A Compositional Approach to Network Algorithms
Abstract
We present elements of a typing theory for flow networks, where “types”, “typings”, and “type inference” are formulated in terms of familiar notions from polyhedral analysis and convex optimization. Based on this typing theory, we develop an alternative approach to the design and analysis of network algorithms, which we illustrate by applying it to the maxflow problem in multiplesource, multiplesink, capacited directed planar graphs.
Contents
 1 Introduction
 2 Flow Networks and Their Typings
 3 Principal Typings
 4 Disassembling and Reassembling Networks
 5 An Application: MaxFlows and MinFlows in Planar Networks
 6 Extensions and Future Work
 A Appendix: Further Comments and Examples for Section 2 and Section 3
 B Appendix: Proofs and Supporting Lemmas for Section 4
 C Appendix: Proofs and Supporting Lemmas for Section 5
 D Appendix: Further Comments for Section 6
1 Introduction
Background and motivation.
The work reported herein stems from a group effort to develop an integrated enviroment for system modeling and system analysis that are simultaneously: modular (“distributed in space”), incremental (“distributed in time”), and orderoblivious (“components can be analyzed and assembled in any order”). These are the three defining properties of what we call a compositional approach to system development. Several papers explain how this environment is defined and used, as well as its current state of development and implementation [4, 5, 6, 35, 34, 47]. An extra fortuitous benefit of our work has been a fresh perspective on the design and analysis of network algorithms.
For this approach to succeed at all, we need to appropriately encapsulate a system’s components as they are modeled and become available for analysis:^{1}^{1}1In this Introduction, a “component” is not taken in the graphtheoretic sense of “maximal connected subgraph”. It here means a “subnetwork” (or, if there is an underlying graph, a “subgraph”) with input and output ports to connect it with other “subnetworks”. We hide their internal workings, but also infer enough information to safely connect them at their boundaries and to later guarantee the safe operation of the system as a whole. The inferred information has to be formally encoded, and somehow composable at the interfaces, to enforce safety invariants throughout the process of assembling components and later during system operation. This is precisely the traditional role assigned to types and typings in a different context – namely, for a stronglytyped programming language, their purpose is to enforce safety invariants across program modules and abstractions. Naturally, our types and typings will be formalized differently here, depending on how we specify systems and on the choice of invariant properties.^{2}^{2}2Example of a safety invariant for programs: “A boolean value is never divided by .” Example of a safety invariant for networks: “Conservation of flow is never violated at a network node.”
To illustrate our methodology, we consider the classical maxflow problem in capacited directed graphs.^{3}^{3}3A comprehensive survey of algorithms for the maxflow problem is nearly impossible, as it is one of the most studied optimization problems over several decades. A broad classification is still useful, depending on concepts, proof techniques and/or graph restrictions. There is the family of algorithms based on the concept of augmenting path, starting with the FordFulkerson algorithm in the 1950’s [21]. A refinement of the augmentingpath method is the blocking flow method [19]. A later family of maxflow algorithms uses the preflow push (or push relabel) method [23, 27]. A survey of these families of maxflow algorithms to the end of the 1990’s is in [24, 2]. Later papers combine variants of augmentingpath algorithms and related blockingflow algorithms, variants of preflowpush algorithms, and algorithms combining different parts of all of these methodologies [41, 26, 25, 43]. Another late entry in this plethora of approaches uses the notion of pseudoflow [29, 12]. The most recent research includes maxflow algorithms restricted to planar graphs [8, 39, 9, 20], approximate maxflow algorithms restricted to undirected graphs [46, 33], and approximate and exact maxflow algorithms restricted to uncapacited undirected graphs using concepts of electrical flow [15, 40]. Since it comes at no extra cost for us, we simultaneously consider the minflow problem as well as the presence of multiple sources and multiple sinks. The minflow problem is meaningful only if arcs are assigned lowerbound capacities (or thresholds) which feasible flows are not allowed to go under. Every arc in our networks is therefore assigned two capacities, one lower bound and one upper bound.
For favorable comparison with other approaches, as far as runtime complexities are concerned, we limit our attention to planar networks, a sufficiently large class with many practical applications. It is also a class that has been studied extensively, often with further restrictions on the topology (e.g., undirected graphs vs. directed graphs) and/or the capacities (e.g., integral vs. rational). None of the latter restrictions are necessary for our approach to work. However, as of now, if we lift the planarity restriction, our runtime complexities exceed those of other approaches.
We stress that our methodology has applicability beyond the maxflow problem: It can be applied to tackle other networkrelated algorithmic problems, with different or additional measures of what qualify as desirable solutions, even if the associated runtime complexities are not linear or nearly linear.
Overview of our methodology.
The central concept of our approach is what we call a network typing. To make this work, a network (or network component) is allowed to have “dangling” arcs; in effect, is allowed to have multiple sources or input arcs (i.e., arcs whose tails are not incident to any node) and multiple sinks or output arcs (i.e., arcs whose heads are not incident to any node). Given a network , now with multiple input arcs and multiple output arcs, a typing for is an algebraic characterization of all the feasible flows in – including, in particular, all maximum feasible flows and all minimum feasible flows.
More precisely, a sound typing for network specifies constraints on the latter’s inputs and outputs, such that every assignment of values to its input/output arcs satisfying these constraints can be extended to a feasible flow in . Moreover, if the input/output constraints specified by are satisfied by every input/output assignment extendable to a feasible flow , then we say that is complete for . In analogy with a similar concept in stronglytyped programming languages, we call principal a typing which is both sound and complete – and satisfying a few additional syntactic requirements for easier inference of types and typings.
In our formulation, a typing for network defines a compact convex polyhedral set (or polytope), which we denote , in the vector space , where is the set of reals, and and are the numbers of input arcs and output arcs in . An input/output assignment satisfies if , viewed as a point in the space , is inside . Hence, is a sound typing (resp. sound+complete or principal typing) if is contained in (resp. equal to) the set of all input/output assignments extendable to feasible flows in .
