## Section: Research Program

### Background on non-standard analysis

Non-Standard analysis plays a central role in our research on hybrid systems modeling [3] , [9] , [10] , [6] . The following text provides a brief summary of this theory and gives some hints on its usefulness in the context of hybrid systems modeling. This presentation is based on our paper [3] , a chapter of Simon Bliudze's PhD thesis [21] , and a recent presentation of non-standard analysis, not axiomatic in style, due to the mathematician Lindström [40] .

Non-standard numbers allowed us to reconsider the semantics of hybrid
systems and propose a radical alternative to the *super-dense
time semantics* developed by Edward Lee and his team as part of the
Ptolemy II project, where cascades of successive instants can occur in
zero time by using ${\mathbb{R}}_{+}\times \mathbb{N}$ as a time index. In the non-standard
semantics, the time index is defined as a set
$\mathbb{T}=\{n\partial \mid n\in {}^{*}\mathbb{N}\}$, where $\partial $ is an
*infinitesimal* and ${}^{*}\mathbb{N}$ is the set of *non-standard
integers* is such that 1/ $\mathbb{T}$ is dense in ${\mathbb{R}}_{+}$, making it
“continuous”, and 2/ every $t\in \mathbb{T}$ has a predecessor in $\mathbb{T}$ and a
successor in $\mathbb{T}$, making it “discrete”. Although it is not effective from
a computability point of view, the *non-standard semantics*
provides a framework that is familiar to the computer
scientist and at the same time efficient as a symbolic
abstraction. This makes it an excellent candidate for the development
of provably correct compilation schemes and type systems for hybrid
systems modeling languages.

Non-standard analysis was proposed by Abraham Robinson in the 1960s to allow the explicit manipulation of “infinitesimals” in analysis [46] , [34] , [11] . Robinson's approach is axiomatic; he proposes adding three new axioms to the basic Zermelo-Fraenkel (ZFC) framework. There has been much debate in the mathematical community as to whether it is worth considering non-standard analysis instead of staying with the traditional one. We do not enter this debate. The important thing for us is that non-standard analysis allows the use of the non-standard discretization of continuous dynamics “as if” it was operational.

Not surprisingly, such an idea is quite ancient. Iwasaki et al. [36] first proposed using non-standard analysis to discuss the nature of time in hybrid systems. Bliudze and Krob [22] , [21] have also used non-standard analysis as a mathematical support for defining a system theory for hybrid systems. They discuss in detail the notion of “system” and investigate computability issues. The formalization they propose closely follows that of Turing machines, with a memory tape and a control mechanism.

The introduction to non-standard analysis in [21] is very pleasant and we take the liberty to borrow it. This presentation was originally due to Lindstrøm, see [40] . Its interest is that it does not require any fancy axiomatic material but only makes use of the axiom of choice — actually a weaker form of it. The proposed construction bears some resemblance to the construction of $\mathbb{R}$ as the set of equivalence classes of Cauchy sequences in $\mathbb{Q}$ modulo the equivalence relation $\left({u}_{n}\right)\approx \left({v}_{n}\right)$ iff ${lim}_{n\to \infty}({u}_{n}-{v}_{n})=0$.

#### Motivation and intuitive introduction

We begin with an intuitive introduction to the construction of the non-standard reals. The goal is to augment $\mathbb{R}\cup \{\pm \infty \}$ by adding, to each $x$ in the set, a set of elements that are “infinitesimally close” to it. We will call the resulting set ${}^{*\phantom{\rule{-0.166667em}{0ex}}}\phantom{\rule{0.166667em}{0ex}}\mathbb{R}$. Another requirement is that all operations and relations defined on $\mathbb{R}$ should extend to ${}^{*\phantom{\rule{-0.166667em}{0ex}}}\phantom{\rule{0.166667em}{0ex}}\mathbb{R}$.

A first idea is to represent such additional numbers as convergent sequences of reals. For example, elements infinitesimally close to the real number zero are the sequences ${u}_{n}=1/n$, ${v}_{n}=1/\sqrt{n}$ and ${w}_{n}=1/{n}^{2}$. Observe that the above three sequences can be ordered: ${v}_{n}>{u}_{n}>{w}_{n}>0$ where 0 denotes the constant zero sequence. Of course, infinitely large elements (close to $+\infty $) can also be considered, e.g., sequences ${x}_{u}=n$, ${y}_{n}=\sqrt{n}$, and ${z}_{n}={n}^{2}$.

