GRASP: A Search Algorithm
for Propositional Satisfiability
Joa
Ä
o P. Marques-Silva, Member, IEEE, and Karem A. Sakallah, Fellow, IEEE
AbstractÐThis paper introduces GRASP (Generic seaRch Algorithm for the Satisfiability Problem), a new search algorithm for
Propositional Satisfiability (SAT). GRASP incorporates several search-pruning techniques that proved to be quite powerful on a wide
variety of SAT problems. Some of these techniques are specific to SAT, whereas others are similar in spirit to approaches in other
fields of Artificial Intelligence. GRASP is premised on the inevitability of conflicts during the search and its most distinguishing feature is
the augmentation of basic backtracking search with a powerful conflict analysis procedure. Analyzing conflicts to determine their
causes enables GRASP to backtrack nonchronologically to earlier levels in the search tree, potentially pruning large portions of the
search space. In addition, by ªrecordingº the causes of conflicts, GRASP can recognize and preempt the occurrence of similar conflicts
later on in the search. Finally, straightforward bookkeeping of the causality chains leading up to conflicts allows GRASP to identify
assignments that are necessary for a solution to be found. Experimental results obtained from a large number of benchmarks indicate
that application of the proposed conflict analysis techniques to SAT algorithms can be extremely effective for a large number of
representative classes of SAT instances.
Index TermsÐSatisfiability, search algorithms, conflict diagnosis, conflict-directed nonchronological backtracking, conflict-based
equivalence, failure-driven assertions, unique implication points.
æ
1 Introduction
T
HE Boolean satisfiability problem (SAT) appears in
many contexts in the field of computer-aided design
of integrated circuits, including automatic test pattern
generation (ATPG), timing analysis, delay fault testing,
and logic verification, to name just a few. Though well-
researched and widely investigated, it remains the focus of
continuing interest because efficient techniques for its
solution can have great impact. SAT belongs to the class
of NP-complete problems whose algorithmic solutions are
currently believed to have exponential worst case complex-
ity [13]. Over the years, many algorithmic solutions have
been proposed for SAT, the most well-known being the
different variations of the Davis-Putnam procedure [7]. The
best known version of this procedure is based on a
backtracking search algorithm that, at each node in the
search tree, elects an assignment and prunes subsequent
search by iteratively applying the unit clause and the pure
literal rules [39]. Iterated application of the unit clause rule is
commonly referred to as Boolean Constraint Propagation
(BCP) [39] or as derivation of implications in the electronic
CAD literature [1].
Most of the recently proposed improvements to the basic
Davis-Putnam procedure [3], [6], [11], [12], [22], [30], [36],
[39] can be distinguished based on their decision making
heuristics or their use of preprocessing or relaxation
techniques. Common to all these approaches, however, is
the chronological nature of backtracking. Only in [28] is a
nonchronological backtracking procedure outlined for sol-
ving problems in Logic Truth Maintenance Systems
(LTMS), but it is only sketched and no experimental results
are presented. Nevertheless, nonchronological backtracking
techniques have been extensively studied and applied to
different areas of Artificial Intelligence, particularly Truth
Maintenance Systems (TMS) [9], [35], Constraint Satisfac-
tion Problems (CSP) [8], [14], [15], [31], and Logic Program-
ming [4], in some cases with very promising experimental
results [8], [15]. In recent years, extensive research work has
been dedicated to the development of local search algo-
rithms for SAT [33]. These algorithms are, in general,
incomplete, i.e., they may not find a solution and cannot
prove unsatisfiability. Nevertheless, local search algorithms
have been shown to be extremely effective on specific
classes of satisfiable instances of SAT.
Interest in the direct application of SAT algorithms to
electronic design automation (EDA) problems has been on
the rise recently [5], [22], [29], [36]. In addition, improve-
ments to the traditional structural (path sensitization)
algorithms for some EDA problems, such as ATPG, include
search-pruning techniques that are also applicable to SAT
algorithms in general [16], [21], [25].
