Results 1  10
of
45
Satisfiability Solvers
, 2008
"... The past few years have seen an enormous progress in the performance of Boolean satisfiability (SAT) solvers. Despite the worstcase exponential run time of all known algorithms, satisfiability solvers are increasingly leaving their mark as a generalpurpose tool in areas as diverse as software and h ..."
Abstract

Cited by 48 (0 self)
 Add to MetaCart
The past few years have seen an enormous progress in the performance of Boolean satisfiability (SAT) solvers. Despite the worstcase exponential run time of all known algorithms, satisfiability solvers are increasingly leaving their mark as a generalpurpose tool in areas as diverse as software and hardware verification [29–31, 228], automatic test pattern generation [138, 221], planning [129, 197], scheduling [103], and even challenging problems from algebra [238]. Annual SAT competitions have led to the development of dozens of clever implementations of such solvers [e.g. 13,
Measuring Channel Capacity to Distinguish Undue Influence
"... The channel capacity of a program is a quantitative measure of the amount of control that the inputs to a program have over its outputs. Because it corresponds to worstcase assumptions about the probability distribution over those inputs, it is particularly appropriate for security applications whe ..."
Abstract

Cited by 41 (2 self)
 Add to MetaCart
(Show Context)
The channel capacity of a program is a quantitative measure of the amount of control that the inputs to a program have over its outputs. Because it corresponds to worstcase assumptions about the probability distribution over those inputs, it is particularly appropriate for security applications where the inputs are under the control of an adversary. We introduce a family of complementary techniques for measuring channel capacity automatically using a decision procedure (SAT or #SAT solver), which give either exact or narrow probabilistic bounds. We then apply these techniques to the problem of analyzing false positives produced by dynamic taint analysis used to detect controlflow hijacking in commodity software. Dynamic taint analysis is based on the principle that an attacker should not be able to control values such as function pointers and return addresses, but it uses a simple binary approximation of control that commonly leads to both false positive and false negative errors. Based on channel capacity, we propose a more refined quantitative measure of influence, which can effectively distinguish between true attacks and false positives. We use a practical implementation of our influence measuring techniques, integrated with a dynamic taint analysis operating on x86 binaries, to classify tainting warnings produced by vulnerable network servers, such as those attacked by the Blaster and SQL Slammer worms. Influence measurement correctly distinguishes real attacks from tainting false positives, a task that would otherwise need to be done manually.
From sampling to model counting
 In Proc. IJCAI’07
, 2007
"... We introduce a new technique for counting models of Boolean satisfiability problems. Our approach incorporates information obtained from sampling the solution space. Unlike previous approaches, our method does not require uniform or nearuniform samples. It instead converts local search sampling wit ..."
Abstract

Cited by 39 (8 self)
 Add to MetaCart
We introduce a new technique for counting models of Boolean satisfiability problems. Our approach incorporates information obtained from sampling the solution space. Unlike previous approaches, our method does not require uniform or nearuniform samples. It instead converts local search sampling without any guarantees into very good bounds on the model count with guarantees. We give a formal analysis and provide experimental results showing the effectiveness of our approach. 1
Nearuniform sampling of combinatorial spaces using xor constraints
 In NIPS. 2007
"... We propose a new technique for sampling the solutions of combinatorial problems in a nearuniform manner. We focus on problems specified as a Boolean formula, i.e., on SAT instances. Sampling for SAT problems has been shown to have interesting connections with probabilistic reasoning, making practic ..."
Abstract

Cited by 29 (5 self)
 Add to MetaCart
(Show Context)
We propose a new technique for sampling the solutions of combinatorial problems in a nearuniform manner. We focus on problems specified as a Boolean formula, i.e., on SAT instances. Sampling for SAT problems has been shown to have interesting connections with probabilistic reasoning, making practical sampling algorithms for SAT highly desirable. The best current approaches are based on Markov Chain Monte Carlo methods, which have some practical limitations. Our approach exploits combinatorial properties of random parity (XOR) constraints to prune away solutions nearuniformly. The final sample is identified amongst the remaining ones using a stateoftheart SAT solver. The resulting sampling distribution is provably arbitrarily close to uniform. Our experiments show that our technique achieves a significantly better sampling quality than the best alternative. 1
Solution Counting Algorithms for ConstraintCentered Search Heuristics
"... Constraints have played a central role in cp because they capture key substructures of a problem and efficiently exploit them to boost inference. This paper intends to do the same thing for search, proposing constraintcentered heuristics which guide the exploration of the search space toward areas ..."
Abstract

Cited by 24 (4 self)
 Add to MetaCart
(Show Context)
Constraints have played a central role in cp because they capture key substructures of a problem and efficiently exploit them to boost inference. This paper intends to do the same thing for search, proposing constraintcentered heuristics which guide the exploration of the search space toward areas that are likely to contain a high number of solutions. We first propose new search heuristics based on solution counting information at the level of individual constraints. We then describe efficient algorithms to evaluate the number of solutions of two important families of constraints: occurrence counting constraints, such as alldifferent, and sequencing constraints, such as regular. In both cases we take advantage of existing filtering algorithms to speed up the evaluation. Experimental results on benchmark problems show the effectiveness of our approach.
Model Counting
, 2008
"... Propositional model counting or #SAT is the problem of computing the number of models for a given propositional formula, i.e., the number of distinct truth assignments to variables for which the formula evaluates to true. For a propositional formula F, we will use #F to denote the model count of F. ..."
Abstract

