A zonotopic framework for functional abstractions

Abstract

This article fully describes an abstract domain, dedicated to the generation of accurate numerical invariants and based on zonotopes parameterized by vectors of affine forms. We introduce the abstract transfer functions, prove their correctness and demonstrate their efficiency. One strength of the domain is its simple abstraction of non-linear operations. These affine vectors also abstract input/output relations, which allows in particular modular analysis, proofs of user-defined complex invariants and test case generation. Finally, the affine vectors like parametrization is flexible enough to allow variations that yield different interesting abstractions, such as inner-approximations or abstraction of probabilistic information.

Appendix

1.1 Proof of Lemma 2

Proof

First of all, \(\gamma _{lin}(A)\) is the image of the unit disc for the \(\ell _{\infty }\) norm by \({A}^{T}\) as we noted in Definition 1. Therefore,

$$\begin{aligned} \sup _{y \in \gamma _{lin}(A)} p_u(y)= \sup \limits _{e \in {{\mathbb {R}}}^{n}, \Vert e \Vert _\infty \le 1} p_u({A}^{T} e) \end{aligned}$$

We now have

$$\begin{aligned} p_u({A}^{T} e)= & {} \langle u, {A}^{T} e\rangle = \langle A u, e\rangle = \sum \limits _{i=1}^{n} \left( \sum \limits _{j=1}^p a_{i,j} u_j\right) e_i \\\le & {} \sum \limits _{i=1}^n \left| \sum \limits _{j=1}^p a_{i,j} u_j \right| \Vert e \Vert _\infty = \Vert A u \Vert _1 \Vert e \Vert _\infty \end{aligned}$$

If \(\Vert A u \Vert _1 = 0\), then Lemma 2 is obviously true.

Else this bound is reached for \(e_i=sign\left( \sum \limits _{j=1}^p a_{i,j} u_j\right) \), which is such that \(\Vert e \Vert _\infty =1\). \(\square \)

1.2 Proof of Lemma 3

Proof

Suppose first that \(\Vert X u \Vert _1 \le \Vert Y u \Vert _1\) for all \(u \in {{\mathbb {R}}}^p\).   By first part of Lemma 1,

$$\begin{aligned} \gamma _{lin}(X)=\bigcap _{u \in {{\mathbb {R}}}^p} \left\{ x \in {{\mathbb {R}}}^p \mid p_u(x) \in \left[ \inf _{y \in \gamma _{lin}(X)} p_u(y), \sup _{y \in \gamma _{lin}(X)} p_u(y)\right] \right\} \end{aligned}$$

with \(\sup _{y \in \gamma _{lin}(X)} p_u(y) = -\inf _{y \in \gamma _{lin}(X)} p_u(y)= \Vert X u \Vert _1\) by Lemma 2. Thus

$$\begin{aligned} \gamma _{lin}(X)= & {} \bigcap _{u \in {{\mathbb {R}}}^p} \{x \in {{\mathbb {R}}}^p \mid |p_u(x)| \le \Vert X u \Vert _1 \} \\\subseteq & {} \bigcap _{u \in {{\mathbb {R}}}^p} \{x \in {{\mathbb {R}}}^p \mid |p_u(x)| \le \Vert Y u \Vert _1 \} = \gamma _{lin}(Y). \end{aligned}$$

Conversely, suppose \(\gamma _{lin}(X)\subseteq \gamma _{lin}(Y)\). Then

$$\begin{aligned} \Vert X u \Vert _1 = \sup _{x \in \gamma _{lin}(X)} p_u(x) \le \sup _{x \in \gamma _{lin}(Y)} p_u(x) = \Vert Y u \Vert _1. \end{aligned}$$

\(\square \)

1.3 Proof of Lemma 4

Proof

Zonotope \(\gamma (X)\) (resp. \(\gamma (Y)\)) is the Minkowski sum of its center of coordinates given by \(x_0\) (resp. \(y_0\)), and of a zonotope symmetric with respect to the origin \(\gamma _{lin}(X_+)\) (resp. \(\gamma _{lin}(Y_+)\)). Hence, using Lemma 2, we have for any \(u \in {{\mathbb {R}}}^p\):

$$\begin{aligned} \sup _{x \in \gamma (X)} \langle u,x \rangle = \sum \limits _{i=1}^p x_{0,i} u_i+\Vert X_+ u \Vert _1. \end{aligned}$$

By convexity of zonotopes, we know that \(\gamma (X) \subseteq \gamma (Y)\) is equivalent to, for all \(u \in {{\mathbb {R}}}^p\), \(\sup _{x \in \gamma (X)} \langle u,x \rangle \le \sup _{y \in \gamma (Y)} \langle u,y \rangle \). Hence, this is equivalent to, for all \(u \in {{\mathbb {R}}}^p\):

$$\begin{aligned} \sum \limits _{i=1}^p (x_{0,i}-y_{0,i})u_i \le \Vert Y_+ u \Vert _1-\Vert X_+ u \Vert _1 \end{aligned}$$

Changing now u to \(-u\):

$$\begin{aligned} \sum \limits _{i=1}^p (y_{0,i}-x_{0,i})u_i \le \Vert Y_+ u \Vert _1-\Vert X_+ u \Vert _1, \end{aligned}$$

which allows us to conclude. \(\square \)

1.4 Proof of Lemma 8

Proof

Let X and Y be two perturbed affine vectorssuch that \(X \le Y\), and let \(Z=[ \! [x_{p+1}= x_i \times x_j] \! ]X\) and \(T=[ \! [x_{p+1}= x_i \times x_j ] \! ]Y\).

By definition of the multiplication of affine forms (Definition 8), we have, for all \(t \in {{\mathbb {R}}}^{p+1}\):

$$\begin{aligned} \Vert (C^T-C^Z)t \Vert _1= & {} \sum \limits _{k=0}^{n} \left| \sum \limits _{l=1}^{p+1} (c_{k,l}^T - c_{k,l}^Z) t_l \right| \\= & {} \left| \sum \limits _{l=1}^{p} (c_{0,l}^Y - c_{0,l}^X) t_l + (c_{0,i}^Y c_{0,j}^Y - c_{0,i}^X c_{0,j}^X) t_{p+1} \right| \\&+ \sum \limits _{k=1}^{n} \left| \sum \limits _{l=1}^{p} (c_{k,l}^Y - c_{k,l}^X) t_l \right. \\&+ \left. (c_{0,i}^Y c_{k,j}^Y + c_{0,j}^Y c_{k,i}^Y - c_{0,i}^X c_{k,j}^X - c_{0,j}^X c_{k,i}^X)t_{p+1} \right| \end{aligned}$$

We notice that:

$$\begin{aligned} c_{0,i}^Y c_{0,j}^Y - c_{0,i}^X c_{0,j}^X = c_{0,i}^Y (c_{0,j}^Y - c_{0,j}^X)+c^X_{0,j}(c^Y_{0,i}-c_{0,i}^X) \end{aligned}$$

and

$$\begin{aligned}&c_{0,i}^Y c_{k,j}^Y + c_{0,j}^Y c_{k,i}^Y - c_{0,i}^X c_{k,j}^X - c_{0,j}^X c_{k,i}^X = c_{0,i}^Y (c_{k,j}^Y - c_{k,j}^X) \\&\quad +\, c^X_{0,j}(c^Y_{k,i}-c_{k,i}^X) +c_{k,j}^X(c_{0,i}^Y - c_{0,i}^X) + c^Y_{k,i}(c_{0,j}^Y-c_{0,j}^X) \end{aligned}$$

Therefore we have, reorganizing terms a bit:

$$\begin{aligned} \Vert (C^T-C^Z)t \Vert _1= & {} \left| \sum \limits _{l=1}^{p} \underbrace{(c_{0,l}^Y - c_{0,l}^X) t_l}_\text {(1)} + \left( \underbrace{c_{0,i}^Y (c_{0,j}^Y - c_{0,j}^X)}_\text {(2)}+\underbrace{c^X_{0,j}(c^Y_{0,i}-c_{0,i}^X)}_\text {(3)}\right) t_{p+1} \right| \\&+\sum \limits _{k=1}^{n} \left| \sum \limits _{l=1}^{p} \underbrace{(c_{k,l}^Y - c_{k,l}^X) t_l}_{(1^{\prime })} + \left( \underbrace{c_{0,i}^Y (c_{k,j}^Y - c_{k,j}^X)}_{(2^{\prime })} + \underbrace{c^X_{0,j}(c^Y_{k,i}-c_{k,i}^X)}_{(3^{\prime })} \right. \right. \\&+ \left. \left. \underbrace{c_{k,j}^X(c_{0,i}^Y - c_{0,i}^X) + c^Y_{k,i}(c_{0,j}^Y-c_{0,j}^X)}_{(4)}\right) t_{p+1} \right| \end{aligned}$$

