SAT-based Verification

January 17, 2019 1

 Satisfiability (SAT) Solver

F SAT Solver
CNF

 Given a propositional formula in CNF, find an assignment to

boolean variables that makes the formula true!
 The solver reports
 if F is satisfiable or unsatisfiable.
 if satisfiable, at least one assignment is reported.
 Almost all modern SAT solver operates on CNF

f = ( a + c ) ( b + c ) (¬a + ¬b + ¬c )

January 17, 2019 2

 CNF for Characteristic Representation
(CNF_CR)

 Consider an inverter: y =  x
 yx
 = (y  x )  ( x  y)
 =( y   x )  (x  y)

January 17, 2019 3

 CNF for Characteristic Representation
(CR)

 Consider an AND gate: c = ab

 c  ab
 = (c ab )  (ab  c)
 =( c  ab )  ( a   b  c)
 =( c  a)  ( c  b )  ( a   b  c)

January 17, 2019 4

 CNFs for Characteristic Representation

January 17, 2019 5

 Summary: Gates in CNF_CR

 CNF_CR(…) =Characteristic function in CNF (…)

January 17, 2019 6

 CNF for Characteristic Representation

 c = ab
 c  ab
 = (c ab )  (ab  c)
 =(c  ab )  (a  b  c)
 =(c  a)  (c b )  (a  b  c)
 e = abcd
 e  abcd
 = (e abcd )  (abcd  e)
 =(e  abcd )  ((abcd)  e)
 = (e  ab )  (e  cd)  ((abcd)  e)
 = (e  a )  (e  b)  (e  c )  (e  d)  (abcde)

January 17, 2019 7

 How to get the CNF: POS?

F(A,B, C)  ABC  ABC  ABC  ABC

 m3  m5  m6  m7   (3,5,6,7)

  
F(A,B, C)  A  B  C  A  B  C A  B  C A  B  C 
 M0  M1  M2  M4   (0,1,2,4)

January 17, 2019 8

 SOP  POS? AB  AC  BC

F(A,B, C)  ABC  ABC  ABC  ABC   

F(A,B, C)  A  B  C  A  B  C A  B  C A  B  C 
 m3  m5  m6  m7   (3,5,6,7)  M0  M1  M2  M4   (0,1,2,4)

9
 Example: 4-Input AND Gate
a b c d e N
a b c d e
0 0 0 0 0 1
0 0 0 0 0
0 0 0 1 0 1
0 0 0 1 0
0 0 1 0 0 1
0 0 1 0 0
0 0 1 1 0 1
0 0 1 1 0
0 1 0 0 0 1
0 1 0 0 0
0 1 0 1 0 1
0 1 0 1 0
0 1 1 0 0 1
0 1 1 0 0
0 1 1 1 0 1
0 1 1 1 0
1 0 0 0 0 1
1 0 0 0 0
1 0 0 1 0 1
1 0 0 1 0
1 0 1 0 0 1
1 0 1 0 0
1 0 1 1 0 1
1 0 1 1 0
1 1 0 0 0 1
1 1 0 0 0
1 1 0 1 0 1
1 1 0 1 0
1 1 1 0 0 1
1 1 1 0 0
1 1 1 1 1 1
1 1 1 1 1
0

January 17, 2019 10

 Example: Express N in CNF ?
a b c d e N
0 0 0 0 0 1
0 0 0 1 0 1
0 0 1 0 0 1
0 0 1 1 0 1
0
0
1
1
0
0
0
1
0
0
1
1
F(a, b, c, d, e)  (????)
0 1 1 0 0 1
0 1 1 1 0 1
1 0 0 0 0 1
1 0 0 1 0 1
1 0 1 0 0 1
1 0 1 1 0 1
1 1 0 0 0 1
1 1 0 1 0 1 (a+e’)(b+e’)(c+e’)(d+e’)(a’+b’+c’+d’+e)
1 1 1 0 0 1
1 1 1 1 1 1
0

January 17, 2019 11

 Convert Any Boolean Formula into CNF

 It is possible to convert an arbitrary function into CNF

 Without introducing new variables, the size of the resulting formula will
 grow exponentially
 Not practical
 By introducing intermediate variables, the size of the resulting formula
 can grow linearly. How?
 Number of intermediate variable equal to the number of Boolean
operations
 The resulting formula will have the same satisfiability as the original
one

January 17, 2019 12

 Tseitin’s Encoding: Conversion to CNF

 Every formula can be converted to CNF:

 in exponential time and space with the same set of atoms
 in linear time and space if new variables are added.
 The original and converted formulas are “equi-satisfiable”.
 This technique is called Tseitin’s encoding.

 M = (A(BC))=(a1  (Aa2)) (a2  (B  C))  (a1)

 (a1  (Aa2)) = (a1  A)  (a1  a2)  (a1  A  a2)
 (a2  (B  C)) = (a2  B)  (a2  C)  (a2  B  C)

January 17, 2019 13

 Equivalence Checking as Validity Problem

 C1=C2 means
 for all values for inputs of C1 and C2, we have o1=o2.
 The equivalence problem is a validity problem:
 I. C1=C2

January 17, 2019 14

 The Validity Problem by SAT Solvers

SAT solver reports if F is

Validity: I. F=1 satisfiable or unsatisfiable.

Valid formulas Satisfiable, Unsatisfiable

but non-valid formulas
formula
G F < --- > F G

January 17, 2019 15

 Example
C1 C2
x
a c1 a c2

 Equivalence: a. c1=c2 (validity problem)

 Negation of the problem: a. c1≠c2 (= c1c2 + c1c2)
 The problem for satisfiability:
 c1≠c2 = CR(C1)CR(C2)  (c1c2 + c1c2)
 =(ac1+ac1)  [(ax +ax)  (xc2+xc2)] (c1c2+c1c2)
 =axc1c2 + ax c1c2
 Satisfiable: (a=0, x=1, c1=1, c2=0); (a=1, x=0, c1=0, c2=1).

January 17, 2019 16

 Example
C1 C2
x y
a c1 a c2

 Equivalence: a. c1=c2 (validity problem)

 Negation of the problem: a. c1≠c2 (= c1c2 + c1c2)
 The problem for satisfiability:
 c1≠c2 = CR(C1)CR(C2)  (c1c2 + c1c2)
 =(ac1+ac1)[(ax+ax)(xy+xy)(yc2+yc2)] (c1c2+c1c2)

 =0
 Unsatisfiable !
 Conclusion: a. c1=c2

January 17, 2019 17

 Solve Validity Problem by SAT Solver?

 (I. C1=C2)
I. C1=C2  I. (C1  C2)
Negation


Negation

I. C1C2
  (  I. (C1  C2) )

January 17, 2019 18

 Solve Validity Problem by SAT Solver?

I. C1=C2

 2 Negations

I. C1C2 SAT Solver

Satisfiable: I. F=1

[C1C2] is unsatisfiable Unsatisfiable: I. F=1

January 17, 2019 19

 Method 1

 Method 1:
 CNF_CR(C1)CNF_CR(C2) CNF [(o1=o2)]
 =CNF_CR(C1)CNF_CR(C2) (o1+o2) (o1+o2)
 CNF_CR(…) =Characteristic function in CNF (…)

January 17, 2019 20

 Method 2: Use a Miter Circuit (XOR)

 If C1 is not equivalent to C2, then

 M=CNF_CR(C1)CNF_CR(C2)  CNF_CR() of should be
satisfiable.
 However, if M is unsatisfiable, then C1=C2

January 17, 2019 21

 Method 2: Use a Miter Circuit (XOR)

 SAT solver can help on it.

 For a Boolean formula F, we can discover that F=0 for all
values for all the variables in F (unsatisfiability).
 C1=C2  CNF_CR(C1)CNF_CR(C2)CNF_CR()of is unsatisfiable!

January 17, 2019 22

 Example
c1
a y

c2

 CR(C1)=a’c1+ac1’
 CR(C2)=a’c2+ac2’
 CR(XOR)=c1’c2’y’+c1’c2y+c1c2’y+c1c2y’
 P=CR(C1)CR(C2)CR(XOR)=a’c1c2y’+ac1’c2’y’
 c1≠c2: y
 P  y = 0 (unsatisfiable)

January 17, 2019 23

 Example
c1
a y

c2

 CR(C1)=a’c1+ac1’
 CR(C2)=a’c2’+ac2
 CR(XOR)=c1’c2’y’+c1’c2y+c1c2’y+c1c2y’
 P=CR(C1)CR(C2)CR(XOR)=a’c1c2’y+ac1’c2y
 c1≠c2: y
 P  y = a’c1c2’y+ac1’c2y (satisfiable)

January 17, 2019 24

 Equivalence Checking as SAT problem

January 17, 2019 25

 Equivalence Checking as SAT problem

January 17, 2019 26

 Method 1  Method 2

 We can prove that

 CR(xor(a, b, c))  c (Method 2)
 = CR[(a=b)] (Method 1)
 =(a’b + ab’)
 So the two methods are the same.

January 17, 2019 27

 Method 1  Method 2

 XOR(a,b,c)=a’b’c’+a’bc+ab’c+abc’
 a ≠ b= a’b+ab’ =c
 XOR(a,b,c)c=a’b+ab’

January 17, 2019 28

 Combinational Equivalence Checking

 Given: Combinational circuits C1 and C2

 (Boolean functions B1 and B2)
 How can we prove that C1 is/isn’t equivalent to C2,
 in a reasonable amount of time?

January 17, 2019 29

 Combinational Equivalence Checking

 Given: Combinational circuits C1 and C2

 (Boolean functions B1 and B2)
 How can we prove that C1 is/isn’t equivalent to C2,
 in a reasonable amount of time?

January 17, 2019 30

 References

 E. M. Clark, O. Grumberg and D. A. Peled, “Model Checking”, MIT

Press, 1999.
 M. Huth, M. Ryan, “Logic in Computer Science: Modeling and
Reasoning about Systems”, Cambridge University Press, 2000.
 William K. Lam, “Hardware Design Verification: Simulation and
Formal Method-Based Approaches”, Prentice Hall, 2005.

January 17, 2019 31