Results 1  10
of
93
Bounded model checking
, 2009
"... Besides Equivalence Checking [KK97, KPKG02] the most important industrial application of SAT is currently Bounded Model Checking (BMC) [BCCZ99]. Both techniques are used for formal hardware verification in the context of electronic design automation (EDA), but have successfully been applied to many ..."
Abstract

Cited by 165 (3 self)
 Add to MetaCart
Besides Equivalence Checking [KK97, KPKG02] the most important industrial application of SAT is currently Bounded Model Checking (BMC) [BCCZ99]. Both techniques are used for formal hardware verification in the context of electronic design automation (EDA), but have successfully been applied to many other domains as well. In this chapter, we focus on BMC. In practice, BMC is mainly used for falsification resp. testing, which is concerned with violations of temporal properties. However, the original paper on BMC [BCCZ99] already discussed extensions that can prove properties. A considerable part of this chapter discusses these complete extensions, which are often called “unbounded ” model checking techniques, even though they are build upon the same principles as plain BMC. Two further related applications, in which BMC becomes more and more important, are automatic test case generation for closing coverage holes, and disproving redundancy in designs. Most of the techniques discussed in this chapter transfer to this more general setting as well, even though our focus is on property
Lower Bounds for Resolution and Cutting Plane Proofs and Monotone Computations
, 1997
"... We prove an exponential lower bound on the length of cutting plane proofs. The proof uses an extension of a lower bound for monotone circuits to circuits which compute with real numbers and use nondecreasing functions as gates. The latter result is of independent interest, since, in particular, i ..."
Abstract

Cited by 162 (7 self)
 Add to MetaCart
We prove an exponential lower bound on the length of cutting plane proofs. The proof uses an extension of a lower bound for monotone circuits to circuits which compute with real numbers and use nondecreasing functions as gates. The latter result is of independent interest, since, in particular, it implies an exponential lower bound for some arithmetic circuits.
An interpolating theorem prover
 In TACAS
, 2004
"... Abstract. We present a method of deriving Craig interpolants from proofs in the quantifierfree theory of linear inequality and uninterpreted function symbols, and an interpolating theorem prover based on this method. The prover has been used for predicate refinement in the Blast software model chec ..."
Abstract

Cited by 101 (11 self)
 Add to MetaCart
(Show Context)
Abstract. We present a method of deriving Craig interpolants from proofs in the quantifierfree theory of linear inequality and uninterpreted function symbols, and an interpolating theorem prover based on this method. The prover has been used for predicate refinement in the Blast software model checker, and can also be used directly for model checking infinitestate systems, using interpolationbased image approximation. 1
Lower Bounds for Cutting Planes Proofs with Small Coefficients
, 1995
"... We consider smallweight Cutting Planes (CP ) proofs; that is, Cutting Planes (CP ) proofs with coefficients up to P oly(n). We use the well known lower bounds for monotone complexity to prove an exponential lower bound for the length of CP proofs, for a family of tautologies based on the cl ..."
Abstract

Cited by 76 (16 self)
 Add to MetaCart
We consider smallweight Cutting Planes (CP ) proofs; that is, Cutting Planes (CP ) proofs with coefficients up to P oly(n). We use the well known lower bounds for monotone complexity to prove an exponential lower bound for the length of CP proofs, for a family of tautologies based on the clique function. Because Resolution is a special case of smallweight CP , our method also gives a new and simpler exponential lower bound for Resolution. We also prove the following two theorems : (1) Treelike CP proofs cannot polynomially simulate nontreelike CP proofs. (2) Treelike CP proofs and BoundeddepthFrege proofs cannot polynomially simulate each other. Our proofs also work for some generalizations of the CP proof system. In particular, they work for CP with a deduction rule, and also for proof systems that allow any formula with small communication complexity, and any set of sound rules of inference. 1 Introduction One of the most fundamental questions in pro...
PartitionBased Logical Reasoning for FirstOrder and Propositional Theories
 Artificial Intelligence
, 2000
"... In this paper we provide algorithms for reasoning with partitions of related logical axioms in propositional and firstorder logic (FOL). We also provide a greedy algorithm that automatically decomposes a set of logical axioms into partitions. Our motivation is twofold. First, we are concerned with ..."
Abstract

Cited by 62 (9 self)
 Add to MetaCart
(Show Context)
In this paper we provide algorithms for reasoning with partitions of related logical axioms in propositional and firstorder logic (FOL). We also provide a greedy algorithm that automatically decomposes a set of logical axioms into partitions. Our motivation is twofold. First, we are concerned with how to reason e#ectively with multiple knowledge bases that have overlap in content. Second, we are concerned with improving the e#ciency of reasoning over a set of logical axioms by partitioning the set with respect to some detectable structure, and reasoning over individual partitions. Many of the reasoning procedures we present are based on the idea of passing messages between partitions. We present algorithms for reasoning using forward messagepassing and using backward messagepassing with partitions of logical axioms. Associated with each partition is a reasoning procedure. We characterize a class of reasoning procedures that ensures completeness and soundness of our messagepassing ...
Applications of Craig interpolants in model checking
 In Proceedings of TACAS 2005 [TAC05
"... Abstract. A Craig interpolant for a mutually inconsistent pair of formulas (A, B) is a formula that is (1) implied by A, (2) inconsistent with B, and (3) expressed over the common variables of A and B. An interpolant can be efficiently derived from a refutation of A ∧ B, for certain theories and pr ..."
Abstract

