# SAT-Based Methods for Circuit Synthesis

Roderick Bloem<sup>1</sup>, Uwe Egly<sup>2</sup>, Patrick Klampfl<sup>1</sup>, Robert Könighofer<sup>1</sup>, and Florian Lonsing<sup>2</sup>

<sup>1</sup>Institute for Applied Information Processing and Communications, Graz University of Technology, Austria <sup>2</sup>Knowledge-Based Systems Group, Institute of Information Systems, Vienna University of Technology, Austria

Abstract—Reactive synthesis supports designers by automatically constructing correct hardware from declarative specifications. Synthesis algorithms usually compute a strategy, and then construct a circuit that implements it. In this work, we study SAT- and QBF-based methods for the second step, i.e., computing circuits from strategies. This includes methods based on QBF-certification, interpolation, and computational learning. We present optimizations, efficient implementations, and experimental results for synthesis from safety specifications, where we outperform BDDs both regarding execution time and circuit size.

## I. INTRODUCTION

Synthesis is an ambitious design approach: Instead of checking whether an already constructed system satisfies its specification, a correct implementation is derived *automatically* from the specification [3]. Synthesis is also used in rapid prototyping, automatic repair [9], and program sketching [14].

Existing work often focuses on finding strategies to satisfy the specification, or only on deciding realizability. However, computing circuits from strategies is computationally demanding as well. System quality (e.g., circuit size and depth) imposes additional challenges. Synthesized strategies usually allow for much implementation freedom, which needs to be exploited cleverly. Algorithms must also be symbolic (operate on formulas rather than enumerating states) to achieve scalability. These symbolic algorithms are usually implemented with BDDs because they offer existential *and* universal quantification. Recently, SAT-based synthesis algorithms have been proposed [12], [4] as alternative to BDDs and their scalability issues. However, these works do not address circuit extraction.

We thus present and compare several SAT- and QBFbased circuit synthesis algorithms. The basic algorithms are not new, but we present novel optimizations, combinations, efficient implementations for safety synthesis problems, and extensive experiments. This includes methods based on QBFcertification, computational learning (including the first application of incremental QBF solving in synthesis), and interpolation. We achieve the best results by combining ideas from interpolation [8] with learning [7], thereby outperforming BDDs both regarding computation time and circuit size.

**Related work.** It is argued [7] that many circuit synthesis methods are still outperformed by the simple BDD-based co-factor approach [3]. The same work [7] also proposes learning-based techniques, which are implemented with BDDs. This

yields smaller circuits, but is slower. We show how learning can be efficiently realized with SAT- and QBF-solvers, and that this realization can outperform the cofactor approach both regarding circuit size and computation time. SAT-based learning is also used in [4]. However, this work only addresses strategy computation and not circuit synthesis. Jiang et al. [8] propose interpolation for circuit extraction, and show how quantifier alternations can be avoided by temporarily treating outputs as inputs. We combine this idea with learning to compute interpolants, thereby achieving a speedup of several orders of magnitude. QBF certification [13] can derive circuits from a completeness proof of the strategy formula. We show how this method can be applied efficiently for safety synthesis.

# **II. PRELIMINARIES**

We assume familiarity with propositional logic, SAT- and QBF-solving (cf. [1]) but repeat the most important concepts.

**Basic Notation.** A *literal* is a Boolean variable or its negation. A *clause* (*cube*) is a disjunction (conjunction) of literals, and a *Conjunctive Normal Form* (*CNF*) formula is a conjunction of clauses. We denote variables vectors with overlines, corresponding cubes in bold, and propositional formulas with capital letters. E.g.,  $\mathbf{x}$  is a cube over the variable vector  $\overline{x} = (x_1, \ldots, x_n)$ , and  $F(\overline{x})$  is a formula over  $\overline{x}$ . If the variables are irrelevant, we simply write F instead of  $F(\overline{x})$ .