This paper introduces a new procedure for conflict
analysis in satisfiability algorithms and describes its use in a
configurable algorithmic framework for solving SAT pro-
blems. Titled GRASP
1
(Generic seaRch Algorithm for the
Satisfiability Problem), this framework is premised on the
inevitability of conflicts during search. By noting that
conflicts arise when certain clauses are missing from the
problem specification, GRASP views conflict occurrence as
an opportunity to augment the problem description with
such conflict-induced clauses. The addition of these clauses
506 IEEE TRANSACTIONS ON COMPUTERS, VOL. 48, NO. 5, MAY 1999
. J.P. Marques-Silva is with Cadence European Laboratories, IST/INESC, R.
Alves Redol, 9, 1000 Lisboa, Portugal.
. K.A. Sakallah is with the Department of Electrical Engineering and
Computer Science, University of Michigan, Ann Arbor, MI 48109-2122.
E-mail: karem@eecs.umich.edu.
Manuscript received 22 Apr. 1997.
For information on obtaining reprints of this article, please send e-mail to:
tc@computer.org, and reference IEEECS Log Number 104973.
0018-9340/99/$10.00 ß 1999 IEEE
helps to prune the search for a solution in three comple-
mentary ways. First, annotation of the literals in a conflict-
induced clause by the decision level at which their values
were assigned enables GRASP to backtrack nonchronologi-
cally to earlier levels in the search tree. Second, by
ªrecordingº these clauses, GRASP can recognize and
preempt the occurrence of similar conflicts later on in the
search. And third, straightforward bookkeeping of the
causality chains leading up to conflicts allows GRASP to
identify assignments that are necessary for a solution to be
found. Experimental results obtained from a large number
of benchmarks [18] provide ample evidence that application
of the proposed conflict analysis techniques to SAT
algorithms can be extremely effective for a large number
of representative classes of SAT instances.
The remainder of this paper is organized in four sections.
In Section 2, we introduce the basics of backtracking search,
particularly our implementation of BCP, and describe the
overall architecture of GRASP. This is followed, in Section 3,
by a detailed discussion of the procedures for conflict
analysis and how they are implemented. (In the Appendix,
we prove that the GRASP SAT algorithm is both correct and
complete.) Extensive experimental results on a wide range
of benchmarks are presented and analyzed in Section 4. In
particular, GRASP is shown to outperform several state-of-
the-art SAT algorithms [2], [6], [10], [11], [30], [33], [36], [19]
on most, but not all, benchmarks. Furthermore, the
experimental results strongly suggest that, for several
practical classes of SAT instances, local search algorithms
may be inadequate. This is particularly significant when-
ever the SAT instances are likely to be unsatisfiable, as is
typical in Automated Theorem Proving and in several
Electronic Design Automation tasks. The paper concludes
in Section 5 with some suggestions for further research.
2 Backtrack Search for CNF Satisfiability
2.1 Basic Definitions and Notation
A conjunctive normal form (CNF) formula ' on n binary
variables x
1
; ;x
n
is the conjunction (AND) of m clauses
!
1
; ;!
m
each of which is the disjunction (OR) of one or
more literals, where a literal is the occurrence of a variable
or its complement. A formula ' denotes a unique n-variable
Boolean function fx
1
; ;x
n
and each of its clauses
corresponds to an implicate of f [17, p. 288]. Clearly, a
function f can be represented by many equivalent CNF
formulas. A formula is complete if it consists of the entire
set of prime implicates [17, p. 288] for the corresponding
function. In general, a complete formula will have an
exponential number of clauses. We will refer to a CNF
formula as a clause database and use ªformula,º ªCNF
formula,º and ªclause databaseº interchangeably. The
satisfiability problem (SAT) is concerned with finding an
assignment to the arguments of fx
1
; ;x
n
that makes the
function equal to 1 or proving that the function is equal to
the constant 0.
