Skip to main content
SpringerLink
Log in

Verified Verifying: SMT-LIB for Strings in Isabelle

  • Conference paper
  • First Online:
Implementation and Application of Automata (CIAA 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14151))

Included in the following conference series:

  • 266 Accesses

Abstract

The prevalence of string solvers in formal program analysis has led to an increasing demand for more effective and dependable solving techniques. However, solving the satisfiability problem of string constraints, which is a generally undecidable problem, requires a deep understanding of the structure of the constraints. To address this challenge, the community has relied on SMT solvers to tackle the quantifier-free first-order logic fragment of string constraints, usually stated in SMT-LIB format. In 2020, the SMT-LIB Initiative issued the first official standard for string constraints. However, SMT-LIB states the semantics in a semi-formal manner, lacking a level of formality that is desirable for validating SMT solvers. In response, we formalize the SMT-LIB theory of strings using Isabelle, an interactive theorem prover known for its ability to formalize and verify mathematical and logical theorems. We demonstrate the usefulness of having a formally defined theory by deriving, to the best of our knowledge, the first automated verified model verification method for SMT-LIB string constraints and highlight potential future applications.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 49.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 64.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Available at https://github.com/formalsmt/isabelle_smt.

  2. 2.

    Available at https://github.com/formalsmt/SMTmv.

References

  1. Abdulla, P.A., et al.: TRAU: SMT solver for string constraints. In: 2018 Formal Methods in Computer Aided Design (FMCAD), pp. 1–5. IEEE (2018)

    Google Scholar 

  2. Backes, J., et al.: Semantic-based automated reasoning for AWS access policies using SMT. In: 2018 Formal Methods in Computer Aided Design (FMCAD), pp. 1–9 (2018). https://doi.org/10.23919/FMCAD.2018.8602994

  3. Barbosa, H., et al.: cvc5: a versatile and industrial-strength SMT solver. In: TACAS 2022, Part I. LNCS, vol. 13243, pp. 415–442. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-99524-9_24

    Chapter  Google Scholar 

  4. Barbosa, H., et al.: Flexible proof production in an industrial-strength SMT solver. In: Blanchette, J., Kovács, L., Pattinson, D. (eds.) IJCAR 2022. LNCS, vol. 13385, pp. 15–35. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-10769-6_3

    Chapter  Google Scholar 

  5. Barrett, C., Fontaine, P., Tinelli, C.: The SMT-LIB Standard: Version 2.6. Technical report, Department of Computer Science, The University of Iowa (2017). http://www.SMT-LIB.org

  6. Barrett, C., Tinelli, C.: Satisfiability Modulo Theories. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-10575-8_11

    Book  MATH  Google Scholar 

  7. Berzish, M., Ganesh, V., Zheng, Y.: Z3str3: a string solver with theory-aware heuristics. In: 2017 Formal Methods in Computer Aided Design (FMCAD), pp. 55–59. IEEE (2017)

    Google Scholar 

  8. Berzish, M., et al.: An SMT solver for regular expressions and linear arithmetic over string length. In: Silva, A., Leino, K.R.M. (eds.) CAV 2021. LNCS, vol. 12760, pp. 289–312. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-81688-9_14

    Chapter  Google Scholar 

  9. Bjørner, N., Tillmann, N., Voronkov, A.: Path feasibility analysis for string-manipulating programs. In: Kowalewski, S., Philippou, A. (eds.) TACAS 2009. LNCS, vol. 5505, pp. 307–321. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-00768-2_27

    Chapter  MATH  Google Scholar 

  10. Blanchette, J.C., Fleury, M., Lammich, P., Weidenbach, C.: A verified SAT solver framework with learn, forget, restart, and incrementality. J. Autom. Reason. 61(1-4), 333–365 (2018). https://doi.org/10.1007/s10817-018-9455-7

  11. Blanchette, J.C., Fleury, M., Weidenbach, C.: A verified SAT solver framework with learn, forget, restart, and incrementality. In: Olivetti, N., Tiwari, A. (eds.) IJCAR 2016. LNCS (LNAI), vol. 9706, pp. 25–44. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-40229-1_4

    Chapter  Google Scholar 

  12. Blanchette, J.C., Fleury, M., Weidenbach, C.: A verified SAT solver framework with learn, forget, restart, and incrementality. In: Sierra, C. (ed.) Proceedings of the Twenty-Sixth International Joint Conference on Artificial Intelligence, IJCAI 2017, Melbourne, Australia, 19–25 August 2017, pp. 4786–4790. ijcai.org (2017). https://doi.org/10.24963/ijcai.2017/667

  13. Böhme, S., Weber, T.: Fast LCF-style proof reconstruction for Z3. In: Kaufmann, M., Paulson, L.C. (eds.) ITP 2010. LNCS, vol. 6172, pp. 179–194. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14052-5_14

    Chapter  Google Scholar 

  14. Brzozowski, J.A.: Derivatives of regular expressions. J. ACM (JACM) 11(4), 481–494 (1964)

    Article  MathSciNet  MATH  Google Scholar 

  15. Chen, T., Hague, M., Lin, A.W., Rümmer, P., Wu, Z.: Decision procedures for path feasibility of string-manipulating programs with complex operations. In: Proceedings of the ACM on Programming Languages 3(POPL), pp. 1–30 (2019)

    Google Scholar 

  16. Day, J.D., Ehlers, T., Kulczynski, M., Manea, F., Nowotka, D., Poulsen, D.B.: On solving word equations using SAT. In: Filiot, E., Jungers, R., Potapov, I. (eds.) RP 2019. LNCS, vol. 11674, pp. 93–106. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-30806-3_8

    Chapter  Google Scholar 

  17. de Moura, L., Bjørner, N.: Z3: an efficient SMT solver. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 337–340. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-78800-3_24

    Chapter  Google Scholar 

  18. Eldib, H., Wang, C., Schaumont, P.: Formal verification of software countermeasures against side-channel attacks. ACM Trans. Softw. Eng. Methodol. (TOSEM) 24(2), 1–24 (2014)

    Article  Google Scholar 

  19. Fleury, M.: Optimizing a verified SAT solver. In: Badger, J.M., Rozier, K.Y. (eds.) NFM 2019. LNCS, vol. 11460, pp. 148–165. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-20652-9_10

    Chapter  Google Scholar 

  20. Fleury, M.: Formalization of logical calculi in Isabelle/HOL. Ph.D. thesis, Saarland University, Saarbrücken, Germany (2020). https://tel.archives-ouvertes.fr/tel-02963301

  21. Fleury, M., Blanchette, J.C., Lammich, P.: A verified SAT solver with watched literals using imperative HOL. In: Andronick, J., Felty, A.P. (eds.) Proceedings of the 7th ACM SIGPLAN International Conference on Certified Programs and Proofs, CPP 2018, Los Angeles, CA, USA, 8–9 January 2018, pp. 158–171. ACM (2018). https://doi.org/10.1145/3167080

  22. Fleury, M., Schurr, H.: Reconstructing veriT proofs in Isabelle/HOL. In: Reis, G., Barbosa, H. (eds.) Proceedings Sixth Workshop on Proof eXchange for Theorem Proving, PxTP 2019, Natal, Brazil, 26 August 2019. EPTCS, vol. 301, pp. 36–50 (2019). https://doi.org/10.4204/EPTCS.301.6

  23. Fleury, M., Weidenbach, C.: A verified SAT solver framework including optimization and partial valuations. In: Albert, E., Kovács, L. (eds.) LPAR 2020: 23rd International Conference on Logic for Programming, Artificial Intelligence and Reasoning, Alicante, Spain, 22–27 May 2020. EPiC Series in Computing, vol. 73, pp. 212–229. EasyChair (2020). https://doi.org/10.29007/96wb

  24. Grimm, T., Lettnin, D., Hübner, M.: A survey on formal verification techniques for safety-critical systems-on-chip. Electronics 7(6), 81 (2018)

