Catálogo de publicaciones - libros
Computer Aided Verification: 17th International Conference, CAV 2005, Edinburgh, Scotland, UK, July 6-10, 2005, Proceedings
Kousha Etessami ; Sriram K. Rajamani (eds.)
En conferencia: 17º International Conference on Computer Aided Verification (CAV) . Edinburgh, United Kingdom . July 6, 2005 - July 10, 2005
Resumen/Descripción – provisto por la editorial
No disponible.
Palabras clave – provistas por la editorial
Logics and Meanings of Programs; Software Engineering; Mathematical Logic and Formal Languages; Artificial Intelligence (incl. Robotics); Logic Design
Disponibilidad
Institución detectada | Año de publicación | Navegá | Descargá | Solicitá |
---|---|---|---|---|
No detectada | 2005 | SpringerLink |
Información
Tipo de recurso:
libros
ISBN impreso
978-3-540-27231-1
ISBN electrónico
978-3-540-31686-2
Editor responsable
Springer Nature
País de edición
Reino Unido
Fecha de publicación
2005
Información sobre derechos de publicación
© Springer-Verlag Berlin Heidelberg 2005
Tabla de contenidos
doi: 10.1007/11513988_31
: Software Verification Platform
F. Ivančić; Z. Yang; M. K. Ganai; A. Gupta; I. Shlyakhter; P. Ashar
In this paper, we describe our verification tool , which is developed for the analysis of programs. Its novelty lies in the combination of several recent advances in formal verification research including SAT-based verification, static analyses and predicate abstraction. As shown in the tool overview in Figure 1, we translate a program into a Boolean model to be analyzed by our verification engine [4], which includes BDD-based and SAT-based model checking techniques. We include various static analyses, such as computing the control flow graph of the program, program slicing with respect to the property, and performing range analysis as described in Section 2.2. We model the software using a Boolean representation, and use customized heuristics for the SAT-based analysis as described in Section [2.1]. We can also perform a localized predicate abstraction with register sharing as described in Section [2.3], if the user so chooses. The actual analysis of the resulting Boolean model is performed using . If a counter-example is discovered, we use a testbench generator that automatically generates an executable program for the user to examine the bug in his/her favorite debugger. The tool has been applied on numerous case studies and publicly available benchmarks for sequential programs. We are currently working on extending it to handle concurrent programs.
- Tool Papers II | Pp. 301-306
doi: 10.1007/11513988_32
Yet Another Decision Procedure for Equality Logic
Orly Meir; Ofer Strichman
We introduce a new decision procedure for Equality Logic. The procedure improves on Bryant and Velev’s method [4] from CAV’00, in which each equality predicate is encoded with a Boolean variable, and then a set of transitivity constraints are added to compensate for the loss of transitivity of equality. We suggest the Reduced Transitivity Constraints (RTC) algorithm, that unlike the method, considers the of each equality predicate, i.e. whether it is an equality or disequality when the given equality formula is in Negation Normal Form (NNF). Given this information, we build the Equality Graph corresponding to with two types of edges, one for each polarity. We then define the notion of to be cycles in that graph that the variables corresponding to their edges cannot be simultaneously satisfied due to transitivity of equality. We prove that it is sufficient to add transitivity constraints that only constrain Contradictory Cycles, which results in only a small subset of the constraints added by the Reconstruct-sparse method. The formulas we generate are smaller and define a larger solution set, hence are expected to be easier to solve, as indeed our experiments show. Our new decision procedure is now implemented in the verification system.
- Decision Procedures and Applications | Pp. 307-320
doi: 10.1007/11513988_33
DPLL(T) with Exhaustive Theory Propagation and Its Application to Difference Logic
Robert Nieuwenhuis; Albert Oliveras
At CAV’04 we presented the DPLL() approach for satisfiability modulo theories . It is based on a general DPLL() engine whose can be instantiated with different theory solvers for conjunctions of literals.
Here we go one important step further: we require to be able to detect input literals that are -consequences of the partial model that is being explored by DPLL(). Although at first sight this may seem too expensive, we show that for the benefits compensate by far the costs.
Here we describe and discuss this new version of DPLL(), the DPLL() engine, and our for difference logic. The resulting very simple DPLL() system importantly outperforms the existing techniques for this logic. Moreover, it has very good scaling properties: especially on the larger problems it gives improvements of orders of magnitude w.r.t. the existing state-of-the-art tools.
- Decision Procedures and Applications | Pp. 321-334
doi: 10.1007/11513988_34
Efficient Satisfiability Modulo Theories via Delayed Theory Combination
Marco Bozzano; Roberto Bruttomesso; Alessandro Cimatti; Tommi Junttila; Silvio Ranise; Peter van Rossum; Roberto Sebastiani
The problem of deciding the satisfiability of a quantifier-free formula with respect to a background theory, also known as Satisfiability Modulo Theories (), is gaining increasing relevance in verification: representation capabilities beyond propositional logic allow for a natural modeling of real-world problems (e.g., pipeline and RTL circuits verification, proof obligations in software systems).
In this paper, we focus on the case where the background theory is the combination ∪ of two simpler theories. Many procedures combine a boolean model enumeration with a decision procedure for ∪, where conjunctions of literals can be decided by an integration schema such as Nelson-Oppen, via a structured exchange of interface formulae (e.g., equalities in the case of convex theories, disjunctions of equalities otherwise).
