Team Cassis

Overall Objectives
Scientific Foundations
Application Domains
New Results
Contracts and Grants with Industry
Other Grants and Activities

Section: New Results

Keywords : Satisfiability, Decision Procedure, Consistency, Proof, Tree Automata.

Automated deduction

Decision procedures and their extensions

Participants : Enrica Nicolini, Silvio Ranise, Christophe Ringeissen, Duc-Khanh Tran, Daniele Zucchelli.

We develop general techniques which allow us to re-use available tools in order to build a new generation of satisfiability solvers offering a good trade-off between expressiveness, flexibility, and scalability. Our original approach is based on the careful integration of rewriting techniques to design satisfiability procedures for a wide range of theories formalizing data structures, together with combination techniques to build satisfiability procedures for unions of theories in a modular way.

Duc-Khanh Tran has defended his thesis  [Oops!] . The first contribution of the thesis is a rational reconstruction of the combination methods proposed by Nelson-Oppen, Shostak and others in an uniform framework. This is the starting point for further investigations. We then introduce the concept of extended canonizer and derive a modularity result for a new class of theories. This is in contrast with the lack of modularity of the class of theories considered by the Shostak method. The second contribution concerns the problem of combining rewriting-based satisfiability procedures using the Nelson-Oppen method. We use meta-saturation to develop automatic proof techniques to check important requirements for the combinability of such procedures. When meta-saturation halts for a theory, its output allows us to reason about the combinability of a rewriting-based satisfiability procedure for this theory  [Oops!] . The third contribution of this thesis is about the integration of decision procedures into SMT solvers. We consider the problem of augmenting decision procedures with the capability of computing conflict sets without degrading performances, as well as the problem of modularly constructing conflict sets for a combined theory. In this respect, we extend the Nelson-Oppen combination method to modularly build conflict sets for disjoint unions of theories. We also study how the computed conflict sets relate to an appropriate notion of minimality  [Oops!] .

Program analysis and verification require decision procedures to reason on theories of data structures. In  [Oops!] , we have shown the termination of a rewrite-based first-order engine on the theories of records, integer offsets, integer offsets modulo and lists. We have also given a modularity theorem stating sufficient conditions for termination on a combinations of theories, given termination on each. Finally, we have introduced several sets of benchmarks on these theories and their combinations, including both parametric synthetic benchmarks to test scalability, and real-world problems to test performances on huge sets of literals. We have compared the rewrite-based theorem prover E with the validity checkers CVC and CVC Lite. Contrary to the folklore that a general-purpose prover cannot compete with reasoners with built-in theories, the experiments are overall favorable to the theorem prover, showing that not only the rewriting approach is elegant and conceptually simple, but has important practical implications.

Another important data structure for program verification is that of arrays. In  [Oops!] , we have investigated extensions of the theory of arrays and designed modular decision procedures by adapting combination methods and instantiation strategies. The key idea is to add new symbols to the theory by carefully using (universal) quantifiers in their definitions and then showing that instantiating finitely many times the universally quantified variables is sufficient for completeness. Combination techniques are used to handle the theory of arrays and Presburger arithmetic over the integers. We have also explained how our techniques can be soundly integrated in state-of-the-art Satisfiability Modulo Theories solvers.

Usually, verification problems require to reason modulo a combination of theories. The concept of extended canonizers has been introduced in  [79] to (i) solve the lack of modularity of Shostak combination schema and to (ii) naturally re-use rewriting-based decision procedure in combination methods. While (i) is satisfactorily discussed in   [79] , little is known about (ii). In  [Oops!] , we have investigated the problem of efficiently implementing extended canonizers for theories of interest in verification (in particular, those of uninterpreted function symbols or lists) by adapting and combining work on rewriting-based decision procedures and SER graphs, a graph-based method defined for abstract congruence closure. Based on graphs our approach addresses implementation issues that were lacking in previous rewriting-based decision procedure approaches and which are important to argue the viability of extended canonizers.

Decision Procedures and Model-checking of Infinite State Systems

Participants : Enrica Nicolini, Silvio Ranise, Daniele Zucchelli.

Manna and Pnueli have extensively shown how a mixture of first-order logic (FOL) and discrete Linear time Temporal Logic (LTL) is sufficient to precisely state verification problems for the vast class of reactive systems. Theories in FOL model the (possibly infinite) data structures used by a reactive system while LTL specifies its (dynamic) behavior. The combination of LTL and FOL allows us to specify infinite state systems and the subtle ways in which their data flow influences the control flow. Indeed, the capability of automatically solving satisfiability and model-checking problems is of paramount importance to support the automation of verification techniques using this framework. In collaboration with S. Ghilardi (U. Milan), we have derived undecidability and decidability results  [Oops!] , [Oops!] for both the satisfiability of (quantifier-free) formulae and the model-checking of safety properties by lifting combination methods for (non-disjoint) theories in FOL. The proofs of our decidability results suggest how decision procedures for the constraint satisfiability problem of theories in FOL and algorithms for checking the satisfiability of propositional LTL formulae can be integrated. This paves the way to employ efficient Satisfiability Modulo Theories solvers in the model-checking of infinite state systems, as previous proposals have suggested their use for bounded model-checking.

Tree Automata Extensions

Participants : Michaël Rusinowitch, Laurent Vigneron.

We have considered classes of tree automata combining automata with equality test and automata modulo equational theories with F. Jacquemard ( SECSI project) [Oops!] . These tree automata are obtained by extending their standard Horn clause representations with equational conditions and rewrite systems. We show in particular that a generalized membership problem (extending the emptiness problem) is decidable by proving that the saturation of tree automata presentations with suitable paramodulation strategies terminates. Alternatively our results can be viewed as new decidable classes of first-order formula. These tree automata classes can be applied to the reachability problem for a fragment of pi-calculus that can encode protocol verification problems.

Verification of convergence in distributed groupware systems

Participants : Abdessamad Imine, Michaël Rusinowitch.

We are interested in the formal development of data synchronization algorithms with a proof-assistant and based on the Operational Transformation (OT) approach. For linear data structure (such as a text or an ordered XML tree)  [Oops!] , we have developed a prototype environment for the collaborative edition of Wiki documents, whose concurrency control is scalable and decentralized. We are also working on ensuring data convergence in control version systems. As a case study, we have considered a text document versioning system for which we have designed a decentralized system allowing a user to compute the difference/merge operations of an arbitrary number of versions. Moreover, we are interested in differencing XML documents considered as ordered trees.

Automated deduction for combinatorial problems

Participant : Serge Burckel.

Serge Burckel joined the CASSIS group for the next two years. He is working in particular on applying rewriting techniques and automated deduction to knot theory. In  [Oops!] , he proposes for every n , linear time reductions of the word and conjugacy problems on the braid groups Bn to the corresponding problems on the braid monoids Bn+ and moreover only using positive words representations.

In  [Oops!] , he investigates the computational complexity of three natural problems in directed acyclic graphs. He proves their NP Completeness and studies their restrictions to linear orders.

In order to construct automatic proofs, he has defined a quite expressive problem called "certified 2-SAT" which is a natural extension of the polynomial time 2-SAT problem. However, this new problem is NP-Complete. He considers also methods for simplifying a formula in DNF by deleting some literals in it. These algorithms are used for counting the number of models of a formula.


Logo Inria