Skip to main content
Log in

Credible autocoding of convex optimization algorithms

  • Published:
Optimization and Engineering Aims and scope Submit manuscript


The efficiency of modern optimization methods, coupled with increasing computational resources, has led to the possibility of real-time optimization algorithms acting in safety-critical roles. There is a considerable body of mathematical proofs on on-line optimization algorithms which can be leveraged to assist in the development and verification of their implementation. In this paper, we demonstrate how theoretical proofs of real-time optimization algorithms can be used to describe functional properties at the level of the code, thereby making it accessible for the formal methods community. The running example used in this paper is a generic semi-definite programming solver. Semi-definite programs can encode a wide variety of optimization problems and can be solved in polynomial time at a given accuracy. We describe a top-down approach that transforms a high-level analysis of the algorithm into useful code annotations. We formulate some general remarks on how such a task can be incorporated into a convex programming autocoder. We then take a first step towards the automatic verification of the optimization program by identifying key issues to be addressed in future work.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16

Similar content being viewed by others


  1. The terms “interior-point method” and “interior-point algorithm” are used interchangeably in this paper.

  2. In this case, the condition that p is transformable to a symmetric matrix P is guaranteed by the way SDP problems in control are formulated (Gahinet and Apkarian 1994; Boyd 1994).


  • Alizadeh F (1993) Interior point methods in semidefinite programming with applications to combinatorial optimization. SIAM J Optim 5:13–51

    Article  MathSciNet  MATH  Google Scholar 

  • Alizadeh F, Haeberly J-PA, Overton ML (1994) Primal–dual interior-point methods for semidefinite programming: convergence rates, stability and numerical results. SIAM J Optim 5:13–51

    Article  MathSciNet  MATH  Google Scholar 

  • Baudin P, Filliâtre J-C, Marché C, Monate B, Moy Y, Prevosto V (2008) ACSL: ANSI/ISO C specification language. Accessed 22 Nov 2015

  • Bodson M (2002) Evaluation of optimization methods for control allocation. J Guid Control Dyn 25(4):703–711

    Article  Google Scholar 

  • Boyd S, Vandenberghe L (2004) Convex optimization. Cambridge University Press, New York

    Book  MATH  Google Scholar 

  • Boyd S, El Ghaoui L, Feron E, Balakrishnan V (1994) Linear matrix inequalities in system and control theory. Studies in applied mathematics, vol 15. SIAM, Philadelphia

  • Cuoq P, Kirchner F, Kosmatov N, Prevosto V, Signoles J, Yakobowski B (2012) Frama-C: a software analysis perspective. In: Proceedings of the 10th international conference on software engineering and formal methods, SEFM’12. Springer, Berlin, pp 233–247

  • De Moura L, Bjørner N (2008) Z3: an efficient SMT solver. In: Proceedings of the theory and practice of software, 14th international conference on tools and algorithms for the construction and analysis of systems, TACAS’08/ETAPS’08. Springer, Berlin, pp 337–340

  • Dieumegard A, Toom A, Pantel M (2012) Model-based formal specification of a DSL library for a qualified code generator. In: Proceedings of the 12th workshop on OCL and textual modelling, OCL ’12, New York, NY, USA, 2012. ACM, Innsbruck, Austria, pp 61–62

  • Dijkstra EW (1975) Guarded commands, nondeterminacy and formal derivation of programs. Commun ACM 18(8):453–457

    Article  MathSciNet  MATH  Google Scholar 

  • Dijkstra E (1976) A discipline of programming. Prentice-Hall, Englewood Cliffs

    MATH  Google Scholar 

  • Floyd RW (1967) Assigning meanings to programs. Math Asp Comput Sci 19:19–32

    Article  MathSciNet  MATH  Google Scholar 

  • Gahinet P, Apkarian P (1994) A linear matrix inequality approach to h\(\infty \) control. Int J Robust Nonlinear Control 4(4):421–448

    Article  MathSciNet  MATH  Google Scholar 

  • Gentzen G (1935) Untersuchungen über das logische schließen. i. Math Z 39(1):176–210

    Article  MathSciNet  MATH  Google Scholar 

  • Helmberg C, Rendl F, Vanderbei RJ, Wolkowicz H (1996) An interior-point method for semidefinite programming. SIAM J Optim 6:342–361

    Article  MathSciNet  MATH  Google Scholar 

  • Hoare CAR (1969) An axiomatic basis for computer programming. Commun ACM 12:576–580

    Article  MATH  Google Scholar 

  • Jobredeaux R (2015) Formal verification of control software. PhD Thesis, Georgia Institute of Technology

  • Kojima M, Shindoh S, Hara S (1997) Interior-point methods for the monotone semidefinite linear complementarity problem in symmetric matrices. SIAM J Optim 7(1):86–125

    Article  MathSciNet  MATH  Google Scholar 

  • Löfberg J (2004) YALMIP: a toolbox for modeling and optimization in MATLAB. IEEE international symposium on computer aided control systems design, 2004. Tapei, Taiwan.

