Property-Directed Reachability as Abstract Interpretation in the Monotone Theory

TL;DR

This paper reveals that propositional property-directed reachability (PDR) can be formulated as an abstract interpretation algorithm within the monotone theory, providing a theoretical foundation for its effectiveness in invariant inference.

Contribution

It introduces a new formulation of PDR as an abstract interpretation method using the monotone theory, bridging the gap between PDR and abstract interpretation techniques.

Findings

PDR can be expressed as an abstract interpretation in a logical domain.

The algorithm's frames overapproximate the invariant inference process.

Conditions are identified where the process converges rapidly, sometimes exponentially faster than naive methods.

Abstract

Inferring inductive invariants is one of the main challenges of formal verification. The theory of abstract interpretation provides a rich framework to devise invariant inference algorithms. One of the latest breakthroughs in invariant inference is property-directed reachability (PDR), but the research community views PDR and abstract interpretation as mostly unrelated techniques. This paper shows that, surprisingly, propositional PDR can be formulated as an abstract interpretation algorithm in a logical domain. More precisely, we define a version of PDR, called $\Lambda$-PDR, in which all generalizations of counterexamples are used to strengthen a frame. In this way, there is no need to refine frames after their creation, because all the possible supporting facts are included in advance. We analyze this algorithm using notions from Bshouty's monotone theory, originally developed in the context of exact learning. We show that there is an inherent overapproximation between the algorithm's frames that is related to the monotone theory. We then define a new abstract domain in which the best abstract transformer performs this overapproximation, and show that it captures the invariant inference process, i.e., $\Lambda$-PDR corresponds to Kleene iterations with the best transformer in this abstract domain. We provide some sufficient conditions for when this process converges in a small number of iterations, with sometimes an exponential gap from the number of iterations required for naive exact forward reachability. These results provide a firm theoretical foundation for the benefits of how PDR tackles forward reachability.