A Constructive Framework for Galois Connections

Abstract interpretation-based static analyses rely on abstract domains of program properties, such as intervals or congruences for integer variables. Galois connections (GCs) between posets provide the most widespread and useful formal tool for mathematically specifying abstract domains. Recently, Darais and Van Horn [2016] put forward a notion of constructive Galois connection for unordered sets (rather than posets), which allows to define abstract domains in a so-called mechanized and calculational proof style and therefore enables the use of proof assistants like Coq and Agda for automatically extracting verified algorithms of static analysis. We show here that constructive GCs are isomorphic, in a precise and comprehensive meaning including sound abstract functions, to so-called partitioning GCs--an already known class of GCs which allows to cast standard set partitions as an abstract domain. Darais and Van Horn [2016] also provide a notion of constructive GC for posets, which we prove to be isomorphic to plain GCs and therefore lose their constructive attribute. Drawing on these findings, we put forward and advocate the use of purely partitioning GCs, a novel class of constructive abstract domains for a mechanized approach to abstract interpretation. We show that this class of abstract domains allows us to represent a set partition with more flexibility while retaining a constructive approach to Galois connections

Abstracting Nash equilibria of supermodular games

Supermodular games are a well known class of noncooperative games which find significant applications in a variety of models, especially in operations research and economic applications. Supermodular games always have Nash equilibria which are characterized as fixed points of multivalued functions on complete lattices. Abstract interpretation is here applied to set up an approximation framework for Nash equilibria of supermodular games. This is achieved by extending the theory of abstract interpretation in order to cope with approximations of multivalued functions and by providing some methods for abstracting supermodular games, thus obtaining approximate Nash equilibria which are shown to be correct within the abstract interpretation framework

A new characterization of complete Heyting and co-Heyting algebras

We give a new order-theoretic characterization of a complete Heyting and co-Heyting algebra $C$. This result provides an unexpected relationship with the field of Nash equilibria, being based on the so-called Veinott ordering relation on subcomplete sublattices of $C$, which is crucially used in Topkis' theorem for studying the order-theoretic stucture of Nash equilibria of supermodular games.Comment: To appear in Logical Methods in Computer Scienc

Generalizing the Paige-Tarjan Algorithm by Abstract Interpretation

The Paige and Tarjan algorithm (PT) for computing the coarsest refinement of a state partition which is a bisimulation on some Kripke structure is well known. It is also well known in model checking that bisimulation is equivalent to strong preservation of CTL, or, equivalently, of Hennessy-Milner logic. Drawing on these observations, we analyze the basic steps of the PT algorithm from an abstract interpretation perspective, which allows us to reason on strong preservation in the context of generic inductively defined (temporal) languages and of possibly non-partitioning abstract models specified by abstract interpretation. This leads us to design a generalized Paige-Tarjan algorithm, called GPT, for computing the minimal refinement of an abstract interpretation-based model that strongly preserves some given language. It turns out that PT is a straight instance of GPT on the domain of state partitions for the case of strong preservation of Hennessy-Milner logic. We provide a number of examples showing that GPT is of general use. We first show how a well-known efficient algorithm for computing stuttering equivalence can be viewed as a simple instance of GPT. We then instantiate GPT in order to design a new efficient algorithm for computing simulation equivalence that is competitive with the best available algorithms. Finally, we show how GPT allows to compute new strongly preserving abstract models by providing an efficient algorithm that computes the coarsest refinement of a given partition that strongly preserves the language generated by the reachability operator.Comment: Keywords: Abstract interpretation, abstract model checking, strong preservation, Paige-Tarjan algorithm, refinement algorith

Generalized Strong Preservation by Abstract Interpretation

Standard abstract model checking relies on abstract Kripke structures which approximate concrete models by gluing together indistinguishable states, namely by a partition of the concrete state space. Strong preservation for a specification language L encodes the equivalence of concrete and abstract model checking of formulas in L. We show how abstract interpretation can be used to design abstract models that are more general than abstract Kripke structures. Accordingly, strong preservation is generalized to abstract interpretation-based models and precisely related to the concept of completeness in abstract interpretation. The problem of minimally refining an abstract model in order to make it strongly preserving for some language L can be formulated as a minimal domain refinement in abstract interpretation in order to get completeness w.r.t. the logical/temporal operators of L. It turns out that this refined strongly preserving abstract model always exists and can be characterized as a greatest fixed point. As a consequence, some well-known behavioural equivalences, like bisimulation, simulation and stuttering, and their corresponding partition refinement algorithms can be elegantly characterized in abstract interpretation as completeness properties and refinements

Incompleteness of States w.r.t. Traces in Model Checking

Cousot and Cousot introduced and studied a general past/future-time specification language, called mu*-calculus, featuring a natural time-symmetric trace-based semantics. The standard state-based semantics of the mu*-calculus is an abstract interpretation of its trace-based semantics, which turns out to be incomplete (i.e., trace-incomplete), even for finite systems. As a consequence, standard state-based model checking of the mu*-calculus is incomplete w.r.t. trace-based model checking. This paper shows that any refinement or abstraction of the domain of sets of states induces a corresponding semantics which is still trace-incomplete for any propositional fragment of the mu*-calculus. This derives from a number of results, one for each incomplete logical/temporal connective of the mu*-calculus, that characterize the structure of models, i.e. transition systems, whose corresponding state-based semantics of the mu*-calculus is trace-complete

Logical Characterizations of Behavioral Relations on Transition Systems of Probability Distributions

Probabilistic nondeterministic processes are commonly modeled as probabilistic LTSs (PLTSs). A number of logical characterizations of the main behavioral relations on PLTSs have been studied. In particular, Parma and Segala [2007] and Hermanns et al. [2011] define a probabilistic Hennessy-Milner logic interpreted over probability distributions, whose corresponding logical equivalence/preorder when restricted to Dirac distributions coincide with standard bisimulation/simulation between the states of a PLTS. This result is here extended by studying the full logical equivalence/preorder between (possibly non-Dirac) distributions in terms of a notion of bisimulation/simulation defined on a LTS whose states are distributions (dLTS). We show that the well-known spectrum of behavioral relations on nonprobabilistic LTSs as well as their corresponding logical characterizations in terms of Hennessy-Milner logic scales to the probabilistic setting when considering dLTSs

An Abstract Interpretation-based Model of Tracing Just-In-Time Compilation

Tracing just-in-time compilation is a popular compilation technique for the efficient implementation of dynamic languages, which is commonly used for JavaScript, Python and PHP. We provide a formal model of tracing JIT compilation of programs using abstract interpretation. Hot path detection corresponds to an abstraction of the trace semantics of the program. The optimization phase corresponds to a transform of the original program that preserves its trace semantics up to an observation modeled by some abstraction. We provide a generic framework to express dynamic optimizations and prove them correct. We instantiate it to prove the correctness of dynamic type specialization and constant variable folding. We show that our framework is more general than the model of tracing compilation introduced by Guo and Palsberg [2011] based on operational bisimulations.Comment: To appear in ACM Transactions on Programming Languages and System

Il contributo delle filiere agro-alimentari alternative alla sostenibilità, un confronto tra il GAS di Pisa e la GDO.

In questo studio cercheremo di analizzare le filiere agro-alimentari alternative e capire se possono essere uno strumento efficace per uno sviluppo sostenibile e se sono veramente più sostenibili delle filiere convenzionali. Analizzeremo quali motivi hanno spinto alla loro nascita, e per quali motivi c’è stato negli ultimi anni un ripensamento della produzione agricola, dei consumi alimentari e dell’intero sistema economico. Andremo a vedere come si sono diffuse e come mai stanno avendo cosi tanto successo. Analizzeremo poi come funzionano queste iniziative, e le varie esperienze pratiche fatte finora comprese quelle intraprese in Toscana. Passeremo ad analizzare i potenziali effetti positivi e negativi delle filiere agro-alimentari corte rispetto a quelle convenzionali fino ad arrivare al nostro caso di studio per verificare in un caso specifico la differenza di impatto, con particolare riferimento alle emissioni di CO2 e al consumo di carburante per la sostenibilità ambientale; alla differenza tra i prezzi alla produzione e quelli al consumo tra le due filiere per la sostenibilità economica; e alla diversa attenzione ai problemi etici-sociali tra le due filiere per la sostenibilità sociale. L’obiettivo è verificare se le filiere agro-alimentari alternative sono più sostenibili delle filiere convenzionali lunghe. Per semplificare l’analisi e ristringere il campo di studio, abbiamo confrontato una filiera agro-alimentare alternativa, rappresentata dal GAS (Gruppo di acquisto solidale, riunisce più famiglie per l’acquisto collettivo di vari prodotti non solo alimentari) di Pisa con una filiera lunga rappresentata da una generica filiera della GDO. Questo studio non intende fornire dati precisi ed esaurienti sulla sostenibilità delle filiere alimentari alternative e di quelle convenzionali, sia per la difficoltà inerente alla complessità di questi sistemi, sia per la mancanza di alcune informazioni dettagliate sulle filiere. Ci accontenteremo di fornire un esempio di analisi che deve servire per dare un’idea indicativa delle possibili differenze che ci possono essere tra i due tipi di circuiti sia dal punto di vista logistico che per i diversi comportamenti di acquisto dei consumatori