173 research outputs found
A Logical Product Approach to Zonotope Intersection
We define and study a new abstract domain which is a fine-grained combination
of zonotopes with polyhedric domains such as the interval, octagon, linear
templates or polyhedron domain. While abstract transfer functions are still
rather inexpensive and accurate even for interpreting non-linear computations,
we are able to also interpret tests (i.e. intersections) efficiently. This
fixes a known drawback of zonotopic methods, as used for reachability analysis
for hybrid sys- tems as well as for invariant generation in abstract
interpretation: intersection of zonotopes are not always zonotopes, and there
is not even a best zonotopic over-approximation of the intersection. We
describe some examples and an im- plementation of our method in the APRON
library, and discuss some further in- teresting combinations of zonotopes with
non-linear or non-convex domains such as quadratic templates and maxplus
polyhedra
A convenient category of locally preordered spaces
As a practical foundation for a homotopy theory of abstract spacetime, we
extend a category of certain compact partially ordered spaces to a convenient
category of locally preordered spaces. In particular, we show that our new
category is Cartesian closed and that the forgetful functor to the category of
compactly generated spaces creates all limits and colimits.Comment: 26 pages, 0 figures, partially presented at GETCO 2005; changes:
claim of Prop. 5.11 weakened to finite case and proof changed due to problems
with proof of Lemma 3.26, now removed; Eg. 2.7, statement before Lem. 2.11,
typos, and other minor problems corrected throughout; extensive rewording;
proof of Lem. 3.31, now 3.30, adde
Trace Spaces: an Efficient New Technique for State-Space Reduction
State-space reduction techniques, used primarily in model-checkers, all rely
on the idea that some actions are independent, hence could be taken in any
(respective) order while put in parallel, without changing the semantics. It is
thus not necessary to consider all execution paths in the interleaving
semantics of a concurrent program, but rather some equivalence classes. The
purpose of this paper is to describe a new algorithm to compute such
equivalence classes, and a representative per class, which is based on ideas
originating in algebraic topology. We introduce a geometric semantics of
concurrent languages, where programs are interpreted as directed topological
spaces, and study its properties in order to devise an algorithm for computing
dihomotopy classes of execution paths. In particular, our algorithm is able to
compute a control-flow graph for concurrent programs, possibly containing
loops, which is "as reduced as possible" in the sense that it generates traces
modulo equivalence. A preliminary implementation was achieved, showing
promising results towards efficient methods to analyze concurrent programs,
with very promising results compared to partial-order reduction techniques
Automatic Estimation of Verified Floating-Point Round-Off Errors via Static Analysis
This paper introduces a static analysis technique for computing formally verified round-off error bounds of floating-point functional expressions. The technique is based on a denotational semantics that computes a symbolic estimation of floating-point round-o errors along with a proof certificate that ensures its correctness. The symbolic estimation can be evaluated on concrete inputs using rigorous enclosure methods to produce formally verified numerical error bounds. The proposed technique is implemented in the prototype research tool PRECiSA (Program Round-o Error Certifier via Static Analysis) and used in the verification of floating-point programs of interest to NASA
Interval Slopes as Numerical Abstract Domain for Floating-Point Variables
The design of embedded control systems is mainly done with model-based tools
such as Matlab/Simulink. Numerical simulation is the central technique of
development and verification of such tools. Floating-point arithmetic, that is
well-known to only provide approximated results, is omnipresent in this
activity. In order to validate the behaviors of numerical simulations using
abstract interpretation-based static analysis, we present, theoretically and
with experiments, a new partially relational abstract domain dedicated to
floating-point variables. It comes from interval expansion of non-linear
functions using slopes and it is able to mimic all the behaviors of the
floating-point arithmetic. Hence it is adapted to prove the absence of run-time
errors or to analyze the numerical precision of embedded control systems
Analysis of Software Patches Using Numerical Abstract Interpretation
