Thirty Years of Virtual Substitution Foundations, Techniques, - - PowerPoint PPT Presentation

Thirty Years of Virtual Substitution

Foundations, Techniques, Applications

Thomas Sturm, CNRS, France

ISSAC 2018, New York, NY, July 19, 2018

Real Quantifier Elimination (QE)

Let p ˙ = x 2 + xy + b and q ˙ = x + ay 2 + b ∈ Z[a, b, x, y] ϕ ˙ = ∀x∃y(p > 0 ∧ q ≤ 0) ϕ formally asks for a necessary and sufficient condition in terms of parameters a, b. [One possible] solution is a < 0 ∧ b > 0 Syntax The language of ordered rings specifies admissible symbols: L = {0, 1, +, −, ·, =, ≤, <, ≥, >, =}. Semantics All constants, functions, and relations have their usual interpretation over R

• r over any real closed field, e.g., the (countable) field of all real algebraic numbers.

www.thomas-sturm.de 2/30

We start with linear real QE

An L formula ϕ is linear when there are no products of quantified variables. For example ∀x∃y(a2bx + aby > 0 ∧ a3x + aby < 0) For our first result we are going to use an extended language L′ = L ∪ {inv}. inv is a totalization of the multiplicative inverse: inv(x) =

• x −1

for x = 0 for x = 0. Initial Input is typically a linear L-formula ϕ. Output will be an equivalent quantifier-free L′-formula ϕ′. ϕ′ can be translated into an L-formula by rewriting, e.g, s inv(t) + u > 0 (t = 0 ∧ u > 0) ∨ (t = 0 ∧ st + ut2 > 0).

www.thomas-sturm.de 3/30

Theorem (Linear real QE; Weispfenning, JSC 1988)

Let ψ be a quantifier-free L′-formula linear in x1, . . . , xn with atoms Ψ = { ajx1 + bj ̺j 0 | j ∈ J }, where J finite index set, aj, bj L′-terms not containing x1, and ̺j L′-relations. Sk(x1, Ψ) := −bj inv(aj) ± 1, −bj inv(2aj) − bk inv(2ak)

• j, k ∈ J

(i) Fix real interpretation ι for all variables except x1. Then R, ι | = ∀x1

• t∈Sk(x1,Ψ)
• ψ∈Ψ
• ψ ←

→ ψ[x1/t] , "Sk(x1, Ψ) is a Skolem set" (ii) This allows QE of Q1x1 from Qnxn . . . Q1x1ψ: R | = ∃x1ψ ← →

• t∈Sk(x1,Ψ)

ψ[x1/t], R | = ∀x1ψ ← →

• t∈Sk(x1,Ψ)

ψ[x1/t]. (iii) Part (ii) can be iterated with Q2x2, . . . , Qnxn.

!

All regular term substitution – nothing “virtual” so far

www.thomas-sturm.de 4/30

Theorem (Complexity; Weispfenning JSC 1988)

Consider a prenex linear formula ϕ ˙ = Qnxn . . . Q1x1ψ. Let a be the number of quantifier alternations. Let b be the longest quantifier sequence without alternation. Let T (length(ϕ)) be the time for full QE via the theorem. (i) T (length(ϕ)) = 2 ↑ 2 ↑ O(length(ϕ)). This bound is tight: problem is bounded from below by 2 ↑ 2 ↑ Ω(length(ϕ)). (ii) If a is bounded, then T (length(ϕ)) = 2 ↑ O(length(ϕ)). (iii) Assume that both a and b are bounded, say a ≤ α and b ≤ β. Then T (length(ϕ)) = length(ϕ) ↑ (α + 1)O(β)α+1 . This applies in particular if n is bounded. Blockwise Elimination ∃xn . . . ∃x3∃x2∃x1ψ ← → ∃xn . . . ∃x3∃x2

• t ψ[x1/t] ←

→ ∃xn . . . ∃x3

• t ∃x2ψ[x1/t]

Compatibility of ∃ with yields single exponential complexity.

www.thomas-sturm.de 5/30

A Quick Comparison with Fourier–Motzkin Elimination

Linear QE by substitution Fourier–Motzkin Elimination single exponential w. bounded alternation double exponential already in ∃ case Logically maps to maps to Geometrically, non-disjoint union of projections intersection of projections

!

Challenge: Consider linear ϕ ˙ = ∃xn . . . ∃x1

• i αi,

αi atomic constraints The substitution method yields in single exponential time equivalent quantifier-free ϕ′ ˙ =

j

• k α′

jk.

