Results 1  10
of
13
Online proofproducing decision procedure for mixedinteger linear arithmetic. Unpublished manuscript
, 2002
"... Abstract. Efficient decision procedures for arithmetic play a very important role in formal verification. In practical examples, however, arithmetic constraints are often mixed with constraints from other theories like the theory of arrays, Boolean satisfiability (SAT), bitvectors, etc. Therefore, ..."
Abstract

Cited by 20 (1 self)
 Add to MetaCart
Abstract. Efficient decision procedures for arithmetic play a very important role in formal verification. In practical examples, however, arithmetic constraints are often mixed with constraints from other theories like the theory of arrays, Boolean satisfiability (SAT), bitvectors, etc. Therefore, decision procedures for arithmetic are especially useful in combination with other decision procedures. The framework for such a combination is implemented at Stanford in the tool called Cooperating Validity Checker (CVC) [SBD02]. This work augments CVC with a decision procedure for the theory of mixed integer linear arithmetic based on the Omegatest [Pug91] extended to be online and proof producing. These extensions are the most important and challenging part of the work, and are necessary to make the combination efficient in practice. 1
An efficient nelsonoppen decision procedure for difference constraints over rationals
, 2005
"... Abstract. Nelson and Oppen provided a methodology for modularly combining decision procedures for individual theories to construct a decision procedure for a combination of theories. In addition to providing a check for satisfiability, the individual decision procedures need to provide additional fu ..."
Abstract

Cited by 12 (3 self)
 Add to MetaCart
Abstract. Nelson and Oppen provided a methodology for modularly combining decision procedures for individual theories to construct a decision procedure for a combination of theories. In addition to providing a check for satisfiability, the individual decision procedures need to provide additional functionalities, including equality generation. In this paper, we propose a decision procedure for a conjunction of difference constraints over rationals (where the atomic formulas are of the form x ≤ y + c or x < y + c). The procedure extends any negative cycle detection algorithm (like the BellmanFord algorithm) to generate (1) equalities between all pair of variables, (2) produce proofs and (3) generates models that can be extended by other theories in a NelsonOppen framework. All the operations mentioned above can be performed with only a linear overhead to the cycle detection algorithm. 1
Software model checking via iterative abstraction refinement of constraint logic queries
 Workshop on Constraint Programming and Constraints for Verification
, 2004
"... Abstract. Existing predicate abstraction tools rely on both theorem provers (to abstract the original program) and model checkers (to check the abstract program). This paper combines these theorem proving and model checking components in a unified algorithm. The correctness of the original, infinite ..."
Abstract

Cited by 9 (0 self)
 Add to MetaCart
Abstract. Existing predicate abstraction tools rely on both theorem provers (to abstract the original program) and model checkers (to check the abstract program). This paper combines these theorem proving and model checking components in a unified algorithm. The correctness of the original, infinitestate program is expressed as a single query in constraint logic, which is sufficiently expressive to encode recursion and least fixedpoint computations. The satisfiability of this query is decided using a combination of predicate abstraction, counterexamplebased predicate inference, and proofbased explication. Our algorithm avoids the Cartesian approximation while reducing the number of theorem prover queries. 1
Prototyping Proof Carrying Code
 Exploring New Frontiers of Theoretical Informatics
, 2004
"... We introduce a generic framework for proof carrying code, developed and mechanically verified in Isabelle/HOL. The framework defines and proves sound a verification condition generator with minimal assumptions on the underlying programming language, safety policy, and safety logic. We demonstrate it ..."
Abstract

Cited by 9 (2 self)
 Add to MetaCart
We introduce a generic framework for proof carrying code, developed and mechanically verified in Isabelle/HOL. The framework defines and proves sound a verification condition generator with minimal assumptions on the underlying programming language, safety policy, and safety logic. We demonstrate its usability for prototyping proof carrying code systems by instantiating it to a simple assembly language with procedures and a safety policy for arithmetic overflow.
Modular SMT Proofs for Fast Reflexive Checking inside Coq ⋆
"... Abstract. We present a new methodology for exchanging unsatisfiability proofs between an untrusted SMT solver and a sceptical proof assistant with computation capabilities like Coq. We advocate modular SMT proofs that separate boolean reasoning and theory reasoning; and structure the communication b ..."
Abstract

Cited by 8 (2 self)
 Add to MetaCart
Abstract. We present a new methodology for exchanging unsatisfiability proofs between an untrusted SMT solver and a sceptical proof assistant with computation capabilities like Coq. We advocate modular SMT proofs that separate boolean reasoning and theory reasoning; and structure the communication between theories using NelsonOppen combination scheme. We present the design and implementation of a Coq reflexive verifier that is modular and allows for finetuned theoryspecific verifiers. The current verifier is able to verify proofs for quantifierfree formulae mixing linear arithmetic and uninterpreted functions. Our proof generation scheme benefits from the efficiency of stateoftheart SMT solvers while being independent from a specific SMT solver proof format. Our only requirement for the SMT solver is the ability to extract unsat cores and generate boolean models. In practice, unsat cores are relatively small and their proof is obtained with a modest overhead by our proofproducing prover. We present experiments assessing the feasibility of the approach for benchmarks obtained from the SMT competition. 1
Automated Reasoning: Past Story and New Trends*
"... We overview the development of firstorder automated reasoning systems starting from their early years. Based on the analysis of current and potential applications of such systems, we also try to predict new trends in firstorder automated reasoning. Our presentation will be centered around two main ..."
Abstract