Cited by 50 (0 self)
 Add to MetaCart
(Show Context)
Abstract. A Craig interpolant for a mutually inconsistent pair of formulas (A, B) is a formula that is (1) implied by A, (2) inconsistent with B, and (3) expressed over the common variables of A and B. An interpolant can be efficiently derived from a refutation of A ∧ B, for certain theories and proof systems. We will discuss a number of applications of this concept in finiteand infinitestate model checking.
Pseudorandom Generators Hard for kDNF Resolution and Polynomial Calculus. Unpublished
, 2003
"... Abstract A pseudorandom generator Gn : {0, 1} n → {0, 1} m is hard for a propositional proof system P if (roughly speaking) P cannot efficiently prove the statement Gn(x1, . . . , xn) = b for any string b ∈ {0, 1} m . We present a func ) generator which is hard for Res(ε log n); here Res(k) is the ..."
Abstract

Cited by 50 (4 self)
 Add to MetaCart
(Show Context)
Abstract A pseudorandom generator Gn : {0, 1} n → {0, 1} m is hard for a propositional proof system P if (roughly speaking) P cannot efficiently prove the statement Gn(x1, . . . , xn) = b for any string b ∈ {0, 1} m . We present a func ) generator which is hard for Res(ε log n); here Res(k) is the propositional proof system that extends Resolution by allowing kDNFs instead of clauses. As a direct consequence of this result, we show that whenever t ≥ n 2 , every Res(ε log t) proof of the principle ¬Circuitt(fn) (asserting that the circuit size of a Boolean function fn in n variables is greater than t) must have size exp(t Ω(1) ). In particular, Res(log log N ) (N ∼ 2 n is the overall number of propositional variables) does not possess efficient proofs of NP ⊆ P/poly. Similar results hold also for the system PCR (the natural common extension of Polynomial Calculus and Resolution) when the characteristic of the ground field is different from 2. As a byproduct, we also improve on the small restriction switching lemma due to Segerlind, Buss and Impagliazzo by removing a square root from the final bound. This in particular implies that the (moderately) weak pigeonhole principle PHP 2n n is hard for Res(ε log n/ log log n).
On Interpolation and Automatization for Frege Systems
, 2000
"... The interpolation method has been one of the main tools for proving lower bounds for propositional proof systems. Loosely speaking, if one can prove that a particular proof system has the feasible interpolation property, then a generic reduction can (usually) be applied to prove lower bounds for the ..."
Abstract

Cited by 49 (8 self)
 Add to MetaCart
The interpolation method has been one of the main tools for proving lower bounds for propositional proof systems. Loosely speaking, if one can prove that a particular proof system has the feasible interpolation property, then a generic reduction can (usually) be applied to prove lower bounds for the proof system, sometimes assuming a (usually modest) complexitytheoretic assumption. In this paper, we show that this method cannot be used to obtain lower bounds for Frege systems, or even for TC 0 Frege systems. More specifically, we show that unless factoring (of Blum integers) is feasible, neither Frege nor TC 0 Frege has the feasible interpolation property. In order to carry out our argument, we show how to carry out proofs of many elementary axioms/theorems of arithmetic in polynomial size TC 0 Frege. As a corollary, we obtain that TC 0 Frege as well as any proof system that polynomially simulates it, is not automatizable (under the assumption that factoring of Blum integ...
Interpolantbased transition relation approximation
 In CAV 05: ComputerAided Verification, LNCS 3576
, 2005
"... Abstract. In predicate abstraction, exact image computation is problematic, requiring in the worst case an exponential number of calls to a decision procedure. For this reason, software model checkers typically use a weak approximation of the image. This can result in a failure to prove a property, ..."
Abstract

Cited by 47 (4 self)
 Add to MetaCart
(Show Context)
Abstract. In predicate abstraction, exact image computation is problematic, requiring in the worst case an exponential number of calls to a decision procedure. For this reason, software model checkers typically use a weak approximation of the image. This can result in a failure to prove a property, even given an adequate set of predicates. We present an interpolantbased method for strengthening the abstract transition relation in case of such failures. This approach guarantees convergence given an adequate set of predicates, without requiring an exact image computation. We show empirically that the method converges more rapidly than an earlier method based on counterexample analysis. 1
Separation of the Monotone NC Hierarchy
, 1999
"... We prove tight lower bounds, of up to n ffl , for the monotone depth of functions in monotoneP. As a result we achieve the separation of the following classes. 1. monotoneNC 6= monotoneP. 2. For every i 1, monotoneNC i 6= monotoneNC i+1 . 3. More generally: For any integer function D( ..."
Abstract

Cited by 46 (0 self)
 Add to MetaCart
We prove tight lower bounds, of up to n ffl , for the monotone depth of functions in monotoneP. As a result we achieve the separation of the following classes. 1. monotoneNC 6= monotoneP. 2. For every i 1, monotoneNC i 6= monotoneNC i+1 . 3. More generally: For any integer function D(n), up to n ffl (for some ffl ? 0), we give an explicit example of a monotone Boolean function, that can be computed by polynomial size monotone Boolean circuits of depth D(n), but that cannot be computed by any (fanin 2) monotone Boolean circuits of depth less than Const \Delta D(n) (for some constant Const). Only a separation of monotoneNC 1 from monotoneNC 2 was previously known. Our argument is more general: we define a new class of communication complexity search problems, referred to below as DART games, and we prove a tight lower bound for the communication complexity of every member of this class. As a result we get lower bounds for the monotone depth of many functions. In...