Rewriting modulo SMT and open system analysis

Abstract: Abstract. This paper proposes rewriting modulo SMT, a new technique that combines the power of SMT solving, rewriting modulo theories, and model checking. Rewriting modulo SMT is ideally suited to model and analyze reachability properties of infinite-state open systems, i.e., systems that interact with a nondeterministic environment. Such systems exhibit both internal nondeterminism, which is proper to the system, and external nondeterminism, which is due to the environment. In a reflective formalism, such as … Show more

“…There are several similarities between our approach in that given in [27]: their builtin theory is equivalent to the specication of data, constrained terms are patterns π ∧ φ, and the abstraction of built-ins for a conguration term π is the same with our t. According to the paragraph preceding Lemma 4 (Matching Lemma) in [27], by A-matching a conguration term π, including only data variables, against a left-hand side π 1 of a rule in S provides a complete uniability algorithm for ground A-unication of π and π 1 (the claim was adapted to our notation). More technically, the Matching Lemma in [27] claims that if π and π 1 are ground A-uniable, the there is a matching substitution σ such that σ( π 1 ) = A π (note the equality modulo A).…”

“…An abstraction (∃X) π ∧ φ of π ∧ φ is meant deal with this issue. For instance, (∃X) π ∧ φ can be obtained from π ∧ φ by linearising the basic pattern π, replacing the nondata sub terms with variables from X, and then adding the equalities between variables in X and the corresponding subterms to φ [2,27]. This is exactly what happened in the above example.…”

“…More technically, the Matching Lemma in [27] claims that if π and π 1 are ground A-uniable, the there is a matching substitution σ such that σ( π 1 ) = A π (note the equality modulo A). Since ground A-uniability is the same with concrete uniability in the model M , we show below that we may take unif ∼ = ( π 1 , π) to be the set of substitutions given by the matching algorithm.…”

“…Since ground A-uniability is the same with concrete uniability in the model M , we show below that we may take unif ∼ = ( π 1 , π) to be the set of substitutions given by the matching algorithm. However, we cannot apply directly the Matching Lemma in [27] because it does not establish a direct relationship between uniers and matchers.…”

“…Rewriting modulo SMT [27] is a recently introduced technique for performing symbolic execution on rewrite theories. Their approach and ours have some common features: a built-in subtheory (for data, in our case) in which constraints are handled by SMT solving; the notion of constrained terms (in our case, Matching Logic patterns ); and soundness and completeness results (in our case, precision and coverage).…”

Symbolic execution based on language transformation

“…There are several similarities between our approach in that given in [27]: their builtin theory is equivalent to the specication of data, constrained terms are patterns π ∧ φ, and the abstraction of built-ins for a conguration term π is the same with our t. According to the paragraph preceding Lemma 4 (Matching Lemma) in [27], by A-matching a conguration term π, including only data variables, against a left-hand side π 1 of a rule in S provides a complete uniability algorithm for ground A-unication of π and π 1 (the claim was adapted to our notation). More technically, the Matching Lemma in [27] claims that if π and π 1 are ground A-uniable, the there is a matching substitution σ such that σ( π 1 ) = A π (note the equality modulo A).…”

“…An abstraction (∃X) π ∧ φ of π ∧ φ is meant deal with this issue. For instance, (∃X) π ∧ φ can be obtained from π ∧ φ by linearising the basic pattern π, replacing the nondata sub terms with variables from X, and then adding the equalities between variables in X and the corresponding subterms to φ [2,27]. This is exactly what happened in the above example.…”

“…More technically, the Matching Lemma in [27] claims that if π and π 1 are ground A-uniable, the there is a matching substitution σ such that σ( π 1 ) = A π (note the equality modulo A). Since ground A-uniability is the same with concrete uniability in the model M , we show below that we may take unif ∼ = ( π 1 , π) to be the set of substitutions given by the matching algorithm.…”

“…Since ground A-uniability is the same with concrete uniability in the model M , we show below that we may take unif ∼ = ( π 1 , π) to be the set of substitutions given by the matching algorithm. However, we cannot apply directly the Matching Lemma in [27] because it does not establish a direct relationship between uniers and matchers.…”

“…Rewriting modulo SMT [27] is a recently introduced technique for performing symbolic execution on rewrite theories. Their approach and ours have some common features: a built-in subtheory (for data, in our case) in which constraints are handled by SMT solving; the notion of constrained terms (in our case, Matching Logic patterns ); and soundness and completeness results (in our case, precision and coverage).…”

Symbolic execution based on language transformation

Survivability: Design, Formal Modeling, and Validation of Cloud Storage Systems Using Maude

Hybrid SynchAADL: Modeling and Formal Analysis of Virtually Synchronous CPSs in AADL