Formalizing the Edmonds-Karp Algorithm

2019

J Autom Reasoning

Self Cite

SAT solvers decide the satisfiability of Boolean formulas in conjunctive normal form. They are commonly used for software and hardware verification. Modern SAT solvers are highly complex and optimized programs. As a single bug in the solver may invalidate the verification of many systems, SAT solvers output certificates for their answer, which are then checked independently. However, even certificate checking requires highly optimized non-trivial programs. This paper presents the first SAT solver certificate checker that is formally verified down to the integer sequence representing the formula. Our tool supports the full DRAT standard, and is even faster than the unverified state-of-the-art tool drat-trim, on a realistic set of benchmarks drawn from the 2016 and 2017 SAT competitions. An optional multi-threaded mode further reduces the runtime, in particular for big certificates.

Section: Program Verification With Isabelle/holmentioning

confidence: 99%

Efficient Verified (UN)SAT Certificate Checking

2019

J Autom Reasoning

Self Cite

“…More recently, we have used the IRF and Sepref to develop a verified implementation [25] of the Edmonds-Karp algorithm for finding maximum flows in networks [11], which is competitive with a Java reference implementation by Sedgewick et al [36]. We also extended this formalization to push-relabel algorithms.…”

Section: Other Applicationsmentioning

confidence: 99%

Refinement to Imperative HOL

2017

J Autom Reasoning

Self Cite

Many algorithms can be implemented most efficiently with imperative data structures. This paper presents Sepref, a stepwise refinement based tool chain for the verification of imperative algorithms in Isabelle/HOL. As a back end we use Imperative HOL, which allows to generate verified imperative code. On top of Imperative HOL, we develop a separation logic framework with powerful proof tactics. We use this framework to verify basic imperative data structures and to define a refinement calculus between imperative and functional programs. We provide a tool to automatically synthesize a concrete imperative program and a refinement proof from an abstract functional program, selecting implementations of abstract data types according to a user-provided configuration. As a front end to describe the abstract programs, we use the Isabelle Refinement Framework, for which many algorithms have already been formalized. Our tool chain is complemented by a large selection of verified imperative data structures. We have used Sepref for several verification projects, resulting in efficient verified implementations that are competitive with unverified ones in Java or C++.

“…For Isabelle/HOL, the Isabelle Refinement Framework [22,24,25,29] provides a powerful stepwise refinement tool chain, featuring a nondeterministic shallowly embedded programming language [29], a library of efficient collection data structures and generic algorithms [24][25][26], and convenience tools to simplify canonical refinement steps [22,24]. It has been used for various software verification projects (e. g. [23,27,28]), including a fully fledged verified LTL model checker [4,12].…”

Section: Program Verification With Isabelle/holmentioning

confidence: 99%

Efficient Verified (UN)SAT Certificate Checking

Automated Deduction – CADE 26

2017

Self Cite

We present an efficient formally verified checker for satisfiability and unsatisfiability certificates for Boolean formulas in conjunctive normal form. It utilizes a two phase approach: Starting from a DRAT certificate, the unverified generator computes an enriched certificate, which is checked against the original formula by the verified checker. Using the Isabelle/HOL Refinement Framework, we verify the actual implementation of the checker, specifying the semantics of the formula down to the integer sequence that represents it. On a realistic benchmark suite drawn from the 2016 SAT competition, our approach is more than two times faster than the unverified standard tool drat-trim. Additionally, we implemented a multi-threaded version of the generator, which further reduces the runtime.