A backtracking search algorithm for SAT is implemen-
ted by a search process that implicitly traverses the space
of 2
n
possible binary assignments to the problem
variables. During the search, a variable whose binary
value has already been determined is considered to be
assigned; otherwise, it is unassigned with an implicit value
of X f0; 1g.Atruth assignment for a formula ' is a set
of assigned variables and their corresponding binary
values. It will be convenient to represent such assign-
ments as sets of variable/value pairs; for example
A fx
1
; 0; x
7
; 1; x
13
; 0g.Alternatively,assignments
can be denoted as A fx
1
0;x
7
1;x
13
0g. Sometimes
it is convenient to indicate that a variable x is assigned
without specifying its actual value. In such cases, we will
use the notation x to denote the binary value assigned to
x. An assignment A is complete if jAjn; otherwise, it is
partial. Evaluating a formula ' for a given a truth
assignment A yields three possible outcomes: 'j
A
1 and
we say that ' is satisfied and refer to A as a satisfying
assignment; 'j
A
0, in which case ' is unsatisfied and A is
referred to as an unsatisfying assignment; and 'j
A
X,
indicating that the value of ' cannot be resolved by the
assignment. This last case can only happen when A is a
partial assignment. An assignment partitions the clauses of
' into three sets: satisfied clauses (evaluating to 1);
unsatisfied clauses (evaluating to 0); and unresolved clauses
(evaluating to X). The unassigned literals of a clause are
referred to as its free literals. A clause is said to be unit if it is
unresolved and the number of its free literals is one.
2.2 Formula Satisfiability
Formula satisfiability is concerned with determining if a
given formula ' is satisfiable and with identifying a
satisfying assignment for it. Starting from an empty truth
assignment, a backtrack search algorithm traverses the
space of truth assignments implicitly and organizes the
search for a satisfying assignment by maintaining a decision
tree. Each node in the decision tree specifies an elective
assignment to an unassigned variable; such assignments are
referred to as decision assignments.Adecision level is
associated with each decision assignment to denote its
depth in the decision tree; the first decision assignment at
the root of the tree is at decision level 1. The search process
iterates through the steps of:
1. Extending the current assignment by making a
decision assignment to an unassigned variable. This
decision process is the basic mechanism for exploring
new regions of the search space. The search
terminates successfully if all clauses become satis-
fied; it terminates unsuccessfully if some clauses
remain unsatisfied and all possible assignments
have been exhausted.
2. Extending the current assignment by following the
logical consequences of the assignments made thus
far. The additional assignments derived by this
deduction process are referred to as implication assign-
ments or, more simply, implications. The deduction
process may also lead to the identification of one or
more unsatisfied clauses implying that the current
assignment is not a satisfying assignment. Such an
MARQUES-SILVA AND SAKALLAH: GRASP: A SEARCH ALGORITHM FOR PROPOSITIONAL SATISFIABILITY 507
1. The GRASP software is available for downloading from http://
andante.eecs.umich.edu/grasp-1-0.tar.gz or http://algos.inesc.pt/grasp/
grasp.tar.gz.
occurrence is referred to as a conflict and the
associated unsatisfying assignment is called a con-
flicting assignment.
3. Undoing the current assignment, if it is conflicting,
so that another assignment can be tried. This
backtracking process is the basic mechanism for
retreating from regions of the search space that do
not correspond to satisfying assignments.
The decision level at which a given variable x is either
electively assigned or forcibly implied will be denoted by
x. When relevant to the context, the assignment notation
introduced earlier may be extended to indicate the decision
level at which the assignment occurred. Thus, x v @ d
would be read as ªx becomes equal to v at decision level d.º
The average complexity of the above search process
depends on how decisions, deductions, and backtracking
are made. It also depends on the formula itself. The
implications that can be derived from a given partial
assignment depend on the set of available clauses. In
general, a formula consisting of more clauses will enable
more implications to be derived and will reduce the number
of backtracks due to conflicts. The limiting case is the
complete formula that contains all prime implicates. For
such a formula, no conflicts can arise since all logical
implications for a partial assignment can be derived.
2
This,
however, may not lead to shorter execution times since the
size of such a formula may be exponential.
