Btor2-Cert (HWMCC 2024 Submission)

Btor2-Cert is a certifying and validating hardware-verification framework using software analyzers.

Software Architecture

Btor2-Cert translates a word-level hardware circuit in the Btor2 format to a behaviorally equivalent C program using the translator Btor2C, verifies the translated C program with a certifying software analyzer, namely, one that produces verification witnesses (examples in sw-verifiers/), translates the witness produced by the analyzer back to the Btor2 domain, and validates the witness with the Btor2 validator Btor2-Val.

Btor2-Cert offers a convenient way to integrate different backend software analyzers via the cooperative verification framework CoVeriTeam and provides trustworthy verification results accompanied by inspectable witnesses, making it a flexible and powerful framework for certifying hardware verification.

Installation and Requirements

Btor2-Cert relies on CoVeriTeam to coordinate the underlying analyzers. Therefore, the following dependencies are required:

• Linux Ubuntu 20.04 or newer
• Python 3.10 or newer
• Linux control groups (cgroups)

Please also refer to btor2c/README.md and btor2-val/README.md for the complete lists of requirements. Note that Btor2C must be compiled before Btor2-Cert can be used.

To run the underlying software analyzers, the system also has to satisfy their requirements.

Usage

To verify a Btor2 circuit with Btor2-Cert, please run:

./btor2-cert <btor2_file>

After executing the command, the verification result will be printed to the console.

[INFO] Verification result: true  # or false/unknown/ERROR

true means that the safety property holds, i.e., bad in the Btor2 circuit is unreachable, whereas false means that the safety property can be violated.

Some example Btor2 circuits can be found under btor2c/examples/ and btor2-val/examples/. For more information, please run ./btor2-cert -h.

HWMCC Submission

For HWMCC 2024, Btor2-Cert employs a parallel portfolio (defined in sw-verifiers/portfolio.yml) of the following algorithms in the software analyzers below:

• CBMC: BMC and k-induction
• CPAchecker: predicate abstraction and interpolation-based model checking
• ESBMC: k-induction
• KLEE: symbolic execution
• Theta: predicate abstraction and value analysis

Additional software dependencies are required, including:

• GCC
• Java 17

To run Btor2-Cert's parallel portfolio for HWMCC 2024, please execute:

./btor2-cert --hwmcc24 <btor2_file>

Resource Limits

The portfolio targets the competition environment at HWMCC, which imposes a memory limit of 120 GB and a wall-clock time limit of one hour on a machine with 16 cores and 128 GB of RAM.

We set the memory limit for each algorithm in the portfolio to 16 GB and recommend using this portfolio on machines with similar resources as the HWMCC's environment.

Notes on Measuring Resource Consumption Using BenchExec

CoVeriTeam, a component of Btor2-Cert, uses runexec from BenchExec to limit and measure the resources of the containerized executions of the backend software analyzers. Therefore, benchmarking Btor-Cert using the BenchExec framework results in nested containers and requires a special setup.

• For systems with cgroups v1, please pass --full-access-dir /sys/fs/cgroup to runexec:

  runexec [runexec-flags] --full-access-dir /sys/fs/cgroup -- ./btor2-cert [btor2-cert-flags] <btor2_file>

• For systems with cgroups v2, please prepend ./cgroup-init.sh to ./btor2-cert (see also BenchExec's documentation):

  runexec [runexec-flags] -- ./cgroup-init.sh ./btor2-cert [btor2-cert-flags] <btor2_file>

Contributors

Contributors of this project are listed in btor2c/README.md and btor2-val/README.md.

License

Btor2-Cert is licensed under the Apache 2.0 License. The used submodules Btor2C (btor2c/) and Btor2-Val (btor2-val/), and the backend software analyzers (stored in cvt-cache/tools/ by default) are available under their respective licenses.