We then use the triangular inequality, separating terms \({(1^{\prime })}+{(2^{\prime })}+{(3^{\prime })}\) from (4) and regrouping (1) \(+\) (2) \(+\) (3) with their prime counterparts, we find

$$\begin{aligned} \Vert (C^T-C^Z)t \Vert _1\le & {} \sum \limits _{k=0}^{n} \sum \limits _{l=1}^{p} \left| \underbrace{(c_{k,l}^Y - c_{k,l}^X) t_l}_{(1)+(1^{\prime })} + \left( \underbrace{c_{0,i}^Y (c_{k,j}^Y - c_{k,j}^X)}_{(2)+(2^{\prime })} + \underbrace{c^X_{0,j}(c^Y_{k,i}-c_{k,i}^X)}_{(3)+(3^{\prime })} +\right) t_{p+1}\right| \\&+\sum \limits _{k=1}^{n} \left| \left( \underbrace{c_{k,j}^X(c_{0,i}^Y - c_{0,i}^X) + c^Y_{k,i}(c_{0,j}^Y-c_{0,j}^X)}_{(4)}\right) t_{p+1} \right| \end{aligned}$$

We slighly reorganize the double summation in the first term:

$$\begin{aligned} (H1): \ \Vert (C^T-C^Z)t \Vert _1\le & {} \left. \begin{array}{l} \sum \limits _{k=0}^{n} \left| \sum \limits _{l=1,l\ne i, l\ne j}^{p} (c_{k,l}^Y - c_{k,l}^X) t_l +(c^Y_{k,j}-c^X_{k,j})(t_j+c^Y_{0,i}t_{p+1})+ \right. \\ \left. (c^Y_{k,i}-c^X_{k,i}) (t_i+c^X_{0,j}t_{p+1}) \right| \end{array}\right\} {(5)}\\&+\sum \limits _{k=1}^{n} \left| \left( c_{k,j}^X(c_{0,i}^Y - c_{0,i}^X) + c^Y_{k,i}(c_{0,j}^Y-c_{0,j}^X)\right) t_{p+1} \right| \end{aligned}$$

We recognize (5) as being \(\Vert (C^Y-C^X)u(t) \Vert _1\) where

$$\begin{aligned} u(t)=(t_1,\ldots ,t_{i-1},t_i+c_{0,j}^Xt_{p+1},t_{i+1},\ldots ,t_{j-1},t_j+c_{0,i}^Yt_{p+1},t_{j+1},\ldots ,t_p) \end{aligned}$$

Now, because \(X \le Y\), we have \(\Vert (C^Y-C^X)u(t) \Vert _1\le \Vert P^Y u(t) \Vert _1-\Vert P^X u(t) \Vert _1\) so replacing (5) by \(\Vert P^Y u(t) \Vert _1-\Vert P^X u(t) \Vert _1\) in (H1) leads to:

$$\begin{aligned} \Vert (C^T-C^Z)t \Vert _1\le & {} \Vert P^Y u(t) \Vert _1- \Vert P^X u(t) \Vert _1 \\&+ \sum \limits _{k=1}^{n} \left| \left( c_{k,j}^X(c_{0,i}^Y - c_{0,i}^X) + c^Y_{k,i}(c_{0,j}^Y-c_{0,j}^X)\right) t_{p+1} \right| \end{aligned}$$

hence using the triangular identity on the last term we get:

$$\begin{aligned} \Vert (C^T-C^Z)t \Vert _1\le & {} \Vert P^Y u(t) \Vert _1- \Vert P^X u(t) \Vert _1 \end{aligned}$$

(22)

$$\begin{aligned}&+\underbrace{\sum \limits _{k=1}^{n} \mid c_{k,j}^X(c_{0,i}^Y - c_{0,i}^X) t_{p+1}\mid }_{{(6)}} + \underbrace{\sum \limits _{k=1}^{n} \mid c^Y_{k,i}(c_{0,j}^Y-c_{0,j}^X)t_{p+1} \mid }_{{(6^{\prime })}} \end{aligned}$$

(23)

Before resolving inequality (23), we look at its right-hand side. We have:

$$\begin{aligned} \Vert P^Y u(t) \Vert _1= & {} \sum \limits _{k=1}^{m} \left| \sum \limits _{l=1,l\ne i, l\ne j}^p p^Y_{k,l} t_l+(t_i+c^X_{0,j}t_{p+1})p^Y_{k,i} +(t_j+c^Y_{0,i}t_{p+1})p^Y_{k,j} \right| \\= & {} \sum \limits _{k=1}^{m} \left| \sum \limits _{l=1}^p p^Y_{k,l} t_l+(\underbrace{c^X_{0,j}p^Y_{k,i}+c^Y_{0,i}p^Y_{k,j}}_{(7)})t_{p+1} \right| \\ \end{aligned}$$

Now, we write (7) as:

$$\begin{aligned} c^X_{0,j}p^Y_{k,i}+c^Y_{0,i}p^Y_{k,j} = (c^Y_{0,j}p^Y_{k,i}+c^Y_{0,i}p^Y_{k,j}) + p^Y_{k,i}(c^X_{0,j}-c^Y_{0,j}) \end{aligned}$$

and using the triangular inequality, we get:

$$\begin{aligned} \Vert P^Y u(t) \Vert _1\le & {} \sum \limits _{k=1}^{m} \left| \sum \limits _{l=1}^p p^Y_{k,l} t_l+(c^Y_{0,j}p^Y_{k,i}+c^Y_{0,i}p^Y_{k,j})t_{p+1} \right| + \left| \underbrace{(c^X_{0,j}-c^Y_{0,j})}_{{(8)}} t_{p+1} \right| \sum \limits _{k=1}^m \left| p^Y_{k,i}\right| \nonumber \\ \end{aligned}$$

(24)

We are doing a similar calculation for \(\Vert P^X u(t) \Vert _1\):

$$\begin{aligned} - \Vert P^X u(t) \Vert _1 = - \sum \limits _{k=1}^{m} \left| \sum \limits _{l=1}^p p^X_{k,l} t_l +(c^X_{0,j}p^X_{k,i}+c^Y_{0,i}p^X_{k,j})t_{p+1} \right| \end{aligned}$$

hence, using the same argument as for inequality (24):

$$\begin{aligned} - \Vert P^X u(t) \Vert _1\le & {} - \sum \limits _{k=1}^{m} \left| \sum \limits _{l=1}^p p^X_{k,l} t_l +(c^X_{0,j}p^X_{k,i}+c^X_{0,i}p^X_{k,j})t_{p+1} \right| + \left| \underbrace{(c^X_{0,i}-c^Y_{0,i})}_{(8^{\prime })} t_{p+1} \right| \sum \limits _{k=1}^m \left| p^X_{k,j}\right| \nonumber \\ \end{aligned}$$

(25)

Now, because \(X \le Y\), we know that

$$\begin{aligned} \Vert (C^X-C^Y)e_j \Vert _1\le & {} \Vert P^Y e_j \Vert _1 - \Vert P^X e_j \Vert _1 \\ \Vert (C^X-C^Y)e_i \Vert _1\le & {} \Vert P^Y e_i \Vert _1 - \Vert P^X e_i \Vert _1 \end{aligned}$$

where \(e_j\) (resp. \(e_i\)) are the vectors \((0,\ldots ,0,1,0,\ldots ,0)\) with a unique 1 in position j (resp. in position i). This translates into:

$$\begin{aligned} \mid c^X_{0,j}-c^Y_{0,j}\mid\le & {} \Vert \pi _j(P^Y) \Vert _1 - \Vert \pi _j(P^X) \Vert _1 - \sum \limits _{k=1}^{n} \mid c^X_{k,j}-c^Y_{k,j}\mid \end{aligned}$$