Cited by 23 (0 self)
 Add to MetaCart
Propositional model counting or #SAT is the problem of computing the number of models for a given propositional formula, i.e., the number of distinct truth assignments to variables for which the formula evaluates to true. For a propositional formula F, we will use #F to denote the model count of F. This problem is also referred to as the solution counting problem for SAT. It generalizes SAT and is the canonical #Pcomplete problem. There has been significant theoretical work trying to characterize the worstcase complexity of counting problems, with some surprising results such as model counting being hard even for some polynomialtime solvable problems like 2SAT. The model counting problem presents fascinating challenges for practitioners and poses several new research questions. Efficient algorithms for this problem will have a significant impact on many application areas that are inherently beyond SAT (‘beyond ’ under standard complexity theoretic assumptions), such as boundedlength adversarial and contingency planning, and probabilistic reasoning. For example, various probabilistic inference problems, such as Bayesian net reasoning, can be effectively translated into model counting problems [cf.
Leveraging belief propagation, backtrack search, and statistics for model counting
"... Abstract. We consider the problem of estimating the model count (number of solutions) of Boolean formulas, and present two techniques that compute estimates of these counts, as well as either lower or upper bounds with different tradeoffs between efficiency, bound quality, and correctness guarantee ..."
Abstract

Cited by 20 (6 self)
 Add to MetaCart
(Show Context)
Abstract. We consider the problem of estimating the model count (number of solutions) of Boolean formulas, and present two techniques that compute estimates of these counts, as well as either lower or upper bounds with different tradeoffs between efficiency, bound quality, and correctness guarantee. For lower bounds, we use a recent framework for probabilistic correctness guarantees, and exploit message passing techniques for marginal probability estimation, namely, variations of Belief Propagation (BP). Our results suggest that BP provides useful information even on structured loopy formulas. For upper bounds, we perform multiple runs of the MiniSat SAT solver with a minor modification, and obtain statistical bounds on the model count based on the observation that the distribution of a certain quantity of interest is often very close to the normal distribution. Our experiments demonstrate that our model counters based on these two ideas, BPCount and MiniCount, can provide very good bounds in time significantly less than alternative approaches. 1
Probabilistic Planning via Heuristic Forward Search and Weighted Model Counting
"... We present a new algorithm for probabilistic planning with no observability. Our algorithm, called ProbabilisticFF, extends the heuristic forwardsearch machinery of ConformantFF to problems with probabilistic uncertainty about both the initial state and action effects. Specifically, Probabilistic ..."
Abstract

Cited by 17 (0 self)
 Add to MetaCart
(Show Context)
We present a new algorithm for probabilistic planning with no observability. Our algorithm, called ProbabilisticFF, extends the heuristic forwardsearch machinery of ConformantFF to problems with probabilistic uncertainty about both the initial state and action effects. Specifically, ProbabilisticFF combines ConformantFF’s techniques with a powerful machinery for weighted model counting in (weighted) CNFs, serving to elegantly define both the search space and the heuristic function. Our evaluation of ProbabilisticFF shows its fine scalability in a range of probabilistic domains, constituting a several orders of magnitude improvement over previous results in this area. We use a problematic case to point out the main open issue to be addressed by further research. 1.
Taming the curse of dimensionality: Discrete integration by hashing and optimization
 In ICML (To appear
, 2013
"... Integration is affected by the curse of dimensionality and quickly becomes intractable as the dimensionality of the problem grows. We propose a randomized algorithm that, with high probability, gives a constantfactor approximation of a general discrete integral defined over an exponentially large s ..."
Abstract

Cited by 15 (5 self)
 Add to MetaCart
(Show Context)
Integration is affected by the curse of dimensionality and quickly becomes intractable as the dimensionality of the problem grows. We propose a randomized algorithm that, with high probability, gives a constantfactor approximation of a general discrete integral defined over an exponentially large set. This algorithm relies on solving only a small number of instances of a discrete combinatorial optimization problem subject to randomly generated parity constraints used as a hash function. As an application, we demonstrate that with a small number of MAP queries we can efficiently approximate the partition function of discrete graphical models, which can in turn be used, for instance, for marginal computation or model selection. 1.
A scalable and nearly uniform generator of SAT witnesses
 In Proc. of CAV
, 2013
"... Abstract. Functional verification constitutes one of the most challenging tasks in the development of modern hardware systems, and simulationbased verification techniques dominate the functional verification landscape. A dominant paradigm in simulationbased verification is directed random testing, ..."
Abstract

Cited by 13 (6 self)
 Add to MetaCart
(Show Context)
Abstract. Functional verification constitutes one of the most challenging tasks in the development of modern hardware systems, and simulationbased verification techniques dominate the functional verification landscape. A dominant paradigm in simulationbased verification is directed random testing, where a model of the system is simulated with a set of random test stimuli that are uniformly or nearuniformly distributed over the space of all stimuli satisfying a given set of constraints. Uniform or nearuniform generation of solutions for large constraint sets is therefore a problem of theoretical and practical interest. For boolean constraints, prior work offered heuristic approaches with no guarantee of performance, and theoretical approaches with proven guarantees, but poor performance in practice. We offer here a new approach with theoretical performance guarantees and demonstrate its practical utility on large constraint sets. 1