Pub Date : 2008-11-17DOI: 10.1109/FMCAD.2008.ECP.17
Dan Goldwasser, O. Strichman, S. Fine
We study the decision problem of disjunctive linear arithmetic over the reals from the perspective of computational geometry. We show that traversing the linear arrangement induced by the formula's predicates, rather than the DPLL(T) method of traversing the Boolean space, may have an advantage when the number of variables is smaller than the number of predicates (as it is indeed the case in the standard SMT-Lib benchmarks). We then continue by showing a branching heuristic that is based on approximating T-implications, based on a geometric analysis. We achieve modest improvement in run time comparing to the commonly used heuristic used by competitive solvers.
{"title":"A Theory-Based Decision Heuristic for DPLL(T)","authors":"Dan Goldwasser, O. Strichman, S. Fine","doi":"10.1109/FMCAD.2008.ECP.17","DOIUrl":"https://doi.org/10.1109/FMCAD.2008.ECP.17","url":null,"abstract":"We study the decision problem of disjunctive linear arithmetic over the reals from the perspective of computational geometry. We show that traversing the linear arrangement induced by the formula's predicates, rather than the DPLL(T) method of traversing the Boolean space, may have an advantage when the number of variables is smaller than the number of predicates (as it is indeed the case in the standard SMT-Lib benchmarks). We then continue by showing a branching heuristic that is based on approximating T-implications, based on a geometric analysis. We achieve modest improvement in run time comparing to the commonly used heuristic used by competitive solvers.","PeriodicalId":399042,"journal":{"name":"2008 Formal Methods in Computer-Aided Design","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132810419","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2008-11-17DOI: 10.1109/FMCAD.2008.ECP.16
F. Mari, I. Melatti, Ivano Salvo, E. Tronci, L. Alvisi, Allen Clement, Harry C. Li
We present a symbolic model checking algorithm for verification of Nash equilibria in finite state mechanisms modeling multiple administrative domains (MAD) distributed systems. Given a finite state mechanism, a proposed protocol for each agent and an indifference threshold for rewards, our model checker returns PASS if the proposed protocol is a Nash equilibrium (up to the given indifference threshold) for the given mechanism, FAIL otherwise. We implemented our model checking algorithm inside the NuSMV model checker and present experimental results showing its effectiveness for moderate size mechanisms.
{"title":"Model Checking Nash Equilibria in MAD Distributed Systems","authors":"F. Mari, I. Melatti, Ivano Salvo, E. Tronci, L. Alvisi, Allen Clement, Harry C. Li","doi":"10.1109/FMCAD.2008.ECP.16","DOIUrl":"https://doi.org/10.1109/FMCAD.2008.ECP.16","url":null,"abstract":"We present a symbolic model checking algorithm for verification of Nash equilibria in finite state mechanisms modeling multiple administrative domains (MAD) distributed systems. Given a finite state mechanism, a proposed protocol for each agent and an indifference threshold for rewards, our model checker returns PASS if the proposed protocol is a Nash equilibrium (up to the given indifference threshold) for the given mechanism, FAIL otherwise. We implemented our model checking algorithm inside the NuSMV model checker and present experimental results showing its effectiveness for moderate size mechanisms.","PeriodicalId":399042,"journal":{"name":"2008 Formal Methods in Computer-Aided Design","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129906831","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2008-11-17DOI: 10.1109/FMCAD.2008.ECP.19
G. Hagen, C. Tinelli
We present a general approach for verifying safety properties of Lustre programs automatically. Key aspects of the approach are the choice of an expressive first-order logic in which Lustre's semantics is modeled very naturally, the tailoring to this logic of SAT-based k-induction and abstraction techniques, and the use of SMT solvers to reason efficiently in this logic. We discuss initial experimental results showing that our implementation of the approach is highly competitive with existing verification solutions for Lustre.