(26)

$$\begin{aligned} \mid c^X_{0,i}-c^Y_{0,i}\mid\le & {} \Vert \pi _i(P^Y) \Vert _1 - \Vert \pi _i(P^X) \Vert _1 - \sum \limits _{k=1}^{n} \mid c^X_{k,i}-c^Y_{k,i}\mid \end{aligned}$$

(27)

where \(\pi _j(P^Y)\) (similarly for \(\pi _j(P^X)\), \(\pi _i(P^Y)\) and \(\pi _i(P^X)\)) stands for the vector in \({{\mathbb {R}}}^m\): \((p^Y_{1,j},\ldots ,p^Y_{m,j})\). So, considering again inequality (23) we try to bound \(\Vert P^Y u \Vert _1 + \sum _{k=1}^{n} \mid c^Y_{k,i}(c_{0,j}^Y-c_{0,j}^X)t_{p+1} \mid \) first, as follows, replacing (8) by its bound given by inequality (26):

$$\begin{aligned}&\Vert P^Y u \Vert _1 + \underbrace{\sum \limits _{k=1}^{n} \mid c^Y_{k,i}(c_{0,j}^Y-c_{0,j}^X))t_{p+1} \mid }_{(6^{\prime })} \le \sum \limits _{k=1}^{m} \left| \sum \limits _{l=1}^p p^Y_{k,l} t_l+(c^Y_{0,j}p^Y_{k,i}+c^Y_{0,i}p^Y_{k,j})t_{p+1} \right| \\&\left( +\sum \limits _{k=1}^m \left| p^Y_{k,i}\right| \right) \left( \Vert \pi _j(P^Y) \Vert _1 - \Vert \pi _j(P^X) \Vert _1 - \sum \limits _{k=1}^{n} \mid c^X_{k,j}-c^Y_{k,j}\mid \right) \mid t_{p+1} \mid \\&\ + \left( \sum \limits _{k=1}^{n} \mid c^Y_{k,i}\mid \right) \mid c_{0,j}^Y-c_{0,j}^X\mid \mid t_{p+1} \mid \end{aligned}$$

We see that \(\sum _{k=1}^m \left| p^Y_{k,i}\right| \) is \(\Vert \pi _i(P^Y) \Vert _1\) therefore, regrouping the last two terms above and using inequality (26):

$$\begin{aligned}&\Vert P^Y u \Vert _1 + \underbrace{\sum \limits _{k=1}^{n} \mid c^Y_{k,i}(c_{0,j}^Y-c_{0,j}^X))t_{p+1} \mid }_{(6^{\prime })} \le \sum \limits _{k=1}^{m} \left| \sum \limits _{l=1}^p p^Y_{k,l} t_l+(c^Y_{0,j}p^Y_{k,i}+c^Y_{0,i}p^Y_{k,j})t_{p+1} \right| \\&\left. +\left( \Vert \pi _i(P^Y) \Vert _1 + \sum \limits _{k=1}^{n} \left| c^Y_{k,i} \right| \right) \left( \Vert \pi _j(P^Y) \Vert _1 - \Vert \pi _j(P^X) \Vert _1 - \sum \limits _{k=1}^{n} \mid c^X_{k,j}-c^Y_{k,j}\mid \right) t_{p+1} \right) \end{aligned}$$

We do the same calculation with \(-\Vert P^X u \Vert _1+\sum \limits _{k=1}^{n} \mid c_{k,j}^X(c_{0,i}^Y - c_{0,i}^X)t_{p+1} \mid \) and find:

$$\begin{aligned}&-\Vert P^X u \Vert _1 + \underbrace{\sum \limits _{k=1}^{n} \mid c_{k,j}^X(c_{0,i}^Y - c_{0,i}^X)t_{p+1} \mid }_{{(6)}} \le - \sum \limits _{k=1}^{m} \mid \sum \limits _{l=1}^p p^X_{k,l} t_l +(c^X_{0,j}p^X_{k,i}+c^X_{0,i}p^X_{k,j})t_{p+1} \mid \\&+ \left( \Vert \pi _j(P^X) \Vert _1 + \sum \limits _{k=1}^{n} \mid c^X_{k,j} \mid \right) \left( \Vert \pi _i(P^Y) \Vert _1 - \Vert \pi _i(P^X) \Vert _1 - \sum \limits _{k=1}^{n} \left| c^X_{k,i}-c^Y_{k,i}\right| \right) \mid t_{p+1} \mid \end{aligned}$$

Therefore, summing these two last inequalities we find, using inequality (23):

$$\begin{aligned} \Vert (C^T-C^Z)t \Vert _1\le & {} \sum \limits _{k=1}^{m} \left| \sum \limits _{l=1}^p p^Y_{k,l} t_l+(c^Y_{0,j}p^Y_{k,i}+c^Y_{0,i}p^Y_{k,j})t_{p+1} \right| \\&- \sum \limits _{k=1}^{m} \left| \sum \limits _{l=1}^p p^X_{k,l} t_l +(c^X_{0,j}p^X_{k,i}+c^X_{0,i}p^X_{k,j})t_{p+1} \right| \\&+\,\left( \Vert \pi _i(P^Y) \Vert _1 \Vert \pi _j(P^Y) \Vert _1 + \Vert \pi _j(P^Y) \Vert _1 \sum \limits _{k=1}^{n} \mid c^Y_{k,i} \mid \right. \\&\left. -\, \Vert \pi _i(P^X) \Vert _1 \Vert \pi _j(P^X) \Vert _1 - \Vert \pi _i(P^X) \Vert _1 \sum \limits _{k=1}^{n} \mid c^X_{k,j}\mid \right. \\&\left. - \sum \limits _{k=1}^{n} \mid c^Y_{k,i}\mid \left( \Vert \pi _j(P^X) \Vert _1+ \sum \limits _{k=1}^{n} \mid c^X_{k,j}-c^Y_{k,j}\mid \right) \right. \\&\left. -\, \Vert \pi _i(P^Y) \Vert _1 \sum \limits _{k=1}^{n} \mid c^X_{k,j}-c^Y_{k,j}\mid - \Vert \pi _j(P^X) \Vert _1 \sum \limits _{k=1}^{n} \mid c^X_{k,i}-c^Y_{k,i}\mid \right. \\&\left. +\, \sum \limits _{k=1}^{n} \mid c^X_{k,j} \mid \left( \Vert \pi _i(P^Y) \Vert _1 - \sum \limits _{k=1}^{n} \mid c^X_{k,i}-c^Y_{k,i}\mid \right) \right) | t_{p+1} | \end{aligned}$$

Now we replace the value of \(P^T\) (resp. \(P^Z\)) by its definition, given by the product of affine sets, see Definition 8. Hence,

$$\begin{aligned} \Vert P^T t \Vert _1= & {} \sum \limits _{k=1}^{m} \left| \sum \limits _{l=1}^p p^Y_{k,l} t_l+(c^Y_{0,j}p^Y_{k,i}+c^Y_{0,i}p^Y_{k,j})t_{p+1} \right| + \left( \Vert \pi _i(P^Y) \Vert _1 \Vert \pi _j(P^Y) \Vert _1 \right. \\&\left. +\, \Vert \pi _j(P^Y) \Vert _1 \sum \limits _{k=1}^{n} \mid c^Y_{k,i} \mid + \sum \limits _{k=1}^{n} \mid c^Y_{k,i}\mid \sum \limits _{k=1}^{n} \mid c^Y_{k,j}\mid \right. \\&\left. + \sum \limits _{k=1}^{n} \mid c^Y_{k,j}\mid \Vert \pi _i(P^Y) \Vert _1 \right) \mid t_{p+1} \mid \end{aligned}$$

and the similarly for \(\Vert P^Z t \Vert _1\). We can now bound \(\Vert (C^T-C^Z)t \Vert _1 - \Vert P^T t \Vert _1 + \Vert P^Z t \Vert _1\):

