Logical Foundations of Cyber-Physical Systems Andr Platzer Andr - - PowerPoint PPT Presentation

20: Virtual Substitution & Real Equations

Logical Foundations of Cyber-Physical Systems

Logical Foundations of Cyber-Physical Systems

André Platzer

André Platzer

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 1 / 24

Outline

1

Learning Objectives

2

Framing the Miracle

3

Quantifier Elimination Homomorphic Normalization for QE Term Substitutions for Linear Equations

4

Square Root √· Virtual Substitution for Quadratics Square Root Algebra Virtual Substitutions of Square Roots Example

5

Summary

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 2 / 24

Outline

1

Learning Objectives

2

Framing the Miracle

3

Quantifier Elimination Homomorphic Normalization for QE Term Substitutions for Linear Equations

4

Square Root √· Virtual Substitution for Quadratics Square Root Algebra Virtual Substitutions of Square Roots Example

5

Summary

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 2 / 24

Learning Objectives

Virtual Substitution & Real Equations

CT M&C CPS rigorous arithmetical reasoning miracle of quantifier elimination logical trinity for reals switch between syntax & semantics at will virtual substitution lemma bridge gap between semantics and inexpressibles analytic complexity modeling tradeoffs verifying CPS at scale

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 3 / 24

Outline

1

Learning Objectives

2

Framing the Miracle

3

Quantifier Elimination Homomorphic Normalization for QE Term Substitutions for Linear Equations

4

Square Root √· Virtual Substitution for Quadratics Square Root Algebra Virtual Substitutions of Square Roots Example

5

Summary

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 3 / 24

Evaluating Real Arithmetic Formulas

x2 > 2∧ 2x < 3∨ x3 ≤ x2

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 4 / 24

Evaluating Real Arithmetic Formulas

When ω(x) = 2

ω[ [x2 > 2∧ 2x < 3∨ x3 ≤ x2] ]

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 4 / 24

Evaluating Real Arithmetic Formulas

When ω(x) = 2

ω[ [x2 > 2∧ 2x < 3∨ x3 ≤ x2] ] = 22 > 2∧ 2· 2 < 3∨ 23 ≤ 22 = false

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 4 / 24

Evaluating Real Arithmetic Formulas

When ω(x) = 2

ω[ [x2 > 2∧ 2x < 3∨ x3 ≤ x2] ] = 22 > 2∧ 2· 2 < 3∨ 23 ≤ 22 = false

When ν(x) = −1

ν[ [x2 > 2∧ 2x < 3∨ x3 ≤ x2] ]

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 4 / 24

Evaluating Real Arithmetic Formulas

When ω(x) = 2

ω[ [x2 > 2∧ 2x < 3∨ x3 ≤ x2] ] = 22 > 2∧ 2· 2 < 3∨ 23 ≤ 22 = false

When ν(x) = −1

ν[ [x2 > 2∧ 2x < 3∨ x3 ≤ x2] ] = (−1)2>2∧2·(−1)<3∨(−1)3≤(−1)2=true

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 4 / 24

Evaluating Real Arithmetic Formulas

When ω(x) = 2

ω[ [x2 > 2∧ 2x < 3∨ x3 ≤ x2] ] = 22 > 2∧ 2· 2 < 3∨ 23 ≤ 22 = false

When ν(x) = −1

ν[ [x2 > 2∧ 2x < 3∨ x3 ≤ x2] ] = (−1)2>2∧2·(−1)<3∨(−1)3≤(−1)2=true

Are the following formulas valid, i.e., true in all states? x2 > 2∧ 2x < 3∨ x3 ≤ x2

∀x (x2 > 2∧ 2x < 3∨ x3 ≤ x2) ∃x (x2 > 2∧ 2x < 3∨ x3 ≤ x2)

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 4 / 24

Evaluating Real Arithmetic Formulas

When ω(x) = 2

ω[ [x2 > 2∧ 2x < 3∨ x3 ≤ x2] ] = 22 > 2∧ 2· 2 < 3∨ 23 ≤ 22 = false

When ν(x) = −1

ν[ [x2 > 2∧ 2x < 3∨ x3 ≤ x2] ] = (−1)2>2∧2·(−1)<3∨(−1)3≤(−1)2=true

Are the following formulas valid, i.e., true in all states?

x2 > 2∧ 2x < 3∨ x3 ≤ x2 ∀x (x2 > 2∧ 2x < 3∨ x3 ≤ x2) ∃x (x2 > 2∧ 2x < 3∨ x3 ≤ x2)

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 4 / 24

Evaluating Real Arithmetic Formulas

When ω(x) = 2

ω[ [x2 > 2∧ 2x < 3∨ x3 ≤ x2] ] = 22 > 2∧ 2· 2 < 3∨ 23 ≤ 22 = false

When ν(x) = −1

ν[ [x2 > 2∧ 2x < 3∨ x3 ≤ x2] ] = (−1)2>2∧2·(−1)<3∨(−1)3≤(−1)2=true

Are the following formulas valid, i.e., true in all states?

x2 > 2∧ 2x < 3∨ x3 ≤ x2 ∀x (x2 > 2∧ 2x < 3∨ x3 ≤ x2) ∃x (x2 > 2∧ 2x < 3∨ x3 ≤ x2)

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 4 / 24

Evaluating Real Arithmetic Formulas

When ω(x) = 2

ω[ [x2 > 2∧ 2x < 3∨ x3 ≤ x2] ] = 22 > 2∧ 2· 2 < 3∨ 23 ≤ 22 = false

When ν(x) = −1

ν[ [x2 > 2∧ 2x < 3∨ x3 ≤ x2] ] = (−1)2>2∧2·(−1)<3∨(−1)3≤(−1)2=true

Are the following formulas valid, i.e., true in all states?

x2 > 2∧ 2x < 3∨ x3 ≤ x2 ∀x (x2 > 2∧ 2x < 3∨ x3 ≤ x2) ∃x (x2 > 2∧ 2x < 3∨ x3 ≤ x2)

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 4 / 24

Framing the Miracle: Quiz

Is validity of formulas decidable/semidecidable/undecidable/not semidecidable for:

1

Propositional logic [no variables]

FOL[p,f,...] uninterpreted

2

FOLN[+,·,=]

3

FOLR[+,·,=,<]

4

FOLQ[+,·,=]

5

FOLC[+,·,=]

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 5 / 24

Framing the Miracle: Quiz

Is validity of formulas decidable/semidecidable/undecidable/not semidecidable for:

Propositional logic [no variables]

decidable

FOL[p,f,...] uninterpreted

2

FOLN[+,·,=]

3

FOLR[+,·,=,<]

4

FOLQ[+,·,=]

5

FOLC[+,·,=]

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 5 / 24

Framing the Miracle: Quiz

Is validity of formulas decidable/semidecidable/undecidable/not semidecidable for:

Propositional logic [no variables]

decidable

FOL[p,f,...] uninterpreted

semidecidable [Gödel’30,Herbrand’30]

2

FOLN[+,·,=]

3

FOLR[+,·,=,<]

4

FOLQ[+,·,=]

5

FOLC[+,·,=]

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 5 / 24

Framing the Miracle: Quiz

Is validity of formulas decidable/semidecidable/undecidable/not semidecidable for:

Propositional logic [no variables]

decidable

FOL[p,f,...] uninterpreted

semidecidable [Gödel’30,Herbrand’30]

× FOLN[+,·,=] Peano arithmetic

not semidecidable [Gödel’31]

3

FOLR[+,·,=,<]

4

FOLQ[+,·,=]

5

FOLC[+,·,=]

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 5 / 24

Framing the Miracle: Quiz

Is validity of formulas decidable/semidecidable/undecidable/not semidecidable for:

