The 41st CREST Open Workshop - Software Engineering And Computer Science Using Information
http://crest.cs.ucl.ac.uk/cow/the_41st_cow_27_and_28_april_2015/
We introduce a formal notation for the processing of event traces called Stream Logic (SL). A monitor evaluates a Boolean condition over an input trace, while a filter outputs events from an input trace depending on some monitor's verdict; both constructs can be freely composed. We show how all operators of Linear Temporal Logic, as well as the parametric slicing of an input trace, can be written as Stream Logic constructs.
from DevMotion Meetup on 2016-03-14
In our everyday work as developers, we are confronted with various software metrics. What do these numbers mean, how are they calculated? Do these metrics enable us to make better software?
In this talk we investigate the use of software metrics in general and also take a detailed look at several frequently used code quality metrics.
We will learn about the meaning and usefulness of metrics such as lines of code, cyclomatic complexity, duplication, package entanglement and unit test coverage.
We introduce a formal notation for the processing of event traces called Stream Logic (SL). A monitor evaluates a Boolean condition over an input trace, while a filter outputs events from an input trace depending on some monitor's verdict; both constructs can be freely composed. We show how all operators of Linear Temporal Logic, as well as the parametric slicing of an input trace, can be written as Stream Logic constructs.
from DevMotion Meetup on 2016-03-14
In our everyday work as developers, we are confronted with various software metrics. What do these numbers mean, how are they calculated? Do these metrics enable us to make better software?
In this talk we investigate the use of software metrics in general and also take a detailed look at several frequently used code quality metrics.
We will learn about the meaning and usefulness of metrics such as lines of code, cyclomatic complexity, duplication, package entanglement and unit test coverage.
Tech Talks @NSU: DLang: возможности языка и его применениеTech Talks @NSU
http://techtalks.nsu.ru
Видеозапись: http://www.youtube.com/watch?v=sfBrMhAxvFk
5 ноября 2013. DLang: возможности языка и его применение(Николай Толстокулаков, Ixtens)
"Николай Толстокулаков (Ixtens) рассказывает об истории, синтаксисе и фичах языка D."
Лекция прочитана в рамках проекта Tech Talks @NSU – серии открытых лекций о разработке ПО и карьере в IT, проводимых в Новосибирском государственном университете.
Подробности: http://techtalks.nsu.ru
MapReduce for Parallel Trace Validation of LTL PropertiesSylvain Hallé
We present an algorithm for the automated verification of Linear Temporal Logic formulae on event traces using an increasingly popular cloud computing framework called MapReduce. The algorithm can process multiple, arbitrary fragments of the trace in parallel, and compute its final result through a cycle of runs of MapReduce instances. Compared to classical, single-instance solutions, a proof-of-concept implementation shows through experimental evaluation how the algorithm reduces by as much as 90% the number of operations that must be performed linearly, resulting in a commensurate speed gain.
A formalization of complex event stream processingSylvain Hallé
Information systems in general, and business processes in particular, generate a wealth of information in the form of event traces or logs. The analysis of these logs, either offline or in real-time, can be put to numerous uses: computation of various statistics, detection of anomalous patterns or compliance violations of some form of contract. However, current solutions for Complex Event Processing (CEP) generally offer only a restricted set of predefined queries on traces, and otherwise require a user to write procedural code to compute custom queries. In this presentation, we present a formal and declarative language for the manipulation of event traces.
A lab report on modeling and simulation with python codeAlamgir Hossain
You can find the solution with Objective:
1.Write a program to implement Linear Congruential Generators in python.
2.Write a program to implement Bernouli distribution in python.
3. Write a program to implement Binomal distribution in python.
4. Write a program to implement geometry distribution in python.
5. Write a program to find GCD in python.
6. Write a program to find LCM in python.
Brief introduction to Algorithm analysis Anantha Ramu
Slide explains concepts
1. What is Asymptotic analysis
2. Why do we need it
3. Examples of Notation
4. What are the various kinds of Asymptotic analysis
5. How to compute Big O Notation
6. Big Oh examples
Tech Talks @NSU: DLang: возможности языка и его применениеTech Talks @NSU
http://techtalks.nsu.ru
Видеозапись: http://www.youtube.com/watch?v=sfBrMhAxvFk
5 ноября 2013. DLang: возможности языка и его применение(Николай Толстокулаков, Ixtens)
"Николай Толстокулаков (Ixtens) рассказывает об истории, синтаксисе и фичах языка D."