Let and be principal typings for networks and . If we connect and by linking some of their output arcs to some of their input arcs, we obtain a new network which we denote (only in this introduction) . One of our results shows that a principal typing of can be obtained by direct (and relatively easy) algebraic operations on and , without any need to reexamine the internal details of the two components and . Put differently, an analysis (to produce a principal typing) for the assembled network can be directly and easily obtained from the analysis of and the analysis of .
What we have just described is the counterpart of what programminglanguage theorists call a modular (or syntaxdirected) analysis (or type inference), which infers a type for the whole program from the types of its subprograms, and the latter from the types of their respective subprograms, and so on recursively, down to the types of the smallest program fragments.^{4}^{4}4We will make a distinction between a “type” and a “typing”, similar to a distinction made by programminglanguage theorists.
Because our network typings denote polytopes, we can in fact make our approach not only modular but also compositional, now mathematically stated as follows: If and are sound and complete typings for networks and , then the calculation of and the calculation of can be done independently of each other; that is, the analysis (to produce ) for and the analysis (to produce ) for can be carried out separately without prior knowledge that the two will be subsequently assembled together.^{5}^{5}5In the study of programming languages, there are type systems that support modular but not compositional analysis. What is compositional is modular, but not the other way around. A case in point is the socalled HindleyMilner type system for MLlike functional languages, where the order matters in which types are inferred: HindleyMilner typeinference is not orderoblivious.
Given a network partitioned into finitely many components with respective principal typings , we can then assemble these typings in any order to obtain a principal typing for the whole of . Efficiency in computing the final principal typing depends on a judicious partitioning of , which is to decrease as much as possible the number of arcs running between separate components, and again recursively when assembling larger components from smaller components. At the end of this procedure, every input/output assignment extendable to a maximum feasible flow in , and every input/output assignment extendable to a minimum feasible flow , can be directly read off the final typing – but observe: not and themselves.
Wholenetwork versus compositional.
We qualified our approach as being compositional because a network is not required to be fully assembled, nor its constituent components to be all available, in order to start an analysis of those already in place and connected. What’s more, an alreadyconnected component can be removed and swapped with another one , as long as and have the same typing, i.e., as far as the rest of the network is concerned, the invariants encoded by typings are oblivious to the swapping of and . In the conventional categories of algorithm design and analysis, our compositional approach can be viewed as a form of divideandconquer that allows the redesign of parts without forcing a reanalysis of the same parts.
These aspects of compositionality are important when modeling very large networks which may contain broken or missing components, or failureprone and obsolete components that need to be replaced. But if these aspects do not matter, then there is an immediate drawback to our compositional approach, as currently devised and used: It returns the value of a maximum flow , but not itself.
By contrast, other approaches (any of those cited in footnote 3) construct a specific maximum flow , whose value can be immediately read off from the total leaving the source(s) or, equivalently, the total entering the sink(s). We may qualify the other approaches as being wholenetwork, because they presume all the pieces (nodes, arcs, and their capacities) of a network are in place before an analysis is started.
There is more than one way to bypass the forementioned drawback of our compositional approach, none entirely satisfactory (as of now). A natural but costly option is to augment the information that typings encode: A typing is made to also encode information about paths that carry a maximum flow in the component for which is a principal typing, but the incurred cost is prohibitive, generally exponential in the external dimension of the component (the number of its input/output ports).^{6}^{6}6It is not a trivial matter to augment a typing for a network component so that it also encodes information about maxflow paths in . It is out of the question to retain information about all maxflow paths. What needs to be done is to encode, for every “extreme” input/output assignment extendable to a maxflow, just one path or pathcombination carrying a maxflow extending . (An input/output assignment is extreme if, as a point in the space , it is a vertex of .) The cost of this extra encoding grows exponentially with . From the perspective of compositionality, this exponential growth adds to another disadvantage: The more information we make the typing to encode about ’s internals beyond safety invariants – unless the choice of internal paths in to carry maxflows is taken as another safety condition – the fewer the components of which is a typing that we can substitute for , thus narrowing the range of experimentation and possible substitutions between components during modeling and analysis.
A more promising option is a twophase process, yet to be investigated. In the first phase, we use our compositional approach to return the value of a maxflow. In the second phase, we use this maxflow value to compute an actual maximum flow in the network. It remains to be seen whether this is doable efficiently, or within the resource bounds of our algorithms below. We delay this question to future research.
Highlights and wider connections.
Our main contribution in this report is a different framework for the design and analysis of network algorithms, which we here illustrate by presenting a new algorithm for the classical maxflow problem. When restricted to the class of planar networks with bounded “outerplanarity” and bounded “external dimension”, our algorithm runs in linear time.
The external dimension (or interface dimension) of a network is the number of its input/output ports, i.e., the number of its sources the number of its sinks. A network’s planar embedding has outerplanarity if it has layers of nodes, i.e., after iteratively removing the nodes (and incident arcs) on the outer face at most times, we obtain the empty network. A planar network is of outerplanarity if it has a planar embedding (not necessarily unique) of outerplanarity . A more precise statement of our final result is this:
Given fixed parameters and , for every planar node network of outerplanarity and external dimension , our algorithm simultaneously returns a maxflow value and a minflow value in time , where the hidden multiplicative constant depends on and only.^{7}^{7}7The usual trick of directing new arcs from an artificial source node to all source nodes and again from all sink nodes to an artificial sink node, in order to reduce the case of sources and sinks to the singlesource singlesink case, generally destroys the planarity of and cannot be used to simplify our algorithm.
Our final algorithm combines several intermediate algorithms, each of independent interest for computing network typings. We mention several salient features that distinguish our approach:

Nowhere do we invoke a linearprogramming algorithm (e.g., the simplex network algorithm). Our many optimizations relative to linear constraints are entirely carried out by various transformations on networks and their underlying graphs, and by using no more than the operations of addition, subtraction, and comparison of numbers. At the end, our complexity bounds are all functions of only the number of nodes and arcs, and are independent of costs and capacities, i.e., these are stronglypolynomial bounds.

In all cases, our algorithms do not impose any restrictions on flow capacities and costs. These capacities and costs can be arbitrarily large or small, independent of each other, and not restricted to integral values.

Part of our results are a contribution to the vast body of work on fixedparameter lowdegreepolynomial time algorithms, or lineartime algorithms, for problems that are intractable (e.g., NPhard) or impractical on very large input data (e.g., nonlinear polynomial time) when these parameters are unrestricted.^{8}^{8}8A useful though somewhat dated survey of efficient fixedparameter algorithms is [7]. A recent survey in a focused area (transportation engineering) is [22] where parametertuning refers to alternatives in selecting fixedparameter algorithms.

In the process of building a full system from smaller components, interface dimensions figure prominently in our analysis. The quality of our results, in minimizing algorithm complexities and simplifying their proofs, depends on keeping interface dimensions as small as possible. This part of our work rejoins research on efficient algorithms for graph separators and decomposition. (One of our results below depends on the lineartime computation of an optimal partioning of a regular planar embedding.)
Organization of the report.
This introduction and the following sections until the reference pages, less than ten pages, are an extended abstract, which includes several propositions and theorems without their proofs. Proofs and further technical material in support of claims in the earlier part of the report are in the four appendices after the reference pages. Sections 2, 3, and 4, present elements of our compositional approach. Section 5 is our application to the maxflow problem in planar networks. Section 6 presents immediate extensions of this report and proposes directions for future research.
2 Flow Networks and Their Typings
We take flow networks in their simplest form, as capacited finite directed graphs. We repeat standard notions [1], but now adapted to our context.^{9}^{9}9For our purposes, we need a definition of flow networks that is more arccentric and less nodecentric than the standard one. Such alternative definitions have already been proposed (see, for example, Chapter 2 in [38]), but are still not the most convenient for us. A flow network is a pair , where is a finite set of nodes and a finite set of directed arcs, with each arc connecting two distinct nodes (no selfloops and no multiple arcs in the same direction connecting the same two nodes). We write and for the sets of reals and nonnegative reals. Such a flow network is supplied with capacity functions on the arcs, (lowerbound capacity) and (upperbound capacity), such that and for every .
We write and for the two ends of arc . The set of arcs is the disjoint union of three sets, i.e., where:
A flow is a function which, if feasible, satisfies “flow conservation” at every node and “capacity constraints” at every arc, both defined as in the standard formulation [1].
We call a bounded closed interval of real numbers (possibly negative) a type. A typing is a partial map (possibly total) that assigns types to subsets of the input and output arcs. Formally, is of the following form, where and is the powerset operator, :^{10}^{10}10The notation “” is ambiguous, because it does not distinguish between input arcs and output arcs. We use it nonetheless for succintness. The context will always make clear which members of are input arcs and which are output arcs.
i.e., is the set of bounded closed intervals. As a function, is not totally arbitrary and satisfies conditions that make it a network typing; in particular, it will always be that , the latter condition expressing the fact that the total amount entering a network must equal the total amount exiting it.^{11}^{11}11We assume there are no producer nodes and no consumer nodes in . In the presence of producers and consumers, our formulation here of flow networks and their typings has to be adjusted accordingly (details in [36]).
An input/output assignment (or IO assignment) is a function . For a flow or an IO assignment , we say satisfies the typing iff, for every such that is defined and , we have:
where means . In words, this says that the “sum of the values assigned by to input arcs” minus the “sum of the values assigned by to output arcs” is within the interval .
3 Principal Typings
We say a typing is sound for network if:

Every IO assignment satisfying is extendable to a feasible flow in .
A sound typing is one that is generally more conservative than required to prevent system’s malfunction: It filters out all unsafe IO assignments, i.e., not extendable to feasible flows, and perhaps a few more that are safe.
For our application here (maxflow and minflow values), not only do we want to assemble networks for their safe operation, we want to operate them to the limit of their safety guarantees. We therefore use the two limits of each interval/type to specify the exact minimum and the exact maximum that an input/output arc (or a subset of input/output arcs) can carry across interfaces. We thus say a typing is complete for network if:

Every feasible flow in satisfies .
Every minflow in and every maxflow in satisfy a sound and complete typing for .
Let and , and assume a fixed ordering of the arcs in . An IO assignment specifies a point, namely , in the vector space , and the collection of all IO assignments satisfying a typing form a compact convex polyhedral set (or polytope) in the first orthant , which we denote . Using standard notions of convexity in vector spaces and polyhedral analysis [45, 10], the following are straightforward:
Proposition 1 (Sound and Complete Typings Are Equivalent).
If and are sound and complete typings for the same network , then .
Proposition 2 (Sound Typings Are Subtypings of Sound and Complete Typings).
If is a sound and complete typing for network and is a sound typing for the same , then .
The “subtyping” relation is contravariant w.r.t. “”. We say two networks and are similar if they have the same number of input arcs and same number of output arcs. Proposition 2 implies this: Given similar networks and , with respective sound and complete typings and , if , i.e., if is a subtyping of , then can be safely substituted for , in any assembly of networks containing .^{12}^{12}12An assignment of values to the input arcs (resp. output arcs) of a network does not uniquely determine the values at its output arcs (resp. input arcs) in the presence of multiple input/output arcs. In that sense, flow moves nondeterministically between input arcs and output arcs. Nondeterminism is usually classified in two ways: angelic and demonic, according to whether it proceeds to favor a desirable outcome or to obstruct it. Our notion of subtyping here, and with it the notion of safe substitution, presumes that the nondeterminism of flow networks is angelic. For the case when nondeterminism is demonic, “subtyping between network typings” has to be defined in a more restrictive way. We elaborate on this question in Appendix D.
One complication when dealing with typings as polytopes are the alternatives in representing them (convex hulls vs. intersections of halfspaces). We choose to represent them by intersecting halfspaces, with some (not all) redundancies in their defining linear inequalities eliminated. We thus say the typing is tight if, for every for which is defined and every , there is an IO assignment such that:
Informally, is tight if no defined contains redundant information.
Another kind of redundancy occurs when an interval/type is defined for some with even though there is no communication between and . We eliminate this kind of redundancy via what we call “locally total” typings. We need a preliminary notion. A network is a subnetwork of network if and such that:
We also say is the subnetwork of induced by . The subnetwork is a component of if is connected and , , and , i.e., is a maximal connected subnetwork of . If network contains two distinct component and , there is no communication between and , and the typings of the latter two can be computed independently of each other. We say a typing for is locally total if, for all components and of , and all and :