Cited by 2 (0 self)
 Add to MetaCart
We overview the development of firstorder automated reasoning systems starting from their early years. Based on the analysis of current and potential applications of such systems, we also try to predict new trends in firstorder automated reasoning. Our presentation will be centered around two main motives: efficiency and usefulness for existing and future potential applications. This paper expresses the views of the author on past, present, and future of theorem proving in firstorder logic gained during ten years of working on the development, implementation, and applications of the theorem prover Vampire, see [Riazanov and Voronkov, 2002a]. It reflects our recent experience with applications of Vampire in verification, proof assistants, theorem proving, and semantic Web, as well as the analysis of future potential applications. 1 Theorem Proving in FirstOrder Logic The idea of automatic theorem proving has a long history both in mathematics and computer science. For a long time, it was believed by many that hard theorems in mathematics can be proved in a completely automatic way, using the ability of computers to perform fast combinatorial calculations. The very first experiments in automated theorem proving have shown that the purely combinatorial methods of proving firstorder theorems are too week even for proving theorems regarded as relatively easy by mathematicians. Provability in firstorder logic is a very hard combinatorial problem. Firstorder logic is undecidable, which means that there is no terminating procedure checking provability of formulas. There are decidable classes of firstorder formulas but formulas of these classes do not often arise in applications. Due to undecidability, very short formulas may turn out to be extremely complex, while very long ones rather easy. Sometimes firstorder provers find proofs consisting of several thousand steps in a few seconds, but sometimes it takes hours to find a tenstep proof. The theory of firstorder reasoning is centered around the completeness theorems while in practice completeness is often not an issue due to the intrinsic * Partially supported by a grant from EPSRC.
Shallow Lazy Proofs
"... Abstract. We show that delaying fullyexpansive proof reconstruction for noninteractive decision procedures can result in a more efficient workflow. In contrast with earlier work, our approach to postponed proof does not require making deep changes to the theorem prover. 1 ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
Abstract. We show that delaying fullyexpansive proof reconstruction for noninteractive decision procedures can result in a more efficient workflow. In contrast with earlier work, our approach to postponed proof does not require making deep changes to the theorem prover. 1
A NelsonOppen based Proof System using Theory Specific Proof Systems ∗
"... SMT solvers are nowadays pervasive in verification tools. When the verification is about a critical system, the result of the SMT solver is also critical and cannot be trusted. The SMTLIB 2.0 is a standard interface for SMT solvers but does not specify the output of the getproof command. We presen ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
SMT solvers are nowadays pervasive in verification tools. When the verification is about a critical system, the result of the SMT solver is also critical and cannot be trusted. The SMTLIB 2.0 is a standard interface for SMT solvers but does not specify the output of the getproof command. We present a proof system that is geared towards SMT solvers and follows their conceptually modular architecture. Our proof system makes a clear distinction between propositional and theory reasoning. Moreover, individual theories provide specific proof systems that are combined using the NelsonOppen proof scheme. We propose specific proof systems for linear real arithmetic (LRA) and uninterpreted functions (EUF) and discuss proof generation and proof checking. We have evaluated the cost of generating proofs in our proof system. Our experiments on benchmarks taken from the SMTLIB library show that the simple mechanisms used in our approach suffice for a large majority of the selected benchmarks. 1
Project Description
"... this document presents the details of our proposed research project. We organize this presentation into sections, with each section giving an overview of a specific major subproblem, its relationship to the overall research goal, and our plans for addressing it. These major subproblems are as follow ..."
Abstract
 Add to MetaCart
this document presents the details of our proposed research project. We organize this presentation into sections, with each section giving an overview of a specific major subproblem, its relationship to the overall research goal, and our plans for addressing it. These major subproblems are as follows: the development of resourcebound and accesscontrol policies and enforcement mechanisms, the design of programming languages for application development, the design and development of certifying compilers, and the use of logical frameworks for e#cient proof representation. We conclude the proposal with a brief discussion of our overall research plan and our approach to disseminating our software and research results
Solving Sparse Linear Constraints
"... Abstract. Linear arithmetic decision procedures form an important part of theorem provers for program verification. In most verification benchmarks, the linear arithmetic constraints are dominated by simple difference constraints of the form x ≤ y + c. Sparse linear arithmetic (SLA) denotes a set of ..."
Abstract
 Add to MetaCart
Abstract. Linear arithmetic decision procedures form an important part of theorem provers for program verification. In most verification benchmarks, the linear arithmetic constraints are dominated by simple difference constraints of the form x ≤ y + c. Sparse linear arithmetic (SLA) denotes a set of linear arithmetic constraints with a very few nondifference constraints. In this paper, we propose an efficient decision procedure for SLA constraints, by combining a solver for difference constraints with a solver for general linear constraints. For SLA constraints, the space and time complexity of the resulting algorithm is dominated solely by the complexity for solving the difference constraints. The decision procedure generates models for satisfiable formulas. We show how this combination can be extended to generate implied equalities. We instantiate this framework with an equality generating Simplex as the linear arithmetic solver, and present preliminary experimental evaluation of our implementation on a set of linear arithmetic benchmarks. 1