Propositional logic [no variables]

decidable

FOL[p,f,...] uninterpreted

semidecidable [Gödel’30,Herbrand’30]

× FOLN[+,·,=] Peano arithmetic

not semidecidable [Gödel’31]

FOLR[+,·,=,<]

decidable [Tarski’31..51]

4

FOLQ[+,·,=]

5

FOLC[+,·,=]

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 5 / 24

Framing the Miracle: Quiz

Is validity of formulas decidable/semidecidable/undecidable/not semidecidable for:

Propositional logic [no variables]

decidable

FOL[p,f,...] uninterpreted

semidecidable [Gödel’30,Herbrand’30]

× FOLN[+,·,=] Peano arithmetic

not semidecidable [Gödel’31]

FOLR[+,·,=,<]

decidable [Tarski’31..51]

× FOLQ[+,·,=]

not semidecidable [Robinson’49]

5

FOLC[+,·,=]

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 5 / 24

Framing the Miracle: Quiz

Is validity of formulas decidable/semidecidable/undecidable/not semidecidable for:

Propositional logic [no variables]

decidable

FOL[p,f,...] uninterpreted

semidecidable [Gödel’30,Herbrand’30]

× FOLN[+,·,=] Peano arithmetic

not semidecidable [Gödel’31]

FOLR[+,·,=,<]

decidable [Tarski’31..51]

× FOLQ[+,·,=] √

2 ∈ Q, ∃x x2 = 2 not semidecidable [Robinson’49]

FOLC[+,·,=]

decidable [Tarski’51,Chevalley’51]

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 5 / 24

Framing the Miracle: Quiz

Is validity of formulas decidable/semidecidable/undecidable/not semidecidable for:

Propositional logic [no variables]

decidable

FOL[p,f,...] uninterpreted

semidecidable [Gödel’30,Herbrand’30]

× FOLN[+,·,=] Peano arithmetic

not semidecidable [Gödel’31]

FOLR[+,·,=,<]

decidable [Tarski’31..51]

× FOLQ[+,·,=] √

2 ∈ Q, ∃x x2 = 2 not semidecidable [Robinson’49]

FOLC[+,·,=]

decidable [Tarski’51,Chevalley’51]

6

FOLR[+,=,∧,∃]

7

FOLR[+,≤,∧,∃]

8

FOLN[+,=,2|,3|,...]

9

FOLR[+,·,exp,=,<]

10 FOLR[+,·,sin,=,<] André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 5 / 24

Framing the Miracle: Quiz

Is validity of formulas decidable/semidecidable/undecidable/not semidecidable for:

Propositional logic [no variables]

decidable

FOL[p,f,...] uninterpreted

semidecidable [Gödel’30,Herbrand’30]

× FOLN[+,·,=] Peano arithmetic

not semidecidable [Gödel’31]

FOLR[+,·,=,<]

decidable [Tarski’31..51]

× FOLQ[+,·,=] √

2 ∈ Q, ∃x x2 = 2 not semidecidable [Robinson’49]

FOLC[+,·,=]

decidable [Tarski’51,Chevalley’51]

FOLR[+,=,∧,∃]

decidable Gaussian elim. [179 CE]

7

FOLR[+,≤,∧,∃]

8

FOLN[+,=,2|,3|,...]

9

FOLR[+,·,exp,=,<]

10 FOLR[+,·,sin,=,<] André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 5 / 24

Framing the Miracle: Quiz

Is validity of formulas decidable/semidecidable/undecidable/not semidecidable for:

Propositional logic [no variables]

decidable

FOL[p,f,...] uninterpreted

semidecidable [Gödel’30,Herbrand’30]

× FOLN[+,·,=] Peano arithmetic

not semidecidable [Gödel’31]

FOLR[+,·,=,<]

decidable [Tarski’31..51]

× FOLQ[+,·,=] √

2 ∈ Q, ∃x x2 = 2 not semidecidable [Robinson’49]

FOLC[+,·,=]

decidable [Tarski’51,Chevalley’51]

FOLR[+,=,∧,∃]

decidable Gaussian elim. [179 CE]

FOLR[+,≤,∧,∃]

decidable [Fourier 1826]

8

FOLN[+,=,2|,3|,...]

9

FOLR[+,·,exp,=,<]

10 FOLR[+,·,sin,=,<] André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 5 / 24

Framing the Miracle: Quiz

Is validity of formulas decidable/semidecidable/undecidable/not semidecidable for:

Propositional logic [no variables]

decidable

FOL[p,f,...] uninterpreted

semidecidable [Gödel’30,Herbrand’30]

× FOLN[+,·,=] Peano arithmetic

not semidecidable [Gödel’31]

FOLR[+,·,=,<]

decidable [Tarski’31..51]

× FOLQ[+,·,=] √

2 ∈ Q, ∃x x2 = 2 not semidecidable [Robinson’49]

FOLC[+,·,=]

decidable [Tarski’51,Chevalley’51]

FOLR[+,=,∧,∃]

decidable Gaussian elim. [179 CE]

FOLR[+,≤,∧,∃]

decidable [Fourier 1826]

FOLN[+,=,2|,3|,...]

decidable [Presburger’29,Skolem’31]

9

FOLR[+,·,exp,=,<]

10 FOLR[+,·,sin,=,<] André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 5 / 24

Framing the Miracle: Quiz

Is validity of formulas decidable/semidecidable/undecidable/not semidecidable for:

Propositional logic [no variables]

decidable

FOL[p,f,...] uninterpreted

semidecidable [Gödel’30,Herbrand’30]

× FOLN[+,·,=] Peano arithmetic

not semidecidable [Gödel’31]

FOLR[+,·,=,<]

decidable [Tarski’31..51]

× FOLQ[+,·,=] √

2 ∈ Q, ∃x x2 = 2 not semidecidable [Robinson’49]

FOLC[+,·,=]

decidable [Tarski’51,Chevalley’51]

FOLR[+,=,∧,∃]

decidable Gaussian elim. [179 CE]

FOLR[+,≤,∧,∃]

decidable [Fourier 1826]

FOLN[+,=,2|,3|,...]

decidable [Presburger’29,Skolem’31] ? FOLR[+,·,exp,=,<] unknown

10 FOLR[+,·,sin,=,<] André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 5 / 24

Framing the Miracle: Quiz

Is validity of formulas decidable/semidecidable/undecidable/not semidecidable for:

Propositional logic [no variables]

decidable

FOL[p,f,...] uninterpreted

semidecidable [Gödel’30,Herbrand’30]

× FOLN[+,·,=] Peano arithmetic

not semidecidable [Gödel’31]

FOLR[+,·,=,<]

decidable [Tarski’31..51]

× FOLQ[+,·,=] √

2 ∈ Q, ∃x x2 = 2 not semidecidable [Robinson’49]

FOLC[+,·,=]

decidable [Tarski’51,Chevalley’51]

FOLR[+,=,∧,∃]

decidable Gaussian elim. [179 CE]

FOLR[+,≤,∧,∃]

decidable [Fourier 1826]

FOLN[+,=,2|,3|,...]

decidable [Presburger’29,Skolem’31] ? FOLR[+,·,exp,=,<] unknown

× FOLR[+,·,sin,=,<] sinx = 0

not semidecidable [Richardson’68]

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 5 / 24

Outline

1

Learning Objectives

2

Framing the Miracle

3

Quantifier Elimination Homomorphic Normalization for QE Term Substitutions for Linear Equations

4

Square Root √· Virtual Substitution for Quadratics Square Root Algebra Virtual Substitutions of Square Roots Example

5

Summary

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 5 / 24

Quantifier Elimination Projection

x y F ≡ ∃y (y ≥ 0∧ 1− x − 1.83x2 + 1.66x3 > y)

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 6 / 24

Quantifier Elimination Projection

x y F ≡ ∃y (y ≥ 0∧ 1− x − 1.83x2 + 1.66x3 > y)

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 6 / 24

Quantifier Elimination Projection

x y F ≡ ∃y (y ≥ 0∧ 1− x − 1.83x2 + 1.66x3 > y)

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 6 / 24

Quantifier Elimination Projection

x y F ≡ ∃y (y ≥ 0∧ 1− x − 1.83x2 + 1.66x3 > y)

QE(F) ≡ −0.75 < x ∧ x < 0.68∨ x > 1.18 QE

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 6 / 24

Quantifier Elimination Projection

x

QE(F) ≡ −0.75 < x ∧ x < 0.68∨ x > 1.18

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 6 / 24

Quantifier Elimination Projection

x F ≡ ∃y (y ≥ 0∧ 1− x − 1.83x2 + 1.66x3 > y)

QE(F) ≡ −0.75 < x ∧ x < 0.68∨ x > 1.18 QE

If all but one variable has fixed value: Finite union of intervals. Univariate polynomials have finitely many roots. Signs change finitely often.

