Results 1  10
of
25
Abstraction refinement with Craig interpolation and symbolic pushdown systems
 In Proceedings of TACAS 2006, 3920 of LNCS
, 2006
"... Counterexampleguided abstraction refinement (CEGAR) has proven to be a powerful method for software model checking. In this paper, we investigate this concept in the context of sequential (possibly recursive) programs whose statements are given as Binary Decision Diagrams (BDDs). We examine how Cra ..."
Abstract

Cited by 21 (2 self)
 Add to MetaCart
Counterexampleguided abstraction refinement (CEGAR) has proven to be a powerful method for software model checking. In this paper, we investigate this concept in the context of sequential (possibly recursive) programs whose statements are given as Binary Decision Diagrams (BDDs). We examine how Craig interpolants can be computed efficiently in this case and propose a new special type of interpolants. Moreover, we show how to treat multiple counterexamples in one refinement cycle. We have implemented this approach within the model checker Moped and report on experiments.
Planned and Traversable PlayOut: A Flexible Method for Executing ScenarioBased Programs
 Programs”, 13th Intl. Conf. on Tools and Algorithms for the Construction and Analysis of Systems (TACAS’07
, 2007
"... Abstract. We introduce a novel approach to the smart execution of scenariobased models of reactive systems, such as those resulting from the multimodal interobject language of live sequence charts (LSCs). Our approach finds multiple execution paths from a given state of the system, and allows the ..."
Abstract

Cited by 17 (16 self)
 Add to MetaCart
Abstract. We introduce a novel approach to the smart execution of scenariobased models of reactive systems, such as those resulting from the multimodal interobject language of live sequence charts (LSCs). Our approach finds multiple execution paths from a given state of the system, and allows the user to interactively traverse them. The method is based on translating the problem of finding a superstep of execution into a problem in the AI planning domain, and issuing a known planning algorithm, which we have had to modify and strengthen for our purposes. 1
Improving ariadne’s bundle by following multiple threads in abstraction refinement
 In Proceedings of ICCAD
, 2003
"... We propose an abstraction refinement method for invariant checking, counter examples of shortest length in the current abstraction. The algorithm is focused on an improved Ariadne’s Bundle 1 of SORs (Synchronous Onion Rings) of the abstract model; the transitions through these SORs contain all short ..."
Abstract

Cited by 11 (3 self)
 Add to MetaCart
We propose an abstraction refinement method for invariant checking, counter examples of shortest length in the current abstraction. The algorithm is focused on an improved Ariadne’s Bundle 1 of SORs (Synchronous Onion Rings) of the abstract model; the transitions through these SORs contain all shortest ACEs (Abstract Counter Examples) and no other ACEs. The SORs are exploited in two distinct ways to provide global guidance to the abstraction refinement process: (1) Refinement variable selection is based on the entirety of transitions connecting the SORs, and (2) a SATbased concretization test is formulated to test all ACEs in the SORs at once. We call this test multithread concretization. The scalability of our refinement algorithm is ensured in the sense that all the analysis and computation required in our refinement algorithm are conducted on the abstract model. The abstraction efficiency of a given abstraction refinement algorithm measures how much of the concrete model is required to make the decision. We include experimental comparisons of our new method with recently published techniques [6, 4]. The results show that our scalable method, based on global guidance from the entire bundle of shortest ACEs, outperforms these other methods in terms of both run time and abstraction efficiency. 1.
Abstraction Refinement for Bounded Model Checking
 In Proc. CAV’05
, 2005
"... have been very successful in model checking large systems. While most previous work has focused on model checking, this paper presents a CounterexampleGuided abstraction refinement technique for Bounded Model Checking (bmc). Our technique makes bmc much faster, as indicated by our experiments. bmc ..."
Abstract

