Results 1  10
of
26
Extending Sledgehammer with SMT Solvers
"... Abstract. Sledgehammer is a component of Isabelle/HOL that employs firstorder automatic theorem provers (ATPs) to discharge goals arising in interactive proofs. It heuristically selects relevant facts and, if an ATP is successful, produces a snippet that replays the proof in Isabelle. We extended Sl ..."
Abstract

Cited by 18 (7 self)
 Add to MetaCart
(Show Context)
Abstract. Sledgehammer is a component of Isabelle/HOL that employs firstorder automatic theorem provers (ATPs) to discharge goals arising in interactive proofs. It heuristically selects relevant facts and, if an ATP is successful, produces a snippet that replays the proof in Isabelle. We extended Sledgehammer to invoke satisfiability modulo theories (SMT) solvers as well, exploiting its relevance filter and parallel architecture. Isabelle users are now pleasantly surprised by SMT proofs for problems beyond the ATPs ’ reach. Remarkably, the best SMT solver performs better than the best ATP on most of our benchmarks. 1
veriT: an open, trustable and efficient SMTsolver
 Proc. Conference on Automated Deduction (CADE), volume 5663 of Lecture Notes in Computer Science
, 2009
"... Abstract. This article describes the first public version of the satisfiability modulo theory (SMT) solver veriT. It is opensource, proofproducing, and complete for quantifierfree formulas with uninterpreted functions and difference logic on real numbers and integers. 1 ..."
Abstract

Cited by 18 (6 self)
 Add to MetaCart
(Show Context)
Abstract. This article describes the first public version of the satisfiability modulo theory (SMT) solver veriT. It is opensource, proofproducing, and complete for quantifierfree formulas with uninterpreted functions and difference logic on real numbers and integers. 1
Fast Reflexive Arithmetic Tactics the linear case and beyond
 in &quot;Types for Proofs and Programs (TYPES’06)&quot;, Lecture Notes in Computer Science
, 2006
"... Abstract. When goals fall in decidable logic fragments, users of proofassistants expect automation. However, despite the availability of decision procedures, automation does not come for free. The reason is that decision procedures do not generate proof terms. In this paper, we show how to design ef ..."
Abstract

Cited by 15 (5 self)
 Add to MetaCart
(Show Context)
Abstract. When goals fall in decidable logic fragments, users of proofassistants expect automation. However, despite the availability of decision procedures, automation does not come for free. The reason is that decision procedures do not generate proof terms. In this paper, we show how to design efficient and lightweight reflexive tactics for a hierarchy of quantifierfree fragments of integer arithmetics. The tactics can cope with a wide class of linear and nonlinear goals. For each logic fragment, offtheshelf algorithms generate certificates of infeasibility that are then validated by straightforward reflexive checkers proved correct inside the proofassistant. This approach has been prototyped using the Coq proofassistant. Preliminary experiments are promising as the tactics run fast and produce small proof terms. 1
Combined satisfiability modulo parametric theories
 Proceedings of the 13th International Conference on Tools and Algorithms for the Construction and Analysis of Systems
, 2007
"... Abstract. We give a fresh theoretical foundation for designing comprehensive SMT solvers, generalizing in a practically motivated direction. We define parametric theories that most appropriately express the “logic ” of common data types. Our main result is a combination theorem for decision proced ..."
Abstract

Cited by 14 (3 self)
 Add to MetaCart
(Show Context)
Abstract. We give a fresh theoretical foundation for designing comprehensive SMT solvers, generalizing in a practically motivated direction. We define parametric theories that most appropriately express the “logic ” of common data types. Our main result is a combination theorem for decision procedures for disjoint theories of this kind. Virtually all of the deeply nested data structures (lists of arays of sets of...) that arise in verification work are covered. 1
HOLBoogie  An interactive proverbackend for the Verifiying C Compiler
"... Boogie is a verification condition generator for an imperative core language. It has frontends for the programming languages C# and C enriched by annotations in firstorder logic, i. e. pre and postconditions, assertions, and loop invariants. Moreover, concepts like ghost fields, ghost variables, ..."
Abstract

