Overview of IC3/PDR

46
© Anvesh Komuravelli IC3/PDR Overview of IC3/PDR Anvesh Komuravelli Carnegie Mellon University

description

Overview of IC3/PDR. Anvesh Komuravelli Carnegie Mellon University. SAT-Based Bounded Model Checking (BMC). Is there an execution leading to error in < k steps, beginning in I ?. (< k )-reachable ?. BMC + k -Induction. - PowerPoint PPT Presentation

Transcript of Overview of IC3/PDR

Page 1: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Overview of IC3/PDR

Anvesh KomuravelliCarnegie Mellon University

Page 2: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

(<k)-reachable?

SAT-Based Bounded Model Checking (BMC)

Is there an execution leading to error in < k steps, beginning in I ?

Page 3: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

(<k)-reachable?

BMC + k-Induction

k-inductive?

Is there an execution leading to error in < k steps, beginning in I ?Is there an execution leading to error in k steps, beginning in P ?

Page 4: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

(<k)-reachable?

Downside of k-Induction

k-inductive?

P may not be inductive for any k !

Page 5: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Strengthen P !

reachable states

Page 6: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

BMC + Interpolation (McMillan ‘03)

k-reachable?

(k-1)

k-reachable?

(k-1)

If abstract counterexample found, start all over again with a bigger k

Many improvements followed

Approximate Forward-Reachability!

Page 7: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Forward-Reachability in a nutshell

Initial States

Over-approximations

Also, w.l.o.g., assume that :

No counterexample of length (k-1) from Fn

No counterexample of length (k-1)+1 from Fn-1

Page 8: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Formalizing BMC + Interpolation

Rule Condition Transition

Init −

Unfold

Refine

Unsafe return UNSAFE

Safe return SAFE

Abstract Transition System

Page 9: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Formalizing BMC + Interpolation

Rule Condition Transition

Init −

Unfold

Refine

Unsafe return UNSAFE

Safe return SAFE

Abstract Transition SystemState triple

Page 10: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Formalizing BMC + Interpolation

Rule Condition Transition

Init −

Unfold

Refine

Unsafe return UNSAFE

Safe return SAFE

Downsides

• Blow-up in SAT formula size as k gets big• Resolution proof of UNSAT is non-trivial to obtain

Abstract Transition System

Page 11: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

??

A different search strategy

Let us restrict to 1-reachable queries

Page 12: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

? …

A different search strategy

Let us restrict to 1-reachable queries

Page 13: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

A different search strategy

Let us restrict to 1-reachable queries

Page 14: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

A different search strategy

Let us restrict to 1-reachable queries

Page 15: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Formalizing the new search strategy

Rule Condition Transition

Init −

UnfoldCandidate

Decide

Conflict

Unsafe return UNSAFE

Safe return SAFE

Page 16: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Formalizing the new search strategy

Rule Condition Transition

Init −

UnfoldCandidate

Decide

Conflict

Unsafe return UNSAFE

Safe return SAFE

Checks k-reachability by explicit state backward search !

Page 17: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

CDCL – Local Interpolants

Given

Find

Use algorithms to minimize cores (MUS)

Page 18: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

CDCL – Local Interpolants

Given

Find

t

Page 19: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

…Strengthen

Fi+1

CDCL – Local Interpolants

Given

Find

Page 20: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

…Strengthen

Fi+1

CDCL – Local Interpolants

Hence,

Page 21: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

…Strengthen

Fi

CDCL – Local Interpolants

Hence,

Page 22: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Rule Condition Transition

Init −

UnfoldCandidate

Decide

Conflict

Unsafe return UNSAFE

Safe return SAFE

Formalizing the new search strategy

Page 23: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Forward Propagation

t is bad for Fi+2 as well!Can we reuse φ?

t

Page 24: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Forward Inductive Propagation

Given

Find

Page 25: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Forward Inductive Propagation

Given

Find

unsat

Page 26: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Forward Inductive Propagation

Given

Find

unsat

Page 27: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Rule Condition Transition