$$\begin{aligned}&\Vert (C^T-C^Z)t \Vert _1 - \Vert P^T t \Vert _1 + \Vert P^Z t \Vert _1 \le \left( - \Vert \pi _i(P^Y) \Vert _1 \underbrace{\sum \limits _{k=1}^{n} \mid c^X_{k,j}-c^Y_{k,j}\mid }_{{(9)}} \right. \\&\left. - \underbrace{\sum \limits _{k=1}^{n} \mid c^Y_{k,i}\mid }_{(10)} \left( \Vert \pi _j(P^X) \Vert _1 + \sum \limits _{k=1}^{n} \mid c^X_{k,j}-c^Y_{k,j}\mid \right) - \Vert \pi _j(P^X) \Vert _1 \underbrace{\sum \limits _{k=1}^{n} \mid c^X_{k,i}-c^Y_{k,i}\mid }_{{(10^{\prime })}} \right. \\&\left. + \underbrace{\sum \limits _{k=1}^{n} \mid c^X_{k,j} \mid }_{{(9^{\prime })}} \left( \Vert \pi _i(P^Y) \Vert _1 - \sum \limits _{k=1}^{n} \mid c^X_{k,i}-c^Y_{k,i}\mid \right) \right. \\&\left. - \sum \limits _{k=1}^{n} \mid c^Y_{k,i}\mid {\sum \limits _{k=1}^{n} \mid c^Y_{k,j}\mid } {\sum \limits _{k=1}^{n} \mid c^X_{k,i}\mid } \sum \limits _{k=1}^{n} \mid c^X_{k,j}\mid \right. \\&\left. - \underbrace{\sum \limits _{k=1}^{n} \mid c^Y_{k,j}\mid }_{{(9^{\prime \prime })}} \Vert \pi _i(P^Y) \Vert _1 + \underbrace{\sum \limits _{k=1}^{n} \mid c^X_{k,i}\mid }_{{(10^{\prime \prime \prime })}} \Vert \pi _j(P^X) \Vert _1 \right) \mid t_{p+1} \mid \end{aligned}$$

Regrouping the different terms: (9), \({(9^{\prime })}\), and \({(9^{\prime \prime })}\) as a factor of \(\Vert \pi _i(P^Y) \Vert _1\) (resp. (10), \({(10^{\prime })}\), and \({(10^{\prime \prime })}\) as a factor of \(\Vert \pi _j(P^X) \Vert _1\)), and factorizing the remaining terms, we get:

(28)

We now end up by examining each of the terms in the right-hand side of inequality (H2). We note that we have the following triangular inequalities:

$$\begin{aligned} \mid c^X_{k,i} \mid - \mid c^Y_{k,i} \mid\le & {} \mid c^X_{k,i}-c^Y_{k,i} \mid \\ \mid c^X_{k,j} \mid - \mid c^Y_{k,j} \mid\le & {} \mid c^X_{k,j}-c^Y_{k,j} \mid \end{aligned}$$

So the sum of the first two terms in the right-hand side of (H2) is:

$$\begin{aligned}&(\Vert \pi _j(P^X) \Vert _1 \sum \limits _{k=1}^{n} (- \mid c^Y_{k,i}\mid - \mid c^X_{k,i}-c^Y_{k,i}\mid + \mid c^X_{k,i} \mid ) \\&\quad +\, \Vert \pi _i(P^Y) \Vert _1 \sum \limits _{k=1}^{n} (- \mid c^X_{k,j}-c^Y_{k,j}\mid + \mid c^X_{k,j} \mid - \mid c^Y_{k,j}\mid ) \end{aligned}$$

which is negative.

Now for the last two terms in the right-hand side of (H2), we note that we can use the same triangular inequalities, which imply:

$$\begin{aligned} \mid c^X_{k,i} \mid - \mid c^X_{k,i}-c^Y_{k,i} \mid\le & {} \mid c^Y_{k,i} \mid \\ \mid c^Y_{k,j} \mid + \mid c^X_{k,j}-c^Y_{k,j} \mid\ge & {} \mid c^X_{k,j} \mid \end{aligned}$$

We now conclude:

$$\begin{aligned} \Vert (C^T-C^Z)t \Vert _1 - \Vert P^T t \Vert _1 + \Vert P^Z t \Vert _1\le & {} \left( \left( \sum \limits _{k=1}^{n} \mid c^X_{k,j} \mid \right) \left( \sum \limits _{k=1}^{n} \mid c^Y_{k,i}\mid \right) \right. \\&\left. - \left( \sum \limits _{k=1}^{n} \mid c^Y_{k,i} \mid \right) \left( \sum \limits _{k=1}^{n} \mid c^X_{k,j}\mid \right) \right) \mid t_{p+1} \mid = 0 \end{aligned}$$

which means that \(Z\le T\) indeed.

Finally, we prove that \(\{ z \in {{\mathbb {R}}}^{p+1} \mid \exists (x_1,\ldots ,x_i,\ldots ,x_j,\ldots ,x_p) \in {{\mathbb {R}}}^p, z= [ \! [x_{p+1}:=x_i x_j ] \! ]_c (x_1,\ldots ,x_i,\ldots ,x_j,\ldots ,x_p) \} \subseteq \gamma ([ \! [x_{p+1}:=x_i x_j ] \! ]X)\). We compute, for all \(\epsilon _1,\ldots ,\epsilon _n \in [-1,1]^n\) and for all \(\eta _1,\ldots ,\eta _{m+1} \in [-1,1]^{m+1}\), and writing \(Y=[ \! [x_{p+1}:=x_i \times x_j] \! ]X\) :

$$\begin{aligned} \pi _{i}(Y) \times \pi _j(Y)= & {} \left( c^Y_{0i} +\sum \limits _{k=1}^n c^Y_{ki} \epsilon _k+\sum \limits _{l=1}^{m} p^Y_{li} \eta _k \right) \left( c^Y_{0j} +\sum \limits _{k=1}^n c^Y_{kj} \epsilon _k+\sum \limits _{l=1}^{m} p^Y_{lj} \eta _k \right) \\= & {} c^Y_{0i} c^Y_{0j}+\sum \limits _{k=1}^n (c^Y_{0i} c^Y_{kj}+c^Y_{0j} c^Y_{ki})\epsilon _k +\sum \limits _{l=1}^m (c^Y_{0i} p^Y_{lj}+c^Y_{0j} p^Y_{li}) \\&+\sum \limits _{k=1,k'=1}^{k=n,k'=n} c^Y_{ki} c^Y_{k'j} \epsilon _k \epsilon _{k'} +\sum \limits _{k=1,l=1}^{k=n,l=m} (c^Y_{ki} p^Y_{lj}+c^Y_{kj} p^Y_{li}) \epsilon _k \eta _l \\&+\sum \limits _{l=1,l'=1}^{l=m,l'=m} p^Y_{li} p^Y_{l'j} \eta _l \eta _{l'} \end{aligned}$$

Now, since

$$\begin{aligned}&\left| \sum \limits _{k=1,k'=1}^{k=n,k'=n} c^Y_{ki} c^Y_{k'j} \epsilon _k \epsilon _{k'} +\sum \limits _{k=1,l=1}^{k=n,l=m} (c^Y_{ki} p^Y_{lj}+c^Y_{kj} p^Y_{li}) \epsilon _k \eta _l +\sum \limits _{l=1,l'=1}^{l=m,l'=m} p^Y_{li} p^Y_{l'j} \eta _l \eta _{l'}\right| \\&\quad \le \sum \limits _{k=1,k'=1}^{k=n,k'=n} \mid c^Y_{ki} c^Y_{k'j} \mid +\sum \limits _{k=1,l=1}^{k=n,l=m} \left( \mid c^Y_{ki} p^Y_{lj} \mid +\mid c^Y_{kj} p^Y_{li} \mid \right) + \sum \limits _{l=1,l'=1}^{l=m,l'=m} \mid p^Y_{li} p^Y_{l'j} \mid \end{aligned}$$

we conclude that for all \(\epsilon _1,\ldots ,\epsilon _n\) and \(\eta _1,\ldots ,\eta _m\), \({(\pi _1(Y),\ldots ,\pi _p(Y),\pi _i(Y) \pi _j(Y))}^{T}\) is in \(\gamma ([ \! [x_{p+1}:=x_i \times x_j ] \! ]Y)\). \(\square \)

1.5 Proof of Lemma 1

Proof

First, we note that if \(\hat{x}\) and \(\hat{y}\) are in generic positions, the formula given for \(\hat{z}\) in Theorem 2 is the same as the one we are giving in this Lemma. The only thing to check is that we can define \(p^z_{m+1}\) as

$$\begin{aligned} p^z_{m+1} = \sup \gamma (\hat{x}) \cup \gamma (\hat{y})-mid(\gamma (\hat{x}) \cup \gamma (\hat{y})) -\sum \limits _{i=1}^n|c^z_i| -\sum \limits _{i=1}^m | p^z_i | \end{aligned}$$

