## SAT-based Verification without State Space Traversal (2000)

Venue: | In Formal Methods in Computer-Aided Design |

Citations: | 67 - 3 self |

### BibTeX

@INPROCEEDINGS{Bjesse00sat-basedverification,

author = {Per Bjesse and Koen Claessen},

title = {SAT-based Verification without State Space Traversal},

booktitle = {In Formal Methods in Computer-Aided Design},

year = {2000},

pages = {372--389},

publisher = {Springer}

}

### Years of Citing Articles

### OpenURL

### Abstract

. Binary Decision Diagrams (BDDs) have dominated the area of symbolic model checking for the past decade. Recently, the use of satisfiability (SAT) solvers has emerged as an interesting complement to BDDs. SAT-based methods are capable of coping with some of the systems that BDDs are unable to handle. The most challenging problem that has to be solved in order to adapt standard symbolic model checking to SAT-solvers is the boolean quantification necessary for traversing the state space. A possible approach to extending the applicability of SAT-based model checkers is therefore to reduce the amount of traversal. In this paper, we investigate a BDD-based verification algorithm due to van Eijk. Van Eijk's algorithm tries to compute information that is sufficient to prove a given safety property directly. When this is not possible, the computed information can be used to reduce the amount of traversal needed by standard model checking algorithms. We convert van Eijk's algori...

### Citations

2930 | Graph-based algorithms for Boolean function manipulation
- Bryant
- 1986
(Show Context)
Citation Context ...l. 1 Introduction Symbolic model checking based on satisfiability (SAT) solvers [2, 1, 15, 12] has recently emerged as an interesting complement to model checking with Binary Decision Diagrams (BDDs) =-=[3]-=-. There are a number of systems which are not suited to be effectively verified using BDD-based model checkers, but can be verified using SAT-based methods. The use of SAT-solvers rather than BDDs als... |

2408 | Model Checking
- Clarke, Grumberg, et al.
- 1999
(Show Context)
Citation Context ...if it evaluates to 1 for all variable assignments under the usual interpretation of the connectives. State machines. We represent sequential synchronous circuits as state machines in the standard way =-=[4]-=-, where the set of states is the set of boolean valuations of a vector s of variables; one variable for each input and internal latch. As we do not restrict the input part of the states, these state m... |

705 | Symbolic model checking without BDDs
- Biere, Cimatti, et al.
- 1999
(Show Context)
Citation Context ...is a collection of substantially strengthened and complete verification methods that do not require state space traversal. 1 Introduction Symbolic model checking based on satisfiability (SAT) solvers =-=[2, 1, 15, 12]-=- has recently emerged as an interesting complement to model checking with Binary Decision Diagrams (BDDs) [3]. There are a number of systems which are not suited to be effectively verified using BDD-b... |

488 | The synchronous dataflow programming language lustre
- Halbwachs, Caspi, et al.
- 1991
(Show Context)
Citation Context ...ties. Lastly, we would like to extend the presented ideas to the verification of safety properties of synchronous reactive systems; for example, systems implemented in the programming language Lustre =-=[9]-=-. In order to do this, we need to add support for integer arithmetic and to investigate how Halbwachs's ideas [8] can be combined with our analyses. Acknowledgements. Many thanks to Niklas Sorensson w... |

154 |
Checking Safety Properties Using Induction and a SAT Solver
- Sheeran, Singh, et al.
- 1954
(Show Context)
Citation Context ...is a collection of substantially strengthened and complete verification methods that do not require state space traversal. 1 Introduction Symbolic model checking based on satisfiability (SAT) solvers =-=[2, 1, 15, 12]-=- has recently emerged as an interesting complement to model checking with Binary Decision Diagrams (BDDs) [3]. There are a number of systems which are not suited to be effectively verified using BDD-b... |

108 | Verification of real-time systems using linear relation analysis
- Halbwachs, Proy, et al.
- 1997
(Show Context)
Citation Context ...nerate semantic information from systems originally comes from the field of program analysis. Many different such analyses can be seen as abstract interpretations [5]. In particular, Halbwachs et al. =-=[8, 10]-=- have used abstract interpretation techniques to generate linear constraints between arithmetic variables that always holds in the reachable state space of synchronous programs and timed automata. Thi... |

