Interpolation and SATbased model checking
, 2003
Abstract. We consider a fully SATbased method of unbounded symbolic model checking based on computing Craig interpolants. In benchmark studies using a set of large industrial circuit verification instances, this method is greatly more efficient than BDDbased symbolic model checking, and compares favorably to some recent SATbased model checking methods on positive instances. 1
Bounded Model Checking Using Satisfiability Solving
 Formal Methods in System Design
, 2001
The phrase model checking refers to algorithms for exploring the state space of a transition system to determine if it obeys a specification of its intended behavior. These algorithms can perform exhaustive verification in a highly automatic manner, and, thus, have attracted much interest in industry. Model checking programs are now being commercially marketed. However, model checking has been held back by the state explosion problem, which is the problem that the number of states in a system grows exponentially in the number of system components. Much research has been devoted to ameliorating this problem.
Applying SAT methods in unbounded symbolic model checking
, 2002
Abstract. A method of symbolic model checking is introduced that uses conjunctive normal form (CNF) rather than binary decision diagrams (BDD’s) and uses a SATbased approach to quantifier elimination. This method is compared to a traditional BDDbased model checking approach using a set of benchmark problems derived from the compositional verification of a commercial microprocessor design. 1
Translating pseudoboolean constraints into SAT
 Journal on Satisfiability, Boolean Modeling and Computation
, 2006
In this paper, we describe and evaluate three different techniques for translating pseudoboolean constraints (linear constraints over boolean variables) into clauses that can be handled by a standard SATsolver. We show that by applying a proper mix of translation techniques, a SATsolver can perform on a par with the best existing native pseudoboolean solvers. This is particularly valuable in those cases where the constraint problem of interest is naturally expressed as a SAT problem, except for a handful of constraints. Translating those constraints to get a pure clausal problem will take full advantage of the latest improvements in SAT research. A particularly interesting result of this work is the efficiency of sorting networks to express pseudoboolean constraints. Although tangential to this presentation, the result gives a suggestion as to how synthesis tools may be modified to produce arithmetic circuits more suitable for SAT based reasoning. Keywords: pseudoBoolean, SATsolver, SAT translation, integer linear programming
Resolve and Expand
 In Proc. of SAT’04
, 2004
Abstract. We present a novel expansion based decision procedure for quantified boolean formulas (QBF) in conjunctive normal form (CNF). The basic idea is to resolve existentially quantified variables and eliminate universal variables by expansion. This process is continued until the formula becomes propositional and can be solved by any SAT solver. On structured problems our implementation quantor is competitive with stateoftheart QBF solvers based on DPLL. It is orders of magnitude faster on certain hard to solve instances. 1
Bounded model checking
, 2009
Besides Equivalence Checking [KK97, KPKG02] the most important industrial application of SAT is currently Bounded Model Checking (BMC) [BCCZ99]. Both techniques are used for formal hardware verification in the context of electronic design automation (EDA), but have successfully been applied to many other domains as well. In this chapter, we focus on BMC. In practice, BMC is mainly used for falsification resp. testing, which is concerned with violations of temporal properties. However, the original paper on BMC [BCCZ99] already discussed extensions that can prove properties. A considerable part of this chapter discusses these complete extensions, which are often called “unbounded ” model checking techniques, even though they are build upon the same principles as plain BMC. Two further related applications, in which BMC becomes more and more important, are automatic test case generation for closing coverage holes, and disproving redundancy in designs. Most of the techniques discussed in this chapter transfer to this more general setting as well, even though our focus is on property
DAGaware AIG rewriting: A fresh look at combinational logic synthesis
 In DAC ’06: Proceedings of the 43rd annual conference on Design automation
, 2006
This paper presents a technique for preprocessing combinational logic before technology mapping. The technique is based on the representation of combinational logic using AndInverter Graphs (AIGs), the networks of twoinput ANDs and inverters. The optimization works by alternating DAGaware AIG rewriting, which reduces area by sharing common logic without increasing delay, and algebraic AIG balancing, which minimizes delay without increasing area. The new technologyindependent flow is implemented in a publicdomain tool ABC. Experiments on large industrial benchmarks show that the proposed methodology scales to very large designs and is several orders of magnitude faster than SIS and MVSIS while offering comparable or better quality when measured by the quality of the network after mapping. 1
SATbased Verification without State Space Traversal
 In Formal Methods in ComputerAided Design
, 2000
. Binary Decision Diagrams (BDDs) have dominated the area of symbolic model checking for the past decade. Recently, the use of satisfiability (SAT) solvers has emerged as an interesting complement to BDDs. SATbased methods are capable of coping with some of the systems that BDDs are unable to handle. The most challenging problem that has to be solved in order to adapt standard symbolic model checking to SATsolvers is the boolean quantification necessary for traversing the state space. A possible approach to extending the applicability of SATbased model checkers is therefore to reduce the amount of traversal. In this paper, we investigate a BDDbased verification algorithm due to van Eijk. Van Eijk's algorithm tries to compute information that is sufficient to prove a given safety property directly. When this is not possible, the computed information can be used to reduce the amount of traversal needed by standard model checking algorithms. We convert van Eijk's algori...
Kodkod: A relational model finder
 In Tools and Algorithms for Construction and Analysis of Systems (TACAS
, 2007
Abstract. The key design challenges in the construction of a SATbased relational model finder are described, and novel techniques are proposed to address them. An efficient model finder must have a mechanism for specifying partial solutions, an effective symmetry detection and breaking scheme, and an economical translation from relational to boolean logic. These desiderata are addressed with three new techniques: a symmetry detection algorithm that works in the presence of partial solutions, a sparsematrix representation of relations, and a compact representation of boolean formulas inspired by boolean expression diagrams and reduced boolean circuits. The presented techniques have been implemented and evaluated, with promising results. 1
Saturation: an efficient iteration strategy for symbolic state space generation
 PROC. TOOLS AND ALGORITHMS FOR THE CONSTRUCTION AND ANALYSIS OF SYSTEMS (TACAS), LNCS 2031
, 2001
We present a novel algorithm for generating state spaces of asynchronous systems using Multi–valued Decision Diagrams. In contrast to related work, we encode the next–state function of a system not as a single Boolean function, but as cross–products of integer functions. This permits the application of various iteration strategies to build a system’s state space. In particular, we introduce a new elegant strategy, called saturation, and implement it in the tool SMART. On top of usually performing several orders of magnitude faster than existing BDD–based state–space generators, our algorithm’s required peak memory is often close to the final memory needed for storing the overall state space.