Decision Procedures. A SAT-solver checks if a CNF is satisfiable. We write  $(sat, x) := PSAT(F(\overline{x}))$  for a SATsolver call, where sat is assigned true iff the CNF F is satisfiable, and  $\mathbf{x}$  is a satisfying assignment given as cube over  $\overline{x}$ . Let x be a cube. We write  $\mathbf{y} := \mathsf{PCORE}(\mathbf{x}, F)$  to denote the extraction of an unsatisfiable core: Given that  $\mathbf{x} \wedge F$ is unsatisfiable, y will be a sub-cube of x such that  $y \wedge F$ is still unsatisfiable. Let  $A(\overline{x}, \overline{y})$  and  $B(\overline{x}, \overline{z})$  be two CNFs such that  $A \wedge B$  is unsatisfiable, and  $\overline{y}$  and  $\overline{z}$  are disjoint. An *interpolant* is a formula  $I(\overline{x})$  such that  $A \Rightarrow I \Rightarrow$  $\neg B$ . Interpolants can be computed from the unsatisfiability proof of  $A \wedge B$  [6]. We denote this computation by I :=INT(A, B). A Quantified Boolean Formula (QBF) is a formula  $Q_1\overline{x} \cdot Q_2\overline{y} \dots F(\overline{x},\overline{y},\dots)$ , where  $Q_i \in \{\forall,\exists\}$  and F is a CNF. The quantifiers have their expected semantics. A QBFsolver checks if a QBF is satisfiable. We write (sat, a) :=QSAT( $\exists \overline{a} . Q_1 \overline{x} . Q_2 \overline{y} ... F(\overline{a}, \overline{x}, \overline{y}, ...))$  for QBF-solver calls. The satisfying assignment a can only be extracted for variables that are quantified existentially on the outermost level. Finally, we write  $\mathbf{b} := \mathbf{QCORE}(\mathbf{a}, \exists \overline{a} . Q_1 \overline{x} . Q_2 \overline{y} ... F(\overline{a}, \overline{x}, \overline{y}, ...))$  to denote the extraction of an unsatisfiable core.

This work was supported in part by the Austrian Science Fund (FWF) through the national research network RiSE (S11406-N23, S11409-N23) and the project QUAINT (I774-N23), as well as by the European Commission through project STANCE (317753).



Fig. 1. Implementation of a strategy. (FF = flip-flops).

**Circuit Synthesis.** A strategy is a formula  $S(\overline{x}, \overline{i}, \overline{o}, \overline{x}')$  such that  $\forall \overline{x}, \overline{i} \cdot \exists \overline{o}, \overline{x}' \cdot S$ , where  $\overline{x}, \overline{i}, \overline{o}$  are state-, input-, and outputbits, respectively, and  $\overline{x}'$  is the next-state copy of  $\overline{x}$ . Intuitively, for a given state x and input i, S defines allowed output-values o and next states  $\mathbf{x}': \mathbf{o}, \mathbf{x}'$  is allowed iff  $\mathbf{x} \wedge \mathbf{i} \wedge \mathbf{o} \wedge \mathbf{x}'$  satisfies S. Let  $\overline{u} = \overline{x} \cup \overline{i}$  and  $\overline{v} = \overline{o} \cup \overline{x}'$ . An implementation of  $S(\overline{u}, \overline{v})$  is a function  $f : 2^{|\overline{u}|} \to 2^{|\overline{v}|}$  such that  $\forall \overline{u} \cdot S(\overline{u}, f(\overline{u}))$ . This function can be implemented in hardware as shown in Fig. 1.

Strategies for safety specifications are particularly simple: given a winning region  $W(\overline{x})$  from which the specification can be enforced, and a complete<sup>1</sup> and deterministic<sup>2</sup> transition relation  $T(\overline{x}, \overline{i}, \overline{o}, \overline{x}')$  defining the state transitions, the strategy must pick values for  $\overline{o}$  such that the next state is in W again, i.e.,  $S = (\neg W(\overline{x})) \lor (T(\overline{x}, \overline{i}, \overline{o}, \overline{x}') \land W(\overline{x}'))$ . We only need to synthesize circuits for  $\overline{o}$ , and define  $\overline{x}'$  using T.

