SAT-Based Synthesis Methods for Safety Specs

Automatic synthesis of hardware components from declarative specifications is an ambitious endeavor in computer aided design. Existing synthesis algorithms are often implemented with Binary Decision Diagrams (BDDs), inheriting their scalability limitations. Instead of BDDs, we propose several new methods to synthesize finite-state systems from safety specifications using decision procedures for the satisfiability of quantified and unquantified Boolean formulas (SAT-, QBF- and EPR-solvers). The presented approaches are based on computational learning, templates, or reduction to first-order logic. We also present an efficient parallelization, and optimizations to utilize reachability information and incremental solving. Finally, we compare all methods in an extensive case study. Our new methods outperform BDDs and other existing work on some classes of benchmarks, and our parallelization achieves a super-linear speedup. This is an extended version of [5], featuring an additional appendix.Comment: Extended version of a paper at VMCAI'1

Incremental QBF Solving

We consider the problem of incrementally solving a sequence of quantified Boolean formulae (QBF). Incremental solving aims at using information learned from one formula in the process of solving the next formulae in the sequence. Based on a general overview of the problem and related challenges, we present an approach to incremental QBF solving which is application-independent and hence applicable to QBF encodings of arbitrary problems. We implemented this approach in our incremental search-based QBF solver DepQBF and report on implementation details. Experimental results illustrate the potential benefits of incremental solving in QBF-based workflows.Comment: revision (camera-ready, to appear in the proceedings of CP 2014, LNCS, Springer

On QBF Proofs and Preprocessing

QBFs (quantified boolean formulas), which are a superset of propositional formulas, provide a canonical representation for PSPACE problems. To overcome the inherent complexity of QBF, significant effort has been invested in developing QBF solvers as well as the underlying proof systems. At the same time, formula preprocessing is crucial for the application of QBF solvers. This paper focuses on a missing link in currently-available technology: How to obtain a certificate (e.g. proof) for a formula that had been preprocessed before it was given to a solver? The paper targets a suite of commonly-used preprocessing techniques and shows how to reconstruct certificates for them. On the negative side, the paper discusses certain limitations of the currently-used proof systems in the light of preprocessing. The presented techniques were implemented and evaluated in the state-of-the-art QBF preprocessor bloqqer.Comment: LPAR 201

The purpose of United Nations Security Council practice: Contesting competence claims in the normative context created by the Responsibility to Protect.

Practice theory provides important insight into the workings of the Security Council. The contribution is currently limited however by the conjecture that practice theory operates on ‘a different analytical plane’ to norm / normative theory (Adler-Nissen and Pouliot 2014). Building on existing critiques (Duval and Chowdhury 2011; Schindler and Wille 2015) we argue that analyzing practices separately from normative positions risks misappropriating competence and reifying practice that is not fit for purpose. This risk is realized in Adler-Nissen and Pouliot’s (2014) practice based account Libya crisis. By returning the normative context created by the Responsibility to Protect (R2P) to the analytical foreground, and by drawing on a pragmatic conception of 'ethical competence' (Frost 2009), we find that pre-reflexive practices uncritically accepted as markers of competence – e.g. ‘penholding’ – can contribute to the Council’s failure to act collectively in the face of mass atrocity. Drawing on extensive interview material we offer an alternative account of the Libya intervention, finding that the practices of the permanent three (France, UK and US) did not cultivate the kind of collective consciousness that is required to implement R2P. This is further illustrated by an account of the Security Council’s failure in Syria, where the P3’s insistence on regime change instrumentalized the Council at the expense of R2P-appropriate practice. This changed when elected members became ‘penholders’. Practice theory can facilitate learning processes that help the Council meet its responsibilities, but only through an approach that combines its insights with those of norm / normative theory

