Keywords

These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

1 Introduction

SMT solvers are currently used as backend engines in many formal verification (FV) tools for Hardware, Software and Hybrid Systems. Many SMT problems of interest for FV or for other disciplines, however, require the capability of finding models that are optimal wrt. some objective functions [6, 8, 9, 11, 1316, 1820]. These problems are grouped under the umbrella term of Optimization Modulo Theories – OMT.

For instance, in SMT-based model checking with timed or hybrid systems, you may want to find executions which optimize the value of some parameter while fulfilling/violating some property –e.g., to find the minimum opening time interval for a railcrossing causing a safety violation. (See e.g. [19] for some examples.) Also, a recent application of OMT is the SMT-based computation of the worst-case execution time (WCET) of loop-free programs [12], which finds tighter over-approximations of the WCET than other state-of-the-art approaches. A longer list of OMT applications in formal verification and in other disciplines can be found in [8, 11, 1416, 19].

In this paper we present OptiMathSAT, an OMT tool extending the MathSAT5 SMT solver [3, 10], implementing the OMT procedures described in [1820]. OptiMathSAT allows for solving a list of optimization problems on SMT formulas with linear objective functions –on the Boolean, the rational and the integer domains, and on their combination thereof– including MaxSMT. Multiple objective functions can be combined together and handled either independently, or lexicographically, or in a min-max/max-min fashion. Like MathSAT5, it is freely available for research and evaluation purposes [4], and it is currently used in some innovative projects (see Sect. 5).

Related Tools. Currently few other OMT tools exist. Closest to OptiMathSAT are Symba [14] and the very-recent \(\nu Z\) [6, 7], which are both built on top of Z3. [14] considered the problem of optimizing multiple rational cost functions at the same time. Symba uses the underlying SMT solver as black-box, and it features additional ad hoc techniques for detecting unbounded costs and optimization. \(\nu Z\) supports both single-objective linear optimization –over a real, integer or bit-vector term – and multi-objective optimization in either boxed, lexicographic or Pareto-optimization mode. It ships with several specialized engines for MaxSMT and with pre-processing techniques that re-encode the 0-1 integer variables of the input formula into Pseudo-Boolean or MaxSMT constraints. We refer the reader to the related work section of [19] for a more-detailed analysis of other OMT-related approaches and tools.

Content. This paper is structured as follows. Section 2 provides a brief outline of OptiMathSAT architecture, followed by a description of its optimization functionalities and interfaces in Sect. 3. Section 4 presents a short example, and Sect. 5 reviews some recent interesting applications of OptiMathSAT. Section 6 concludes the paper with hints of some future developments. An extended version of this paper, containing a performance evaluation and some more details, is available from OptiMathSAT web page [4].

2 Architecture

OptiMathSAT is written in C++ and it is built as an extension of MathSAT5, which implements the standard lazy SMT paradigm (see [5]). Unlike the OMT algorithms in [6, 14], which are based on an offline architecture –in which the SMT Solver is incrementally called multiple times as a black-box– OptiMathSAT is based on an inline architecture –in which the SMT solver is run only once and its internal SAT solver is modified to handle the search for the optima [1820]. Although harder to implement, the inline architecture has showed better performance for OptiMathSAT than the offline one [18, 19]. (We refer the reader to [19] for a comparison of the two architectures.)

The optimization algorithm can explore the search space in linear-search mode, by pruning one intermediate solution at a time, or in binary-search mode, by introducing cuts bisecting the search space, or in adaptive-search mode, which uses adaptive heuristics to choose among the linear- and binary-search modes at each search step.

Some functionalities, such as the control loop for lexicographic optimization and the assertion of soft clauses, are handled at a higher level of abstraction by means of a combination of MathSAT5 and OptiMathSAT API calls.

