3. Satisfiability Checking 3.1 SAT-Checking Procedures - - PowerPoint PPT Presentation

SLIDE 1

Fachgebiet RechnerSysteme Verification Technology Technische Universität Darmstadt

1

• 3. Satisfiability Checking
• 3. Satisfiability Checking

Content

Computer Systems Lab Verification Technology

Content

3.1 Satisfiability-(SAT)-Checking 3.2 Variants of SAT-Checking

2

• 3. Satisfiability Checking

— Statement x  y = 1 and original circuit in combination:

a b x y &

1

For a tautology, the

• utput must always

be 1

1

Implication circuit This output must always be 0 (unsatisfiable)!

3

• 3. Satisfiability Checking



Satisfiability (SAT):  A Boolean function f is satisfiable, if there exists an 3.1 SAT-Checking Procedures  A Boolean function f is satisfiable, if there exists an assignment A of Boolean constants to variables so that f = 1 — Example: f = xy + xz + r is satisfied by the assignment A: (x = 1, y = 0)



Boolean functions are tautologies ( = 1), are satisfiable (SAT), or are unsatisfiable (UNSAT, = 0)



SAT checker  Rather than to demonstrate the tautology f = 1, show that f is unsatisfiable f a b a b 1 ?      ) b a ( b a ) b a b a ( f         

4

• 3. Satisfiability Checking



SAT checkers work on conjunctive normal forms (cnf's) — Example: (a + b + c)·(b + c + d)·(a + d)  The sum-terms are called (or)-clauses

3.1 SAT-checking procedures

( )



Satisfying a cnf means that all clauses have to be satisfied !

SLIDE 2

Fachgebiet RechnerSysteme Verification Technology Technische Universität Darmstadt

5

• 3. Satisfiability Checking



Resolution (Davis/Putnam 1960)  Idea: — Assume that there are two clauses with opposing

3.1 SAT-checking procedures

pp g values of some variable x, e.g., (x + a)(x + b) — We have generally (x + a)(x + b) = (x + a)(x + b)(a + b) — Selecting x as a decision variable, we will delete (x + a) and (x + b) from our set of clauses and will continue with ( b) (a + b)

 (a + b)=0 will also make (x + a)(x + b)=0

 Systematic application to all variables  Unsatisfiability: 0 can be derived

6

• 3. Satisfiability Checking



A different explanation of the resolution step:  In order to prove the unsatisfiability of f, we apply Boole's expansion theorem to f for some variable x: f *f(0) + *f(1)

3.1 SAT-checking procedures

f = x*f(0) + x*f(1)  f = 0 iff f(0)+f(1) = 0  Let f be in the form f = Z*(x + a)*(x + b) where Z stands for the rest of the cnf. Then f(0) = Z*a and f(1) = Z*b. Thus, f(0) + f(1) = Z*(a + b).

7

• 3. Satisfiability Checking

 Example: (a + c)(b + c)(a + b)(a + c)(a + c) b ( + )( + )( + )( + )

3.1 Satisfiability checking 3.1 SAT-checking procedures

b: (a + c)(c + a)(a + c)(a + c) a: cc c:

8

• 3. Satisfiability Checking



Given an assignment A of Boolean constants to variables, each clause is either:  Satisfied (= 1)

3.1 Satisfiability checking 3.1 SAT-checking procedures

 Unsatisfied (= 0)  Unresolved (can not be reduced to a constant) — Example: (b + e)·(b + c + d)·(a + d) with the assignment A: (a = 1, b = 1, d = 0)

unresolved satisfied unsatisfied 

Satisfiability checking of a cnf g:  Find an assignment so that all clauses of g are satisfied  If this is infeasible then g is equal 0 Problem: how to organize "finding an assignment"?

