development of a verified efficient checker for sat proofs
play

Development of a Verified, Efficient Checker for SAT Proofs Matt - PowerPoint PPT Presentation

Oct 11, 2022 •6 likes •216 views

T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES Development of a Verified, Efficient Checker for SAT Proofs Matt Kaufmann (With contributions from Marijn Heule, Warren Hunt, and Nathan Wetzler)

  1. T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES Development of a Verified, Efficient Checker for SAT Proofs Matt Kaufmann (With contributions from Marijn Heule, Warren Hunt, and Nathan Wetzler) The University of Texas at Austin ACL2 Workshop 2017 May 22, 2017 1/21

  2. T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES O VERVIEW Boolean Satisfiability (SAT) solvers are proliferating and useful. PROBLEM: How can we trust their claims of unsatisfiability? SOLUTION: ◮ SAT Solver emits a proof, p 0 ◮ DRAT-trim (from Marijn Heule) processes p 0 , creating smaller proof p 1 that includes hints ◮ Verified ACL2 program checks p 1 This talk is high-level, avoiding details such as “RAT” and “DRAT”. 2/21

  3. T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES O UTLINE T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES 3/21

  4. T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES O UTLINE T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES 4/21

  5. T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES T HE P ROBLEM Boolean Satisfiability (SAT) solvers are proliferating and useful. ◮ They verify unsatisfiability of a Boolean formula , represented as a list of clauses (each a disjunction of literals ). ◮ Example of unsatisfiable formula: ( (1 2 -3) ; 1 OR 2 OR (not 3) (-1) ; (not 1) (-2 -3) ; (not 2) OR (not 3) (3) ; 3 ) But how can we trust SAT solvers? 5/21

  6. T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES O UTLINE T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES 6/21

  7. T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES T OWARDS A S OLUTION (1) Modern SAT solvers [2] emit proofs ! ◮ Proof step: Add a clause to the formula (conjunction of clauses) that preserves satisfiability . ◮ Eventually add the empty clause. ◮ So final formula is unsatisfiable. ◮ So input formula must be unsatisfiable! ◮ Also legal: proof steps that delete a clause from the formula. ◮ Clearly preserves satisfiability. 7/21

  8. T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES T OWARDS A S OLUTION (2) But how do we know that these “proofs” are valid? We check them with software programs called checkers ! But how do we know that a checker is sound ? Inspection? ◮ Key property: clause addition preserves satisfiability ◮ Checkers (e.g., DRAT-trim) are typically simpler than solvers... ◮ ... but not that simple, and inspection is error-prone . 8/21

  9. T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES T OWARDS A S OLUTION (3) Wetzler proved soundness of an ACL2-based solution [6, 5, 4]. I’ll explain our “ [lrat-4] ” and “ [lrat-5] ” versions of soundness: (implies (and (formula-p formula) (refutation-p$ proof formula)) (not (satisfiable formula))) (let ((formula (mv-nth 1 (proved-formula cnf-file clrat-file chunk-size debug nil ; incomplete-okp ctx state)))) (implies formula (not (satisfiable formula)))) ; Print proved formula, to diff against input formula: (defmacro print-formula (formula &optional filename) ...) 9/21

  10. T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES T OWARDS A S OLUTION (4) Problem: Efficiency. On one example: ◮ DRAT-trim: 1.5 seconds ◮ Verified checker [5]: ∼ 1 week NOTE: ◮ Wetzler’s ITP 2013 checker [5] was intended to be a proof of concept, not an efficient tool. ◮ He did some preliminary work towards increasing efficiency (no timings reported). 10/21

  11. T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES O UTLINE T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES 11/21

  12. T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES A S EQUENCE OF C HECKERS (1) 1. [rat] Nathan’s ITP 2013 RAT checker [5]: no deletion 2. [drat] Support deletion (thus implementing DRAT) 3. [lrat-1] Avoid search and delete clauses efficiently, using fast-alists (applicative hash tables) and a linear proof format, and with soundness proved from scratch 4. [lrat-2] Shrink fast-alists to keep formulas small 5. [lrat-3] Minor tweak to formula data-structure 6. [lrat-4] Use stobjs for assignments 7. [lrat-5] Support incremental file reading using improved read-file-into-string ; verify improved soundness theorem 12/21

  13. T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES A S EQUENCE OF C HECKERS (2) This table shows times (in seconds) for some checker runs (including parsing), on examples provided by Marijn Heule. Test “R_4_4_18” is the one that took a week with Wetzler’s ITP 2013 checker. benchmark [lrat-1] [lrat-3] [lrat-4] [lrat-5] (fast-alist) (shrink) (stobjs) (incremental) uuf-100-3 0.09 0.03 0.05 0.01 tph6[-dd] 3.08 0.57 0.33 0.33 R_4_4_18 164.74 5.13 2.23 2.24 transform 25.63 6.16 5.81 5.82 Schur_161_5_d43 5341.69 2355.26 840.04 259.82 NOTE: For the last (Schur) example: 4.3 minutes for checker adds little to the DRAT-trim time of 20 minutes. 13/21

