Satisfiability modulo theories for verifying MILP certificates (2024)

For each $i\in[n]$, define the type value of $x_{i}$, denoted by $I_{i}$, as following boolean variable:

This boolean variable are declared and assigned value at the very beginning of the transformed SMT2 file.

The type of the corresponding MILP problem in a VIPR certificate, denoted by $P$, is defined as the following boolean variable:

Specifically, if $P$ is true, then VIPR verifies results of a minimization MILP problem and if $P$ is false, then VIPR verifies results of a maximization MILP problem.

The type of results in a VIPR certificate, denoted by $F$, is defined as the following boolean variable:

When $F=true$, i.e. RTP section begins with “RTP lb ub”, we use real variables $L:=lb$ and $U:=ub$ to represent the lower and upper bound of the optimum value, correspondingly. These two variables are declared and assigned value at the very beginning of the transformed SMT2 file. If $F=false$, then we do not assign value to $L$ and $U$ as they will be meaningless.

Suppose the MILP problem has $n$ variables. A constraint, $C$, in a VIPR certificate is a relationship in one of three forms: $(C_{l})^{t}x\leq C_{r}$, $(C_{l})^{t}x\geq C_{r}$, or $(C_{l})^{t}x=C_{r}$, where $C_{r}\in\mathbb{R}$, $x$ is the $n$-dimension vector representing the $n$ variables in the MILP problem, and $C_{l}\in\mathbb{R}^{n}$ representing the coefficients of variables. Define the sign of $C$, denoted by $C_{s}$, as

Indices of constraints are shown as superscript.

Define bound constraint, denoted by $C^{d}$ (remember $d$ is the index of this constraint and $C^{d}$ contains three parts: $C^{d}_{l}\in\mathbb{R}^{n},C^{d}_{r}\in\mathbb{R}$, and $C^{d}_{s}\in\{-1,0,1\}$), as following:

1. 1.

   If OBJ section is of the form

   	OBJ min
   	$m$ $n_{1}$ $a_{1}$ $n_{2}$ $a_{2}$ $\ldots$ $n_{m}$ $a_{m}$

   then

   1. (a)

      $C^{d}_{s}=1$
      

   2. (b)

      $C^{d}_{r}=L$
      

   3. (c)

      for each $i\in[m]$, $C^{d}_{l,n_{i}}=a_{n_{i}}$
      

   4. (d)

      for each $j\in[n]\backslash\{n_{j}\}_{j\in[m]}$, $C^{d}_{l,j}=0$;

2. 2.

   If OBJ section is of the form

   	OBJ max
   	$m$ $n_{1}$ $a_{1}$ $n_{2}$ $a_{2}$ $\ldots$ $n_{m}$ $a_{m}$

   then

   1. (a)

      $C^{d}_{s}=-1$
      

   2. (b)

      $C^{d}_{r}=U$
      

   3. (c)

      for each $i\in[m]$, $C^{d}_{l,n_{i}}=a_{n_{i}}$
      

   4. (d)

      for each $j\in[n]\backslash\{n_{j}\}_{j\in[m]}$, $C^{d}_{l,j}=0$.

Let the second line of the OBJ section be of the form

then the optimum function of the corresponding MILP problem is $f^{o}(x):=\sum_{i\in[m]}a_{i}x_{n_{i}}$, where $x$ is the vector of variables in the MILP problem. Define $S^{o}:=\{n_{i}\}_{i\in[m]}$, representing the set of indices of variables in the optimum function with possibly non-zero coefficients.

Let the $p$th line in the SOL section be in the form

Define $S^{p}:=\{n_{j}\}_{j\in[m]}$, representing the set of indices of variables with possibly non-zero assignments in this solution. Specifically, this line represents a vector $v_{p}=(x_{1},x_{2},\ldots,x_{n})$ such that $\forall j\in[m]$, $x_{n_{j}}:=a_{j}$ and $\forall i\in[n]\backslash S^{p}$, $x_{i}=0$. This line is valid, if it satisfies each constraint in the CON section. If this line is valid, then the optimum function with this assignment gives an upper bound (in a minimization problem) or a lower bound (in a maximization problem) of $f^{o}(v_{j})$ for the optimum value.

A line in the SOL section in the form

is valid, if and only if the transformed SMT2 clause is satisfiable.

1. 1.

   $\wedge_{i\in[k]}((C^{i-1}_{s}\neq 1)\vee(\sum_{j\in[m]}C^{i-1}_{l,n_{j}}a_{j}$

2. 2.

   $\wedge_{i\in[k]}((C^{i-1}_{s}\neq 0)\vee(\sum_{j\in[m]}C^{i-1}_{l,n_{j}}a_{j}=$

3. 3.

   $\wedge_{i\in[k]}((C^{i-1}_{s}\neq-1)\vee(\sum_{j\in[m]}C^{i-1}_{l,n_{j}}a_{j}$

∎

The SOL section begins with the line

followed by $m$ lines of solutions. The SOL section is valid, if

1. 1.

   RTP section states the MILP problem is infeasible and SOL section contains no solution;

2. 2.

   or, RTP section gives the upper/lower bounds of the MILP problem, and

   1. (a)

      Each line of the SOL section is valid;

   2. (b)

      If the MILP is a maximization problem, then at least one line of the SOL section proves the lower bound of the optimum value stated in the RTP section, i.e. $\exists j\in[m]$ s.t. $f^{o}(v_{j})\geq L$.

   3. (c)

      If the MILP is a minimization problem, then at least one line of the SOL section proves the upper bound of the optimum value stated in the RTP section, i.e. $\exists j\in[m]$ s.t. $f^{o}(v_{j})\leq U$.

The properties in Definition13 can be encoded with the following logic:

1. 1.

   $F\vee(m=0)$

2. 2.
   1. (a)

      Encoded with Lemma3;

   2. (b)

      If $!P$, then $\vee_{p\in[m]}(\sum_{n\in S^{p}\cap S^{o}}\geq L)$,

   3. (c)

      else $\vee_{p\in[m]}(\sum_{n\in S^{p}\cap S^{o}}\leq U)$.

∎

A constraint in the DER section with reasoning of the form

is called an assumption. Assumptions do not need a reason to be true; as the word inplied, we simply “assumes” an assumption to be true when we need to do so.

This set is implicitly inherited from constraints to contraints. In general, VIPR certificate carries the information that if we assumes all the assumptions indexed with $S^{x}$ are true, then constraints in the CON section imply the current constraint:

1. 1.

   If $C^{x}$ is an assumtion, define $S^{x}:=\{x\}$.

2. 2.

   If $C^{x}$ is a constraint in the CON section, define $S^{x}:=\varnothing$.

3. 3.

   If $C^{x}$ is a constraint in the DER section and is not an assumption, please refer to Definition20, Definition22, and Definition23 for details of $S^{x}$.

Let $S$ be the set of indices of all assumptions in the DER section. Let $C^{x}$ be a constraint in the DER or CON section. For each $i\in S$, we use a boolean variable $B_{i}^{x}$ to identify whether $i\in C^{x}$. Thus,

1. 1.

   If $C^{x}$ is an assumtion, then

   1. (a)

      $B_{x}^{x}=true$;

   2. (b)

      $\wedge_{i\in S^{x},i\neq x}(B_{i}^{x}=false)$.

2. 2.

   If $C^{x}$ is a constraint in the CON section, then $\wedge_{i\in S^{x}}(B_{i}^{x}=false).$

3. 3.

   If $C^{x}$ is a constraint in the DER section and is not an assumption, please refer to Definition20, Definition22, and Definition23 for specification of $B_{i}^{x}$’s.

Let $C^{a}$ and $C^{b}$ be two assumptions in the DER section. We say that $C^{a}$ and $C^{b}$ form a disjunction logic, if they satisfy the following properties:

1. 1.

   $C^{a}_{l}=C^{b}_{l}$;

2. 2.

   For each $i\in[n]$ such that $x_{i}$ is an integer variable, $C^{a}_{l,i}$ is an integer;

3. 3.