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 6 / 24

Polynomial Equations Algebraic Varieties

x y x3 = y x y x2 + y2 = 1 x y y2 = x2(x + 1) 4x3 + 4x2y + 9xy2 − 9y3 − 36x + 36y = 0 z = x2 − y2 Algebraic variety: defined by conjunction of polynomial equations

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 7 / 24

Polynomial Inequalities Semialgebraic Sets

x y

|y|≤|x3| ∧ xy≥0

x y x2 + y2 ≤ 1 x y y2 = x2(x + 1)

∧ x ≤ 0.44

x y

|y|≥|x3| ∧

xy≥0

∧ |y|≤1.7|x|

z = x2 − y2

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 8 / 24

Quantifier Elimination in Real Arithmetic

Theorem (Tarski’31)

First-order logic of real arithmetic is decidable since it admits quantifier elimination, i.e., for each formula P, compute quantifier-free formula QE(P) that is equivalent, i.e., P ↔ QE(P) is valid.

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 9 / 24

Quantifier Elimination in Real Arithmetic

Theorem (Tarski’31)

First-order logic of real arithmetic is decidable since it admits quantifier elimination, i.e., for each formula P, compute quantifier-free formula QE(P) that is equivalent, i.e., P ↔ QE(P) is valid.

Theorem (Complexity, Davenport&Heintz’88,Weispfenning’88)

(Time and space) complexity of QE for R is doubly exponential in the number n of quantifier (alternations). 22O(n)

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 9 / 24

Quantifier Elimination in Real Arithmetic

Theorem (Tarski’31)

First-order logic of real arithmetic is decidable since it admits quantifier elimination, i.e., for each formula P, compute quantifier-free formula QE(P) that is equivalent, i.e., P ↔ QE(P) is valid.

Theorem (Complexity, Davenport&Heintz’88,Weispfenning’88)

(Time and space) complexity of QE for R is doubly exponential in the number n of quantifier (alternations). 22O(n) Answer even for one free variable and only linear polynomials

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 9 / 24

Quantifier Elimination Examples

QE(∃x (2x2 + c ≤ 5)) ≡ QE(∀c ∃x (2x2 + c ≤ 5)) ≡ QE(∃x (a = b + x2)) ≡ QE(∃x (x2 = 2)) ≡ QE(∃x (x2 = 2∧ y = x)) ≡

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 10 / 24

Quantifier Elimination Examples

QE(∃x (2x2 + c ≤ 5)) ≡ c ≤ 5 QE(∀c ∃x (2x2 + c ≤ 5)) ≡ QE(∃x (a = b + x2)) ≡ QE(∃x (x2 = 2)) ≡ QE(∃x (x2 = 2∧ y = x)) ≡

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 10 / 24

Quantifier Elimination Examples

QE(∃x (2x2 + c ≤ 5)) ≡ c ≤ 5 QE(∀c ∃x (2x2 + c ≤ 5)) ≡QE(∀c QE(∃x (2x2 + c ≤ 5)) QE(∃x (a = b + x2)) ≡ QE(∃x (x2 = 2)) ≡ QE(∃x (x2 = 2∧ y = x)) ≡

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 10 / 24

Quantifier Elimination Examples

QE(∃x (2x2 + c ≤ 5)) ≡ c ≤ 5 QE(∀c ∃x (2x2 + c ≤ 5)) ≡QE(∀c QE(∃x (2x2 + c ≤ 5)) ≡ QE(∀c (c ≤ 5)) QE(∃x (a = b + x2)) ≡ QE(∃x (x2 = 2)) ≡ QE(∃x (x2 = 2∧ y = x)) ≡

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 10 / 24

Quantifier Elimination Examples

QE(∃x (2x2 + c ≤ 5)) ≡ c ≤ 5 QE(∀c ∃x (2x2 + c ≤ 5)) ≡QE(∀c QE(∃x (2x2 + c ≤ 5)) ≡ QE(∀c (c ≤ 5)) ≡ −100 ≤ 5∧ 5 ≤ 5∧ 100 ≤ 5 QE(∃x (a = b + x2)) ≡ QE(∃x (x2 = 2)) ≡ QE(∃x (x2 = 2∧ y = x)) ≡

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 10 / 24

Quantifier Elimination Examples

QE(∃x (2x2 + c ≤ 5)) ≡ c ≤ 5 QE(∀c ∃x (2x2 + c ≤ 5)) ≡QE(∀c QE(∃x (2x2 + c ≤ 5)) ≡ QE(∀c (c ≤ 5)) ≡ −100 ≤ 5∧ 5 ≤ 5∧ 100 ≤ 5 ≡ false QE(∃x (a = b + x2)) ≡ QE(∃x (x2 = 2)) ≡ QE(∃x (x2 = 2∧ y = x)) ≡

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 10 / 24

Quantifier Elimination Examples

QE(∃x (2x2 + c ≤ 5)) ≡ c ≤ 5 QE(∀c ∃x (2x2 + c ≤ 5)) ≡QE(∀c QE(∃x (2x2 + c ≤ 5)) ≡ QE(∀c (c ≤ 5)) ≡ −100 ≤ 5∧ 5 ≤ 5∧ 100 ≤ 5 ≡ false QE(∃x (a = b + x2)) ≡ a ≥ b QE(∃x (x2 = 2)) ≡ QE(∃x (x2 = 2∧ y = x)) ≡

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 10 / 24

Quantifier Elimination Examples

QE(∃x (2x2 + c ≤ 5)) ≡ c ≤ 5 QE(∀c ∃x (2x2 + c ≤ 5)) ≡QE(∀c QE(∃x (2x2 + c ≤ 5)) ≡ QE(∀c (c ≤ 5)) ≡ −100 ≤ 5∧ 5 ≤ 5∧ 100 ≤ 5 ≡ false QE(∃x (a = b + x2)) ≡ a ≥ b QE(∃x (x2 = 2)) ≡ true QE(∃x (x2 = 2∧ y = x)) ≡

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 10 / 24

Quantifier Elimination Examples

QE(∃x (2x2 + c ≤ 5)) ≡ c ≤ 5 QE(∀c ∃x (2x2 + c ≤ 5)) ≡QE(∀c QE(∃x (2x2 + c ≤ 5)) ≡ QE(∀c (c ≤ 5)) ≡ −100 ≤ 5∧ 5 ≤ 5∧ 100 ≤ 5 ≡ false QE(∃x (a = b + x2)) ≡ a ≥ b QE(∃x (x2 = 2)) ≡ true QE(∃x (x2 = 2∧ y = x)) ≡ y = ± √

2

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 10 / 24

Quantifier Elimination Examples

QE(∃x (2x2 + c ≤ 5)) ≡ c ≤ 5 QE(∀c ∃x (2x2 + c ≤ 5)) ≡QE(∀c QE(∃x (2x2 + c ≤ 5)) ≡ QE(∀c (c ≤ 5)) ≡ −100 ≤ 5∧ 5 ≤ 5∧ 100 ≤ 5 ≡ false QE(∃x (a = b + x2)) ≡ a ≥ b QE(∃x (x2 = 2)) ≡ true QE(∃x (x2 = 2∧ y = x)) ≡ y = ± √

2 ≡ y2 = 2

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 10 / 24

Framework: Logical Normalization for QE

QE(A∧ B) ≡ QE(A∨ B) ≡ QE(¬A) ≡ QE(∀x A) ≡ QE(∃x A) ≡

A has quantifiers

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 11 / 24

Framework: Logical Normalization for QE

QE(A∧ B) ≡ QE(A)∧QE(B) QE(A∨ B) ≡ QE(A)∨QE(B) QE(¬A) ≡ ¬QE(A) QE(∀x A) ≡ QE(¬∃x ¬A) QE(∃x A) ≡ QE(∃x QE(A))

A has quantifiers

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 11 / 24

Framework: Logical Normalization for QE

QE(A∧ B) ≡ QE(A)∧QE(B) QE(A∨ B) ≡ QE(A)∨QE(B) QE(¬A) ≡ ¬QE(A) QE(∀x A) ≡ QE(¬∃x ¬A) QE(∃x A) ≡ QE(∃x QE(A))

A has quantifiers

QE(∃x (A∨ B)) ≡ QE(∃x ¬(A∧ B)) ≡ QE(∃x ¬(A∨ B)) ≡ QE(∃x ¬¬A) ≡

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 11 / 24

Framework: Logical Normalization for QE

QE(A∧ B) ≡ QE(A)∧QE(B) QE(A∨ B) ≡ QE(A)∨QE(B) QE(¬A) ≡ ¬QE(A) QE(∀x A) ≡ QE(¬∃x ¬A) QE(∃x A) ≡ QE(∃x QE(A))

A has quantifiers

QE(∃x (A∨ B)) ≡ QE(∃x A)∨QE(∃x B) QE(∃x ¬(A∧ B)) ≡ QE(∃x (¬A∨¬B)) QE(∃x ¬(A∨ B)) ≡ QE(∃x (¬A∧¬B)) QE(∃x ¬¬A) ≡ QE(∃x A)

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 11 / 24

Framework: Logical Normalization for QE

QE(A∧ B) ≡ QE(A)∧QE(B) QE(A∨ B) ≡ QE(A)∨QE(B) QE(¬A) ≡ ¬QE(A) QE(∀x A) ≡ QE(¬∃x ¬A) QE(∃x A) ≡ QE(∃x QE(A))

A has quantifiers

QE(∃x (A∨ B)) ≡ QE(∃x A)∨QE(∃x B) QE(∃x ¬(A∧ B)) ≡ QE(∃x (¬A∨¬B)) QE(∃x ¬(A∨ B)) ≡ QE(∃x (¬A∧¬B)) QE(∃x ¬¬A) ≡ QE(∃x A) QE(∃x (A∧(B ∨ C))) ≡ QE(∃x ((A∨ B)∧ C)) ≡

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 11 / 24

Framework: Logical Normalization for QE

QE(A∧ B) ≡ QE(A)∧QE(B) QE(A∨ B) ≡ QE(A)∨QE(B) QE(¬A) ≡ ¬QE(A) QE(∀x A) ≡ QE(¬∃x ¬A) QE(∃x A) ≡ QE(∃x QE(A))

A has quantifiers

QE(∃x (A∨ B)) ≡ QE(∃x A)∨QE(∃x B) QE(∃x ¬(A∧ B)) ≡ QE(∃x (¬A∨¬B)) QE(∃x ¬(A∨ B)) ≡ QE(∃x (¬A∧¬B)) QE(∃x ¬¬A) ≡ QE(∃x A) QE(∃x (A∧(B ∨ C))) ≡ QE(∃x ((A∧ B)∨(A∧ C)))

expensive

QE(∃x ((A∨ B)∧ C)) ≡ QE(∃x ((A∧ C)∨(B ∧ C)))

expensive

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 11 / 24

Framework: Logical Normalization for QE

Normal Form

QE(∃x (A1 ∧...∧ Ak)) with atomic Ai QE(A∧ B) ≡ QE(A)∧QE(B) QE(A∨ B) ≡ QE(A)∨QE(B) QE(¬A) ≡ ¬QE(A) QE(∀x A) ≡ QE(¬∃x ¬A) QE(∃x A) ≡ QE(∃x QE(A))

A has quantifiers

QE(∃x (A∨ B)) ≡ QE(∃x A)∨QE(∃x B) QE(∃x ¬(A∧ B)) ≡ QE(∃x (¬A∨¬B)) QE(∃x ¬(A∨ B)) ≡ QE(∃x (¬A∧¬B)) QE(∃x ¬¬A) ≡ QE(∃x A) QE(∃x (A∧(B ∨ C))) ≡ QE(∃x ((A∧ B)∨(A∧ C)))

expensive

QE(∃x ((A∨ B)∧ C)) ≡ QE(∃x ((A∧ C)∨(B ∧ C)))

expensive

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 11 / 24

Framework: Arithmetical Normalization for QE

Normal Form

QE(∃x (p1 ∼i 0∧...∧ pk ∼k 0)) and ∼i ∈ {>,=,≥,=}

p = q ≡ p − q = 0 p ≥ q ≡ p − q ≥ 0 p > q ≡ p − q > 0 p = q ≡ p − q = 0 p ≤ q ≡ q − p ≥ 0 p < q ≡ q − p > 0

¬(p ≥ q) ≡ p < q ¬(p > q) ≡ p ≤ q ¬(p = q) ≡ p = q ¬(p = q) ≡ p = q

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 12 / 24

Quantifier Elimination by Virtual Substitution

Virtual Substitution ∃x F ↔

• t∈T

At ∧ F t

x

where terms T substituted (virtually) into F depend on F where At are quantifier-free additional compatibility conditions Scalability requires simplifier for intermediate results

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 13 / 24

Quantifier Elimination by Virtual Substitution

Virtual Substitution

Quantifier

∃x F ↔

• t∈T

At ∧ F t

x

Quantifier-free where terms T substituted (virtually) into F depend on F where At are quantifier-free additional compatibility conditions Scalability requires simplifier for intermediate results

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 13 / 24

Naïve Virtual Substitution by Example

x Can we get rid of the quantifier without changing the semantics?

∃x(x > 2∧ x < 17

5 )

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 14 / 24

Naïve Virtual Substitution by Example

x 2

17 5

Can we get rid of the quantifier without changing the semantics?

∃x(x > 2∧ x < 17

5 )

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 14 / 24

Naïve Virtual Substitution by Example

x 2

17 5

Can we get rid of the quantifier without changing the semantics?

∃x(x > 2∧ x < 17

5 )

≡ (2 > 2∧ 2 < 17

5 )

boundary case “x = 2”

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 14 / 24

Naïve Virtual Substitution by Example

x 2

17 5

Can we get rid of the quantifier without changing the semantics?

∃x(x > 2∧ x < 17

5 )

≡ (2 > 2∧ 2 < 17

5 )

boundary case “x = 2”

∨ ( 17

5 > 2∧ 17 5 < 17 5 )

boundary case “x = 17

5 ”

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 14 / 24

Naïve Virtual Substitution by Example

x 2

17 5 2+ 17

5

2

Can we get rid of the quantifier without changing the semantics?

∃x(x > 2∧ x < 17

5 )

≡ (2 > 2∧ 2 < 17

5 )

boundary case “x = 2”

∨ ( 17

5 > 2∧ 17 5 < 17 5 )

boundary case “x = 17

5 ”

∨ (

2+ 17

5

2

> 2∧

2+ 17

5

2

< 17

5 )

intermediate case “x =

2+ 17

5

2

”

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 14 / 24

Naïve Virtual Substitution by Example

x 2

17 5 2+ 17

5

2

−∞

Can we get rid of the quantifier without changing the semantics?

∃x(x > 2∧ x < 17

5 )

≡ (2 > 2∧ 2 < 17

5 )

boundary case “x = 2”

∨ ( 17

5 > 2∧ 17 5 < 17 5 )

boundary case “x = 17

5 ”

∨ (

2+ 17

5

2

> 2∧

2+ 17

5

2

< 17

5 )

intermediate case “x =

2+ 17

5

2

”

∨ (−∞ > 2∧−∞ < 17

5 )

extremal case “x = −∞”

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 14 / 24

Naïve Virtual Substitution by Example

x 2

17 5 2+ 17

5

2

−∞ ∞

Can we get rid of the quantifier without changing the semantics?

∃x(x > 2∧ x < 17

5 )

≡ (2 > 2∧ 2 < 17

5 )

boundary case “x = 2”

∨ ( 17

5 > 2∧ 17 5 < 17 5 )

boundary case “x = 17

5 ”

∨ (

2+ 17

5

2

> 2∧

2+ 17

5

2

< 17

5 )

intermediate case “x =

2+ 17

5

2

”

∨ (−∞ > 2∧−∞ < 17

5 )

extremal case “x = −∞”

∨ (∞ > 2∧∞ < 17

5 )

extremal case “x = ∞”

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 14 / 24

Naïve Virtual Substitution by Example

x 2

17 5 2+ 17

5

2

−∞ ∞

Can we get rid of the quantifier without changing the semantics?

∃x(x > 2∧ x < 17

5 )

≡ (2 > 2∧ 2 < 17

5 )

boundary case “x = 2”

∨ ( 17

5 > 2∧ 17 5 < 17 5 )

boundary case “x = 17

5 ”

∨ (

2+ 17

5

2

> 2∧

2+ 17

5

2

< 17

5 )

intermediate case “x =

2+ 17

5

2

”

∨ (−∞ > 2∧−∞ < 17

5 )

extremal case “x = −∞”

∨ (∞ > 2∧∞ < 17

5 )

extremal case “x = ∞”

≡

true evaluate

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 14 / 24

Naïve Virtual Substitution by Example

x 2

17 5 2+ 17

5

2

−∞ ∞

Can we get rid of the quantifier without changing the semantics?

∃x(x > 2∧ x < 17

5 )

≡ (2 > 2∧ 2 < 17

5 )

boundary case “x = 2”

∨ ( 17

5 > 2∧ 17 5 < 17 5 )

boundary case “x = 17

5 ”

∨ (

2+ 17

5

2

> 2∧

2+ 17

5

2

< 17

5 )

intermediate case “x =

2+ 17

5

2

”

∨ (−∞ > 2∧−∞ < 17

5 )

extremal case “x = −∞”

∨ (∞ > 2∧∞ < 17

5 )

extremal case “x = ∞”

≡

true evaluate

∞ is not in FOLR

Interior points aren’t always terms in FOLR if nonlinear Substituting them into formulas requires attention

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 14 / 24

Linear Virtual Substitution

Theorem (Virtual Substitution: Linear Equation) ∃x (bx + c = 0∧ F) ↔

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 15 / 24

Linear Virtual Substitution

Theorem (Virtual Substitution: Linear Equation) ∃x (bx + c = 0∧ F) ↔ F −c/b

x

Linear solution

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 15 / 24

Linear Virtual Substitution

Theorem (Virtual Substitution: Linear Equation) ∃x (bx + c = 0∧ F) ↔ b = 0∧ F −c/b

x

Don’t divide by 0

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 15 / 24

Linear Virtual Substitution

Theorem (Virtual Substitution: Linear Equation)

b = 0 →

• ∃x (bx + c = 0∧ F) ↔ b = 0∧ F −c/b

x

• Only actually linear solution if b = 0

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 15 / 24

Linear Virtual Substitution

Theorem (Virtual Substitution: Linear Equation x ∈ b,c)

b = 0 →

• ∃x (bx + c = 0∧ F) ↔ b = 0∧ F −c/b

x

• if x ∈ b,c

Only linear if no x in b,c

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 15 / 24

Linear Virtual Substitution

Theorem (Virtual Substitution: Linear Equation x ∈ b,c)

b = 0 →

• ∃x (bx + c = 0∧ F) ↔ b = 0∧ F −c/b

x

• if x ∈ b,c

Conditional equivalence, so conditions may need to be checked or case-split

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 15 / 24

Linear Virtual Substitution

Theorem (Virtual Substitution: Linear Equation x ∈ b,c)

b = 0 →

• ∃x (bx + c = 0∧ F) ↔ b = 0∧ F −c/b

x

• if x ∈ b,c

Lemma (Uniform substitution of linear equations)

The linear equation axiom is sound (b,c are arity 0 function symbols):

∃lin b = 0 →

• ∃x (b · x + c = 0∧ q(x)) ↔ q(−c/b)
• ∃x
• (y2 + 4

b

)·x +(yz − 1

c

) = 0∧x3+x ≥ 0

• ↔
• −yz − 1

y2 + 4

3 +

• −yz − 1

y2 + 4

• ≥ 0

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 15 / 24

Outline

1

Learning Objectives

2

Framing the Miracle

3

Quantifier Elimination Homomorphic Normalization for QE Term Substitutions for Linear Equations

4

Square Root √· Virtual Substitution for Quadratics Square Root Algebra Virtual Substitutions of Square Roots Example

5

Summary

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 15 / 24

Quadratic Virtual Substitution

Theorem (Virtual Substitution: Quadratic Equation) ∃x (ax2 + bx + c = 0∧ F) ↔

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 16 / 24

Quadratic Virtual Substitution

Theorem (Virtual Substitution: Quadratic Equation) ∃x (ax2 + bx + c = 0∧ F) ↔

F (−b+

√

b2−4ac)/(2a) x

Quadratic solution

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 16 / 24

Quadratic Virtual Substitution

Theorem (Virtual Substitution: Quadratic Equation) ∃x (ax2 + bx + c = 0∧ F) ↔

• F (−b+

√

b2−4ac)/(2a) x

∨ F (−b−

√

b2−4ac)/(2a) x

• Or negative square root solution

x

−x2 + x + 1

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 16 / 24

Quadratic Virtual Substitution

Theorem (Virtual Substitution: Quadratic Equation) ∃x (ax2 + bx + c = 0∧ F) ↔

a = 0∧

• F (−b+

√

b2−4ac)/(2a) x

∨ F (−b−

√

b2−4ac)/(2a) x

• Don’t divide by 0

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 16 / 24

Quadratic Virtual Substitution

Theorem (Virtual Substitution: Quadratic Equation) ∃x (ax2 + bx + c = 0∧ F) ↔

a = 0∧ b2 − 4ac ≥ 0∧

• F (−b+

√

b2−4ac)/(2a) x

∨ F (−b−

√

b2−4ac)/(2a) x

• Real solution if √· exists by discriminant

x

1 2x2 − x + 1 10

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 16 / 24

Quadratic Virtual Substitution

Theorem (Virtual Substitution: Quadratic Equation) ∃x (ax2 + bx + c = 0∧ F) ↔

a = 0∧ b = 0∧ F −c/b

x

∨ a = 0∧ b2 − 4ac ≥ 0∧

• F (−b+

√

b2−4ac)/(2a) x

∨ F (−b−

√

b2−4ac)/(2a) x

• Instead linear solution if a = 0 (may case-split)

x 0x2 + x + 1

2

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 16 / 24

Quadratic Virtual Substitution

Theorem (Virtual Substitution: Quadratic Equation)

a = 0∨ b = 0∨ c = 0 →

• ∃x (ax2 + bx + c = 0∧ F) ↔

a = 0∧ b = 0∧ F −c/b

x

∨ a = 0∧ b2 − 4ac ≥ 0∧

• F (−b+

√

b2−4ac)/(2a) x

∨ F (−b−

√

b2−4ac)/(2a) x

• Only equivalent if not all 0 which gives trivial equation (else use F)

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 16 / 24

Quadratic Virtual Substitution

Theorem (Virtual Substitution: Quadratic Equation x ∈ a,b,c)

a = 0∨ b = 0∨ c = 0 →

• ∃x (ax2 + bx + c = 0∧ F) ↔

a = 0∧ b = 0∧ F −c/b

x

∨ a = 0∧ b2 − 4ac ≥ 0∧

• F (−b+

√

b2−4ac)/(2a) x

∨ F (−b−

√

b2−4ac)/(2a) x

• Only linear or quadratic if no x in a,b,c

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 16 / 24

Quadratic Virtual Substitution

Theorem (Virtual Substitution: Quadratic Equation x ∈ a,b,c)

a = 0∨ b = 0∨ c = 0 →

• ∃x (ax2 + bx + c = 0∧ F) ↔

a = 0∧ b = 0∧ F −c/b

x

∨ a = 0∧ b2 − 4ac ≥ 0∧

• F (−b+

√

b2−4ac)/(2a) x

∨ F (−b−

√

b2−4ac)/(2a) x

• 1

Quantifier-free equivalent

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 16 / 24

Quadratic Virtual Substitution

Theorem (Virtual Substitution: Quadratic Equation x ∈ a,b,c)

a = 0∨ b = 0∨ c = 0 →

• ∃x (ax2 + bx + c = 0∧ F) ↔

a = 0∧ b = 0∧ F −c/b

x

∨ a = 0∧ b2 − 4ac ≥ 0∧

• F (−b+

√

b2−4ac)/(2a) x

∨ F (−b−

√

b2−4ac)/(2a) x

• 1

Quantifier-free equivalent

2

Just not a formula . . .

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 16 / 24

Quadratic Virtual Substitution

Theorem (Virtual Substitution: Quadratic Equation x ∈ a,b,c)

a = 0∨ b = 0∨ c = 0 →

• ∃x (ax2 + bx + c = 0∧ F) ↔

a = 0∧ b = 0∧ F −c/b

x

∨ a = 0∧ b2 − 4ac ≥ 0∧

• F (−b+

√

b2−4ac)/(2a) x

∨ F (−b−

√

b2−4ac)/(2a) x

• 1

Quantifier-free equivalent

2

Just not a formula . . .

3

(−b + √

b2 − 4ac)/(2a) is not in FOLR and neither is −c/b

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 16 / 24

Quadratic Virtual Substitution

Theorem (Virtual Substitution: Quadratic Equation x ∈ a,b,c)

a = 0∨ b = 0∨ c = 0 →

• ∃x (ax2 + bx + c = 0∧ F) ↔

a = 0∧ b = 0∧ F −c/b

x

∨ a = 0∧ b2 − 4ac ≥ 0∧

• F (−b+

√

b2−4ac)/(2a) x

∨ F (−b−

√

b2−4ac)/(2a) x

• 1

Quantifier-free equivalent

2

Just not a formula . . .

3

(−b + √

b2 − 4ac)/(2a) is not in FOLR and neither is −c/b

4

Virtual substitution F (a+b√

c)/d

¯

x

acts as if it were to substitute

(a+ b√

c)/d for x in F

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 16 / 24

Quadratic Virtual Substitution

Theorem (Virtual Substitution: Quadratic Equation x ∈ a,b,c)

a = 0∨ b = 0∨ c = 0 →

• ∃x (ax2 + bx + c = 0∧ F) ↔

a = 0∧ b = 0∧ F −c/b

¯

x

∨ a = 0∧ b2 − 4ac ≥ 0∧

• F (−b+

√

b2−4ac)/(2a)

¯

x

∨ F (−b−

√

b2−4ac)/(2a)

¯

x

• 1

Quantifier-free equivalent

2

Just not a formula . . .

3

(−b + √

b2 − 4ac)/(2a) is not in FOLR and neither is −c/b

4

Virtual substitution F (a+b√

c)/d

¯

x

acts as if it were to substitute

(a+ b√

c)/d for x in F . . . but it’s merely equivalent

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 16 / 24

Quadratic Virtual Substitution

Theorem (Virtual Substitution: Quadratic Equation x ∈ a,b,c)

a = 0∨ b = 0∨ c = 0 →

• ∃x (ax2 + bx + c = 0∧ F) ↔

a = 0∧ b = 0∧ F −c/b

¯

x

∨ a = 0∧ b2 − 4ac ≥ 0∧

• F (−b+

√

b2−4ac)/(2a)

¯

x

∨ F (−b−

√

b2−4ac)/(2a)

¯

x

• 1

Quantifier-free equivalent

2

Just not a formula . . .

3

(−b + √

b2 − 4ac)/(2a) is not in FOLR and neither is −c/b

4

Virtual substitution F (a+b√

c)/d

¯

x

acts as if it were to substitute

(a+ b√

c)/d for x in F . . . but it’s merely equivalent

5

∃r (r 2 = c) would do it for √

c

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 16 / 24

Quadratic Virtual Substitution

Theorem (Virtual Substitution: Quadratic Equation x ∈ a,b,c)

a = 0∨ b = 0∨ c = 0 →

• ∃x (ax2 + bx + c = 0∧ F) ↔

a = 0∧ b = 0∧ F −c/b

¯

x

∨ a = 0∧ b2 − 4ac ≥ 0∧

• F (−b+

√

b2−4ac)/(2a)

¯

x

∨ F (−b−

√

b2−4ac)/(2a)

¯

x

• 1

Quantifier-free equivalent

2

Just not a formula . . .

3

(−b + √

b2 − 4ac)/(2a) is not in FOLR and neither is −c/b

4

Virtual substitution F (a+b√

c)/d

¯

x

acts as if it were to substitute

(a+ b√

c)/d for x in F . . . but it’s merely equivalent

5

∃r (r 2 = c) would do it for √

c but that’s going in circles

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 16 / 24

Quadratic Virtual Substitution

Theorem (Virtual Substitution: Quadratic Equation x ∈ a,b,c)

a = 0∨ b = 0∨ c = 0 →

• ∃x (ax2 + bx + c = 0∧ F) ↔

a = 0∧ b = 0∧ F −c/b

¯

x

∨ a = 0∧ b2 − 4ac ≥ 0∧

• F (−b+

√

b2−4ac)/(2a)

¯

x

∨ F (−b−

√

b2−4ac)/(2a)

¯

x

• André Platzer (CMU)

LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 17 / 24

Square Root Algebra

Virtual Substitution into Polynomial

Virtually substitute (a+ b√ c)/d into a polynomial p: p(a+b√

c)/d

¯

x def

=

Convention: On this slide c′ is not a derivative but just another name . . .

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 18 / 24

Square Root Algebra

Virtual Substitution into Polynomial

Virtually substitute (a+ b√ c)/d into a polynomial p: p(a+b√

c)/d

¯

x def

= p((a+ b√

c)/d) Convention: On this slide c′ is not a derivative but just another name . . .

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 18 / 24

Square Root Algebra

Virtual Substitution into Polynomial

Virtually substitute (a+ b√ c)/d into a polynomial p: p(a+b√

c)/d

¯

x def

= p((a+ b√

c)/d) by algebraic evaluation of +,· Convention: On this slide c′ is not a derivative but just another name . . .