{"title":"Scaling Up the Formal Verification of Lustre Programs with SMT-Based Techniques","authors":"G. Hagen, C. Tinelli","doi":"10.1109/FMCAD.2008.ECP.19","DOIUrl":"https://doi.org/10.1109/FMCAD.2008.ECP.19","url":null,"abstract":"We present a general approach for verifying safety properties of Lustre programs automatically. Key aspects of the approach are the choice of an expressive first-order logic in which Lustre's semantics is modeled very naturally, the tailoring to this logic of SAT-based k-induction and abstraction techniques, and the use of SMT solvers to reason efficiently in this logic. We discuss initial experimental results showing that our implementation of the approach is highly competitive with existing verification solutions for Lustre.","PeriodicalId":399042,"journal":{"name":"2008 Formal Methods in Computer-Aided Design","volume":"7 9","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120863539","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2008-11-17DOI: 10.1109/FMCAD.2008.ECP.33
W. Hunt, R. Krug, S. Ray, W. D. Young
We present a method for verifying information flow properties of software programs using inductive assertions and theorem proving. Given a program annotated with information flow assertions at cutpoints, the method uses a theorem prover and operational semantics to generate and discharge verification conditions. This obviates the need to develop a verification condition generator (VCG) or a customized logic for information flow properties. The method is compositional: a subroutine needs to be analyzed once, rather than at each call site. The method is being mechanized in the ACL2 theorem prover, and we discuss initial results demonstrating its applicability.
{"title":"Mechanized Information Flow Analysis through Inductive Assertions","authors":"W. Hunt, R. Krug, S. Ray, W. D. Young","doi":"10.1109/FMCAD.2008.ECP.33","DOIUrl":"https://doi.org/10.1109/FMCAD.2008.ECP.33","url":null,"abstract":"We present a method for verifying information flow properties of software programs using inductive assertions and theorem proving. Given a program annotated with information flow assertions at cutpoints, the method uses a theorem prover and operational semantics to generate and discharge verification conditions. This obviates the need to develop a verification condition generator (VCG) or a customized logic for information flow properties. The method is compositional: a subroutine needs to be analyzed once, rather than at each call site. The method is being mechanized in the ACL2 theorem prover, and we discuss initial results demonstrating its applicability.","PeriodicalId":399042,"journal":{"name":"2008 Formal Methods in Computer-Aided Design","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127511300","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2008-11-17DOI: 10.1109/FMCAD.2008.ECP.12
A. Slobodová
The advanced encryption standard (AES), approved by National Institute of Standards and Technology, specifies a cryptographic algorithm that can be used to protect electronic data. The next generation of Intel micro-processor introduces a set of instructions known as AES-NI, that promises multi-folded acceleration of the AES encryption and decryption process. In this paper, we report about the formal verification of hardware support for these new instructions. The verification is based on use of symbolic trajectory evaluation that lies at the base of formal verification methodology used by Intel Corporation. To our knowledge, this is the first formal verification of AES hardware support.
高级加密标准(AES)是由美国国家标准与技术研究院(National Institute of Standards and Technology)批准的,它规定了一种可用于保护电子数据的加密算法。下一代英特尔微处理器引入了一组被称为AES- ni的指令,它承诺对AES加密和解密过程进行多重加速。在本文中,我们报告了对这些新指令的硬件支持的形式化验证。验证是基于英特尔公司使用的形式化验证方法的基础上使用的符号轨迹评估。据我们所知,这是AES硬件支持的第一次正式验证。
{"title":"Formal Verification of Hardware Support for Advanced Encryption Standard","authors":"A. Slobodová","doi":"10.1109/FMCAD.2008.ECP.12","DOIUrl":"https://doi.org/10.1109/FMCAD.2008.ECP.12","url":null,"abstract":"The advanced encryption standard (AES), approved by National Institute of Standards and Technology, specifies a cryptographic algorithm that can be used to protect electronic data. The next generation of Intel micro-processor introduces a set of instructions known as AES-NI, that promises multi-folded acceleration of the AES encryption and decryption process. In this paper, we report about the formal verification of hardware support for these new instructions. The verification is based on use of symbolic trajectory evaluation that lies at the base of formal verification methodology used by Intel Corporation. To our knowledge, this is the first formal verification of AES hardware support.","PeriodicalId":399042,"journal":{"name":"2008 Formal Methods in Computer-Aided Design","volume":"101 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133333854","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2008-11-17DOI: 10.1109/FMCAD.2008.ECP.32
Armin Biere, Robert Brummayer
This paper shows how all different constraints (ADCs) over bit-vectors can be handled within a SAT solver. It also contains encouraging experimental results in applying this technique to encode simple path constraints in bounded model checking. Finally, we present a new compact encoding of equalities and inequalities over bit-vectors in CNF.