77 | Symbolic reachability analysis based on SAT-solvers
- Abdula, Bjesse, et al.
- 2000
(Show Context)
Citation Context ...is a collection of substantially strengthened and complete verification methods that do not require state space traversal. 1 Introduction Symbolic model checking based on satisfiability (SAT) solvers =-=[2, 1, 15, 12]-=- has recently emerged as an interesting complement to model checking with Binary Decision Diagrams (BDDs) [3]. There are a number of systems which are not suited to be effectively verified using BDD-b... |

63 |
System for determining propositional logic theorems by applying values and rules to triplets that are generated from boolean formula
- St˚almarck
- 1994
(Show Context)
Citation Context ...put into finding equivalences. We solve the two problems by converting the algorithm to use propositional formulas to represent points in the circuit, and by applying Stalmarck's saturation algorithm =-=[14, 13]-=- rather than BDDs for discovering equivalences between points. The resulting algorithm is generalised in three ways. First, we make the algorithm complete by changing the induction scheme that is used... |

43 | Combining decision diagrams and SAT procedures for efficient symbolic model checking
- Williams, Biere, et al.
- 2000
(Show Context)
Citation Context |

28 |
Eijk, “Sequential equivalence checking without state traversal”,DATE,98
- van
(Show Context)
Citation Context ...an sometimes lead to excessively large formulas in SAT adaptions of standard model checking algorithms. In the hope of alleviating these problems, we investigate a BDD-based algorithm due to van Eijk =-=[6]-=- that attempts to verify safety properties of circuits without performing state-space traversal. The main idea behind the algorithm is to use induction to cheaply compute points in the circuit that al... |

25 |
About synchronous programming and abstract interpretation
- Halbwachs
- 1998
(Show Context)
Citation Context ...mprovement. The new approximate backward algorithms can be very useful on their own. However, there exists a general way of enhancing approximative reachability analyses that improves matters further =-=[8]-=-. The idea is to first generate the overapproximation of the reachable states. If the corresponding set has an empty intersection with the bad states, we are done. If it has an nonempty intersection, ... |

24 |
Abstract interpretation: a unified model for static analysis of programs by construction or approximation of fixpoints
- Cousot, Cousot
- 1977
(Show Context)
Citation Context ...dea to use approximate analyses to generate semantic information from systems originally comes from the field of program analysis. Many different such analyses can be seen as abstract interpretations =-=[5]-=-. In particular, Halbwachs et al. [8, 10] have used abstract interpretation techniques to generate linear constraints between arithmetic variables that always holds in the reachable state space of syn... |

13 |
and the STeP group. STeP: The Stanford Temporal Prover
- Manna
- 1994
(Show Context)
Citation Context ... of synchronous programs and timed automata. This information is used both for compilation purposes and for verification. The same techniques are used for generating strengthenings in the STeP system =-=[11]-=- that is targeted towards deductive verification of reactive programs. The main differences between our work and the work on synchronous programs and STeP, is (1) that the analyses we present here are... |

6 |
A tutorial on Stalmarck's method of propositional proof
- Sheeran, Stalmarck
(Show Context)
Citation Context ...put into finding equivalences. We solve the two problems by converting the algorithm to use propositional formulas to represent points in the circuit, and by applying Stalmarck's saturation algorithm =-=[14, 13]-=- rather than BDDs for discovering equivalences between points. The resulting algorithm is generalised in three ways. First, we make the algorithm complete by changing the induction scheme that is used... |

4 | Approximate symbolic model checking using overlapping projections
- Govindaraju, Dill
- 1999
(Show Context)
Citation Context ...ckly generating information. In the case of synchronous program verification and STeP, a precise analysis is not even possible in general as infinite state systems are addressed. Dill and Govindaraju =-=[7]-=- have developed a method for performing BDD-based approximate symbolic model checking based on overlapping projections. Their idea is to alleviate BDD blow-up by representing an overapproximation of a... |