Infinite-state invariant checking with IC3 and predicate abstraction

We address the problem of verifying invariant properties on infinite-state systems. We present a novel approach, IC3ia, for generalizing the IC3 invariant checking algorithm from finite-state to infinite-state transition systems, expressed over some background theories. The procedure is based on a tight integration of IC3 with Implicit Abstraction, a form of predicate abstraction that expresses abstract paths without computing explicitly the abstract system. In this scenario, IC3 operates only at the Boolean level of the abstract state space, discovering inductive clauses over the abstraction predicates. Theory reasoning is confined within the underlying SMT solver, and applied transparently when performing satisfiability checks. When the current abstraction allows for a spurious counterexample, it is refined by discovering and adding a sufficient set of new predicates. Importantly, this can be done in a completely incremental manner, without discarding the clauses found in the previous search. The proposed approach has two key advantages. First, unlike previous SMT generalizations of IC3, it allows to handle a wide range of background theories without relying on ad-hoc extensions, such as quantifier elimination or theory-specific clause generalization procedures, which might not always be available and are often highly inefficient. Second, compared to a direct exploration of the concrete transition system, the use of abstraction gives a significant performance improvement, as our experiments demonstrate.

[1]  Alberto Griggio,et al.  IC3 Modulo Theories via Implicit Predicate Abstraction , 2013, TACAS.

[2]  Thomas Noll,et al.  IC3 software model checking on control flow automata , 2015, 2015 Formal Methods in Computer-Aided Design (FMCAD).

[3]  Marco Roveri,et al.  The nuXmv Symbolic Model Checker , 2014, CAV.

[4]  Yan Zhang,et al.  An incremental approach to model checking progress properties , 2011, 2011 Formal Methods in Computer-Aided Design (FMCAD).

[5]  Fabio Somenzi,et al.  Better generalization in IC3 , 2013, 2013 Formal Methods in Computer-Aided Design.

[6]  Jason Baumgartner,et al.  IC3-guided abstraction , 2012, 2012 Formal Methods in Computer-Aided Design (FMCAD).

[7]  Arie Gurfinkel,et al.  Pushing to the top , 2015, 2015 Formal Methods in Computer-Aided Design (FMCAD).

[8]  Nikolaj Bjørner,et al.  Generalized Property Directed Reachability , 2012, SAT.

[9]  Robert K. Brayton,et al.  Efficient implementation of property directed reachability , 2011, 2011 Formal Methods in Computer-Aided Design (FMCAD).

[10]  Cesare Tinelli,et al.  Satisfiability Modulo Theories , 2021, Handbook of Satisfiability.

[11]  Orna Grumberg,et al.  Lazy abstraction and SAT-based reachability in hardware model checking , 2012, 2012 Formal Methods in Computer-Aided Design (FMCAD).

[12]  Hassen Saïdi,et al.  Construction of Abstract State Graphs with PVS , 1997, CAV.

[13]  Arie Gurfinkel,et al.  Interpolating Property Directed Reachability , 2014, CAV.

[14]  Alberto Griggio,et al.  Software Model Checking via IC3 , 2012, CAV.

[15]  Koen Claessen,et al.  A liveness checking algorithm that counts , 2012, 2012 Formal Methods in Computer-Aided Design (FMCAD).

[16]  Kenneth L. McMillan,et al.  Lazy Abstraction with Interpolants , 2006, CAV.

[17]  Zohar Manna,et al.  Checking Safety by Inductive Generalization of Counterexamples to Induction , 2007, Formal Methods in Computer Aided Design (FMCAD'07).

[18]  Cesare Tinelli,et al.  Scaling Up the Formal Verification of Lustre Programs with SMT-Based Techniques , 2008, 2008 Formal Methods in Computer-Aided Design.

[19]  Sharad Malik,et al.  Boolean Satisfiability Solvers and Their Applications in Model Checking , 2015, Proceedings of the IEEE.

[20]  Georg Weissenbacher,et al.  Counterexample to Induction-Guided Abstraction-Refinement (CTIGAR) , 2014, CAV.

[21]  Ilkka Niemelä,et al.  SMT-Based Induction Methods for Timed Systems , 2012, FORMATS.

[22]  Nikolaj Bjørner,et al.  Property-Directed Inference of Universal Invariants or Proving Their Absence , 2015, CAV.

[23]  Marco Roveri,et al.  Computing Predicate Abstractions by Integrating BDDs and SMT Solvers , 2007, Formal Methods in Computer Aided Design (FMCAD'07).

[24]  Dirk Beyer,et al.  Second Competition on Software Verification - (Summary of SV-COMP 2013) , 2013, TACAS.

[25]  Aaron R. Bradley,et al.  SAT-Based Model Checking without Unrolling , 2011, VMCAI.

[26]  Stefano Tonetta,et al.  Abstract Model Checking without Computing the Abstraction , 2009, FM.

[27]  Viktor Schuppan,et al.  Liveness Checking as Safety Checking , 2002, FMICS.

[28]  Daniel Kroening,et al.  Word level predicate abstraction and refinement for verifying RTL Verilog , 2005, Proceedings. 42nd Design Automation Conference, 2005..

[29]  Thomas A. Henzinger,et al.  Lazy abstraction , 2002, POPL '02.

[30]  Thomas A. Henzinger,et al.  Abstractions from proofs , 2004, SIGP.

[31]  Alberto Griggio,et al.  The MathSAT5 SMT Solver , 2013, TACAS.

[32]  Marco Roveri,et al.  Tighter integration of BDDs and SMT for Predicate Abstraction , 2010, 2010 Design, Automation & Test in Europe Conference & Exhibition (DATE 2010).

[33]  Robert P. Kurshan,et al.  Computer-Aided Verification of Coordinating Processes: The Automata-Theoretic Approach , 2014 .

[34]  Andreas Kuehlmann,et al.  QF BV model checking with property directed reachability , 2013, 2013 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[35]  Todd Millstein,et al.  Automatic predicate abstraction of C programs , 2001, PLDI '01.

[36]  Andreas Podelski,et al.  Relative Completeness of Abstraction Refinement for Software Model Checking , 2002, TACAS.

[37]  Anubhav Gupta,et al.  Abstraction Refinement for Bounded Model Checking , 2005, CAV.

[38]  Nikolaj Bjørner,et al.  Property-Directed Shape Analysis , 2014, CAV.

[39]  Marco Roveri,et al.  Comparing Different Variants of the ic3 Algorithm for Hardware Model Checking , 2016, IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems.

[40]  Ashutosh Gupta,et al.  InvGen: An Efficient Invariant Generator , 2009, CAV.

[41]  Andreas Podelski,et al.  Boolean and Cartesian abstraction for model checking C programs , 2001, International Journal on Software Tools for Technology Transfer.

[42]  Albert Oliveras,et al.  SMT Techniques for Fast Predicate Abstraction , 2006, CAV.

[43]  Cesare Tinelli,et al.  PKind: A parallel k-induction based model checker , 2011, PDMC.

[44]  Helmut Veith,et al.  Counterexample-guided abstraction refinement for symbolic model checking , 2003, JACM.

[45]  Nikolaj Bjørner,et al.  Property Directed Polyhedral Abstraction , 2015, VMCAI.

[46]  Hana Chockler,et al.  Incremental formal verification of hardware , 2011, 2011 Formal Methods in Computer-Aided Design (FMCAD).

[47]  Alberto Griggio,et al.  Efficient generation of craig interpolants in satisfiability modulo theories , 2009, TOCL.

[48]  Heike Wehrheim,et al.  Timed Automata Verification via IC3 with Zones , 2014, ICFEM.