Results 1 
8 of
8
Symbolic Model Checking of Infinite State Systems Using Presburger Arithmetic
"... . We present a new symbolic model checker which conservatively evaluates safety and liveness properties on infinitestate programs. We use Presburger formulas to symbolically encode a program's transition system, as well as its modelchecking computations. All fixpoint calculations are executed symb ..."
Abstract

Cited by 63 (8 self)
 Add to MetaCart
. We present a new symbolic model checker which conservatively evaluates safety and liveness properties on infinitestate programs. We use Presburger formulas to symbolically encode a program's transition system, as well as its modelchecking computations. All fixpoint calculations are executed symbolically, and their convergence is guaranteed by using approximation techniques. We demonstrate the promise of this technology on some wellknown infinitestate concurrency problems. 1 Introduction In recent years, there has been a surge of progress in the area of automated analysis for finitestate systems. Several reasons for this success are: (1) the development of powerful techniques such as modelchecking (e.g., [5, 7]), which can efficiently verify safety and liveness properties; (2) innovative new data structures that symbolically encode large sets of states in compact formats (e.g., [4, 5]); and (3) new ways of carrying out compositional and local analysis, to assuage the "state exp...
Proving Theorems about LISP Functions
, 1975
"... Program verification is the idea that properties of programs can be precisely stated and proved in the mathematical sense. In this paper, some simple heuristics combining evaluation and mathematical induction are described, which the authors have implemented in a program that automatically proves a ..."
Abstract

Cited by 48 (2 self)
 Add to MetaCart
Program verification is the idea that properties of programs can be precisely stated and proved in the mathematical sense. In this paper, some simple heuristics combining evaluation and mathematical induction are described, which the authors have implemented in a program that automatically proves a wide variety of theorems about recursive LISP functions. The method the program uses to generate induction formulas is described at length. The theorems proved by the program include that REVERSE is its own inverse and that a particular SORT program is correct. A list of theorems proved by the program is given. key words and phrases: LISP, automatic theoremproving, structural induction, program verification cr categories: 3.64, 4.22, 5.21 1 Introduction We are concerned with proving theorems in a firstorder theory of lists, akin to the elementary theory of numbers. We use a subset of LISP as our language because recursive list processing functions are easy to write in LISP and because ...
On Folk Theorems
, 1980
"... this paper is to refine this definition somewhat, adapting it to the purposes of the research community in computer science. Accordingly, we shall attempt to provide a reasonable definition of or, rather, criteria for folk theorems, followed by a detailed example illustrating the ideas. The latter e ..."
Abstract

Cited by 29 (0 self)
 Add to MetaCart
this paper is to refine this definition somewhat, adapting it to the purposes of the research community in computer science. Accordingly, we shall attempt to provide a reasonable definition of or, rather, criteria for folk theorems, followed by a detailed example illustrating the ideas. The latter endeavor might take one of two possible forms. We could take a piece of folklore and show that it is a theorem, or take a theorem and show that it is folklore. As an example of the first form we could have shown that the statement P NP, which is folklore, is also a theorem. However, since we have resolved to introduce no new technical material in this paper, and moreover, since researchers in our community seem to be less familiar with folklore than with theorems, Permission to copy without fee all or part of this material is granted provided that the copies are not made or distributed for direct commercial advantage, the ACM copyright notice and the title of the publication and its date appear, and notice is given that copying is by permission of the Association for Computing Machinery. To copy otherwise, or to republish, requires a fee and/or specific permission
Efficient symbolic representations for arithmetic constraints in verification
"... In this paper we discuss efficient symbolic representations for infinitestate systems specified using linear arithmetic constraints. We give algorithms for constructing finite automata which represent integer sets that satisfy linear constraints. These automata can represent either signed or unsign ..."
Abstract

Cited by 12 (4 self)
 Add to MetaCart
In this paper we discuss efficient symbolic representations for infinitestate systems specified using linear arithmetic constraints. We give algorithms for constructing finite automata which represent integer sets that satisfy linear constraints. These automata can represent either signed or unsigned integers and have a lower number of states compared to other similar approaches. We present efficient storage techniques for the transition function of the automata and extend the construction algorithms to formulas on both boolean and integer variables. We also derive conditions which guarantee that the precondition computations used in symbolic verification algorithms do not cause an exponential increase in the automata size. We experimentally compare different symbolic representations by using them to verify nontrivial concurrent systems. Experimental results show that the symbolic representations based on our construction algorithms outperform the polyhedral representation used in Omega Library, and the automata representation used in LASH.
Making Complex Timing Relationships Readable: Presburger Formula Simplification using Don't Cares
, 1997
"... Solutions to timing relationship analysis problems are often reported using symbolic variables and inequalities which specify linear relationships between the variables. Complex relationships can be expressed using Presburger formulas which allow Boolean relations to be specified between the inequal ..."
Abstract

