Academia.eduAcademia.edu

Outline

Title
Abstract
Introduction
Translation Correctness and Discussion
Evaluation and Experimental Results
Case Study: Yaw Damper Controller for 747 Aircraft
Case Study: Glycemic Control in Diabetics
Case Study: Fischer Mutual Exclusion
Additional Case Studies
Conclusion
References
All Topics
Computer Science
Theoretical Computer Science

Hybrid automata: from verification to implementation

Profile image of Sergiy BogomolovSergiy Bogomolov

2017, International Journal on Software Tools for Technology Transfer

https://doi.org/10.1007/S10009-017-0458-1
visibility

description

18 pages

link

1 file

Abstract

Hybrid automata are an important formalism for modeling dynamical systems exhibiting mixed discretecontinuous behavior such as control systems and are amenable to formal verification. However, hybrid automata lack expressiveness compared to integrated model-based design frameworks such as the MathWorks' Simulink/ Stateflow (SlSf). In this paper, we propose a technique for correct-by-construction compositional design of cyberphysical systems (CPS) by embedding hybrid automata into SlSf models. Hybrid automata are first verified using verification tools such as SpaceEx and then automatically translated to embed the hybrid automata into SlSf models such that the properties verified are transferred and maintained in the translated SlSf model. The resultant SlSf model can then be used for automatic code generation and deployment to hardware, resulting in an implementation. The approach is implemented in a software tool building on the HyST model transformation tool for hybrid systems. We show the effectiveness of our approach on a CPS case study-a closed-loop buck converter-and validate the overall correct-by-construction methodology: from formal verification to implementation in hardware controlling an actual physical plant. DISTRIBUTION A. Approved for public release; Distribution unlimited. (Approval AFRL PA #88ABW-2015-2402).

Related papers

Towards the Modular Specification and Validation of Cyber-Physical Systems
Christiano Braga

Computational Science and Its Applications – ICCSA 2018, 2018

Cyber-Physical Systems (CPS) are systems controlled by one or more computer-based components tightly integrated with a set of physical components, typically described as sensors and actuators, that can either be directly attached to the computer components, or at a remote location, and accessible through a network connection. The modeling and verification of such systems is a hard task and error prone that require rigorous techniques. Hybrid automata is a formalism that extends finite-state automata with continuous behavior, described by ordinary differential equations. This paper uses a rewriting logic-based technique to model and validate CPS, thus exploring the use of a formal technique to develop such systems that combines expressive specification with efficient state-based analysis. Moreover, we aim at the modular specification of such systems such that each CPS component is independently specified and the final system emerges as the synchronous product of its constituent components. We model CPSs using Linear Hybrid Automaton and implement them in Real-Time Maude, a rewriting logic tool for real-time systems. With this method, we develop a specification for the n-reservoir problem, a CPS that controls a hose to fill a number of reservoirs according to the physical properties of the hose and the reservoirs.

View PDFchevron_right
A case study of systematic top-down design of cyber-physical models with integrated validation and formal verification
Hermann Kaindl

Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing

models are required to handle the complexity for designing and verifying large-scale systems. An open problem is to consistently and systematically derive a more concrete model from an abstract model with regard to verification of its behavior against certain properties. Based on our recently proposed workflow for systematic top-down design of models of a Cyber-physical System (CPS), we present an in-depth case study of Adaptive Cruise Control (ACC). It includes both verification through model checking and validation in the sense that a refined model is checked for its fit with reality. This approach works top-down for designing a concrete model by starting from an abstract model. The resulting concrete model was validated and indirectly verified in this case study. In addition, we made a cross-check by verifying it directly on the concrete level. Hence, our case study provides some empirical evidence on the feasibility of this new workflow for top-down design of models. CCS CONCEPTS • Software and its engineering → Software design engineering; Formal software verification;

View PDFchevron_right
Correct-by-construction code generation from hybrid automata specification
Tiziano Villa

2011 7th International Wireless Communications and Mobile Computing Conference, 2011

In the last years hybrid automata have been applied in the design and verification of embedded systems. Once a hybrid model of the system has been proved to be correct with respect to the desired properties, it would be valuable to extract a correct-by-construction HW/SW implementation of it. This work discusses a methodology and a corresponding tool chain that allow to extract a HW/SW implementation of a controller modeled by a subclass of timed automata, named elastic controllers, whereas the controlled environment is represented by a hybrid automaton. The required tools have been either developed from scratch or extended from the current state-of-the-art in order to support an automated flow from hybrid automata specifications to correct-by-construction discrete implementations described in the SystemC language.

