SAT and model checking презентация

Содержание

Слайд 2

Bounded Model Checking (BMC)

A.I. Planning problems: can we reach a desired state in

k steps?
Verification of safety properties: can we find a bad state in k steps?
Verification: can we find a counterexample in k steps ?

Biere, Cimatti, Clarke, Zhu, 1999

Слайд 3

What is SAT?

SATisfying assignment!

Given a propositional formula in CNF, find if there exists

an assignment to Boolean variables that makes the formula true:

ω1 = (b c)
ω2 = (¬a ¬d)
ω3 = (¬b d)
ϕ = ω1 ω2 ω3
A = {a=0, b=1, c=0, d=1}

clauses

literals

Слайд 4

BMC idea

Given: transition system M, temporal logic formula f, and
user-supplied time

bound k

Construct propositional formula Ω(k) that is satisfiable iff f is valid
along a path of length k

Path of length k:

Say f = EF p and k = 2, then

What if f = AG p ?

Слайд 5

BMC idea (cont’d)

AG p means p must hold in every state along any

path of length k

We take

So

That means we look for counterexamples

Слайд 6

Safety-checking as BMC

p is preserved up to k-th transition iff Ω(k) is

unsatisfiable:

If satisfiable, satisfying assignment gives counterexample to the
safety property.

Слайд 7

Example: a two bit counter

Safety property: AG

Ω(2) is unsatisfiable. Ω(3) is satisfiable.

Initial state:

Transition:

Слайд 8

Example: another counter

Liveness property: AF

Ω(2) is satisfiable

Check: EG

where

Satisfying assignment gives counterexample to

the liveness property

Слайд 9

What BMC with SAT Can Do

All LTL
ACTL and ECTL
In principle, all CTL and

even mu-calculus
efficient universal quantifier elimination or fixpoint computation is an active area of research

Слайд 10

How big should k be?

For every model M and LTL property ϕ there

exists k s.t.
The minimal such k is the Completeness Threshold (CT)

Слайд 11

How big should k be?

Diameter d = longest shortest path from an initial

state to any other reachable state.
Recurrence Diameter rd = longest loop-free path.
rd ¸ d

rd = 3

Слайд 12

How big should k be?

Theorem: for Gp properties CT = d

Слайд 13

How big should k be?

Theorem: for Fp properties CT= rd

Open Problem: The value

of CT for general Linear Temporal Logic properties is unknown

Слайд 14

Given ϕ in CNF: (x,y,z),(-x,y),(-y,z),(-x,-y,-z)

Decide()

Deduce()

Resolve_Conflict()


X

X

X

X

X

ϕ

A basic SAT solver

Слайд 15

While (true)
{
if (!Decide()) return (SAT);
while (!Deduce())
if (!Resolve_Conflict()) return (UNSAT);
}

Choose the next
variable

and value.
Return False if all
variables are assigned

Apply unit clause rule.
Return False if reached
a conflict

Backtrack until
no conflict.
Return False if impossible

Basic Algorithm

Слайд 16

A = ∅

empty
clause?

y

UNSAT

conflict?

Obtain conflict
clause and
backtrack

y

n

is A
total?

y

SAT

Branch:
add some literal
to A

DPLL-style SAT solvers

SATO,GRASP,CHAFF,BERKMIN

n

Слайд 17

The Implication Graph

(¬a ∨ b) ∧ (¬b ∨ c ∨ d)

Assignment: a

∧ b ∧ ¬c ∧ d

Слайд 18

Resolution

a ∨ b ∨ ¬c

¬a ∨ ¬c ∨ d

b ∨ ¬c ∨ d

When

a conflict occurs, the implication graph is
used to guide the resolution of clauses, so that the
same conflict will not occur again.

Слайд 19

Conflict clauses

(¬a ∨ b) ∧ (¬b ∨ c ∨ d) ∧ (¬b ∨

¬ d)

Assignment: a ∧ b ∧ ¬c ∧ d

d

Слайд 20

Conflict Clauses (cont.)

Conflict clauses:
Are generated by resolution
Are implied by existing clauses
Are in conflict

with the current assignment
Are safely added to the clause set

Many heuristics are available for determining
when to terminate the resolution process.

Слайд 21

Generating refutations

Refutation = a proof of the null clause
Record a DAG containing all

resolution steps performed during conflict clause generation.
When null clause is generated, we can extract a proof of the null clause as a resolution DAG.

Original clauses

Derived clauses

Null clause

Слайд 22

Unbounded Model Checking

A variety of methods to exploit SAT and BMC for unbounded

model checking:
Completeness Threshold
k - induction
Abstraction (refutation proofs useful here)
Exact and over-approximate image computations (refutation proofs useful here)
Use of Craig interpolation

Слайд 23

Conclusions: BDDs vs. SAT

Many models that cannot be solved by BDD symbolic model

checkers, can be solved with an optimized SAT Bounded Model Checker.
The reverse is true as well.
BMC with SAT is faster at finding shallow errors and giving short counterexamples.
BDD-based procedures are better at proving absence of errors.
Имя файла: SAT-and-model-checking.pptx
Количество просмотров: 56
Количество скачиваний: 0
- Предыдущая
Вампилов Александр Валентинович
Следующая -
The use of methods for common fractions

Похожие презентации

Решение задач по формулам.
Знакомство с цифрой 0
ОГЭ 2016 Модуль ГЕОМЕТРИЯ №11
Интерактивный тренажер Показательные и логарифмические уравнения
Проект Развитие логического мышления у детей дошкольного возраста по средствам логико-математических игр
Математический кроссворд
Уравнение. Дифференциальные уравнения первого порядка
Окружность, ее цент и радиус
Десятичные дроби произвольного знака
Случаи вычитания 14 -
Задачи на смеси и сплавы
Единицы измерения длины в разное время и в разных странах
Комбинаторные задачи. Комбинаторика. Расположение перестановки n! выбор n!
Свойства параллельных прямых
Замечательные кривые в математике
Теорема Виета. Устная работа. Проверка выполнения домашней работы
В мире кривых линий. 8 класс
Уравнение касательной к графику функции
Сравнение дробей
Измерение длины отрезка. Сантиметр.
Презентация по сказкам А. С. Пушкина к занятию по внеурочной деятельности Юный математик.
Приемы быстрого счета
Треугольник. Элементы треугольника. Периметр треугольника
Разложение на множители. Формулы сокращённого умножения. Алгебра 7 класс
Декартові координати у просторі
Интеллектуальный марафон
Деление рациональных дробей. Урок алгебры в 8 классе
Графический способ решения уравнений. Расположение графика функции
Обратная связь
Email: Нажмите что бы посмотреть