El nominalismo en la obra de Eco El nominalismo en la obra de Eco

We close the practical part of this chapter by a final set of plots in which we compare our tool to three other publicly available implementations of PDR. This should serve to establish the quality of our tool, but also to provide an estimate of the potential of the more recent improvements of PDR suggested by related work, as mentioned in Section 5.3.4.

In particular, we compare our tool in the configuration PDR m2 to the following implementations:

• Bradley’s first implementation, which participated in HWMCC 2010. The tool, denoted here IC3 2010, is described in the original paper on PDR (Bradley, 2011)

700 750 800 850 900 950 0 100 200 300 400 500 600 700 800 900 problems solved time (seconds) PDR m2 BWD IC3 2010 IC3ref smspdr

Figure 5.18: Comparing with other implementations – all instances.

250 300 350 400 450 500 550 600 0 150 300 450 600 750 900

SAT problems solved

time (seconds) PDR m2 BWD IC3 2010 IC3ref smspdr 250 300 350 400 450 500 550 600 0 150 300 450 600 750 900

UNS problems solved

time (seconds) PDR m2 BWD

IC3 2010 IC3ref smspdr

and is available from the author’s web-page (Bradley, 2013).

• A more recent implementation from the same author, suggested as a reference meant to be used as a starting point for tuning and experimenting (Bradley, 2014a). We denote the tool IC3ref. It implements lifting of states using the approach proposed by Chockler et al. (2011) and exploits counter-examples to generalization (Hassan et al., 2012).

• Finally, an implementation accompanying the paper by (Bayless et al., 2013) on the “SAT Modulo SAT” idea. The tool is called smspdr (Bayless, 2013) and additionally implements lifting of states via ternary simulation (E´en et al., 2011). None of the mentioned tools implement circuit specific preprocessing of the input, which makes our comparison reasonably fair.

The results of the comparison are shown in Figures 5.18 and 5.19 on page 167. Note that unlike PDR m2, all the other tools support only one search direction, which cor- responds to BWD, the direction shown for our tool. This limitation cannot be easily overcome with IC3ref and smspdr, because the states lifting technique they implement is circuit-specific and only works in this direction.

We can see that the performance of PDR m2 is comparable to that of IC3 2010, or even slightly better on the SAT instances. However, our tool lags behind IC3ref and smspdr. This is most likely due to the extra techniques mentioned above, which these tools introduce on top of standard version of the algorithm.

5.6 Conclusion

In this chapter, we studied the reachability problem in transition systems that have a symbolical representation based on propositional logic. First, we defined an STS, which serves as a canonical description of such a problem. Then we have shown how to adapt LS4, our algorithm for LTL satisfiability from Chapter 3, to decide reachability for an STS. Algorithm Reach thus obtained is very similar to the famous PDR algorithm (Bradley, 2011), also known as IC3. In fact, we have shown that Reach can be turned into PDR by one simple change in the interpretation of layers, which renders the layers monotone with respect to set inclusion, and three independent enhancements: obligation rescheduling, clause propagation and minimization. This provides a new perspective on PDR, relating it to the model guidance idea. Furthermore, we have proposed triggered clause pushing, an additional improvement of the clause propagation phase of PDR.

An important class of problems that can be formulated as reachability in STS arises in sequential verification of hardware circuits. We used the safety property benchmarks from the Hardware Model Checking Competition (Biere et al., 2012) to experimentally evaluate: 1) our algorithm Reach, 2) the effect of the transformation steps that lead from Reach to PDR, and also 3) triggered clause pushing added on top of PDR. Our experiment has shown that although the step of making layers monotone in Reach slightly impairs performance of the algorithm, the three subsequent enhancements, some of which

essentially rely on monotone layers, make up for the loss and, moreover, improve the performance further. Our own proposed improvement, triggered clause pushing, did not help the algorithm to solve more problems in the standard single-property setting, but substantially improved performance of a PDR-based multi-property solver in which clause layers are shared and faster propagation becomes of higher importance for the overall success rate.

Future work

After having isolated the individual steps needed to transform Reach into PDR and having established their respective positive effect on practical performance, we can ask to what extent could these ideas be adapted to the context of LTL-satisfiability checking and used to improve the performance of LS4. While the adaptation seems straight- forward for explicit minimization and obligation rescheduling, clause propagation and inductive minimization substantially rely on monotone layers and as such cannot be directly translated to LS4. It is an interesting research question whether the model construction in LS4 could be guided by, at least partially, monotone layers and whether the algorithm could thus benefit from all the discussed improvements.

Another interesting direction for future work is to try using PDR with triggered clause pushing inside the k-Liveness algorithm by Claessen and S¨orensson (2012). k-Liveness relies on sharing layers between its individual reachability queries and could thus benefit from faster clause propagation provided by triggered clause pushing, similarly to our extension of PDR for solving multi-property problems.

automated planning