SLIDE 3

Fachgebiet RechnerSysteme Verification Technology Technische Universität Darmstadt

9

• 3. Satisfiability Checking

3.1 Satisfiability checking

a

1 3.1 SAT-checking procedures

b

1

b

1

c

1

c

1

b

1

c

1

d d d d d d d d d

1

d

1

d

1

d

1

d

1

d

1

d

1

d

1

UNSAT

10

• 3. Satisfiability Checking



Finding an assignment can be organized as a decision tree (Davis/Logemann/Loveland 1962, DLL algorithm) — Example: (b + e)·(b + c + d)·(a + d) ith th i t A ( 1 b 1 d 0)

3.1 Satisfiability checking 3.1 SAT-checking procedures

with the assignment A: (a = 1, b = 1, d = 0)  If we arrive at an assignment which results in at least

• ne unsatisfied clause ( a conflicting assignment) then

the last decision has to be reversed and a backtracking step is performed a

1 backtrack +

b d

1 1 clause unsatisfied, conflicting assignment 1 reverse decision

11

• 3. Satisfiability Checking

— Example: (b + e)·(b + c + d)·(a + d)  With the new assignment A: (a = 1, b = 1, d = 1) the first clause remains unresolved

3.1 Satisfiability checking 3.1 SAT-checking procedures

 The unresolved clause (b + e) is a unit clause



A unit clause is an unresolved clause which has exactly

• ne unassigned literal (e in the example)

 Unit clauses should be used to determine the next variable to be assigned a

1 backtrack +

b d

1 1 clause unsatisfied, conflicting assignment 1 reverse decision

e

1 with b = 1, b + e can

• nly be satisfied

with e = 1

12

• 3. Satisfiability Checking



In the example, a satisfying assignment A: (a = 1, b = 1, d = 1, e = 1) was found



If ll b h t i t i fli ti i t th

3.1 Satisfiability checking 3.1 SAT-checking procedures



If all branches terminate in conflicting assignments then the function is unsatisfiable



In the worst case, an exponential number of steps has to be executed



Practically, the selection of decision variables on the basis of detected unit clauses results in an important improvement of efficiency improvement of efficiency

SLIDE 4

Fachgebiet RechnerSysteme Verification Technology Technische Universität Darmstadt

13

• 3. Satisfiability Checking



GRASP (Silva, Sakallah '95)

http://portal.acm.org/citation.cfm?id=244560

 Systematic investigation of the implications of i t

3.1 Satisfiability checking 3.1 SAT-checking procedures

assignments  "Learning"  Non-chronological backtracking

14

• 3. Satisfiability Checking



The ordering of decisions is recorded by means of a decision level associated with each decision  We refer to a variable assignment at a certain decision l l b f "@" 1@1 b 1@ 2 t

3.1 Satisfiability checking 3.1 SAT-checking procedures

level by means of "@", e.g., a = 1@1, b = 1@ 2, etc. a

1 decision level #1

b d

1 decision level #2 decision level #3

15

• 3. Satisfiability Checking



There are direct and indirect implications of assignments  If a = 0 was decided previously then the decision c = 0@i at a certain decision level i implies d = 1@i at th l l i f l ( + + d) f ti fi bilit

3.1 Satisfiability checking 3.1 SAT-checking procedures

the same level i for clause (a + c + d) for satisfiability  d = 1@i has e = 0@i as an indirect implication if we have also clause (d + e)  And so on ...



The detection of all implications is called Boolean Constraint Propagation (BCP)

16

• 3. Satisfiability Checking



The implications of a decision are represented by means

• f an implication graph

 Assume n clauses k1 , ... , kn

3.1 Satisfiability checking 3.1 SAT-checking procedures

 "Variable assignment va1 implies variable assignment va2 due to clause ki" is represented by va1 ki va2 c=0@i ki d=1@i e.g.

SLIDE 5

Fachgebiet RechnerSysteme Verification Technology Technische Universität Darmstadt

17

• 3. Satisfiability Checking



Example: (c + d)(d + e)(e + c + f + b)(d + a + f)... k1 k2 k3 k4

3.1 Satisfiability checking 3.1 SAT-checking procedures

Assume the following previous decisions: a = 0@1, b = 0@2, ... @3, ... @4 Now assume the decision c = 0@5 at level 5. The implication graph becomes:

1 2 3 4

f = 0@5 a = 0@1 k4 c = 0@5 d = 0@5 k1 e = 1@5 k2 k3 f = 0@5 k4 k4 f = 1@5 b = 0@2 k3 k3 conflict!

