CAV 2000: Computer Aided Verification pp 124-138

# Combining Decision Diagrams and SAT Procedures for Efficient Symbolic Model Checking

• Poul F. Williams
• Armin Biere
• Edmund M. Clarke
• Anubhav Gupta
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1855)

## Abstract

In this paper we show how to do symbolic model checking using Boolean Expression Diagrams (BEDs), a non-canonical representation for Boolean formulas, instead of Binary Decision Diagrams (BDDs), the traditionally used canonical representation. The method is based on standard fixed point algorithms, combined with BDDs and SAT-solvers to perform satisfiability checking. As a result we are able to model check systems for which standard BDD-based methods fail. For example, we model check a liveness property of a 256 bit shift-and-add multiplier and we are able to find a previously undetected bug in the specification of a 16 bit multiplier. As opposed to Bounded Model Checking (BMC) our method is complete in practice.

Our technique is based on a quantification procedure that allows us to eliminate quantifiers in Quantified Boolean Formulas (QBF). The basic step of this procedure is the up-one operation for BEDs. In addition we list a number of important optimizations to reduce the number of basic steps. In particular the optimization rule of quantification-by-substitution turned out to be very useful: $$\exists x : g \wedge (x \Leftrightarrow f) \equiv g[f/x]$$. The rule is used (1) during fixed point iterations, (2) for deciding whether an initial set of states is a subset of another set of states, and finally (3) for iterative squaring.

## Preview

### References

1. 1.
Abdulla, P.A., Bjesse, P., Eén, N.: Symbolic reachability analysis based on SAT solvers. In: Tools and Algorithms for the Analysis and Construction of Systems (TACAS) (2000)Google Scholar
2. 2.
Andersen, H.R., Hulgaard, H.: Boolean expression diagrams. Information and Computation (to appear)Google Scholar
3. 3.
Andersen, H.R., Hulgaard, H.: Boolean expression diagrams. In: IEEE Symposium on Logic in Computer Science (LICS) (July 1997)Google Scholar
4. 4.
Biere, A., Cimatti, A., Clarke, E.M., Fujita, M., Zhu, Y.: Symbolic model checking using SAT procedures instead of BDDs. In: Proc. ACM/IEEE Design Automation Conference, DAC (1999)Google Scholar
5. 5.
Biere, A., Cimatti, A., Clarke, E.M., Zhu, Y.: Symbolic model checking without BDDs. In: Cleaveland, W.R. (ed.) TACAS 1999. LNCS, vol. 1579, p. 193. Springer, Heidelberg (1999)
6. 6.
Biere, A., Clarke, E., Raimi, R., Zhu, Y.: Verifying safety properties of a PowerPC microprocessor using symbolic model checking without BDDs. In: Halbwachs, N., Peled, D.A. (eds.) CAV 1999. LNCS, vol. 1633, pp. 60–71. Springer, Heidelberg (1999)
7. 7.
Brglez, F., Fujiware, H.: A neutral netlist of 10 combinational benchmarks circuits and a target translator in Fortran. In: Special Session International Symposium on Circuits and Systems (ISCAS) (1985)Google Scholar
8. 8.
Bryant, R.E.: Graph-based algorithms for boolean function manipulation. IEEE Transactions on Computers 35(8), 677–691 (1986)
9. 9.
Bryant, R.E.: Binary decision diagrams and beyond: Enabling technologies for formal verification. In: Proc. International Conf. Computer-Aided Design (ICCAD), November 1995, pp. 236–243 (1995)Google Scholar
10. 10.
Burch, J.R., Clarke, E.M., Long, D.E., MacMillan, K.L., Dill, D.L.: Symbolic model checking for sequential circuit verification. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 13(4), 401–424 (1994)
11. 11.
Burch, J.R., Clarke, E.M., McMillan, K.L., Dill, D.L., Hwang, L.J.: Symbolic model checking: 1020 states and beyond. Information and Computation  98(2), 142–170 (1992)Google Scholar
12. 12.
Cimatti, A., Clarke, E.M., Giunchiglia, F., Roveri, M.: NUSMV: A new symbolic model verifier. In: Halbwachs, N., Peled, D.A. (eds.) CAV 1999. LNCS, vol. 1633, pp. 495–499. Springer, Heidelberg (1999)Google Scholar
13. 13.
Clarke, E.M., Emerson, E.A., Sistla, A.P.: Automatic verification of finitestate concurrent systems using temporal logic specifications. ACM Transactions on Programming Languages and Systems 8(2), 244–263 (1986)
14. 14.
Hulgaard, H., Williams, P.F., Andersen, H.R.: Equivalence checking of combinational circuits using boolean expression diagrams. IEEE Transactions on Computer Aided Design (July 1999)Google Scholar
15. 15.
Marques-Silva, J.P., Sakallah, K.A.: GRASP: A search algorithm for propositional satisfiability. IEEE Transactions on Computers 48 (1999)Google Scholar
16. 16.
McMillan, K.L.: Symbolic Model Checking. Kluwer Academic Publishers, Dordrecht (1993)
17. 17.
Sheeran, M., Stålmarck, G.: A tutorial on stålmarck’s proof procedure for propositional logic. In: Gopalakrishnan, G.C., Windley, P. (eds.) FMCAD 1998. LNCS, vol. 1522, pp. 82–99. Springer, Heidelberg (1998)
18. 18.
Zhang, H.: SATO: An efficient propositional prover. In: McCune, W. (ed.) CADE 1997. LNCS, vol. 1249, pp. 272–275. Springer, Heidelberg (1997)Google Scholar

## Authors and Affiliations

• Poul F. Williams
• 1
• Armin Biere
• 2
• Edmund M. Clarke
• 3
• Anubhav Gupta
• 3
1. 1.Department of Information TechnologyTechnical University of DenmarkLyngbyDenmark
2. 2.Department of Computer Science, Institute of Computer SystemsETH ZentrumZürichSwitzerland
3. 3.School of Computer ScienceCarnegie Mellon UniversityPittsburghU.S.A.