Explaining Leibniz-equivalence as difference of non-inertial appearances: dis-solution of the Hole Argument and physical individuation of point-events

"The last remnant of physical objectivity of space-time" is disclosed in the case of a continuous family of spatially non-compact models of general relativity (GR). The {\it physical individuation} of point-events is furnished by the intrinsic degrees of freedom of the gravitational field, (viz, the {\it Dirac observables}) that represent - as it were - the {\it ontic} part of the metric field. The physical role of the {\it epistemic} part (viz. the {\it gauge} variables) is likewise clarified as emboding the unavoidable non-inertial aspects of GR. At the end the philosophical import of the {\it Hole Argument} is substantially weakened and in fact the Argument itself dis-solved, while a specific four-dimensional {\it holistic and structuralist} view of space-time, (called {\it point-structuralism}), emerges, including elements common to the tradition of both {\it substantivalism} and {\it relationism}. The observables of our models undergo real {\it temporal change}: this gives new evidence to the fact that statements like the {\it frozen-time} character of evolution, as other ontological claims about GR, are {\it model dependent}. \medskip Forthcoming in Studies in History and Philosophy of Modern PhysicsComment: 37 pages, talk at Oxford Conference on Spacetime (2004), to appear in Studies in History and Philosophy of Modern Physics. Affiliations Correcte

Parameterized Synthesis

We study the synthesis problem for distributed architectures with a parametric number of finite-state components. Parameterized specifications arise naturally in a synthesis setting, but thus far it was unclear how to detect realizability and how to perform synthesis in a parameterized setting. Using a classical result from verification, we show that for a class of specifications in indexed LTL\X, parameterized synthesis in token ring networks is equivalent to distributed synthesis in a network consisting of a few copies of a single process. Adapting a well-known result from distributed synthesis, we show that the latter problem is undecidable. We describe a semi-decision procedure for the parameterized synthesis problem in token rings, based on bounded synthesis. We extend the approach to parameterized synthesis in token-passing networks with arbitrary topologies, and show applicability on a simple case study. Finally, we sketch a general framework for parameterized synthesis based on cutoffs and other parameterized verification techniques.Comment: Extended version of TACAS 2012 paper, 29 page

Layering Assume-Guarantee Contracts for Hierarchical System Design

Specifications for complex engineering systems are typically decomposed into specifications for individual subsystems in a manner that ensures they are implementable and simpler to develop further. We describe a method to algorithmically construct component specifications that implement a given specification when assembled. By eliminating variables that are irrelevant to realizability of each component, we simplify the specifications and reduce the amount of information necessary for operation. We parametrize the information flow between components by introducing parameters that select whether each variable is visible to a component. The decomposition algorithm identifies which variables can be hidden while preserving realizability and ensuring correct composition, and these are eliminated from component specifications by quantification and conversion of binary decision diagrams to formulas. The resulting specifications describe component viewpoints with full information with respect to the remaining variables, which is essential for tractable algorithmic synthesis of implementations. The specifications are written in TLA + , with liveness properties restricted to an implication of conjoined recurrence properties, known as GR(1). We define an operator for forming open systems from closed systems, based on a variant of the “while-plus” operator. This operator simplifies the writing of specifications that are realizable without being vacuous. To convert the generated specifications from binary decision diagrams to readable formulas over integer variables, we symbolically solve a minimal covering problem. We show with examples how the method can be applied to obtain contracts that formalize the hierarchical structure of system design

Synthesis from multi-paradigm specifications

This work proposes a language for describing reactive synthesis problems that integrates imperative and declarative elements. The semantics is defined in terms of two-player turn-based infinite games with full information. Currently, synthesis tools accept linear temporal logic (LTL) as input, but this description is less structured and does not facilitate the expression of sequential constraints. This motivates the use of a structured programming language to specify synthesis problems. Transition systems and guarded commands serve as imperative constructs, expressed in a syntax based on that of the modeling language Promela. The syntax allows defining which player controls data and control flow, and separating a program into assumptions and guarantees. These notions are necessary for input to game solvers. The integration of imperative and declarative paradigms allows using the paradigm that is most appropriate for expressing each requirement. The declarative part is expressed in the LTL fragment of generalized reactivity(1), which admits efficient synthesis algorithms. The implementation translates Promela to input for the Slugs synthesizer and is written in Python

Real impossible worlds : the bounds of possibility

Lewisian Genuine Realism (GR) about possible worlds is often deemed unable to accommodate impossible worlds and reap the benefits that these bestow to rival theories. This thesis explores two alternative extensions of GR into the terrain of impossible worlds. It is divided in six chapters. Chapter I outlines Lewis’ theory, the motivations for impossible worlds, and the central problem that such worlds present for GR: How can GR even understand the notion of an impossible world, given Lewis’ reductive theoretical framework? Since the desideratum is to incorporate impossible worlds into GR without compromising Lewis’ reductive analysis of modality, Chapter II defends that analysis against (old and new) objections. The rest of the thesis is devoted to incorporating impossible worlds into GR. Chapter III explores GR-friendly impossible worlds in the form of set-theoretic constructions out of genuine possibilia. Then, Chapters IV-VI venture into concrete impossible worlds. Chapter IV addresses Lewis’ objection against such worlds, to the effect that contradictions true at impossible worlds amount to true contradictions tout court. I argue that even if so, the relevant contradictions are only ever about the non-actual, and that Lewis’ argument relies on a premise that cannot be nonquestion- beggingly upheld in the face of genuine impossible worlds in any case. Chapter V proposes that Lewis’ reductive analysis can be preserved, even in the face of genuine impossibilia, if we differentiate the impossible from the possible by means of accessibility relations, understood non-modally in terms of similarity. Finally, Chapter VI counters objections to the effect that there are certain impossibilities, formulated in Lewis’ theoretical language, which genuine impossibilia should, but cannot, represent. I conclude that Genuine Realism is still very much in the running when the discussion turns to impossible worlds

GPUVerify: A Verifier for GPU Kernels

We present a technique for verifying race- and divergence-freedom of GPU kernels that are written in mainstream ker-nel programming languages such as OpenCL and CUDA. Our approach is founded on a novel formal operational se-mantics for GPU programming termed synchronous, delayed visibility (SDV) semantics. The SDV semantics provides a precise definition of barrier divergence in GPU kernels and allows kernel verification to be reduced to analysis of a sequential program, thereby completely avoiding the need to reason about thread interleavings, and allowing existing modular techniques for program verification to be leveraged. We describe an efficient encoding for data race detection and propose a method for automatically inferring loop invari-ants required for verification. We have implemented these techniques as a practical verification tool, GPUVerify, which can be applied directly to OpenCL and CUDA source code. We evaluate GPUVerify with respect to a set of 163 kernels drawn from public and commercial sources. Our evaluation demonstrates that GPUVerify is capable of efficient, auto-matic verification of a large number of real-world kernels