The interval/type is defined.

If and , the interval/type is not defined.
Whereas “tight” and “locally total” can be viewed (and are in fact) properties of a typing , independent of any network for which is a typing, “sound” and “complete” are properties of relative to a particular . If has only one component (itself), a locallytotal typing for is a total function on . We can prove:
Theorem 3 (Uniqueness of Locally Total, Tight, Sound and Complete Typings).
For all networks , there is a unique typing which is locally total, tight, sound and complete – henceforth called the principal typing of .
The principal typing of is a characterization of all IO assignments extendable to feasible flows in .^{13}^{13}13A related result is established in [28] by a different method that invokes a linearprogramming procedure. The motivation for that latter work, different from ours, is whether the external (i.e., input/output) flow pattern of a multiterminal network can be completely described independently of the size of . In particular, if is connected, its minflow and maxflow values are the two limits of the type , or equivalently, the negated two limits of . Theorem 3 implies that two similar networks and are equivalent iff their principal typings are equal, regardless of their respective sizes and internal details.
We can compute a principal typing typing via linearprogramming (but we do not): For every component of and every , we specify an objective to be minimized and maximized, corresponding to the two limits of the type , relative to the collection of flowpreservation equations (one for each node) and capacityconstraint inequalities (two for each arc). Following this approach in the proof of Theorem 3, it is relatively easy to show that the resulting is locally total, tight, and complete – but it takes nontrivial work in polyhedral analysis to prove that is also sound. Besides being relatively expensive (the result of invoking a linearprogramming procedure), the drawback of this approach is that it is wholenetwork, as opposed to compositional, requiring prior knowledge of all constraints in before can be computed.
4 Disassembling and Reassembling Networks
In earlier reports [4, 5, 6, 35, 34], we used our compositional approach to model/design/analyze systems incrementally, from components that are supplied separately at different times. Here, we assume we are given all of a network at once, which we then disassemble into its smallest units (i.e., onenode components), compute their principal typings, and then combine the latter to produce a principal typing for . Because we are given all of at once, we can control the order in which we reassemble it. A schematic example is Figure 1.
The process of disassembling involves “cutting in halves” some of its internal arcs: If internal arc is cut in two halves, then we remove and introduce a new input arc with and a new output arc with . Formally, given a twopart partition of , we define:
is the set of internal arcs that are not cut or that have had their two halves reconnected.
Given the initial network where every internal arc is connected, we define another network where every internal arc is cut into two halves and . The input arcs and output arcs of are therefore: and , respectively, with . is a network of onenode components. If we call the fully disassembled network:
we reassemble the original by defining the sequence of networks: where and for every , where is the operation that splices and . What we call the binding schedule is the order in which the internal arcs are spliced, i.e., if:
then , where . If is a connected network, we write for the external dimension of . For each of the intermediate networks with , we define:
and also . Without invoking a linearprogramming procedure and only using the arithmetical operators on arc capacities, we can prove:
Theorem 4 (Principal Typing of from the Principal Typing of in Stages).

We can compute the principal typing of a onenode network in time where .

We can compute ’s principal typing from ’s principal typing in time where .