Unfortunately, this way of defining ${}^{*\phantom{\rule{-0.166667em}{0ex}}}\phantom{\rule{0.166667em}{0ex}}\mathbb{R}$ does not yield a total order
since two sequences converging to zero cannot always be
compared: if ${u}_{n}$ and ${u}_{n}^{\text{'}}$ are two such sequences, the three sets
$\{n\mid {u}_{n}>{u}_{n}^{\text{'}}\}$, $\{n\mid {u}_{n}={u}_{n}^{\text{'}}\}$, and $\{n\mid {u}_{n}<{u}_{n}^{\text{'}}\}$
may even all be infinitely large. The beautiful idea of Lindstrøm is to
enforce that *exactly one of the above sets is important and the
other two can be neglected*. This is achieved by fixing once and for
all a finitely additive positive measure $\mu $ over the set $\mathbb{N}$ of
integers with the following properties: (The existence of such
a measure is non trivial and is explained later.)

Now, once $\mu $ is fixed, one can compare any two sequences: for the above case, exactly one of the three sets must have $\mu $-measure 1 and the others must have $\mu $-measure 0. Thus, say that $u>{u}^{\text{'}},u={u}^{\text{'}}$, or $u<{u}^{\text{'}}$, if $\mu (\{n\mid {u}_{n}>{u}_{n}^{\text{'}}\}=1)$, $\mu \left(\{n\mid {u}_{n}={u}_{n}^{\text{'}}\}\right)=1$, or $\mu \left(\{n\mid {u}_{n}<{u}_{n}^{\text{'}}\}\right)=1$, respectively. Indeed, the same trick works for many other relations and operations on non-standard real numbers, as we shall see. We now proceed with a more formal presentation.

#### Construction of non-standard domains

For $I$ an arbitrary set, a *filter* $\mathcal{F}$ over $I$ is a family of subsets of $I$ such that:

Consequently, $\mathcal{F}$ cannot contain both a set $P$ and its complement
${P}^{c}$. A filter that contains one of the two for any subset
$P\subseteq I$ is called an *ultra-filter*. At this point we
recall Zorn's lemma, known to be equivalent to the axiom of choice:

**Lemma 1 (Zorn's lemma)**
*Any partially ordered set $(X,\le )$ such that any chain in $X$
possesses an upper bound has a maximal element.*

A filter $\mathcal{F}$ over $I$ is an ultra-filter if and only if it is maximal with
respect to set inclusion.
By Zorn's lemma, any filter $\mathcal{F}$ over $I$ can be extended to an
ultra-filter over $I$.
Now, if $I$ is infinite, the family of sets $\mathcal{F}=$
$\{P\subseteq I\mid {P}^{c}\phantom{\rule{4.pt}{0ex}}\text{is}\phantom{\rule{4.pt}{0ex}}\text{finite}\}$ is a *free*
filter, meaning it contains no finite set. It can thus be extended to
a free ultra-filter over $I$:

**Lemma 2**
*Any infinite set has a free ultra-filter.*

Every free ultra-filter $\mathcal{F}$ over $I$ uniquely defines, by setting
$\mu \left(P\right)=1$ if $P\in \mathcal{F}$ and otherwise 0, a finitely additive
measure (Observe that, as a consequence, $\mu $ cannot be
sigma-additive (in contrast to probability measures or Radon
measures) in that it is *not* true that $\mu \left({\bigcup}_{n}{A}_{n}\right)={\sum}_{n}\mu \left({A}_{n}\right)$ holds for an infinite denumerable sequence
${A}_{n}$ of pairwise disjoint subsets of $\mathbb{N}$.) $\mu :{2}^{I}\mapsto \{0,1\}$, which satisfies

Now, fix an infinite set $I$ and a finitely additive measure $\mu $ over $I$ as above. Let $\mathbb{X}$ be a set and consider the Cartesian product ${\mathbb{X}}^{I}={\left({x}_{i}\right)}_{i\in I}$. Define $\left({x}_{i}\right)\approx \left({x}_{i}^{\text{'}}\right)$ iff $\mu \{i\in I\mid {x}_{i}\ne {x}_{i}^{\text{'}}\}=0$. Relation $\approx $ is an equivalence relation whose equivalence classes are denoted by $\left[{x}_{i}\right]$ and we define

