Rencontre, 13 avril 2017

Programme

10:30 – 12:00

Jérémie Chalopin (Université Aix-Marseille)

Invited talk: Un contre-exemple à la conjecture de Thiagarajan sur les structures d'évènements régulières

On présente un contre-exemple à la conjecture de Thiagarajan (1996 et 2002) affirmant que les structures d'évènements régulières correspondent exactement à celles obtenues comme dépliages des réseaux de Petri 1-safe finis. Les structures d'évènements, les automates de trace sont des modèles fondamentaux pour la théorie de la concurrence. Il existe des interprétations élégantes de ces structures comme des objets combinatoires et géométriques, et on peut reformuler la conjecture dans ce cadre. Plus précisément, les domaines des structures d'évènements correspondent exactement aux graphes médians pointés et aux complexes cubiques CAT(0) pointés. Une condition nécessaire pour que la conjecture de Thiagarajan soit vérifiée est que les domaines des structures d'évènements régulières admettent un joli étiquetage régulier (regular nice labelling). Pour réfuter cette conjecture, on décrit le domaine d'une structure d'évènement régulière qui n'admet pas de tel étiquetage. Notre contre-exemple est basé sur une construction de Wise (1996 et 2007) d'un complexe de carrés de courbure non-positive dont le revêtement universel est un complexe de carrés CAT(0) contenant un plan muni d'un pavage apériodique.

14:00 – 15:00

Thomas Leventis (Institut de Mathématiques de Marseille)

Invited talk: Full abstraction of the probabilistic Böhm trees

A very natural notion of equivalence of programs is the observational equivalence: two programs are equivalent if they have the same behaviour in any environment. More specifically in the lambda-calculus two terms M and N are equivalent if for every context C, the terms C[M] and C[N] are either both solvable or both unsolvable. Respecting this equivalence is an important property of some models of the lambda-calculus, called the full abstraction. It is well known that the model of infinitely extensional Böhm trees is fully abstract. The question we are interested in is what becomes of these notions when we introduce probabilistic choice in the calculus.

The solvability has a natural extension, which is the convergence probability, hence two terms are observationally equivalent if they have the same convergence probability under any context. There is also a simple way to define probabilistic Bohm trees, as we can associate to any term a subprobability distribution over head normal forms. But it is not obvious that these generalizations of the deterministic notions are still equivalent. In this talk we will show how to prove that probabilistic Böhm trees actually form a model, and how to get a separability result to ensure this model is fully abstract.

15:30 – 16:30

Pierre-Yves Strub (École Polytechnique)

Invited talk: Proving Differential Privacy via Probabilistic Couplings

Couplings are a powerful mathematical tool for reasoning about pairs of probabilistic processes. Recent developments in formal verification identify a close connection between couplings and pRHL, a relational program logic motivated by applications to provable security, enabling formal construction of couplings from the probability theory literature. However, existing work using pRHL merely shows existence of a coupling and does not give a way to prove quantitative properties about the coupling, needed to reason about mixing and convergence of probabilistic processes. Furthermore, pRHL is inherently incomplete, and is not able to capture some advanced forms of couplings such as shift couplings.

In this talk, after having introduced pRHL, I will present an extension of pRHL, which explicitly constructs the coupling in a pRHL derivation in the form of a probabilistic product program that simulates two correlated runs of the original program. Existing verification tools for probabilistic programs can then be directly applied to the probabilistic product to prove quantitative properties of the coupling. Moreover, this extension can be equipped with a new rule for while loops, where reasoning can freely mix synchronized and unsynchronized loop iterations, making the logic relatively complete for deterministic programs.

Last, I will show how the notion of couplings can be extended to approximate lifting, a notation this captures a compositional abstraction for proving differential privacy. (Differential privacy is a promising formal approach to data privacy, which provides a quantitative bound on the privacy cost of an algorithm that operates on sensitive information.)