3 Optimization Functionalities

OptiMathSAT is mainly a tool for (single- and multiple-objective) OMT with linear objective functions OMT(\({\mathcal {LA}}\cup \mathcal {T}\)) s.t. “\(\mathcal {LA}\)" denotes linear arithmetic over either the rationals (\(\mathcal {LRA}\)), or the integers (\(\mathcal {LIA}\)) or their combination \({\mathcal {LRIA}}\), and \({\mathcal T}\) denotes any other Nelson-Oppen theory supported by MathSAT5. For each objective it is possible to specify both global and local bounds, if known.Footnote 1 OptiMathSAT can use this information to explore the search space in binary or in adaptive search mode, which might improve the overall performance of the solver. We support objective functions over the rational, integer and Boolean domainsFootnote 2, or their combinations.

Here we provide a brief list of OptiMathSAT optimization functionalities, omitting the functionalities inherited from MathSAT5 [10]. A detailed description of the implemented algorithms is presented in [1820].

3.1 Single-Objective Optimization

We discuss first the case in which we have only one objective function, namely obj.

  • Linear Arithmetic Optimization over \(\mathcal {LRA}\) , \(\mathcal {LIA}\) and \({\mathcal {LRIA}}\) . Given some term obj on \(\mathcal {LA}\) , OptiMathSAT finds a solution (if any) which makes the term obj minimum/maximum. This is based on a combination of SMT and linear [integer] programming techniques.

  • Partial Weighted MaxSMT and SMT with Pseudo-Boolean Objectives (PB-SMT). Given an input formula \(\varphi _h\wedge \varphi _s\), where \(\varphi _h\) contains hard constraints and \(\varphi _s\) contains soft constraints with positive weights, the goal of partial weighted MaxSMT [9, 16] is to find a model M s.t. \(M\models {}\varphi _h \wedge \varphi _s^{M}\) and \(\varphi _s^{M}\) is a subset of \(\varphi _s\) in which the soft-constraints have the largest cumulative weight possible. Similarly, OptiMathSAT allows also for defining Pseudo-Boolean objective functions in the form \(\sum _iw_i\psi _i\), where \(w_i\) are numerical constants and \(\psi _i\) are sub-formulas. Unlike with the procedures in [6, 8, 9, 16], which use specialized algorithms for MaxSMT/PB-SMT, OptiMathSAT works by encoding the problem into the optimization of an \(\mathcal {LRA}\) term, as described in [19]. This allows for combining the MaxSMT terms with other objectives, as we describe in Sect. 3.2.

Notice that it is possible to interrupt the search of OptiMathSAT (e.g., by setting a timeout) and to still have access to the current sub-optimal solutions and its model.

3.2 Multi-objective Combination

The interface of OptiMathSAT allows for combining multiple objective functions \(obj_1\), ..., \(obj_N\) in various ways.

  • Multiple Independent Objectives [14]. (Aka Boxed Optimization [6].) OptiMathSAT can solve simultaneously N independent optimization problems \(\langle \varphi {},obj_1\rangle , ...,\) \(\langle \varphi {},obj_N\rangle {}\), optionally building the corresponding optimum models \(M_0, ..., M_N\).Footnote 3 (In the empirical evaluation presented in [20], we showed that using this optimization strategy can be considerably more efficient than solving N single-objective optimization problems.) This option is the default configuration.

  • Lexicographic Optimization. OptiMathSAT optimizes lexicographically the objectives \(obj_1, ...,obj_N\) by decreasing level of priority. If any objective \(obj_i\) is unsatisfiable or unbounded, the search returns.

  • Min-max and Max-min. The goal of a min-max problem is to find the maximum value of an obj s.t. \(\bigwedge _{i=0}^{N}\) (\(obj \le obj_{i}\)) \(\wedge \bigvee _{i=0}^{N}\) (\(obj_{i} = obj\)), obj being a fresh variable.Footnote 4 Max-min is dual. OptiMathSAT provides syntactic-sugar extensions to SMT-LIBv2 that allow for encoding this type of objectives.

  • Linear Combination. Obviously, one can also create objectives that are a linear combination of other objectives \(obj_1, ..., obj_N\), i.e., \(obj = \sum _{i=1}^N w_i\cdot obj_i\).

We remark that all the above combinations hold for \(obj_i\) cost functions over every domain, including Boolean. For instance, you can combine together MaxSMT with OMT optimization over Integer or Real objectives.