{"title":"Consistency Checking of All Different Constraints over Bit-Vectors within a SAT Solver","authors":"Armin Biere, Robert Brummayer","doi":"10.1109/FMCAD.2008.ECP.32","DOIUrl":"https://doi.org/10.1109/FMCAD.2008.ECP.32","url":null,"abstract":"This paper shows how all different constraints (ADCs) over bit-vectors can be handled within a SAT solver. It also contains encouraging experimental results in applying this technique to encode simple path constraints in bounded model checking. Finally, we present a new compact encoding of equalities and inequalities over bit-vectors in CNF.","PeriodicalId":399042,"journal":{"name":"2008 Formal Methods in Computer-Aided Design","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129396114","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2008-11-17DOI: 10.1109/FMCAD.2008.ECP.20
Per Bjesse
Many designs intermingle large memories with wide data paths and nontrivial control. Verifying such systems is challenging, and users often get little traction when applying model checking to decide full or partial end-to-end correctness of such designs. Interestingly, a subclass of these systems can be proven correct by reasoning only about a small number of the memory entries at a limited number of time points. In this paper, we leverage this fact to abstract certain memories in a sound way, and we demonstrate how our memory abstraction coupled with an abstraction refinement algorithm can be used to prove correctness properties for three challenging designs from industry and academia. Key features of our approach are that we operate on standard safety property verification problems, that we proceed completely automatically without any need for abstraction hints, that we can use any bit-level model checker as a back-end decision procedure, and that our algorithms fit seamlessly into a standard transformational verification paradigm.
{"title":"Word-Level Sequential Memory Abstraction for Model Checking","authors":"Per Bjesse","doi":"10.1109/FMCAD.2008.ECP.20","DOIUrl":"https://doi.org/10.1109/FMCAD.2008.ECP.20","url":null,"abstract":"Many designs intermingle large memories with wide data paths and nontrivial control. Verifying such systems is challenging, and users often get little traction when applying model checking to decide full or partial end-to-end correctness of such designs. Interestingly, a subclass of these systems can be proven correct by reasoning only about a small number of the memory entries at a limited number of time points. In this paper, we leverage this fact to abstract certain memories in a sound way, and we demonstrate how our memory abstraction coupled with an abstraction refinement algorithm can be used to prove correctness properties for three challenging designs from industry and academia. Key features of our approach are that we operate on standard safety property verification problems, that we proceed completely automatically without any need for abstraction hints, that we can use any bit-level model checker as a back-end decision procedure, and that our algorithms fit seamlessly into a standard transformational verification paradigm.","PeriodicalId":399042,"journal":{"name":"2008 Formal Methods in Computer-Aided Design","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131616154","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2008-11-17DOI: 10.1109/FMCAD.2008.ECP.6
Michael L. Case, A. Mishchenko, R. Brayton, J. Baumgartner, Hari Mony
This work presents a technology-independent synthesis optimization that is effective in reducing the total number of state elements of a design. It works by identifying and eliminating dependent state elements which may be expressed as functions of other registers. For scalability, we rely exclusively on SAT- based analysis in this process. To enable optimal identification of all dependent state elements, we integrate an inductive invariant generation framework. We introduce numerous techniques to heuristically enhance the reduction potential of our method, and experiments confirm that our approach is scalable and is able to reduce state element count by 12% on average in large industrial designs, even after other aggressive optimizations such as min- register retiming have been applied. The method is effective in simplifying later verification efforts.
