1. SAT Solver CS 680 Formal Methods Jeremy Johnson

2. 2 Disjunctive Normal Form  A Boolean expression is a Boolean function  Any Boolean function can be written as a Boolean expression  Disjunctive normal form (sums of products)  For each row in the truth table where the output is true, write a product such that the corresponding input is the only input combination that is true  Not unique  E.G. (multiplexor function) s x 0 x 1 f 0 0 0 0 1 0 0 1 0 1 1 1 1 0 0 0 1 0 1 1 1 1 0 0 1 1

3. 3 Conjunctive Normal Form s x 0 x 1 f 0 0 0 0 1 0 0 1 0 1 1 1 1 0 0 0 1 0 1 1 1 1 0 0 1 1

4. Satisfiability  A formula is satisfiable if there is an assignment to the variables that make the formula true  A formula is unsatisfiable if all assignments to variables eval to false  A formula is falsifiable if there is an assignment to the variables that make the formula false  A formula is valid if all assignments to variables eval to true (a valid formula is a theorem or tautology)

5. Satisfiability  Checking to see if a formula f is satisfiable can be done by searching a truth table for a true entry  Exponential in the number of variables  Does not appear to be a polynomial time algorithm (satisfiability is NP-complete)  There are efficient satisfiability checkers that work well on many practical problems  Checking whether f is satisfiable can be done by checking if  f is not valid  An assignment that evaluates to false provides a counter example to validity

6. DNF vs CNF  It is easy to determine if a boolean expression in DNF is satisfiable but difficult to determine if it is valid  It is easy to determine if a boolean expression in CNF is valid but difficult to determine if it is satisfiable  It is possible to convert any boolean expression to DNF or CNF; however, there can be exponential blowup

7. Propositional Logic in ACL2  In beginner mode and above ACL2S B !>QUERY (thm (implies (and (booleanp p) (booleanp q)) (iff (implies p q) (or (not p) q)))) > Q.E.D. Summary Form: ( THM...) Rules: NIL Time: 0.00 seconds (prove: 0.00, print: 0.00, proof tree: 0.00, other: 0.00) Proof succeeded.

8. Propositional Logic in ACL2 ACL2 >QUERY (thm (implies (and (booleanp p) (booleanp q)) (iff (xor p q) (or p q)))) … **Summary of testing** We tested 500 examples across 1 subgoals, of which 1 (1 unique) satisfied the hypotheses, and found 1 counterexamples and 0 witnesses. We falsified the conjecture. Here are counterexamples: [found in : "Goal''"] (IMPLIES (AND (BOOLEANP P) (BOOLEANP Q) P) (NOT Q)) -- (P T) and (Q T)

9. SAT Solvers  Input expected in CNF  Using DIMACS format  One clause per line delimited by 0  Variables encoded by integers, not variable encoded by negating integer  We will use MiniSAT (minisat.se)

10. MiniSAT Example  (x1 | -x5 | x4) & (-x1 | x5 | x3 | x4) & (-x3 | x4).  DIMACS format  (c = comment, “p cnf” = SAT problem in CNF) c SAT problem in CNF with 5 variables and 3 clauses p cnf 5 3 1 -5 4 0 -1 5 3 4 0 -3 -4 0

11. MiniSAT Example  (x1 | -x5 | x4) & (-x1 | x5 | x3 | x4) & (-x3 | x4). This is MiniSat 2.0 beta ============================[ Problem Statistics ]================== | | | Number of variables: 5 | | Number of clauses: 3 | | Parsing time: 0.00 s | …. SATISFIABLE v -1 -2 -3 -4 -5 0

12. Avionics Application  Aircraft controlled by (real time) software applications (navigation, control, obstacle detection, obstacle avoidance …)  Applications run on computers in different cabinets  500 apps  20 cabinets  Apps 1, 2 and 3 must run in separate cabinets  Problem: Find assignment of apps to cabinets that satisfies constraints

13. Corresponding SAT problem

14. Constaints in CNF

15. DIMACS Format

16. Avionics Example

17. p cnf 50 25 c clauses for valid map forall a exists c AC^c_a 1 2 3 4 5 0 6 7 8 9 10 0 11 12 13 14 15 0 16 17 18 19 20 0 21 22 23 24 25 0 26 27 28 29 30 0 31 32 33 34 35 0 36 37 38 39 40 0 41 42 43 44 45 0 46 47 48 49 50 0

18. Avionics Example c constaints ~AC^c_1 + ~AC^c_2 and ~AC^c_1 + ~AC^c_3 -1 -6 0 -1 -11 0 -2 -7 0 -2 -12 0 -3 -8 0 -3 -13 0 -4 -9 0 -4 -14 0 -5 -10 0 -5 -15 0 c constraint ~AC^c_2 + ~AC^c_3 -6 -11 0 -7 -12 0 -8 -13 0 -9 -14 0 -10 -15 0

19. Avionics Example [jjohnson@tux64-12 Programs]$./MiniSat_v1.14_linux aircraft assignment ==================================[MINISAT]=================================== | Conflicts | ORIGINAL | LEARNT | Progress | | | Clauses Literals | Limit Clauses Literals Lit/Cl | | ============================================================================== | 0 | 25 80 | 8 0 0 nan | 0.000 % | ============================================================================== restarts : 1 conflicts : 0 (nan /sec) decisions : 39 (inf /sec) propagations : 50 (inf /sec) conflict literals : 0 ( nan % deleted) Memory used : 1.67 MB CPU time : 0 s SATISFIABLE

20. Avionics Assignment SAT -1 -2 3 -4 -5 -6 7 -8 -9 -10 11 -12 -13 -14 -15 16 -17 -18 -19 -20 21 -22 -23 -24 -25 26 -27 -28 -29 -30 31 -32 -33 -34 -35 36 -37 -38 -39 -40 41 -42 -43 -44 -45 46 -47 -48 -49 -50 0 True indicator variables: 3 = 5*0 + 3 => AC(1,3) 7 = 5*1 + 2 => AC(2,2) 11 = 5*2 + 1 => AC(3,1) 16 = 5*3+1 => AC(4,1) 21 = 5*4+1 => AC(5,1) 26 = 5*5=1 => AC(6,1) 31 = 5*6+1 => AC(7,1) 36 = 5*7+1 => AC(8,1) 41 = 5*8 + 1 => AC(9,1) 46 = 5*9+1 => AC(10,1)

21. DPLL Algorithm  Tries to incrementally build a satisfying assignment A: V  {T,F} (partial assignment) for a formula  in CNF  A is grown by either  Deducing a truth value for a literal  Whenever all literals except one are F then the remaining literal must be T (unit propagation)  Guessing a truth value  Backtrack when guess (leads to inconsistency) is wrong

22. DPLL Example OperationAssignFormula

23. DPLL Example OperationAssignFormula Deduce1

24. DPLL Example OperationAssignFormula Deduce1

25. DPLL Example OperationAssignFormula Deduce1 Guess

26. DPLL Example OperationAssignFormula Deduce1 Guess Deduce Inconsistency

27. DPLL Example OperationAssignFormula Deduce 11 Guess 3 Deduce 4 Undo 3 Backtrack

28. DPLL Example OperationAssignFormula Deduce 11 Guess 3 Deduce 4 Undo 3 Assignment found