$\begin{array}{c}\hfill {}^{*\phantom{\rule{-0.166667em}{0ex}}}\phantom{\rule{0.166667em}{0ex}}\mathbb{X}={\mathbb{X}}^{I}/\approx \end{array}$ | (1) |

$\mathbb{X}$ is naturally embedded into ${}^{*\phantom{\rule{-0.166667em}{0ex}}}\phantom{\rule{0.166667em}{0ex}}\mathbb{X}$ by mapping every $x\in \mathbb{X}$ to the constant tuple such that ${x}_{i}=x$ for every $i\in I$. Any algebraic structure over $\mathbb{X}$ (group, ring, field) carries over to ${}^{*\phantom{\rule{-0.166667em}{0ex}}}\phantom{\rule{0.166667em}{0ex}}\mathbb{X}$ by almost point-wise extension. In particular, if $\left[{x}_{i}\right]\ne 0$, meaning that $\mu \{i\mid {x}_{i}=0\}=0$ we can define its inverse ${\left[{x}_{i}\right]}^{-1}$ by taking ${y}_{i}={x}_{i}^{-1}$ if ${x}_{i}\ne 0$ and ${y}_{i}=0$ otherwise. This construction yields $\mu \{i\mid {y}_{i}{x}_{i}=1\}=1$, whence $\left[{y}_{i}\right]\left[{x}_{i}\right]=1$ in ${}^{*\phantom{\rule{-0.166667em}{0ex}}}\phantom{\rule{0.166667em}{0ex}}\mathbb{X}$. The existence of an inverse for any non-zero element of a ring is indeed stated by the formula: $\forall x\phantom{\rule{0.166667em}{0ex}}(x=0\vee \exists y\phantom{\rule{0.166667em}{0ex}}(xy=1\left)\right)$. More generally:

**Lemma 3 (Transfer Principle)**
*Every first order formula is true over ${}^{*\phantom{\rule{-0.166667em}{0ex}}}\phantom{\rule{0.166667em}{0ex}}\mathbb{X}$ iff it is true over $\mathbb{X}$.*

#### Non-standard reals and integers

The above general construction can simply be applied to $\mathbb{X}=\mathbb{R}$ and
$I=\mathbb{N}$.
The result is denoted ${}^{*\phantom{\rule{-0.166667em}{0ex}}}\phantom{\rule{0.166667em}{0ex}}\mathbb{R}$; it is a field according to the transfer
principle.
By the same principle, ${}^{*\phantom{\rule{-0.166667em}{0ex}}}\phantom{\rule{0.166667em}{0ex}}\mathbb{R}$ is totally ordered by $\left[{u}_{n}\right]\le \left[{v}_{n}\right]$
iff $\mu \{n\mid {u}_{n}>{v}_{n}\}=0$.
We claim that, for any finite $\left[{x}_{n}\right]\in {}^{*\phantom{\rule{-0.166667em}{0ex}}}\phantom{\rule{0.166667em}{0ex}}\mathbb{R}$, there exists a unique
$\mathrm{\mathit{s}\mathit{t}}\left(\left[{x}_{n}\right]\right)$, call it the *standard part* of $\left[{x}_{n}\right]$, such that

$\begin{array}{ccc}\hfill \mathrm{\mathit{s}\mathit{t}}\left(\left[{x}_{n}\right]\right)\in \mathbb{R}& \text{and}& \mathrm{\mathit{s}\mathit{t}}\left(\left[{x}_{n}\right]\right)\approx \left[{x}_{n}\right]\phantom{\rule{0.166667em}{0ex}}.\hfill \end{array}$ | (2) |

To prove this, let $x=sup\{u\in \mathbb{R}\mid \left[u\right]\le \left[{x}_{n}\right]\}$, where $\left[u\right]$ denotes the constant sequence equal to $u$. Since $\left[{x}_{n}\right]$ is finite, $x$ exists and we only need to show that $\left[{x}_{n}\right]-x$ is infinitesimal. If not, then there exists $y\in \mathbb{R},y>0$ such that $y<|x-[{x}_{n}\left]\right|$, that is, either $x<\left[{x}_{n}\right]-\left[y\right]$ or $x>\left[{x}_{n}\right]+\left[y\right]$, which both contradict the definition of $x$. The uniqueness of $x$ is clear, thus we can define $\mathrm{\mathit{s}\mathit{t}}\left(\left[{x}_{n}\right]\right)=x$. Infinite non-standard reals have no standard part in $\mathbb{R}$.