Init −

UnfoldCandidate

Decide

Conflict

Induction

Unsafe return UNSAFE

Safe return SAFE

Formalizing the new search strategy

Page 28: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Forward Propagation

Block φ or s at Fi+2, Fi+3, …

Page 29: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Long Counterexamples!

k

m

Block φ or s at Fi+2, Fi+3, …

Page 30: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Rule Condition Transition

Init −

UnfoldCandidate

Decide

Conflict

Induction

Unsafe return UNSAFE

Safe return SAFE

Formalizing the new search strategy

Page 31: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

cube

Generalizing Predecessors

Given Find

Page 32: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

cube

Generalizing Predecessors

Given Find

cube

Page 33: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Generalizing Predecessors

Given

Find

T

−−−

−−−

−−−

…−−

Ternary Simulation

Page 34: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

?

Generalizing Predecessors

Page 35: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

… ?

Generalizing Predecessors

Page 36: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Generalizing Predecessors

Page 37: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Rule Condition Transition

Init −

UnfoldCandidate

Decide

Conflict

Induction

Unsafe return UNSAFE

Safe return SAFE

Formalizing the new search strategy

Page 38: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Rule Condition Transition

Init −

UnfoldCandidate

Decide

Conflict

Induction

Unsafe return UNSAFE

Safe return SAFE

IC3/PDR !

Page 39: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

To summarize…

1-step reachability queriesGeneralizing PredecessorsLocal InterpolantsForward Inductive PropagationReusing Counterexamples

Fi is in CNF

Page 40: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

To summarize…

• Competitive with variants of McMillan’s Interpolation• 3rd place in HWMCC’10 – competing with well-established tools• Well received by hardware industry• Implemented in Berkeley’s ABC tool• Extensions to progress and CTL properties• Extensions to LRA – implemented in Z3

Page 41: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Fi is in CNF

Efficient Implementation of IC3/PDR

SAT Context C

Page 42: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Decide/Conflict Rules

Assumptions A

Y N

Ternary Simulation

Page 43: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

least j ≥ i such that

If none, add to F∞

MUS extraction to get

Conflict Rule

Additionally,pushing the clause to

higher levels

Page 44: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Induction Rule

Similar to Conflict Rule, with repeated checks!

Page 45: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

Extending to First-order Theories

can do sometheory-generalizationLocal Interpolants ?

LRA : Linear combination of literals (Hoder and Bjorner, 2012)

∞state

Generalizing Predecessors

Page 46: Overview of IC3/PDR

© Anvesh KomuravelliIC3/PDR

References

1. SAT-Based Model Checking without Unrolling, Bradley, VMCAI 20112. Efficient Implementation of Property Directed Reachability, Een,

Mishchenko and Brayton, FMCAD 20113. An Incremental Approach to checking Progress Properties, Bradley et al.,

FMCAD 20114. Understanding IC3, Bradley, SAT 20125. Generalized Property Directed Reachability, Hoder and Bjorner, SAT 20126. Incremental, Inductive CTL Model Checking, Hassan et al., CAV 2012


Symbolic Model Checking: The IC3 Algorithmvganesh/TEACHING/W2013/SATSMT... · 2013. 3. 14. · IC3/PDR 2 Aaron R. Bradley: SAT-Based Model Checking without Unrolling. VMCAI 2011 A

Symbolic Model Checking: The IC3 Algorithmvganesh/TEACHING/W2013/SATSMT... · 2013. 3. 14. · IC3/PDR 2 Aaron R. Bradley: SAT-Based Model Checking without Unrolling. VMCAI 2011 A

IC3 - Network Security

IC3 - Network Security

PDR: Property Directed Reachability AKA ic3: SAT-Based Model Checking Without Unrolling

PDR: Property Directed Reachability AKA ic3: SAT-Based Model Checking Without Unrolling

INGESYS IC3 Product Overview Rev K 02 - Ingeteam...INGESYS ™ IC3 PAC Controller Highlights: • Control processors and I/O modules designed to fulfill the demands of different application

INGESYS IC3 Product Overview Rev K 02 - Ingeteam...INGESYS ™ IC3 PAC Controller Highlights: • Control processors and I/O modules designed to fulfill the demands of different application

Course Outline - s3.amazonaws.com€¦ · IC3-GS5-Exam-2 - IC3 GS5 Key Applications Course Outline IC3 GS5 Key Applications 14 Mar 2018

Course Outline - s3.amazonaws.com€¦ · IC3-GS5-Exam-2 - IC3 GS5 Key Applications Course Outline IC3 GS5 Key Applications 14 Mar 2018

Curriculum Del Programa IC3

Curriculum Del Programa IC3

An Overview on Forest Management in Lao PDR

An Overview on Forest Management in Lao PDR

Understanding IC3 - Stanford CS Theorytheory.stanford.edu/~arbrad/slides/Understanding_IC3_slides.pdf · IC3: A Prover • Based on CTIs from frontier and predecessors, IC3 generates

Understanding IC3 - Stanford CS Theorytheory.stanford.edu/~arbrad/slides/Understanding_IC3_slides.pdf · IC3: A Prover • Based on CTIs from frontier and predecessors, IC3 generates

IC3 Modules

IC3 Modules

Lao PDR Overview - For Web

Lao PDR Overview - For Web

© Anvesh Komuravelli IC3/PDR Overview of IC3/PDR Anvesh Komuravelli Carnegie Mellon University.

© Anvesh Komuravelli IC3/PDR Overview of IC3/PDR Anvesh Komuravelli Carnegie Mellon University.

Solar Dynamics Observatory (SDO) Spacecraft Design and Operations Overview Mission PDR

Solar Dynamics Observatory (SDO) Spacecraft Design and Operations Overview Mission PDR

Climate Forecasting Unit Melanie Davis (IC3) & Jean-Pierre Ceron (Meteo France) mdavis@ic3.catmdavis@ic3.cat, jean-pierre.ceron@meteo.fr EUPORIAS WP41.

Climate Forecasting Unit Melanie Davis (IC3) & Jean-Pierre Ceron (Meteo France) [email protected]@ic3.cat, [email protected] EUPORIAS WP41.

2020 ANNUAL IC3 CONFERENCE SPONSORSHIP …...designation for 2020 IC3 Regional Forums (across ~30 cities and 7 countries) • 6 complimentary 2020 Annual IC3 Conference registrations

2020 ANNUAL IC3 CONFERENCE SPONSORSHIP …...designation for 2020 IC3 Regional Forums (across ~30 cities and 7 countries) • 6 complimentary 2020 Annual IC3 Conference registrations

miscenter.pcru.ac.th · 2019-10-11 · 2. Certiport Inc. 12 It:a IC3 Digital Literacy Certification IJznauh8 IC3 "Thailand n.%. IC3 Digital Literacy Certification maunqurmaau 3 IC3

miscenter.pcru.ac.th · 2019-10-11 · 2. Certiport Inc. 12 It:a IC3 Digital Literacy Certification IJznauh8 IC3 "Thailand n.%. IC3 Digital Literacy Certification maunqurmaau 3 IC3

IC3 Module1 Computing Fundamentals

IC3 Module1 Computing Fundamentals

IC3 Fast Track Assessment

IC3 Fast Track Assessment

CERTIPORT IC3 CERTIFICATION

CERTIPORT IC3 CERTIFICATION

The IC3 Algorithm - University of Waterloovganesh/TEACHING/F2013/SATSMT/lectures... · The IC3/PDR Algorithm Aaron R. Bradley: SAT-Based Model Checking without Unrolling. VMCAI 2011

The IC3 Algorithm - University of Waterloovganesh/TEACHING/F2013/SATSMT/lectures... · The IC3/PDR Algorithm Aaron R. Bradley: SAT-Based Model Checking without Unrolling. VMCAI 2011

Lao pdr overview-web

Lao pdr overview-web