Cited by 10 (1 self)
 Add to MetaCart
have been very successful in model checking large systems. While most previous work has focused on model checking, this paper presents a CounterexampleGuided abstraction refinement technique for Bounded Model Checking (bmc). Our technique makes bmc much faster, as indicated by our experiments. bmc is also used for generating refinements in the ProofBased Refinement (pbr) framework. We show that our technique unifies pbr and cegar into an abstractionrefinement framework that can balance the model checking and refinement efforts. 1
Generation of all counterexamples for pushdown systems
 In Proceedings of FORTE
, 2003
"... Abstract. We present a new, onthefly algorithm that, given a pushdown system model representing a sequential program with (recursive) procedure calls and an extended finitestate automaton representing (the negation of) a safety property, produces a succinct, symbolic representation of all counte ..."
Abstract

Cited by 7 (2 self)
 Add to MetaCart
Abstract. We present a new, onthefly algorithm that, given a pushdown system model representing a sequential program with (recursive) procedure calls and an extended finitestate automaton representing (the negation of) a safety property, produces a succinct, symbolic representation of all counterexamples, i.e., traces of system behaviors that violate the property. The class of what we call minimumrecursion loopfree counterexamples can then be generated from this representation on an asneeded basis and presented to the user. Our algorithm is also applicable, without modification, to finitestate system models. Simultaneous consideration of multiple counterexamples can minimize the number of model checking runs needed to recognize common root causes of property violations. We illustrate the use of our techniques via application to a JavaTar utility and an FTPserver program, and discuss a prototype tool implementation which offers several abstraction techniques for easyviewing of generated counterexamples. 1
A faster counterexample minimization algorithm based on refutation analysis
 in Design, Automation and Test in Europe, 2005
"... It is a hot research topic to eliminate irrelevant variables from counterexample, to make it easier to be understood. The BFL algorithm is the most effective counterexample minimization algorithm compared to all other approaches. But its time overhead is very large due to one call to SAT solver for ..."
Abstract

Cited by 5 (1 self)
 Add to MetaCart
It is a hot research topic to eliminate irrelevant variables from counterexample, to make it easier to be understood. The BFL algorithm is the most effective counterexample minimization algorithm compared to all other approaches. But its time overhead is very large due to one call to SAT solver for each candidate variable to be eliminated. The key to reduce time overhead is to eliminate multiple variables simultaneously. Therefore, we propose a faster counterexample minimization algorithm based on refutation analysis in this paper. We perform refutation analysis on those UNSAT instances of BFL, to extract the set of variables that lead to UNSAT. All variables not belong to this set can be eliminated simultaneously as irrelevant variables. Thus we can eliminate multiple variables with only one call to SAT solver. Theoretical analysis and experiment result shows that, our algorithm can be 2 to 3 orders of magnitude faster than existing BFL algorithm, and with only minor lost in counterexample minimization ability. 1.
Interpolant Learning and Reuse in SATBased Model Checking
"... Bounded Model Checking (BMC) is one of the most paradigmatic practical applications of Boolean Satisfiability (SAT). The utilization of SAT in model checking has allowed significant performance gains and, as a consequence, a large number of commercial verification tools now include SATbased model c ..."
Abstract

Cited by 4 (0 self)
 Add to MetaCart
Bounded Model Checking (BMC) is one of the most paradigmatic practical applications of Boolean Satisfiability (SAT). The utilization of SAT in model checking has allowed significant performance gains and, as a consequence, a large number of commercial verification tools now include SATbased model checkers. Recent work has provided SATbased BMC with completeness conditions, and this is generally referred to as unbounded model checking (UMC). Among the existing approaches for SATbased UMC, the utilization of interpolants is among the most effective. Despite their success, interpolants have only been used for identifying a fixed point of the set of reachable states. This paper extends the utilization of interpolants in SATbased model checking. This is achieved by observing that, under reasonable assumptions, interpolants can be reused, i.e. computed interpolants can be reused at later stages of the model checking process. The paper develops conditions for validity of interpolant reuse. In addition, the paper outlines a new fixed point condition, alternative to the existing interpolantbased fixed point condition. Preliminary practical experience on interpolant learning and reuse is reported.
Making Predicate Abstraction Efficient: How to eliminate redundant predicates
 In: Proceedings of Computer Aided Verification (CAV
, 2003
"... In this paper we consider techniques to identify and remove redundant predicates during predicate abstraction. We give three criteria for identifying redundancy. A predicate is redundant if any of the following three holds (i) the predicate is equivalent to a propositional function of other predi ..."
Abstract