DepQBF 6.0: A Search-Based QBF Solver Beyond Traditional QCDCL

We present the latest major release version 6.0 of the quantified Boolean formula (QBF) solver DepQBF, which is based on QCDCL. QCDCL is an extension of the conflict-driven clause learning (CDCL) paradigm implemented in state of the art propositional satisfiability (SAT) solvers. The Q-resolution calculus (QRES) is a QBF proof system which underlies QCDCL. QCDCL solvers can produce QRES proofs of QBFs in prenex conjunctive normal form (PCNF) as a byproduct of the solving process. In contrast to traditional QCDCL based on QRES, DepQBF 6.0 implements a variant of QCDCL which is based on a generalization of QRES. This generalization is due to a set of additional axioms and leaves the original Q-resolution rules unchanged. The generalization of QRES enables QCDCL to potentially produce exponentially shorter proofs than the traditional variant. We present an overview of the features implemented in DepQBF and report on experimental results which demonstrate the effectiveness of generalized QRES in QCDCL.Comment: 12 pages + appendix; to appear in the proceedings of CADE-26, LNCS, Springer, 201

Mind the Gap - A Closer Look at the Security of Block Ciphers against Differential Cryptanalysis

Resistance against differential cryptanalysis is an important design criteria for any modern block cipher and most designs rely on finding some upper bound on probability of single differential characteristics. However, already at EUROCRYPT'91, Lai et al. comprehended that differential cryptanalysis rather uses differentials instead of single characteristics. In this paper, we consider exactly the gap between these two approaches and investigate this gap in the context of recent lightweight cryptographic primitives. This shows that for many recent designs like Midori, Skinny or Sparx one has to be careful as bounds from counting the number of active S-boxes only give an inaccurate evaluation of the best differential distinguishers. For several designs we found new differential distinguishers and show how this gap evolves. We found an 8-round differential distinguisher for Skinny-64 with a probability of 2−56.932−56.93, while the best single characteristic only suggests a probability of 2−722−72. Our approach is integrated into publicly available tools and can easily be used when developing new cryptographic primitives. Moreover, as differential cryptanalysis is critically dependent on the distribution over the keys for the probability of differentials, we provide experiments for some of these new differentials found, in order to confirm that our estimates for the probability are correct. While for Skinny-64 the distribution over the keys follows a Poisson distribution, as one would expect, we noticed that Speck-64 follows a bimodal distribution, and the distribution of Midori-64 suggests a large class of weak keys

Hysteresis, switching and anomalous behaviour of a quartz tuning fork in superfluid 4He

We have been studying the behaviour of commercial quartz tuning forks immersed in superfluid 4He and driven at resonance. For one of the forks we have observed hysteresis and switching between linear and non-linear damping regimes at temperatures below 10 mK. We associate linear damping with pure potential flow around the prongs of the fork, and non-linear damping with the production of vortex lines in a turbulent regime. At appropriate prong velocities, we have observed metastability of both the linear and the turbulent flow states, and a region of intermittency where the flow switched back and forth between each state. For the same fork, we have also observed anomalous behaviour in the linear regime, with large excursions in both damping, resonant frequency, and the tip velocity as a function of driving force

Breakdown of Potential Flow to Turbulence Around a Sphere Oscillating in Superfluid He-4 Above the Critical Velocity

The onset of turbulent flow around an oscillating sphere in superfluid $^4$He is known to occur at a critical velocity $v_c \sim \sqrt{\kappa\omega}$ where $\kappa$ is the circulation quantum and $\omega$ is the oscillation frequency. But it is also well known that initially in a first up-sweep of the oscillation amplitude, $v_c$ can be considerably exceeded before the transition occurs, thus leading to a strong hysteresis in the velocity sweeps. The velocity amplitude $v_c^* > v_c$ where the transition finally occurs is related to the density $L_0$ of the remanent vortices in the superfluid. Moreover, at temperatures below ca. 0.5 K and in a small interval of velocity amplitudes between $v_c$ and a velocity that is about 2% larger, the flow pattern is found to be unstable, switching intermittently between potential flow and turbulence. From time series recorded at constant temperature and driving force the distribution of the excess velocities $\Delta v = v_c^* - v_c$ is obtained and from that the failure rate. Below 0.1 K we also can determine the distribution of the lifetimes of the phases of potential flow. Finally, the frequency dependence of these results is discussed.Comment: 8 pages,6 figure