#### **III. CIRCUIT SYNTHESIS ALGORITHMS**

#### A. QBF-Certification

An implementation can be computed as Skolem functions<sup>3</sup> for the signals  $\overline{o}$  and  $\overline{x}'$  in the QBF  $\forall \overline{x}, \overline{i} . \exists \overline{o}, \overline{x}' . S(\overline{x}, \overline{i}, \overline{o}, \overline{x}')$ . QBFCert [13] computes such functions using DepQBF [10].

**Optimizations for Safety Specifications.** We need to find Skolem functions for  $\overline{o}$  in  $\forall \overline{x}, \overline{i} : \exists \overline{o}, \overline{x}' . (\neg W) \lor (T \land W')$ . Yet, we achieve better results with QBFCert by computing Herbrand functions<sup>4</sup> in the unsatisfiable QBF  $\exists \overline{x}, \overline{i} : \forall \overline{o} : \exists \overline{x}' : W \land T \land \neg W'$ . This works because T is deterministic and complete. In our setting, W is in CNF, so the conjunctions in the latter formulation are simpler to realize in CNF. Also, the clause resolution proofs required for unsatisfiable QBFs are usually less expensive than the cube resolution proofs for satisfiable ones. Still, the intermediate files produced by QBFCert can grow large (hundreds of GB). One reason is that a straightforward CNF encoding of  $\neg W'$  requires many auxiliary variables and clauses. We could reduce the size of the files by up to a factor of 30 by learning a CNF representation of  $\neg W'$  without introducing auxiliary variables using the following algorithm:

```
1: procedure NEGLEARN(W'), returns: \neg W'
```

```
2: N' := true
```

3: while sat, with 
$$(sat, \mathbf{x}) := PSAT(W' \land N')$$
 do

4:  $N' := N' \land \neg PCORE(\mathbf{x}, \neg W')$ 

5: return 
$$N'$$

<sup>1</sup>I.e.,  $\forall \overline{x}, \overline{i}, \overline{o} . \exists \overline{x}' . T(\overline{x}, \overline{i}, \overline{o}, \overline{x}')$ . *T* can always be made complete: if some input is not allowed by the original specification, *T* can allow for arbitrary outputs; if some output is not allowed originally, *T* can visit an unsafe state. <sup>2</sup>I.e.,  $\forall \overline{x}, \overline{i}, \overline{o}, \overline{x_1}', \overline{x_2}' . (T(\overline{x}, \overline{i}, \overline{o}, \overline{x_1}') \land T(\overline{x}, \overline{i}, \overline{o}, \overline{x_2}')) \Rightarrow (\overline{x_1}' = \overline{x_2}')$ .

<sup>3</sup>Skolem functions define existentially quantified variables as a function over the universally quantified ones such that the QBF becomes **true**.

<sup>4</sup>Herbrand functions define universally quantified variables as a function over the existentially quantified ones such that the QBF becomes **false**.

As long as N' is not yet  $\neg W'$ , i.e.,  $W' \land N'$  is still satisfiable, we refine N' with a clause that excludes the cube x witnessing this insufficiency. By taking the unsatisfiable core, the clause eliminates also other counterexamples. Since clauses are only added, NEGLEARN is suitable for incremental SAT solving.

Using incremental SAT solving, we also simplify W by removing literals and clauses as long as W does not change semantically. This is applied to all following methods as well.

# B. QBF-Based Learning

In [7], several learning-based circuit synthesis algorithms are presented and implemented using BDDs. Here, we discuss an efficient implementation of the CNF-learning algorithm using a QBF-solver. Since QBF-solvers operate on CNFs, this algorithm is particularly suitable. It can be defined as follows.

