Shock with Confidence: Formal Proofs of Correctness for Hyperbolic Partial Differential Equation Solvers
Jonathan Gorard, Ammar Hakim
TL;DR
The paper develops a formal verification pipeline in Racket to produce provably correct first-order hyperbolic PDE solvers and automatically generate verifiable C implementations, addressing the numerical challenges posed by shocks and discontinuities. By encoding PDEs, flux functions, and CFL constraints in a domain-specific language, and applying floating-point-aware symbolic theorem-proving and automatic differentiation, the work proves key properties such as hyperbolicity preservation, $L^1$/$L^2$/$L^\infty$ stability, and flux continuity for selected schemes like Lax-Friedrichs and Roe, including second-order extensions with flux limiters. The results demonstrate full proofs for scalar equations and several vector systems (notably Maxwell and isothermal Euler) with partial proofs in some isothermal Euler components, highlighting both the potential and current limitations of the approach. The work provides a solid proof-of-concept toward widespread formal verification of numerical solvers, with plans to extend to ODE integrators, DG methods, and broader solver families, thereby increasing reliability in scientific computing pipelines such as Gkeyll.
Abstract
First-order systems of hyperbolic partial differential equations (PDEs) occur ubiquitously throughout computational physics, commonly used in simulations of fluid turbulence, shock waves, electromagnetic interactions, and even general relativistic phenomena. Such equations are often challenging to solve numerically in the non-linear case, due to their tendency to form discontinuities even for smooth initial data, which can cause numerical algorithms to become unstable, violate conservation laws, or converge to physically incorrect solutions. In this paper, we introduce a new formal verification pipeline for such algorithms in Racket, which allows a user to construct a bespoke hyperbolic PDE solver for a specified equation system, generate low-level C code which verifiably implements that solver, and then produce formal proofs of various mathematical and physical correctness properties of the resulting implementation, including L^2 stability, flux conservation, and physical validity. We outline how these correctness proofs are generated, using a custom-built theorem-proving and automatic differentiation framework that fully respects the algebraic structure of floating-point arithmetic, and show how the resulting C code may either be used to run standalone simulations, or integrated into a larger computational multiphysics framework such as Gkeyll.