By Fourier–Motzkin there is equivalent ϕ′′ ˙ =

j α′′ j .

What is the complexity of computing ϕ′′ from ϕ and ϕ′?

www.thomas-sturm.de 6/30

A Simple Example for Illustration

For j = k we have in particular −bj inv(aj) ∈ Sk(x1, Ψ). ϕ ˙ = ∃xψ, where ψ = ax + b = 0 ∧ a < x ∧ x < b Ψ = {ax + b = 0, a − x < 0, x − b < 0} Sk(x, Ψ) = {−b inv(a), −b inv(a) ± 1, a, a ± 1, b, b ± 1, − b inv(2a) + a inv(2), −b inv(2a) + b inv(2), a inv(2) + b inv(2)}

• t∈S(x,Ψ) ψ[x/t] ˙

= (−ab inv(a) + b = 0 ∧ b inv(a) + b < 0 ∧ −b inv(a) − b < 0) ∨ (−ab inv(a) ± a + b = 0 ∧ b inv(a) + a ∓ 1 < 0 ∧ −b inv(a) − b ± 1 < 0) ∨ (a2 + b = 0 ∧ 0 < 0 ∧ a − b < 0) ∨ (a2 ± a + b = 0 ∧ ∓1 < 0 ∧ a − b ± 1 < 0) ∨ (ab + b = 0 ∧ a − b < 0 ∧ 0 < 0) ∨ (ab ± a + b = 0 ∧ a − b ∓ 1 < 0 ∧ ±1 < 0) ∨ (−ab inv(2a) + a2 inv(2) + b = 0 ∧ b inv(2a) − a inv(2) + a < 0 ∧ −b inv(2a) + a inv(2) − b < 0) ∨ (−ab inv(2a) + ab inv(2) + b = 0 ∧ b inv(2a) − b inv(2) + a < 0 ∧ −b inv(2a) + b inv(2) − b < 0) ∨ (−a2 inv(2) + ab inv(2) + b = 0 ∧ a inv(2) − b inv(2) + a < 0 ∧ −a inv(2) + b inv(2) − b < 0)

www.thomas-sturm.de 7/30

Implementations and Experiments

– First experimental implementations in Reduce [Burhenne, Diploma Thesis 1990] – Motivated distributed and supported Reduce package Redlog [S. since 1992, Dolzmann–S. since 1995] – Several further implementations today, including Mathematica [Strzebonski] and the SMT-solver SMT-RAT [Corzilius et al., Proc. SAT 2015]

www.thomas-sturm.de 8/30

From Term Substutution to Virtual Substitution

Burhenne’s Work [Diploma Thesis 1990] and its supervision

Implementation: – implemented the theorem & rewriting resolution for the inv-terms – furthermore substitution of t ± ε for infinitesimal ε in favor of arithmetic means – rewriting resolution of ε-terms – a first quite basic heuristic simplifier (to be applied frequently during elimination) Key experimental questions: – trade-off between quadratic growth of arithmetic means and resolution of ε – "eager" vs. "lazy" resolution Very clear empirical results: – Infinitesimals are better. – Always resolve inv and ε immediately ("eager")!

!

– Immediate resolution of inv & ε can be viewed as part of the substitution. – This was the birth of virtual substitution.

www.thomas-sturm.de 9/30

Theorem (Improved linear real QE; Loos–Weispfenning 1993)

All formulas are now in the language L = {0, 1, +, −, ·, =, <, ≤, >, ≥, =}. Terms within elimination sets are in L ∪ { −1, ε, ∞}. Let ψ be a positive quantifier-free L-formula linear in x1, . . . , xn with atoms Ψ =

4

• k=1

{ ajx1 + bj ̺k 0 | j ∈ Jk }, where (̺1, . . . , ̺4) ˙ = (=, ≤, <, =), Jk finite index sets, aj, bj L-terms not containing x1. Define Sj = −

bj aj and

E(x1, Ψ) = (true, ∞) ∪ (aj = 0, Sj)

• j ∈ J1 ∪ J2
• ∪

(aj = 0, Sj − ε)

• j ∈ J3 ∪ J4
• ,

Then the following holds: (i) E(x1, Ψ) allows QE of ∃x1 from Qnxn . . . Q2x2∃x1ψ via virtual substitution: R | = ∃x1ψ ← →

• t∈E(x1,Ψ)