2.3 Function Satisfiability
Given an initial formula ', a search system can attempt to
augment it with additional implicates to increase the
deductive power during the search process. We propose a
search mechanism that identifies additional implicates by
diagnosing the causes of conflicts. Our approach considers
the occurrence of a conflict, which is unavoidable for an
unsatisfiable instance unless the formula is complete, as an
opportunity to ªlearn from the mistake that led to the
conflictº and introduces additional implicates to the clause
database only when it stumbles. Conflict diagnosis produces
three distinct pieces of information that can help speed up
the search:
1. New implicates that did not exist in the clause
database and that can be identified with the
occurrence of the conflict. These clauses may be
added to the clause database to avert future
occurrence of the same conflict and represent a form
of conflict-based equivalence (CBE).
2. An indication of whether the conflict was ultimately
due to the most recent decision assignment or to an
earlier decision assignment.
a. If that assignment was the most recent (i.e., at
the current decision level), the opposite assign-
ment (if it has not been tried) is immediately
implied as a necessary consequence of the
conflict; we refer to this as a failure-driven
assertion (FDA).
b. If the conflict resulted from an earlier decision
assignment (at a lower decision level), the search
can backtrack to the corresponding level in the
decision tree since the subtree rooted at that
level corresponds to assignments that will yield
the same conflict. The ability to identify a
backtracking level that is much earlier than the
current decision level is a form of nonchronolo-
gical backtracking that we refer to as conflict-
directed backtracking (CDB),
3
and has the poten-
tial of significantly reducing the amount of
search.
These conflict diagnosis techniques are discussed further
in Section 3.
2.4 Structure of the Search Process
The basic mechanism for deriving implications from a given
clause database is Boolean constraint propagation (BCP)
[11], [39]. Consider a formula ' containing the clause !
x :y and assume y 1. For any satisfying assignment to
', ! requires that x be equal to 1, and we say that y 1
implies x 1 due to !. In general, given a unit clause l
1
l
k
of ' with free literal l
j
, consistency requires l
j
1
since this represents the only possibility for the clause to be
satisfied. If l
j
x, then the assignment x 1 is required; if
l
j
:x,thenx 0 is required. Such assignments are
referred to as logical implications (implications, for short)
and correspond to the application of the unit clause rule
proposed by Davis and Putnam [7]. BCP refers to the
iterated application of this rule to a clause database until the
set of unit clauses becomes empty or one or more clauses
become unsatisfied.
Let the assignment of a variable x be implied due
to a clause ! l
1
l
k
. The antecedent assignment
of x, denoted as A
!
x, is defined as the set of
assignments to variables other than x with literals in
!. Intuitively, A
!
x designates those variable assign-
ments that are directly responsible for implying the
assignment of x due to !. For example, the ante-
cedent assignments of x, y, and z due to the clause
! x y :z are, respectively, A
!
xfy 0;z 1g,
A
!
yfx 0;z 1g, and A
!
zfx 0;y 0g. Note
that the antecedent assignment of an electively
assigned variable is empty.
The sequence of implications generated by BCP is
captured by a directed implication graph I defined as follows
(see Fig. 1):
1. Each vertex in I corresponds to a variable assign-
ment x x.
2. The predecessors of vertex x x in I are the
antecedent assignments A
!
x corresponding to the
unit clause ! that led to the implication of x. The
directed edges from the vertices in A
!
x to vertex
x x are all labeled with !. Vertices that have no
predecessors correspond to decision assignments.
3. Special conflict vertices are added to I to indicate the
occurrence of conflicts. The predecessors of a conflict
vertex K correspond to variable assignments that
force a clause ! to become unsatisfied and are
viewed as the antecedent assignment A
!
. The
508 IEEE TRANSACTIONS ON COMPUTERS, VOL. 48, NO. 5, MAY 1999
2. This assertion is proven in Theorem 3 in the Appendix.
3. The designation CDB is used instead of dependency-directed backtracking [35]
because the backtracking procedure is tightly associated with BCP.
directed edges from the vertices in A
!
x to K are all
labeled with !.
