nlverify
play

NLVerify Verification of Polynomial Inequalities using Formal - PowerPoint PPT Presentation

Jul 19, 2023 •214 likes •1.36k views

NLVerify Verification of Polynomial Inequalities using Formal Floating-point Arithmetic Victor Magron (CNRS VERIMAG) Joint work with Tillmann Weisser and Benjamin Werner INRIA Spades Seminar October 27, 2015 V. Magron NLVerify 1 / 22

  1. Example: Find SOS-decomposition for 0 ≤ x , y ≤ 1 ∧ x 2 ≤ y ⇒ y − 2 x + 1 ≥ 0! We restrict ourselves to representations of degree ≤ 2. Write � � z 1 � � 1 � z 2 Y − 2 X + 1 = � 1 X z 2 z 3 X � · X � � � � � + 1 z 7 1 � · ( 1 − X ) + � � � � � 1 z 8 1 � · Y + � � � � � 1 z 9 1 � · ( 1 − Y ) � � � � � + 1 z 10 1 � · ( Y − X 2 ) � � � � � + 1 z 11 1 V. Magron NLVerify 9 / 22

  2. Example: Find SOS-decomposition for 0 ≤ x , y ≤ 1 ∧ x 2 ≤ y ⇒ y − 2 x + 1 ≥ 0! We restrict ourselves to representations of degree ≤ 2. Write � � z 1 � � 1 � z 2 Y − 2 X + 1 = � 1 X z 2 z 3 X � · X � � � � � + 1 z 7 1 � · ( 1 − X ) + � � � � � 1 z 8 1 � · Y + � � � � � 1 z 9 1 � · ( 1 − Y ) � � � � � + 1 z 10 1 � · ( Y − X 2 ) � � � � � + 1 z 11 1 V. Magron NLVerify 9 / 22

  3. Example: Find SOS-decomposition for 0 ≤ x , y ≤ 1 ∧ x 2 ≤ y ⇒ y − 2 x + 1 ≥ 0! We restrict ourselves to representations of degree ≤ 2. Write � � 1 − z 8 − z 10 � � 1 � z 2 Y − 2 X + 1 = � 1 X z 2 z 3 X � · X � � � � � + 1 z 7 1 � · ( 1 − X ) + � � � � � 1 z 8 1 � · Y + � � � � � 1 z 9 1 � · ( 1 − Y ) � � � � � + 1 z 10 1 � · ( Y − X 2 ) � � � � � + 1 z 11 1 V. Magron NLVerify 9 / 22

  4. Example: Find SOS-decomposition for 0 ≤ x , y ≤ 1 ∧ x 2 ≤ y ⇒ y − 2 x + 1 ≥ 0! We restrict ourselves to representations of degree ≤ 2. Write � � 1 − z 8 − z 10 � � 1 � z 2 Y − 2 X + 1 = � 1 X z 2 z 3 X � · X � � � � � + 1 z 7 1 � · ( 1 − X ) + � � � � � 1 z 8 1 � · Y + � � � � � 1 z 9 1 � · ( 1 − Y ) � � � � � + 1 z 10 1 � · ( Y − X 2 ) � � � � � + 1 z 11 1 V. Magron NLVerify 9 / 22

  5. Example: Find SOS-decomposition for 0 ≤ x , y ≤ 1 ∧ x 2 ≤ y ⇒ y − 2 x + 1 ≥ 0! We restrict ourselves to representations of degree ≤ 2. Write � � 1 � � 1 − z 8 − z 10 ( z 8 − z 7 − 2 ) /2 � Y − 2 X + 1 = � 1 X ( z 8 − z 7 − 2 ) /2 z 3 X � · X � � � � � + 1 z 7 1 � · ( 1 − X ) + � � � � � 1 z 8 1 � · Y + � � � � � 1 z 9 1 � · ( 1 − Y ) � � � � � + 1 z 10 1 � · ( Y − X 2 ) � � � � � + 1 z 11 1 V. Magron NLVerify 9 / 22

  6. Example: Find SOS-decomposition for 0 ≤ x , y ≤ 1 ∧ x 2 ≤ y ⇒ y − 2 x + 1 ≥ 0! We restrict ourselves to representations of degree ≤ 2. Write � � 1 � � 1 − z 8 − z 10 ( z 8 − z 7 − 2 ) /2 � Y − 2 X + 1 = � 1 X ( z 8 − z 7 − 2 ) /2 z 3 X � · X � � � � � + 1 z 7 1 � · ( 1 − X ) + � � � � � 1 z 8 1 � · Y + � � � � � 1 z 9 1 � · ( 1 − Y ) � � � � � + 1 z 10 1 � · ( Y − X 2 ) � � � � � + 1 z 11 1 V. Magron NLVerify 9 / 22

  7. Example: Find SOS-decomposition for 0 ≤ x , y ≤ 1 ∧ x 2 ≤ y ⇒ y − 2 x + 1 ≥ 0! We restrict ourselves to representations of degree ≤ 2. Write � � 1 � � 1 − z 8 − z 10 ( z 8 − z 7 − 2 ) /2 � Y − 2 X + 1 = � 1 X ( z 8 − z 7 − 2 ) /2 z 3 X � · X � � � � � + 1 z 7 1 � · ( 1 − X ) + � � � � � 1 z 8 1 � · Y + � � � � � 1 z 9 1 � · ( 1 − Y ) � � � � � + 1 z 10 1 � · ( Y − X 2 ) � � � � � + z 10 − z 9 + 1 1 1 V. Magron NLVerify 9 / 22

