An SMT Approach to Bounded Reachability Analysis of Model Programs

Veanes, Margus; Bjørner, Nikolaj; Raschke, Alexander

doi:10.1007/978-3-540-68855-6_4

Cited by 23 publications

(23 citation statements)

References 23 publications

(44 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Another approach of generating instances of axioms incrementally, guided by a candidate model, has been followed by Veanes et al [2] in context of bounded reachability analysis. Although not explained in much detail, they seem to use an even stronger semantic condition: only instances which contradict the current candidate model are generated.…”

Section: Discussionmentioning

confidence: 99%

“…We consider a clause C redundant with respect to F if there is a clause D ∈ F which is a variant of C. 2 If all inferences based on sel only produce instances which are redundant with respect to F , we call F saturated under IG (with respect to the selection function sel). If F is saturated under IG, the procedure terminates and states satisfiabliliy of the input.…”

Section: Instance Generation Methodsmentioning

confidence: 99%

See 1 more Smart Citation

Incremental Instance Generation in Local Reasoning

Jacobs

2009

Computer Aided Verification

View full text Add to dashboard Cite

Abstract. Local reasoning allows to handle SMT problems involving a certain class of universally quantified formulas in a complete way by instantiation to a finite set of ground formulas. We present a method to generate this set incrementally, in order to provide a more efficient way of solving these satisfiability problems. The incremental instantiation is guided semantically, inspired by the instance generation approach to first-order theorem proving. Our method is sound and complete, and terminates on both satisfiable and unsatisfiable input after generating a subset of the instances needed in standard local reasoning.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Instance Generation Methodsmentioning

confidence: 99%

Incremental Instance Generation in Local Reasoning

Jacobs

2009

Computer Aided Verification

View full text Add to dashboard Cite

show abstract

“…We are investigating an SMT approach for doing reachability analysis of model programs [36], where we use Z3 [41,5] for our implementation, as it supports background theories [17,16] for arithmetic as well as sets and maps. A prototype is being implemented for a fragment of model programs written in AsmL.…”

Section: Implementation and Experiencesmentioning

confidence: 99%

“…The step semantics of model programs is based on the theory of abstract state machines (ASMs) [25] with a rich background universe [6]. This enables explicit state exploration techniques [21] and symbolic analysis techniques that support the needed background theories [36], as well as a range of other ASM technologies [8] to be applied to model programs.…”

Section: Introductionmentioning

confidence: 99%

Protocol Modeling with Model Program Composition

Veanes

Schulte

2008

Formal Techniques for Networked and Distributed Systems – FORTE 2008

Self Cite

View full text Add to dashboard Cite

Abstract. Designing and interoperability testing of distributed, application-level network protocols is complex. Windows, for example, supports currently more than 200 protocols, ranging from simple protocols for email exchange to complex ones for distributed file replication or real time communication. To fight this increasing complexity problem, we introduce a methodology and formal framework that uses model program composition to specify behavior of such protocols. A model program can be used to specify an increment of protocol functionality with a coherent purpose, which can be understood and analyzed separately. The overall behavior of a protocol can be defined by a composite model program, which defines how the individual parts interoperate.

show abstract

“…A key open research issue of current symbolic techniques is extensibility. Techniques that combine different methods have been proposed, e.g., decision procedures [50,51], unifications algorithms [7,11], theorem provers with decision procedures [1,10,53], and SMT solvers in model checkers [3,30,49,62,66]. However, there is still a lack of general extensibility techniques for symbolic analysis that simultaneously combine the power of SMT solving, rewriting-and narrowingbased analysis, and model checking.…”

Section: Introductionmentioning

confidence: 99%

Rewriting modulo SMT and open system analysis

Rocha

Meseguer

Muñoz

2017

Journal of Logical and Algebraic Methods in Programming

View full text Add to dashboard Cite

Abstract. This paper proposes rewriting modulo SMT, a new technique that combines the power of SMT solving, rewriting modulo theories, and model checking. Rewriting modulo SMT is ideally suited to model and analyze reachability properties of infinite-state open systems, i.e., systems that interact with a nondeterministic environment. Such systems exhibit both internal nondeterminism, which is proper to the system, and external nondeterminism, which is due to the environment. In a reflective formalism, such as rewriting logic, rewriting modulo SMT can be reduced to standard rewriting. Hence, rewriting modulo SMT naturally extends rewriting-based reachability analysis techniques, which are available for closed systems, to open systems. The proposed technique is illustrated with the formal analysis of: (i) a real-time system that is beyond the scope of timed-automata methods and (ii) automatic detection of reachability violations in a synchronous language developed to support autonomous spacecraft operations.

show abstract

An SMT Approach to Bounded Reachability Analysis of Model Programs

Cited by 23 publications

References 23 publications

Incremental Instance Generation in Local Reasoning

Incremental Instance Generation in Local Reasoning

Protocol Modeling with Model Program Composition

Rewriting modulo SMT and open system analysis

Contact Info

Product

Resources

About