{"title":"Invariant-Strengthened Elimination of Dependent State Elements","authors":"Michael L. Case, A. Mishchenko, R. Brayton, J. Baumgartner, Hari Mony","doi":"10.1109/FMCAD.2008.ECP.6","DOIUrl":"https://doi.org/10.1109/FMCAD.2008.ECP.6","url":null,"abstract":"This work presents a technology-independent synthesis optimization that is effective in reducing the total number of state elements of a design. It works by identifying and eliminating dependent state elements which may be expressed as functions of other registers. For scalability, we rely exclusively on SAT- based analysis in this process. To enable optimal identification of all dependent state elements, we integrate an inductive invariant generation framework. We introduce numerous techniques to heuristically enhance the reduction potential of our method, and experiments confirm that our approach is scalable and is able to reduce state element count by 12% on average in large industrial designs, even after other aggressive optimizations such as min- register retiming have been applied. The method is effective in simplifying later verification efforts.","PeriodicalId":399042,"journal":{"name":"2008 Formal Methods in Computer-Aided Design","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125193189","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2008-11-17DOI: 10.1109/FMCAD.2008.ECP.27
C. Eisner, D. Fisman
The semantics of temporal logic is usually defined with respect to a word representing a computation path over a set of atomic propositions. A temporal logic formula does not control the behavior of the atomic propositions, it merely observes their behavior. Local variables are a twist on this approach, in which the user can declare variables local to the formula and control their behavior from within the formula itself. Local variables were introduced in 2002, and a formal semantics was given to them in the context of SVA, the assertion language of SystemVerilog, in 2004. That semantics suffers from several drawbacks. In particular, it breaks distributivity of the operators corresponding to intersection and union. In this paper we present a formal semantics for local variables that solves that problem and others, and compare it to the previous solution.
{"title":"Augmenting a Regular Expression-Based Temporal Logic with Local Variables","authors":"C. Eisner, D. Fisman","doi":"10.1109/FMCAD.2008.ECP.27","DOIUrl":"https://doi.org/10.1109/FMCAD.2008.ECP.27","url":null,"abstract":"The semantics of temporal logic is usually defined with respect to a word representing a computation path over a set of atomic propositions. A temporal logic formula does not control the behavior of the atomic propositions, it merely observes their behavior. Local variables are a twist on this approach, in which the user can declare variables local to the formula and control their behavior from within the formula itself. Local variables were introduced in 2002, and a formal semantics was given to them in the context of SVA, the assertion language of SystemVerilog, in 2004. That semantics suffers from several drawbacks. In particular, it breaks distributivity of the operators corresponding to intersection and union. In this paper we present a formal semantics for local variables that solves that problem and others, and compare it to the previous solution.","PeriodicalId":399042,"journal":{"name":"2008 Formal Methods in Computer-Aided Design","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115465099","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2008-11-17DOI: 10.1109/FMCAD.2008.ECP.29
O. Kupferman, Wenchao Li, S. Seshia
The quality of formal specifications and the circuits they are written for can be evaluated through checks such as vacuity and coverage. Both checks involve mutations to the specification or the circuit implementation. In this context, we study and prove properties of mutations to finite-state systems. Since faults can be viewed as mutations, our theory of mutations can also be used in a formal approach to fault injection. We demonstrate theoretically and with experimental results how relations and orders amongst mutations can be used to improve specifications and reason about coverage of fault tolerant circuits.
{"title":"A Theory of Mutations with Applications to Vacuity, Coverage, and Fault Tolerance","authors":"O. Kupferman, Wenchao Li, S. Seshia","doi":"10.1109/FMCAD.2008.ECP.29","DOIUrl":"https://doi.org/10.1109/FMCAD.2008.ECP.29","url":null,"abstract":"The quality of formal specifications and the circuits they are written for can be evaluated through checks such as vacuity and coverage. Both checks involve mutations to the specification or the circuit implementation. In this context, we study and prove properties of mutations to finite-state systems. Since faults can be viewed as mutations, our theory of mutations can also be used in a formal approach to fault injection. We demonstrate theoretically and with experimental results how relations and orders amongst mutations can be used to improve specifications and reason about coverage of fault tolerant circuits.","PeriodicalId":399042,"journal":{"name":"2008 Formal Methods in Computer-Aided Design","volume":"237-240 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130731151","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: