arxiv: 2605.10437 · v1 · submitted 2026-05-11 · 💻 cs.LO · cs.SE

Recognition: 2 theorem links

· Lean Theorem

Separation Logic for Verifying Physical Collisions of CNC Programs

Yeonseok Lee

Authors on Pith no claims yet

Pith reviewed 2026-05-12 05:05 UTC · model grok-4.3

classification 💻 cs.LO cs.SE

keywords separation logicCNC machiningcollision verificationspatial heapformal methodsspatial data racesconcurrent separation logicsafety verification

0 comments

The pith

Separation logic verifies CNC collisions by modeling the workspace as a spatial heap where tool paths must be disjoint.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

The paper introduces a formal method to check CNC program safety using separation logic instead of repeated geometric simulations. It represents the physical workspace as a spatial heap, with tool trajectories and safety buffers encoded as logical resources. Safety holds when separating conjunction proves these resources occupy disjoint space; collisions appear as failures of that proof, which the paper calls spatial data races. A parser-prover handshake translates machine kinematics into the logic without embedding the kinematics inside the prover. The same machinery extends to concurrent programs by treating hand-offs between machines as ownership transfers in concurrent separation logic.

Core claim

By mapping tool trajectories and safety buffers into a discrete spatial model, physical collisions become logical spatial data races that can be detected by the failure of separating conjunction to establish disjointness. The parser-prover handshake decouples kinematics from the logic engine, allowing standard separation-logic triples to certify safety. In collaborative settings, concurrent separation logic verifies hand-offs as formal ownership transfers, yielding a mathematically grounded alternative to simulation-based testing.

What carries the argument

The Spatial Heap, a discrete model that treats physical occupancy as a managed logical resource, together with the Parser-Prover Handshake that feeds machine trajectories into separation-logic triples.

If this is right

Safety verification becomes independent of repetitive geometric re-simulation whenever machining requirements change.
Collaborative CNC environments can be checked by treating machine hand-offs as ownership transfers in concurrent separation logic.
Zero-collision manufacturing acquires a formal foundation that scales with program complexity rather than simulation effort.
Collisions are detected at the level of logical resource disjointness rather than numerical geometry.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

The discrete mapping could be automated inside existing CNC post-processors to provide pre-execution checks.
The approach may generalize to other path-planning domains such as robotic assembly where physical overlaps must be excluded.
A direct comparison of verification runtime against commercial collision simulators on standard G-code benchmarks would quantify the claimed scalability gain.

Load-bearing premise

Tool trajectories and safety buffers can be mapped into a discrete spatial model prior to evaluation without losing critical continuous-time collision information or introducing false negatives.

What would settle it

Run the framework on a CNC program whose continuous-time simulation shows a collision that the discrete spatial model does not flag as a data-race violation.

Figures

Figures reproduced from arXiv: 2605.10437 by Yeonseok Lee.

**Figure 2.** Figure 2: Conceptual Framework: Decoupling Memory Domains via Symbolic Execution [2]. [PITH_FULL_IMAGE:figures/full_fig_p003_2.png] view at source ↗

**Figure 3.** Figure 3: Geometric Modeling: Tool volume expansion via Minkowski Sums. [PITH_FULL_IMAGE:figures/full_fig_p006_3.png] view at source ↗

**Figure 4.** Figure 4: Heap Partitioning for Multi-Tool Execution (Concurrent Separation Logic). [PITH_FULL_IMAGE:figures/full_fig_p014_4.png] view at source ↗

read the original abstract

Safety verification in Computer Numerical Control (CNC) machining has traditionally relied on simulation-based methods that require repetitive tests when requirements change. This paper introduces a formal verification framework that conceptualizes the physical CNC workspace as a Spatial Heap, treating physical occupancy as a managed logical resource. Central to our approach is a Parser-Prover Handshake that decouples machine kinematics from formal logic. By mapping tool trajectories and safety buffers into a discrete spatial model prior to evaluation, the framework enables the use of Separation Logic (SL) to verify safety via formal triples. Within this model, physical collisions are redefined as logical Spatial Data Races, detected through the failure of the separating conjunction to establish disjointness. Furthermore, we extend the methodology to collaborative environments using Concurrent Separation Logic (CSL), where physical hand-offs are verified as formal ownership transfers. This approach provides a scalable, mathematically grounded alternative to geometric simulation, offering a foundation for autonomous, zero-collision manufacturing.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Desk Editor's Note private letter to a colleague

The paper reframes CNC collision safety as separation logic on a spatial heap but supplies no proofs, examples, or soundness argument for the discretization step.

read the letter

The core contribution is a clean conceptual move: treat the CNC workspace as a spatial heap where tool positions and buffers are resources, then use separating conjunction to flag collisions as spatial data races. The parser-prover handshake that keeps kinematics out of the logic is a sensible engineering split, and extending the same idea to concurrent separation logic for multi-machine hand-offs follows naturally. That framing is new enough that it does not collapse into existing work on geometric simulation or standard model checking for CNC paths. The abstract is coherent and the motivation is practical—avoiding repeated simulation runs when specs change—so the idea has a clear audience in applied formal methods for manufacturing. The soft spot is that nothing beyond the redefinition is shown. There are no example triples, no derivation of the heap construction function, and no theorem relating the discrete model back to continuous trajectories. Without a preservation result, it remains possible for a real collision to slip between sample points or buffer overlaps and still satisfy the separating conjunction. The stress-test note on that point is on target; the paper does not address it. The work is therefore still at the level of a proposal rather than a verified method. It is worth sending to referees who know both separation logic and cyber-physical verification, because the target problem is real and the suggested tool is a reasonable fit, but the authors will need to supply the missing formal pieces and at least one worked example before the claim can be evaluated. I would bring it to a reading group only after those details appear.

Referee Report

3 major / 2 minor

Summary. The paper proposes a Separation Logic (SL) framework for verifying physical collisions in CNC programs. It models the workspace as a Spatial Heap, maps tool trajectories and safety buffers to a discrete spatial model via a Parser-Prover Handshake, redefines collisions as Spatial Data Races detected by failure of the separating conjunction, and extends the approach to Concurrent Separation Logic (CSL) for collaborative hand-offs. The central claim is that this provides a scalable, formal alternative to geometric simulation for zero-collision manufacturing.

Significance. If the discretization operator preserves all continuous-time collisions and the SL triples are shown sound for the spatial model, the framework could supply a mathematically grounded verification method that avoids repeated simulations when requirements change. The manuscript supplies no machine-checked proofs, reproducible examples, or falsifiable theorems, so the significance remains prospective rather than demonstrated.

major comments (3)

[Abstract] Abstract and proposed framework: the claim that physical collisions are detected as failures of the separating conjunction requires a formal definition of the heap construction function and a preservation theorem relating continuous kinematics to the discrete Spatial Heap; none is supplied, leaving open the possibility that collisions between sample points or due to buffer overlap remain invisible to the logic.
[Proposed Framework] Parser-Prover Handshake description: the decoupling of machine kinematics from formal logic is presented only conceptually; without a precise definition of the mapping operator or an example triple showing how a trajectory is encoded as heap assertions, it is impossible to confirm that the approach detects all relevant collisions.
[Collaborative Environments] Extension to CSL: the claim that physical hand-offs are verified as ownership transfers rests on standard CSL axioms, but no soundness argument or example is given showing that the spatial model respects the required disjointness and transfer rules for concurrent CNC operations.

minor comments (2)

[Introduction] The terms 'Spatial Heap', 'Spatial Data Race', and 'Parser-Prover Handshake' are introduced without prior reference to related work on spatial logics or resource logics for physical systems; adding such citations would clarify novelty.
[Spatial Heap Model] Notation for the discrete spatial model (e.g., how buffers and trajectories become heap cells) is described at a high level; a small illustrative diagram or pseudocode would improve readability.

Simulated Author's Rebuttal

3 responses · 0 unresolved

We thank the referee for the detailed and constructive comments, which identify key areas where the formal foundations of our framework require strengthening. We respond point by point to the major comments and indicate the revisions we will make to the manuscript.

read point-by-point responses

Referee: [Abstract] Abstract and proposed framework: the claim that physical collisions are detected as failures of the separating conjunction requires a formal definition of the heap construction function and a preservation theorem relating continuous kinematics to the discrete Spatial Heap; none is supplied, leaving open the possibility that collisions between sample points or due to buffer overlap remain invisible to the logic.

Authors: We agree that the manuscript currently presents the core claim at a conceptual level and does not yet supply an explicit definition of the heap construction function or a preservation theorem. This leaves open questions about coverage of continuous-time collisions, sample-point gaps, and buffer overlaps. In the revised manuscript we will add a precise definition of the discretization operator that maps continuous trajectories and safety buffers to the Spatial Heap, together with a preservation theorem stating that every collision detectable in the continuous kinematics produces a failure of the separating conjunction in the discrete model. The theorem will incorporate explicit safety margins to ensure buffer overlaps and inter-sample collisions are captured. revision: yes
Referee: [Proposed Framework] Parser-Prover Handshake description: the decoupling of machine kinematics from formal logic is presented only conceptually; without a precise definition of the mapping operator or an example triple showing how a trajectory is encoded as heap assertions, it is impossible to confirm that the approach detects all relevant collisions.

Authors: The Parser-Prover Handshake is introduced conceptually to highlight the separation between kinematic parsing and logical reasoning. We acknowledge that a precise mapping operator and a concrete example triple are needed to demonstrate collision detection. The revision will include a formal definition of the mapping operator that translates tool trajectories and buffers into spatial assertions (e.g., points and regions in the heap). We will also supply an illustrative safety triple of the form {P} CNC-program {Q} in which P asserts disjoint spatial regions and the failure of * detects a potential collision, thereby making the detection mechanism explicit. revision: yes
Referee: [Collaborative Environments] Extension to CSL: the claim that physical hand-offs are verified as ownership transfers rests on standard CSL axioms, but no soundness argument or example is given showing that the spatial model respects the required disjointness and transfer rules for concurrent CNC operations.

Authors: The extension to Concurrent Separation Logic relies on the standard axioms for ownership transfer, yet the manuscript does not provide a tailored soundness argument or example for the spatial model. We will add a short soundness sketch in the revision showing that the Spatial Heap satisfies the frame rule and the required disjointness conditions because physical workspaces remain spatially separated. We will also include a small collaborative hand-off example formalized as a CSL triple that illustrates the transfer of spatial ownership between CNC agents. revision: yes

Circularity Check

0 steps flagged

No circularity; standard SL application to new domain

full rationale

The paper applies established Separation Logic and Concurrent Separation Logic axioms to model CNC workspaces as a Spatial Heap, with collisions detected via failure of separating conjunction. No derivation step reduces to its own inputs by construction, no parameters are fitted and then relabeled as predictions, and no load-bearing self-citations or author-specific uniqueness theorems are used. The Parser-Prover Handshake and discrete mapping are presented conceptually without equations that loop back to the target result; the framework is self-contained as a domain application of pre-existing formal methods.

Axiom & Free-Parameter Ledger

0 free parameters · 1 axioms · 3 invented entities

The framework introduces three new modeling concepts without independent evidence or formal definitions supplied in the abstract; it relies on the background axioms of Separation Logic.

axioms (1)

standard math Standard Separation Logic axioms for separating conjunction and disjointness
Invoked to detect spatial data races when the conjunction fails to establish disjoint occupancy.

invented entities (3)

Spatial Heap no independent evidence
purpose: Treat physical occupancy in the CNC workspace as a managed logical resource
Core modeling device that allows Separation Logic to be applied to physical space.
Spatial Data Race no independent evidence
purpose: Redefine physical collisions as logical conflicts detectable by Separation Logic
Central redefinition that bridges physical safety to formal verification.
Parser-Prover Handshake no independent evidence
purpose: Decouple machine kinematics from formal logic by pre-mapping trajectories
Mechanism claimed to enable the discrete spatial model.

pith-pipeline@v0.9.0 · 5452 in / 1332 out tokens · 39845 ms · 2026-05-12T05:05:25.952349+00:00 · methodology

discussion (0)

Lean theorems connected to this paper

Citations machine-checked in the Pith Canon. Every link opens the source theorem in the public Lean library.

IndisputableMonolith/Foundation/AlexanderDuality.lean alexander_duality_circle_linking unclear
By mapping tool trajectories and safety buffers into a discrete spatial model prior to evaluation, the framework enables the use of Separation Logic (SL) to verify safety via formal triples... physical collisions are redefined as logical Spatial Data Races, detected through the failure of the separating conjunction
IndisputableMonolith/Foundation/AbsoluteFloorClosure.lean absolute_floor_iff_bare_distinguishability unclear
The spatial heap h is modeled as a finite partial function mapping discrete physical coordinates to their specific occupancy status: h:Z^3 ⇀ status

Forward citations

Cited by 2 Pith papers

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

Correct-by-Construction G-Code Generation: A Neuro-Symbolic Approach via Separation Logic
cs.LO 2026-05 unverdicted novelty 6.0

A neuro-symbolic system uses separation logic to model physical collisions as spatial data races, feeding proof failures back as bounding-box corrections to a neural G-code generator for verified output.
Correct-by-Construction G-Code Generation: A Neuro-Symbolic Approach via Separation Logic
cs.LO 2026-05 unverdicted novelty 5.0

A neuro-symbolic framework combines neural G-code generation with separation logic verification to create self-correcting, verified manufacturing instructions by treating collisions as spatial data races.

Reference graph

Works this paper leans on

16 extracted references · 16 canonical work pages · cited by 1 Pith paper

[1]

Separation logic: A logic for shared mutable data structures

John Charles Reynolds. Separation logic: A logic for shared mutable data structures. InProceedings 17th Annual IEEE Symposium on Logic in Computer Science, pages 55–74. IEEE, 2002. 16 Separation Logic for Verifying Physical Collisions of CNC Programs

work page 2002
[2]

Symbolic execution with separation logic

Josh Berdine, Cristiano Calcagno, and Peter W O’hearn. Symbolic execution with separation logic. InAsian Symposium on Programming Languages and Systems, pages 52–68. Springer, 2005

work page 2005
[3]

Resources, concurrency and local reasoning

Peter W O’hearn. Resources, concurrency and local reasoning. InInternational Conference on Concurrency Theory, pages 49–67. Springer, 2004

work page 2004
[4]

Mechanized semantics for correctness of the rs274 additive manufacturing command language

Mohit Tekriwal and Matthew Sottile. Mechanized semantics for correctness of the rs274 additive manufacturing command language. InNASA Formal Methods Symposium, pages 341–359. Springer, 2025

work page 2025
[5]

An axiomatic basis for computer programming.Communications of the ACM, 12(10):576–580, 1969

Charles Antony Richard Hoare. An axiomatic basis for computer programming.Communications of the ACM, 12(10):576–580, 1969

work page 1969
[6]

On the complexity of pointer arithmetic in separation logic

James Brotherston and Max Kanovich. On the complexity of pointer arithmetic in separation logic. InAsian Symposium on Programming Languages and Systems, pages 329–349. Springer, 2018

work page 2018
[7]

Tractable reasoning in a fragment of separation logic

Byron Cook, Christoph Haase, Joël Ouaknine, Matthew Parkinson, and James Worrell. Tractable reasoning in a fragment of separation logic. InInternational Conference on Concurrency Theory, pages 235–249. Springer, 2011

work page 2011
[8]

Spatial planning: A configuration space approach.IEEE Trans

Tomas Lozano-Perez et al. Spatial planning: A configuration space approach.IEEE Trans. Computers, 32(2):108– 120, 1983

work page 1983
[9]

A simple method for computing minkowski sum boundary in 3d using collision detection

Jyh-Ming Lien. A simple method for computing minkowski sum boundary in 3d using collision detection. In Algorithmic Foundation of Robotics VIII: Selected Contributions of the Eight International Workshop on the Algorithmic Foundations of Robotics, pages 401–415. Springer, 2009

work page 2009
[10]

Minkowski penalties: Robust differentiable constraint enforcement for vector graphics

Jiˇrí Minarˇcík, Sam Estep, Wode Ni, and Keenan Crane. Minkowski penalties: Robust differentiable constraint enforcement for vector graphics. InACM SIGGRAPH 2024 Conference Papers, pages 1–12, 2024

work page 2024
[11]

Concurrent separation logic.ACM SIGLOG News, 3(3):47–65, 2016

Stephen Brookes and Peter W O’Hearn. Concurrent separation logic.ACM SIGLOG News, 3(3):47–65, 2016

work page 2016
[12]

Computing swept volumes.The Journal of Visualization and Computer Animation, 11(2):69–82, 2000

Steven Abrams and Peter K Allen. Computing swept volumes.The Journal of Visualization and Computer Animation, 11(2):69–82, 2000

work page 2000
[13]

The pointer assertion logic engine.ACM SIGPLAN Notices, 36(5):221–231, 2001

Anders Møller and Michael I Schwartzbach. The pointer assertion logic engine.ACM SIGPLAN Notices, 36(5):221–231, 2001

work page 2001
[14]

Recursively feasible shrinking-horizon mpc in dynamic environments with conformal prediction guarantees

Charis Stamouli, Lars Lindemann, and George Pappas. Recursively feasible shrinking-horizon mpc in dynamic environments with conformal prediction guarantees. In6th Annual Learning for Dynamics & Control Conference, pages 1330–1342. PMLR, 2024

work page 2024
[15]

Algorithm for computer control of a digital plotter

Jack E Bresenham. Algorithm for computer control of a digital plotter. InSeminal graphics: pioneering efforts that shaped the field, pages 1–6. ACM, 1998

work page 1998
[16]

Local reasoning about the presence of bugs: Incorrectness separation logic

Azalea Raad, Josh Berdine, Hoang-Hai Dang, Derek Dreyer, Peter O’Hearn, and Jules Villard. Local reasoning about the presence of bugs: Incorrectness separation logic. InInternational Conference on Computer Aided Verification, pages 225–252. Springer, 2020. 17

work page 2020