View PDFchevron_right
Safety-guarantee controller synthesis for cyber-physical systems
Pritam Roy

2010

The verification and validation of cyber-physical systems is known to be a difficult problem due to the different modeling abstractions used for control components and for software components. A recent trend to address this difficulty is to reduce the need for verification by adopting correct-bydesign methodologies. According to the correct-by-design paradigm, one seeks to automatically synthesize a controller that can be refined into code and that enforces temporal specifications on the cyber-physical system. In this paper we consider an instance of this problem where the specifications are given by a fragment of Linear Temporal Logic (LTL) and the physical environment is described by a smooth differential equation. The contribution of this paper is to show that synthesis for cyber-physical systems is viable by considering a fragment of LTL that is expressive enough to describe interesting properties but simple enough to avoid Safra's construction. We report on two examples illustrating a preliminary implementation of these techniques on the tool Pes-soaLTL.

View PDFchevron_right
Refinement of Hybrid Systems from Formal Models to Design Languages
Christoph Grimm

System-level design for discrete-continuous embedded systems is a complex and errorprone task. While existing design languages like SystemC and its extension to the mixedsignal domain, SystemC-AMS, are well supported by a wealth of tools and libraries, they lack both mathematical precision and intuitive, abstract design notations. Graphical design notations with formal foundations such as HyCharts suffer from the lack of tool support and acceptance in the developer community. To overcome the deficiencies of both approaches, we present a design flow from graphical HyCharts to SystemC-AMS designs. This design flow uses a formally founded refinement technique to ensure the overall consistency of the design. * This work was supported with funds of the Deutsche Forschungsgemeinschaft under reference numbers Br 887/9 and Wa 357/14-2 within the priority program Design and design methodology of embedded systems.

View PDFchevron_right
Hybrid Modeling and Verification of Embedded Control Systems
Gautam Biswas

IFAC Proceedings Volumes, 1997

Contemporary process control includes continuous time PID controllers for actuation, and at a higher level, supervisory control mechanisms to select appropriate control algorithms for the different modes of system operation in an attempt to achieve optimal or near-optimal control. To model and analyze such control phenomena that include discrete and continuous components requires the use of hybrid modeling techniques. This paper presents a hybrid modeling paradigm that identifies and captures the phenomena specific to hybrid system models, and specifies its execution semantics based on the principles of invariance of 8tate and temporal evolution of state. The modeling methodology is applied to analysis of control behavior in dynamic physical systems, and model verification based on divergence of time demonstrates possible applications in design tasks.

View PDFchevron_right
Building a Hybrid Systems Modeler on Synchronous Languages Principles
Jean-louis Colaço

Proceedings of the IEEE

Hybrid systems modeling languages that mix discrete and continuous time signals and systems are widely used to develop Cyber-Physical systems where control software interacts with physical devices. Compilers play a central role, statically checking source models, generating intermediate representations for testing and verification, and producing sequential code for simulation and execution on target platforms. This paper presents a novel approach to the design and implementation of a hybrid systems language, built on synchronous language principles and their proven compilation techniques. The result is a hybrid systems modeling language in which synchronous programming constructs can be mixed with Ordinary Differential Equations (ODEs) and zero-crossing events, and a runtime that delegates their approximation to an off-the-shelf numerical solver. We propose an ideal semantics based on non standard analysis, which defines the execution of a hybrid model as an infinite sequence of infinitesimally small time steps. It is used to specify and prove correct three essential compilation steps: (1) a type system that guarantees that a continuous-time signal is never used where a discrete-time one is expected and conversely; (2) a type system that ensures the absence of combinatorial loops; (3) the generation of statically scheduled code for efficient execution. Our approach has been evaluated in two implementations: the academic language Zélus, which extends a language reminiscent of Lustre with ODEs and zero-crossing events, and the industrial prototype Scade Hybrid, a conservative extension of Scade 6.

View PDFchevron_right
Formal specifications for hybrid dynamical systems
Pieter J Mosterman

International Joint Conference on Artificial Intelligence, 1997

Modeling abstractions in physical systems result in hybrid models which encompass continuous behaviors with discrete changes, causing discontinuities in system behavior generation which violate the physical laws of conservation of energy and continuity of power. This paper develops a formal specification for handling discrete model configuration changes at welldefined points in time, and a consistent transfer of the continuous system state from a previous model configuration to a new one based on the ...

View PDFchevron_right
The Impact of Hybrid Automata on System Modeling and Analysis
Isabella Kotini

The use of formal methods, techniques and tools may generally guarantee a systems' safe operation. Such a process includes system modeling with a mathematical model, which is an approximation of the physical system, and is used to make easier the next step of analysis. Formal analysis of hybrid systems, which involve mixed continuous-valued and discrete dynamics, is concerned with verifying whether a hybrid system satisfies a desired specification, like avoiding an unsafe region of the state space. In this paper, we examine the general impact of hybrid automata on modeling and analyzing hybrid systems and we discuss in particular some advantages that arise when exploiting them in the context of particular methods for verifying the reachability of states in common paradigms that have already being investigated with other classical methods. Finally, we use two case studies concerning different classes of hybrid automata to demonstrate the applicability and the efficiency of explo...

View PDFchevron_right
Formal verification of hybrid systems using CheckMate: A case study
Izaias Silva

2000

We present a formal verification of a control algorithm from the literature for a four-cylinder four-stroke engine in the cutoff mode. The controlled system is modeled, simulated and verified using CheckMate, a tool for formal verification of hybrid systems developed at Carnegie Mellon University. CheckMate automatically constructs a polyhedral-invariant hybrid automaton (PIHA) from a Matlab/Simulink model of the hybrid system and performs the verification using discrete model approximations. This case study illustrates how verification can be performed directly on a model of the hybrid system dynamics without first constructing an approximation to the continuous dynamics using timed automata or so-called linear hybrid automata models.

View PDFchevron_right

References (46)