ψ[x1/ /t]. "E(x1, Ψ) is an elimination set" (ii) Part (i) can be iterated with Q2x2, . . . , Qnxn.

www.thomas-sturm.de 10/30

Proof Sketch

– Ψ = 4

k=1{ ajx1 + bj ̺k 0 | j ∈ Jk }, where (̺1, . . . , ̺4) ˙

= (=, ≤, <, =)

– E(x1, Ψ) = {(true, ∞) ∪ { (aj = 0, Sj) | j ∈ J1 ∪ J2 } ∪ { (aj = 0, Sj − ε) | j ∈ J3 ∪ J4 } – R |

= ∃x1ψ ← →

t∈E(x1,Ψ) ψ[x1/

/t]

Fix a real interpretation ι for all variables except x1. Consider S = { r ∈ R | R, ι ∪ {x1 = r} | = ψ }, satisfying values w.r.t. ι for x1. If S = ∅, then there is nothing to prove. If S = ∅, then there is t ∈ E(x1, Ψ) such that R, ι | = ψ[x1/ /t]: If S is unbounded from above, then t = (true, ∞). Assume now that sup S = σ ∈ R: If σ ∈ S, then σ = Sj with j ∈ J1 ∪ J2, and t = (true, σ). If σ / ∈ S, then σ = Sj with j ∈ J3 ∪ J4, and t = (true, σ − ε).

www.thomas-sturm.de 11/30

Virtual Substitution of Linear Test Points

!

[x1/ /t] : atomic formulas → quantifier-free formulas Elimination sets contain test points (γ, t), where γ is a guard and t is a test term. Virtual substitution conjunctively puts guards at the beginning. Quotiens: Substitute formally, then multiply with (positive) denominator-squared: (αx1 + β ≤ 0) x1

• a = 0, − b

a

• ˙

= a = 0 ∧ −αab + βa2 ≤ 0. Infinitesimals: Treat virtual substitution of t as a black-box; take into consideration the derivative of the target polynomial: (ax1 + b < 0)[x1/ /(χ, t − ε)] ˙ = (ax1 + b < 0)[x1/ /(χ, t)] ∨ (ax1 + b = 0)[x1/ /(χ, t)] ∧ a > 0 . For a complete set of rules for the linear case see [Loos–Weispfenning 1993].

www.thomas-sturm.de 12/30

Example Revisited

ϕ ˙ = ∃xψ, where ψ = ax + b = 0 ∧ a < x ∧ x < b Ψ = {ax + b = 0, a − x < 0, x − b < 0} E(x, Ψ) = {(true, ∞), (a = 0, −b/a), (1 = 0, a − ε), (1 = 0, b − ε)}

• t∈E(x,Ψ) ψ[x/t] ˙

= (true ∧ [a = 0 ∧ b = 0] ∧ [true] ∧ [false]) ∨ (a = 0 ∧ [true] ∧ [a3 + ab < 0] ∧ [−a2b − ab < 0]) ∨ (1 = 0 ∧ [a = 0 ∧ b = 0] ∧ [false] ∧ [a − b < 0 ∨ (a − b = 0 ∧ −1 < 0)]) ∨ (1 = 0 ∧ [a = 0 ∧ b = 0] ∧ [a − b < 0 ∨ (a − b = 0 ∧ 1 < 0)] ∧ [true]) A simplified result computed by Redlog is: a = 0 ∧ a2b + ab > 0 ∧ a3 + ab < 0

!

Fast heuristic automatic simplification is crucial [Dolzmann–S., JSC 1995]. For comparison, partial CAD by Qepcad B: a < 0 ∧ a2 + b > 0 ∧ (b > 0 ∧ a + 1 < 0 ∨ b < 0 ∧ a + 1 > 0)

www.thomas-sturm.de 13/30

About Positivity of Formulas

– Non-positive ∃x1ψ with ψ ˙ = ¬(x1 = 0) fails with E(x1, Ψ) = {(1 = 0, −ε), (true, ∞)}. – Equivalent ψ ˙ = x1 = 0 works. For similar reasons: In general ∀x1ψ not equivalent

• t∈E(x1,Ψ)

ψ[x1/ /t] Therefore: Elimination of universal quantifiers uses the equivalence ∀x1ψ ← → ¬∃x1¬ψ combined with the computation of positive equivalents. Reamark: This is a hard reason why we have so many relations in L.

www.thomas-sturm.de 14/30

Theorem (Quadratic real QE; Weispfenning 1997)

