Coupling policy iteration with semi-definite relaxation to compute accurate numerical invariants in static analysis

We introduce a new domain for finding precise numerical invariants of programs by abstract interpretation. This domain, which consists of level sets of non-linear functions, generalizes the domain of linear “templates” introduced by Manna, Sankaranarayanan, and Sipma. In the case of quadratic templates, we use Shor’s semi-definite relaxation to derive computable yet precise abstractions of semantic functionals, and we show that the abstract fixpoint equation can be solved accurately by coupling policy iteration and semi-definite programming. We demonstrate the interest of our approach on a series of examples (filters, integration schemes) including a degenerate one (symplectic scheme).

💡 Research Summary

The paper introduces a novel abstract domain for static analysis that can capture precise numerical invariants of programs, especially those involving non‑linear relationships. The domain is built from sub‑level sets of a family P of functions (the “templates”). An abstract element v assigns an upper bound v(p) to each template p∈P, and the concretisation γ(v) is the set of states x such that p(x)≤v(p) for all p∈P. This construction generalises the classical linear‑template, interval, octagon, and zone domains, because P need not consist of linear forms; it may contain arbitrary (possibly non‑convex) functions. The pair (α, γ) forms a Galois connection, yielding a complete lattice of P‑convex sets and P‑convex functions.

The authors specialise P to quadratic templates, i.e. each p(x)=xᵀA_px+b_pᵀx with symmetric A_p. For such templates the abstract semantics of assignments and tests can be expressed as optimisation problems that are generally non‑convex. The key technical contribution is to apply Shor’s semidefinite relaxation to obtain a safe over‑approximation F_R of the concrete semantic functional F. The relaxation turns each optimisation into a semidefinite program (SDP) that can be solved to arbitrary precision in polynomial time (using interior‑point or ellipsoid methods). The SDP solution yields Lagrange multipliers that have a natural interpretation as “policies”.

Policy iteration is then coupled with the SDP relaxation. For a fixed policy (i.e. a fixed set of active constraints) the abstract transformer becomes linear (or quadratic) and can be evaluated exactly. By iteratively updating the policy based on the SDP solution, the algorithm converges to a fixed point of the over‑approximated functional F_R. The authors prove that this fixed point is a sound over‑approximation of the true abstract fix‑point of F, and that the iteration converges rapidly, typically in a handful of steps, without the need for widening/narrowing.

The paper provides a thorough theoretical foundation: it defines P‑convex hulls, shows that the set of P‑convex functions forms a complete lattice, and proves that the abstract operators (meet, join, transformer) are monotone and closed in this lattice. It also demonstrates that the SDP over‑approximation is the least sound convex relaxation for quadratic templates, and that the policy‑iteration scheme computes exact post‑fixpoints of this relaxation.

Experimental evaluation is carried out on three families of benchmarks:

1. Linear recursive filters, where quadratic templates capture energy‑like invariants.
2. An explicit Euler integration scheme for a harmonic oscillator, using templates {x², v², 2x²+3v²+2xv} that correspond to a Lyapunov function.
3. A degenerate symplectic integration scheme that lacks any stability margin; traditional interval or octagon analyses fail completely.

In all cases the proposed method yields tighter bounds than interval, octagon, or linear‑template analyses, and it converges in far fewer iterations than Kleene iteration with widening. The SDP solves in milliseconds, and the overall memory footprint remains modest, making the approach practical for real‑world static analysis tools.

Compared with related work, this paper extends linear‑template domains to arbitrary non‑linear functions, improves on polynomial‑inequality approaches that reduce to linear polyhedra, and uniquely combines semidefinite relaxation with policy iteration for abstract interpretation. The result is a powerful framework for automatically synthesising numerical invariants, especially those derived from Lyapunov functions, that can be applied to control‑system verification, numerical algorithm correctness, and general program analysis.