Relational Reasoning via SMT Solving

This paper explores the idea of using a SAT Modulo Theories (SMT) solver for proving properties of relational specifications. The goal is to automatically establish or refute consistency of a set of constraints expressed in a first-order relational logic, namely Alloy, without limiting the analysis to a bounded scope. Existing analysis of relational constraints - as performed by the Alloy Analyzer - is based on SAT solving and thus requires finitizing the set of values that each relation can take. Our technique complements this approach by axiomatizing all relational operators in a first-order SMT logic, and taking advantage of the background theories supported by SMT solvers. Consequently, it can potentially prove that a formula is a tautology - a capability completely missing from the Alloy Analyzer - and generate a counterexample when the proof fails. We also report on our experiments of applying this technique to various systems specified in Alloy.

[1]  Marcelo F. Frias,et al.  Alloy Analyzer+PVS in the Analysis and Verification of Alloy Specifications , 2007, TACAS.

[2]  Neil Immerman,et al.  Simulating Reachability Using First-Order Logic with Applications to Verification of Linked Data Structures , 2005, CADE.

[3]  Abz,et al.  Abstract State Machines, B and Z, First International Conference, ABZ 2008, London, UK, September 16-18, 2008. Proceedings , 2008, ABZ.

[4]  Daniel Jackson,et al.  Software Abstractions - Logic, Language, and Analysis , 2006 .

[5]  Sarfraz Khurshid,et al.  Generating structurally complex tests from declarative constraints , 2004 .

[6]  Rajeev Alur,et al.  A Temporal Logic of Nested Calls and Returns , 2004, TACAS.

[7]  John Matthews,et al.  Using Yices as an automated solver in Isabelle / HOL , 2008 .

[8]  Mana Taghdiri,et al.  A Lightweight Formal Analysis of a Multicast Key Management Scheme , 2003, FORTE.

[9]  Tina Ann Nolte,et al.  Exploring filesystem synchronization with lightweight modeling and analysis , 2002 .

[10]  Leonardo Mendonça de Moura,et al.  Complete Instantiation for Quantified Formulas in Satisfiabiliby Modulo Theories , 2009, CAV.

[11]  Mana Taghdiri,et al.  Inferring specifications to detect errors in code , 2004, Proceedings. 19th International Conference on Automated Software Engineering, 2004..

[12]  Mana Taghdiri,et al.  Analyzing Alloy Constraints using an SMT Solver: A Case Study , 2010 .

[13]  Adam Wolisz,et al.  Formal Techniques for Networked and Distributed Systems - FORTE 2003 , 2003, Lecture Notes in Computer Science.

[14]  L. D. Moura,et al.  The YICES SMT Solver , 2006 .

[15]  Felix Sheng-Ho Chang,et al.  Modular verification of code with SAT , 2006, ISSTA '06.

[16]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[17]  Graham Steel,et al.  Deduction with XOR Constraints in Security API Modelling , 2005, CADE.

[18]  Natarajan Shankar,et al.  PVS: A Prototype Verification System , 1992, CADE.

[19]  Alexander Moshe Rabinovich,et al.  Decidable fragments of many-sorted logic , 2010, J. Symb. Comput..

[20]  Viktor Kuncak,et al.  Sets with Cardinality Constraints in Satisfiability Modulo Theories , 2011, VMCAI.

[21]  Renate A. Schmidt Automated Deduction - CADE-22, 22nd International Conference on Automated Deduction, Montreal, Canada, August 2-7, 2009. Proceedings , 2009, CADE.

[22]  Kousha Etessami,et al.  Analysis of Recursive Game Graphs Using Data Flow Equations , 2004, VMCAI.

[23]  Neil Immerman,et al.  Simulating Reachability Using First-Order Logic with Applications to Verification of Linked Data Structures , 2005, CADE.

[24]  Cesare Tinelli,et al.  Solving quantified verification conditions using satisfiability modulo theories , 2007, Annals of Mathematics and Artificial Intelligence.

[25]  Emina Torlak,et al.  A constraint solver for software engineering: finding models and cores of large relational specifications , 2009 .

[26]  Sarfraz Khurshid,et al.  Integrating Model Checking and Theorem Proving for Relational Reasoning , 2003, RelMiCS.

[27]  K. Rustan M. Leino,et al.  Reasoning about comprehensions with first-order SMT solvers , 2009, SAC '09.

[28]  Sarfraz Khurshid,et al.  Exploring the design of an intentional naming scheme with an automatic constraint analyzer , 2000, Proceedings ASE 2000. Fifteenth IEEE International Conference on Automated Software Engineering.

[29]  Mandana Vaziri-Farahani,et al.  Finding bugs in software with a constraint solver , 2004 .

[30]  Daniel Jackson,et al.  Formal Modeling and Analysis of a Flash Filesystem in Alloy , 2008, ABZ.

[31]  Maria Paola Bonacina,et al.  On Deciding Satisfiability by DPLL(G+T) and Unsound Theorem Proving , 2009, CADE.