Generating Property-Directed Potential Invariants By Backward Analysis

@inproceedings{Champion2012GeneratingPP,
  title={Generating Property-Directed Potential Invariants By Backward Analysis},
  author={Adrien Champion and R{\'e}mi Delmas and Michael Dierkes},
  booktitle={FTSCS},
  year={2012}
}
This paper addresses the issue of lemma generation in a k-induction-based formal analysis of transition systems, in the linear real/integer arithmetic fragment. A backward analysis, powered by quantifier elimination, is used to output preimages of the negation of the proof objective, viewed as unauthorized states, or gray states. Two heuristics are proposed to take advantage of this source of information. First, a thorough exploration of the possible partitionings of the gray state space… 

Figures from this paper

Formal Methods for the Analysis of Critical Control Systems Models: Combining Non-linear and Linear Analyses

This work presents a new analysis framework combining the analysis of open-loop stable controllers with safety constructs (redundancy, voters, ...) and introduces the basic analysis approaches: abstract interpretation synthesizing quadratic invariants and backward analysis based on quantifier elimination and convex hull computation synthesizing linear invariants.

Combining test and proof in MBAT: An aerospace case study

  • M. Dierkes
  • Computer Science
    2014 2nd International Conference on Model-Driven Engineering and Software Development (MODELSWARD)
  • 2014
The European project MBAT is shown, which shows how the combined approach has been applied to a relevant use case from Rockwell Collins, and how both techniques, i.e. proof and test, can be combined in the best way.

An Open Alternative for SMT-Based Verification of Scade Models

Lama is introduced as an intermediate language into which Scade programs can be translated and which easily can be transformed into SMT solver instances for verification techniques tailored for SCADE programs.

Collaboration de techniques formelles pour la vérification de propriétés de sûreté sur des systèmes de transition. (Collaboration of formal techniques for the verification of safety properties over transition systems)

Notre framework formel Stuff est une implementation of l’architecture parallele permettant a des methodes de decouverte d’invariants de collaborer autour d”un moteur de k-induction, which est capable, automatiquement, of renforcer des objectifs de preuve corresponding a des proprietes de surete sur des patrons de conception courants en avionique.

References

SHOWING 1-10 OF 30 REFERENCES

SAT-Based Model Checking without Unrolling

Experimental studies show that induction is a powerful tool for generalizing the unreachability of given error states: it can refine away many states at once, and it is effective at focusing the proof search on aspects of the transition system relevant to the property.

A static analyzer for large safety-critical software

We show that abstract interpretation-based static program analysis can be made efficient and precise enough to formally verify a class of properties for a family of large programs with few or no

SMT-AI: an Abstract Interpreter as Oracle for k-induction

Dynamic Partitioning in Linear Relation Analysis: Application to the Verification of Reactive Systems

This paper proposes to dynamically select a suitable partitioning according to the property to be proved of declarative synchronous programs and is quite general and can be applied to other abstract interpretations.

Bounded Model Checking and Induction: From Refutation to Verification (Extended Abstract, Category A)

A general k-induction scheme is defined and strengthened invariant strengthening is demonstrated using infinite-state systems ranging from communication protocols to timed automata and (linear) hybrid automata.

Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints

A program denotes computations in some universe of objects. Abstract interpretation of programs consists in using that denotation to describe computations in another universe of abstract objects, so

Verification Constraint Problems with Strengthening

An iterative method that uses off-the-shelf constraint solvers and thus directly benefits from progress in constraint solving and introduces two new verification constraint forms that enable the incremental and property-directed construction of inductive assertions.

Efficient implementation of property directed reachability

A simplified and faster implementation of Aaron Bradley's bit-level symbolic model checking algorithm is presented, and successful and unsuccessful attempts to improve it are discussed.

Instantiation-Based Invariant Discovery

The proposed scheme relies on efficient reasoning engines such as SAT and SMT solvers, and capitalizes on their ability to quickly generate counter-models of non-invariant conjectures to produce k-inductive invariants from templates representing decidable predicates over the system's data types.

Quantified Invariant Generation Using an Interpolating Saturation Prover

This work shows how a paramodulation-based saturation prover can be modified in a simple way to produce a first-order interpolating prover that is complete for universally quantified interpolants, allowing the verification of programs manipulating arrays and heap data structures.