We propose a new approach for (∪), called Delayed Theory Combination, which does not require a decision procedure for ∪, but only individual decision procedures for and , which are directly integrated into the boolean model enumerator. This approach is much simpler and natural, allows each of the solvers to be implemented and optimized without taking into account the others, and it nicely encompasses the case of non-convex theories. We show the effectiveness of the approach by a thorough experimental comparison.
- Decision Procedures and Applications | Pp. 335-349
doi: 10.1007/11513988_35
Symbolic Systems, Explicit Properties: On Hybrid Approaches for LTL Symbolic Model Checking
Roberto Sebastiani; Stefano Tonetta; Moshe Y. Vardi
In this work we study approaches to LTL symbolic model checking; that is, approaches that use explicit representations of the property automaton, whose state space is often quite manageable, and symbolic representations of the system, whose state space is typically exceedingly large. We compare the effects of using, respectively, (i) a purely symbolic representation of the property automaton, (ii) a symbolic representation, using logarithmic encoding, of explicitly compiled property automaton, and (iii) a partitioning of the symbolic state space according to an explicitly compiled property automaton. We apply this comparison to three model-checking algorithms: the doubly-nested fixpoint algorithm of Emerson and Lei, the reduction of emptiness to reachability of Biere et al., and the singly-nested fixpoint algorithm of Bloem et al. for weak automata. The emerging picture from our study is quite clear, hybrid approaches outperform pure symbolic model checking, while partitioning generally performs better than logarithmic encoding. The conclusion is that the hybrid approaches benefits from state-of-the-art techniques in semantic compilation of LTL properties. Partitioning gains further from the fact that the image computation is applied to smaller sets of states.
- Automata and Transition Systems | Pp. 350-363
doi: 10.1007/11513988_36
Efficient Monitoring of -Languages
Marcelo d’Amorim; Grigore Roşu
We present a technique for generating efficient monitors for -regular-languages. We show how Büchi automata can be reduced in size and transformed into special, statistically optimal nondeterministic finite state machines, called (), which recognize precisely the minimal bad prefixes of the original -regular-language. The presented technique is implemented as part of a larger monitoring framework and is available for download.
- Automata and Transition Systems | Pp. 364-378
doi: 10.1007/11513988_37
Verification of Tree Updates for Optimization
Michael Benedikt; Angela Bonifati; Sergio Flesca; Avinash Vyas
With the rise of XML as a standard format for representing tree-shaped data, new programming tools have emerged for specifying transformations to tree-like structures. A recent example along this line are the update languages of [16,15,8] which add tree update primitives on top of the declarative query languages XPath and XQuery. These tree update languages use a “snapshot semantics”, in which all querying is performed first, after which a generated sequence of concrete updates is performed in a fixed order determined by query evaluation. In order to gain efficiency, one would prefer to perform updates as soon as they are generated, before further querying. This motivates a specific verification problem: given a tree update program, determine whether generated updates can be performed before all querying is completed. We formalize this notion, which we call “Binding Independence”. We give an algorithm to verify that a tree update program is Binding Independent, and show how this analysis can be used to produce optimized evaluation orderings that significantly reduce processing time.
- Automata and Transition Systems | Pp. 379-393
doi: 10.1007/11513988_38
Expand, Enlarge and Check... Made Efficient
Gilles Geeraerts; Jean-François Raskin; Laurent Van Begin
The coverability problem is decidable for the class of well-structured transition systems. Until recently, the only known algorithm to solve this problem was based on symbolic backward reachability. In a recent paper, we have introduced the theory underlying a new algorithmic solution, called ‘Expand, Enlarge and Check’, which can be implemented in a forward manner. In this paper, we provide additional concepts and algorithms to turn this theory into efficient forward algorithms for monotonic extensions of Petri nets and Lossy Channels Systems. We have implemented a prototype and applied it on a large set of examples. This prototype outperforms a previous fine tuned prototype based on backward symbolic exploration and shows the practical interest of our new algorithmic solution.
- Automata and Transition Systems | Pp. 394-407
doi: 10.1007/11513988_39
IIV: An Invisible Invariant Verifier
Ittai Balaban; Yi Fang; Amir Pnueli; Lenore D. Zuck
This paper describes the (IIV)-an automatic tool for the generation of inductive invariants, based on the work in [4, 1, 2, 6]. The inputs to IIV are a parameterized system and an invariance property p, and the output of IIV is “success” if it finds an inductive invariant that strengthens p and “fail” otherwise. IIV can be run from
- Tool Papers III | Pp. 408-412
doi: 10.1007/11513988_40
Action Language Verifier, Extended
Tuba Yavuz-Kahveci; Constantinos Bartzis; Tevfik Bultan
Action Language Verifier (ALV) is an infinite state model checker which specializes on systems specified with linear arithmetic constraints on integer variables. An Action Language specification consists of integer, boolean and enumerated variables, parameterized integer constants and a set of modules and actions which are composed using synchronous and asynchronous composition operators [3,7]. ALV uses symbolic model checking techniques to verify or falsify CTL properties of the input specifications. Since Action Language allows specifications with unbounded integer variables, fixpoint computations are not guaranteed to converge. ALV uses conservative approximation techniques, reachability and acceleration heuristics to achieve convergence.
- Tool Papers III | Pp. 413-417