18

• 3. Satisfiability Checking



We may also view this procedure as a resolution step after a partial variable assignment. — In the example we have with the partial variable i t b

3.1 Satisfiability checking 3.1 SAT-checking procedures

assignment a=b=c=0: (c + d)(d + e)(e + c + f + b)(d + a + f)... = d(d + e)(e + f)(d + f)… d: e(e + f)f… d: e(e f)f… e: ff

19

• 3. Satisfiability Checking



We now know that the assignment a = 0@1, b = 0@2, c = 0@5 leads to a conflict resulting in a backtracking step c = 1  If the procedure makes the same decision later in the h th th l d t ti f ll i li ti h

3.1 Satisfiability checking 3.1 SAT-checking procedures

graph then the complex detection of all implications has to be repeated (c + d)(d + e)(e + c + f + b)(d + a + f)...

decision

a b c

decision level #1 decision level #2 decision level #5

c

decision level #i

...

20

• 3. Satisfiability Checking



We now know that the assignment a = 0@1, b = 0@2, c = 0@5 leads to a conflict resulting in a backtracking step c = 1  If the procedure makes the same decision later in the h th th l d t ti f ll i li ti h

3.1 Satisfiability checking 3.1 SAT-checking procedures

graph then the complex detection of all implications has to be repeated  It is possible to "learn" the conflicting assignment by adding the clause (a + b + c): (c + d)(d + e)(e + c + f + b)(d + a + f)(a + b + c)...

decision

a b c

decision level #1 decision level #2 decision level #5

c

decision level #i

...

enforces c=1 for a=0 and b=0

SLIDE 6

Fachgebiet RechnerSysteme Verification Technology Technische Universität Darmstadt

21

• 3. Satisfiability Checking



The "learned" clause (a + b + c) is determined by the "input assignments" of the implication graph:  a = 0 and b = 0 and c = 0, i.e., a·b·c must not occur, i ( b ) ( + b + )

3.1 Satisfiability checking 3.1 SAT-checking procedures

i.e., (a·b·c) = (a + b + c) c = 0@5 d = 0@5 k1 e = 1@5 k2 f = 0@5 a = 0@1 k4 k4 fli t! c 0@5 e = 1@5 k3 f = 1@5 b = 0@2 k3 k3 conflict!

22

• 3. Satisfiability Checking



The detection of the conflicting assignment a = 0@1, b = 0@2, c = 0@5 entails a backtracking step with revised decision c = 1@5



A th t 1@5 lt i i fli t

3.1 Satisfiability checking 3.1 SAT-checking procedures



Assume now that c = 1@5 results again in a conflict



Chronologically, we have to go back to level 4



Depending on the situation, however, non-chronological backtracking can be performed, i.e, we can go back to some earlier decision level < 4 (c + d)(d + e)(e + c + f + b)(d + a + f)(a + b + c)... a b c

decision level #1 decision level #2

...

1 decision level #5

23

• 3. Satisfiability Checking

— Example: (c + d)(d + e)(e + c + f + b)(d + a + f)(a + b + c)(a + c + g)(h + c + g) k1 k2 k3 k4

3.1 Satisfiability checking

k5 k6 k7

3.1 SAT-checking procedures

Assume the following previous decisions: a = 0@1, b = 0@2, h=1@3 After detecting the conflict c = 0@5 as shown before, the enforced decision c = 1@5 leads to the following implication graph: k1 k2 k3 k4 g = 0@5 k7 k5 k6 k7 h = 1@3 b = 0@2 c = 1@5 k5 g = 0@5 a = 0@1 k7 g = 1@5 a = 0@1 k6 k6 conflict! k5

24

• 3. Satisfiability Checking



We now know that the assignment a = 0@1, b = 0@2, h = 1@3 leads to a conflict



We non-chronologically backtrack from level 5 to level 3 and i h 1@3

3.1 Satisfiability checking 3.1 SAT-checking procedures

revise h = 1@3

SLIDE 7

Fachgebiet RechnerSysteme Verification Technology Technische Universität Darmstadt

25

• 3. Satisfiability Checking



Problems:  With each step of backtracking, a learned clause is added

3.1 Satisfiability checking 3.1 SAT-checking procedures

 Computing the implications is very time-consuming

26

• 3. Satisfiability Checking



Two-Literals Watching Schema (TLWS) in Chaff (Zhang, Malik et al. DAC'01)

http://citeseer.ist.psu.edu/moskewicz01chaff.html

 Most time is spent for BCP

3.1 Satisfiability checking 3.1 SAT-checking procedures

 Most time is spent for BCP  An implication is caused only if n-1 literals are set to 0 in a clause of n literals  This situation can easily be detected by two pointers for each clause that point at two arbitrary literals which are not assigned to 0

 As long as such two pointers exist we do not  As long as such two pointers exist, we do not

have to consider implications caused by this clause

27

• 3. Satisfiability Checking



Example: (c + d)(d + e)(e + c + f + b)(d + a + f)...

3.1 Satisfiability checking 3.1 SAT-checking procedures

Assume the decision: a = 0 Next: b = 0 (c + d)(d + e)(e + c + f + b)(d + a + f)... (c + d)(d + e)(e + c + f + b)(d + a + f)...

We have to process only those clauses where the assignment changes watched literals

Next: c = 0 (c + d)(d + e)(e + c + f + b)(d + a + f)...

We have to process 2 clauses 28

• 3. Satisfiability Checking

Next: c = 0

3.1 Satisfiability checking

(c + d)(d + e)(e + c + f + b)(d + a + f)...

We have to process 2 clauses 3.1 SAT-checking procedures

(c + d)(d + e)(e + c + f + b)(d + a + f)... Implies: d = 0 (c + d)(d + e)(e + c + f + b)(d + a + f)...

Satisfied clauses are not considered further, they can not cause implications

1 1 1 etc.

 For backtracking, the watches can be kept

Backtrack to: a = 0, b = 1 (c + d)(d + e)(e + c + f + b)(d + a + f)...

SLIDE 8

Fachgebiet RechnerSysteme Verification Technology Technische Universität Darmstadt

29

• 3. Satisfiability Checking



Which variable should be decided next?  Random choice  Dynamic Largest Individual Sum (DLIS) heuristic (GRASP): select literal appearing most frequently in

3.1 Satisfiability checking 3.1 SAT-checking procedures

(GRASP): select literal appearing most frequently in unresolved clauses  Dynamic Largest Combined Sum (DLCS) heuristic: select variable appearing most frequently (positive and negative) in unresolved clauses  Variable State Independent Decaying Sum (VSIDS, Chaff): Chaff): — Compute #occurences of all literals = "activities" — If a learnt clause contains a literal then increment associated activity — Periodically divide all activities by same constant  …

30

• 3. Satisfiability Checking



From circuits to cnf …  SAT is cnf based!  How to create a cnf from a circuit?

3.1 Satisfiability checking 3.1 SAT-checking procedures

 The cnf of a circuit is easily derived by building the product of the characteristic functions of the individual gates

31

• 3. Satisfiability Checking



The characteristic function C of a gate with output x, n inputs y1, ..., yn and gate-function f is C = x  f(y y ) r  s = rs + rs

3.1 Satisfiability checking 3.1 SAT-checking procedures

C = x  f(y1, ..., yn) — Example: AND-gate Characteristic function: C = x  a·b r  s = rs + rs

a b x C 1 a b x & 0 1 1 1 1 1 1 1 1 1 1 1 1 1 1 1 C=1 for all observable combinations of input/output values

32

• 3. Satisfiability Checking



Generally, rs = 1 iff r=s due to the definition of .



Thus, the characteristic function x  f(y1, ..., yn) of a gate with output x and function f equals 1 iff x = f(y1, ..., yn)

3.1 Satisfiability checking 3.1 SAT-checking procedures

r  s = rs + rs

SLIDE 9

Fachgebiet RechnerSysteme Verification Technology Technische Universität Darmstadt

33

• 3. Satisfiability Checking



The characteristic function C of a gate-network is the product of the characteristic functions Ci of the n individual gates, i.e., C = C1· … ·Cn :  If h b bl t f l th f h

3.1 Satisfiability checking 3.1 SAT-checking procedures

 If we have a observable set of values then for each individual gate i we have xi = fi. Hence, each of the individual characteristic functions equals 1 and thus the product C of all characteristic functions.  If C = 1 then each of the Ci = 1. Thus, at each gate we have observable values.

34

• 3. Satisfiability Checking

 Example: a simple network — Characteristic function C = (x  a·b)·(y  x+z)

3.1 Satisfiability checking 3.1 SAT-checking procedures

z y

1

a b x &

—BUT: how to translate a characteristic function into a cnf?

35

• 3. Satisfiability Checking

 Example: AND-gate — Characteristic function: x  a·b = b + ( b) r  s = rs + rs

3.1 Satisfiability checking 3.1 SAT-checking procedures

xab + x·(a·b) = xab + xa + xb = (x + a)(x + b)(x + a + b)

a x & b &

36

• 3. Satisfiability Checking

 Example: OR-gate — Characteristic function: y  (x+z) = ( + )( + )( + + )

3.1 Satisfiability checking 3.1 SAT-checking procedures

(y + x)(y + z)(y + x + z)

x z y

1  Example: simple network — Characteristic function: (x + a)(x + b)(x + a + b)· ( + )( + )( + + ) (y + x)(y + z)(y + x + z)

z y

1

a b x &

SLIDE 10

Fachgebiet RechnerSysteme Verification Technology Technische Universität Darmstadt

37

• 3. Satisfiability Checking

 The number of clauses is proportional to

the number of gate-inputs and -outputs

 The cost is the large number of variables

(1 i bl t t t)

3.1 Satisfiability checking 3.1 SAT-checking procedures

(1 variable per gate-output)

38

• 3. Satisfiability Checking



SAT-Checker  Historically developed ~1960  Became very efficient in the last 5-10 years

3.1 Satisfiability checking 3.1 SAT-checking procedures

y y  Very large #variables (20,000,000) and #clauses (60,000,000) are tractable  Successful application to many verfication problems  Application to various industrial problems (railway interlocking systems, engine management units, ...)

39

• 3. Satisfiability Checking



SAT-based quantification  W b d i Ch t 1 th t th i l 3.2 SAT-Checking Variants  We observed in Chapter 1 that the universal quantification of a cnf w.r.t. a variable x is very easy: all literals of x are deleted  The existential quantification if difficult since this involves the or-operation of the two cofactors x: f(x) = f(0) + f(1)  If a unique representation e g dnf or cnf is desired  If a unique representation, e.g., dnf or cnf is desired then many transformations may become necessary

40

• 3. Satisfiability Checking



For the calculation of x: f(x) = f(0) + f(1) we typically do not expect the result to be unsatisfiable, but we want to record all satisfying assignments (ALL-SAT), e.g., as dnf, OBDD

3.1 Satisfiability checking 3.2 SAT-checking variants

OBDD, ...



Can we benefit from SAT-checking techniques like, e.g., learning to speed up ALL-SAT?

SLIDE 11

Fachgebiet RechnerSysteme Verification Technology Technische Universität Darmstadt

41

• 3. Satisfiability Checking



A first observation is the following:  If a satisyfying assignment A is found for one cofactor, e.g., f(0) then - for the calculation of x: f(x) = f(0) + f(1) th th f t h t t b i ti t d f A

3.1 Satisfiability checking 3.2 SAT-checking variants

• the other cofactor has not to be investigated for A

again: since f(0) is 1 for A, the values of f(1) for A are irrelevant for f(0) + f(1). A can be added as a blocking clause.  Example: b x b a 1 1 1 1 f f(0) f(1) b a 1 1 1 f(0) + f(1) A

42

• 3. Satisfiability Checking

 Example (cont'd): — f = (a + b)(x + b)(a + b + x) — x=0: f(0) = (a + b)b  satisfying assignment b = 0

3.1 Satisfiability checking 3.2 SAT-checking variants

( ) ( ) y g g  b is added as a blocking clause — x=1: f(1) = (a + b)(a + b)*b  satisfying assignment b = 1, a = 0  b + a is added as a blocking clause — The satisfying assignments (as dnf) are represented by the sum of the complements of the blocking clauses: b + ab b x b a 1 1 1 1 f f(0) f(1) b a 1 1 1 f(0) + f(1) A

43

• 3. Satisfiability Checking



The SAT-core problem:  Given a function f as cnf which is unsatisfiable, determine a subset of the clauses of f (an ti fi bl ) hi h l ti fi bl

3.2 SAT-Checking variants

unsatisfiable core) which are also unsatisfiable  Example: f = b(b + a)(c + a)(b + c)(a + b + c)(a + c)

 important to determine the relevant part of

a cnf which makes the cnf unsatisfiable

44

• 3. Satisfiability Checking

 Example (cont'd): 1 2 3 4 f = b(b + a)(c + a)(b + c)(a + b + c)(a + c)

3.2 SAT-Checking variants

b: a(c + a)(c)(a + c)(a + c) a: cc c

Record the resolution steps, determine backwards all involved clauses

3 1 a b f 2 4