1: procedure SYLEARNQBF
$$(S(\overline{x}, i, \overline{o}, \overline{x}'))$$

2: 
$$u := x \cup i, \quad v_a := v := o \cup x'$$

- 3: for  $v \in \overline{v}$  do
- 4:  $\overline{v}_a := \overline{v}_a \setminus \{v\}, \ \overline{v}_e := \overline{v} \setminus \overline{v}_a, \ f_v := \mathbf{true}, \ R := v \wedge \neg S$
- 5: while sat, with  $(sat, \mathbf{u}) := \mathbf{QSAT}(\exists \overline{u} . \forall \overline{v}_a . \exists \overline{v}_e . R)$  do
- 6:  $\mathbf{u}_2 := \operatorname{QCORE}(\mathbf{u}, \exists \overline{u} \, . \, \forall \overline{o_a} \, . \, \exists \overline{o_e}, \overline{x'} \, . \, \neg v \land \neg S)$

7: 
$$f_v := f_v \land \neg \mathbf{u}_2, \quad R := R \land \neg \mathbf{u}_2$$

8: DUMPCIRCUIT
$$(v, f_v), S := S \land (v \leftrightarrow f_v)$$

SYLEARNQBF builds up circuits in  $f_v$  for one  $v \in \overline{v}$  after the other. Initially,  $f_v = \mathbf{true}$ , i.e., the circuit always outputs  $\mathbf{true}$ . While there exists an input  $\mathbf{u}$  for which v must be false (the QBF in line 5 is satisfiable),  $f_v$  is refined with a clause that maps  $\mathbf{u}$  to false. By taking the core in line 6, other inputs are also mapped to false as long as false is allowed by S. The final solution  $f_v$  is dumped, and S is refined with the implementation of v before the next circuit is computed. The final  $f_v$  are in CNF, so the circuits have a depth of only two. Even after optimizations and mapping to standard cells, the depth usually remains low [7], which enables fast clock rates.

Once  $\neg S$  is available in CNF, the algorithm only adds clauses to existing CNFs (i.e., to R and  $f_v$ ). Only for the resubstitution in line 8, a CNF encoding of  $\neg f_v$  is needed.

**Optimizations for Safety Specifications.** As in Sect. III-A,  $\neg S$  is defined as  $W \land T \land \neg W'$ . This requires a CNF encoding of  $\neg W'$ . While computing  $\neg W'$  with NEGLEARN is beneficial for QBFCert, it does not pay off for SYLEARNQBF. Hence, we build a CNF for  $\neg W'$  with one auxiliary variable per clause of W'. Recently, the QBF solver DepQBF was equipped with incremental solving capabilities [11]. SYLEARNQBF is well suited for incremental solving. We use two solver instances for line 5 and 6 respectively. For each  $v \in \overline{v}$ , a new incremental session is started. During the inner loop, we only add clauses to the former solver. The QBF of the latter even stays the same. DepQBF supports unsatisfiable cores natively. The resulting cores are small but not necessarily minimal, so we iterate over the remaining literals to obtain even smaller cores because (slightly) smaller cores typically mean (much) less iterations.

### C. Interpolation

Jiang et al. [8] present two interpolation-based approaches to synthesize circuits for one  $v \in \overline{v}$  after the other. The first one

expands S over  $\overline{v}$ . We consider this intractable in our setting. The second approach circumvents the quantifier alternation and expansion by temporarily treating output signals as inputs:

- 1: **procedure** SYINT $(S(\overline{x}, \overline{i}, \overline{o}, \overline{x}'))$
- $2: \quad \overline{d} := \overline{x} \cup \overline{i} \cup \overline{o} \cup \overline{x}', \quad \overline{r} := \emptyset$
- 3: for  $v \in \overline{v}$  do
- 4:  $\overline{d} := \overline{d} \setminus \{v\}, \ \overline{r} := \overline{r} \cup \{v\}$
- 5:  $\overline{r}_1, \overline{r}_2, \overline{r}_3, \overline{r}_4 := \text{create4FreshCopies}(\overline{r})$
- $6: \qquad M_1(\overline{d},\overline{r}_1,\overline{r}_2) := (S \wedge v)[\overline{r} \leftarrow \overline{r}_1] \wedge (\neg S \wedge \neg v)[\overline{r} \leftarrow \overline{r}_2]$
- $7: \qquad M_0(\overline{d}, \overline{r}_3, \overline{r}_4) := (\underline{S} \land \neg v)[\overline{r} \leftarrow \overline{r}_3] \land (\neg S \land v)[\overline{r} \leftarrow \overline{r}_4]$
- 8:  $f_v(\overline{d}) := \operatorname{INT}(M_1(\overline{d}, \overline{r}_1, \overline{r}_2), M_0(\overline{d}, \overline{r}_3, \overline{r}_4))$
- 9: DUMPCIRCUIT $(v, f_v), S := S \land (v \leftrightarrow f_v)$