Cited by 5 (1 self)
 Add to MetaCart
Solutions to timing relationship analysis problems are often reported using symbolic variables and inequalities which specify linear relationships between the variables. Complex relationships can be expressed using Presburger formulas which allow Boolean relations to be specified between the inequalities. Libraries that manipulate Presburger formulas, such as the Omega libraries [10], often provide solutions that are overly complex. For Presburger formulas to be manipulated efficiently by other tools (e.g., synthesis tools) and/or be readable by humans, they must be simplified. This paper develops and applies a highly effective simplification approach based on logic minimization techniques. The results of our tool are quite promising both in terms of the degree of simplification achieved and in run time and are applicable to other domains where Presburger formulas arise. 1 Introduction Many problems in computeraided design (ranging from physical placement to scheduling in behavioral...
Making Complex Timing Relationships Readable: Presburger Formula Simplification Using Don't Cares
"... Solutions to timing relationship analysis problems are often reported using symbolic variables and inequalities which specify linear relationships between the variables. Complex relationships can be expressed using Presburger formulas which allow Boolean relations to be specified between the inequal ..."
Abstract
 Add to MetaCart
Solutions to timing relationship analysis problems are often reported using symbolic variables and inequalities which specify linear relationships between the variables. Complex relationships can be expressed using Presburger formulas which allow Boolean relations to be specified between the inequalities. This paper develops and applies a highly effective simplification approach for Presburger formulas based on logic minimization techniques. 1 Introduction Many problems in computeraided design (ranging from physical placement to scheduling in behavioral synthesis) can be formulated using systems of linear inequalities. This is especially the case for problems that deal with temporal information. In the simplest cases, the inequalities must all hold and are derived from the delay ranges in the specification and the constraints (imposed by the user or environment) that must be satisfied for the system to function correctly. Graph algorithms have been effectively applied to determine t...
Making Complex Timing Relationships Readable: Presburger Formula Simplification Using Don't Cares
"... Solutions to timing relationship analysis problems are often reported using symbolic variables and inequalities which specify linear relationships between the variables. Complex relationships can be expressed using Presburger formulas which allow Boolean relations to be specified between the inequal ..."
Abstract
 Add to MetaCart
Solutions to timing relationship analysis problems are often reported using symbolic variables and inequalities which specify linear relationships between the variables. Complex relationships can be expressed using Presburger formulas which allow Boolean relations to be specified between the inequalities. This paper develops and applies a highly effective simplification approach for Presburger formulas based on logic minimization techniques. 1 Introduction Many problems in computeraided design (ranging from physical placement to scheduling in behavioral synthesis) can be formulated using systems of linear inequalities. This is especially the case for problems that deal with temporal information. In the simplest cases, the inequalities must all hold and are derived from the delay ranges in the specification and the constraints (imposed by the user or environment) that must be satisfied for the system to function correctly. Graph algorithms have been effectively applied to determine t...
Gedanken: A tool for pondering the tractability of correct program technology
, 1994
"... syntax of elementary languages in Gedanken . . . . . . . . . . . 129 7.1 Match counting algorithm for patterns over PC k . . . . . . . . . . . . . 157 8.1 log 2 speed of Model Graphs after elimination . . . . . . . . . . . . . . . 187 8.2 log 2 speedup of Model Graphs after elimination . . . . . . ..."
Abstract
 Add to MetaCart
syntax of elementary languages in Gedanken . . . . . . . . . . . 129 7.1 Match counting algorithm for patterns over PC k . . . . . . . . . . . . . 157 8.1 log 2 speed of Model Graphs after elimination . . . . . . . . . . . . . . . 187 8.2 log 2 speedup of Model Graphs after elimination . . . . . . . . . . . . . 188 8.3 log 2 speed of Model Graphs after invalidation . . . . . . . . . . . . . . . 188 8.4 log 2 speedup of Model Graphs after invalidation . . . . . . . . . . . . . 189 ix Chapter 1 Summary One goal of computer science has been to develop a tool T to aid a programmer in building a program P that satisfies a specification S by helping the programmer build a proof in some logic of programs L that shows that P satisfies S. S typically is a pair of propositions (#, #) such that, for an input x to P , #(x) # #(P (x)) when P is defined on x. # is called the precondition or assumption, and # is called the postcondition or assertion. The problem of finding a suitable logic L of programs and specifications and verification tool T may be generically referred to as the "FloydHoare problem", formulated around 1967 [Flo67, Hoa69]. Around 1977, Davis and Schwartz proposed an extension of the FloydHoare problem in which there are multiple assumptions and assertions, referring to the state of a program as execution passes through di#erent places # in the program [DS77, Sch77]. A placed proposition is then a pair (#, #), where # is either a line of a program or the name of a function. A placed proposition (#, #) holds when, if execution reaches # and the value of the variables X in P is V , then #(V ) is valid. A program with assumptions and assertions or praa is then a triple R = (P, E, F ) where the assumptions E and assertions F are sets of placed propositions. T...