  8. Example: Find SOS-decomposition for 0 ≤ x , y ≤ 1 ∧ x 2 ≤ y ⇒ y − 2 x + 1 ≥ 0! We restrict ourselves to representations of degree ≤ 2. Write � � 1 � � 1 − z 8 − z 10 ( z 8 − z 7 − 2 ) /2 � Y − 2 X + 1 = � 1 X ( z 8 − z 7 − 2 ) /2 z 3 X � · X � � � � � + 1 z 7 1 � · ( 1 − X ) + � � � � � 1 z 8 1 � · Y + � � � � � 1 z 9 1 � · ( 1 − Y ) � � � � � + 1 z 10 1 � · ( Y − X 2 ) � � � � � + z 10 − z 9 + 1 1 1 V. Magron NLVerify 9 / 22

  9. Example: Find SOS-decomposition for 0 ≤ x , y ≤ 1 ∧ x 2 ≤ y ⇒ y − 2 x + 1 ≥ 0! We restrict ourselves to representations of degree ≤ 2. Write � � 1 � � 1 − z 8 − z 10 ( z 8 − z 7 − 2 ) /2 � Y − 2 X + 1 = � 1 X ( z 8 − z 7 − 2 ) /2 z 10 − z 9 + 1 X � · X � � � � � + 1 z 7 1 � · ( 1 − X ) + � � � � � 1 z 8 1 � · Y + � � � � � 1 z 9 1 � · ( 1 − Y ) � � � � � + 1 z 10 1 � · ( Y − X 2 ) � � � � � + z 10 − z 9 + 1 1 1 V. Magron NLVerify 9 / 22

  10. Example: Find SOS-decomposition for 0 ≤ x , y ≤ 1 ∧ x 2 ≤ y ⇒ y − 2 x + 1 ≥ 0! We restrict ourselves to representations of degree ≤ 2. Write � � 1 � � 1 − z 8 − z 10 ( z 8 − z 7 − 2 ) /2 � Y − 2 X + 1 = � 1 X ( z 8 − z 7 − 2 ) /2 z 10 − z 9 + 1 X � · X � � � � � + 1 z 7 1 � · ( 1 − X ) + � � � � � 1 z 8 1 � · Y + � � � � � 1 z 9 1 � · ( 1 − Y ) � � � � � + 1 z 10 1 � · ( Y − X 2 ) � � � � � + z 10 − z 9 + 1 1 1 Find z 7 , z 8 , z 9 , z 10 ≥ 0 such that � 1 − z 8 − z 10 ( z 8 − z 7 − 2 ) /2 � � 0. ( z 8 − z 7 − 2 ) /2 z 10 − z 9 + 1 V. Magron NLVerify 9 / 22

  11. Example: Find SOS-decomposition for 0 ≤ x , y ≤ 1 ∧ x 2 ≤ y ⇒ y − 2 x + 1 ≥ 0! Find z 7 , z 8 , z 9 , z 10 ≥ 0 such that � 1 − z 8 − z 10 ( z 8 − z 7 − 2 ) /2 � � 0. ( z 8 − z 7 − 2 ) /2 z 10 − z 9 + 1 e. g. z 7 = z 8 = z 9 = z 10 = 0. V. Magron NLVerify 9 / 22

  12. Example: Find SOS-decomposition for 0 ≤ x , y ≤ 1 ∧ x 2 ≤ y ⇒ y − 2 x + 1 ≥ 0! Find z 7 , z 8 , z 9 , z 10 ≥ 0 such that � 1 − z 8 − z 10 ( z 8 − z 7 − 2 ) /2 � � 0. ( z 8 − z 7 − 2 ) /2 z 10 − z 9 + 1 e. g. z 7 = z 8 = z 9 = z 10 = 0. Substituting the solution: Y − 2 X + 1 = � � 1 � · ( Y − X 2 ) � � − 1 � 1 � � 1 X + 1 − 1 1 X V. Magron NLVerify 9 / 22

  13. Example: Find SOS-decomposition for 0 ≤ x , y ≤ 1 ∧ x 2 ≤ y ⇒ y − 2 x + 1 ≥ 0! Find z 7 , z 8 , z 9 , z 10 ≥ 0 such that � 1 − z 8 − z 10 ( z 8 − z 7 − 2 ) /2 � � 0. ( z 8 − z 7 − 2 ) /2 z 10 − z 9 + 1 e. g. z 7 = z 8 = z 9 = z 10 = 0. Substituting the solution: Y − 2 X + 1 = � � 1 �� � 1 � · ( Y − X 2 ) � �� − 1 � 1 0 � � 1 X + 1 − 1 0 0 0 X V. Magron NLVerify 9 / 22