   For each $i\in[n]$ such that $x_{i}$ is a real variable, $C^{a}_{l,i}=0$;

4. 4.

   Both $C^{a}_{r}$ and $C^{b}_{r}$ are integers;

5. 5.

   One of $C^{a}_{s},C^{b}_{s}$ equals $-1$, while the other equals $1$;

6. 6.

   If $C^{a}_{s}=1$ and $C^{b}_{s}=-1$, then $C^{a}_{r}=C^{b}_{r}+1$; If $C^{a}_{s}=-1$ and $C^{b}_{s}=1$, then $C^{a}_{r}=C^{b}_{r}-1$.

Let $x$ denote the $n$-dimension vector of variables. These properties guarantee that $C^{a}$ and $C^{b}$ are in the form

where $C_{l}=C^{x}_{l}=C^{y}_{l}$ and $\beta$ is an integer. Since property 1.,2.,3. guarantee that $C_{l}x$ is an integer, mathematically speaking one of $C^{x}$ and $C^{y}$ has to be true.

Let $C^{a}$ and $C^{b}$ be two constraints in a VIPR certificate. By Definition17, that $C^{a}$ and $C^{b}$ form a disjunction logic, can be encoded with the following logic:

1. 1.

   $\wedge_{i=1}^{n}(C^{a}_{l,i}=C^{b}_{l,i})$

2. 2.

   $\wedge_{i=1}^{n}(!I_{i}\vee(C^{a}_{l,i}\text{ is integer}))$

3. 3.

   $\wedge_{i=1}^{n}(I_{i}\vee(C^{a}_{l,i}=0))$

4. 4.

   $(C_{r}^{a}=\lceil C_{r}^{a}\rceil)\wedge(C_{r}^{b}=\lceil C_{r}^{b}\rceil)$, with Lemma8

5. 5.

   $(C_{s}^{a}\neq 0)\wedge(C_{s}^{a}+C_{s}^{b}=0)$

6. 6.

   If $C_{s}^{a}=1$, then $C_{r}^{a}=C_{r}^{b}+1$, else $C_{r}^{a}=C_{r}^{b}-1$

where the last clause is encoded with the “ite” gate in SMT2 format.

Let $C^{1}$ and $C^{2}$ be two constraints in a VIPR certificate. We say that $C^{1}$ dominates $C^{2}$ ($C^{1}$ implies $C^{2}$ in the following specified forms), if

1. 1.

   $C^{1}_{l}=0$, and

   1. (a)

      $C_{s}^{1}=-1$ and $C_{b}^{1}<0$ (so $C^{1}:0\leq C_{b}^{1}$ is an absurdity and implies everything), or

   2. (b)

      $C_{s}^{1}=0$ and $C_{b}^{1}\neq 0$ (so $C^{1}:0=C_{b}^{1}$ is an absurdity and implies everything), or

   3. (c)

      $C_{s}^{1}=1$ and $C_{b}^{1}>0$ (so $C^{1}:0\geq C_{b}^{1}$ is an absurdity and inplies everything);

2. 2.

   or, $C_{l}^{1}=C_{l}^{2}$ (so LHS of $C^{1}$ and $C^{2}$ are the same) and

   1. (a)

      $C_{s}^{1}\leq 0$, $C_{s}^{2}=-1$, and $C_{r}^{1}\leq C_{r}^{2}$ (so each of $C_{l}^{1}x\leq C_{r}^{1}$ and $C_{l}^{1}x=C_{r}^{1}$ implies $C_{l}^{1}x\leq C_{r}^{2}$), or

   2. (b)

      $C_{s}^{1}=0$, $C_{s}^{2}=0$, and $C_{r}^{1}=C_{r}^{2}$ (so $C^{1}$ and $C^{2}$ are the same), or

   3. (c)

      $C_{s}^{1}\geq 0$, $C_{s}^{2}=1$, and $C_{r}^{1}\geq C_{r}^{2}$ (so each of $C_{l}^{1}x\geq C_{r}^{1}$ and $C_{l}^{1}x=C_{r}^{1}$ implies $C_{l}^{1}x\geq C_{r}^{2}$)