  14. T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES A S EQUENCE OF C HECKERS (3) This project illustrates the interplay between ACL2 as a programming language and as a theorem prover: ◮ Optimize the program for efficiency. ◮ Deal with proving correctness for the optimizations. Profiling was very useful. Plan: Our [lrat-5] checker will be used in the 2017 SAT competition. Time comparison on a set of examples (courtesy of Marijn Heule and J Moore): DRAT-trim 210223 seconds [lrat-5] checker 20811 seconds 14/21

  15. T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES O UTLINE T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES 15/21

  16. T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES R ELATED W ORK ◮ [1] The Linear RAT (LRAT) proof format and its use in our ACL2 checker, as well as a corresponding Coq-based checker (which takes 10 minutes on one example compared to our 9 seconds) ◮ [3] An Isabelle development using a refinement framework that (independently of our work) produces an efficient verified checker 16/21

  17. T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES O UTLINE T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES 17/21

  18. T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES C ONCLUSION There is now an efficient formally verified SAT checker! ◮ On a large example, its time of 4.3 minutes (including parsing) adds relatively little to the DRAT-trim time of 20 minutes. These checkers are available in the community books under books/projects/sat/lrat/ : [rat] projects/sat/proof-checker-itp13/ [drat] projects/sat/lrat/early/drat/ [lrat-1] projects/sat/lrat/early/rev1/ [lrat-2] projects/sat/lrat/early/rev2/ [lrat-3] projects/sat/lrat/list-based/ [lrat-4] projects/sat/lrat/stobj-based/ [lrat-5] projects/sat/lrat/incremental/ 18/21

  19. T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES O UTLINE T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES 19/21

  20. T HE P ROBLEM T OWARDS A S OLUTION A S EQUENCE OF C HECKERS R ELATED W ORK C ONCLUSION R EFERENCES R EFERENCES A much more detailed (but somewhat outdated – no mention of [lrat-5]) version of this talk is available on the ACL2 seminar website. A preprint of a paper on this work (with Heule, Hunt, and Wetzler) is at: http://www.cs.utexas.edu/users/kaufmann/ papers/lrat-preprint/index.html . The final slide has references for citations in this talk. Thank you for your attention! 20/21

Recommend

Development of a Verified, Efficient Checker for SAT Proofs Matt Kaufmann (In collaboration with

Development of a Verified, Efficient Checker for SAT Proofs Matt Kaufmann (In collaboration with

I NTRODUCTION A S EQUENCE OF C HECKERS C ONCLUSION R EFERENCES Development of a Verified, Efficient Checker for SAT Proofs Matt Kaufmann (In collaboration with Marijn Heule and Warren Hunt, Jr.) ACL2 Seminar The University of Texas at Austin

621 views • 49 slides
Verified Efficient Clausal Proof Checking for SAT Filip Mari c, Faculty of Mathematics,

Verified Efficient Clausal Proof Checking for SAT Filip Mari c, Faculty of Mathematics,

Introduction Unsatisfiability proof formats for SAT Verified efficient checking of clausal proofs Verified Efficient Clausal Proof Checking for SAT Filip Mari c, Faculty of Mathematics, Belgrade (joint work with Florian Haftmann, TU Munich)

516 views • 26 slides
How to get an efficient yet verified arbitrary-precision integer library Raphal Rieu-Helft

How to get an efficient yet verified arbitrary-precision integer library Raphal Rieu-Helft

How to get an efficient yet verified arbitrary-precision integer library Raphal Rieu-Helft (joint work with Guillaume Melquiond and Claude March) TrustInSoft Inria 1 / 20 Context, motivation, goals goal: efficient and formally verified

508 views • 22 slides
Proofs in the Pilots Seat Toward Verified Simultaneous Maneuvers in the Next-Generation

Proofs in the Pilots Seat Toward Verified Simultaneous Maneuvers in the Next-Generation

Proofs in the Pilots Seat Toward Verified Simultaneous Maneuvers in the Next-Generation Airborne Collision Avoidance System Brandon Bohrer (bbohrer@cs.cmu.edu) Who Came Here By Plane? Want to Get Home Alive? Background: Collision Avoidance

315 views • 13 slides
How to get an efficient yet verified arbitrary-precision integer library Raphal Rieu-Helft

