ADVANCE D3.3 Improvement of automated proof: Difference between revisions

From Event-B
Jump to navigationJump to search
imported>Nicolas
m →‎Motivations / Decisions: Use cup instead of bunion for tex compatibility
imported>Laurent
Line 37: Line 37:


== Planning ==
== Planning ==
Enhancement to automated proof will continue during the ADVANCE project. Notably, the remaining missing rewriting<ref>http://wiki.event-b.org/index.php/All_Rewrite_Rules</ref> and inference rules<ref>http://wiki.event-b.org/index.php/Inference_Rules</ref>, that have already been documented, will be implemented together with new rules.
During the last period of the ADVANCE project, we plan to continue to improve the rate of automated proofs based on feedback from the case studies.


Maintenance of the SMT solver integration plug-in will be ensured within the time frame of ADVANCE. In particular, the translation to SMT-LIB will be completed by adding some support for mathematical extensions.
As concerns the SMT solver integration plug-in, we will benchmark it on the case study models and investigate the integration of new solvers such as CVC4.


Finally, connecting other provers (such as Super Zenon and iProver) to the platform will be investigated.
Finally, as concerns external provers, we do not plan to continue this task because of the lack of available open-source provers. We will nevertheless check regularly for public releases of new provers that could be integrated.


{{TODO|Revise plans}}
{{TODO|Finalise plans}}


== References ==
== References ==

Revision as of 13:28, 5 September 2013

Overview

In a regular Event-B modelling activity, more than 60% of the time is spent on proofs. Therefore, increasing the rate of automated proofs is a productivity booster which decreases the overall cost of formal modelling. Consequently, enhancing the automated prover has been a continuous task since the inception of the Rodin platform.

This task can be achieved by refactoring the core platform, by adding new features to it, such as new integrated reasoners and tactics, but also by connecting some external reasoning ability such as external provers (e.g., SMT solvers).

During the second period of the ADVANCE project, all these three kinds of activities have been performed.

Motivations / Decisions

Internal code refactoring
The membership goal reasoner has been part of the integrated sequent prover since Rodin 2.3. This tool provides specialized reasoning capability about pure set membership and chains of set inclusion. For instance, it can be used to discharge sequents like x\in A,\; A\subset B,\; B\subset C \;\vdash\; x\in C .

Internally, the reasoner used a specialized algorithm to discover chains of inclusions and all hypotheses matching x\in\textvisiblespace. Trying to extend the reasoner to other cases of inclusion such as A \cup B \subset C, we found out that the reasoner was in fact solving a SAT problem where all atoms are of the form x\in\textvisiblespace. So, we stepped back and replaced the specialized machinery by a call to the SAT4J solver which is already part of Eclipse (it is used to solve dependencies when installing a new plug-in). This refactoring, although not increasing yet the rate of automated proofs, opens the way for further improvements of this reasoner, and this without any penalty, as the new version of the reasoner takes the same amount of time to run (as shown by benchmarks).

Integrated provers
During this period, we have implemented new normalization rules about empty sets and their dual : complete sets (that is sets that fill entirely their type). These new rules are now part of the normalizer which is run at each step of the interactive prover. They reduce the diversity of predicates and increase the automated proofs of trivial proof obligations often encountered in degenerated cases (that is not interesting to the modeller, but that need to be carried out nevertheless).

In a similar vein, we have also improved the HYP, HYP_OR, CNTR and GEN_MP reasoners. All these reasoners have in common to search for a hypothesis matching a certain pattern. Until Rodin 3.0, only exact matches were sought for. Now, the reasoners also look for variations of a predicate, that is either equivalent predicates or predicates that provide a sufficient condition. Benchmarking this improvement, we measured that we had an overall 4 % increase in automated proofs compared to the previous version. As for the membership goal reasoner, this improvement comes at no cost as the new versions of these reasoners does not take more time to execute.

Tactic profiles
The proportion of automatically discharged proof obligations heavily depends on the auto-tactic configuration. Sometimes, the automatic prover fails because the tactics are applied in an unappropriate order. Since Rodin 3.0, plug-ins can contribute their own default profiles (through extension points, for convenience) which allows users to pick up their auto-tactic from a portfolio, rather than having to define a new one by themselves. This therefore improves the usability of the auto-prover and allows to capitalize easily on best practices.

SMT Solvers
At the beginning of the ADVANCE project, an initial version of the SMT solvers plug-in was available. However, this early version was still very fragile and most of the times was producing proofs that could not be saved, rendering it useless. During the first and second period of the project, as a background task, this plug-in has been strengthened and brought to industrial grade. Version 1.0 of the plug-in has been released in June 2013.

Other external provers We initially planned to connect the Super Zenon[1] and the iProver[2] external provers to the Rodin platform. However, Super Zenon is still not available publicly while the development of iProver seems to have gone closed source : there is no development anymore on the Google project, although a new version 1.0 has been presented to the latest CASC-24 competition. Consequently, we could not make any progress in this direction.

Available Documentation

Tactic profiles are described in the Rodin Handbook[3].

The user manual of the SMT Solvers plug-in is available on the Event-B wiki[4].

The introduction of variations in the HYP, HYP_OR, CNTR and GenMP reasoners is described in the Event-B wiki [5].

The design of the Membership Goal reasoner[6] has been updated to reflect the use of a SAT solver.

Planning

During the last period of the ADVANCE project, we plan to continue to improve the rate of automated proofs based on feedback from the case studies.

As concerns the SMT solver integration plug-in, we will benchmark it on the case study models and investigate the integration of new solvers such as CVC4.

Finally, as concerns external provers, we do not plan to continue this task because of the lack of available open-source provers. We will nevertheless check regularly for public releases of new provers that could be integrated.

TODO: Finalise plans

References