Results 1  10
of
27
Complete instantiation for quantified formulas in Satisfiabiliby Modulo Theories
"... Abstract. Quantifier reasoning in Satisfiability Modulo Theories (SMT) is a longstanding challenge. The practical method employed in modern SMT solvers is to instantiate quantified formulas based on heuristics, which is not refutationally complete even for pure firstorder logic. We present several ..."
Abstract

Cited by 50 (2 self)
 Add to MetaCart
(Show Context)
Abstract. Quantifier reasoning in Satisfiability Modulo Theories (SMT) is a longstanding challenge. The practical method employed in modern SMT solvers is to instantiate quantified formulas based on heuristics, which is not refutationally complete even for pure firstorder logic. We present several decidable fragments of first order logic modulo theories. We show how to construct models for satisfiable formulas in these fragments. For richer undecidable fragments, we discuss conditions under which our procedure is refutationally complete. We also describe useful heuristics based on model checking for prioritizing or avoiding instantiations. 1
Decidability and expressiveness for firstorder logics of probability
 Information and Computation
, 1994
"... ..."
Decidability of Invariant Validation for Parameterized Systems
, 2003
"... The control part of many concurrent and distributed programs reduces to a set Pi = {p1, ..., pn} of symmetric processes containing mainly assignments and tests on Boolean variables. However, the assignments, the guards and the program invariants can be Piquantified, so the corresponding verific ..."
Abstract

Cited by 7 (2 self)
 Add to MetaCart
The control part of many concurrent and distributed programs reduces to a set Pi = {p1, ..., pn} of symmetric processes containing mainly assignments and tests on Boolean variables. However, the assignments, the guards and the program invariants can be Piquantified, so the corresponding verification conditions also involve Piquantifications. We propose
Decidability of invariant validation for paramaterized systems
, 2003
"... The control part of many concurrent and distributed programs reduces to a set Π = {p1,..., pn} of symmetric processes containing mainly assignments and tests on Boolean variables. However, the assignments, the guards and the program invariants can be Πquantified, so the corresponding verification c ..."
Abstract

Cited by 7 (1 self)
 Add to MetaCart
The control part of many concurrent and distributed programs reduces to a set Π = {p1,..., pn} of symmetric processes containing mainly assignments and tests on Boolean variables. However, the assignments, the guards and the program invariants can be Πquantified, so the corresponding verification conditions also involve Πquantifications. We propose a systematic procedure allowing the elimination of such quantifications for a large class of program invariants. At the core of this procedure is a variant of the Herbrand Theorem for manysorted firstorder logic with equality.
T.: Beyond quantifierfree interpolation in extensions of Presburger arithmetic (extended
, 2010
"... Abstract. Craig interpolation has emerged as an effective means of generating candidate program invariants. We present interpolation procedures for the theories of Presburger arithmetic combined with (i) uninterpreted predicates (QPA+UP), (ii) uninterpreted functions (QPA+UF) and (iii) extensiona ..."
Abstract

