Advancing Software Model Checking Beyond Linear Arithmetic Theories

Mahdi, Ahmed; Scheibler, Karsten; Neubauer, Felix; Fränzle, Martin; Becker, Bernd

doi:10.1007/978-3-319-49052-6_12

Cited by 4 publications

(12 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The most relevant is the recently proposed iSAT3 [50], that uses an interpolation-based [48,50] approach to prove invariants. In addition to being an SMT solver, iSAT3 is also a bounded model checker for transition systems.…”

Section: Non-linear Solvingmentioning

confidence: 99%

“…-verification queries over transcendental transition systems [50] deriving from SMT-based verification engines, including discretization of Bounded Model Checking of hybrid automata [4,62]; -all the benchmarks from the MetiTarski distribution [1]; -all the SMT(NTA) benchmarks 14 from the dReal distribution [39]; -all the benchmarks from the iSAT3 distribution [50]. iSAT3 requires that the variables are constrained to small intervals when there are transcendental functions.…”

Section: Experiments For Smtmentioning

confidence: 99%

“…As for VMT, the approach has been implemented in the nuXmv model checker [17], relying on the IC3 with Implicit Abstraction [22] engine for VMT(UFLRA). We selected benchmarks over VMT(NRA) and VMT(NTA), and compared nuXmv against multiple approaches working at NRA level, including BMC and k-induction using SMT(NRA), the recent interpolation-based iSAT3 engine [50], and the static abstraction approach proposed in Reference [18].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Incremental Linearization for Satisfiability and Verification Modulo Nonlinear Arithmetic and Transcendental Functions

Cimatti

Griggio

Irfan

et al. 2018

ACM Trans. Comput. Logic

View full text Add to dashboard Cite

Satisfiability Modulo Theories (SMT) is the problem of deciding the satisfiability of a first-order formula with respect to some theory or combination of theories; Verification Modulo Theories (VMT) is the problem of analyzing the reachability for transition systems represented in terms of SMT formulae. In this article, we tackle the problems of SMT and VMT over the theories of nonlinear arithmetic over the reals (NRA) and of NRA augmented with transcendental (exponential and trigonometric) functions (NTA). We propose a new abstraction-refinement approach for SMT and VMT on NRA or NTA, called Incremental Linearization. The idea is to abstract nonlinear multiplication and transcendental functions as uninterpreted functions in an abstract space limited to linear arithmetic on the rationals with uninterpreted functions. The uninterpreted functions are incrementally axiomatized by means of upper-and lower-bounding piecewiselinear constraints. In the case of transcendental functions, particular care is required to ensure the soundness of the abstraction. The method has been implemented in the MathSAT SMT solver and in the nuXmv model checker. An extensive experimental evaluation on a wide set of benchmarks from verification and mathematics demonstrates the generality and the effectiveness of our approach. CCS Concepts: • Theory of computation → Automated reasoning; Constraint and logic programming; Verification by model checking; Logic and verification; • Mathematics of computing → Solvers;

show abstract

Section: Non-linear Solvingmentioning

confidence: 99%

Section: Experiments For Smtmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Incremental Linearization for Satisfiability and Verification Modulo Nonlinear Arithmetic and Transcendental Functions

Cimatti

Griggio

Irfan

et al. 2018

ACM Trans. Comput. Logic

View full text Add to dashboard Cite

show abstract

“…There are not many tools that deal with NRA transition systems. The most relevant is the recently proposed ISAT3 [28], that uses an interpolation-based [23,24] approach to prove invariants. In addition to NRA, it also supports trascendental functions and some form of differential equations.…”

Section: Related Workmentioning

confidence: 99%

“…When spurious counter-examples are found, the abstraction is tightened by the incremental introduction of linear constraints, including tangent planes resulting from differential calculus, and monotonicity constraints.We implemented the approach on top of the NUXMV model checker [7], leveraging the IC3 engine with Implicit Abstraction [9] for invariant checking of transition systems over LRA with EUF. We compared it, on a wide set of benchmarks, against multiple approaches working at NRA level, including BMC and k-induction using SMT(NRA), the recent interpolation-based ISAT3 engine [24], and the static abstraction approach proposed in [8]. The results demonstrate substantial superiority of our approach, that is able to solve the highest number of benchmarks.The effectiveness of our approach is possibly explained with the following insights.…”

mentioning

confidence: 98%

Invariant Checking of NRA Transition Systems via Incremental Reduction to LRA with EUF