Let ψ be a positive quantifier-free L-formula at most quadratic in x1 with atoms Ψ =

4

• k=1

{ ajx 2

1 + bjx1 + cj ̺k 0 | j ∈ Jk }, where (̺1, . . . , ̺4) ˙

= (=, ≤, <, =), Jk finite index sets, aj, bj, cj L-terms not containing x1. Define Sj = −

cj bj , ∆j = b2 − 4ac, R± j

=

−bj ±√ ∆j 2aj

, and E(x1, Ψ) = (true, ∞) ∪

• (aj = 0 ∧ −∆j ≤ 0, R±

j ), (aj = 0 ∧ bj = 0, Sj)

• j ∈ J1 ∪ J2
• ∪
• (aj = 0 ∧ −∆j ≤ 0, R±

j

− ε), (aj = 0 ∧ bj = 0, Sj − ε)

• j ∈ J3 ∪ J4
• .

Then E(x1, Ψ) allows QE of ∃x1 from Qnxn . . . Q2x2∃x1ψ via virtual substitution: R | = ∃x1ψ ← →

• t∈E(x1,Ψ)

ψ[x1/ /t]. Experimental implementation by Nolden [Diploma Thesis 1994], soon after in Redlog.

www.thomas-sturm.de 15/30

Virtual Substitution of Quadratic Test Points

Formal quadratic solution of t := ax 2

1 + bx1 + c = 0 into equation g = 0:

Univariate division with remainder yields g = qt + αx1 + β, A root of the divisor t can as well be substituted into an equation for the linear

• remainder. Formal substitution for intuition:

(αx1 + β = 0)[x −b+

√ ∆ 2a

• ] ˙

= α−b + √ ∆ 2a + β = (−αb + 2βa) + α √ ∆ 2a Virtual substitution: (αx1 + β = 0) x

• a = 0 ∧ −∆ ≤ 0, −b+

√ ∆ 2a

• ˙

= a = 0 ∧ −∆ ≤ 0 ∧ (−αb + 2βa)2 = α2∆ ∧ (−αb + 2βa)α ≤ 0

!

E can not necessarily be iterated with Q2x2, . . . , Qnxn. For a complete set of rules for the linear case see [Weispfenning 1997].

www.thomas-sturm.de 16/30

An Application in Verification

Collision Avoidance with Adaptive Cruise Control [S.–Tiwari, ISSAC 2011]

!

WE DOWNLOADED THE FOLLOWING VIDEO FROM THE AUDI WEBSITE FOR ILLUSTRATION OF THE CONCEPT. WE DID NOT WORK ON PROD- UCTS ADVERTISED THERE. We recommend Acrobat Reader for viewing the embedded video.

www.thomas-sturm.de 17/30

An Application in Verification

Collision Avoidance with Adaptive Cruise Control [S.–Tiwari, ISSAC 2011]

www.thomas-sturm.de 18/30

An Application in Verification

Collision Avoidance with Adaptive Cruise Control [S.–Tiwari, ISSAC 2011]

System dynamics ˙ v2 = a2 ∈ [−5, 2] − → ˙ ∆ = v1 − v2 − → ˙ v1 = a1 ∈ [−5, 2] Control law ˙ a2 = −3a2 − 3(v2 − v1) + ∆ − (v2 + 10) Formulas define inital and safe states: Init ˙ = ∆ = 10 ∧ a2 = 0 ∧ c1 = v1 ∧ c2 = v2, Safe ˙ = ∆ > 0 Certificate-Based approach finds invariant states Inv such that Init − → Inv, Inv − → Safe, System dynamics cannot leave Inv

www.thomas-sturm.de 19/30

Linear ansatz for Inv ˙ = Inv1 ∧ Inv2: Inv1 ˙ = a1 ∈ [−5, 2] ∧ a2 ∈ [−5, 2] ∧ v1 ≥ 0 ∧ v2 ≥ 0 Inv2 ˙ = p ≥ 0, where p = ∆ + λ1v1 + λ2v2 + λ3a2 + λ4 yields certificate as a Formula γ(c1, c2) ˙ = ∃λ1∃λ2∃λ3∃λ4∀∆∀a1∀a2∀v1∀v2

• (Init ∧ Inv1 −

→ Inv) ∧ (Inv − → Safe) ∧ (Inv1 ∧ p = 0 − → ˙ p > 0) Computation – Quadratic virtual substitution eliminates all quantifiers except ∃λ3 (∼ 1 minute). – Result is disjunction of 584 disjuncts, 33365 atomic formulas, depth 13. – QE-based simplification techniques reduce the first 33 disjuncts to c2

2 − 30c2 − 75 ≤ 0 on the assumption c1 > 0 and c2 > 0 (∼ 10 seconds).

⇒ No collision for c2 = v2 ≤ 32

!

Control law might violate Inv1

www.thomas-sturm.de 20/30

Virtual Substitution for Arbitrary Bounded Degrees

[Košta, PhD Thesis 2016]

f = ax 3

1 + bx 2 1 + cx1 + d

The curves stand for some (out of finitely many) possible real types of f : (−, 0, +, 0, −, 0, +)

• i

, (−, 0, +, 0, +)

• ii

, (+, 0, −, 0, +)

• iii

, (−, 0, +)

• iv

Roots "•" are numbered 1, 2, . . . from left to right. Test points look like (f , i, 3), (f , ii, 2), (f , iii, 1), (f , iv, 1), . . . Virtual substitution with at most quadratic g ˙ = αx 2

1 + βx1 + γ:

(g ̺ 0)[x1/ /(f , ii, 2)] ˙ = "f is of real type ii" ∧ "g ̺ 0 at the 2nd root of f "

www.thomas-sturm.de 21/30

Proof of Concept

f = ax 3

1 + bx 2 1 + cx1 + d

g = αx 2

1 + βx1 + γ

test point (f , ii, 2) ∈ E(x1, Ψ) (g ̺ 0)[x1/ /(f , ii, 2)] ˙ = "f is of real type ii" ∧ "g ̺ 0 at the 2nd root of f " "f is of real type ii": ∃r1∃r2∀x1

• r1 < r2 ∧ (x1 < r1 −

→ f < 0) ∧ (r1 < x1 < r2 − → f > 0) ∧ (x1 = r2 − → f = 0) ∧ (r2 < x1 − → f > 0) "g ̺ 0 at the 2nd root of f ": ∃r1∃r2∀x1

• r1 < r2 ∧ (x1 < r1 −

→ f < 0) ∧ (r1 < x1 < r2 − → f > 0) ∧ (x1 = r2 − → f = 0) ∧ (r2 < x1 − → f > 0) ∧ g[x1/r2] ̺ 0 and Tarski gave us quantifier elimination!

www.thomas-sturm.de 22/30

One Example of What We are Getting in Reality

"f is of real type ii": ∃r1∃r2∀x1

• r1 < r2 ∧ (x1 < r1 −

→ f < 0) ∧ (r1 < x1 < r2 − → f > 0) ∧ (x1 = r2 − → f = 0) ∧ (r2 < x1 − → f > 0) "g ≤ 0 at the 2nd root of f ": ∃r1∃r2∀x1

• r1 < r2 ∧ (x1 < r1 −

→ f < 0) ∧ (r1 < x1 < r2 − → f > 0) ∧ (x1 = r2 − → f = 0) ∧ (r2 < x1 − → f > 0) ∧ g[x1/r2] ≤ 0 f = ax 3

1 + bx 2 1 + cx1 + d,

g = αx 2

1 + βx1 + γ,

(g ≤ 0)[x1/ /(f , ii, 2)] "f is of real type ii": a > 0 ∧ −b3 + 3ac < 0 ∧ ∆ = 0 ∧ 2b3 + 27da2 − 9abc > 0, where ∆ = −b2c2 + 4c3a + 4b3d + 27d2a2 − 18abcd "g ≤ 0 at the 2nd root of f ": (6aβ − 2αb ≤ 0 ∧ 3aβ2 + α2c − 2αbβ ≥ 0) ∨ (α ≤ 0 ∧ 3aβ2 + α2c − 2αbβ ≤ 0)

www.thomas-sturm.de 23/30

Theorem (Real QE for degree bound B; Košta 2016)

Let ψ be a positive quantifier-free L-formula of degree at most B in x1 with atoms Ψ =

4

• k=1

{ fj(x1, . . . xn, y) ̺k 0 | j ∈ Jk }, where (̺1, . . . , ̺4) ˙ = (=, ≤, <, =). A finite table T(B) comprises real types τ of generic

n

• i=0

aix i for n ∈ {1, . . . , B}. µ(τ) is the number distinct real roots of type τ. Define E(x1, ψ) = {(true, ∞)} ∪

• j∈J1∪J2
• τ∈T(B)

µ(τ)

• r=1

{(fj, τ, r)} ∪

• j∈J3∪J4
• τ∈T(B)

µ(τ)

• r=1

{(fj, τ, r) − ε}. Then E(x1, Ψ) allows QE of ∃x1 from Qnxn . . . Q2x2∃x1ψ via virtual substitution: R | = ∃x1ψ ← →

• t∈E(x1,Ψ)

ψ[x1/ /t].

www.thomas-sturm.de 24/30

Clustering

Remember the quadratic case: (αx1 + β = 0) x

• a = 0 ∧ −∆ ≤ 0, −b+

√ ∆ 2a

• ˙

= a = 0 ∧ −∆ ≤ 0 ∧ (−αb + 2βa)2 = α2∆ ∧ (−αb + 2βa)α ≤ 0 The guard a = 0 ∧ −∆ ≤ 0 covers several real types, while the quadratic solution formula with “+ √ ∆” always selects the larger root: In terms of our new general framework: one test point covers 4 cases. This is not an oddity of the quadratic case – it generalizes to the cubic case.

!

Clustering finds trade-off between short rules vs. simultaneous coverage of several cases.

www.thomas-sturm.de 25/30

Structural Elimination Sets

[Dolzmann, PhD Thesis 2000; Košta, PhD Thesis 2016]

We do not blindly compute elimination sets E from atomic formulas Ψ anymore. Instead: prime constituents are non-overlapping maximal subformulas containing x1. Three types of prime constituents:

• 1. Gauss formulas that have a finite satisfying set (induced by “=”)
• 2. co-Gauss formulas that have a co-finite satisfying set (induced by “=”)
• 3. atomic formulas (the remaining ones)

ψ ˙ = ∧ ∨ ψ1 x1 < −2 ∧ x1 > 1 ψ2 ψ1 ˙ = ∧ x1 = a x1 ≥ c Gauss ψ2 ˙ = ∨ x1 = 3 x1 ≤ b co-Gauss x1 ≥ c and x1 ≤ b need not generate test points

www.thomas-sturm.de 26/30

Condensing

[Dolzmann, PhD Thesis 2000; Košta, PhD Thesis 2016]

ψ ˙ = ∧ ∨ ψ1 x1 < −2 ∧ x1 > 1 ψ2 ψ1 ˙ = ∧ x1 = a x1 ≥ c Gauss ψ2 ˙ = ∨ x1 = 3 x1 ≤ b co-Gauss For instance, test point for x1 < −2 need not be substituted into ψ1. Prime constituents are conjunctively associated if their lowest common ancestor is “∧.” Before virtual substitution of a test point delete (replace by “false”) subformulas that are not conjunctively associated to the prime constituent generating that test point. Idea: In a DNF of ψ atoms occur in the same conjunction only when they are conjunctively associated. This generalizes to prime constituents.

www.thomas-sturm.de 27/30

Implementation

[Košta, PhD Thesis 2016]

– Generic implementation for arbitrary degree bound B in Redlog. – Implementation takes formulas for real types and substitutions from tables. – Such tables exist up to degree 3 with and without clustering. – For extension to higher degrees, only tables must be extended. – Structural elimination and condensing are implemented, too.

www.thomas-sturm.de 28/30

Interesting Challenges for Symbolic Computation

Remember this one? Daniel Lazard. Quantifier Elimination: Optimal Solution for Two Classical

• Examples. J. Symb. Comput. 5(1):261–266, 1988

Options for research – please contribute: – One good quantifier-free description of a certain real type for a certain degree – A complete set of formulas for a certain degree (4 would be next) – A theory of quantifier-free descriptions of real types – A theory of clustering: Is it possible and reasonable also for degrees larger than 3? We do not know.

!

This establishes challenging questions in real algebraic geometry, contributing to real quantifier elimination without caring too much about logic.

www.thomas-sturm.de 29/30

Some Other Domains with Virtual Substitution

– Linear theories of valued fields and generalizations [Weispfenning, JSC 1988; Sturm, JSC 2000] – Term algebras over suitably expanded finite functional first-order languages [Sturm–Weispfenning, CASC 2002] – Parametric quantified Boolean formulas [Seidl–Sturm, CASC 2003] – Presburger Arithmetic with several extensions [Weispfenning, JSC 1990; Lasaruk–Sturm, 2005, 2007a, 2007b, 2009]

www.thomas-sturm.de 30/30