It is also of interest to apply the general construction
(1 ) to $\mathbb{X}=I=\mathbb{N}$, which results in the set ${}^{*\phantom{\rule{-0.166667em}{0ex}}}\phantom{\rule{0.166667em}{0ex}}\mathbb{N}$ of
*non-standard natural numbers*.
The non-standard set ${}^{*\phantom{\rule{-0.166667em}{0ex}}}\phantom{\rule{0.166667em}{0ex}}\mathbb{N}$ differs from
$\mathbb{N}$ by the addition of *infinite natural numbers,* which are
equivalence classes of sequences of integers whose essential limit is
$+\infty $.

#### Integrals and differential equations: the standardization principle

Any sequence $\left({g}_{n}\right)$ of functions ${g}_{n}:\mathbb{R}\mapsto \mathbb{R}$ point-wise defines a function $\left[{g}_{n}\right]:{}^{*\phantom{\rule{-0.166667em}{0ex}}}\phantom{\rule{0.166667em}{0ex}}\mathbb{R}\mapsto {}^{*\phantom{\rule{-0.166667em}{0ex}}}\phantom{\rule{0.166667em}{0ex}}\mathbb{R}$ by setting

$\begin{array}{c}\hfill \left[{g}_{n}\right]\left(\left[{x}_{n}\right]\right)=\left[{g}_{n}\left({x}_{n}\right)\right]\end{array}$ | (3) |

A function ${}^{*\phantom{\rule{-0.166667em}{0ex}}}\phantom{\rule{0.166667em}{0ex}}\mathbb{R}\to {}^{*\phantom{\rule{-0.166667em}{0ex}}}\phantom{\rule{0.166667em}{0ex}}\mathbb{R}$ so obtained is called *internal*.
Properties of and operations on ordinary
functions extend point-wise to internal functions of
${}^{*\phantom{\rule{-0.166667em}{0ex}}}\phantom{\rule{0.166667em}{0ex}}\mathbb{R}\to {}^{*\phantom{\rule{-0.166667em}{0ex}}}\phantom{\rule{0.166667em}{0ex}}\mathbb{R}$. The *non-standard version* of
$g:\mathbb{R}\to \mathbb{R}$ is the internal function
${}^{*\phantom{\rule{-0.166667em}{0ex}}}g=[g,g,g,\cdots ]$. The same notions apply to sets. An internal
set $A=\left[{A}_{n}\right]$ is called *hyperfinite* if $\mu \{n\mid {A}_{n}\phantom{\rule{4.pt}{0ex}}\text{finite}\}=1$; the *cardinal* $\left|A\right|$ of $A$ is defined as
$\left[\right|{A}_{n}\left|\right]$.

Now, consider an infinite number $N\in {}^{*\phantom{\rule{-0.166667em}{0ex}}}\phantom{\rule{0.166667em}{0ex}}\mathbb{N}$ and the set

$\begin{array}{c}\hfill T=\left\{\phantom{\rule{0.166667em}{0ex}}0,\frac{1}{N},\frac{2}{N},\frac{3}{N},\cdots \frac{N-1}{N},1\phantom{\rule{0.166667em}{0ex}}\right\}\end{array}$ | (4) |

By definition, if $N=\left[{N}_{n}\right]$, then $T=\left[{T}_{n}\right]$ with

hence $\left|T\right|=\left[\right|{T}_{n}\left|\right]=[{N}_{n}+1]=N+1$.
Now, consider an internal function $g=\left[{g}_{n}\right]$ and a hyperfinite set
$A=\left[{A}_{n}\right]$.
The *sum* of $g$ over $A$ can be defined:

If $t$ is as above, and $f:\mathbb{R}\to \mathbb{R}$ is a standard function, we obtain

$\begin{array}{c}\hfill \sum _{t\in T}\frac{1}{N}{}^{*\phantom{\rule{-0.166667em}{0ex}}}f\left(t\right)=\left[\phantom{\rule{0.166667em}{0ex}}\sum _{t\in {T}_{n}}\frac{1}{{N}_{n}}f\left({t}_{n}\right)\right]\end{array}$ | (5) |

Now, $f$ continuous implies ${\sum}_{t\in {T}_{n}}\frac{1}{{N}_{n}}f\left({t}_{n}\right)\to {\int}_{0}^{1}f\left(t\right)\phantom{\rule{0.166667em}{0ex}}\mathrm{\mathit{d}\mathit{t}}$, so,