We know from Theorem 2 that the concretisation of z as defined in Theorem 2 is \(\gamma (\hat{x})\cup \gamma (\hat{y})\) so

$$\begin{aligned} \sup \gamma (\hat{x}) \cup \gamma (\hat{y}) = mid(\gamma (\hat{x})\cup \gamma (\hat{y}))+\sum \limits _{i=1}^n | c^z_i|+\sum \limits _{j=1}^m | p^z_i|+|p^z_{m+1}| \end{aligned}$$

Therefore, there is a unique positive value for \(p^z_{m+1}\) given by

$$\begin{aligned} p^z_{m+1} = \sup \gamma (\hat{x})\cup \gamma (\hat{(}y))-mid(\gamma (\hat{x})\cup \gamma (\hat{y}))-\sum \limits _{i=1}^n |c^z_i|-\sum \limits ^m_{j=1}|p^z_j| \end{aligned}$$

which is then necessary equal to the (positive) value defined in Theorem 2 for \(p^z_{m+1}\).

Now, we prove that when \(\hat{x}\) and \(\hat{y}\) are not in generic positions, it is still an upper bound of \(\hat{x}\) and \(\hat{y}\) (which is not a minimal upper bound as defined in e.g. Theorem 3). Being non generic means that either \(\gamma (\hat{x}) \subseteq \gamma (\hat{y})\) or \(\gamma (\hat{y}) \subseteq \gamma (\hat{x})\) with \(\inf \gamma (\hat{x}) \ne \inf \gamma (\hat{y})\) and \(\sup \gamma (\hat{x}) \ne \sup \gamma (\hat{y})\) in both cases. Let us suppose in the sequel that \(\gamma (\hat{x}) \subseteq \gamma (\hat{y})\) with \(\inf \gamma (\hat{x}) \ne \inf \gamma (\hat{y})\) and \(\sup \gamma (\hat{x}) \ne \sup \gamma (\hat{y})\), the other case being symmetric. Therefore \(c^z_0=mid(\gamma (\hat{x})\cup \gamma (\hat{y}))=c^y_0\) and \(\sup \gamma (\hat{x}) \cup \gamma (\hat{y})=\sup \gamma (\hat{y})=c^y_0+\sum \limits _{i=1}^n |c^y_i|\).

We now compute:

$$\begin{aligned} \Vert c^z-c^x \Vert _1= & {} |c^z_0-c^x_0|+\sum \limits _{i=1}^n|c^z_i-c^x_i| \\= & {} |c^y_0-c^x_0|+\sum \limits _{i\in J_1} |c^y_i-c^x_i|+\sum \limits _{i\in J_2}|c^x_i-c^x_i|+\sum \limits _{i\in J_3}|0-c^x_i|\\= & {} |c^y_0-c^x_0|+\sum \limits _{i\in J_1} |c^y_i-c^x_i|+\sum \limits _{i\in J_3}|c^x_i| \end{aligned}$$

where \(J_1=\{i \ge 1 \ | \ 0 < c^y_i < c^x_i \text{ or } c^x_i < c^y_i < 0\}\) (hence \(c^z_i=c^y_i\) for \(i\in J_1\), by definition of the argmin operator), \(J_2=\{i \ge 1 \ | \ 0 < c^x_i < c^y_i \text{ or } c^y_i < c^x_i < 0\}\) (hence \(c^z_i=c^x_i\) for \(i\in J_2\)), and \(J_3=\{i \ge 1 \ | \ c^y_i \le 0 \le c^x_i \text{ or } c^x_i \le 0 \le c^y_i\}\) (hence \(c^z_i=0\) for \(i\in J_3\)).

Note that for \(i\in J_1\), \(|c^y_i-c^x_i|\) is equal to \(|c^x_i|-|c^y_i|\) since for \(i\in J_1\) \(|c^y_i| < |c^x_i|\) and \(c^y_i\) and \(c^x_i\) have the sign. Therefore:

$$\begin{aligned} \Vert c^z-c^x \Vert _1 = |c^y_0-c^x_0|+\sum \limits _{i\in J_1} |c^x|_i-\sum \limits _{i\in J_1} |c^y_i|+\sum \limits _{i\in J_3}|c^x_i| \end{aligned}$$

Suppose first that \(p^y_i=0\) and \(p^x_i=0\) for all \(i=1,\ldots ,m\), then:

$$\begin{aligned} \Vert p^z \Vert _1-\Vert p^x \Vert _1= & {} p^z_{m+1}=\sup \gamma (\hat{x}) \cup \gamma (\hat{y})-c^z_0-\sum \limits ^n_{i=1} |c^z_i| \end{aligned}$$

by definition. But we already remarked that in our case, \(\sup \gamma (\hat{x})\cup \gamma (\hat{y})=c^y_0+\sum \limits _{i=1}^n |c^y_i|\) and \(c^z_0=c^y_0\), hence, decomposing the sum of all \(|c^y_i|\) on the partition \(\{J_1,J_2,J_3\}\) of \(\{1,\ldots ,n\}\) we get:

$$\begin{aligned} \Vert p^z \Vert _1-\Vert p^x \Vert _1= & {} p^z_{m+1} = \sum \limits ^n_{i=1}|c^y_i|-\left( \sum \limits _{i\in J_1} |c^z_i|+\sum \limits _{i\in J_2} |c^z_i|+\sum \limits _{i\in J_3}|c^z_i|\right) \\= & {} \sum \limits _{i=1}^n|c^y_i|-\sum \limits _{i\in J_1}|c^y_i|-\sum \limits _{i\in J_2}|c^x_i| \end{aligned}$$

by definition of \(J_1\), \(J_2\) and \(J_3\). Finally, this writes as:

$$\begin{aligned} \Vert p^z \Vert _1-\Vert p^x \Vert _1 = \sum \limits _{i\in J_2}^n|c^y_i|-\sum \limits _{i\in J_2}|c^x_i|+\sum \limits _{i\in J_3}|c^y_i| \end{aligned}$$

and gathering this with the computation we made before of \(\Vert c^z-c^x \Vert _1\) we get:

$$\begin{aligned} \Vert c^z-c^x \Vert _1 -\Vert p^z \Vert _1+\Vert p^x \Vert _1= & {} |c^y_0-c^x_0|+\sum \limits _{i\in J_1} |c^x|_i-\sum \limits _{i\in J_1} |c^y_i|+\sum \limits _{i\in J_3}|c^x_i|\\&\ \ -\sum \limits _{i\in J_2}^n|c^y_i|+\sum \limits _{i\in J_2}|c^x_i|-\sum \limits _{i\in J_3}|c^y_i| \\= & {} |c^y_0-c^x_0|+\sum \limits _{i=1}^n |c^x|_i-\sum \limits _{i=1}^n |c^y_i| \end{aligned}$$

But as \(\gamma (\hat{x}) \subseteq \gamma (\hat{y})\) we have:

$$\begin{aligned} c^x_0+\sum \limits _{i=1}^n|c^x_i|\le & {} c^y_0+\sum \limits _{i=1}^n|c^y_i| \\ c^x_0-\sum \limits _{i=1}^n|c^x_i|\ge & {} c^y_0-\sum \limits _{i=1}^n|c^y_i| \end{aligned}$$

therefore \(| c^y_0-c^x_0 | + \sum \nolimits _{i=1}^n|c^x_i|-\sum \nolimits _{i=1}^n|c^y_i|\le 0\) hence \(\Vert c^z-c^x \Vert _1 -\Vert p^z \Vert _1+\Vert p^x \Vert _1 \le 0\). Now we end the proof with the same argument as at the end of the proof of Theorem 3, for the general case when \(p^y_i\) and \(p^x_i\) are not all zero. Finally, we also prove in a similar manner that \(\Vert c^z-c^y \Vert _1 -\Vert p^z \Vert _1+\Vert p^y \Vert _1 \le 0\), meaning that z is an upper bound of both \(\hat{x}\) and \(\hat{y}\). \(\square \)