3.3 Interfaces

Fig. 1.
figure 1

SMT-LIBv2 Optimization Extensions, square brackets corresponds to optional parameters, whereas “\(\vert {}\)” stands for alternative choices.

Full size image

Input Language. OptiMathSAT functions are accessible through a list of commands, extending the SMT-LIBv2 syntax, which is shown in a concise description in Fig. 1. Notice that, differently from \(\nu Z\) [7], in case of a MaxSMT problem we require the user to build explicitly a minimization objective using the ID associated with the asserted soft clauses, i.e., by writing “(minimize ID )”. The advantage of this requirement is that we allow for arbitrary composition of the MaxSMT objective with other linear arithmetic functions, which can be useful in particular contexts (for instance, to build obj functions on mixed Boolean/numeric domains, as with Linear Generalized Disjunctive Programming (LGDP) problems [17]).

Fig. 2.
figure 2

SMT-LIBv2 encoding of the problem.

Full size image

C API. The optimization functions of OptiMathSAT are also available through its C API, which extends that of MathSAT5 [3]. A detailed documentation of the C API, the SMT-LIBv2 language extensions and some usage examples are accessible on OptiMathSAT website [4].

Incremental Interface. Like MathSAT5, OptiMathSAT provides a push/pop interface for adding and removing objectives and pieces of formulas from the formula stack, which allows for reusing information from one optimization search to another to improve the global performance of the search [20].

4 Example

In Fig. 2 we present a toy example that illustrates how to encode a problem into the extended SMT-LIBv2 language of OptiMathSAT. A small company urgently needs 250 units of some goods. Suppliers \(s_1, s_2, s_3, s_4\) offer to supply up to 250, 150, 100, 100 units of goods starting from the minimum quantity of 50, 100, 100, 50 units respectively. Their prices are \(23{\$}, 21{\$}, 20{\$}, 10{\$}\) per unit respectively. Our goal is (A) to minimize the overall purchase cost and, at cost tie, (B) to maximize the number of suppliers.

A simple OMT encoding of the problem is shown in Fig. 2. In this example there are two combinations of suppliers –\(s_2, s_4\) and \(s_1, s_3, s_4\)– from which we can purchase the goods at the minimum cost of 4150$. Therefore, the tie is broken by our secondary goal (B), which imposes our preference on the second solution. The optimum model of a lexicographic optimization is always associated with the top-most objective on the internal stack. Since in this example there are only two objectives, this objective can be selected by passing 1 to the set-model command. As mentioned in Sect. 3.3, notice that we explicitly ask for ignored_suppliers, the label of the MaxSMT constraints, to be minimized. OptiMathSAT solved the problem in 10ms.

5 Applications

We briefly mention two examples of recent applications –which are very innovative in their respective domains– that have been technologically enabled by OMT and use OptiMathSAT as backend automated-reasoning engine.

  • Structured Learning Modulo Theories. In Machine Learning applications, performing inference and learning in hybrid domains –characterized by both continuous and Boolean/discrete variables– is a particularly daunting task. Structured Learning Modulo Theories (SLMT) [21] addresses the problem by combining (Structured-Output) Support Vector Machines (SVNs) with OMT, so that the latter plays the role of inference and separation oracle for the former. The tool LMT implementing the SLMT method [2] uses OptiMathSAT as backend OMT engine.

  • Automated Reasoning on Constrained Goal Models. Goal Models (GM) are used in Requirements Engineering to represent software requirements, objectives, and design qualities [22]. Constrained Goal Models (CGM) are a novel, formal version of GM which are enriched with constraints so that to handle preferences, numerical attributes and resources (e.g., scores, financial cost, workforce, etc.). OptiMathSAT is used as a backend reasoning engine of CGM-Tool [1], a tool for building and reasoning on CGMs, allowing for automatically verifying the realizability of a CGM and for finding optimal realizations according to some specified criterion.

6 Future Developments

We plan to extend OptiMathSAT capabilities along several directions. For instance, we are interested into generalizing our implementation to support objective functions extended on other theories, i.e. bit-vector. We are also considering to add the possibility of combining multiple objectives for Pareto-optimization. Finally, we plan to parallelize OMT so that to exploit the multi-core architectures of modern CPUs.