    Article  Google Scholar 

  25. Hojjat, H., Rümmer, P., Shamakhi, A.: On strings in software model checking. In: Lin, A.W. (ed.) APLAS 2019. LNCS, vol. 11893, pp. 19–30. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-34175-6_2

    Chapter  Google Scholar 

  26. Holub, V., Starosta, V.: Formalization of basic combinatorics on words. In: Cohen, L., Kaliszyk, C. (eds.) 12th International Conference on Interactive Theorem Proving (ITP 2021). Leibniz International Proceedings in Informatics (LIPIcs), vol. 193, pp. 22:1–22:17. Schloss Dagstuhl - Leibniz-Zentrum für Informatik, Dagstuhl, Germany (2021). https://doi.org/10.4230/LIPIcs.ITP.2021.22. https://drops.dagstuhl.de/opus/volltexte/2021/13917

  27. Kan, S., Lin, A.W., Rümmer, P., Schrader, M.: CertiStr: a certified string solver. In: Proceedings of the 11th ACM SIGPLAN International Conference on Certified Programs and Proofs, pp. 210–224 (2022)

    Google Scholar 

  28. Krauss, A., Nipkow, T.: Regular sets and expressions. Archive of Formal Proofs, May 2010. https://isa-afp.org/entries/Regular-Sets.html, Formal proof development

  29. Krauss, A., Nipkow, T.: Proof pearl: regular expression equivalence and relation algebra. J. Autom. Reason. 49(1), 95–106 (2011). https://doi.org/10.1007/s10817-011-9223-4

  30. Kulczynski, M., Lotz, K., Nowotka, D., Poulsen, D.B.: Solving string theories involving regular membership predicates using SAT. In: Legunsen, O., Rosu, G. (eds.) Model Checking Software. LNCS, vol. 13255, pp. 134–151. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-15077-7_8

    Chapter  Google Scholar 

  31. Kulczynski, M., Manea, F., Nowotka, D., Poulsen, D.B.: The power of string solving: simplicity of comparison. In: Proceedings of the IEEE/ACM 1st International Conference on Automation of Software Test, pp. 85–88 (2020)

    Google Scholar 

  32. Lescuyer, S.: Formalizing and implementing a reflexive tactic for automated deduction in Coq. (Formalisation et developpement d’une tactique reflexive pour la demonstration automatique en coq). Ph.D. thesis, University of Paris-Sud, Orsay, France (2011). https://tel.archives-ouvertes.fr/tel-00713668

  33. Maric, F.: Formal verification of a modern SAT solver by shallow embedding into Isabelle/HOL. Theor. Comput. Sci. 411(50), 4333–4356 (2010). https://doi.org/10.1016/j.tcs.2010.09.014

  34. Maric, F., Janicic, P.: Formalization of abstract state transition systems for SAT. Log. Methods Comput. Sci. 7(3) (2011). https://doi.org/10.2168/LMCS-7(3:19)2011

  35. Marić, F.: Formal verification of modern sat solvers. Archive of Formal Proofs, July 2008. https://isa-afp.org/entries/SATSolverVerification.html, Formal proof development

  36. Mora, F., Berzish, M., Kulczynski, M., Nowotka, D., Ganesh, V.: Z3str4: a multi-armed string solver. In: Huisman, M., Păsăreanu, C., Zhan, N. (eds.) FM 2021. LNCS, vol. 13047, pp. 389–406. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-90870-6_21

    Chapter  Google Scholar 

  37. Nipkow, T., Paulson, L.C., Wenzel, M.: Isabelle/HOL — A Proof Assistant for Higher-Order Logic. LNCS, vol. 2283. Springer, Heidelberg (2002). https://doi.org/10.1007/3-540-45949-9

  38. Oe, D., Stump, A., Oliver, C., Clancy, K.: versat: a verified modern SAT solver. In: Kuncak, V., Rybalchenko, A. (eds.) VMCAI 2012. LNCS, vol. 7148, pp. 363–378. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-27940-9_24

    Chapter  Google Scholar 

  39. Redelinghuys, G., Visser, W., Geldenhuys, J.: Symbolic execution of programs with strings. In: Proceedings of the South African Institute for Computer Scientists and Information Technologists Conference, SAICSIT 2012, pp. 139–148 (2012)

    Google Scholar 

  40. Rungta, N.: A billion SMT queries a day (invited paper). In: Shoham, S., Vizel, Y. (eds.) Computer Aided Verification. LNCS, vol. 13371, pp. 3–18. Springer, Cham (2022). https://doi.org/10.1007/978-3-031-13185-1_1

    Chapter  Google Scholar 

  41. Saxena, P., Akhawe, D., Hanna, S., Mao, F., McCamant, S., Song, D.: A symbolic execution framework for JavaScript. In: 2010 IEEE Symposium on Security and Privacy, pp. 513–528. IEEE (2010)

    Google Scholar 

  42. Schurr, H., Fleury, M., Barbosa, H., Fontaine, P.: Alethe: towards a generic SMT proof format (extended abstract). In: Keller, C., Fleury, M. (eds.) Proceedings Seventh Workshop on Proof eXchange for Theorem Proving, PxTP 2021, Pittsburg, PA, USA, 11 July 2021. EPTCS, vol. 336, pp. 49–54 (2021). https://doi.org/10.4204/EPTCS.336.6

  43. Shankar, N., Vaucher, M.: The mechanical verification of a DPLL-based satisfiability solver. In: Haeusler, E.H., del Cerro, L.F. (eds.) Proceedings of the Fifth Logical and Semantic Frameworks, with Applications Workshop, LSFA 2010, Natal, Brazil, 31 August 2010. Electronic Notes in Theoretical Computer Science, vol. 269, pp. 3–17. Elsevier (2010). https://doi.org/10.1016/j.entcs.2011.03.002

  44. Tinelli, C., Barrett, C., Fontaine, P.: SMT: theory of strings. http://smtlib.cs.uiowa.edu/theories-UnicodeStrings.shtml. Accessed 03 Mar 2022

  45. Wenzel, M., Paulson, L.C., Nipkow, T.: The Isabelle framework. In: Mohamed, O.A., Muñoz, C., Tahar, S. (eds.) TPHOLs 2008. LNCS, vol. 5170, pp. 33–38. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-71067-7_7

    Chapter  Google Scholar 

  46. Wenzel, M., et al.: The Isabelle/Isar reference manual (2004)

    Google Scholar 

  47. Yu, F., Alkhalaf, M., Bultan, T., Ibarra, O.H.: Automata-based symbolic string analysis for vulnerability detection. Form. Methods Syst. Des. 44(1), 44–70 (2013). https://doi.org/10.1007/s10703-013-0189-1

    Article  MATH  Google Scholar 

  48. Zbrzezny, A.M., Szymoniak, S., Kurkowski, M.: Practical approach in verification of security systems using satisfiability modulo theories. Log. J. IGPL 30(2), 289–300 (2022)

    Article  MathSciNet  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, Kiel University, Kiel, Germany

    Kevin Lotz, Mitja Kulczynski & Dirk Nowotka

  2. Department of Computer Science, Aalborg University, Aalborg, Denmark

    Danny Bøgsted Poulsen & Anders Schlichtkrull

Authors
  1. Kevin Lotz
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mitja Kulczynski
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Dirk Nowotka
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Danny Bøgsted Poulsen
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Anders Schlichtkrull
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Kevin Lotz .

Editor information

Editors and Affiliations

  1. Eastern Mediterranean University, Famagusta, Cyprus

    Benedek Nagy

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Lotz, K., Kulczynski, M., Nowotka, D., Poulsen, D.B., Schlichtkrull, A. (2023). Verified Verifying: SMT-LIB for Strings in Isabelle. In: Nagy, B. (eds) Implementation and Application of Automata. CIAA 2023. Lecture Notes in Computer Science, vol 14151. Springer, Cham. https://doi.org/10.1007/978-3-031-40247-0_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-40247-0_15

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-40246-3

  • Online ISBN: 978-3-031-40247-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation