Presentation is loading. Please wait.

Presentation is loading. Please wait.

IBM Labs in Haifa Software and Verification Technologies Supporting SAT based BMC on Finite Path Models Daniel Geist Mark Ginzburg Yoad Lustig Ishai Rabinovitz.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "IBM Labs in Haifa Software and Verification Technologies Supporting SAT based BMC on Finite Path Models Daniel Geist Mark Ginzburg Yoad Lustig Ishai Rabinovitz."— Presentation transcript:

1 IBM Labs in Haifa Software and Verification Technologies Supporting SAT based BMC on Finite Path Models Daniel Geist Mark Ginzburg Yoad Lustig Ishai Rabinovitz Ohad Shacham Rachel Tzoref IBM Haifa Labs 11-July-2005

2 Supporting SAT based BMC on Finite Path Models IBM Labs in Haifa - Software and Verification Technologies 12/7/2005 2 Outline  The problem  Why consider finite paths  The solution – change the translation  Using the improved translation on standard models  Experimental results

3 Supporting SAT based BMC on Finite Path Models IBM Labs in Haifa - Software and Verification Technologies 12/7/2005 3 The problem - Example  INIT(s 0 )  (  i=1..k TR(s i-1,s i )(  (  i=1..k BAD(s i )) assume

4 Supporting SAT based BMC on Finite Path Models IBM Labs in Haifa - Software and Verification Technologies 12/7/2005 4 Why consider finite paths  Verification engineer creates finite paths  Reduce model size  Concentrate on suspected parts  Ignore known bugs  Bugs on finite paths are reported:  Due to the limited horizon of bounded model checking techniques:  BMC using SAT  On-the-fly verification  Ignoring bugs on finite paths invalidates BMC monotonicity.  If when running BMC with bound k there is no bug  BMC should not find bug when running with smaller bound So, don’t report bugs on them There should be no finite paths Well, I don’t care. You may report them or not

5 Supporting SAT based BMC on Finite Path Models IBM Labs in Haifa - Software and Verification Technologies 12/7/2005 5 The importance of monotonicity – An example  There is a finite path of length k 1  There is a bug on that path on cycle k 2 (k 1 <k 2 )  The verification engineer runs BMC with bound k 3 (k 3 >k 1 >k 2 )  No bug is found  There is a change in the design  Does not change this path  The verification engineer runs BMC with bound k 4 (k 3 >k 1 >k 4 >k 2 )  BMC finds the bug  Verification engineer reaches the wrong conclusion:  There is a bug in the change k1k1 k2k2 k3k3 k4k4

6 Supporting SAT based BMC on Finite Path Models IBM Labs in Haifa - Software and Verification Technologies 12/7/2005 6 Why consider finite paths

7 Supporting SAT based BMC on Finite Path Models IBM Labs in Haifa - Software and Verification Technologies 12/7/2005 7 Naive solutions  Run BMC for k=1, k=2, k=3 ……  Activates the SAT solver many times  Time consuming (in theory and in practice)  Change the translation to check for a path of any length smaller than k  Activates the SAT solver once  On a long formula (quadratic length(

8 Supporting SAT based BMC on Finite Path Models IBM Labs in Haifa - Software and Verification Technologies 12/7/2005 8 The solution – An improved translation  Add a new Boolean variable to each cycle: AlreadyFailed(s i )  Indicates that a bug occurred in cycle i or in an earlier cycle  Add the constraints:  For an initial state: AlreadyFailed(s 0 )  BAD(s 0 )  AlreadyFailed(s i )  AlreadyFailed(s i-1 )  BAD(s i )  Change the BMC equation:  INIT(s 0 )  (  i=1..k (TR(s i-1,s i )  AlreadyFailed(s i-1 ))  (  i=1..k BAD(s i ))  Another option:  For an initial state: AlreadyFailed(s 0 )  BAD(s 0 )  AlreadyFailed(s i )  AlreadyFailed(s i-1 )  BAD(s i )  Another option for the BMC equation:  INIT(s 0 )  (  i=1..k (TR(s i-1,s i )  AlreadyFailed(s i-1 ))  AlreadyFailed(s k )

9 Supporting SAT based BMC on Finite Path Models IBM Labs in Haifa - Software and Verification Technologies 12/7/2005 9 Comparing old and new translation

10 Supporting SAT based BMC on Finite Path Models IBM Labs in Haifa - Software and Verification Technologies 12/7/2005 10 Using the improved translation on standard models  BMC is running with bound k=100  There is a bug on cycle b=56  Traditional translation:  Need to find a valid assignment to variables in cycles higher than the bug cycle (in our example 56)  This is redundant work.  Improved translation:  Once AlreadyFailed(s 56 ) is set can set AlreadyFailed(s i ) for 56<i<100  Probably more efficient

11 Supporting SAT based BMC on Finite Path Models IBM Labs in Haifa - Software and Verification Technologies 12/7/2005 11 Comparing old and new translation (SAT, k=100)

12 Supporting SAT based BMC on Finite Path Models IBM Labs in Haifa - Software and Verification Technologies 12/7/2005 12 Methodology  If there may be finite paths (using a constraint, e.g., assume)  Choose one of:  New improved translation with large increment step  Traditional translation with increment step of 1  If there are no finite paths  Choose one of:  New translation(Good for SAT)  Traditional translation(Good for UnSAT)  Run both in parallel(Good when user has hardware resources)

13 IBM Labs in Haifa Software and Verification Technologies Questions?

Download ppt "IBM Labs in Haifa Software and Verification Technologies Supporting SAT based BMC on Finite Path Models Daniel Geist Mark Ginzburg Yoad Lustig Ishai Rabinovitz."

Similar presentations

Model Checking Base on Interoplation

Model Checking Base on Interoplation
The behavior of SAT solvers in model checking applications K. L. McMillan Cadence Berkeley Labs.

The behavior of SAT solvers in model checking applications K. L. McMillan Cadence Berkeley Labs.
Exploiting SAT solvers in unbounded model checking

Exploiting SAT solvers in unbounded model checking
The Synthesis of Cyclic Circuits with SAT and Interpolation By John Backes and Marc Riedel ECE University of Minnesota.

The Synthesis of Cyclic Circuits with SAT and Interpolation By John Backes and Marc Riedel ECE University of Minnesota.
Formal Methods and Testing Goal: software reliability Use software engineering methodologies to develop the code. Use formal methods during code development.

Formal Methods and Testing Goal: software reliability Use software engineering methodologies to develop the code. Use formal methods during code development.
Current Assignments Homework 1 due in 4 days (June 16 th ) Variables, mathematical and logical operators, input/output, and the “ if ” operator. Project.

Current Assignments Homework 1 due in 4 days (June 16 th ) Variables, mathematical and logical operators, input/output, and the “ if ” operator. Project.
Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:
IBM Labs in Haifa Generation Core: IBM's Systematic Constraint Solver.

IBM Labs in Haifa Generation Core: IBM's Systematic Constraint Solver.
1 Backdoor Sets in SAT Instances Ryan Williams Carnegie Mellon University Joint work in IJCAI03 with: Carla Gomes and Bart Selman Cornell University.

1 Backdoor Sets in SAT Instances Ryan Williams Carnegie Mellon University Joint work in IJCAI03 with: Carla Gomes and Bart Selman Cornell University.
IBM Labs in Haifa © 2005 IBM Corporation Adaptive Application of SAT Solving Techniques Ohad Shacham and Karen Yorav Presented by Sharon Barner.

IBM Labs in Haifa © 2005 IBM Corporation Adaptive Application of SAT Solving Techniques Ohad Shacham and Karen Yorav Presented by Sharon Barner.
FIT1002 2006 1 FIT1002 Computer Programming Unit 19 Testing and Debugging.

FIT FIT1002 Computer Programming Unit 19 Testing and Debugging.
Program Analysis as Constraint Solving Sumit Gulwani (MSR Redmond) Ramarathnam Venkatesan (MSR Redmond) Saurabh Srivastava (Univ. of Maryland) TexPoint.

Program Analysis as Constraint Solving Sumit Gulwani (MSR Redmond) Ramarathnam Venkatesan (MSR Redmond) Saurabh Srivastava (Univ. of Maryland) TexPoint.
SAT and Model Checking. Bounded Model Checking (BMC) A.I. Planning problems: can we reach a desired state in k steps? Verification of safety properties:

SAT and Model Checking. Bounded Model Checking (BMC) A.I. Planning problems: can we reach a desired state in k steps? Verification of safety properties:
On-The-Fly Resolve Trace Minimization Ohad Shacham and Karen Yorav IBM Haifa Research Laboratory.

On-The-Fly Resolve Trace Minimization Ohad Shacham and Karen Yorav IBM Haifa Research Laboratory.
1 Predicate Abstraction of ANSI-C Programs using SAT Edmund Clarke Daniel Kroening Natalia Sharygina Karen Yorav (modified by Zaher Andraus for presentation.

1 Predicate Abstraction of ANSI-C Programs using SAT Edmund Clarke Daniel Kroening Natalia Sharygina Karen Yorav (modified by Zaher Andraus for presentation.
1 Linear-time Reductions of Resolution Proofs Omer Bar-Ilan Oded Fuhrmann Shlomo Hoory Ohad Shacham Ofer Strichman Technion.

1 Linear-time Reductions of Resolution Proofs Omer Bar-Ilan Oded Fuhrmann Shlomo Hoory Ohad Shacham Ofer Strichman Technion.
IBM Haifa Research Lab IBM Haifa Labs An Open Source Simulation Model of Software Testing Shmuel Ur Elad Yom-Tov Paul Wernick

IBM Haifa Research Lab IBM Haifa Labs An Open Source Simulation Model of Software Testing Shmuel Ur Elad Yom-Tov Paul Wernick
Formal Verification Group © Copyright IBM Corporation 2008 IBM Haifa Labs SAT-based unbounded model checking using interpolation Based on a paper “Interpolation.

Formal Verification Group © Copyright IBM Corporation 2008 IBM Haifa Labs SAT-based unbounded model checking using interpolation Based on a paper “Interpolation.
Pruning techniques for the SAT-based Bounded Model-Checking problem Ofer Shtrichman Weizmann Institute of Science & IBM - HRL.

Pruning techniques for the SAT-based Bounded Model-Checking problem Ofer Shtrichman Weizmann Institute of Science & IBM - HRL.
11.7.2005 Computing Over­Approximations with Bounded Model Checking Daniel Kroening ETH Zürich.

Computing Over­Approximations with Bounded Model Checking Daniel Kroening ETH Zürich.

Similar presentations

Ads by Google