Cited by 8 (4 self)
 Add to MetaCart
(Show Context)
Boogie is a verification condition generator for an imperative core language. It has frontends for the programming languages C# and C enriched by annotations in firstorder logic, i. e. pre and postconditions, assertions, and loop invariants. Moreover, concepts like ghost fields, ghost variables, ghost code and specification functions have been introduced to support a specific modeling methodology. Boogie’s verification conditions — constructed via a wp calculus from annotated programs — are usually transferred to automated theorem provers such as Simplify or Z3. This also comprises the expansion of languagespecific modeling constructs in terms of a theory describing memory and elementary operations on it; this theory is called a machine/memory model. In this paper, we present a proof environment, HOLBoogie, that combines Boogie with the interactive theorem prover Isabelle/HOL, for a specific C frontend and a machine/memory model. In particular, we present specific techniques combining automated and interactive proof methods for code verification. The main goal of our environment is to help program verification engineers in their task to “debug” annotations and to find combined proofs where purely automatic proof attempts fail.
Combinations of theories and the BernaysSchönfinkelRamsey class
 4th International Verification Workshop  VERIFY’07, Bremen
, 2007
"... Abstract. The BernaysSchönfinkelRamsey (BSR) class of formulas is the class of formulas that, when written in prenex normal form, have an ∃ ∗ ∀ ∗ quantifier prefix and do not contain any function symbols. This class is decidable. We show here that BSR theories can furthermore be combined with a ..."
Abstract

Cited by 7 (2 self)
 Add to MetaCart
(Show Context)
Abstract. The BernaysSchönfinkelRamsey (BSR) class of formulas is the class of formulas that, when written in prenex normal form, have an ∃ ∗ ∀ ∗ quantifier prefix and do not contain any function symbols. This class is decidable. We show here that BSR theories can furthermore be combined with another disjoint decidable theory, so that we obtain a decision procedure for quantifierfree formulas in the combination of the BSR theory and another decidable theory. The classical NelsonOppen combination scheme requires theories to be stablyinfinite, ensuring that, if a model is found for both theories in the combination, models agree on cardinalities and a global model can be built. We show that combinations with BSR theories can be much more permissive, even though BSR theories are not always stablyinfinite. We state that it is possible to describe exactly all the (finite or infinite) cardinalities of the models of a given BSR theory. For the other theory, it is thus only required to be able to decide if there exists a model of a given cardinality. With this result, it is notably possible to use some set operators, operators on relations, orders — any operator that can be expressed by a set of BSR formulas — together with the usual objects of SMT solvers, notably integers, reals, uninterpreted symbols, enumerated types. 1
Compressing propositional refutations
 Sixth International Workshop on Automated Verification of Critical Systems (AVOCS ’06) – Preliminary Proceedings
, 2006
"... We report initial results on shortening propositional resolution refutation proofs. This has an application in speeding up deductive reconstruction (in theorem provers) of large propositional refutations, such as those produced by SATsolvers. Key words: Proof verification, Propositional refutations ..."
Abstract

Cited by 6 (0 self)
 Add to MetaCart
(Show Context)
We report initial results on shortening propositional resolution refutation proofs. This has an application in speeding up deductive reconstruction (in theorem provers) of large propositional refutations, such as those produced by SATsolvers. Key words: Proof verification, Propositional refutations 1
Decision procedures for the formal analysis of software
 Aspects Comp. (ICTAC), volume 4281 of Lecture Notes in Computer Science
, 2007
"... ..."
(Show Context)
Proof reconstruction for firstorder logic and settheoretical constructions
 Sixth International Workshop on Automated Verification of Critical Systems (AVOCS ’06) – Preliminary Proceedings
, 2006
"... Proof reconstruction is a technique that combines an interactive theorem prover and an automatic one in a sound way, so that users benefit from the expressiveness of the first tool and the automation of the latter. We present an implementation of proof reconstruction for firstorder logic and setth ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
(Show Context)
Proof reconstruction is a technique that combines an interactive theorem prover and an automatic one in a sound way, so that users benefit from the expressiveness of the first tool and the automation of the latter. We present an implementation of proof reconstruction for firstorder logic and settheoretical constructions between the interactive theorem prover Isabelle and the automatic SMT prover haRVey. 1
On the Formal Verification of the FlexRay Communication Protocol
 In Automatic Verification of Critical Systems (AVoCS
, 2006
"... We present ongoing work on the formal analysis of the FlexRay communication protocol. Isabelle/HOL, a theorem prover for Higher Order Logic, is chosen as our specification and verification system. Essential properties of the FlexRay protocol are identified, formalized and verified. In particular, we ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
(Show Context)
We present ongoing work on the formal analysis of the FlexRay communication protocol. Isabelle/HOL, a theorem prover for Higher Order Logic, is chosen as our specification and verification system. Essential properties of the FlexRay protocol are identified, formalized and verified. In particular, we show our formal verification of the FlexRay bus guardian component. Furthermore, some insights for the formal verification of the clock synchronization algorithm are exposed. Keywords: FlexRay, Verification, Bus Guardian, Isabelle/HOL