## Section: New Results

Keywords : Static analysis, Resource Analysis, Long-Run Cost, Dioids.

### Quantitative static analysis with linear operators over dioids

Participants : David Cachera, Thomas Jensen, Arnaud Jobin, Pascal Sotin.

We have defined a static analysis technique for modeling and approximating the long-run resource usage of programs. We take as starting point a standard small-step operational semantics expressed as a transition relation between states extended with costs associated to each transition. The set of costs is supposed to have two operations for composing costs: a “product” operator that combines the costs along an execution path, and a “sum” operator that combines costs coming from different paths. These operators will a structure of dioid to the set of costs. The sum operator induces a partial order on costs that will serve as a basis for approximating costs.

From such a rule-based semantics, there is a straightforward way to obtain a transition matrix, which entries represent the cost of passing from one state of the program to another. This expresses the semantics of a program as a linear operator on the moduloid of vectors of costs indexed over states.

We are interested in analysing programs with cyclic behaviour (such as reactive systems) in which the asymptotic average cost along cycles, rather than the global cost of the entire execution, is of interest. We define the notion of long-run cost for a program which provides an over-approximation of the average cost per transition of long traces. This notion corresponds to the maximum average of costs accumulated along a cycle of the program semantics and is computed from the traces of the successive iterates of the cost matrix. We have encapsulated all the properties necessary for defining such a long-run cost into the notion of a cost dioid, namely complete idempotent dioids equipped with a n-th root operator.

The quantitative operational semantics operates on state spaces that may be large or even infinite so the computation of quantitative semantic models, like their qualitative counterparts, is usually not tractable. Hence, it is necessary to develop techniques for abstracting this semantics,
in order to return an approximation of the program costs that is feasible to compute. In line with the semantic machinery used to model programs, abstractions are also defined as linear operators from the moduloid over the concrete state space into the moduloid over the abstract one. Given
such an abstraction over the semantic domains, we then have to abstract the transition matrix of the program itself into a matrix of reduced size. We give a sufficient condition for an abstraction of the semantics to be correct,
*i.e.* to give an over-approximation of the real cost, and show how an abstract semantics that is correct by construction can be derived from the concrete one. The long-run cost of a program is thus safely approximated by an abstract long-run cost, with respect to the order relation
induced by the summation operator of the dioid
[20] .

The framework proposed here covers a number of different costs related to resource usage (time and memory) of programs. To demonstrate the generality of the framework, we consider the less common (compared to time and space) analysis of cache behaviour and the number of cache misses in programs. We illustrate the notions of quantitative semantics, abstraction and long-run cost on a program written in a simple, intermediate bytecode language (inspired by Java Card) onto which we impose a particular cache model.