally expensive to produce.
Our unifying motivation is to increase the efficiency of verifying software
control behavior despite its dependency on data.
Control properties include important topics such as mutual exclusion, safe
privilege elevation, and proper usage of networking and other APIs.
These concerns motivate our techniques and evaluations.
Our approach integrates an efficient abstraction procedure based on the logic
of equality with uninterpreted functions (EUF) into the core of a modern model
checker.
Our checker, called euforia, targets control properties by treating a
program's data operations and relations as uninterpreted functions and
predicates, respectively.
This reduces the cost of building inductive proofs, especially for verifying
control relationships in the presence of complex but irrelevant data
processing.
We show that our method is sound and terminates.
We provide a ground-up implementation and
evaluate the abstraction on a variety of software verification benchmarks.
We show how to extend this abstraction to memory-manipulating programs.
By judicious abstraction of array operations to EUF, we show that we can
directly reason about array reads and adaptively learn lemmas
about array writes leading to significant performance improvements over
existing approaches.
We show that our abstraction of array operations completely eliminates much of
the array theory reasoning otherwise required.
We report on experiments with and without abstraction and compare our checker
to the state of the art.
Programs with procedures pose unique difficulties and opportunities.
We show how to retrofit a model checker not supporting procedures so that it
supports modular analysis of programs with non-recursive procedures.
This technique applies to euforia as well as other logic-based algorithms.
We show that this technique enables logical assertions about procedure bodies
to be reused at different call sites.
We report on experiments on software benchmarks compared to the alternative of
inlining all procedures.PHDComputer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/168092/1/dlbueno_1.pd
- …