1.6 Proof of Lemma 11

Proof

Let X, Y and Z as in the hypotheses above and \(\pi _k(X)\) (resp. \(\pi _k(Y)\), \(\pi _k(Z)\)) the affine form \({\mathbf {c}}^X_{0,k}+\sum \limits _{i=1}^n c^X_{i,k}\varepsilon _i +\sum \limits _{j=1}^m p^X_{j,k}\varepsilon _j \eta _j\) (resp. \({\mathbf {c}}^Y_{0,k}+\sum \limits _{i=1}^n c^Y_{i,k}\varepsilon _i +\sum \limits _{j=1}^m p^Y_{j,k}\varepsilon _j \eta _j\) and \({\mathbf {c}}^Z_{0,k}+\sum \limits _{i=1}^n c^Z_{i,k}\varepsilon _i +\sum \limits _{j=1}^m p^Z_{j,k}\varepsilon _j \eta _j\)). For x an affine form \({\mathbf {c}}^x_{0,k}+\sum \limits _{i=1}^n c^x_{i,k}\varepsilon _i +\sum \limits _{j=1}^m p^x_{j,k}\varepsilon _j \eta _j\), we write c(x) for the affine form \({\mathbf {c}}^x_{0,k}+\sum \limits _{i=1}^n c^x_{i,k}\varepsilon _i\), and p(x) for the affine form \(\sum \limits _{j=1}^m p^x_{j,k}\varepsilon _j \eta _j\). We compute, for all \(t \in {{\mathbb {R}}}^p\):

$$\begin{aligned} \Vert (C^Z-C^X)t \Vert _1= & {} \sum \limits _{i=0}^n \left| \sum \limits _{j=1}^p (c^Z_{i,j}-c^X_{i,j})t_j\right| \\= & {} \sum \limits _{i=0}^n \left| (c^Z_{i,k}-c^X_{i,k})t_k\right| \\= & {} \Vert c(\pi _k(Z))-c(\pi _k(X)) \Vert _1\left| t_k\right| \end{aligned}$$

since all \(c^Z_{i,j}\) are equal to \(c^X_{i,j}\) except for \(j=k\).

Now, as \(\pi _k(Z)\) is defined by the same formula as in Lemma 10, we know this is a minimal upper bound for \(\pi _k(X)\) and \(\pi _k(Y)\) when they are in generic positions, and just an upper bound of \(\pi _k(X)\) and \(\pi _k(Y)\) when they are not, with concretisation, the union of the two concretisations. Therefore \(\Vert c(\pi _k(Z))-c(\pi _k(X)) \Vert _1 \le \Vert p(\pi _k(Z)) \Vert _1-\Vert p(\pi _k(X)) \Vert _1\), and

$$\begin{aligned} \Vert (C^Z-C^X)t \Vert _1 \le \left( \Vert p(\pi _k(Z)) \Vert _1-\Vert p(\pi _k(X)) \Vert _1\right) |t_k| \end{aligned}$$

(29)

Note now that

$$\begin{aligned} \Vert P^Zt \Vert _1-\Vert P^Xt \Vert _1= & {} \sum \limits _{i=1}^m \left| \sum \limits _{j=1}^p p^Z_{i,j}t_j\right| - \sum \limits _{i=1}^m \left| \sum \limits _{j=1}^p p^X_{i,j}t_j\right| \\= & {} \sum \limits _{i=1}^m \left( \left| \sum \limits _{j=1}^p p^Z_{i,j}t_j\right| - \left| \sum \limits _{j=1}^p p^Z_{i,j}t_j+(p^X_{i,k}-p^Z_{i,k})t_k\right| \right) \end{aligned}$$

because \(p_{i,j}^Z=p^X_{i,j}\) for all \(j=1,\ldots ,p\) except for \(j=k\). By the triangular inequality on the last term in the right-hand side of the equality, we then get:

$$\begin{aligned} \Vert P^Zt \Vert _1-\Vert P^Xt \Vert _1\ge & {} \sum \limits _{i=1}^m \left| (p^X_{i,k}-p^Z_{i,k})t_k\right| \\\ge & {} \left( \sum \limits _{i=1}^m \left| p^Z_{i,k}\right| - \sum \limits _{i=1}^m \left| p^X_{i,k}\right| \right) |t_k| \end{aligned}$$

by the triangular inequality. The last term is equal to

$$\begin{aligned} \left( \Vert p(\pi _k(Z)) \Vert _1-\Vert p(\pi _k(X)) \Vert _1\right) |t_k| \end{aligned}$$

which, by inequality (29), is greater than \(\Vert (C^Z-C^X)t \Vert _1\). So \(Z\ge X\), and similarly, \(Z\ge Y\), hence Z is an upper bound of both X and Y.

Finally the concretisation of \(\pi _k(Z)=Z_k\) is, by Lemma 10, the join of the concretisation of \(\pi _k(X)=X_k\) with the concretisation of \(\pi _k(Y)=Y_k\). \(\square \)

1.7 Proof of Lemma 12

Proof

We construct the following two sequences of affine vectors:

$$\begin{aligned}&X_0 = X \quad Y_0 = (\pi _1(Y), \pi _2(X),\ldots ,\pi _p(X)) \\&X_1 = X_0 \sqcup Y_0 \quad Y_1 = (\pi _1(X_1),\pi _2(Y),\pi _3(X),\ldots ,\pi _p(X))\\&\ldots \\&X_i = X_{i-1} \sqcup Y_{i-1} \quad Y_i = (\pi _1(X_i),\ldots ,\pi _i(X_i),\pi _{i+1}(Y),\pi _{i+2}(X),\ldots ,\pi _p(X))\\&\ldots \\&X_p = X_{p-1} \sqcup Y_{p-1} \quad Y_p = X_p \end{aligned}$$

Indeed, we could use notation \(\sqcup \) when joining \(X_i\) with \(Y_i\) since \(X_i\) and \(Y_i\) only differ by one component. Lemma 11 implies then that

$$\begin{aligned} X_1\ge & {} X_0, Y_0 \\ X_2\ge & {} X_1, Y_1 \\ \ldots&\\ X_p\ge & {} X_{p-1}, Y_{p-1} \end{aligned}$$

By induction, this shows that \(X_p \ge X_{p-1}, \ X_{p-2} \ \ldots \ X_0\), hence \(X_p \ge X_0\). Consider now the similar sequence, where the roles of X and Y are interchanged:

$$\begin{aligned}&Y'_0= Y \quad X'_0 = (\pi _1(X), \pi _2(Y),\ldots ,\pi _p(Y)) \\&Y'_1 = X'_0 \sqcup Y'_0 \quad X'_1 = (\pi _1(Y_1),\pi _2(X),\pi _3(Y),\ldots ,\pi _p(Y))\\&\ldots \\&Y'_i = X'_{i-1} \sqcup Y'_{i-1} \quad X'_i = (\pi _1(Y_i),\ldots ,\pi _i(Y_i),\pi _{i+1}(X),\pi _{i+2}(Y),\ldots ,\pi _p(Y))\\&\ldots \\&Y'_p = X'_{p-1} \sqcup Y'_{p-1}\quad X'_p = Y'_p \end{aligned}$$

Note that as \(\sqcup \) on affine forms is commutative, \(Y'_p=X_p\). Because of the inequalities above, we see that, by induction, \(Y'_p\ge Y'_{p-1},Y'_{p-2},\ldots ,Y'_0\), hence \(Y'_p\ge Y'_0\).

Overall, we have proved that \(X_p=Y'_p \ge X_0, Y'_0\) but \(X_p=Y'_p\) is the affine vector Z defined in the lemma, and \(X_0=X\), \(Y'_0=Y\), so Z is indeed and upper bound of X and Y. \(\square \)

1.8 Proof of Lemma 13

Proof

As with Lemmas 11 and 12, it is enough to prove that this is the case already in dimension one, i.e. for \(p=1\): the W operator is indeed computed independently on each component, since components share no common new symbol \(p_{m+j}\), \(j\ge 1\).

