Results 11  20
of
102
Sledgehammer: Judgement Day
"... Sledgehammer, a component of the interactive theorem prover Isabelle, finds proofs in higherorder logic by calling the automated provers for firstorder logic E, SPASS and Vampire. This paper is the largest and most detailed empirical evaluation of such a link to date. Our test data consists of 12 ..."
Abstract

Cited by 24 (3 self)
 Add to MetaCart
Sledgehammer, a component of the interactive theorem prover Isabelle, finds proofs in higherorder logic by calling the automated provers for firstorder logic E, SPASS and Vampire. This paper is the largest and most detailed empirical evaluation of such a link to date. Our test data consists of 1240 proof goals arising in 7 diverse Isabelle theories, thus representing typical Isabelle proof obligations. We measure the effectiveness of Sledgehammer and many other parameters such as run time and complexity of proofs. A facility for minimizing the number of facts needed to prove a goal is presented and analyzed.
Decidability and undecidability results for NelsonOppen and rewritebased decision procedures
 In Proc. IJCAR3, U. Furbach and
, 2006
"... Abstract. In the context of combinations of theories with disjoint signatures, we classify the component theories according to the decidability of constraint satisfiability problems in arbitrary and in infinite models, respectively. We exhibit a theory T1 such that satisfiability is decidable, but s ..."
Abstract

Cited by 22 (15 self)
 Add to MetaCart
Abstract. In the context of combinations of theories with disjoint signatures, we classify the component theories according to the decidability of constraint satisfiability problems in arbitrary and in infinite models, respectively. We exhibit a theory T1 such that satisfiability is decidable, but satisfiability in infinite models is undecidable. It follows that satisfiability in T1 ∪ T2 is undecidable, whenever T2 has only infinite models, even if signatures are disjoint and satisfiability in T2 is decidable. In the second part of the paper we strengthen the NelsonOppen decidability transfer result, by showing that it applies to theories over disjoint signatures, whose satisfiability problem, in either arbitrary or infinite models, is decidable. We show that this result covers decision procedures based on rewriting, complementing recent work on combination of theories in the rewritebased approach to satisfiability. 1
Using firstorder theorem provers in the Jahob data structure verification system
 In Byron Cook and Andreas Podelski, editors, Verification, Model Checking, and Abstract Interpretation, LNCS 4349
, 2007
"... Abstract. This paper presents our integration of efficient resolutionbased theorem provers into the Jahob data structure verification system. Our experimental results show that this approach enables Jahob to automatically verify the correctness of a range of complex dynamically instantiable data st ..."
Abstract

Cited by 21 (1 self)
 Add to MetaCart
Abstract. This paper presents our integration of efficient resolutionbased theorem provers into the Jahob data structure verification system. Our experimental results show that this approach enables Jahob to automatically verify the correctness of a range of complex dynamically instantiable data structures, including data structures such as hash tables and search trees, without the need for interactive theorem proving or techniques tailored to individual data structures. Our primary technical results include: (1) a translation from higherorder logic to firstorder logic that enables the application of resolutionbased theorem provers and (2) a proof that eliminating type (sort) information in formulas is both sound and complete, even in the presence of a generic equality operator. Moreover, our experimental results show that the elimination of this type information dramatically decreases the time required to prove the resulting formulas. These techniques enabled us to verify complex correctness properties of Java programs such as a mutable set implemented as an imperative linked list, a finite map implemented as a functional ordered tree, a hash table with a mutable array, and a simple library system example that uses these container data structures. Our system verifies (in a matter of minutes) that data structure operations correctly update the finite map, that they preserve data structure invariants (such as ordering of elements, membership in appropriate hash table buckets, or relationships between sets and relations), and that there are no runtime errors such as null dereferences or array out of bounds accesses. 1
MathSAT: Tight integration of SAT and mathematical decision procedures
 Journal of Automated Reasoning
, 2005
"... Abstract. Recent improvements in propositional satisfiability techniques (SAT) made it possible to tackle successfully some hard realworld problems (e.g. modelchecking, circuit testing, propositional planning) by encoding into SAT. However, a purely boolean representation is not expressive enough ..."
Abstract

Cited by 21 (2 self)
 Add to MetaCart
Abstract. Recent improvements in propositional satisfiability techniques (SAT) made it possible to tackle successfully some hard realworld problems (e.g. modelchecking, circuit testing, propositional planning) by encoding into SAT. However, a purely boolean representation is not expressive enough for many other realworld applications, including the verification of timed and hybrid systems, of proof obligations in software, and of circuit design at RTL level. These problems can be naturally modeled as satisfiability in Linear Arithmetic Logic (LAL), i.e., the boolean combination of propositional variables and linear constraints over numerical variables. In this paper we present MATHSAT, a new, SATbased decision procedure for LAL, based on the (known approach) of integrating a stateoftheart SAT solver with a dedicated mathematical solver for LAL. We improve MATHSAT in two different directions. First, the top level procedure is enhanced, and now features a tighter integration between the boolean search and the mathematical solver. In particular, we allow for theorydriven backjumping and learning, and theorydriven deduction; we use static learning in order to reduce the number of boolean models that are mathematically inconsistent; we exploit problem clustering in order to partition
FirstOrderized ResearchCyc: Expressivity and Efficiency in a CommonSense Ontology
 In Papers from the AAAI Workshop on Contexts and Ontologies: Theory, Practice and Applications
, 2005
"... Cyc is the largest existing commonsense knowledge base. Its ontology makes heavy use of higherorder logic constructs such as a context system, first class predicates, etc. Many of these higherorder constructs are believed to be key to Cyc's ability to represent commonsense knowledge and reas ..."
Abstract

Cited by 19 (1 self)
 Add to MetaCart
Cyc is the largest existing commonsense knowledge base. Its ontology makes heavy use of higherorder logic constructs such as a context system, first class predicates, etc. Many of these higherorder constructs are believed to be key to Cyc's ability to represent commonsense knowledge and reason with it efficiently. In this paper, we present a translation of a large part (around 90%) of the Cyc ontology into FirstOrder Logic. We discuss our methodology, and the tradeoffs between expressivity and efficiency in representation and reasoning. We also present the results of experiments using VAMPIRE, SPASS, and the E Theorem Prover on the firstorderized Cyc KB. Our results indicate that, while the use of higherorder logic is not essential to the representability of commonsense knowledge, it greatly improves the efficiency of reasoning.
An integrated proof language for imperative programs
 In PLDI’09
"... We present an integrated proof language for guiding the actions of multiple reasoning systems as they work together to prove complex correctness properties of imperative programs. The language operates in the context of a program verification system that uses multiple reasoning systems to discharge ..."
Abstract

Cited by 18 (3 self)
 Add to MetaCart
We present an integrated proof language for guiding the actions of multiple reasoning systems as they work together to prove complex correctness properties of imperative programs. The language operates in the context of a program verification system that uses multiple reasoning systems to discharge generated proof obligations. It is designed to 1) enable developers to resolve key choice points in complex program correctness proofs, thereby enabling automated reasoning systems to successfully prove the desired correctness properties; 2) allow developers to identify key lemmas for the reasoning systems to prove, thereby guiding the reasoning systems to find an effective proof decomposition; 3) enable multiple reasoning systems to work together productively to prove a single correctness property by providing a mechanism that developers can use to divide the property into lemmas, each of which is suitable for
The MathSAT 3 system
 Automated Deduction: Proceedings of the 20th International Conference, volume 3632 of Lecture Notes in Computer Science
, 2005
"... Satisfiability Modulo Theories (SMT) can be seen as an extended form of propositional satisfiability, where propositions are either simple boolean propositions or quantifierfree atomic constraints in a specific theory. In this paper we present MATHSAT version 3 [6,7,8], a DPLLbased decision procedu ..."
Abstract

Cited by 17 (1 self)
 Add to MetaCart
Satisfiability Modulo Theories (SMT) can be seen as an extended form of propositional satisfiability, where propositions are either simple boolean propositions or quantifierfree atomic constraints in a specific theory. In this paper we present MATHSAT version 3 [6,7,8], a DPLLbased decision procedure for the SMT problem for various theories,
HighPerformance Deduction for Verification: A Case Study in the Theory of Arrays
 Notes of the Workshop on Verification, Third Federated Logic Conference (FLoC02
, 2002
"... We outline an approach to use orderingbased theoremproving strategies as satisfiability procedures for certain decidable theories. We report on experiments with synthetic benchmarks in the theory of arrays with extensionality, showing that a theorem prover  the E system  compares favorably ..."
Abstract

Cited by 15 (11 self)
 Add to MetaCart
We outline an approach to use orderingbased theoremproving strategies as satisfiability procedures for certain decidable theories. We report on experiments with synthetic benchmarks in the theory of arrays with extensionality, showing that a theorem prover  the E system  compares favorably with the stateoftheart validity checker CVC.
Verifying complex properties using symbolic shape analysis
 In Workshop on heap abstraction and verification
, 2007
"... One of the main challenges in the verification of software systems is the analysis of unbounded data structures with dynamic memory allocation, such as linked data structures and arrays. We describe Bohne, a new analysis for verifying data structures. Bohne verifies data structure operations and sho ..."
Abstract

Cited by 11 (6 self)
 Add to MetaCart
One of the main challenges in the verification of software systems is the analysis of unbounded data structures with dynamic memory allocation, such as linked data structures and arrays. We describe Bohne, a new analysis for verifying data structures. Bohne verifies data structure operations and shows that 1) the operations preserve data structure invariants and 2) the operations satisfy their specifications expressed in terms of changes to the set of objects stored in the data structure. During the analysis, Bohne infers loop invariants in the form of disjunctions of universally quantified Boolean combinations of formulas, represented as sets of binary decision diagrams. To synthesize loop invariants of this form, Bohne uses a combination of decision procedures for Monadic SecondOrder Logic over trees, SMTLIB decision procedures (currently CVC Lite), and an automated reasoner within the Isabelle interactive theorem prover. This architecture shows that synthesized loop invariants can serve as a useful communication mechanism between different decision procedures. In addition, Bohne uses field constraint analysis, a combination mechanism that enables the use of uninterpreted function symbols
Automating access control logics in simple type theory with LEOII
 FB Informatik, U. des Saarlandes
, 2008
"... Abstract Garg and Abadi recently proved that prominent access control logics can be translated in a sound and complete way into modal logic S4. We have previously outlined how normal multimodal logics, including monomodal logics K and S4, can be embedded in simple type theory and we have demonstrate ..."
Abstract

Cited by 11 (9 self)
 Add to MetaCart
Abstract Garg and Abadi recently proved that prominent access control logics can be translated in a sound and complete way into modal logic S4. We have previously outlined how normal multimodal logics, including monomodal logics K and S4, can be embedded in simple type theory and we have demonstrated that the higherorder theorem prover LEOII can automate reasoning in and about them. In this paper we combine these results and describe a sound (and complete) embedding of different access control logics in simple type theory. Employing this framework we show that the off the shelf theorem prover LEOII can be applied to automate reasoning in and about prominent access control logics. 1