$\begin{array}{c}\hfill {\int}_{0}^{1}f\left(t\right)\phantom{\rule{0.166667em}{0ex}}\mathrm{\mathit{d}\mathit{t}}=\mathrm{\mathit{s}\mathit{t}}\left(\phantom{\rule{0.166667em}{0ex}}\sum _{t\in T}\phantom{\rule{0.166667em}{0ex}}\frac{1}{N}{}^{*\phantom{\rule{-0.166667em}{0ex}}}f\left(t\right)\phantom{\rule{0.166667em}{0ex}}\right)\end{array}$ | (6) |

Under the same assumptions, for any $t\in [0,1]$,

$\begin{array}{c}\hfill {\int}_{0}^{t}f\left(u\right)\phantom{\rule{0.166667em}{0ex}}\mathrm{\mathit{d}\mathit{u}}=\mathrm{\mathit{s}\mathit{t}}\left(\phantom{\rule{0.166667em}{0ex}}\sum _{u\in T,u\le t}\phantom{\rule{4pt}{0ex}}\frac{1}{N}{}^{*\phantom{\rule{-0.166667em}{0ex}}}f\left(t\right)\phantom{\rule{0.166667em}{0ex}}\right)\end{array}$ | (7) |

Now, consider the following ODE:

$\begin{array}{c}\hfill \dot{x}=f(x,t),\phantom{\rule{4pt}{0ex}}\phantom{\rule{4pt}{0ex}}x\left(0\right)={x}_{0}\end{array}$ | (8) |

Assume (8 ) possesses a solution $[0,1]\ni t\mapsto x\left(t\right)$ such that the function $t\mapsto f\left(x\right(t),t)$ is continuous. Rewriting (8 ) in its equivalent integral form $x\left(t\right)={x}_{0}+{\int}_{0}^{t}f(x\left(u\right),u)\phantom{\rule{0.166667em}{0ex}}\mathrm{\mathit{d}\mathit{u}}$ and using (7 ) yields

$\begin{array}{c}\hfill x\left(t\right)=\mathrm{\mathit{s}\mathit{t}}\left(\phantom{\rule{0.166667em}{0ex}}{x}_{0}+\sum _{u\in T,u\le t}\phantom{\rule{4pt}{0ex}}\frac{1}{N}{}^{*\phantom{\rule{-0.166667em}{0ex}}}f(x\left(u\right),u)\phantom{\rule{0.166667em}{0ex}}\right)\end{array}$ | (9) |

The substitution in (9 ) of $\partial =1/N$, which is positive and infinitesimal, yields $T=\{{t}_{n}=n\partial \mid n=0,\cdots ,N\}$. The expression in parentheses on the right hand side of (9 ) is the piecewise-constant right-continuous function ${}^{*\phantom{\rule{-0.166667em}{0ex}}}x\left(t\right),t\in [0,1]$ such that, for $n=1,\cdots ,N$:

$\begin{array}{c}\hfill \begin{array}{ccc}{}^{*\phantom{\rule{-0.166667em}{0ex}}}x\left({t}_{n}\right)\hfill & =& {}^{*\phantom{\rule{-0.166667em}{0ex}}}x\left({t}_{n-1}\right)+\partial \times {}^{*\phantom{\rule{-0.166667em}{0ex}}}f({}^{*\phantom{\rule{-0.166667em}{0ex}}}x\left({t}_{n-1}\right),{t}_{n-1})\hfill \\ {}^{*\phantom{\rule{-0.166667em}{0ex}}}x\left({t}_{0}\right)\hfill & =& {x}_{0}\hfill \end{array}\end{array}$ | (10) |

By (9 ), the solutions $x$, of ODE (8 ), and
${}^{*\phantom{\rule{-0.166667em}{0ex}}}x$, as defined by recurrence
(10 ), are related by $x=\mathrm{\mathit{s}\mathit{t}}\left({}^{*\phantom{\rule{-0.166667em}{0ex}}}x\right)$.
Formula (10 ) can be seen as a *non-standard
operational semantics* for ODE (8 ); one which depends on
the choice of infinitesimal step parameter $\partial $.
Property (9 ), though, expresses the idea
that all these non-standard semantics are equivalent from the standard
viewpoint regardless of the choice made for $\partial $.
This fact is referred to as the *standardization principle*.