  • Mattingley J, Boyd S (2012) CVXGEN: a code generator for embedded convex optimization. Optim Eng 13(1):1–27

    Article  MathSciNet  MATH  Google Scholar 

  • McGovern LK (2000) Computational analysis of real-time convex optimization for control systems. PhD Thesis, Massachusetts Institute of Technology, Boston

  • McGovern L, Feron E (1998) Requirements and hard computational bounds for real-time optimization in safety-critical control systems. In: Proceedings of the 37th IEEE conference on decision and control, 1998, vol 3, pp 3366–3371

  • Monteiro RDC (1997) Primal–dual path-following algorithms for semidefinite programming. SIAM J Optim 7(3):663–678

    Article  MathSciNet  MATH  Google Scholar 

  • Monteiro RDC, Zhang Y (1998) A unified analysis for a class of long-step primal–dual path-following interior-point algorithms for semidefinite programming. Math Program 81:281–299

    MathSciNet  MATH  Google Scholar 

  • Moskewicz MW, Madigan CF, Zhao Y, Zhang L, Malik S (2001) Chaff: engineering an efficient SAT solver. In: Proceedings of the 38th annual design automation conference, DAC ’01, New York, NY, USA, 2001. ACM, pp 530–535

  • Nesterov Y, Nemirovskii A (1988) A general approach to the design of optimal methods for smooth convex functions minimization. Ekon Mat Metod 24:509–517

    MathSciNet  Google Scholar 

  • Nesterov Y, Nemirovskii A (1989) Self-concordant functions and polynomial time methods in convex programming. Materialy po matematicheskomu obespecheniiu EVM. USSR Academy of Sciences, Central Economic and Mathematic Institute

  • Nesterov Y, Nemirovskii A (1994) Interior-point polynomial algorithms in convex programming. Studies in applied mathematics. Society for Industrial and Applied Mathematics, Philadelphia

  • Nesterov Y, Todd MJ (1995) Primal–dual interior-point methods for self-scaled cones. SIAM J Optim 8:324–364

    Article  MathSciNet  MATH  Google Scholar 

  • Owre S, Rushby JM, Shankar N (1992) PVS: a prototype verification system. In: CADE, LNAI, vol 607. Springer, Berlin, pp 748–752

  • Owre S, Shankar N, Rushby JM, Stringer-Calvert DWJ (1999) PVS language reference. Computer Science Laboratory, SRI International, Menlo Park

    Google Scholar 

  • Richter S, Jones CN, Morari M (2013) Certification aspects of the fast gradient method for solving the dual of parametric convex programs. Math Methods Oper Res 77(3):305–321

    Article  MathSciNet  MATH  Google Scholar 

  • Rinard M (1999) Credible compilation. In: Proceedings of CC 2001: international conference on compiler construction, technical report, 1999

  • Roux P, Jobredeaux R, Garoche P-L, Feron E (2012) A generic ellipsoid abstract domain for linear time invariant systems. In: HSCC, 2012, pp 105–114

  • RTCA (2011a) DO-333 formal methods supplement to DO-178C and DO-278A. Technical report

  • RTCA (2011b) DO-178C, software considerations in airborne systems and equipment certification

  • Sturm JF (1999) Using SeDuMi 1.02, a MATLAB toolbox for optimization over symmetric cones. Optim Methods Softw 11(1–4):625–653

    Article  MathSciNet  MATH  Google Scholar 

  • Todd MJ (1999) A study of search directions in primal–dual interior-point methods for semidefinite programming. Optim Methods Softw 11(1–4):1–46

    MathSciNet  MATH  Google Scholar 

  • Todd MJ (2001) Semidefinite optimization. Acta Numer 2001 10:515–560

    MathSciNet  MATH  Google Scholar 

  • Todd M, Toh K, Tütüncü R (1998) On the Nesterov–Todd direction in semidefinite programming. SIAM J Optim 8(3):769–796

    Article  MathSciNet  MATH  Google Scholar 

  • Toh K-C, Todd MJ, Tütüncü RH (1999) SDPT3—a MATLAB software package for semidefinite programming, version 1.3. Optim Methods Softw 11(1–4):545–581

    Article  MathSciNet  MATH  Google Scholar 

  • Turing AM (1949) Checking a large routine. In: Report of a conference on high speed automatic calculating machines, pp 67–69

  • Wang TE (2015) Credible autocoding of control software. PhD Thesis, Georgia Institute of Technology

  • Wang T, Jobredeaux R, Feron E (2011) A graphical environment to express the semantics of control systems. arXiv:1108.4048. Accessed 23 Nov 2015

  • Wang T, Jobredeaux R, Herencia-Zapana H, Garoche P-L, Dieumegard A, Feron E, Pantel M (2013) From design to implementation: an automated, credible autocoding chain for control systems. In: CoRR, abs/1307.2641, 2013

  • Yamashita M, Fujisawa K, Fukuda M, Kobayashi K, Nakata K, Nakata M (2012) Latest developments in the SDPA family for solving large-scale SDPs. In: Handbook on semidefinite, conic and polynomial optimization. Springer, New York, pp 687–713

  • Zhang S (2000) Quadratic maximization and semidefinite relaxation. Math Program 87(3):453–465

    Article  MathSciNet  MATH  Google Scholar 

Download references


The authors would like to thank the French National Research Agency (ANR) for its support under ASTRID Project VORACE (Vérification de l’Optimisation Rapide Appliquée à la Commande Embarquée), the National Science Foundation under CNS Grants 1135955 “CPS: Medium: Collaborative Research: Credible Autocoding and Verification of Embedded Software (CrAVES)”, and 1446758 “CPS: Synergy: Collaborative Research: Semantics of Optimization for Real Time Intelligent Embedded Systems (SORTIES)”, as well as the Army Research Office under MURI Award W911NF-11-1-0046.

Author information

Authors and Affiliations


Corresponding author

Correspondence to Timothy Wang.



The function \({\texttt{vecs}}\) is similar to the standard vectorization function but specialized for symmetric matrices. It is defined as, for \(1\le i < j \le n\) and \(M \in {\mathbb {S}}^{n},\)

$$\begin{aligned} \displaystyle {{\mathrm{vecs}}}\, {M} = \begin{bmatrix} M_{11}, \ldots , \sqrt{2} M_{ij}, \ldots , M_{nn} \end{bmatrix} ^{\text {T}}. \end{aligned}$$

The factor \(\sqrt{2}\) ensures the function \({\texttt{vecs}}\) preserves the distance defined by the respective inner products of \({\mathbb {S}}^{n}\) and \(\mathbb {R}^{\frac{n \left( n+1\right) }{2}}.\) The function \({\texttt{mats}}\) is the inverse of \({\texttt{vecs}}.\) The function \({\texttt{krons}},\) denoted by the symbol \(\otimes _{sym},\) is similar to the standard Kronecker product but specialized for symmetric matrix equations. It has the property

$$\begin{aligned} \displaystyle \left( Q_{1} \otimes _{sym}Q_{2} \right) {{\mathrm{vecs}}}{(M)} = {{\mathrm{vecs}}}{\left( \frac{1}{2} \left( Q_{1} M Q_{2}^{\text {T}} + Q_{2} M Q_{1}^{\text {T}} \right) \right) }. \end{aligned}$$

Let \(Q_{1}=TZ\) and \(Q_{2}=T_{inv}\) and \(M=\varDelta X,\) we get

$$\begin{aligned} \displaystyle \left( TZ \otimes _{sym}T_{inv} \right) {{\mathrm{vecs}}}{(\varDelta X)} = {{\mathrm{vecs}}}{\left( \frac{1}{2} \left( TZ \varDelta X T_{inv} + T_{inv} \varDelta X ZT\right) \right) }. \end{aligned}$$

Additionally, let \(Q_{1}=T,\,Q_{2}=XT_{inv},\) and \(M=\varDelta Z,\) we get

$$\begin{aligned} \displaystyle \left( T \otimes _{sym}XT_{inv} \right) {{\mathrm{vecs}}}{(\varDelta Z)} = {{\mathrm{vecs}}}{\left( \frac{1}{2} \left( T \varDelta Z XT_{inv} + T_{inv} X \varDelta Z T\right) \right) }. \end{aligned}$$

Combining (49) and (50), we get exactly the left hand side of the third equation in (24). Given a \(\varDelta Z,\) we can compute \(\varDelta X\) by solving \(A\delta x=b\) for \(\delta x\) where

$$\begin{aligned}&A=\left( TZ \otimes _{sym}T_{inv} \right) , \\&\varDelta X = {{\mathrm{mats}}}{\left( \delta x,\,n\right) }, \\&b={{\mathrm{vecs}}}{\left( \sigma \mu I - T_{inv} X T_{inv} \right) } - \left( T \otimes _{sym}XT_{inv} \right) {{\mathrm{vecs}}}{(\varDelta Z)}. \end{aligned}$$

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Wang, T., Jobredeaux, R., Pantel, M. et al. Credible autocoding of convex optimization algorithms. Optim Eng 17, 781–812 (2016).

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: