193 research outputs found
On the Expressivity and Applicability of Model Representation Formalisms
A number of first-order calculi employ an explicit model representation
formalism for automated reasoning and for detecting satisfiability. Many of
these formalisms can represent infinite Herbrand models. The first-order
fragment of monadic, shallow, linear, Horn (MSLH) clauses, is such a formalism
used in the approximation refinement calculus. Our first result is a finite
model property for MSLH clause sets. Therefore, MSLH clause sets cannot
represent models of clause sets with inherently infinite models. Through a
translation to tree automata, we further show that this limitation also applies
to the linear fragments of implicit generalizations, which is the formalism
used in the model-evolution calculus, to atoms with disequality constraints,
the formalisms used in the non-redundant clause learning calculus (NRCL), and
to atoms with membership constraints, a formalism used for example in decision
procedures for algebraic data types. Although these formalisms cannot represent
models of clause sets with inherently infinite models, through an additional
approximation step they can. This is our second main result. For clause sets
including the definition of an equivalence relation with the help of an
additional, novel approximation, called reflexive relation splitting, the
approximation refinement calculus can automatically show satisfiability through
the MSLH clause set formalism.Comment: 15 page
Automating Security Analysis: Symbolic Equivalence of Constraint Systems
We consider security properties of cryptographic protocols, that are either trace properties (such as confidentiality or authenticity) or equivalence properties (such as anonymity or strong secrecy). Infinite sets of possible traces are symbolically represented using deducibility constraints. We give a new algorithm that decides the trace equivalence for the traces that are represented using such constraints, in the case of signatures, symmetric and asymmetric encryptions. Our algorithm is implemented and performs well on typical benchmarks. This is the first implemented algorithm, deciding symbolic trace equivalence
First-Order Logic Theorem Proving and Model Building via Approximation and Instantiation
In this paper we consider first-order logic theorem proving and model
building via approximation and instantiation. Given a clause set we propose its
approximation into a simplified clause set where satisfiability is decidable.
The approximation extends the signature and preserves unsatisfiability: if the
simplified clause set is satisfiable in some model, so is the original clause
set in the same model interpreted in the original signature. A refutation
generated by a decision procedure on the simplified clause set can then either
be lifted to a refutation in the original clause set, or it guides a refinement
excluding the previously found unliftable refutation. This way the approach is
refutationally complete. We do not step-wise lift refutations but conflicting
cores, finite unsatisfiable clause sets representing at least one refutation.
The approach is dual to many existing approaches in the literature because our
approximation preserves unsatisfiability
A Datalog Hammer for Supervisor Verification Conditions Modulo Simple Linear Arithmetic
The Bernays-Sch\"onfinkel first-order logic fragment over simple linear real arithmetic constraints BS(SLR) is known to be decidable. We prove that BS(SLR) clause sets with both universally and existentially quantified verification conditions (conjectures) can be translated into BS(SLR) clause sets over a finite set of first-order constants. For the Horn case, we provide a Datalog hammer preserving validity and satisfiability. A toolchain from the BS(LRA) prover SPASS-SPL to the Datalog reasoner VLog establishes an effective way of deciding verification conditions in the Horn fragment. This is exemplified by the verification of supervisor code for a lane change assistant in a car and of an electronic control unit for a supercharged combustion engine
Deduction with XOR Constraints in Security API Modelling
We introduce XOR constraints, and show how they enable a theorem prover to reason effectively about security critical subsystems which employ bitwise XOR. Our primary case study is the API of the IBM 4758 hardware security module. We also show how our technique can be applied to standard security protocols
Satisfiability Modulo Transcendental Functions via Incremental Linearization
In this paper we present an abstraction-refinement approach to Satisfiability
Modulo the theory of transcendental functions, such as exponentiation and
trigonometric functions. The transcendental functions are represented as
uninterpreted in the abstract space, which is described in terms of the
combined theory of linear arithmetic on the rationals with uninterpreted
functions, and are incrementally axiomatized by means of upper- and
lower-bounding piecewise-linear functions. Suitable numerical techniques are
used to ensure that the abstractions of the transcendental functions are sound
even in presence of irrationals. Our experimental evaluation on benchmarks from
verification and mathematics demonstrates the potential of our approach,
showing that it compares favorably with delta-satisfiability /interval
propagation and methods based on theorem proving
A Sorted Datalog Hammer for Supervisor Verification Conditions Modulo Simple Linear Arithmetic
International audienceAbstract In a previous paper, we have shown that clause sets belonging to the Horn Bernays-Schönfinkel fragment over simple linear real arithmetic (HBS(SLR)) can be translated into HBS clause sets over a finite set of first-order constants. The translation preserves validity and satisfiability and it is still applicable if we extend our input with positive universally or existentially quantified verification conditions (conjectures). We call this translation a Datalog hammer. The combination of its implementation in SPASS-SPL with the Datalog reasoner VLog establishes an effective way of deciding verification conditions in the Horn fragment. We verify supervisor code for two examples: a lane change assistant in a car and an electronic control unit of a supercharged combustion engine. In this paper, we improve our Datalog hammer in several ways: we generalize it to mixed real-integer arithmetic and finite first-order sorts; we extend the class of acceptable inequalities beyond variable bounds and positively grounded inequalities; and we significantly reduce the size of the hammer output by a soft typing discipline. We call the result the sorted Datalog hammer. It not only allows us to handle more complex supervisor code and to model already considered supervisor code more concisely, but it also improves our performance on real world benchmark examples. Finally, we replace the before file-based interface between SPASS-SPL and VLog by a close coupling resulting in a single executable binary
Abstract Canonical Inference
An abstract framework of canonical inference is used to explore how different
proof orderings induce different variants of saturation and completeness.
Notions like completion, paramodulation, saturation, redundancy elimination,
and rewrite-system reduction are connected to proof orderings. Fairness of
deductive mechanisms is defined in terms of proof orderings, distinguishing
between (ordinary) "fairness," which yields completeness, and "uniform
fairness," which yields saturation.Comment: 28 pages, no figures, to appear in ACM Trans. on Computational Logi
A Sorted Datalog Hammer for Supervisor Verification Conditions Modulo Simple Linear Arithmetic
In a previous paper, we have shown that clause sets belonging to the HornBernays-Sch\"onfinkel fragment over simple linear real arithmetic (HBS(SLR))can be translated into HBS clause sets over a finite set of first-orderconstants. The translation preserves validity and satisfiability and it isstill applicable if we extend our input with positive universally orexistentially quantified verification conditions (conjectures). We call thistranslation a Datalog hammer. The combination of its implementation inSPASS-SPL with the Datalog reasoner VLog establishes an effective way ofdeciding verification conditions in the Horn fragment. We verify supervisorcode for two examples: a lane change assistant in a car and an electroniccontrol unit of a supercharged combustion engine. In this paper, we improve ourDatalog hammer in several ways: we generalize it to mixed real-integerarithmetic and finite first-order sorts; we extend the class of acceptableinequalities beyond variable bounds and positively grounded inequalities; andwe significantly reduce the size of the hammer output by a soft typingdiscipline. We call the result the sorted Datalog hammer. It not only allows usto handle more complex supervisor code and to model already consideredsupervisor code more concisely, but it also improves our performance on realworld benchmark examples. Finally, we replace the before file-based interfacebetween SPASS-SPL and VLog by a close coupling resulting in a single executablebinary.<br
- …