How to get an efficient yet verified arbitrary-precision integer library Raphal Rieu-Helft

How to get an efficient yet verified arbitrary-precision integer library Raphal Rieu-Helft (joint work with Guillaume Melquiond and Claude March) TrustInSoft Inria November 13, 2018 1/21 Context, motivation, goals goal: efficient and

564 views • 21 slides
How to get an efficient yet verified arbitrary-precision integer library Raphal Rieu-Helft

How to get an efficient yet verified arbitrary-precision integer library Raphal Rieu-Helft

How to get an efficient yet verified arbitrary-precision integer library Raphal Rieu-Helft (joint work with Guillaume Melquiond and Claude March) TrustInSoft Inria May 28, 2018 1/31 Context, motivation, goals goal: efficient and

663 views • 33 slides
Automated and machine-verified security proofs of stateful protocols Andreas Hess 1 Sebastian

Automated and machine-verified security proofs of stateful protocols Andreas Hess 1 Sebastian

Automated and machine-verified security proofs of stateful protocols Andreas Hess 1 Sebastian Mdersheim 1 Achim Brucker 2,3 Anders Schlichtkrull 1 1 Technical University of Denmark 2 The University of Sheffield 3 University of Exeter Overview 1

650 views • 26 slides
Easy Generation and Efficient Validation of Proofs for SAT and QBF Marijn J.H. Heule 1/37

Easy Generation and Efficient Validation of Proofs for SAT and QBF Marijn J.H. Heule 1/37

Easy Generation and Efficient Validation of Proofs for SAT and QBF Marijn J.H. Heule 1/37 Introduction to SAT and QBF Clausal Proof Systems for SAT and QBF Abstract Proof System for SAT Inprocessing Clausal Proofs for QBF Preprocessing

919 views • 48 slides
Efficient Extraction of Skolem Functions from QRAT Proofs Marijn J.H. Heule Joint work with

Efficient Extraction of Skolem Functions from QRAT Proofs Marijn J.H. Heule Joint work with

Efficient Extraction of Skolem Functions from QRAT Proofs Marijn J.H. Heule Joint work with Martina Seidl and Armin Biere FMCAD, October 23, 2014 1/22 Introduction and Challenges From Clausal Proofs to Skolem Functions Running Example

322 views • 28 slides
Invisible Formal Methods: Generating Efficient Test Sets With a Model Checker John Rushby with

Invisible Formal Methods: Generating Efficient Test Sets With a Model Checker John Rushby with

Invisible Formal Methods: Generating Efficient Test Sets With a Model Checker John Rushby with Gr egoire Hamon and Leonardo de Moura Computer Science Laboratory SRI International Menlo Park, California, USA John Rushby, SR I Invisible FM

466 views • 44 slides
Efficient Delegation of Zero-Knowledge Proofs of Knowledge in a Pairing-Friendly Setting ebastien

Efficient Delegation of Zero-Knowledge Proofs of Knowledge in a Pairing-Friendly Setting ebastien

Efficient Delegation of Zero-Knowledge Proofs of Knowledge in a Pairing-Friendly Setting ebastien Canard (1) , David Pointcheval (2) and Olivier Sanders (1 , 2) S (1) Orange Labs, Caen, France (2) Ecole Normale Sup erieure, Paris,

556 views • 31 slides
Towards self-verification of HOL Light John Harrison Intel Corporation IJCAR 2006, Seattle

Towards self-verification of HOL Light John Harrison Intel Corporation IJCAR 2006, Seattle

Towards self-verification of HOL Light John Harrison Intel Corporation IJCAR 2006, Seattle August 18, 2006 0 Who checks the checker? Formalization in a proof checker is often used to ensure correctness of proofs. Pure mathematics

335 views • 21 slides
Nuspell: version 3 of the new spell checker FOSS spell checker implemented in C++17 with aid of

Nuspell: version 3 of the new spell checker FOSS spell checker implemented in C++17 with aid of

Nuspell: version 3 of the new spell checker FOSS spell checker implemented in C++17 with aid of Mozilla Sander van Geloven FOSDEM, Brussels February 1, 2020 . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

611 views • 39 slides
Nuspell: the new spell checker FOSS spell checker implemented in C++14 with aid of Mozilla.

Nuspell: the new spell checker FOSS spell checker implemented in C++14 with aid of Mozilla.

Nuspell: the new spell checker FOSS spell checker implemented in C++14 with aid of Mozilla. Sander van Geloven FOSDEM, Brussels February 2, 2019 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

327 views • 21 slides
DRAT-trim: Efficient Checking and Trimming Using Expressive Clausal Proofs Nathan Wetzler

DRAT-trim: Efficient Checking and Trimming Using Expressive Clausal Proofs Nathan Wetzler

DRAT-trim: Efficient Checking and Trimming Using Expressive Clausal Proofs Nathan Wetzler Marijn J.H. Heule Warren A. Hunt, Jr. The University of Texas at Austin Theory and Applications of Satisfiability Solving (SAT)

531 views • 33 slides
Efficient and Verified Finite-Field Operations Andres Erbsen, Jade Philipoom, Jason Gross, Robert

Efficient and Verified Finite-Field Operations Andres Erbsen, Jade Philipoom, Jason Gross, Robert

Efficient and Verified Finite-Field Operations Andres Erbsen, Jade Philipoom, Jason Gross, Robert Sloan, Adam Chlipala RWC 2019 g i t h u b . c o m / m i t - p l v / fi a t - c r y p t o Example of Tricky Tedium:

513 views • 25 slides
Have some fun Checker: Checker: http://www.cs.caltech.edu/~ vhuang/cs 20/c/applet/more.html

Have some fun Checker: Checker: http://www.cs.caltech.edu/~ vhuang/cs 20/c/applet/more.html

Have some fun Checker: Checker: http://www.cs.caltech.edu/~ vhuang/cs 20/c/applet/more.html 1 Local Beam Search Run multiple searches to find the Run multiple searches to find the solution The best K states are selected. Like

636 views • 24 slides
Proofs, Continued Today Proofs : A style guide Proofs should be easy to

Proofs, Continued Today Proofs : A style guide Proofs should be easy to

Euclid (300 BC) Proofs, Continued Today Proofs : A style guide Proofs should be easy to verify. All the cleverness goes into finding/writing the proof, not reading/verifying it! P vs. NP (informally) : P =

682 views • 21 slides
Welcome to PROOFS! PROOFS: Security Proofs for Embedded Systems Introduction to the fifth

Welcome to PROOFS! PROOFS: Security Proofs for Embedded Systems Introduction to the fifth

Welcome to PROOFS! PROOFS: Security Proofs for Embedded Systems Introduction to the fifth workshop Introduction to the workshop PROOFS: Security Proofs for Embedded Systems UCSB August 20, 2016 5th edition of PROOFS PROOFS 2012:

311 views • 7 slides
Vector Commitments with Efficient Proofs Markulf Kohlweiss 1 and Alfredo Rial 2 1 Microsoft

Vector Commitments with Efficient Proofs Markulf Kohlweiss 1 and Alfredo Rial 2 1 Microsoft

Vector Commitments with Efficient Proofs Markulf Kohlweiss 1 and Alfredo Rial 2 1 Microsoft Research Cambridge 2 KU Leuven ESAT/COSIC IBBT, Belgium Provable Privacy Workshop 10 / 07 / 2012 K.U.Leuven Vector Commitments 10 July 2012 INDEX

236 views • 20 slides
Hoare Logic and Model Checking It is clear that proofs can be long and boring even if programs

Hoare Logic and Model Checking It is clear that proofs can be long and boring even if programs

Mechanised Program Verification Hoare Logic and Model Checking It is clear that proofs can be long and boring even if programs being verified are quite simple. Kasper Svendsen University of Cambridge In this lecture we will sketch the

121 views • 9 slides
Efficient Designated-Verifier Non- Interactive Zero-Knowledge Proofs of Knowledge Pyrros Chaidos,

Efficient Designated-Verifier Non- Interactive Zero-Knowledge Proofs of Knowledge Pyrros Chaidos,

Efficient Designated-Verifier Non- Interactive Zero-Knowledge Proofs of Knowledge Pyrros Chaidos, Geoffroy Couteau 1 /11 Zero-Knowledge Proof prover verifier Complete: if P knows a solution, V accepts Sound: if there is no solution, P

1.25k views • 27 slides
The UPPAAL Model Checker The UPPAAL Model Checker Julin Proenza Systems, Robotics and Vision

The UPPAAL Model Checker The UPPAAL Model Checker Julin Proenza Systems, Robotics and Vision

The UPPAAL Model Checker The UPPAAL Model Checker Julin Proenza Systems, Robotics and Vision Group. UIB. SPAIN Julin Proenza. UIB. Oct 2008 The aim of this presentation Introduce the basic concepts of model checking from a practical

804 views • 68 slides
Security Verification with F* Cdric Fournet Catalin Hritcu Aseem Rastogi *the Everest

Security Verification with F* Cdric Fournet Catalin Hritcu Aseem Rastogi *the Everest

Computer-Aided Security Proofs, Aarhus, Oct 9 13 2017 Security Verification with F* Cdric Fournet Catalin Hritcu Aseem Rastogi *the Everest VERified End-to-end Secure Transport Everest*: Verified Drop-in Replacements for TLS/HTTPS

464 views • 34 slides

More recommend