Лекция прочитана в рамках проекта Tech Talks @NSU – серии открытых лекций о разработке ПО и карьере в IT, проводимых в Новосибирском государственном университете.
Подробности: http://techtalks.nsu.ru
MapReduce for Parallel Trace Validation of LTL PropertiesSylvain Hallé
We present an algorithm for the automated verification of Linear Temporal Logic formulae on event traces using an increasingly popular cloud computing framework called MapReduce. The algorithm can process multiple, arbitrary fragments of the trace in parallel, and compute its final result through a cycle of runs of MapReduce instances. Compared to classical, single-instance solutions, a proof-of-concept implementation shows through experimental evaluation how the algorithm reduces by as much as 90% the number of operations that must be performed linearly, resulting in a commensurate speed gain.
A formalization of complex event stream processingSylvain Hallé
Information systems in general, and business processes in particular, generate a wealth of information in the form of event traces or logs. The analysis of these logs, either offline or in real-time, can be put to numerous uses: computation of various statistics, detection of anomalous patterns or compliance violations of some form of contract. However, current solutions for Complex Event Processing (CEP) generally offer only a restricted set of predefined queries on traces, and otherwise require a user to write procedural code to compute custom queries. In this presentation, we present a formal and declarative language for the manipulation of event traces.
A lab report on modeling and simulation with python codeAlamgir Hossain
You can find the solution with Objective:
1.Write a program to implement Linear Congruential Generators in python.
2.Write a program to implement Bernouli distribution in python.
3. Write a program to implement Binomal distribution in python.
4. Write a program to implement geometry distribution in python.
5. Write a program to find GCD in python.
6. Write a program to find LCM in python.
Brief introduction to Algorithm analysis Anantha Ramu
Slide explains concepts
1. What is Asymptotic analysis
2. Why do we need it
3. Examples of Notation
4. What are the various kinds of Asymptotic analysis
5. How to compute Big O Notation
6. Big Oh examples
IE 425 Homework 10Submit on Tuesday, 12101.(20 pts) C.docxsheronlewthwaite
IE 425 Homework 10
Submit on Tuesday, 12/10
1.(20 pts) Consider the M/M/1/∞ queuing system descried in Problem 5 in Homework 9. Show
that:
(a) (11 pts) The average number of customers in the system is:
L =
λ
µ−λ
Hint:
L =
∞∑
n=0
nπn,
∞∑
n=0
nρn−1 =
d
dρ
∞∑
n=0
ρn =
d
dρ
(
1
1 −ρ
)
=
1
(1 −ρ)2
(b) (3 pts) The average waiting time in the system (from entrance to exist) is:
W =
1
µ−λ
(c) (3 pts) The average waiting time in the queue, not including service, is:
W0 =
λ
µ(µ−λ)
(d) (3 pts) The average number of customers in the queue, not including service, is:
L0 =
λ2
µ(µ−λ)
2.(15 pts) Consider the M/M/c/∞ queuing system descried in Problem 6 in Homework 9. Show
that:
L0 =
π0
c!
(
λ
µ
)c (
λ
cµ
)(
1 −
λ
cµ
)−2
Then, using Little’s law, we can compute:
W0 =
L0
λ
, W = W0 +
1
µ
, L = λW = λ
(
W0 +
1
µ
)
= L0 +
λ
µ
Hint:
L0 =
∞∑
n=c
(n− c)πn =
∞∑
m=0
mπc+m,
∞∑
m=0
mρm =
ρ
(1 −ρ)2
3.(15 pts) Consider the M/M/∞/∞ queuing system descried in Problem 7 in Homework 9. Show
that:
L =
λ
µ
, W =
1
µ
, W0 = 0, L0 = 0
4.(15 pts) Consider the M/M/c/c queuing system descried in Problem 8 in Homework 9.
(a) (3 pts) Explain why L0 = 0 and W0 = 0.
(b) (3 pts) Explain why W = 1
µ
.
1
(c) (5 pts) Explain why the mean arrival rate to the system is λ(1 −πc)
(d) (4 pts) Show that:
L =
λ
µ
(1 −πc)
5. (20 pts) Consider the M/M/c/k queuing system descried in Problem 9 in Homework 9. Show
that:
(a) (14 pts)
L0 =
π0
c!
(
λ
µ
)c (
λ
cµ
)(
1 −
λ
cµ
)−2 [
1 −
(
λ
cµ
)k−c
− (k − c)
(
λ
cµ
)k−c (
1 −
λ
cµ
)]
Hint:
L0 =
∞∑
n=c
(n− c)πn,
M∑
m=0
mρm−1 =
d
dρ
M∑
m=0
ρm
(b) (2 pts) Explain why:
L = L0 +
c−1∑
n=0
nπn + c
(
1 −
c−1∑
n=0
πn
)
(c) (2 pts) Explain why the mean arrival rate to the system is λ(1 −πk).
(d) (2 pts) Show that:
W0 =
L0
λ(1 −πk)
W =
L0
λ(1 −πk)
+
1
µ
6. (15 pts) For the M/M/c/∞ queuing system with a finite calling population N descried in
Problem 10 in Homework 9, it is more convenient to use the generic formulas to compute the queue
length and the number of customers in the system :
L0 =
N∑
n=c+1
(n− c)πn
L = L0 +
c−1∑
n=0
nπn + c
(
1 −
c−1∑
n=0
πn
)
(a) (10 pts) Show that the mean arrival rate to the system is:
N∑
n=0
(N −n)λπn = · · · = λ(N −L)
(b) (5 pts) Show that:
W0 =
L0
λ(N −L)
W =
L0
λ(N −L)
+
1
µ
2
IE 425 Homework 9
Submit on Tuesday, 12/3
1. Report your notebook score for Midterm Exam 2 along with a picture as the proof.
2. (11 pts) Consider a Discrete State Continuous Time Markov Chain (DSCTMC) defined on
Ω = {1, 2, 3} with generator matrix G:
G =
−6 2 41 −2 1
3 1 −4
Suppose the DSCTMC is in state 1.
(a) What is the expected time until the DSCTMC leaves state 1?
(b) What is the probability that the DSCTMC will jump to state 2 after it leaves state 1?
In Problem 3 ∼ Problem 10, model the systems as DSCTMCs. For each DSCTMC:
(a) Define the states of the DSCTMC and write down their holding time distributio ...
A brief information about the SCOP protein database used in bioinformatics.
The Structural Classification of Proteins (SCOP) database is a comprehensive and authoritative resource for the structural and evolutionary relationships of proteins. It provides a detailed and curated classification of protein structures, grouping them into families, superfamilies, and folds based on their structural and sequence similarities.
THE IMPORTANCE OF MARTIAN ATMOSPHERE SAMPLE RETURN.Sérgio Sacani
The return of a sample of near-surface atmosphere from Mars would facilitate answers to several first-order science questions surrounding the formation and evolution of the planet. One of the important aspects of terrestrial planet formation in general is the role that primary atmospheres played in influencing the chemistry and structure of the planets and their antecedents. Studies of the martian atmosphere can be used to investigate the role of a primary atmosphere in its history. Atmosphere samples would also inform our understanding of the near-surface chemistry of the planet, and ultimately the prospects for life. High-precision isotopic analyses of constituent gases are needed to address these questions, requiring that the analyses are made on returned samples rather than in situ.
What is greenhouse gasses and how many gasses are there to affect the Earth.moosaasad1975
What are greenhouse gasses how they affect the earth and its environment what is the future of the environment and earth how the weather and the climate effects.
Multi-source connectivity as the driver of solar wind variability in the heli...Sérgio Sacani
The ambient solar wind that flls the heliosphere originates from multiple
sources in the solar corona and is highly structured. It is often described
as high-speed, relatively homogeneous, plasma streams from coronal
holes and slow-speed, highly variable, streams whose source regions are
under debate. A key goal of ESA/NASA’s Solar Orbiter mission is to identify
solar wind sources and understand what drives the complexity seen in the
heliosphere. By combining magnetic feld modelling and spectroscopic
techniques with high-resolution observations and measurements, we show
that the solar wind variability detected in situ by Solar Orbiter in March
2022 is driven by spatio-temporal changes in the magnetic connectivity to
multiple sources in the solar atmosphere. The magnetic feld footpoints
connected to the spacecraft moved from the boundaries of a coronal hole
to one active region (12961) and then across to another region (12957). This
is refected in the in situ measurements, which show the transition from fast
to highly Alfvénic then to slow solar wind that is disrupted by the arrival of
a coronal mass ejection. Our results describe solar wind variability at 0.5 au
but are applicable to near-Earth observatories.
Earliest Galaxies in the JADES Origins Field: Luminosity Function and Cosmic ...Sérgio Sacani
We characterize the earliest galaxy population in the JADES Origins Field (JOF), the deepest
imaging field observed with JWST. We make use of the ancillary Hubble optical images (5 filters
spanning 0.4−0.9µm) and novel JWST images with 14 filters spanning 0.8−5µm, including 7 mediumband filters, and reaching total exposure times of up to 46 hours per filter. We combine all our data
at > 2.3µm to construct an ultradeep image, reaching as deep as ≈ 31.4 AB mag in the stack and
30.3-31.0 AB mag (5σ, r = 0.1” circular aperture) in individual filters. We measure photometric
redshifts and use robust selection criteria to identify a sample of eight galaxy candidates at redshifts
z = 11.5 − 15. These objects show compact half-light radii of R1/2 ∼ 50 − 200pc, stellar masses of
M⋆ ∼ 107−108M⊙, and star-formation rates of SFR ∼ 0.1−1 M⊙ yr−1
. Our search finds no candidates
at 15 < z < 20, placing upper limits at these redshifts. We develop a forward modeling approach to
infer the properties of the evolving luminosity function without binning in redshift or luminosity that
marginalizes over the photometric redshift uncertainty of our candidate galaxies and incorporates the
impact of non-detections. We find a z = 12 luminosity function in good agreement with prior results,
and that the luminosity function normalization and UV luminosity density decline by a factor of ∼ 2.5
from z = 12 to z = 14. We discuss the possible implications of our results in the context of theoretical
models for evolution of the dark matter halo mass function.
Cancer cell metabolism: special Reference to Lactate PathwayAADYARAJPANDEY1
Normal Cell Metabolism:
Cellular respiration describes the series of steps that cells use to break down sugar and other chemicals to get the energy we need to function.
Energy is stored in the bonds of glucose and when glucose is broken down, much of that energy is released.
Cell utilize energy in the form of ATP.
The first step of respiration is called glycolysis. In a series of steps, glycolysis breaks glucose into two smaller molecules - a chemical called pyruvate. A small amount of ATP is formed during this process.
Most healthy cells continue the breakdown in a second process, called the Kreb's cycle. The Kreb's cycle allows cells to “burn” the pyruvates made in glycolysis to get more ATP.
The last step in the breakdown of glucose is called oxidative phosphorylation (Ox-Phos).
It takes place in specialized cell structures called mitochondria. This process produces a large amount of ATP. Importantly, cells need oxygen to complete oxidative phosphorylation.
If a cell completes only glycolysis, only 2 molecules of ATP are made per glucose. However, if the cell completes the entire respiration process (glycolysis - Kreb's - oxidative phosphorylation), about 36 molecules of ATP are created, giving it much more energy to use.
IN CANCER CELL:
Unlike healthy cells that "burn" the entire molecule of sugar to capture a large amount of energy as ATP, cancer cells are wasteful.
Cancer cells only partially break down sugar molecules. They overuse the first step of respiration, glycolysis. They frequently do not complete the second step, oxidative phosphorylation.
This results in only 2 molecules of ATP per each glucose molecule instead of the 36 or so ATPs healthy cells gain. As a result, cancer cells need to use a lot more sugar molecules to get enough energy to survive.
Unlike healthy cells that "burn" the entire molecule of sugar to capture a large amount of energy as ATP, cancer cells are wasteful.
Cancer cells only partially break down sugar molecules. They overuse the first step of respiration, glycolysis. They frequently do not complete the second step, oxidative phosphorylation.
This results in only 2 molecules of ATP per each glucose molecule instead of the 36 or so ATPs healthy cells gain. As a result, cancer cells need to use a lot more sugar molecules to get enough energy to survive.
introduction to WARBERG PHENOMENA:
WARBURG EFFECT Usually, cancer cells are highly glycolytic (glucose addiction) and take up more glucose than do normal cells from outside.
Otto Heinrich Warburg (; 8 October 1883 – 1 August 1970) In 1931 was awarded the Nobel Prize in Physiology for his "discovery of the nature and mode of action of the respiratory enzyme.
WARNBURG EFFECT : cancer cells under aerobic (well-oxygenated) conditions to metabolize glucose to lactate (aerobic glycolysis) is known as the Warburg effect. Warburg made the observation that tumor slices consume glucose and secrete lactate at a higher rate than normal tissues.
(May 29th, 2024) Advancements in Intravital Microscopy- Insights for Preclini...Scintica Instrumentation
Intravital microscopy (IVM) is a powerful tool utilized to study cellular behavior over time and space in vivo. Much of our understanding of cell biology has been accomplished using various in vitro and ex vivo methods; however, these studies do not necessarily reflect the natural dynamics of biological processes. Unlike traditional cell culture or fixed tissue imaging, IVM allows for the ultra-fast high-resolution imaging of cellular processes over time and space and were studied in its natural environment. Real-time visualization of biological processes in the context of an intact organism helps maintain physiological relevance and provide insights into the progression of disease, response to treatments or developmental processes.
In this webinar we give an overview of advanced applications of the IVM system in preclinical research. IVIM technology is a provider of all-in-one intravital microscopy systems and solutions optimized for in vivo imaging of live animal models at sub-micron resolution. The system’s unique features and user-friendly software enables researchers to probe fast dynamic biological processes such as immune cell tracking, cell-cell interaction as well as vascularization and tumor metastasis with exceptional detail. This webinar will also give an overview of IVM being utilized in drug development, offering a view into the intricate interaction between drugs/nanoparticles and tissues in vivo and allows for the evaluation of therapeutic intervention in a variety of tissues and organs. This interdisciplinary collaboration continues to drive the advancements of novel therapeutic strategies.
The ASGCT Annual Meeting was packed with exciting progress in the field advan...
Quantifying Information Leaks via Model Counting Modulo Theories
1. Quantifying Information Leaks via
Model Counting Modulo Theories
Sang Phan
Queen Mary University of London
April 28, 2015
1 / 20
2. Information Flow
Secret input (H) Public input (L)
Program P
Public Output (O)
Non-interference
Public input (L)
Program P
Secret input (H)
Information leaked
Public Output (O)
√
?
2 / 20
3. Non-interference is unachievable
int check(int H, int L){
int O;
if (L == H)
O = ACCEPT;
else O = REJECT;
return O;
}
password check
Secret input (H) Public input (L)
Program P
Public Output (O)
Non-interference
Public input (L)
Program P
Secret input (H)
Information leaked
Public Output (O)
√
?
Leaks = Secrecy before observing - Secrecy after observing
∆E (XH) = E(XH) − E(XH|XO)
3 / 20
4. Quantifying Information Leaks
Theorem of Channel Capacity
∆E (XH) ≤ log2(|O|)
has been proved for Shannon entropy and R´enyi’s min-entropy
holds for all possible distributions of XH.
is the basis of state-of-the-art techniques for Quantitative
Information Flow analysis.
Definition
Quantitative Information Flow (QIF) is the problem of counting N,
the number of possible outputs of a given program P.
4 / 20
5. Quantifying as Counting
Adversary
tries to infer
H from L and O
H
L
O
f
O is stored as a bit vector b1b2 . . . bM.
Assume we have a first-order formula ϕP such that:
ϕP contains a set of Boolean variables VI := {p1, p2, .., pM }
pi = if and only if bi is 1, and pi = ⊥ if and only if bi = 0
Counting outputs of P ≡ Counting models of ϕP w.r.t. VI
5 / 20
6. Model Counting Modulo Theories
SAT
generalize to first-order theories
#SAT
SMT
generalize to
counting models
7. Model Counting Modulo Theories
SAT
generalize to first-order theories
#SAT
SMT
generalize to
counting models
generalize to first-order theories
generalize to
counting models
#SMT
6 / 20
9. QIF as #SMT
P ϕP
QIF #SMT
Formal methods DPLL(T )
Two approaches:
Use formal methods to mimic DPLL(T ).
Generate ϕP, then using DPLL(T ).
8 / 20
10. QIF analysis using Model Checking
for all i from 1 to M do
bi = (O >> (i - 1)) & 1
if (bi == 1) then
pi ←
else
pi ← ⊥
Figure : Program instrumentation to build the set VI
The algorithm consists of two components:
A procedure to enumerate bit configurations (similar to DPLL)
A model checker to check the existence of the bit
configurations (similar to the T -solver)
9 / 20
12. QIF analysis using Symbolic Execution
Symbolic Execution
A program analysis technique that has several applications, in
particular automated test generation.
Executing programs with symbols instead of concrete inputs.
11 / 20
13. QIF analysis using Symbolic Execution
Symbolic Execution as DPLL Modulo Theories
DPLL(T ) = DPLL + T -solver
Symbolic Executor = Boolean Executor + T -solver
Add conditions to test each bits of the output:
for all i from 1 to M do
bi = (O >> (i - 1)) & 1
if (bi == 1) then
pi ←
else
pi ← ⊥
Figure : Program instrumentation to build the set VI
12 / 20
14. QIF analysis using Symbolic Execution
s1
s2 s3
p1
p1
p2 p2
H ≥ 16
pc := (H 16)
H < 16
pc := (H ≥ 16)<
pc ∧ p1 pc ∧ p1
pc ∧ p1 ∧ p2
pc ∧ p1 ∧ ¬p2
(H ≥ 16) and (H < 16): program conditions.
p1, p2, ..: additional conditions.
13 / 20
15. QIF analysis using a #SMT solver
Program transformation
L = 8;
if (H < 16)
O = H + L;
else
O = L;
(L1 = 8) ∧
(G0 = H0 < 16) ∧
(O1 = H0 + L1) ∧
(O2 = L1) ∧
(O3 = g?O1 : O3)
Figure : A simple program encoded into a first-order formula
Formula instrumentation to build the set VI :
(assert (= (= #b1 (( extract 0 0) O3)) p1))
14 / 20
16. QIF analysis using a #SMT solver
Use APIs provided by an SMT solver
Blocking clause
After finding a model
µ = l0 ∧ l1 ∧ · · · ∧ lm ∧ . . .
Add the clause:
block = ¬l0 ∨ ¬l1 ∨ · · · ∨ ¬lm
Depth-first search
Two components:
A DPLL like procedure to enumerate truth assignments.
Use the SMT solver to check consistency of the truth
assignments.
15 / 20
17. Implementation
Tools selected:
Model Checking: CBMC (Ansi C)
Symbolic Execution: Symbolic PathFinder (Java bytecode)
Program transformation: CBMC
SMT solver: z3
Benchmarks include:
Vulnerabilities in Linux kernel
Anonymity protocols
A Tax program from the European project HATS (Java)
Assumptions: all programs have bounded loops, no recursion.
16 / 20
18. Evaluation
Some of the experiments:
Case Study Policy LoC sqifc time selfcomp time
Data Sanitization - < 10 11.898 timed out
CVE-2011-2208 64 > 200 22.759 119.117
CVE-2011-2208 256 88.196 timed out
CVE-2011-1078 8 > 200 10.380 13.853
CVE-2011-1078 64 37.899 timed out
CRC 8 < 30 1.209 0.498
CRC 32 8.657 timed out
Figure : Times are in seconds, timeout is 30 minutes. In the first case
study, “-” means the policy is not specified.
17 / 20
19. Evaluation
Some of the experiments:
Benchmark Leaks
sqifc sqifc++ time
time CBMC aZ3 Total time
Data sanitization 4 11.898 0.165 0.086 0.251
Implicit flow 2.81 5.033 0.169 0.049 0.218
Population count 5.04 17.278 0.162 0.398 0.560
Mix and duplicate 16 - 0.154 136.947 137.101
Masked copy 16 - 0.175 18.630 18.805
Sum query 4.81 64.557 0.162 0.133 0.295
Ten random outputs 3.32 64.202 0.160 0.093 0.253
CRC (8) 3 2.551 0.184 0.099 0.283
CRC (32) 5 7.755 0.193 0.325 0.518
Figure : Leaks are in bits. aZ3 runs with the DFS-based algorithm.
Times are in seconds, “-” means timeout in one hour. Total time of
sqifc++ is the sum of CBMC time and aZ3 time.
18 / 20
20. Conclusions
P
program transformation
ϕP
QIF #SMT
Formal methods DPLL(T )
Two approaches:
Use formal methods to mimic DPLL(T ).
QIF analysis using Model Checking.
QIF analysis using Symbolic Execution.
Generate ϕP, then using DPLL(T ).
Generate ϕP using program transformation.
Extend an SMT solver for #SMT.
19 / 20