Cited by 4 (2 self)
 Add to MetaCart
In this paper we consider techniques to identify and remove redundant predicates during predicate abstraction. We give three criteria for identifying redundancy. A predicate is redundant if any of the following three holds (i) the predicate is equivalent to a propositional function of other predicates. (ii) removing the predicate preserves safety properties satisfied by the abstract model (iii) removing it preserves bisimulation equivalence.
HaifaSat: a SAT solver based on an abstraction/refinement model
 Journal on Satisfiability, Boolean Modeling and Computation
"... The popular abstraction/refinement model frequently used in verification, can also explain the success of a SAT decision heuristic like Berkmin. According to this model, conflict clauses are abstractions of the clauses from which they were derived. We suggest a clausebased decision heuristic called ..."
Abstract

Cited by 3 (0 self)
 Add to MetaCart
The popular abstraction/refinement model frequently used in verification, can also explain the success of a SAT decision heuristic like Berkmin. According to this model, conflict clauses are abstractions of the clauses from which they were derived. We suggest a clausebased decision heuristic called ClauseMoveToFront (CMTF), which attempts to follow an abstraction/refinement strategy (based on the resolvegraph) rather than satisfying the clauses in the chronological order in which they were created, as done in Berkmin. We also show a resolutionbased score function for choosing the variable from the selected clause and a similar function for choosing the sign. We implemented the suggested heuristics in our SAT solver HaifaSat. Experiments on hundreds of industrial benchmarks demonstrate the superiority of this method comparing to the Berkmin heuristic. HaifaSat won the 3rd place in the industrialbenchmarks category in the SAT competition of 2005, and did not compete or was developed since. We present experimental results with the benchmarks of the 2007 competition that show that it is about 32 % slower than RSAT, the winner of 2007. Considering the time difference, it shows that it is rather robust. The abstraction/refinement theoretical model is still relevant, and there is still room for further research on how to exploit it better given a recent result that permits storing and manipulating the resolve graph in the main memory. Keywords: SATsolver, abstraction
Underapproximation for modelchecking based on random cryptographic constructions
 Proc. 19 th Intl. Conference on Computer Aided Verification (CAV’07), volume 4590 of Lect. Notes in Comp. Sci
, 2007
"... Abstract. For two naturals m, n such that m < n, we show how to construct a circuit C with m inputs and n outputs, that has the following property: for some 0 ≤ k ≤ m, the circuit defines a kuniversal function. This means, informally, that for every subset K of k outputs, every possible valuatio ..."
Abstract

Cited by 2 (1 self)
 Add to MetaCart
Abstract. For two naturals m, n such that m < n, we show how to construct a circuit C with m inputs and n outputs, that has the following property: for some 0 ≤ k ≤ m, the circuit defines a kuniversal function. This means, informally, that for every subset K of k outputs, every possible valuation of the variables in K is reachable (we prove that k is very close to m with an arbitrarily high probability). Now consider a circuit M with n inputs that we wish to modelcheck. Connecting the inputs of M to the outputs of C gives us a new circuit M ′ with m inputs, that its original inputs have freedom defined by k. This is a very attractive feature for underapproximation in modelchecking: on one hand the combined circuit has a smaller number of inputs, and on the other hand it is expected to find an error state fast if there is one. We report initial experimental results with bounded model checking of industrial designs (the method is equally applicable to unbounded model checking and to simulation), which shows mixed results. An interesting observation, however, is that in 13 out of 17 designs, setting m to be n/5 is sufficient to detect the bug. This is in contrast to other underapproximation that are based on reducing the number of inputs, which in most cases cannot detect the bug even with m = n/2. 1