In each iteration,  $\overline{d}$  contains all variables on which the implementation of the current  $v \in \overline{v}$  can depend, and  $\overline{r}$  contains the rest. For  $\overline{v} = (v_1, \ldots, v_n)$ ,  $v_1$  can depend not only on  $\overline{u}$  but also on  $(v_2, \ldots, v_n)$ ,  $v_2$  can depend on  $\overline{u}$  and  $(v_3, \ldots, v_n)$ , etc. Yet, when the circuits for all  $v \in \overline{v}$  are built together, the signals  $\overline{v}$  effectively depend on  $\overline{u}$  only. The formulas  $M_1$  and  $M_0$  characterize the  $\overline{d}$ -vectors for which v must be set to true and false respectively. The syntax  $[\overline{r} \leftarrow \overline{r}_i]$  means that the variables  $\overline{r}$  are renamed by fresh copies  $\overline{r}_i$ . Line 8 computes an interpolant between  $M_1$  and  $M_0$ . The property  $M_1 \Rightarrow f_v \Rightarrow \neg M_0$  of the interpolant ensures that (a)  $f_v$  is true then it does not have to be false. The renaming of the variables  $\overline{r}$  has the effect that  $f_v$  can only depend on the shared signals  $\overline{d}$ .

**Optimizations for Safety Specifications.** In order to avoid double-negations of W in S by negating S, we compute

$$M_1 := (T \land W' \land v)[\overline{r} \leftarrow \overline{r}_1] \land (T \land \neg v \land W \land \neg W')[\overline{r} \leftarrow \overline{r}_2]$$
$$M_0 := (T \land W' \land \neg v)[\overline{r} \leftarrow \overline{r}_3] \land (T \land v \land W \land \neg W')[\overline{r} \leftarrow \overline{r}_4]$$

Note the difference to a plain substitution of  $S = T \land (\neg W \lor W')$  and  $\neg S = T \land W \land \neg W'$  in SYINT:  $(\neg W \lor W')$  reduces to W' due to the conjunction with W from  $\neg S$ . This is fortunate because disjunctions are expensive in CNF. Since SYINT allows  $v_i$  to depend on other  $v_j$  with j > i, it is sensitive to the variable order, both regarding execution time and circuit size. We exploit this insight with the following optimization. Once  $v_i$  has been synthesized, we analyze on which  $v_j$  it actually depends. If  $v_i$  does not depend on a particular  $v_j$ , then  $v_j$  is allowed to depend on  $v_i$ . This gives an increased flexibility without introducing circular dependencies. We simplify all computed interpolants with ABC<sup>5</sup> [5].

# D. SAT-Based Learning

Here, we use SYINT but with a special interpolation procedure (called in line 8) that applies computational learning:

1: procedure INTLEARN
$$(M_1(\overline{d}, \overline{r}_1, \overline{r}_2), M_0(\overline{d}, \overline{r}_3, \overline{r}_4))$$

2: 
$$f := \mathbf{true}$$
  
3: while sat, with  $(\mathsf{sat}, \mathbf{d}) := \mathsf{PSAT}(M_0 \land f)$   
4:  $f := f \land \neg \mathsf{PCORE}(\mathbf{d}, M_1)$   
5: return  $f$ 

As long as there exists some d for which f is **true** but must be **false**, i.e.,  $M_0 \wedge f$  is satisfiable, we refine f with an additional clause that excludes the cube d witnessing this insufficiency. By taking the unsatisfiable core, other inputs are also mapped to **false** as long as **false** is allowed.

Optimizations. We use two SAT solver instances, one for line 3 and one for line 4. A new incremental session is started upon each call of INTLEARN. Using activation variables to set  $\overline{v}$ -variables to true, false, or equal to their renamed copy, we can even use one incremental session throughout the entire SYINT procedure. However, this did not result in significant improvements in our experiments. All optimizations discussed in Sect. III-C can be applied. We also extended the variable dependency optimization further: The CNF T often contains many auxiliary variables that are defined uniquely by other signals of  $\overline{x}$ ,  $\overline{i}$ ,  $\overline{o}$ . If some of these auxiliary variables depend only on  $\overline{d}$ , then we allow f to depend on them as well by including them into d. This can be beneficial because these auxiliary variables often capture the important connections between the variables  $\overline{x}$ ,  $\overline{i}$ ,  $\overline{o}$ . When dumping the circuits, we add additional gates that define the referenced auxiliary variables as done by T. We also implemented a second minimization pass that tries to remove every clause and literal from every CNF f after SYINT is done. However, this only results in minor circuit size improvements (around 20%).

#### IV. EXPERIMENTAL RESULTS

# A. Implementation

We implemented the discussed methods and optimizations in the SAT-based synthesis tool Demiurge<sup>6</sup> [4]. Demiurge synthesizes AIGER<sup>7</sup> circuits from safety specifications and complies with the SyntComp<sup>8</sup> competition rules. The archive of version 1.1.0 contains way more experiments than reported here. E.g., for the SAT-based learning approach alone we implemented 24 variants. Here, we only compare interesting versions, summarized in the following table.

| Name | Engine        | Algorithm                      |
|------|---------------|--------------------------------|
| BDD  | CuDD 2.4.2    | Cofactor-Based [3]             |
| QC   | QBFCert 1.0   | QBF-Certification (Sect III-A) |
| QL   | DepQBF 3.02   | SYLEARNQBF (Sect III-B)        |
| SI   | MathSAT 5     | SYINT (Sect III-C)             |
| SL   | Lingeling ats | SYINT+INTLEARN (Sect III-D)    |
| SLN  | Lingeling ats | SL without dependency opt.     |

BDD serves as baseline for our comparison. It was created by students and won a competition held in a synthesis lecture. It implements a cofactor-based approach [3], uses dynamic variable reordering, and forced reorderings at certain points. QC, QL, SI, and SL implement the methods from the previous section with all optimizations. SLN is used to highlight the benefits of the dependency optimization. All our methods use ABC<sup>5</sup> [5] to minimize the final circuits further. SI uses

do

<sup>&</sup>lt;sup>5</sup>We use the command sequence strash; refactor -zl; rewrite -zl; up to 3 times, followed by dfraig; rewrite -zl; dfraig;.

<sup>&</sup>lt;sup>6</sup>http://www.iaik.tugraz.at/content/research/design\_verification/demiurge/. <sup>7</sup>http://fmv.jku.at/aiger/

<sup>&</sup>lt;sup>8</sup>http://www.syntcomp.org/

MathSAT, which supports several interpolation schemes. We use McMillan's scheme (see [6]), but the performance is similar with other schemes. We also implemented our own interpolation engine by processing proofs produced by PicoSat. However, the proof files grew prohibitively large.

The limitations of our implementation are that it can only handle safety specifications in AIGER format, it can produce circuit only in AIGER format, and it runs under Linux only.

# B. Benchmarks

We use the same benchmarks as [4], but report here only results for the interesting ones. The benchmarks ambaijspecify an arbiter for ARM's AMBA AHB bus [3], where *i* is the number of masters, and  $j \in \{c, b, f\}$  indicates the method used to transform the original benchmark [3] into our input format [4]. The benchmarks genbufij, again with  $j \in \{c, b, f\}$ , define a generalized buffer [3] connecting *i* senders to two receivers. The specifications add*i* and mult*i* denote *i*-bit combinational adders and multipliers.

# C. Results and Discussion

Fig. 2 summarizes our results with cactus plots. The y-axis gives the execution time or circuit size, and the x-axis gives the number of benchmarks that can be solved within this time or size limit. Concrete numbers and more plots can be found in an extended version [2] of this paper and in the downloadable archive. All experiments were performed on an Intel Xeon E5430 CPU running a 64 bit Linux at 2.66 GHz. The memory limit was set to 8 GB, the time-out to 10 000 seconds. All circuits have been successfully model checked.

Method SL achieves the best results both regarding execution time and circuit size. The dependency optimization (SL vs. SLN) is very beneficial for add and mult, but slower for amba and genbuf. QC, QL, and SI do not perform so well. Using incremental QBF solving in QL gives an average speedup of factor 3.5. The speedup factor compared to using the QBF preprocessor Blogger is even 21. Still, QL is not very competitive. BDD is much better, but still outperformed by SL. In particular, SL outperforms SI by many orders of magnitude. Hence, our idea of implementing the interpolation procedure with computational learning is very beneficial. Execution time and circuit size are not in conflict but rather correlate. The time for optimization with ABC is usually insignificant, but only yields moderate size reductions (around 25% for SL). Using method SLN, Demiurge won a track of SyntComp 2014. One reason was the small circuit size compared to other tools.

# V. CONCLUSION

We compared several SAT- and QBF-based methods to synthesize circuits from strategies, and presented optimizations and efficient implementations for safety specifications. Our SAT-based learning method combines the quantifier elimination approach by Jiang et al. [8] with computational learning as proposed by Ehlers et al. [7], and outperforms BDDs both regarding execution time and circuit size in our experiments.

Future research includes preprocessing for incremental QBF solving, exploiting unreachable states, and parallelization.



(a) Execution time for amba and genbuf.



(b) Execution time for add and mult.



(c) Circuit size for all benchmarks.

Fig. 2. Cactus plots summarizing our performance evaluation.

#### REFERENCES

- A. Biere, M. Heule, H. van Maaren, and T. Walsh, editors. *Handbook* of Satisfiability. IOS Press, 2009.
- [2] R. Bloem, U. Egly, P. Klampfl, R. Könighofer, and F. Lonsing. SATbased methods for circuit synthesis. *CoRR*, abs/1408.2333, 2014.
- [3] R. Bloem, S. J. Galler, B. Jobstmann, N. Piterman, A. Pnueli, and M. Weiglhofer. Specify, compile, run: Hardware from PSL. *Electr. Notes Theor. Comput. Sci.*, 190(4):3–16, 2007.
- [4] R. Bloem, R. Könighofer, and M. Seidl. SAT-based synthesis methods for safety specs. In VMCAI'14. Springer, 2014.
- [5] R. K. Brayton and A. Mishchenko. ABC: An academic industrialstrength verification tool. In CAV'10. Springer, 2010.
- [6] V. D'Silva, D. Kroening, M. Purandare, and G. Weissenbacher. Interpolant strength. In VMCAI'10. Springer, 2010.
- [7] R. Ehlers, R. Könighofer, and G. Hofferek. Symbolically synthesizing small circuits. In *FMCAD'12*. IEEE, 2012.
- [8] J.-H. R. Jiang, H.-P. Lin, and W.-L. Hung. Interpolating functions from large boolean relations. In *ICCAD*'09. IEEE, 2009.
- [9] B. Jobstmann, S. Staber, A. Griesmayer, and R. Bloem. Finding and fixing faults. J. Comput. Syst. Sci., 78(2):441–460, 2012.
- [10] F. Lonsing and A. Biere. DepQBF: A dependency-aware QBF solver. JSAT, 7(2-3):71–76, 2010.
- [11] F. Lonsing and U. Egly. Incremental QBF solving. In CP'14. Springer, 2014. To appear.
- [12] A. Morgenstern, M. Gesell, and K. Schneider. Solving games using incremental induction. In *IFM'13*. Springer, 2013.
- [13] A. Niemetz, M. Preiner, F. Lonsing, M. Seidl, and A. Biere. Resolutionbased certificate extraction for QBF. In SAT'12. Springer, 2012.
- [14] A. Solar-Lezama. The sketching approach to program synthesis. In APLAS'09. Springer, 2009.