  1. Agrawal, A., Simon, G., Karsai, G.: Semantic translation of Simulink/Stateflow models to hybrid automata using graph trans- formations. Electr. Notes Theor. Comput. Sci 109, 43-56 (2004). doi:10.1016/j.entcs.2004.02.055
  2. Agut, D.E.N., van Beek, D.A., Rooda, J.E.: Syntax and semantics of the compositional interchange format for hybrid systems. J. Log. Algebr. Program 82(1), 1-52 (2013). doi:10.1016/j.jlap.2012.07. 001
  3. Alur, R., Kanade, A., Ramesh, S., Shashidhar, K.C.: Symbolic analysis for improving simulation coverage of Simulink/Stateflow models. In: EMSOFT, pp. 89-98. ACM (2008). doi:10.1145/ 1450058.1450071
  4. Annpureddy, Y., Liu, C., Fainekos, G.E., Sankaranarayanan, S.: S- TaLiRo: a tool for temporal logic falsification for hybrid systems. In: TACAS, vol. 6605, pp. 254-257. Springer (2011). doi:10.1007/ 978-3-642-19835-9_21
  5. Bak, S., Bogomolov, S., Johnson, T.T.: HYST: a source transforma- tion and translation tool for hybrid automaton models. In: HSCC, pp. 128-133, ACM (2015). doi:10.1145/2728606.2728630
  6. Bak, S., Johnson, T.T.: Periodically-scheduled controller analysis using hybrid systems reachability and continuization. In: RTSS, pp. 195-205. IEEE Computer Society (2015). doi:10.1109/RTSS. 2015.26
  7. Balasubramanian, D., Pasareanu, C.S., Whalen, M.W., Karsai, G., Lowry, M.R.: Polyglot: modeling and analysis for multiple state- chart formalisms. In: ISSTA, pp. 45-55. ACM (2011), doi:10.1145/ 2001420.2001427
  8. Bogomolov, S., Donzé, A., Frehse, G., Grosu, R., Johnson, T.T., Ladan, H., Podelski, A., Wehrle, M.: Guided search for hybrid systems based on coarse-grained space abstractions. STTT 18(4), 449-467 (2016). doi:10.1007/s10009-015-0393-y
  9. Bogomolov, S., Frehse, G., Greitschus, M., Grosu, R., Pasare- anu, C.S., Podelski, A., Strump, T.: Assume-guarantee abstraction refinement meets hybrid systems. In: HVC. LNCS, vol. 8855, pp. 116-131. Springer (2014). doi:10.1007/978-3-319-13338-6_10
  10. Bogomolov, S., Frehse, G., Grosu, R., Ladan, H., Podelski, A., Wehrle, M.: A box-based distance between regions for guiding the reachability analysis of SpaceEx. In: CAV. LNCS, vol. 7358, pp. 479-494. Springer (2012). doi:10.1007/978-3-642-31424-7_35
  11. Bogomolov, S., Schilling, C., Bartocci, E., Batt, G., Kong, H., Grosu, R.: Abstraction-based parameter synthesis for multiaffine systems. In: HVC. LNCS, vol. 9434, pp. 19-35. Springer (2015). doi:10.1007/978-3-319-26287-1_2
  12. Bouissou, O., Chapoutot, A.: An operational semantics for Simulink's simulation engine. In: LCTES, pp. 129-138. ACM (2012). doi:10.1145/2248418.2248437
  13. Carloni, L., Di Benedetto, M.D., Pinto, A., Sangiovanni- Vincentelli, A.: Modeling techniques, programming languages, design toolsets and interchange formats for hybrid systems. Tech. Rep. (2004)
  14. Carloni, L.P., Passerone, R., Pinto, A., Sangiovanni-Vincentelli, A.L.: Languages and tools for hybrid systems design. In: Founda- tions and Trends in Electronic Design Automation 1(1/2) (2006). doi:10.1561/1000000001
  15. Chen, M., Ravn, A.P., Wang, S., Yang, M., Zhan, N.: A two-way path between formal and informal design of embedded systems. In: UTP. LNCS, vol. 10134, pp. 65-92. Springer (2016)
  16. Chen, X., Ábrahám, E., Sankaranarayanan, S.: Flow*: an analyzer for non-linear hybrid systems. In: CAV. LNCS, vol. 8044, pp. 258- 263. Springer (2013). doi:10.1007/978-3-642-39799-8_18
  17. Clarke, E.M., Zuliani, P.: Statistical model checking for cyber- physical systems. In: ATVA. LNCS, vol. 6996, pp. 1-12. Springer (2011). doi:10.1007/978-3-642-24372-1_1
  18. Donzé, A.: Breach, a toolbox for verification and parameter syn- thesis of hybrid systems. In: CAV. LNCS, vol. 6174, pp. 167-170. Springer (2010). doi:10.1007/978-3-642-14295-6_17
  19. Duggirala, P.S., Mitra, S., Viswanathan, M.: Verification of anno- tated models from executions. In: EMSOFT, pp. 26:1-26:10. IEEE (2013). doi:10.1109/EMSOFT.2013.6658604
  20. Fisher, M.E.: A semiclosed-loop algorithm for the control of blood glucose levels in diabetics. IEEE Trans. Biomed. Eng. 38(1), 57-61 (1991)
  21. Frehse, G., Guernic, C.L., Donzé, A., Cotton, S., Ray, R., Lebeltel, O., Ripado, R., Girard, A., Dang, T., Maler, O.: SpaceEx: Scalable verification of hybrid systems. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV. LNCS, vol. 6806, pp. 379-395. Springer (2011). doi:10.1007/978-3-642-22110-1_30
  22. Hamon, G.: A denotational semantics for Stateflow. In: EMSOFT, pp. 164-172. ACM (2005). doi:10.1145/1086228.1086260
