Reasoning about Reliability and Security Using Boolean Methods

Wednesday, April 6, 4-5 p.m., 306 Soda Hall

Sanjit Seshia, Ph.D. candidate, Carnegie Mellon University

Detecting and correcting errors in computer systems before run-time
is increasingly important in today's ubiquitous computing
environment. The success of design verification and static program
analysis, however, depends on how efficiently their underlying
decision problems are solved in practice. As these problems are
usually at least NP-hard, current methods sacrifice modeling
precision for scalability. Imprecise modeling often results in many
false alarms and the inability to verify properties about overall
system functionality and timing.

I will present an approach towards tackling this problem based on
new, efficient decision procedures for first-order logics involving
arithmetic. In our approach, decision problems involving arithmetic
are transformed to problems in the Boolean domain, such as Boolean
satisfiability solving, thereby leveraging recent advances in that
area. Moreover, the transformation automatically detects and exploits
problem structure based on new theoretical results and machine
learning. Decision procedures based on our problem-specific Boolean
methods often outperform other state-of-the-art procedures by over a
factor of 100.

The decision procedures form the computational engines for two
verification systems, UCLID and TMV. These systems have been applied
to problems in computer security, electronic design automation, and
software engineering that require efficient and precise analysis of
system functionality and timing. For example, a semantics-aware
detector of viruses and worms has shown greater resilience to
obfuscation than commercial tools, and a verifier for self-timed
circuits has found an error in a published circuit of a widely-used
industrial microprocessor.