The decision level of an implied variable x is related to
those of its antecedent variables according to:
xmaxfyjy; y 2 A
!
xg: 1
2.5 Search Algorithm Template
The general structure of the GRASP search algorithm is
shown in Fig. 2. We assume that an initial clause database '
and an initial assignment A, at decision level 0, are given.
This initial assignment, which may be empty, may be
viewed as an additional problem constraint and causes the
search to be restricted to a subcube of the n-dimensional
Boolean space. As the search proceeds, both ' and A are
modified. The recursive Search() function consists of four
major operations:
1. Decide(), which chooses a decision assignment at
each stage of the search process. Decision proce-
dures are commonly based on heuristic knowledge.
For the results given in Section 4, the following
greedy heuristic is used:
At each node in the decision tree evaluate the number
of clauses directly satisfied by each assignment to each
variable. Choose the variable and the assignment that
directly satisfies the largest number of clauses.
Other decision making procedures have been im-
plemented in the GRASP algorithmic framework,
particularly those described in [11], [26]. For most of
these heuristics, preference is given to assignments
that simplify the clauses the most and can lead to
more implications due to BCP. This is in explicit
contrast with our heuristic which always attempts to
satisfy the largest number of clauses. We chose to
employ this heuristic in our experimental evaluation
because of its simplicity and to highlight the
effectiveness of conflict analysis.
2. Deduce(), which implements BCP and (implicitly)
maintains the resulting implication graph. The
pseudocode for this procedure is shown in Fig. 3.
The algorithm repeatedly applies the unit clause rule
[7] while unit clauses exist. It returns with a
SUCCESS indication unless one or more clauses
become unsatisfied. In that case, a conflict vertex is
added to the implication graph and a CONFLICT
indication is returned.
3. Diagnose(), which identifies the causes of conflicts
and can augment the clause database with addi-
tional implicates. Realization of different conflict
diagnosis procedures is the subject of Section 3.
4. Erase(), which deletes the assignments at the
current decision level.
The Search() function starts by calling Decide() to
choose a variable assignment at decision level d. It then
determines the consequences of this elective assignment by
calling Deduce(). If this assignment does not cause any
clauses to become unsatisfied, Search() is called recur-
sively at decision level d 1. If, on the other hand, a conflict
arises due to this assignment, the Diagnose() function is
called to analyze this conflict and to determine an
appropriate decision level for backtracking the search.
When Search() encounters a conflict, it returns with a
CONFLICT indication and causes the elective assignment
made on entry to the function to be erased. We refer to
Decide(), Deduce(), and Diagnose() as the Decision,
Deduction, and Diagnosis engines, respectively. Different
realizations of these engines lead to different SAT algo-
rithms. For example, the Davis-Putnam procedure can be
emulated with the above algorithm by defining a decision
engine, requiring the deduction engine to implement BCP
and the pure literal rule, and organizing the diagnosis
engine to implement chronological backtracking.
3 Conflict Analysis Procedures
When a conflict arises during BCP, the structure of the
implication sequence converging on a conflict vertex K is
analyzed to determine those (unsatisfying) variable assign-
ments that are directly responsible for the conflict. The
conjunction of these conflicting assignments is an implicant
that represents a sufficient condition for the conflict to arise.
Negation of this implicant, therefore, yields an implicate of
the Boolean function f (whose satisfiability we seek) that
does not exist in the clause database '. This new implicate,
referred to as a conflict-induced clause,
4
provides the primary
mechanism for implementing failure-driven assertions,
nonchronological conflict-directed backtracking, and con-
flict-based equivalence (see Section 2.3).
We denote the conflicting assignment associated with a
conflict vertex K by A
!
C
and the associated conflict-
induced clause by !
C
. The conflicting assignment is
determined by a backward traversal of the implication
graph starting at K. Besides the decision assignment at the
current decision level, only those assignments that occurred
at previous decision levels are included in A
!
C
. This is
justified by the fact that the decision assignment at the
current decision level is directly responsible for all implied
assignments at that level. Thus, along with assignments
from previous levels, the decision assignment at the current
decision level is a sufficient condition for the conflict. To
facilitate the computation of A
!
C
, we partition the
antecedent assignments of K, as well as those for variables
assigned at the current decision level into two sets. Let x
denote either K or a variable that is assigned at the current
decision level. The partition of Ax is then given by:
5
xfy; y 2 Axjy <xg
xfy; y 2 Axjyxg:
2
For example, referring to the implication graph of Fig. 1,
x
6
fx
11
0@3g and x
6
fx
4
1@6g. Determi-
nation of the conflicting assignment A
!
C
can now be
expressed as:
A
!
C
causes of
where causes_of(.) is defined by:
MARQUES-SILVA AND SAKALLAH: GRASP: A SEARCH ALGORITHM FOR PROPOSITIONAL SATISFIABILITY 509
4. Conditions similar to these implicates are referred to as ªnogoodsº in
TMS [9], [35] and in some algorithms for CSP [31]. Nevertheless, the basic
mechanism for creating conflict-induced clauses differs.
causes of
x; x if Ax;
x[
S
y;y2x
causes ofy
"#
otherwise:
8
>
<
>
:
3
The conflict-induced clause corresponding to A
!
C
is now
determined according to:
!
C
X
x;x2A
!
C
x
x
; 4
where, for a binary variable x, x
0
x,andx
1
:x.
Application of (2)-(4) to the conflict depicted in Fig. 1
yields the following conflicting assignment and conflict-
induced clause at decision level 6:
A
!
C
fx
1
1@6;x
9
0@1;x
10
0@3;x
11
0@3g
!
C
:x
1
x
9
x
10
x
11
:
5
We note that our method for deriving implicates by
analyzing the causes of conflicts has its foundations in
[26]. It is also similar in spirit to the approaches of Freeman
[11, chapter 8] and McAllester [28]. However, unlike the
precise computations of the conflicting assignment A
!
C
in (3) and conflict-induced clause !
C
in (4), the
procedures in these related works were only informally
described.
3.1 Standard Conflict Diagnosis Engine
The identification of a conflict-induced clause !
C
enables
the derivation of further implications that help prune the
search. Immediate implications of !
C
include asserting
the current decision variable to its opposite value and
determining a backtracking level for the search process.
Such immediate implications do not require that !
C
be
added to the clause database. Augmenting the clause
database with !
C
,however,hasthepotentialof
identifying future implications that are not derivable
without !
C
. In particular, adding !
C
to the clause
database ensures that the search engine will not regenerate
the conflicting assignment that led to the current conflict.
3.1.1 Failure-Driven Assertions
If !
C
involves the current decision variable, erasing the
implication sequence at the current decision level makes
!
C
a unit clause and causes the immediate implication of
the decision variable to its opposite value. We refer to such
assignments as failure-driven assertions (FDAs) to empha-
size that they are implications of conflicts and not decision
assignments. We note further that their derivation is
automatically handled by our BCP-based deduction engine
and does not require special processing. This is in contrast
with most search-based SAT algorithms that treat a second
branch at the current decision level as another decision
assignment. Using our running example (see Fig. 1) as an
illustration, we note that after erasing the conflicting
implication sequence at level 6, the conflict-induced clause
!
C
in (5) becomes a unit clause with :x
1
as its free literal.
This immediately implies the assignment x
1
0 and x
1
is
said to be asserted.
3.1.2 Conflict-Directed Backtracking
If all the literals in !
C
correspond to variables that were
assigned at decision levels that are lower than the current
decision level, we can immediately conclude that the search
process needs to backtrack. This situation can only take
place when the conflict in question is produced as a direct
consequence of diagnosing a previous conflict and is
510 IEEE TRANSACTIONS ON COMPUTERS, VOL. 48, NO. 5, MAY 1999
Fig. 1. Example of clause database and partial implication graph.
5. To reduce clutter, we omit the superscripts denoting the clauses that
lead to these antecedent assignments and assume them to be understood
from context.