Faculty Candidate Talk:
Wednesday, April 6, 2005, 4-5 p.m.
“Reasoning about Reliability and Security
Using Boolean Methods”
Sanjit Seshia, Ph.D. Candidate, Carnegie Mellon University
Detecting and correcting errors in computer systems before run-time
is increasingly important in today's ubiquitous computing
environment. The success of design verification and static program
analysis, however, depends on how efficiently their underlying
decision problems are solved in practice. As these problems are
usually at least NP-hard, current methods sacrifice modeling
precision for scalability. Imprecise modeling often results in many
false alarms and the inability to verify properties about overall
system functionality and timing.
I will present an approach towards tackling this problem based on
new, efficient decision procedures for first-order logics involving
arithmetic. In our approach, decision problems involving arithmetic
are transformed to problems in the Boolean domain, such as Boolean
satisfiability solving, thereby leveraging recent advances in that area.
Moreover, the transformation automatically detects and exploits
problem structure based on new theoretical results and machine
learning. Decision procedures based on our problem-specific Boolean
methods often outperform other state-of-the-art procedures by over a
factor of 100.
The decision procedures form the computational engines for two
verification systems, UCLID and TMV. These systems have been
applied to problems in computer security, electronic design
automation, and software engineering that require efficient and
precise analysis of system functionality and timing. For example, a
semantics-aware detector of viruses and worms has shown greater
resilience to obfuscation than commercial tools, and a verifier for self-
timed circuits has found an error in a published circuit of a widely-
used industrial microprocessor.