Consider the three affine forms:

$$\begin{aligned} {\hat{x}}= & {} c^x_0+\sum \limits _{i=1}^n c^x_i \varepsilon _i+\sum \limits _{j=1}^m p^x_j \eta _j \\ {\hat{y}}= & {} c^y_0+\sum \limits _{i=1}^n c^y_i \varepsilon _i+\sum \limits _{j=1}^m p^y_j \eta _j \\ {\hat{z}}= & {} c^z_0+\sum \limits _{i=1}^n c^z_i \varepsilon _i+\sum \limits _{j=1}^m p^z_j \eta _j \\ \end{aligned}$$

with \(\hat{z}\) computed as in the Lemma, that is:

• \(c^z_{0}=mid\left( \gamma (\hat{x})\cup \gamma (\hat{y})\right) \) for all \(k=1,\ldots ,p\),

• \(c^z_{i}=c^x_{i}=c^y_{i}\) for all \(i=1,\ldots ,n\) such that \(c^x_{i}=c^y_{i}\),

• \(c^z_{i}=0\) for all \(i=1,\ldots ,n\) such that \(c^x_{i} \ne c^y_{i}\),

• \(p^z_{j}=p^x_{j}=p^y_{j}\) for all \(j=1,\ldots ,m\) such that \(p^x_{j}=p^y_{j}\),

• \(p^z_{j}=0\) for all \(j=1,\ldots ,m\) such that \(p^x_{j} \ne p^y_{j}\),

• \(p^z_{m+1}= \sup \gamma (\hat{x})\cup \gamma (\hat{y}) - c^z_{0} - \sum \limits _{i=1}^n |c^z_{i}| - \sum \limits _{i=1}^m |p^z_{i}| \) for all \(j=1,\ldots ,p\)

We compute

$$\begin{aligned} \Vert c^z-c^x \Vert _1= & {} |c^z_0-c^x_0| + \sum \limits _{i=1,c^y_i\ne c^x_i}^n |c^x_i| \\ \Vert p^z \Vert _1-\Vert p^x \Vert _1= & {} \sup \gamma (\hat{x})\cup \gamma (\hat{y})-c^z_0-\sum \limits _{i=1}^n|c^z_i|-\sum \limits _{i=1}^m |p^z_i| -\sum \limits _{j=1,p^y_j\ne p^x_j}^m |p^x_j| \end{aligned}$$

Therefore the difference \(u=\Vert c^z-c^x \Vert _1 - \Vert p^z \Vert _1+\Vert p^x \Vert _1\) between the two is, noticing that \(\sum \limits _{i=1}^n|c^z_i|=\sum \limits _{i=1,c^y_i=c^x_i}^n|c^x_i|\) and \(\sum \limits _{j=1}^m |p^z_j| = \sum \limits _{j=1,p^y_j=p^x_j}^m |p^x_j|\):

$$\begin{aligned} u= & {} |c^Z_0-c^x_0|+ \sum \limits _{i=1,c^y_i\ne c^x_i}^n |c^x_i|- \sup \gamma (\hat{x})\cup \gamma (\hat{y})-c^z_0+ \sum \limits _{i=1,c^y_i=c^x_i}^n|c^x_i| \\&+\sum \limits _{j=1,p^y_j=p^x_j}^m |p^x_j| +\sum \limits _{j=1,p^y_j\ne p^x_j}^m |p^x_j|\\= & {} |mid(\gamma (\hat{x})\cup \gamma (\hat{y}))-c^x_0|-\sup \gamma (\hat{x})\cup \gamma (\hat{y})+mid(\gamma (\hat{x})\cup \gamma (\hat{y}))\\&+\sum \limits _{i=1}^n|c^x_i| +\sum \limits _{j=1}^m |p^x_j| \end{aligned}$$

But \(\gamma (x)=\left[ c^x_0-\sum \limits _{i=1}^n | c^x_i|-\sum \limits _{j=1}^m | p^x_j|, c^x_0-\sum \limits _{i=1}^n | c^x_i|-\sum \limits _{j=1}^m | p^x_j|\right] \) therefore

$$\begin{aligned} \sum \limits _{i=1}^n | c^x_i|+\sum \limits _{j=1}^m | p^x_j| = \sup \gamma (\hat{x})-c^x_0 \end{aligned}$$

Hence

$$\begin{aligned} u = |mid(\gamma (\hat{x})\cup \gamma (\hat{y}))-c^x_0|-\sup \gamma (\hat{x})\cup \gamma (\hat{y})+mid(\gamma (\hat{x})\cup \gamma (\hat{y}))+ \sup \gamma (\hat{x})-c^x_0 \end{aligned}$$

Now we write \(\gamma (\hat{x})=[a,b]\), \(\gamma (\hat{y})=[c,d]\), then:

$$\begin{aligned} c^x_0= & {} \frac{a+b}{2}\\ mid(\gamma (x)\cup \gamma (y))= & {} \frac{min(a,c)+max(b,d)}{2}\\ \sup \gamma (x) \cup \gamma (y)= & {} max(b,d) \\ |mid(\gamma (x)\cup \gamma (y))-c^x_0|= & {} \frac{|min(a,c)+max(b,d)-a-b|}{2}\\ mid(\gamma (x)\cup \gamma (y))-\sup \gamma (x)\cup \gamma (y)= & {} \frac{min(a,c)-max(b,d)}{2} \\ \sup \gamma (x)-c^x_0= & {} \frac{b-a}{2} \end{aligned}$$

Therefore, we have two cases:

• Either \(min(a,c)+max(b,d)\ge a+b\) and then

  $$\begin{aligned} u= & {} \frac{1}{2}\left( min(a,c)+max(b,d)-a-b+min(a,c)-max(b,d)+b-a\right) \\= & {} min(a,c)-a \\\le & {} 0 \end{aligned}$$

• Or \(min(a,c)+max(b,d)\le a+b\) and then

  $$\begin{aligned} u= & {} \frac{1}{2}\left( -min(a,c)-max(b,d)+a+b+min(a,c)-max(b,d)+b-a\right) \\= & {} b-max(b,d) \\\le & {} 0 \end{aligned}$$

This shows that \(\Vert c^z-c^x \Vert _1\le \Vert p^z \Vert _1-\Vert p^x \Vert _1\) hence \(x \le z\) ; and similarly for proving \(y \le z\). \(\square \)

1.9 Proof of Lemma 18

Proof

Using the join operator defined in Lemma 13, and an iteration scheme where at each iteration, the current iterate is joined with the initial value \(X_0\), and thus all perturbation noise symbols are lost at each iterate. In this case, we can decide the convergence of the iteration on the affine vectors from the convergence of each affine form, as stated in Lemma 19, which concludes the proof. \(\square \)

Lemma 19

Let \((t_k)_{k=1,\ldots ,p}\) be an orthonormal (in the sense of the standard scalar product in \({{\mathbb {R}}}^p\)) basis of \({{\mathbb {R}}}^p\). Let now \(X=(C^X,P^X)\) and \(Y=(C^Y,P^Y)\) be two perturbed zonotopes, such that \(P^X\) and \(P^Y\) are Minkowski sums of segments \(\lambda ^X_k t_k\) and \(\lambda ^Y_k t_k\) respectively, where \(\lambda ^X_k\) and \(\lambda ^Y_k\) are any real numbers. Then \(X \le Y\) if and only if for all \(k=1,\ldots ,p\),

$$\begin{aligned} \Vert (C^Y-C^X) t_k \Vert _1 \le \Vert P^Y t_k \Vert _1-\Vert P^X t_k \Vert _1 \end{aligned}$$

A particular case is given by \(t_1=(1,0,\ldots ,0)\), \(\ldots \), \(t_k=(0,\ldots , 1, \ldots ,0)\), \(\ldots \), \(t_p=(0,\ldots ,0,1)\), the canonical basis of \({{\mathbb {R}}}^p\): when \(P^X\) and \(P^Y\) are boxes, \(X \le Y\) is equivalent to the fact that all components of X and Y are less or equal, using the one-dimensional order, i.e. \(\pi _k(X) \le \pi _k(Y)\) for all \(k=1,\ldots , p\).

Proof

We can write \(P^Y={\left( \lambda ^Y_1 {t_1}^{T}, \ldots , \lambda ^Y_p {t_p}^{T} \right) }^{T}\) and \(P^X={\left( \lambda ^X_1 {t_1}^{T}, \ldots , \lambda ^X_p {t_p}^{T} \right) }^{T}\). We know that the \((t_k)_{k=1,\ldots ,p}\) span \({{\mathbb {R}}}^p\), so for all t, there exists \((\mu _k)_{k=1,\ldots ,p}\) such that \(t=\sum \nolimits _{k=1}^p \mu _k t_k\).

We can write \(C^Y-C^X={\left( {r_1}^{T}, \ldots , {r_n}^{T} \right) }^{T}\), where the \(r_i\) are vectors in \({{\mathbb {R}}}^p\). Then,

$$\begin{aligned} \Vert (C^Y-C^X)t \Vert _1= & {} \left\| {\left( \sum \limits _{i=1}^p \mu _i \langle r_1,t_i \rangle , \ldots , \sum \limits _{i=1}^p \mu _i \langle r_n,t_i \rangle \right) }^{T} \right\| _1 \\= & {} \sum \limits _{j=1}^n \left| \sum \limits _{i=1}^p \mu _i \langle r_j,t_i \rangle \right| \end{aligned}$$

Suppose that, for all \(k=1,\ldots ,p\):

$$\begin{aligned} \Vert (C^Y-C^X)t_k \Vert _1 \le \Vert P^Y t_k \Vert _1-\Vert P^X t_k \Vert _1. \end{aligned}$$

This means that

$$\begin{aligned} \sum \limits _{j=1}^n \mid \langle r_j,t_k \rangle \mid \le \mid \lambda ^Y_k \mid - \mid \lambda ^X_k \mid \end{aligned}$$

So, for all \(t \in {{\mathbb {R}}}^p,\)

$$\begin{aligned} \Vert (C^Y-C^X)t \Vert _1= & {} \sum \limits _{j=1}^n \mid \sum \limits _{k=1}^p \mu _k \langle r_j,t_k \rangle \mid \\\le & {} \sum \limits _{k=1}^p \mid \mu _k \mid \sum \limits _{j=1}^n \mid \langle r_j,t_k \rangle \mid \\\le & {} \sum \limits _{k=1}^p \mid \mu _k \lambda ^Y_k \mid -\sum \limits _{k=1}^p \mid \mu _k \lambda ^X_k \mid \\\le & {} \Vert P^Y t \Vert _1 -\Vert P^X t \Vert _1 \end{aligned}$$

The other implication is immediate. \(\square \)

1.10 Proof of Theorem 4

Proof

The abstract functional that interprets the kth iterate of the body of the loop at point [2] is:

$$\begin{aligned} F_k\left( \begin{array}{c} x_{n+1}\\ \ldots \\ x_1 \end{array}\right) =\left( \begin{array}{c} \sum \limits ^{n}_{i=1} a_i x_i + \sum \limits ^{n+1}_{j=1} b_j e_{k+j-1} \\ \sum \limits ^{n}_{i=1} a_i x_i + \sum \limits ^{n+1}_{j=1} b_j e_{k+j-1} \\ x_n \\ \ldots \\ x_2 \end{array}\right) \end{aligned}$$

We now write the Kleene iteration for the previous functionals, giving iterate \(X^{k+1}\) in terms of iterate \(X_k\). It is obtained by collecting the values of each variables \(x_{1},\ldots ,x_{n+1}\) at iterate k, applying the abstract functional for the body of the loop, at iterate k, \(F_k\), and joining it with the initial value (i.e. at iterate 0) of these variables, i.e. \(x^0_{1},\ldots ,x^0_{n+1}\):

$$\begin{aligned} \left( \begin{array}{c} x^{k+1}_{n+1} \\ \ldots \\ x^{k+1}_1 \\ \end{array}\right) = \left( \begin{array}{c} x^0_{n+1} \\ \ldots \\ x^0_1 \\ \end{array}\right) \nabla F_k\left( \begin{array}{c} x^k_{n+1} \\ \ldots \\ x^k_1 \\ \end{array}\right) \end{aligned}$$

That is, applying the upper bound operator independently on each variables:

$$\begin{aligned} \left( \begin{array}{c} x^{k+1}_{n+1} \\ \ldots \\ x^{k+1}_1 \\ \end{array}\right) = \left( \begin{array}{c} x^0_{n+1} \nabla \sum \limits ^{n}_{i=1} a_i x^k_i + \sum \limits ^{n+1}_{j=1} b_j e_{k+j-1} \\ x^0_{n} \nabla \sum \limits ^{n}_{i=1} a_i x^k_i + \sum \limits ^{n+1}_{j=1} b_j e_{k+j-1} \\ x^0_{n-1} \nabla x^k_n \\ x^0_{n-2} \nabla x^k_{n-1} \\ \ldots \\ x^0_1 \nabla x^k_2 \end{array}\right) \end{aligned}$$

Let us concentrate on the second equation, the other can be treated similarly. Note that, as \(e_{u}\) is encoded using a noise symbol, distinct for distinct indexes u, which does not appear in terms \(\sum \nolimits ^{n}_{i=1} a_i x^k_i\) nor \(x^0_{n+1}\), then these iterates, if they converge, will converge to a solution to the fixed point equation:

$$\begin{aligned} x^{\infty }_n= & {} x^0_n \nabla \left( a_n x^{\infty }_n+\sum \limits ^{n-1}_{i=1} a_i (y_i \nabla x^{\infty }_n) + \sum \limits ^{n+1}_{j=1} b_j e_j\right) \end{aligned}$$

(30)

where \(e_j\) are \(n+1\) distinct, independent inputs within m and M and

$$\begin{aligned} y_1= & {} x^0_1 \nabla \ldots \nabla x^0_{n-1} \\ y_2= & {} x^0_2 \nabla \ldots \nabla x^0_{n-1}\\ \ldots \\ y_{n-1}= & {} x^0_{n-1} \end{aligned}$$

This is a direct consequence of the continuity of \(F_k\) and of the fact that \(\nabla \) forgets all dependencies to new symbols.

Suppose first that \(\sum \nolimits _{i=1}^{n} | a_i | < 1\). Consider now the interval fixed point equation resulting from (30). As \(\gamma \) commutes with \(\nabla \), by definition, and because the interval concretisation of a sum of affine forms is trivially included in the sum of their interval concretisations, it transforms into

$$\begin{aligned} \gamma (z) \subseteq \gamma (x_{n}) \cup \left( a_n \gamma (z)+\sum \limits _{i=1}^{n-1} \left( a_i \gamma (y_{i}) \cup \gamma (z) \right) \right. \left. + \sum \limits _{j=1}^{n+1} b_j \gamma (e_{j})\right) . \end{aligned}$$

This equation shows that \(\gamma (z)\) is a pre-fixed point of the interval abstraction of our semantic function. It is well known that in the case \(\sum \nolimits _{i=1}^{n} | a_i | < 1\), this interval abstraction admits a bounded least fixed point \(z^I\). As a matter of fact, in this case, the interval abstraction of the semantic functional gives k-Lipschitz functions on their bounds, with \(k < 1\), hence admits finite fixed points.

Hence, z in this case is bounded by \(z^I\) (for order \(\le \), when \(z^I\) is written as \(mid(z^I)+dev(z^I) \varepsilon _U\), with \(dev([a,b])=\frac{b-a}{2}\)), hence has finite concretisation. In fact, not only z but all the ascending sequence of the \((0,1,\nabla )\)-iteration scheme from \(\bot \) is bounded by \(z^I\). Note that any ascending sequence for any \((p,q,\nabla )\)-iteration scheme is also ascending for the partial order defined on perturbed affine vectors. We can apply Proposition 16, since Eq. (30) does not produce new noise symbols, hence we are considering perturbed affine vectors in fixed dimension. So this ascending sequence has a minimal upper bound, which is a fixed point of Eq. (30), because of the continuity (in the \(\ell _1\) sense) of F. Hence again, this fixed point is bounded by \(z^I\) so has finite concretisation.

Secondly, if the roots of \(x^n-\sum \limits _{i=0}^{n-1} a_{i+1} x^i\) have modulus strictly less than 1, then there exists q such that \(F^q\) is a filter of order nq in the inputs e, and n in the outputs with coefficients \(c_j\), \(j=1,\ldots ,n\) such that \(\sum \limits _{i=1}^{n} |c_j|\) is strictly less than 1. the semantics on affine forms is exact on affine computations, so we are back to the former case by considering \(F^q\) and a \((0,q,\nabla )\)-iteration scheme. We can then apply the result above to reach the conclusion. \(\square \)