  23. Hamon, G., Rushby, J.M.: An operational semantics for Stateflow. STTT 9(5-6), 447-456 (2007). doi:10.1007/s10009-007-0049-7
  24. Hybrid Automata: From verification to implementation- supplementary material. http://swt.informatik.uni-freiburg.de/ tool/spaceex/ha2slsf
  25. Jiang, Z., Pajic, M., Alur, R., Mangharam, R.: Closed-loop verifi- cation of medical devices with model abstraction and refinement. STTT 16(2), 191-213 (2014). doi:10.1007/s10009-013-0289-7
  26. Johansson, K.H., Egerstedt, M., Lygeros, J., Sastry, S.: On the regularization of zeno hybrid automata. Syst. Control Lett. 38(3), 141-150 (1999)
  27. Larsen, K.G., Pettersson, P., Yi, W.: UPPAAL in a nutshell. STTT 1(1-2), 134-152 (1997). doi:10.1007/s100090050010
  28. Lavalle, S.M., Kuffner, J.J., Jr.: Rapidly-exploring random trees: progress and prospects. In: Donald, B., Lynch, K., Rus, D. (eds.) Algorithmic and Computational Robotics: New Directions, pp. 293-308. A K Peters/CRC Press (2000)
  29. Manamcheri, K., Mitra, S., Bak, S., Caccamo, M.: A step towards verification and synthesis from Simulink/Stateflow models. In: Pro- ceedings of the 14th international conference on Hybrid systems: computation and control HSCC'11, pp. 317-318. ACM (2011). doi:10.1145/1967701.1967749
  30. Minopoli, S., Frehse, G.: From simulation models to hybrid automata using urgency and relaxation. In: HSCC, pp. 287-296. ACM (2016). doi:10.1145/2883817.2883825
  31. Minopoli, S., Frehse, G.: SL2SX translator: from Simulink to SpaceEx models. In: HSCC, pp. 93-98. ACM (2016). doi:10.1145/ 2883817.2883826
  32. Nguyen, L.V., Johnson, T.T.: Benchmark: DC-to-DC switched- mode power converters (buck converters, boost converters, and buck-boost converters). In: ARCH. EPiC Series in Computing, vol. 34, pp. 19-24. EasyChair (2014). http://www.easychair. org/publications/paper/Benchmark_DC-to-DC_Switched-Mode_ Power_Converters_-Buck_Converters-_Boost_Converters-_and_ Buck-Boost_Converters
  33. Pajic, M., Jiang, Z., Lee, I., Sokolsky, O., Mangharam, R.: From verification to implementation: a model translation tool and a pace- maker case study. In: RTAS, pp. 173-184. IEEE Computer Society (2012). doi:10.1109/RTAS.2012.25
  34. Pajic, M., Jiang, Z., Lee, I., Sokolsky, O., Mangharam, R.: Safety- critical medical device development using the UPP2SF model translation tool. ACM Trans. Embed. Comput. Syst. 13(4s), 127:1- 127:26 (2014). doi:10.1145/2584651
  35. Pajic, M., Mangharam, R., Sokolsky, O., Arney, D., Goldman, J.M., Lee, I.: Model-driven safety analysis of closed-loop medical sys- tems. IEEE Trans. Ind. Inform. 10(1), 3-16 (2014). doi:10.1109/ TII.2012.2226594
  36. Pinto, A., Carloni, L.P., Passerone, R., Sangiovanni-Vincentelli, A.L.: Interchange format for hybrid systems: abstract semantics. In: HSCC. LNCS, vol. 3927, pp. 491-506. Springer (2006). doi:10. 1007/11730637_37
  37. Pinto, A., Sangiovanni-Vincentelli, A.L., Carloni, L.P., Passerone, R.: Interchange formats for hybrid systems: review and proposal. In: HSCC. LNCS, vol. 3414, pp. 526-541. Springer (2005). doi:10. 1007/978-3-540-31954-2_34
  38. Sampath, P., Rajeev, A.C., Ramesh, S.: Translation validation for Stateflow to C. In: DAC, pp. 23:1-23:6. ACM (2014). doi:10.1145/ 2593069.2593237
  39. Sanfelice, R.G., Copp, D.A., Nanez, P.: A toolbox for simulation of hybrid systems in Matlab/Simulink: hybrid equations (HyEQ) tool- box. In: HSCC, pp. 101-106. ACM (2013). doi:10.1145/2461328. 2461346
  40. Schrammel, P., Jeannet, B.: From hybrid data-flow languages to hybrid automata: a complete translation. In: HSCC, pp. 167-176. ACM (2012). doi:10.1145/2185632.2185658
  41. Severns, R.P., Bloom, G.: Modern DC-to-DC Switchmode Power Converter Circuits. Van Nostrand Reinhold Company, New York (1985)
  42. Simulink Design Verifier. http://www.mathworks.com/products/ sldesignverifier/
  43. Tiwari, A., Shankar, N., Rushby, J.M.: Invisible formal methods for embedded control systems. Proc. IEEE 91(1), 29-39 (2003)
  44. Yan, G., Jiao, L., Li, Y., Wang, S., Zhan, N.: Approximate bisimula- tion and discretization of hybrid CSP. In: Fitzgerald, J., Heitmeyer, C., Gnesi, S., Philippou, A., (eds.) FM. LNCS, vol. 9995, pp. 702- 720.
  45. Springer, Cham (2016) doi:10.1007/978-3-319-48989-6_43
  46. Zou, L., Zhan, N., Wang, S., Fränzle, M.: Formal verification of Simulink/Stateflow diagrams. In: Finkbeiner, B., Pu, G., Zhang, L. (eds.) ATVA. LNCS, vol. 9364, pp. 464-481. Springer, Cham (2015) doi:10.1007/978-3-319-24953-7_33

Related papers

Automating Abstraction Computation of Hybrid Systems
Philippe Dague

2018

Hybrid systems exhibit an interaction of discrete control decisions with continuous physical processes and are present at the core of cyberphysical systems. The verification task of such systems is challenging. In this paper, we are concerned with abstraction methods of hybrid systems. An abstraction can be used to automate the verification of properties such as safety or more complex ones when combined with a model checking algorithm. A tool that automatically computes an abstraction of a given hybrid system with at most polynomial expressiveness is presented. The computed abstraction can be manually refined to achieve further precision guided by the system designer. The tool is tested over several examples.

View PDFchevron_right
Hybrid Cyberphysical System Verification with Simplex Using Discrete Abstractions
Stanley Bak, Sayan Mitra

2010 16th IEEE Real-Time and Embedded Technology and Applications Symposium, 2010

Providing integrity, efficiency, and performance guarantees is a key challenge in the development of nextgeneration cyberphysical systems. Rather than mandating complete system verification, the Simplex Architecture provides robust designs by incorporating a supervisory controller that takes corrective action only when the system is in danger of violating a desired invariant property such as safety. The central issue in applying this approach is designing the switching logic for the supervisory controller such that it guarantees safety and at the same time is not overly conservative. Previous research in the area relied on finding Lyapunov functions for the underlying continuous dynamical system. In contrast, in this paper, we present an automatic method for solving this design problem through discrete abstractions of the underlying hybrid system and model checking. We present a case study where, in collaboration with John Deere, we use the developed approach to create the Simplex decision module for an off-road vehicle, which is formally verified as both correct and timely.

View PDFchevron_right
HyDI: A Language for Symbolic Hybrid Systems with Discrete Interaction
S. Tonetta

2011 37th EUROMICRO Conference on Software Engineering and Advanced Applications, 2011

Complex embedded systems consist of software and hardware components that operate autonomous devices interacting with the physical environment. The complexity of such systems makes the design very challenging and demands for advanced validation techniques. Hybrid automata are a clean and consolidated formal language for modeling embedded systems which include discrete and continuous dynamics. They are based on a finite-state automaton structure enriched with invariant and flow conditions to model the continuous dynamics. In this paper, we propose a new language, HYDI, for modeling Hybrid systems with Discrete Interaction. The purpose of the language is to apply state-of-the-art symbolic model checkers for infinite-state systems to the verification of complex embedded systems design. HYDI extends the standard symbolic language SMV with timing and synchronization aspects. The language distinguishes between discrete and continuous variables. Variables inside SMV modules evolve synchronously. Top-level modules represent the asynchronous components of a network and use explicit events to synchronize. The new language is automatically compiled into equivalent discrete-time infinite-state transition systems.

View PDFchevron_right
HyTech: A model checker for hybrid systems
Pei-Hsin Ho

Computer Aided Verification, 1997

A hybrid system consists of a collection of digital programs that interact with each other and with an analog environment. Examples of hybrid systems include medical equipment, manufacturing controllers, automotive controllers, and robots. The formal analysis of the mixed digital-analog nature of these systems requires a model that incorporates the discrete behavior of computer programs with the continuous behavior of environment variables, such as temperature and pressure. Hybrid automata capture both types of behavior by combining finite automata with differential inclusions (i.e. differential inequalities). HYTECH is a symbolic model checker for linear hybrid automata, an expressive, yet automatically analyzable, subclass of hybrid automata. A key feature of HYTECH is its ability to perform parametric analysis, i.e. to determine the values of design parameters for which a linear hybrid automaton satisfies a temporal requirement. From finite to hybrid automata. Model checking Ill, 39], and in particular symbolic model checking [10] (i.e. the manipulation of state sets rather than individual states), has been proven an effective technique for the automatic analysis of complex finite-state systems. The first extensions of discrete models toward mixed discrete

View PDFchevron_right
Contract-Based Design for Computation and Verification of a Closed-Loop Hybrid System
Alberto Sangiovanni Vincentelli

Hybrid Systems: Computation and Control

Contract-based design is an approach where the design process is seen as a successive assembly of components where a component is represented in terms of assumptions about its environment and guarantees about its behavior. In the composition, if assumptions of each component are contained in guarantees offered by the others, then the composition is well formed. In this paper, we focus on contract-based design and the use of Heterogeneous Rich Component models for embedded controllers where the plant, sensors and actuators are described by hybrid systems. We assume that the components are assembled in a feedback configuration. The problem is to show that this composition satisfies requirements using the assumptions-guarantees of the plant, sensors, actuators and controller. To do so, we give rules on how to compose assumptions and promises for components in cascade and feedback configurations. We then apply these rules to expose the actual calculation involved on a test case, a water-level control problem. We also show how to check that the requirements on the closed-loop configuration are satisfied, i.e, that they are contained in the promises of this configuration using a formal verification tool (Ariadne) for hybrid systems.

View PDFchevron_right

Related topics

  • Computer Science
  • Theory Of Computation

    • Cited by

    NeuralExplorer: State Space Exploration of Closed Loop Control Systems Using Neural Networks
    Manish Goyal

    2020

    In this paper, we propose a framework for performing state space exploration of closed loop control systems. Our approach involves approximating sensitivity and a newly introduced notion of inverse sensitivity by a neural network. We show how the approximation of sensitivity and inverse sensitivity can be used for computing estimates of the reachable set. We then outline algorithms for performing state space exploration by generating trajectories that reach a neighborhood. We demonstrate the effectiveness of our approach by applying it not only to standard linear and nonlinear dynamical systems, but also to nonlinear hybrid systems and also neural network based feedback control systems.

    View PDFchevron_right
    Neural State Classification for Hybrid Systems
    Dung Phan

    Automated Technology for Verification and Analysis, 2018

    We introduce the State Classification Problem (SCP) for hybrid systems, and present Neural State Classification (NSC) as an efficient solution technique. SCP generalizes the model checking problem as it entails classifying each state s of a hybrid automaton as either positive or negative, depending on whether or not s satisfies a given time-bounded reachability specification. This is an interesting problem in its own right, which NSC solves using machine-learning techniques, Deep Neural Networks in particular. State classifiers produced by NSC tend to be very efficient (run in constant time and space), but may be subject to classification errors. To quantify and mitigate such errors, our approach comprises: i) techniques for certifying, with statistical guarantees, that an NSC classifier meets given accuracy levels; ii) tuning techniques, including a novel technique based on adversarial sampling, that can virtually eliminate false negatives (positive states classified as negative), thereby making the classifier more conservative. We have applied NSC to six nonlinear hybrid system benchmarks, achieving an accuracy of 99.25% to 99.98%, and a false-negative rate of 0.0033 to 0, which we further reduced to 0.0015 to 0 after tuning the classifier. We believe that this level of accuracy is acceptable in many practical applications, and that these results demonstrate the promise of the NSC approach.

    View PDFchevron_right
    580 California St., Suite 400
    San Francisco, CA, 94104
    © 2025 Academia. All rights reserved