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 18 / 24

Square Root Algebra

Virtual Substitution into Polynomial

Virtually substitute (a+ b√ c)/d into a polynomial p: p(a+b√

c)/d

¯

x def

= p((a+ b√

c)/d) by algebraic evaluation of +,·

√

c-algebra

Algebra of terms (a+ b√ c)/d with polynomials a,b,c,d ∈ Q[x1,..,xn]:

((a+ b√

c)/d)+((a′ + b′√ c)/d′) =

((a+ b√

c)/d)·((a′ + b′√ c)/d′) = Convention: On this slide c′ is not a derivative but just another name . . .

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 18 / 24

Square Root Algebra

Virtual Substitution into Polynomial

Virtually substitute (a+ b√ c)/d into a polynomial p: p(a+b√

c)/d

¯

x def

= p((a+ b√

c)/d) by algebraic evaluation of +,·

√

c-algebra

Algebra of terms (a+ b√ c)/d with polynomials a,b,c,d ∈ Q[x1,..,xn]:

((a+ b√

c)/d)+((a′ + b′√ c)/d′) = ((ad′ + da′)+(bd′ + db′)√ c)/(dd′)

((a+ b√

c)/d)·((a′ + b′√ c)/d′) = Convention: On this slide c′ is not a derivative but just another name . . .

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 18 / 24

Square Root Algebra

Virtual Substitution into Polynomial

Virtually substitute (a+ b√ c)/d into a polynomial p: p(a+b√

c)/d

¯

x def

= p((a+ b√

c)/d) by algebraic evaluation of +,·

√

c-algebra

Algebra of terms (a+ b√ c)/d with polynomials a,b,c,d ∈ Q[x1,..,xn]:

((a+ b√

c)/d)+((a′ + b′√ c)/d′) = ((ad′ + da′)+(bd′ + db′)√ c)/(dd′)

((a+ b√

c)/d)·((a′ + b′√ c)/d′) = ((aa′ + bb′c)+(ab′ + ba′)√ c)/(dd′) Convention: On this slide c′ is not a derivative but just another name . . .

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 18 / 24

Square Root Algebra

Virtual Substitution into Polynomial

Virtually substitute (a+ b√ c)/d into a polynomial p: p(a+b√

c)/d

¯

x def

= p((a+ b√

c)/d) by algebraic evaluation of +,·

√

c-algebra

Algebra of terms (a+ b√ c)/d with polynomials a,b,c,d ∈ Q[x1,..,xn]: where c ≥ 0,d,d′ = 0

((a+ b√

c)/d)+((a′ + b′√ c)/d′) = ((ad′ + da′)+(bd′ + db′)√ c)/(dd′)

((a+ b√

c)/d)·((a′ + b′√ c)/d′) = ((aa′ + bb′c)+(ab′ + ba′)√ c)/(dd′) Convention: On this slide c′ is not a derivative but just another name . . .

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 18 / 24

Virtual √· Substitution

Virtual Substitution into Comparisons

Virtually substitute (a+ b√ c)/d into a comparison p ∼ 0:

(p ∼ 0)(a+b√

c)/d

¯

x

≡

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 19 / 24

Virtual √· Substitution

Virtual Substitution into Comparisons

Virtually substitute (a+ b√ c)/d into a comparison p ∼ 0:

(p ∼ 0)(a+b√

c)/d

¯

x

≡ (p(a+b√

c)/d

¯

x

∼ 0)

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 19 / 24

Virtual √· Substitution

Virtual Substitution into Comparisons

Virtually substitute (a+ b√ c)/d into a comparison p ∼ 0:

(p ∼ 0)(a+b√

c)/d

¯

x

≡ (p(a+b√

c)/d

¯

x

∼ 0)

√

c-comparisons d = 0∧ c ≥ 0 (a+ 0√

c)/d = 0 ≡

(a+ 0√

c)/d ≤ 0 ≡

(a+ 0√

c)/d < 0 ≡

(a+ b√

c)/d = 0 ≡

(a+ b√

c)/d ≤ 0 ≡

(a+ b√

c)/d < 0 ≡

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 19 / 24

Virtual √· Substitution

Virtual Substitution into Comparisons

Virtually substitute (a+ b√ c)/d into a comparison p ∼ 0:

(p ∼ 0)(a+b√

c)/d

¯

x

≡ (p(a+b√

c)/d

¯

x

∼ 0)

√

c-comparisons d = 0∧ c ≥ 0 (a+ 0√

c)/d = 0 ≡ a = 0

(a+ 0√

c)/d ≤ 0 ≡ ad ≤ 0

(a+ 0√

c)/d < 0 ≡ ad < 0

(a+ b√

c)/d = 0 ≡ ab ≤ 0∧ a2 − b2c = 0

(a+ b√

c)/d ≤ 0 ≡ ad ≤ 0∧ a2 − b2c ≥ 0∨ bd ≤ 0∧ a2 − b2c ≤ 0

(a+ b√

c)/d < 0 ≡ ad < 0∧ a2 − b2c > 0

∨ bd ≤ 0∧(ad < 0∨ a2 − b2c < 0)

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 19 / 24

Virtual √· Substitution

Virtual Substitution into Comparisons

Virtually substitute (a+ b√ c)/d into a comparison p ∼ 0:

(p ∼ 0)(a+b√

c)/d

¯

x

≡ (p(a+b√

c)/d

¯

x

∼ 0)

accordingly for ∧,∨,...

√

c-comparisons d = 0∧ c ≥ 0 (a+ 0√

c)/d = 0 ≡ a = 0

(a+ 0√

c)/d ≤ 0 ≡ ad ≤ 0

(a+ 0√

c)/d < 0 ≡ ad < 0

(a+ b√

c)/d = 0 ≡ ab ≤ 0∧ a2 − b2c = 0

(a+ b√

c)/d ≤ 0 ≡ ad ≤ 0∧ a2 − b2c ≥ 0∨ bd ≤ 0∧ a2 − b2c ≤ 0

(a+ b√

c)/d < 0 ≡ ad < 0∧ a2 − b2c > 0

∨ bd ≤ 0∧(ad < 0∨ a2 − b2c < 0)

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 19 / 24

Quadratic Virtual Substitution

Theorem (Virtual Substitution: Quadratic Equation x ∈ a,b,c)

a = 0∨ b = 0∨ c = 0 →

• ∃x (ax2 + bx + c = 0∧ F) ↔

a = 0∧ b = 0∧ F −c/b

¯

x

∨ a = 0∧ b2 − 4ac ≥ 0∧

• F (−b+

√

b2−4ac)/(2a)

¯

x

∨ F (−b−

√

b2−4ac)/(2a)

¯

x

• Lemma (Virtual Substitution Lemma for √·)

F (a+b√

c)/d x

≡ F (a+b√

c)/d

¯

x

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 20 / 24

Quadratic Virtual Substitution

Theorem (Virtual Substitution: Quadratic Equation x ∈ a,b,c)

a = 0∨ b = 0∨ c = 0 →

• ∃x (ax2 + bx + c = 0∧ F) ↔

a = 0∧ b = 0∧ F −c/b

¯

x

∨ a = 0∧ b2 − 4ac ≥ 0∧

• F (−b+

√

b2−4ac)/(2a)

¯

x

∨ F (−b−

√

b2−4ac)/(2a)

¯

x

• Lemma (Virtual Substitution Lemma for √·)

Extended logic F (a+b√

c)/d x

≡ F (a+b√

c)/d

¯

x

FOLR

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 20 / 24

Quadratic Virtual Substitution

Theorem (Virtual Substitution: Quadratic Equation x ∈ a,b,c)

a = 0∨ b = 0∨ c = 0 →

• ∃x (ax2 + bx + c = 0∧ F) ↔

a = 0∧ b = 0∧ F −c/b

¯

x

∨ a = 0∧ b2 − 4ac ≥ 0∧

• F (−b+

√

b2−4ac)/(2a)

¯

x

∨ F (−b−

√

b2−4ac)/(2a)

¯

x

• Lemma (Virtual Substitution Lemma for √·)

Extended logic F (a+b√

c)/d x

≡ F (a+b√

c)/d

¯

x

FOLR

ωr

x ∈ [

[F] ] iff ω ∈ [ [F (a+b√

c)/d

¯

x

] ] where r = (ω[ [a] ]+ω[ [b] ]

• ω[

[c] ])/(ω[ [d] ]) ∈ R

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 20 / 24

Example: Quadratic Curiosity

a = 0 → (∃x (ax2 + bx + c = 0∧ ax2 + bx + c ≤ 0) ↔ b2 − 4ac ≥ 0∧ true) (ax2 + bx + c)

(−b+ √ b2−4ac)/(2a) ¯ x

=a((−b +

• b2 − 4ac)/(2a))2 + b((−b +
• b2 − 4ac)/(2a))+ c

=a((b2+b2−4ac +(−b−b)

• b2−4ac)/(4a2))+(−b2 + b
• b2−4ac)/(2a)+ c

=(ab2+ab2−4a2c +(−ab−ab)

• b2−4ac)/(4a2)+(−b2+2ac + b
• b2−4ac)/(2a)

=((ab2+ab2−4a2c)2a+(−b2+2ac)4a2 +((−ab−ab)2a+b4a2)

• b2−4ac)/(8a3)

=(2a2b2+2a2b2−8a3c−4a2b2+8a3c +(−2a2b−2a2b+4a2b)

• b2−4ac)/(8a3)

=(0+ 0

• b2 − 4ac)/(8a3) = (0+ 0√..)/1 = 0

(ax2+bx+c = 0)

(−b+ √

b2−4ac)/(2a)

¯

x

≡ ((0+ 0√..)/1 = 0) ≡ (0·1 = 0) ≡ true (ax2+bx+c ≤ 0)

(−b+ √

b2−4ac)/(2a)

¯

x

≡ ((0+ 0√..)/1

• ≤ 0) ≡ (0·1 ≤ 0) ≡ true

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 21 / 24

Example: Nonnegative Roots of Quadratic Polynomials

a = 0 →

• ∃x (ax2 + bx + c = 0∧ x ≥ 0)

↔ b2 − 4ac ≥ 0∧(2ba ≤ 0∧ 4ac ≥ 0∨−2a ≤ 0∧ 4ac ≤ 0 ∨2ba ≤ 0∧ 4ac ≥ 0∨ 2a ≤ 0∧ 4ac ≤ 0)

• −(−b +
• b2−4ac)/(2a) = ((−1+ 0
• b2−4ac)/1)·((−b +
• b2−4ac)/(2a)

= (b −

• b2−4ac)/(2a)

(−x ≤ 0)(b−

√

b2−4ac)/(2a)

¯

x

≡ b2a≤0∧ b2−(−1)2(b2−4ac)≥0∨−1· 2a≤0∧ b2−(−1)2(b2−4ac)≤0 ≡ 2ba ≤ 0∧ 4ac ≥ 0∨−2a ≤ 0∧ 4ac ≤ 0 (−x ≤ 0)(b+

√

b2−4ac)/(2a)

¯

x

≡ b2a ≤ 0∧ b2 − 12(b2 − 4ac) ≥ 0∨ 1· 2a ≤ 0∧ b2 − 12(b2 − 4ac) ≤ 0 ≡ 2ba ≤ 0∧ 4ac ≥ 0∨ 2a ≤ 0∧ 4ac ≤ 0

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 22 / 24

Outline

1

Learning Objectives

2

Framing the Miracle

3

Quantifier Elimination Homomorphic Normalization for QE Term Substitutions for Linear Equations

4

Square Root √· Virtual Substitution for Quadratics Square Root Algebra Virtual Substitutions of Square Roots Example

5

Summary

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 22 / 24

√· Square Root Algebra

Virtual Substitution of (a+ b√ c)/d into Comparisons (p ∼ 0)(a+b√

c)/d

¯

x

≡ (p(a+b√

c)/d

¯

x

∼ 0)

accordingly for ∧,∨,...

√

c-algebra d = 0∧ c ≥ 0 ((a+ b√

c)/d)+((a′ + b′√ c)/d′) = ((ad′ + da′)+(bd′ + db′)√ c)/(dd′)

((a+ b√

c)/d)·((a′ + b′√ c)/d′) = ((aa′ + bb′c)+(ab′ + ba′)√ c)/(dd′)

√

c-comparisons d = 0∧ c ≥ 0 (a+ b√

c)/d = 0 ≡ ab ≤ 0∧ a2 − b2c = 0

(a+ b√

c)/d ≤ 0 ≡ ad ≤ 0∧ a2 − b2c ≥ 0∨ bd ≤ 0∧ a2 − b2c ≤ 0

(a+ b√

c)/d < 0 ≡ ad < 0∧ a2 − b2c > 0

∨bd ≤ 0∧(ad < 0∨ a2 − b2c < 0)

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 23 / 24

Quadratic Virtual Substitution

Theorem (Virtual Substitution: Quadratic Equation x ∈ a,b,c)

a = 0∨ b = 0∨ c = 0 →

• ∃x (ax2 + bx + c = 0∧ F) ↔

a = 0∧ b = 0∧ F −c/b

¯

x

∨ a = 0∧ b2 − 4ac ≥ 0∧

• F (−b+

√

b2−4ac)/(2a)

¯

x

∨ F (−b−

√

b2−4ac)/(2a)

¯

x

• Lemma (Virtual Substitution Lemma for √·)

Extended logic F (a+b√

c)/d x

≡ F (a+b√

c)/d

¯

x

FOLR

ωr

x ∈ [

[F] ] iff ω ∈ [ [F (a+b√

c)/d

¯

x

] ] where r = (ω[ [a] ]+ω[ [b] ]

• ω[

[c] ])/(ω[ [d] ]) ∈ R

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 24 / 24

André Platzer. Logical Foundations of Cyber-Physical Systems. Springer, Switzerland, 2018. URL: http://www.springer.com/978-3-319-63587-3,

doi:10.1007/978-3-319-63588-0.

Volker Weispfenning. Quantifier elimination for real algebra — the quadratic case and beyond.

• Appl. Algebra Eng. Commun. Comput., 8(2):85–101, 1997.

doi:10.1007/s002000050055.

André Platzer. Logical Analysis of Hybrid Systems: Proving Theorems for Complex Dynamics. Springer, Heidelberg, 2010.

doi:10.1007/978-3-642-14509-4.

Jacek Bochnak, Michel Coste, and Marie-Francoise Roy. Real Algebraic Geometry, volume 36 of Ergeb. Math. Grenzgeb. Springer, Berlin, 1998.

doi:10.1007/978-3-662-03718-8.

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 24 / 24

Saugata Basu, Richard Pollack, and Marie-Françoise Roy. Algorithms in Real Algebraic Geometry. Springer, Berlin, 2nd edition, 2006.

doi:10.1007/3-540-33099-2.

Alfred Tarski. A Decision Method for Elementary Algebra and Geometry. University of California Press, Berkeley, 2nd edition, 1951.

doi:10.1007/978-3-7091-9459-1_3.

George E. Collins. Quantifier elimination for real closed fields by cylindrical algebraic decomposition. In H. Barkhage, editor, Automata Theory and Formal Languages, volume 33 of LNCS, pages 134–183, Berlin, 1975. Springer.

doi:10.1007/3-540-07407-4_17.

André Platzer (CMU) LFCPS/20: Virtual Substitution & Real Equations LFCPS/20 24 / 24