  14. Example: Find SOS-decomposition for 0 ≤ x , y ≤ 1 ∧ x 2 ≤ y ⇒ y − 2 x + 1 ≥ 0! Find z 7 , z 8 , z 9 , z 10 ≥ 0 such that � 1 − z 8 − z 10 ( z 8 − z 7 − 2 ) /2 � � 0. ( z 8 − z 7 − 2 ) /2 z 10 − z 9 + 1 e. g. z 7 = z 8 = z 9 = z 10 = 0. Substituting the solution: Y − 2 X + 1 = � � 1 � · ( Y − X 2 ) �� � � �� �� �� 1 � 1 X 1 − 1 + 1 − 1 X V. Magron NLVerify 9 / 22

  15. Example: SOS-decomposition: Y − 2 X + 1 = ( 1 − X ) 2 + Y − X 2 � � Find z 7 , z 8 , z 9 , z 10 ≥ 0 such that � 1 − z 8 − z 10 ( z 8 − z 7 − 2 ) /2 � � 0. ( z 8 − z 7 − 2 ) /2 z 10 − z 9 + 1 e. g. z 7 = z 8 = z 9 = z 10 = 0. Substituting the solution: Y − 2 X + 1 = � � 1 � · ( Y − X 2 ) �� � � �� �� �� 1 � 1 X 1 − 1 + 1 − 1 X V. Magron NLVerify 9 / 22

  16. Example: SOS-decomposition: Y − 2 X + 1 = ( 1 − X ) 2 + Y − X 2 � � sdp solvers only find approximate certificates: 2.00014 ( 0.707263 X + 0.000078 Y − 0.70695 ) 2 Y − 2 X + 1 ≃ 0.000332 ( − 0.408035 X + 0.816664 Y − 0.408126 ) 2 + 0.000284 Y + 0.000116 ( 1 − Y ) + 1.00034 ( Y − X 2 ) + V. Magron NLVerify 9 / 22

  17. Example: SOS-decomposition: Y − 2 X + 1 = ( 1 − X ) 2 + Y − X 2 � � sdp solvers only find approximate certificates: 2.00014 ( 0.707263 X + 0.000078 Y − 0.70695 ) 2 Y − 2 X + 1 ≃ 0.000332 ( − 0.408035 X + 0.816664 Y − 0.408126 ) 2 + 0.000284 Y + 0.000116 ( 1 − Y ) + 1.00034 ( Y − X 2 ) + Exact error polynomial 0.000232209 X 2 − 5.81334 × 10 − 7 XY − 0.0000297356 X ε : = 0.000221436 Y 2 + 0.0000621035 Y − 0.000201126 + V. Magron NLVerify 9 / 22

  18. Example: SOS-decomposition: Y − 2 X + 1 = ( 1 − X ) 2 + Y − X 2 � � sdp solvers only find approximate certificates: 2.00014 ( 0.707263 X + 0.000078 Y − 0.70695 ) 2 Y − 2 X + 1 ≃ 0.000332 ( − 0.408035 X + 0.816664 Y − 0.408126 ) 2 + 0.000284 Y + 0.000116 ( 1 − Y ) + 1.00034 ( Y − X 2 ) + Exact error polynomial 0.000232209 X 2 − 5.81334 × 10 − 7 XY − 0.0000297356 X ε : = 0.000221436 Y 2 + 0.0000621035 Y − 0.000201126 + How can we employ such numerical certificates for formal verification? V. Magron NLVerify 9 / 22

  19. Introduction The Oracle Framework Interval Methods Coq Implementation Benchmarks Future Work

  20. How to use numerical certificates in C OQ ? tactic strategy 0.000232209 X 2 − 5.81334 × 10 − 7 XY − 0.0000297356 X ε : = 0.000221436 Y 2 + 0.0000621035 Y − 0.000201126 + V. Magron NLVerify 10 / 22

  21. How to use numerical certificates in C OQ ? tactic strategy Micromega uses heuristics to get an exact representation ε = 0 V. Magron NLVerify 10 / 22

  22. How to use numerical certificates in C OQ ? tactic strategy Micromega uses heuristics to get an exact representation NLCertify gives lower bound on ε by exact computations ε ∗ 0.000232209 X 2 − 5.81334 × 10 − 7 XY − 0.0000297356 X : = 0.000221436 Y 2 + 0.0000621035 Y − 0.000201126 + V. Magron NLVerify 10 / 22

  23. How to use numerical certificates in C OQ ? tactic strategy Micromega uses heuristics to get an exact representation NLCertify gives lower bound on ε by exact computations NLVerify use interval arithmetics to bound ε ε ∗ : = enclosure of ε V. Magron NLVerify 10 / 22

  24. General Framework Consider n -variate polynomials f , g 0 , . . . , g m ∈ Q [ X ] and a compact set K pop : = { x ∈ R n | g 0 ( x ) ≥ 0, . . . , g m ( x ) ≥ 0 } . V. Magron NLVerify 11 / 22

  25. General Framework Consider n -variate polynomials f , g 0 , . . . , g m ∈ Q [ X ] and a compact set K pop : = { x ∈ R n | g 0 ( x ) ≥ 0, . . . , g m ( x ) ≥ 0 }⊆ K box , where K box = [ a , b ] , with a , b ∈ Q n (plus assumption on the g j ). We are interested in the fact of f being non negative on K pop , i. e. ∀ x ∈ K pop : f ( x ) ≥ 0. V. Magron NLVerify 11 / 22

  26. General Framework Consider n -variate polynomials f , g 0 , . . . , g m ∈ Q [ X ] and a compact set K pop : = { x ∈ R n | g 0 ( x ) ≥ 0, . . . , g m ( x ) ≥ 0 } ⊆ K box , where K box = [ a , b ] , with a , b ∈ Q n (plus assumption on the g j ). We are interested in the fact of f being non negative on K pop , i. e. ∀ x ∈ K pop : f ( x ) ≥ 0. Number formats R axiomatic V. Magron NLVerify 11 / 22

  27. General Framework Consider n -variate polynomials f , g 0 , . . . , g m ∈ Q [ X ] and a compact set K pop : = { x ∈ R n | g 0 ( x ) ≥ 0, . . . , g m ( x ) ≥ 0 } ⊆ K box , where K box = [ a , b ] , with a , b ∈ Q n (plus assumption on the g j ). We are interested in the fact of f being non negative on K pop , i. e. ∀ x ∈ K pop : f ( x ) ≥ 0. Number formats R axiomatic Q exact, slow V. Magron NLVerify 11 / 22

  28. General Framework Consider n -variate polynomials f , g 0 , . . . , g m ∈ Q [ X ] and a compact set K pop : = { x ∈ R n | g 0 ( x ) ≥ 0, . . . , g m ( x ) ≥ 0 } ⊆ K box , where K box = [ a , b ] , with a , b ∈ Q n (plus assumption on the g j ). We are interested in the fact of f being non negative on K pop , i. e. ∀ x ∈ K pop : f ( x ) ≥ 0. Number formats R axiomatic Q exact, slow fast, certified inside C OQ (F LOCQ , Boldo/Melquiond), rounding errors F V. Magron NLVerify 11 / 22

  29. General Framework Consider n -variate polynomials f , g 0 , . . . , g m ∈ Q [ X ] and a compact set K pop : = { x ∈ R n | g 0 ( x ) ≥ 0, . . . , g m ( x ) ≥ 0 } ⊆ K box , where K box = [ a , b ] , with a , b ∈ Q n (plus assumption on the g j ). We are interested in the fact of f being non negative on K pop , i. e. ∀ x ∈ K pop : f ( x ) ≥ 0. Number formats R axiomatic Q exact, slow fast, certified inside C OQ (F LOCQ , Boldo/Melquiond), rounding errors F to keep track of rounding errors I V. Magron NLVerify 11 / 22

  30. Introduction The Oracle Framework Interval Methods Coq Implementation Benchmarks Future Work

  31. Notations Floating point numbers F ( p ) : = F r , p with radix r and precision p . V. Magron NLVerify 12 / 22

  32. Notations Floating point numbers F ( p ) : = F r , p with radix r and precision p . We are using one precision for all operations. In this talk r = 10, in the implementation r = 2. V. Magron NLVerify 12 / 22

  33. Notations Floating point numbers F ( p ) : = F r , p with radix r and precision p . We are using one precision for all operations. In this talk r = 10, in the implementation r = 2. Intervals I p : = I r , p with floating point bounds F p . V. Magron NLVerify 12 / 22

  34. Notations Floating point numbers F ( p ) : = F r , p with radix r and precision p . We are using one precision for all operations. In this talk r = 10, in the implementation r = 2. Intervals I p : = I r , p with floating point bounds F p . We map rationals to intervals via the enclosure � � Q → I p , [ a ] p : = max x ∈ F p { x | x ≤ a } , min x ∈ F p { x | x ≥ a } . V. Magron NLVerify 12 / 22

  35. Notations Floating point numbers F ( p ) : = F r , p with radix r and precision p . We are using one precision for all operations. In this talk r = 10, in the implementation r = 2. Intervals I p : = I r , p with floating point bounds F p . We map rationals to intervals via the enclosure � � Q → I p , [ a ] p : = max x ∈ F p { x | x ≤ a } , min x ∈ F p { x | x ≥ a } . Attention! Interval arithmetic does not carry any ring structure. The enclosure does not commute with the operations in Q . In general: [ a + b ] p � [ a ] p + [ b ] p . V. Magron NLVerify 12 / 22

  36. Two applications of intervals on polynomials Replace coefficients by intervals to speed up computation. Replace variables by intervals to obtain bounds on the function. V. Magron NLVerify 13 / 22

  37. Two applications of intervals on polynomials Replace coefficients by intervals to speed up computation. Replace variables by intervals to obtain bounds on the function. V. Magron NLVerify 13 / 22

  38. Two applications of intervals on polynomials Replace coefficients by intervals to speed up computation. Coefficient Enclosure Building a coefficient enclosure of a polynomial f ∈ Q [ X ] is done by mapping its coefficients to the corresponding intervals via [ • ] p . If f = ∑ α f α X α , its coefficient enclosure is the set of polynomials � � [ f α ] p X α : = f α X α | ˆ [ f ] p = ∑ ˆ ∑ f α ∈ [ f α ] p α α V. Magron NLVerify 13 / 22

  39. Two applications of intervals on polynomials Replace coefficients by intervals to speed up computation. Coefficient Enclosure Building a coefficient enclosure of a polynomial f ∈ Q [ X ] is done by mapping its coefficients to the corresponding intervals via [ • ] p . If f = ∑ α f α X α , its coefficient enclosure is the set of polynomials � � [ f α ] p X α : = f α X α | ˆ [ f ] p = ∑ ˆ ∑ f α ∈ [ f α ] p α α Keep in mind! The coefficient enclosure depends on the representation of f . V. Magron NLVerify 13 / 22

  40. Two applications of intervals on polynomials Replace coefficients by intervals to speed up computation. Coefficient Enclosure 1 3 X − 1 : = 3 X = 0 f [ f ] 2 = [ 0.33, 0.34 ] X − [ 0.33, 0.34 ] X [ 0 ] 2 = [ 0, 0 ] V. Magron NLVerify 13 / 22

  41. Two applications of intervals on polynomials Replace variables by intervals to obtain bounds on the function. Variable Enclosure The variable enclosure | f | B of a polynomial f with respect to a hyper box B = ( I 1 · · · , I n ) ⊆ I n p is built by replacing every variable X i by the corresponding interval I i . If f = ∑ α f α X α , its variable enclosure is f α B α ⊆ I p | f | B = ∑ α V. Magron NLVerify 13 / 22

  42. Two applications of intervals on polynomials Replace variables by intervals to obtain bounds on the function. Variable Enclosure The variable enclosure | f | B of a polynomial f with respect to a hyper box B = ( I 1 · · · , I n ) ⊆ I n p is built by replacing every variable X i by the corresponding interval I i . If f = ∑ α f α X α , its variable enclosure is f α B α ⊆ I p | f | B = ∑ α Of course: The variable enclosure depends on the representation of f . V. Magron NLVerify 13 / 22

  43. Two applications of intervals on polynomials Replace variables by intervals to obtain bounds on the function. Variable Enclosure Let B = [ − 1, 1 ] × [ 0, 1 ] × [ 0, 1 ] . Then X ( Y − Z ) = XY − YZ | X ( Y − Z ) | B = [ − 1, 1 ][ − 1, 1 ] = [ − 1, 1 ] | XY − XZ | B = [ − 1, 1 ] − [ − 1, 1 ] = [ − 2, 2 ] V. Magron NLVerify 13 / 22

  44. Two applications of intervals on polynomials C OEFFICIENT E NCLOSURE V ARIABLE E NCLOSURE We are combining both methods and SOS-certification. V. Magron NLVerify 13 / 22

  45. Introduction The Oracle Framework Interval Methods Coq Implementation Benchmarks Future Work

  46. Coq Implementation Theorem: � � � [ f ] p ⊆ [ ℓ , ∞ ) ⇒ f ≥ ℓ on K box . � � � K box V. Magron NLVerify 14 / 22

  47. Coq Implementation Theorem: � � � [ f ] p ⊆ [ ℓ , ∞ ) ⇒ f ≥ ℓ on K box . � � � K box C OQ Version: Lemma toPolI_ok p box pt : pt ∈ box → eval pt p ∈ Vencl box (toPolI p). V. Magron NLVerify 14 / 22

  48. Lemma toPolI_ok p box pt : pt ∈ box → eval pt p ∈ Vencl box (toPolI p). V. Magron NLVerify 15 / 22

  49. Lemma toPolI_ok p box pt : pt ∈ box → eval pt p ∈ Vencl box (toPolI p). eval PQ R ∈ toPolI Vencl PolI I V. Magron NLVerify 15 / 22

  50. Lemma toPolI_ok p box pt : pt ∈ box → eval pt p ∈ Vencl box (toPolI p). Inductive PQ := : Q → PQ | PEc eval PQ R | PEx : positive → PQ | PEadd: PQ -> PQ → PQ ∈ toPolI | PEsub: PQ -> PQ → PQ Vencl PolI I | ... . V. Magron NLVerify 15 / 22

  51. Lemma toPolI_ok p box pt : pt ∈ box → eval pt p ∈ Vencl box (toPolI p). Inductive PQ := : Q → PQ | PEc eval PQ R | PEx : positive → PQ | PEadd: PQ -> PQ → PQ ∈ toPolI | PEsub: PQ -> PQ → PQ Vencl PolI I | ... . Inductive PolI := : I → PolI | IPc | IPinj: positive → PolI → PolI : PolI → positive → PolI → PolI. | IPX V. Magron NLVerify 15 / 22

  52. Lemma toPolI_ok p box pt : pt ∈ box → eval pt p ∈ Vencl box (toPolI p). Inductive PQ := : Q → PQ | PEc eval PQ R | PEx : positive → PQ | PEadd: PQ -> PQ → PQ ∈ toPolI | PEsub: PQ -> PQ → PQ Vencl PolI I | ... . Inductive PolI := : I → PolI | IPc | IPinj: positive → PolI → PolI : PolI → positive → PolI → PolI. | IPX V. Magron NLVerify 15 / 22

  53. Lemma toPolI_ok p box pt : pt ∈ box → eval pt p ∈ Vencl box (toPolI p). Inductive PQ := Proof: : Q → PQ | PEc eval PQ R | PEx : positive → PQ | PEadd: PQ -> PQ → PQ = = toPolQ | PEsub: PQ -> PQ → PQ eval PQ PolQ R | ... . ∈ toPolI Cencl Vencl I PolI Inductive PolQ := : Q → PolQ | QPc | QPinj: positive → PolQ → PolQ : PolQ → positive → PolQ → PolQ. | QPX V. Magron NLVerify 15 / 22

  54. Lemma toPolI_ok p box pt : pt ∈ box → eval pt p ∈ Vencl box (toPolI p). Inductive PQ := NLVerify: : Q → PQ | PEc eval R | PEx : positive → PQ PQ | PEadd: PQ -> PQ → PQ = = toPolQ | PEsub: PQ -> PQ → PQ eval PQ PolQ R | ... . ∈ toPolI Cencl Vencl PolI I Inductive PolQ := : Q → PolQ | QPc | QPinj: positive → PolQ → PolQ : PolQ → positive → PolQ → PolQ. | QPX V. Magron NLVerify 15 / 22

  55. Correctness lemmas for PolI For PolQ a correctness lemma looks like: Lemma QPadd_ok (p q: PolQ) pt : eval pt (p !++ q) = eval pt p + eval pt q. V. Magron NLVerify 16 / 22

  56. Correctness lemmas for PolI For PolQ a correctness lemma looks like: Lemma QPadd_ok (p q: PolQ) pt : eval pt (p !++ q) = eval pt p + eval pt q. The direct translation of this lemma to PolI is false. V. Magron NLVerify 16 / 22

  57. Correctness lemmas for PolI For PolQ a correctness lemma looks like: Lemma QPadd_ok (p q: PolQ) pt : eval pt (p !++ q) = eval pt p + eval pt q. The direct translation of this lemma to PolI is false. A PolI operation can only be correct w.r.t. the underlying PolQ expressions: Lemma Padd_coef_ok (p q: PolQ) (P Q: PolI) : p ∈ P -> q ∈ Q -> (p !++ q) ∈ (P ?++ Q). V. Magron NLVerify 16 / 22

  58. Correctness lemmas for PolI eval R PQ = = toPolQ eval PQ PolQ R ∈ toPolI Cencl Vencl PolI I V. Magron NLVerify 16 / 22

  59. Correctness lemmas for PolI eval R PQ = = toPolQ eval PQ PolQ R ∈ toPolI Cencl Vencl PolI I → Correctness lemmas V. Magron NLVerify 16 / 22

  60. Proof of Lemma eval R PQ = = toPolQ eval PQ PolQ R ∈ toPolI Cencl Vencl PolI I → Correctness lemmas V. Magron NLVerify 16 / 22

  61. Proof of Lemma eval R PQ = = toPolQ eval PQ PolQ R ∈ toPolI Cencl Vencl PolI I → Correctness lemmas → easy because of same structure V. Magron NLVerify 16 / 22

  62. Proof of Lemma eval R PQ = = toPolQ eval PQ PolQ R ∈ toPolI Cencl Vencl PolI I → Correctness lemmas → easy because of same structure V. Magron NLVerify 16 / 22

  63. Proof of Lemma eval R PQ = = toPolQ eval PQ PolQ R ∈ toPolI Cencl Vencl PolI I → Correctness lemmas → easy because of same structure → basically proved in ring V. Magron NLVerify 16 / 22

  64. Proof of Lemma eval R PQ = = toPolQ eval PQ PolQ R ∈ toPolI Cencl Vencl PolI I → Correctness lemmas → easy because of same structure → basically proved in ring V. Magron NLVerify 16 / 22

  65. Proof of Lemma eval R PQ = = toPolQ eval PQ PolQ R ∈ toPolI Cencl Vencl PolI I → Correctness lemmas → easy because of same structure → basically proved in ring → follows from the correctness of interval arithmetic V. Magron NLVerify 16 / 22

  66. Introduction The Oracle Framework Interval Methods Coq Implementation Benchmarks Future Work

  67. Speedup NLVerify (p=50) vs. NLCertify x-Axis: examples (ordered by time_nlc) y-Axis: ratio time_nlv / time_nlc V. Magron NLVerify 17 / 22

  68. Speedup NLVerify (p=50) vs. NLCertify x-Axis: examples (ordered by time_nlc) y-Axis: ratio time_nlv / time_nlc V. Magron NLVerify 17 / 22

  69. Speedup Decreasing Precision x-Axis: precision y-Axis: ratio time_formal / time_informal V. Magron NLVerify 18 / 22

  70. Speedup Decreasing Precision x-Axis: precision y-Axis: ratio time_formal / time_informal V. Magron NLVerify 18 / 22

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Querying GIS with Animated Spatial Sketches Volker Haarslev and Michael Wessel University of

Querying GIS with Animated Spatial Sketches Volker Haarslev and Michael Wessel University of

Querying GIS with Animated Spatial Sketches Volker Haarslev and Michael Wessel University of Hamburg, Germany haarslev@informatik.uni-hamburg.de http://kogs-www.informatik.uni-hamburg.de/~haarslev/ Motivation VISCO's Language Elements

424 views • 15 slides
Functional Brain Imaging, Multi-Objective Optimisation and Spatio-Temporal Data Mining Michle

Functional Brain Imaging, Multi-Objective Optimisation and Spatio-Temporal Data Mining Michle

Functional Brain Imaging, Multi-Objective Optimisation and Spatio-Temporal Data Mining Michle Sebag TAO, Universit Paris-Sud With Nicolas Tarrisson, Olivier Teytaud, Vojtech Krmicek, UPS Julien Lefevre, Sylvain Baillet, La

497 views • 38 slides
CS440/ECE448: Artificial Intelligence Lecture 1: What is AI? CS440/ECE448 Lecture 1: What is AI?

CS440/ECE448: Artificial Intelligence Lecture 1: What is AI? CS440/ECE448 Lecture 1: What is AI?

CS440/ECE448: Artificial Intelligence Lecture 1: What is AI? CS440/ECE448 Lecture 1: What is AI? 1. Administration: Overview of the Syllabus 2. A two-bit summary of the philosophy of AI 3. Thinking like a Human 4. Acting like a Human 5.

695 views • 36 slides
Optimization of Logical Queries Task: Consider the following relational schema: Emp(eid, did,

Optimization of Logical Queries Task: Consider the following relational schema: Emp(eid, did,

Optimization of Logical Queries Task: Consider the following relational schema: Emp(eid, did, sal, hobby) Dept(did, dname, floor, phone) Finance(did, budget, sales, expenses) For the following SQL statement: 1. Translate the query

917 views • 48 slides
Selective Search for Object Recognition Uijlings et al. (IJCV 2013) Some figures are from

Selective Search for Object Recognition Uijlings et al. (IJCV 2013) Some figures are from

Selective Search for Object Recognition Uijlings et al. (IJCV 2013) Some figures are from http://vision.stanford. edu/teaching/cs231b_spring1415/slides/ssearch_schuyler.pdf Object Recognition Find Object and Recognize it Contribution

391 views • 20 slides
An Antenna Array Approach for Propagation of Electromagnetic Waves Author: Antnio E. M. S.

An Antenna Array Approach for Propagation of Electromagnetic Waves Author: Antnio E. M. S.

An Antenna Array Approach for Propagation of Electromagnetic Waves Author: Antnio E. M. S. Casimiro Email: acasimi@ualg.pt Affiliation: Science and Technology Faculty-CEFAT, University of Algarve, Mailing address: Campus de Gambelas, 8000-117

357 views • 7 slides
Lecture 14: Energy Bands for Electrons in Crystals (Kittel Ch. 7) Energy Energy Gap k

Lecture 14: Energy Bands for Electrons in Crystals (Kittel Ch. 7) Energy Energy Gap k

Lecture 14: Energy Bands for Electrons in Crystals (Kittel Ch. 7) Energy Energy Gap k /a /a 0 Physics 460 F 2006 Lect 14 1 Outline Recall the solution for the free electron gas (Jellium) Simplest model for a metal Free

459 views • 20 slides
KDB 248227 802.11 SAR Procedures Update Proposal TCB Workshop October 2013 Laboratory Division

KDB 248227 802.11 SAR Procedures Update Proposal TCB Workshop October 2013 Laboratory Division

KDB 248227 802.11 SAR Procedures Update Proposal TCB Workshop October 2013 Laboratory Division Office of Engineering and Technology Federal Communications Commission Overview Current status of KDB 248227 based on 2007 802.11 a/b/g

456 views • 33 slides
Requirements for Energy Management draft-ietf-eman-requirements-08 J. Quittek, M. Chandramouli, R.

Requirements for Energy Management draft-ietf-eman-requirements-08 J. Quittek, M. Chandramouli, R.

Requirements for Energy Management draft-ietf-eman-requirements-08 J. Quittek, M. Chandramouli, R. Winter, T. Dietz, B. Claise 1 IETF 84 EMAN requirements Status Most of it already quite mature at IETF #82 w Solved open issues listed in

197 views • 5 slides
Elucidation of

Elucidation of

Elucidation of hierarchical structure between quark and hadron phases by means of quark clusters Hiroaki Ohnishi ELPH, Tohoku University

780 views • 25 slides
The Higgs Particle and the Lattice KMI 2013 Julius Kuti University of California, San Diego KMI

The Higgs Particle and the Lattice KMI 2013 Julius Kuti University of California, San Diego KMI

The Higgs Particle and the Lattice KMI 2013 Julius Kuti University of California, San Diego KMI International Symposium 2013 Nagoya, December 11-13, 2013 1 Outline Lattice BSM after the Higgs discovery Light Higgs near conformality light

628 views • 47 slides
Energy Efficiency Retrofit Financing Statistics about Community Corp.s Portfolio Currently

Energy Efficiency Retrofit Financing Statistics about Community Corp.s Portfolio Currently

Energy Efficiency Retrofit Financing Statistics about Community Corp.s Portfolio Currently own and manage 1,719 units 1,031 are acquisition/rehabs (60% of units) 688 have been newly constructed (40% of units) Newly constructed

813 views • 9 slides
Electrification: The Challenges and Opportunities for Energy Efficiency Dan York, ACEEE:

Electrification: The Challenges and Opportunities for Energy Efficiency Dan York, ACEEE:

Electrification: The Challenges and Opportunities for Energy Efficiency Dan York, ACEEE: Moderator Presenters: Kate Merson, Senior Director, E-Source Anthony Fryer, CIP Supervisor, Minnesota Dept. of Commerce Bridget French, Senior

551 views • 5 slides
Energy efficient R&D investment and Aggregate Energy Demand: Evidence from OECD Countries

Energy efficient R&D investment and Aggregate Energy Demand: Evidence from OECD Countries

Energy efficient R&D investment and Aggregate Energy Demand: Evidence from OECD Countries Amin Karimu & Runar Brnnlund The Tenth Conference on the Economics of Energy and Climate Change-September,2015 Plan of the talk Motivation

714 views • 26 slides
Physics 2D Lecture Slides Lecture 14: Feb 3 rd 2004 Vivek Sharma UCSD Physics Where are the

Physics 2D Lecture Slides Lecture 14: Feb 3 rd 2004 Vivek Sharma UCSD Physics Where are the

Brian Wecht, the TA is back! Pl. give all regrade requests to him Quiz 4 is This Friday Physics 2D Lecture Slides Lecture 14: Feb 3 rd 2004 Vivek Sharma UCSD Physics Where are the electrons inside the atom? Early Thought: Plum pudding

886 views • 13 slides
A Brief Tour of Metaplectic-c Prequantization Jennifer Vaughan jennifer.vaughan @ umanitoba.ca

A Brief Tour of Metaplectic-c Prequantization Jennifer Vaughan jennifer.vaughan @ umanitoba.ca

A Brief Tour of Metaplectic-c Prequantization Jennifer Vaughan jennifer.vaughan @ umanitoba.ca University of Manitoba CMS Winter Meeting December 9, 2019 Preliminary Definitions Let ( M 2 n , ) be a symplectic manifold. Let ( V 2 n , ) be

433 views • 14 slides
A Co-Simulation Framework for Engine Control Applications Paolo Pazzaglia, Marco Di Natale,

A Co-Simulation Framework for Engine Control Applications Paolo Pazzaglia, Marco Di Natale,

A Co-Simulation Framework for Engine Control Applications Paolo Pazzaglia, Marco Di Natale, Giorgio Buttazzo Scuola Superiore Sant Anna, Pisa paolo.pazzaglia@santannapisa.it Roma, September 8th, 2017 The Diesel engine control problem

378 views • 26 slides
Introduction to Embedded Computing Systems Davide Bertozzi davide.bertozzi@unife.it How Does a

Introduction to Embedded Computing Systems Davide Bertozzi davide.bertozzi@unife.it How Does a

Introduction to Embedded Computing Systems Davide Bertozzi davide.bertozzi@unife.it How Does a Computer Solve Problems? Orchestrating Electrons! Problems There is an abstraction gap inbetween! Electrons How Do Problems Get Solved by

3.86k views • 24 slides
Effect of baryon-antibaryon annihilation on the strangeness enhancement (baryon sector) Ekata

Effect of baryon-antibaryon annihilation on the strangeness enhancement (baryon sector) Ekata

Effect of baryon-antibaryon annihilation on the strangeness enhancement (baryon sector) Ekata Nandy Subhasis Chattopadhyay VECC,Kolkata DAE Symposium on High Energy Physics, IIT Madras, 10-14 December 2018 Outline Introduction Phases in

372 views • 25 slides
Fluctuations in laminar flow Jos e M. Ortiz de Z arate Universidad Complutense. Madrid,

Fluctuations in laminar flow Jos e M. Ortiz de Z arate Universidad Complutense. Madrid,

Fluctuations in laminar flow Jos e M. Ortiz de Z arate Universidad Complutense. Madrid, Spain IWNET2012, Rros, August 20th, 2012 In collaboration with Jan V. Sengers Hydrodynamics Balance of momentum: t ( v ) =

126 views • 11 slides
Baryonic B decays (The very recent results) B 0 + c p + B s + c

Baryonic B decays (The very recent results) B 0 + c p + B s + c

Baryonic B decays (The very recent results) B 0 + c p + B s + c B 0 D 0 B ppl B 0 p + Flavor Physics & CP Violation, Buzios, May 19-24, 2013 Marcus Ebert SLAC

709 views • 29 slides
Automatic Testing Tool for OSCAR Using System-level Virtualization Geoffroy Valle 1 , Thomas

Automatic Testing Tool for OSCAR Using System-level Virtualization Geoffroy Valle 1 , Thomas

2007 OSCAR Symposium (OSCAR07) Saskatoon, SK, Canada May 14, 2007 Automatic Testing Tool for OSCAR Using System-level Virtualization Geoffroy Valle 1 , Thomas Naughton 1 , Wesley Bland 1 2 , and Stephen L. Scott 1 1 Oak Ridge

528 views • 32 slides
DEVELOPING PROCESSING ELECTRONICS FOR BPM PROTOTYPE AT THE AWA RF PHOTO- INJECTOR

DEVELOPING PROCESSING ELECTRONICS FOR BPM PROTOTYPE AT THE AWA RF PHOTO- INJECTOR

DEVELOPING PROCESSING ELECTRONICS FOR BPM PROTOTYPE AT THE AWA RF PHOTO- INJECTOR drhgfdjhngngfmhgmghmghjmghfmf CHUAN YIN High Energy Physics Division Argonne Wakefield Accelerator facility Mentor: John Power, Jiahang Shao, Chunguang Jing

490 views • 21 slides
Recognition continued: discriminative classifiers Tues April 18 Kristen Grauman UT Austin Last

Recognition continued: discriminative classifiers Tues April 18 Kristen Grauman UT Austin Last

4/17/2017 Recognition continued: discriminative classifiers Tues April 18 Kristen Grauman UT Austin Last time Introduction to object categorization Window-based generic object detection basic pipeline boosting classifiers

672 views • 29 slides

More recommend