Cimatti

Griggio

Irfan

et al. 2017

Tools and Algorithms for the Construction and Analysis of Systems

View full text Add to dashboard Cite

Model checking invariant properties of designs, represented as transition systems, with non-linear real arithmetic (NRA), is an important though very hard problem. On the one hand NRA is a hard-to-solve theory; on the other hand most of the powerful model checking techniques lack support for NRA. In this paper, we present a counterexample-guided abstraction refinement (CEGAR) approach that leverages linearization techniques from differential calculus to enable the use of mature and efficient model checking algorithms for transition systems on linear real arithmetic (LRA) with uninterpreted functions (EUF). The results of an empirical evaluation confirm the validity and potential of this approach.This work was performed as part of the H2020-and to proceed incrementally. These extra functions are usually not available, or they have a very high computational cost.In this paper, we propose a completely different approach to tackle invariant checking for NRA transition systems. Basically, we work with an abstract version of the transition system, expressed over LRA with EUF, for which we have effective verification tools [9]. In the abstract space, nonlinear multiplication is modeled as an uninterpreted function. When spurious counter-examples are found, the abstraction is tightened by the incremental introduction of linear constraints, including tangent planes resulting from differential calculus, and monotonicity constraints.We implemented the approach on top of the NUXMV model checker [7], leveraging the IC3 engine with Implicit Abstraction [9] for invariant checking of transition systems over LRA with EUF. We compared it, on a wide set of benchmarks, against multiple approaches working at NRA level, including BMC and k-induction using SMT(NRA), the recent interpolation-based ISAT3 engine [24], and the static abstraction approach proposed in [8]. The results demonstrate substantial superiority of our approach, that is able to solve the highest number of benchmarks.The effectiveness of our approach is possibly explained with the following insights. On the one hand, in contrast to LRA, NRA is a hard-to-solve theory: in practice, most available complete solvers rely on CAD techniques [12], which require double exponential time in worst case. Thus, we try to avoid NRA reasoning, trading it for LRA and EUF reasoning. On the other hand, proving properties of practical NRA transition systems may not require the full power of non-linear solving. In fact, some systems are "mostly-linear" (i.e. non-linear constraints are associated to a very small part of the system), an example being the Transport Class Model (TCM) for aircraft simulation from the Simulink model library [19]. Furthermore, even NRA transition systems with significant non-linear dynamics may admit a piecewise-linear invariant of the transition system that is strong enough to prove the property.Structure. In Sec. 2 we discuss the related work, and in Sec. 3 introduce some background. In Sec. 4 we discuss the approach in the setting of SMT(NRA). In Sec. 5 we pr...

show abstract

Interpolation and Model Checking for Nonlinear Arithmetic

Jovanović

Dutertre

2021

Lecture Notes in Computer Science

View full text Add to dashboard Cite

We present a new model-based interpolation procedure for satisfiability modulo theories (SMT). The procedure uses a new mode of interaction with the SMT solver that we call solving modulo a model. This either extends a given partial model into a full model for a set of assertions or returns an explanation (a model interpolant) when no solution exists. This mode of interaction fits well into the model-constructing satisfiability (MCSAT) framework of SMT. We use it to develop an interpolation procedure for any MCSAT-supported theory. In particular, this method leads to an effective interpolation procedure for nonlinear real arithmetic. We evaluate the new procedure by integrating it into a model checker and comparing it with state-of-art model-checking tools for nonlinear arithmetic.

show abstract

Advancing Software Model Checking Beyond Linear Arithmetic Theories

Cited by 4 publications

References 27 publications

Incremental Linearization for Satisfiability and Verification Modulo Nonlinear Arithmetic and Transcendental Functions

Incremental Linearization for Satisfiability and Verification Modulo Nonlinear Arithmetic and Transcendental Functions

Invariant Checking of NRA Transition Systems via Incremental Reduction to LRA with EUF

Interpolation and Model Checking for Nonlinear Arithmetic

Contact Info

Product

Resources

About