International audienceWe present a static analysis for software patches. Given two syntactically close versions of a program, our analysis can infer a semantic difference, and prove that both programs compute the same outputs when run on the same inputs. Our method is based on abstract interpretation, and parametric in the choice of an abstract domain. We focus on numeric properties only. Our method is able to deal with unbounded executions of infinite-state programs, reading from infinite input streams. Yet, it is limited to comparing terminating executions, ignoring non terminating ones.We first present a novel concrete collecting semantics, expressing the behaviors of both programs at the same time. Then, we propose an abstraction of infinite input streams able to prove that programs that read from the same stream compute equal output values. We then show how to leverage classic numeric abstract domains, such as polyhedra or octagons, to build an effective static analysis. We also introduce a novel numeric domain to bound differences between the values of the variables in the two programs, which has linear cost, and the right amount of relationality to express useful properties of software patches.We implemented a prototype and experimented on a few small examples from the literature. Our prototype operates on a toy language, and assumes a joint syntactic representation of two versions of a program given, which distinguishes between common and distinctive parts
Inner approximated reachability analysis
International audienceComputing a tight inner approximation of the range of a function over some set is notoriously di cult, way beyond obtaining outer approximations. We propose here a new method to compute a tight inner approximation of the set of reachable states of non-linear dynamical systems on a bounded time interval. This approach involves a ne forms and Kaucher arithmetic, plus a number of extra ingredients from set-based methods. An implementation of the method is discussed, and illustrated on representative numerical schemes, discrete-time and continuous-time dynamical systems
A non-local method for robustness analysis of floating point programs
Robustness is a standard correctness property which intuitively means that if
the input to the program changes less than a fixed small amount then the output
changes only slightly. This notion is useful in the analysis of rounding error
for floating point programs because it helps to establish bounds on output
errors introduced by both measurement errors and by floating point computation.
Compositional methods often do not work since key constructs---like the
conditional and the while-loop---are not robust. We propose a method for
proving the robustness of a while-loop. This method is non-local in the sense
that instead of breaking the analysis down to single lines of code, it checks
certain global properties of its structure. We show the applicability of our
method on two standard algorithms: the CORDIC computation of the cosine and
Dijkstra's shortest path algorithm.Comment: QAPL - Tenth Workshop on Quantitative Aspects of Programming
Languages (2012
Undirected Graphs of Entanglement Two
Entanglement is a complexity measure of directed graphs that origins in fixed
point theory. This measure has shown its use in designing efficient algorithms
to verify logical properties of transition systems. We are interested in the
problem of deciding whether a graph has entanglement at most k. As this measure
is defined by means of games, game theoretic ideas naturally lead to design
polynomial algorithms that, for fixed k, decide the problem. Known
characterizations of directed graphs of entanglement at most 1 lead, for k = 1,
to design even faster algorithms. In this paper we present an explicit
characterization of undirected graphs of entanglement at most 2. With such a
characterization at hand, we devise a linear time algorithm to decide whether
an undirected graph has this property
An Axiomatic Approach to Liveness for Differential Equations
This paper presents an approach for deductive liveness verification for
ordinary differential equations (ODEs) with differential dynamic logic.
Numerous subtleties complicate the generalization of well-known discrete
liveness verification techniques, such as loop variants, to the continuous
setting. For example, ODE solutions may blow up in finite time or their
progress towards the goal may converge to zero. Our approach handles these
subtleties by successively refining ODE liveness properties using ODE
invariance properties which have a well-understood deductive proof theory. This
approach is widely applicable: we survey several liveness arguments in the
literature and derive them all as special instances of our axiomatic refinement
approach. We also correct several soundness errors in the surveyed arguments,
which further highlights the subtlety of ODE liveness reasoning and the utility
of our deductive approach. The library of common refinement steps identified
through our approach enables both the sound development and justification of
new ODE liveness proof rules from our axioms.Comment: FM 2019: 23rd International Symposium on Formal Methods, Porto,
Portugal, October 9-11, 201
- …