Results 1  10
of
134
Interpolation and SATbased model checking
, 2003
"... Abstract. We consider a fully SATbased method of unbounded symbolic model checking based on computing Craig interpolants. In benchmark studies using a set of large industrial circuit verification instances, this method is greatly more efficient than BDDbased symbolic model checking, and compares f ..."
Abstract

Cited by 285 (11 self)
 Add to MetaCart
(Show Context)
Abstract. We consider a fully SATbased method of unbounded symbolic model checking based on computing Craig interpolants. In benchmark studies using a set of large industrial circuit verification instances, this method is greatly more efficient than BDDbased symbolic model checking, and compares favorably to some recent SATbased model checking methods on positive instances. 1
Bounded model checking
, 2009
"... Besides Equivalence Checking [KK97, KPKG02] the most important industrial application of SAT is currently Bounded Model Checking (BMC) [BCCZ99]. Both techniques are used for formal hardware verification in the context of electronic design automation (EDA), but have successfully been applied to many ..."
Abstract

Cited by 165 (3 self)
 Add to MetaCart
Besides Equivalence Checking [KK97, KPKG02] the most important industrial application of SAT is currently Bounded Model Checking (BMC) [BCCZ99]. Both techniques are used for formal hardware verification in the context of electronic design automation (EDA), but have successfully been applied to many other domains as well. In this chapter, we focus on BMC. In practice, BMC is mainly used for falsification resp. testing, which is concerned with violations of temporal properties. However, the original paper on BMC [BCCZ99] already discussed extensions that can prove properties. A considerable part of this chapter discusses these complete extensions, which are often called “unbounded ” model checking techniques, even though they are build upon the same principles as plain BMC. Two further related applications, in which BMC becomes more and more important, are automatic test case generation for closing coverage holes, and disproving redundancy in designs. Most of the techniques discussed in this chapter transfer to this more general setting as well, even though our focus is on property
Picosat essentials
 Journal on Satisfiability, Boolean Modeling and Computation (JSAT
"... In this article we describe and evaluate optimized compact data structures for watching literals. Experiments with our SAT solver PicoSAT show that this lowlevel optimization not only saves memory, but also turns out to speed up the SAT solver considerably. We also discuss how to store proof traces ..."
Abstract

Cited by 140 (16 self)
 Add to MetaCart
(Show Context)
In this article we describe and evaluate optimized compact data structures for watching literals. Experiments with our SAT solver PicoSAT show that this lowlevel optimization not only saves memory, but also turns out to speed up the SAT solver considerably. We also discuss how to store proof traces compactly in memory and further unique features of PicoSAT including an aggressive restart schedule. Keywords: SAT solver, watched literals, occurrence lists, proof traces, restarts
An interpolating theorem prover
 In TACAS
, 2004
"... Abstract. We present a method of deriving Craig interpolants from proofs in the quantifierfree theory of linear inequality and uninterpreted function symbols, and an interpolating theorem prover based on this method. The prover has been used for predicate refinement in the Blast software model chec ..."
Abstract

Cited by 101 (11 self)
 Add to MetaCart
(Show Context)
Abstract. We present a method of deriving Craig interpolants from proofs in the quantifierfree theory of linear inequality and uninterpreted function symbols, and an interpolating theorem prover based on this method. The prover has been used for predicate refinement in the Blast software model checker, and can also be used directly for model checking infinitestate systems, using interpolationbased image approximation. 1
A survey of recent advances in SATbased formal verification
 STTT
, 2005
"... Dramatic improvements in SAT solver technology over the last decade and the growing need for more efficient and scalable verification solutions have fueled research in verification methods based on SAT solvers. This paper presents a survey of the latest developments in SATbased formal verificatio ..."
Abstract

Cited by 67 (9 self)
 Add to MetaCart
Dramatic improvements in SAT solver technology over the last decade and the growing need for more efficient and scalable verification solutions have fueled research in verification methods based on SAT solvers. This paper presents a survey of the latest developments in SATbased formal verification, including incomplete methods such as bounded model checking and complete methods for model checking. We focus on how the surveyed techniques formulate the verification problem as a SAT problem and how they exploit crucial aspects of a SAT solver, such as applicationspecific heuristics and conflictdriven learning. Finally,wesummarizethenoteworthy achievements in this area so far and note the major challenges in making this technology more pervasive in industrial design verification flows.
Deciding bitvector arithmetic with abstraction
 IN PROC. TACAS 2007
, 2007
"... We present a new decision procedure for finiteprecision bitvector arithmetic with arbitrary bitvector operations. Our procedure alternates between generating under and overapproximations of the original bitvector formula. An underapproximation is obtained by a translation to propositional log ..."
Abstract

Cited by 58 (24 self)
 Add to MetaCart
We present a new decision procedure for finiteprecision bitvector arithmetic with arbitrary bitvector operations. Our procedure alternates between generating under and overapproximations of the original bitvector formula. An underapproximation is obtained by a translation to propositional logic in which some bitvector variables are encoded with fewer Boolean variables than their width. If the underapproximation is unsatisfiable, we use the unsatisfiable core to derive an overapproximation based on the subset of predicates that participated in the proof of unsatisfiability. If this overapproximation is satisfiable, the satisfying assignment guides the refinement of the previous underapproximation by increasing, for some bitvector variables, the number of Boolean variables that encode them. We present experimental results that suggest that this abstractionbased approach can be considerably more efficient than directly invoking the SAT solver on the original formula as well as other competing decision procedures.
Applications of Craig interpolants in model checking
 In Proceedings of TACAS 2005 [TAC05
"... Abstract. A Craig interpolant for a mutually inconsistent pair of formulas (A, B) is a formula that is (1) implied by A, (2) inconsistent with B, and (3) expressed over the common variables of A and B. An interpolant can be efficiently derived from a refutation of A ∧ B, for certain theories and pr ..."
Abstract

Cited by 50 (0 self)
 Add to MetaCart
(Show Context)
Abstract. A Craig interpolant for a mutually inconsistent pair of formulas (A, B) is a formula that is (1) implied by A, (2) inconsistent with B, and (3) expressed over the common variables of A and B. An interpolant can be efficiently derived from a refutation of A ∧ B, for certain theories and proof systems. We will discuss a number of applications of this concept in finiteand infinitestate model checking.
On Computing Minimum Unsatisfiable Cores
, 2003
"... Certifying the correctness of a SAT solver is straightforward for satisfiable instances of SAT. Given a ..."
Abstract

Cited by 48 (3 self)
 Add to MetaCart
Certifying the correctness of a SAT solver is straightforward for satisfiable instances of SAT. Given a
Interpolantbased transition relation approximation
 In CAV 05: ComputerAided Verification, LNCS 3576
, 2005
"... Abstract. In predicate abstraction, exact image computation is problematic, requiring in the worst case an exponential number of calls to a decision procedure. For this reason, software model checkers typically use a weak approximation of the image. This can result in a failure to prove a property, ..."
Abstract

Cited by 47 (4 self)
 Add to MetaCart
(Show Context)
Abstract. In predicate abstraction, exact image computation is problematic, requiring in the worst case an exponential number of calls to a decision procedure. For this reason, software model checkers typically use a weak approximation of the image. This can result in a failure to prove a property, even given an adequate set of predicates. We present an interpolantbased method for strengthening the abstract transition relation in case of such failures. This approach guarantees convergence given an adequate set of predicates, without requiring an exact image computation. We show empirically that the method converges more rapidly than an earlier method based on counterexample analysis. 1
Dynamic Transition Relation Simplification for Bounded Property Checking
, 2004
"... Bounded Model Checking (BMC) is an incomplete property checking method that is based on a finite unfolding of the transition relation to disprove the correctness of a set of properties or to prove them for a limited execution lengths from the initial states. Current BMC techniques repeatedly concate ..."
Abstract

Cited by 40 (2 self)
 Add to MetaCart
Bounded Model Checking (BMC) is an incomplete property checking method that is based on a finite unfolding of the transition relation to disprove the correctness of a set of properties or to prove them for a limited execution lengths from the initial states. Current BMC techniques repeatedly concatenate the original transition relation to unfold the circuit with increasing depths. In this paper we present a new method that is based on a dual unfolding scheme. The first unfolding is noninitialized and progressively simplifies concatenated frames of the transition relation. The tail of the simplified frames are then applied in the second unfolding, which starts from the initial state and checks the properties. We use a circuit graph representation for all functions and performs simplification by merging vertices that are functionally equivalent under given input constraints. In the noninitialized unfolding, previous time frames progressively tighten these constraints thus leading to an asymptotic simplification of the transition relation. As a side benefit, our method can find inductive invariants constructively by detecting when vertices are functionally equivalent across time frames. This information is then used to further simplify the transition relation and, in some cases, prove unbounded correctness of properties. Our experiments using industrial property checking problems demonstrate that the presented method significantly improves the efficiency of BMC.