Cited by 6 (0 self)
 Add to MetaCart
(Show Context)
Abstract. Craig interpolation has emerged as an effective means of generating candidate program invariants. We present interpolation procedures for the theories of Presburger arithmetic combined with (i) uninterpreted predicates (QPA+UP), (ii) uninterpreted functions (QPA+UF) and (iii) extensional arrays (QPA+AR). We prove that none of these combinations can be effectively interpolated without the use of quantifiers, even if the input formulae are quantifierfree. We go on to identify fragments of QPA+UP and QPA+UF with restricted forms of guarded quantification that are closed under interpolation. Formulae in these fragments can easily be mapped to quantifierfree expressions with integer division. For QPA+AR, we formulate a sound interpolation procedure that potentially produces interpolants with unrestricted quantifiers. 1
Ematching with free variables.
, 2012
"... Abstract. Ematching is the most commonly used technique to handle quantifiers in SMT solvers. It works by identifying characteristic subexpressions of quantified formulae, named triggers, which are matched during proof search on ground terms to discover relevant instantiations of the quantified fo ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
(Show Context)
Abstract. Ematching is the most commonly used technique to handle quantifiers in SMT solvers. It works by identifying characteristic subexpressions of quantified formulae, named triggers, which are matched during proof search on ground terms to discover relevant instantiations of the quantified formula. Ematching has proven to be an efficient and practical approach to handle quantifiers, in particular because triggers can be provided by the user to guide proof search; however, as it is heuristic in nature, ematching alone is typically insufficient to establish a complete proof procedure. In contrast, free variable methods in tableaulike calculi are more robust and give rise to complete procedures, e.g., for firstorder logic, but are not comparable to ematching in terms of scalability. This paper discusses how ematching can be combined with free variable approaches, leading to calculi that enjoy similar completeness properties as pure free variable procedures, but in which it is still possible for a user to provide domainspecific triggers to improve performance.
InputOutput Model Programs
, 2009
"... Model programs are used as highlevel behavioral specifications typically representing abstract state machines. For modeling reactive systems, one uses inputoutput model programs, where the action vocabulary is divided between two conceptual players: the input player and the output player. The pla ..."
Abstract

Cited by 5 (2 self)
 Add to MetaCart
(Show Context)
Model programs are used as highlevel behavioral specifications typically representing abstract state machines. For modeling reactive systems, one uses inputoutput model programs, where the action vocabulary is divided between two conceptual players: the input player and the output player. The players share the action vocabulary and make moves that are labeled by actions according to their respective model programs. Conformance between the two model programs means that the output (input) player only makes output (input) moves that are allowed by the input (output) players model program. In a bounded game, the total number of moves is fixed. Here model programs use a background theory T containing linear arithmetic, sets, and tuples. We formulate the bounded game conformance checking problem, or BGC, as a theorem proving problem modulo T and analyze its complexity.
Simulation of timed Abstract State Machines with predicate logic modelchecking. This Journal,
, 2008
"... Abstract: We describe a prototype of a simulator for reactive timed abstract state machines (ASM) that checks whether the generated runs verify a requirements specification represented as a formula of a First Order Timed Logic (FOTL). The simulator deals with ASM with continuous or discrete time. T ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
Abstract: We describe a prototype of a simulator for reactive timed abstract state machines (ASM) that checks whether the generated runs verify a requirements specification represented as a formula of a First Order Timed Logic (FOTL). The simulator deals with ASM with continuous or discrete time. The time constraints are linear inequalities. It can treat two semantics, one with instantaneous actions and another one with delayed actions, the delays being bounded and nondeterministic.
Symbolic Bounded Model Checking of Abstract State Machines
, 2009
"... Abstract State Machines (ASMs) allow modeling system behaviors at any desired level of abstraction, including a level with rich data types, such as sets or sequences. The availability of highlevel data types allow state elements to be represented both abstractly and faithfully at the same time. Asm ..."
Abstract

Cited by 4 (4 self)
 Add to MetaCart
(Show Context)
Abstract State Machines (ASMs) allow modeling system behaviors at any desired level of abstraction, including a level with rich data types, such as sets or sequences. The availability of highlevel data types allow state elements to be represented both abstractly and faithfully at the same time. AsmL is a rich ASMbased specification and programming language. In this paper we look at symbolic analysis of model programs written in AsmL with a background T of linear arithmetic, sets, tuples, and maps. We first provide a rigorous account for the update semantics of AsmL in terms of T, and formulate the problem of bounded path exploration of model programs, or the problem of Bounded Model Program Checking (BMPC) as a satisfiability modulo T problem. Then we investigate the boundaries of decidable and undecidable cases for BMPC. In a general setting, BMPC is shown to be highly undecidable, it is effectively equivalent to satisfiability in secondorder Peano arithmetic with sets (Σ1 1complete); and even when restricting to finite sets the problem is as hard as the halting problem of