Let be reassembled from using the binding schedule . We can compute the principal typing of in time where .
Part 3 in Theorem 4 follows from parts 1 and 2. It implies that, to minimize the time to compute a principal typing for network , we need to minimize . There are natural network topologies for which there is a binding schedule with constant or slowgrowing as a function of and . Section 5 is an example.
5 An Application: MaxFlows and MinFlows in Planar Networks
There is a wide range of algorithms for the maxflow problem. Some produce exact maxflows, others approximate maxflows [46, 33]. They all achieve nearly linear time in the graph size – but not quite linear, unless arc capacities obey restrictions [20, 40]. A recent result is the following: There exists an algorithm that solves the maxflow problem with multiple sources and sinks in an node directed planar graph in time [9].
Our typebased compositional approach offers an alternative, with other benefits unrelated to algorithm runtime. Assume is given with a planar embedding already, i.e., we do not have to compute the embedding (which can be computed in linear time in any case [44]). Every planar embedding of an undirected graph has an outerplanarity , and so does therefore the network by considering its underlying graph where all arcs directions are ignored.^{14}^{14}14Also ignoring two parallel arcs resulting from omitting arc directions in twonode cycles. The planar embedding of has outerplanarity if deleting all the nodes on the unbounded face leaves an embedding of outerplanarity .^{15}^{15}15The “outerplanarity index” and the “outerplanarity” of an undirected graph are not the same thing. The outerplanarity index of is the smallest integer such that has a planar embedding of outerplanarity . To compute the outerplanarity index of , and produce a planar embedding of of outerplanarity its outerplanarity index, is not a trivial problem, for which the best known algorithm requires quadratic time in general [32] – which, if we used it to preprocess the input to our algorithm in Theorem 5, would upend its final linear runtime. On the other hand, a planar embedding of of outerplanarity = approximation of its outerplanarity index can be found in linear time, also shown in [32]. Although an interesting problem, we do not bother with finding a planar embedding of of outerplanarity matching its outerplanarity index. It is worth noting that for a triconnected planar network, “outerplanarity” and “outerplanarity index” are the same measure, since the planar embedding of a triconnected graph is unique ([17] or Section 4.3 in [18]). However, there are very simple examples of biconnected, but not triconnected, planar networks with planar embeddings of arbitrarily large outerplanarity but whose outerplanarity index is as small as . An example of a outerplanar embedding is the network shown in Figure 1. Based on Theorem 4, we can prove:
Theorem 5 (Principal Typing of Planar Network).
If an node network is given in a planar embedding of outerplanarity , with input ports and output ports, we can compute a principal typing for in time where the hidden multiplicative constant depends only on , and .
If the algorithm in Theorem 5 is made to work on the planar embedding of a regular network (e.g., the network in Figure 1), it proceeds by disassembling and reassembling in a manner to minimize the interface dimension of all components in intermediate stages (as in Figure 1). The proof of Theorem 5 is a simple generalization of this operation to the regular planar embedding of an arbitrary planar , based on:
Lemma 6 (From Arbitrary Networks to 3Regular Networks).
Let be a flow network, not necessarily planar. In time , we can transform into a similar network such that:

There are no twonode cycles in .

The degree of every node in is .

Every typing is principal for iff is principal for .

and , where .

If is given in a outerplanar embedding, is returned in a outerplanar embedding with .
The proofs for parts 14 in Lemma 6 are relatively straightforward, only the proof for part 5 is complicated. An immediate consequence of Theorem 5 is: For every , we have an algorithm which, given an arbitrary node network in a planar embedding of outerplanarity and external dimension , simultaneously computes a maxflow value and a minflow value in time .
6 Extensions and Future Work
There are natural generalizations that will provide material for a more substantial comparison with other approaches. Among such generalizations:

Adjust the formal framework to handle the commonlyconsidered cases of:

multicommodity flows (formal definitions in [1], Chapt. 17)

minimumcost flows, minimumcost max flows, and variations (formal definitions in [1], Chapt. 911)
These cases introduce new kinds of linear constraints, often more general than flowconservation equations and capacityconstraint inequalities (as in this report), where all coefficients are or .


Identify natural network topologies that are amenable to the kind of examination we already applied to planar networks, following the presentation in Section 5 and leading to similar results.
Beyond commonlystudied generalizations and topologies, there are a number of questions more directly related to the finetuning of our approach and/or to the modeling and analysis of networking systems.
Among such questions are practical situations where flows are regulated by nonlinear constraints. For example, a common case is that of a nonlinear convex cost function which may or may not be transformed into a piecewise linear cost function (Chapt. 14 in [1]). Another example is provided by mass conservation, more general than flow conservation: If denotes the “density” of the flow carried by arc/channel and the “velocity” at which it travels along , then mass conservation at node is expressed as the nonlinear constraint: which is equivalent to flow conservation at node only when velocity is uniformly the same on all arcs.^{16}^{16}16Velocity is measured in unit distance/unit time, e.g., mile/hour. Density is measured in unit mass/unit distance, e.g., ton/mile. Hence, the value of on arc is measured in unit mass/unit time, e.g., ton/hour, commonly called the mass flow on .
We leave all of the preceding questions for future research. Below we mention three specific directions under current investigation.
Leaner Representations of Principal Typings.
We have not eliminated all redundancies in our representation of principal typings. The presence of these redundancies increases the runtime of our algorithms, as well as complicates the process of inferring typings and reasoning about them. For example, by Lemma 12 in Appendix B, if is a twopart partition of and is the principal typing (as defined in this report) for a network with input/output arcs , then , which means that at most one of the two intervals/types, and , is necessary for defining .
For two concrete examples, consider typings and in Examples 9 and 10 in Appendix A. These are principal typings. In addition to the interval/type assigned to and , which is always , the remaining intervals/types are “symmetric”, in the sense that whenever . Hence, type assignments will suffice to uniquely define and .
This is a general fact: For a network of external dimension , at most nonzero interval/type assignments are required to uniquely define a tight, sound, and complete, typing for . Hence, we need a weaker requirement than “locally total” to guarantee uniqueness of a new notion of “principal typing”.
Augmenting Typings for Resource Management.
In recent years, programminglanguage theorists have augmented types and typings to enforce more than safety invariants. In particular, there are stronglytyped functional languages (mostly experimental now) where types encode information related to resource management and security guarantees. The same can be done with our network typings encoded as polytopes.
For example, researchers in traffic engineering consider objective functions (to be optimized relative to such constraints as “flow conservation”, “capacity constraints”, and others), which also keep track of uses of resources (e.g., see [3]). Possible measurements of resources are – let for all arcs for simplicity:

Hop Routing (HR). The hoprouting value of is the number of channels such that .

Channel Utilization (CU). The utilization of a channel is defined as .

Mean Delay (MD). The mean delay of a channel can be measured by .
HR, CU, and MD, can be taken as objectives to be minimized, along with flow to be maximized, resulting in a more complex optimization problem. But HR, CU, and MD, can also be taken as measures to be composed across interfaces, requiring a different (and simpler) adjustment of our network typings.
Sensitivity (aka Robustness) Analysis.
A key concept in many research areas is function robustness or, by another name, function sensitivity.^{17}^{17}17For example, in differential privacy, one of the most common mechanisms for turning a (possibly privacyleaking) query into a differentially private one involves establishing a bound on its sensitivity. The concept appears in programminglanguage studies, which more directly informed our own work [13, 14]: A program is said to be robust if an variation of the input can cause the output to vary by at most . More recently, a typebased approach to robustness analysis of functional programs was introduced and shown to offer additional benefits [16].
The counterpart of function robustness in networkflow problems is sensitivity analysis, which has a longer history (Chapt. 911 in [1], Chapt. 3 in [11]). The purpose is to determine changes in the optimal solution of a flow problem resulting from small changes in the data (supply/demand vector or the capacity or cost of any arc). There are two basic different ways of performing sensitivity analysis in relation to flow problems (Chapt. 9 in [1]): (1) using combinatorial methods and (2) using simplexbased methods from linear programming – and both are essentially wholesystem approaches.
A natural outgrowth from these earlier studies will be to adapt them to our particular typebased compositional approach. In particular, in our case, robustness analysis should account for the effects of, not only small changes in network parameters, but also complete breakdown of an arc/channel or a subnetwork – and, preferably, in such a way as to not obstruct efficient inference of network typings.
References
 [1] R.K. Ahuja, T. L. Magnanti, and J.B. Orlin. Network Flows: Theory, Algorithms, and Applications. Prentice Hall, Englewood Cliffs, N.J., 1993.
 [2] Takao Asano and Yasuhito Asano. Recent Developments in Maximum Flow Algorithms. Journal of the Operations Research Society of Japan, 43(1), March 2000.
 [3] S. Balon and G. Leduc. Dividing the Traffic Matrix to Approach Optimal Traffic Engineering. In 14th IEEE Int’l Conf. on Networks (ICON 2006), volume 2, pages 566–571, September 2006.
 [4] A. Bestavros, A. Kfoury, A. Lapets, and M. Ocean. Safe Compositional Network Sketches: Tool and Use Cases. In IEEE Workshop on Compositional Theory and Technology for RealTime Embedded Systems, Wash D.C., December 2009.
 [5] A. Bestavros, A. Kfoury, A. Lapets, and M. Ocean. Safe Compositional Network Sketches: The Formal Framework. In 13th ACM HSCC, Stockholm, April 2010.
 [6] Azer Bestavros and Assaf Kfoury. A DomainSpecific Language for Incremental and Modular Design of LargeScale VerifiablySafe Flow Networks. In Proc. of IFIP Working Conference on DomainSpecific Languages (DSL 2011), EPTCS Volume 66, pages 24–47, Sept 2011.
 [7] Hans L. Bodlaender. A Partial Arboretum of Graphs with Bounded Treewidth. Theoretical Computer Science, 209(12):1–45, 1998.
 [8] Glencora Borradaile and Philip Klein. An Algorithm for Maximum stFlow in a Directed Planar Graph. Journal of the ACM, 56(2):1–30, April 2009.
 [9] Glencora Borradaile, Philip Klein, Shay Mozes, Yahav Nussbaum, and Christian WulffNilsen. MultipleSource MultipleSink Maximum Flow in Directed Planar Graphs in NearLinear Time. In FOCS 2011, Proc. of 52nd Annual Symposium on Foundations of Computer Science, pages 170–179. IEEE, October 2011.
 [10] S. Boyd and L. Vanderberghe. Convex Optimization. Cambridge University Press, New York, USA, (second printing with corrections) 2009.
 [11] Stephen P. Bradley, Arnoldo C. Hax, and Thomas L. Magnanti. Applied Mathematical Programming. AddisonWesley, Reading, MA, 1977.
 [12] Bala G. Chandran and Dorit S. Hochbaum. A Computational Study of the Pseudoflow and PushRelabel Algorithms for the Maximum Flow Problem. Oper. Res., 57(2):358–376, March/April 2009.
 [13] Swarat Chaudhuri, Sumit Gulwani, and Roberto Lublinerman. Continuity and Robustness of Programs. Commun. ACM, 55(8):107–115, August 2012.
 [14] Swarat Chaudhuri, Sumit Gulwani, Roberto Lublinerman, and Sara Navidpour. Proving Programs Robust. In Proc. of 19th ACM SIGSOFT Symposium and the 13th European Conference on Foundations of Software Engineering, ESEC/FSE ’11, pages 102–112, New York, NY, USA, 2011. ACM.
 [15] Paul Christiano, Jonathan A. Kelner, Aleksander Madry, Daniel A. Spielman, and ShangHua Teng. Electrical Flows, Laplacian Systems, and Faster Approximation of Maximum Flow in Undirected Graphs. In L. Fortnow and S. P. Vadhan, editors, STOC 2011, Proc. of 43rd Symp. on Theory of Computing, pages 273–282. ACM, 2011.
 [16] Loris D’Antoni, Marco Gaboardi, Emilio Jesús Gallego Arias, Andreas Haeberlen, and Benjamin Pierce. Sensitivity Analysis Using TypeBased Constraints. In Proc. of 1st Annual Workshop on Functional Programming Concepts in DomainSpecific Languages, FPCDSL ’13, pages 43–50, New York, NY, USA, 2013. ACM.
 [17] Samir Datta and Prakriya. Planarity Testing Revisited. Electronic Colloquium on Computational Complexity, 9, 2011.
 [18] Reinhard Deistel. Graph Theory. Springer Verlag, 2012.
 [19] E.A. Dinic. Algorithm for Solution of a Problem of Maximum Flow in Networks with Power Estimation. Soviet Mathematics Doklady, 11:1277–1280, 1970.
 [20] David Eisenstat and Philip N. Klein. LinearTime Algorithms for Max Flow and MultipleSource Shortest Paths in UnitWeight Planar Graphs. In STOC 2013, Proc. of 45th Symp. on Theory of Computing, pages 735–744, June 2013.
 [21] L.R. Ford and D.R. Fulkerson. Maximal Flow Through a Network. Canadian Journal of Mathematics, 8:399–404, 1956.
 [22] Alexandru Florian Gaiu. Sequential Parameter Tuning of Algorithms for the Vehicle Routing Problem. Technical Report Internal Report 201304, Computer Science Department, Universiteit Leiden, February 2013.
 [23] Andrew V. Goldberg. A New MaxFlow Algorithm. Technical Report MIT/LCS/TM291, Laboratory for Computer Science, MIT, 1985.
 [24] Andrew V. Goldberg. Recent Developments in Maximum Flow Algorithms (Invited Lecture). In SWAT ’98: Proc. of 6th Scandinavian Workshop on Algorithm Theory, pages 1–10. Springer Verlag, 1998.
 [25] Andrew V. Goldberg. TwoLevel PushRelabel Algorithm for the Maximum Flow Problem. In Proc. of 5th International Conference on Algorithmic Aspects in Information and Management, AAIM ’09, pages 212–225, Berlin, Heidelberg, 2009. SpringerVerlag.
 [26] Andrew V. Goldberg and Satish Rao. Beyond the Flow Decomposition Barrier. J. ACM, 45(5):783–797, September 1998.
 [27] Andrew V. Goldberg and Robert E. Tarjan. A New Approach to the Maximum Flow Problem. In STOC 1986, Proc. of 18th Annual ACM Symposium on the Theory of Computing, pages 136–146, 1986.
 [28] Torben Hagerup, Jyrki Katajainen, Naomi Nishimura, and Prabhakar Ragde. Characterizing Multiterminal Flow Networks and Computing Flows in Networks of Small Treewidth. Journal of Computer and System Sciences, 57(3):366–375, December 1998.
 [29] Dorit S. Hochbaum. The Pseudoflow Algorithm: A New Algorithm for the MaximumFlow Problem. Oper. Res., 56(4):992–1009, July 2008.
 [30] Trevor Jim. What Are Principal Typings and What Are They Good For? Tech. memo. MIT/LCS/TM532, MIT, 1995.
 [31] Trevor Jim. What Are Principal Typings and What Are They Good For? In Proc. of 23rd ACM Symp. on Principles of Programming Languages, pages 42–53, 1996.
 [32] Frank Kammer. Determining the Smallest Such That Is Outerplanar. In Lars Arge, Michael Hoffmann, and Emo Welzl, editors, Proc. of 15th Annual European Symposium on Algorithms, ESA 2007, pages 359–370. LNCS 4698, Springer Verlag, September 2007.
 [33] Jonathan A. Kelner, Lorenzo Orecchia, Yin Tat Lee, and Aaron Sidford. An AlmostLinearTime Algorithm for Approximate Max Flow in Undirected Graphs, and its Multicommodity Generalizations. Computing Research Repository (CoRR), abs/1304.2338, 2013.
 [34] Assaf Kfoury. A DomainSpecific Language for Incremental and Modular Design of LargeScale VerifiablySafe Flow Networks (Part 1). Technical Report BUCSTR2011011, CS Dept, Boston Univ, May 2011.
 [35] Assaf Kfoury. The Denotational, Operational, and Static Semantics of a DomainSpecific Language for the Design of Flow Networks. In Proc. of SBLP 2011: Brazilian Symposium on Programming Languages, Sept 2011.
 [36] Assaf Kfoury. A Typing Theory for Flow Networks (Part I), CS Dept, Boston Univ, BUCSTR2012021. http://www.cs.bu.edu/techreports/pdf/2012021cfntypingtheorya.pdf, December 2012.
 [37] Assaf Kfoury. A Compositional Approach to Network Algorithms. Technical Report BUCSTR2013015, CS Dept, Boston University, November 2013.
 [38] Philip N. Klein. Optimization Algorithms for Planar Graphs. http://planarity.org/, 2012.
 [39] Jakub Lacki, Yahav Nussbaum, Piotr Sankowski, and Christian WulffNilsen. Single Source – All Sinks Max Flows in Planar Digraphs. In IEEE 53rd Annual Symposium on Foundations of Computer Science, volume 0 of FOCS ’11, pages 599–608, Los Alamitos, CA, USA, 2012. IEEE Computer Society.
 [40] Yin Tat Lee, Satish Rao, and Nikhil Srivastava. A New Approach to Computing Maximum Flows Using Electrical Flows. In STOC 2013, Proc. of 45th Symp. on Theory of Computing, pages 755–764. ACM, June 2013.
 [41] G. Mazzoni, S. Pallottino, and M.G. Scutella. The Maximum Flow Problem: A MaxPreflow Approach. European Journal of Operational Research, 53:257–278, 1991.
 [42] Takao Nishizeki and Md. Saidur Rahman. Rectangular Drawing Algorithms. In Roberto Tamassia, editor, Hanbook of Graph Drawing and Visualization, pages 317–348. CRC Press, Baton Rouge, FL, 2013.
 [43] James B. Orlin. Max Flows in Time or Less. In STOC 2013, Proc. of 45th Symposium on the Theory of Computing, pages 765–774. ACM, June 2013.
 [44] Maurizio Patrignani. Planarity Testing and Embedding. In Roberto Tamassia, editor, Hanbook of Graph Drawing and Visualization, pages 1–42. CRC Press, Baton Rouge, FL, 2013.
 [45] A. Schrijver. A Course in Combinatorial Optimization. CWI (the manuscript can be downloaded from the author’s webpage http://homepages.cwi.nl/~lex/), Amsterdam, The Netherlands, 2012.
 [46] Jonah Sherman. Nearly Maximum Flows in Nearly Linear Time. Computing Research Repository (CoRR), abs/1304.2077 (also in Proc. of FOCS 2013), 2013.
 [47] Nate Soule, Azer Bestavros, Assaf Kfoury, and Andrei Lapets. Safe Compositional Equationbased Modeling of Constrained Flow Networks. In Proc. of 4th Int’l Workshop on EquationBased ObjectOriented Modeling Languages and Tools, Zürich, September 2011.
Appendix A Appendix: Further Comments and Examples for Section 2 and Section 3
Our notion of a network “typing” as an assignment of intervals/types to members of a powerset resembles in some ways, but is still different from, the notion of a “typing” (different from a “type”) in the study of stronglytyped programming languages. This is quite apart from the differences in syntactic conventions – the first from vector spaces and polyhedral analysis, the second from firstorder logic. In stronglytyped programming languages, a “typing” refers to the result of what is called a “derivable typing judgment” and consists of: a program expression ; a type (not a typing) assigned to and, at least implicitly, to every wellformed subexpression of ; and a type environment that includes a type for every variable occurring free in .
Report [31] and the longer [30] are at the origin of this notion of “typing” in programming languages. These two reports also discuss the distinction between “modular” and “compositional”, in the same sense we explained in Section 1, but now in the context of type inference for stronglytyped functional programs. The notion of a “typing” for a program, as opposed to a “type” for it, came about as a result of the need to develop a “compositional”, as opposed to a just “modular”, static analysis of programs.
Proof 7 (for Theorem 3).
There are different approaches to proving Theorem 3. One approach relies heavily on polyhedral analysis and invokes a linearprogramming procedure (such as the simplex) repeatedly. Moreover, it requires a preliminary collection of all flowpreservation equations (one for each node) and all capacityconstraint inequalities (two for each arc), for the given network , before we can start an analysis to compute the principal typing of . This is the approach taken in [36].
But we can do better here. The alternative is to simply invoke Theorem 4 later in this report. This alternative approach does not use any predefined linearprogramming procedure, and is also in harmony with our emphasis on “compositionality” – allowing for partial analyses to be incrementally composed.
Terminology 8.
In all previous articles that informed the work reported in this report, we made a distinction between valid typings and principal typings (for the same network ). What we called “valid” before is what we call “sound” here, and what we called “principal” before is what we call “sound and complete” here.
What we call “principal” here is not only “sound and complete”, but also satifies uniqueness conditions – in this report, expressed by the notions of “tight” and “locally total”.
The three examples below illustrate several of the concepts in Sections 2 and 3. These are three similar networks, i.e., they each have input arcs and output arcs. Their principal typings are generated using the material in Section 4.
Example 9.
Network is shown on the left in Figure 2, where all omitted lowerbound capacities are and all omitted upperbound capacities are . is an unspecified “very large number”. A minflow in pushes units through, and a maxflow in pushes units. The value of every feasible flow in will therefore be in the interval . A principal typing for is such that and makes the following type assignments:
To explain our notational convention, consider the type assignment “”, one of the nontrivial assignments made by . We write “” to mean that . The minus preceding in the expression “” indicates that is an output arc, whereas and are input arcs. The boxed type assignments and the underlined type assignments are for purposes of comparison with the typing in Example 10 and typing in Example 11.
Example 10.
Network is shown in the middle in Figure 2. A minflow in pushes units through, and a maxflow in pushes units. The value of all feasible flows in will therefore be in the interval , the same as for in Example 9. A principal typing for is such that , and makes the following type assignments:
In this example and the preceding one, the type assignments in rectangular boxes are for subsets of the input arcs and for subsets of the output arcs , but not for subsets mixing input arcs and output arcs. Note that the boxed assignments are the same for and .
The underlined type assignments are among those that mix input and output arcs. We underline those in Example 9 that are different from the corresponding ones in this Example 10. This difference implies there are IO assignments extendable to feasible flows in (resp. in ) but not in (resp. in ). This is perhaps counterintuitive, since and make exactly the same type assignments to input arcs and, separately, output arcs (the boxed assignments). For example, the IO assignment defined by:
is extendable to a feasible flow in but not in . The reason is that violates (i.e., is outside) the type . Similarly, the IO assignment defined by:
is extendable to a feasible flow in but not in , the reason being that violates the type .
From the preceding, neither nor is a subtyping of the other, in the sense explained in Section 3. Neither nor can be safely substituted for the other in a larger assembly of networks.
Example 11.
Network is shown on the right in Figure 2. A principal typing for is such that and makes the following type assignments:
In this example and the two preceding, the type assignments in rectangular boxes are for subsets of the input arcs and for subsets of the output arcs , but not for subsets mixing input arcs and output arcs. Again, the boxed assignments are the same for , , and . The differences between , , and are in the underlined type assignments.
We write and to indicate that and are subtypings of , contravariantly corresponding to the fact that and . In fact, is the least typing (in the partial order “”) such that both and are subtypings of , because for every . To be specific, the subsets on which and disagree are:
and intersecting the intervals/types assigned by and to these sets, we obtain the following equalities:
Both and can be safely substituted for in a larger assembly of networks – provided the nondeterminism of flow movement through and is angelic.^{18}^{18}18If the nondeterminism of flow movement is demonic, as opposed to angelic, we need a more restrictive notion of subtyping. Further comments in footnote 12 and Appendix D.
Appendix B Appendix: Proofs and Supporting Lemmas for Section 4
Let and be fixed, where . Let . If is an interval of real numbers for some , we write to denote the interval . If for some , we define and .
The next two results, Lemma 12 and Lemma 13, are about tight typings , independently of whether is sound and/or complete for a network .
Lemma 12.
Let be a tight typing such that: .
Conclusion: For every twopart partition of , say , if both and are defined, then .
Proof.
One particular case in the conclusion is when and , so that trivially , which also implies .
Consider the general case when . From Section 3, is the polytope defined by and is the set of linear inequalities induced by . For every dimensional point , we have:
because and therefore: