Proving Consistency Assertions for Automotive Product Data Management Wolfgang K¨ uchlin and Carsten Sinz Symbolic Computation Group, WSI for Computer Science, University of T¨ ubingen and Steinbeis Technology Transfer Center OIT, Sand 13, D-72076 T¨ ubingen, Germany http://www-sr.informatik.uni-tuebingen.de Abstract. We present a formal specification and verification approach for industrial product data bases containing Boolean logic formulae to express constraints. Within this framework, global consistency assertions about the product data are converted into propositional satisfiability problems. Today’s state-of-the-art provers turn out to be surprisingly efficient in solving the SAT-instances generated by this process. Moreover, we introduce a method for encoding special non-monotonic constructs in traditional Boolean logic. We have successfully applied our method to industrial automotive product data management and could establish a set of commercially used interactive tools that facilitate the management of change and help raise quality standards. Keywords: formal specification, verification, product data management, product configuration, industrial application 1. Introduction The use of formal methods is still uncommon in industrial practice [17]. Analysis of safety-critical systems and verification of both processors and protocols seem to be among the rare exceptions [10, 13, 15, 19]. The reason for this is manifold: First, there are intrinsic preconditions imposed on the process to be formalized. One is the requirement of precise, symbolic input data; this contrasts with the imprecise data delivered by physical measurement. Another is the algorithmic com- plexity of symbolic techniques which is usually much higher than that of numerical or heuristic procedures. Second, the industrial process to be formalized has to be understood very precisely in every aspect, and modeling has to start on a well-founded basis. The language in which the process is to be described must have sufficient expressive power, but should exclude intractable logics—incomplete, undecidable, or merely too time- or space-consuming for the intended purpose. Besides these intrinsic reasons there are more practical ones: On the one hand, one is faced with industrial prejudice against the power of formal verification [4]; on the other hand, research in the ATP commu- nity is often not directly concerned with real-world application aspects. c  2000 Kluwer Academic Publishers. Printed in the Netherlands. sat2000.tex; 19/01/2000; 17:36; p.1