Academia.eduAcademia.edu

Outline

Title
Abstract
Introduction
Experiments and Results
Discussion
References
All Topics
Computer Science
Computational Theory and Mathematics

Falsification of LTL safety properties in hybrid systems

Profile image of Erion PlakuErion Plaku

2013, International Journal on Software Tools for Technology Transfer

https://doi.org/10.1007/S10009-012-0233-2
visibility

description

15 pages

link

1 file

Abstract

This paper develops a novel computational method for the falsification of safety properties specified by syntactically safe linear temporal logic (LTL) formulas φ for hybrid systems with general nonlinear dynamics and input controls. The method is based on an effective combination of robot motion planning and model checking. Experiments on a hybrid robotic system benchmark with nonlinear dynamics show significant speedup over related work. The experiments also indicate significant speedup when using minimized DFA instead of non-minimized NFA, as obtained by standard tools, for representing the violating prefixes of φ.

Related papers

Time-Triggered Conversion of Guards for Reachability Analysis of Hybrid Automata
Sergiy Bogomolov

Formal Modeling and Analysis of Timed Systems, 2017

A promising technique for the formal verification of embedded and cyber-physical systems is flow-pipe construction, which creates a sequence of regions covering all reachable states over time. Flow-pipe construction methods can check whether specifications are met for all states, rather than just testing using a finite and incomplete set of simulation traces. A fundamental challenge when using flow-pipe construction on high-dimensional systems is the cost of geometric operations, such as intersection and convex hull. We address this challenge by showing that it is often possible to remove the need to perform high-dimensional geometric operations by combining two model transformations, direct time-triggered conversion and dynamics scaling. Further, we prove the overapproximation error in the conversion can be made arbitrarily small. Finally, we show that our transformation-based approach enables the analysis of a drivetrain system with up to 51 dimensions.

View PDFchevron_right
A Program Logic to Verify Signal Temporal Logic Specifications of Hybrid Systems: Extended Technical Report
Hammad Ahmad

2021

Signal temporal logic (STL) was introduced for monitoring temporal properties of continuous-time signals for continuous and hybrid systems. Differential dynamic logic (dL) was introduced to reason about the end states of a hybrid program. Over the past decade, STL and its variants have significantly gained in popularity in the industry for monitoring purposes, while dL has gained in popularity for verification of hybrid systems. In this paper, we bridge the gap between the two different logics by introducing signal temporal dynamic logic (STdL)-a dynamic logic that reasons about a subset of STL specifications over executions of hybrid systems. Our work demonstrates that STL can be used for deductive verification of hybrid systems. STdL significantly augments the expressiveness of dL by allowing reasoning about temporal properties in given time intervals. We provide a semantics and a proof calculus for STdL, along with a proof of soundness and relative completeness. 1

View PDFchevron_right
Hybrid systems: From verification to falsification
Moshe Vardi

2007

We propose HyDICE, Hybrid DIscrete Continuous Exploration, a multi-layered approach for hybrid-system testing that integrates continuous sampling-based robot motion planning with discrete searching. The discrete search uses the discrete transitions of the hybrid system and coarse-grained decompositions of the continuous state spaces or related projections to guide the motion planner during the search for witness trajectories.

View PDFchevron_right
Safety verification and reachability analysis for hybrid systems
Othman Nasri

Annual Reviews in Control, 2009

Safety verification and reachability analysis for hybrid systems is a very active research domain. Many approaches that seem quite different, have been proposed to solve this complex problem. This paper presents an overview of various approaches for autonomous, continuous-time hybrid systems and presents them with respect to basic problems related to verification.

View PDFchevron_right
A program logic to verify signal temporal logic specifications of hybrid systems
Hammad Ahmad

Proceedings of the 24th International Conference on Hybrid Systems: Computation and Control, 2021

Signal temporal logic (STL) was introduced for monitoring temporal properties of continuous-time signals for continuous and hybrid systems. Differential dynamic logic (dL) was introduced to reason about the end states of a hybrid program. Over the past decade, STL and its variants have significantly gained in popularity in the industry for monitoring purposes, while dL has gained in popularity for verification of hybrid systems. In this paper, we bridge the gap between the two different logics by introducing signal temporal dynamic logic (STdL) - a dynamic logic that reasons about a subset of STL specifications over executions of hybrid systems. Our work demonstrates that STL can be used for deductive verification of hybrid systems. STdL significantly augments the expressiveness of dL by allowing reasoning about temporal properties in given time intervals. We provide a semantics and a proof calculus for STdL, along with a proof of soundness and relative completeness.

View PDFchevron_right
PTIME Parametric Verification of Safety Properties for Reasonable Linear Hybrid Automata
W. Damm

Mathematics in Computer Science, 2011

This paper identifies an industrially relevant class of linear hybrid automata (LHA) called reasonable LHA for which parametric verification of convex safety properties with exhaustive entry states can be verified in polynomial time and time-bounded reachability can be decided in nondeterministic polynomial time for non-parametric verification and in exponential time for parametric verification. Properties with exhaustive entry states are restricted to runs originating in a (specified) inner envelope of some mode-invariant. Deciding whether an LHA is reasonable is shown to be decidable in polynomial time.

View PDFchevron_right
Deterministic Compilation of Temporal Safety Properties in Explicit State Model Checking
Moshe Vardi

Abstract. The translation of temporal logic specifications constitutes an essential step in model checking and a major influence on the efficiency of formal verification via model checking. We devise a new explicit-state translation of Linear Temporal Logic to automata for the class of LTL specifications that describe safety properties, arguably the most used formal specifications in real-world systems.

View PDFchevron_right
A Symbolic Approach to Safety ltl Synthesis
Moshe Vardi

Hardware and Software: Verification and Testing, 2017

Temporal synthesis is the automated design of a system that interacts with an environment, using the declarative specification of the system's behavior. A popular language for providing such a specification is Linear Temporal Logic, or LTL. LTL synthesis in the general case has remained, however, a hard problem to solve in practice. Because of this, many works have focused on developing synthesis procedures for specific fragments of LTL, with an easier synthesis problem. In this work, we focus on Safety LTL, defined here to be the Until-free fragment of LTL in Negation Normal Form (NNF), and shown to express a fragment of safe LTL formulas. The intrinsic motivation for this fragment is the observation that in many cases it is not enough to say that something "good" will eventually happen, we need to say by when it will happen. We show here that Safety LTL synthesis is significantly simpler algorithmically than LTL synthesis. We exploit this simplicity in two ways, first by describing an explicit approach based on a reduction to Horn-SAT, which can be solved in linear time in the size of the game graph, and then through an efficient symbolic construction, allowing a BDD-based symbolic approach which significantly outperforms extant LTL-synthesis tools.

View PDFchevron_right
Verisig: verifying safety properties of hybrid systems with neural network controllers
George Pappas

2018

This paper presents Verisig, a hybrid system approach to verifying safety properties of closed-loop systems using neural networks as controllers. Although techniques exist for verifying input/output properties of the neural network itself, these methods cannot be used to verify properties of the closed-loop system (since they work with piecewise-linear constraints that do not capture non-linear plant dynamics). To overcome this challenge, we focus on sigmoid-based networks and exploit the fact that the sigmoid is the solution to a quadratic differential equation, which allows us to transform the neural network into an equivalent hybrid system. By composing the network's hybrid system with the plant's, we transform the problem into a hybrid system verification problem which can be solved using state-of-the-art reachability tools. We show that reachability is decidable for networks with one hidden layer and decidable for general networks if Schanuel's conjecture is true. W...

View PDFchevron_right
A Compositional Approach to the Verification of Hybrid Systems
Lacramioara Astefanoaei

Lecture Notes in Computer Science, 2016

The increase of complexity in modelling systems and the chances of success when model-checking them tend to be inversely proportional. This mere observation justifies plainly the need to investigate alternative ways for verification. In this paper we present such an alternative which uses a compositional verification rule. The basic idea is to automatically compute local properties and combine them such that together they are strong enough to prove global safety properties of systems. In we showed how such a rule works in the framework of timed systems with a fixed number of components and in [3] how the whole approach can be extended to the parameterised case. The application of the compositional verification rule can be pushed even further with respect to two directions: (1) hybrid and (2) parametric systems. This is the subject of the present paper.

View PDFchevron_right

References (31)

  1. Tomlin, C.J., Mitchell, I., Bayen, A., Oishi, M.: Computational techniques for the verification and control of hybrid systems. Proc of IEEE 91(7) (2003) 986-1001
  2. Alur, R., Belta, C., Ivancic, F.: Hybrid modeling and simulation of biomolecular networks. In: Hybrid Systems: Computation & Control. LNCS (2001), 2034:19-32
  3. Alur, R., Courcoubetis, C., Halbwachs, N., Henzinger, T.A., Ho, P.H., Nicollin, X., Olivero, A., Sifakis, J., Yovine, S.: The algorithmic analysis of hybrid systems. Theoretical Computer Science 138(1) (1995) 3-34
  4. Henzinger, T., Kopke, P., Puri, A., Varaiya, P.: What's decidable about hybrid automata? In: ACM Symp on Theory of Computing. (1995) 373-382
  5. Mitchell, I.M.: Comparing forward and backward reachability as tools for safety analysis. In: Hybrid Systems Computation & Control. LNCS (2007) 4416:428-443
  6. Alur, R., Henzinger, T.A., Lafferriere, G., Pappas, G.: Discrete abstractions of hybrid systems. Proc of IEEE 88(7) (2000) 971-984
  7. Clarke, E., Fehnker, A., Han, Z., Krogh, B., Ouaknine, J., Stursberg, O., Theobald, M.: Abstraction and Counterexample-guided Refinement in Model Checking of Hybrid Systems. Intl J of Foundations of Computer Science 14(4) (2003) 583-604
  8. Giorgetti, N., Pappas, G.J., Bemporad, A.: Bounded model checking for hybrid dynamical systems. In: Conf on Decision & Control, Seville, Spain (2005) 672-677
  9. Bhatia, A., Frazzoli, E.: Incremental search methods for reachability analysis of continuous and hybrid systems. In: Hybrid Systems: Computation & Control. LNCS (2004) 2993:142-156
  10. Kim, J., Esposito, J.M., Kumar, V.: An RRT-based algorithm for testing and validating multi-robot controllers. In: Robotics: Science & Systems, Boston, MA (2005) 249-256
  11. Nahhal, T., Dang, T.: Test coverage for continuous and hybrid systems. In: Intl Conf on Computer Aided Verification. LNCS (2007) 4590:449-462
  12. Plaku, E., Kavraki, L.E., Vardi, M.Y.: Hybrid systems: From verification to falsifi- cation. In: Intl Conf on Computer Aided Verification. LNCS (2007) 4590:468-481
  13. Plaku, E., Kavraki, L.E., Vardi, M.Y.: Hybrid systems: From verification to fal- sification by combining motion planning and discrete search. Formal Methods in System Design (2008)
  14. Copty, F., Fix, L., Fraer, R., Giunchiglia, E., Kamhi, G., Tacchella, A., Vardi, M.: Benefits of bounded model checking at an industrial setting. In: Intl Conf on Computer Aided Verification. LNCS (2001) 2102:436-453
  15. LaValle, S.M., Kuffner, J.J.: Randomized kinodynamic planning. Intl J of Robotics Research 20(5) (2001) 378-400
  16. Clarke, E., Grumberg, O., Peled, D.: Model Checking. MIT Press (1999)
  17. Behrmann, G., David, A., Larsen, K.G., Möller, O., Pettersson, P., Yi, W.: Uppaal present and future. In: Conf on Decision & Control, Orlando, FL (2001) 2881-2886
  18. Fainekos, G.E., Kress-Gazit, H., Pappas, G.: Temporal logic motion planning for mobile robots. In: IEEE Intl Conf on Robotics & Automation, Barcelona, Spain (2005) 2020-2025
  19. Batt, G., Belta, C., Weiss, R.: Temporal logic analysis of gene networks under parameter uncertainty. IEEE Trans of Automatic Control 53 (2008) 215-229
  20. Damm, W., Pinto, G., Ratschan, S.: Guaranteed termination in the verification of LTL properties of non-linear robust discrete time hybrid systems. Intl J of Foun- dations of Computer Science 18(1) (2007) 63-86
  21. Kupferman, O., Vardi, M.: Model checking of safety properties. Formal methods in System Design 19(3) (2001) 291-314
  22. Armoni, R., Egorov, S., Fraer, R., Korchemny, D., Vardi, M.: Efficient LTL com- pilation for SAT-based model checking. In: Intl Conf on Computer-Aided Design, San Jose, CA (2005) 877-884
  23. Sistla, A.: Safety, liveness and fairness in temporal logic. Formal Aspects of Com- puting 6 (1994) 495-511
  24. Choset, H., Lynch, K.M., Hutchinson, S., Kantor, G., Burgard, W., Kavraki, L.E., Thrun, S.: Principles of Robot Motion: Theory, Algorithms, and Implementations. MIT Press, Cambridge, MA (2005)
  25. LaValle, S.M.: Planning Algorithms. Cambridge University Press, MA (2006)
  26. Esposito, J., Kumar, V., Pappas, G.: Accurate event detection for simulation of hybrid systems. In: Hybrid Systems: Computation&Control. LNCS (2001) 204-217
  27. Julius, A.A., Fainekos, G.E., Anand, M., Lee, I., Pappas, G.J.: Robust test genera- tion and coverage for hybrid systems. In: Hybrid Systems: Computation & Control. LNCS (2007) 4416:329-342
  28. Plaku, E., Kavraki, L.E., Vardi, M.Y.: Discrete search leading continuous explo- ration for kinodynamic motion planning. In: Robotics: Science & Systems, Atlanta, GA (2007)
  29. Fehnker, A., Ivancic, F.: Benchmarks for hybrid systems verification. In: Hybrid Systems: Computation & Control. LNCS (2004) 2993:326-341
  30. Latvala, T.: Efficient model checking of safety properties. In: Model Checking Soft- ware. LNCS (2003) 2648:74-88
  31. Ladd, A.M.: Motion Planning for Physical Simulation. PhD thesis, Rice University, Houston, TX (2006)

Related papers

Symbolic Control of Hybrid Systems from Signal Temporal Logic Specifications
Rafael Rodrigues da Silva

Guidance, Navigation and Control

In safety-critical systems, it is desirable to automatically synthesize controllers for complex tasks with guaranteed safety and correctness. Although much progress has been made through controller synthesis from temporal logic specifications, existing approaches generally require conservative assumptions and do not scale well with system dimensionality. We propose a scalable, provably complete algorithm that synthesizes continuous trajectories for hybrid systems to satisfy temporal logic specifications. Specifically, we harness highly efficient Boolean satisfiability (SAT) and Linear Programming (LP) solvers to find trajectories that satisfy non-convex Signal Temporal Logic (STL) specifications for a class of high dimensional hybrid systems. The proposed design algorithms are proven sound and complete, and are validated in simulation experiments.

View PDFchevron_right
Falsification of hybrid systems using symbolic reachability and trajectory splicing
rajarshi ray

Proceedings of the 22nd ACM International Conference on Hybrid Systems: Computation and Control, 2019

The falsification of a hybrid system aims at finding trajectories that violate a given safety property. This is a challenging problem, and the practical applicability of current falsification algorithms still suffers from their high time complexity. In contrast to falsification, verification algorithms aim at providing guarantees that no such trajectories exist. Recent symbolic reachability techniques are capable of efficiently computing linear constraints that enclose all trajectories of the system with reasonable precision. In this paper, we leverage the power of symbolic reachability algorithms to improve the scalability of falsification techniques. Recent approaches to falsification reduce the problem to a nonlinear optimization problem. We propose to reduce the search space of the optimization problem by adding linear state constraints obtained with a reachability algorithm. We showcase the efficiency of our approach on a number of standard hybrid systems benchmarks demonstrati...

View PDFchevron_right
Probably Approximate Safety Verification of Hybrid Dynamical Systems
Martin Fränzle

2019

In this paper we present a method based on linear programming that facilitates reliable safety verification of hybrid dynamical systems subject to perturbation inputs over the infinite time horizon. The verification algorithm applies the probably approximately correct (PAC) learning framework and consequently can be regarded as statistically formal verification in the sense that it provides formal safety guarantees expressed using error probabilities and confidences. The safety of hybrid systems in this framework is verified via the computation of so-called PAC barrier certificates, which can be computed by solving a linear programming problem. Based on scenario approaches, the linear program is constructed by a family of independent and identically distributed state samples. In this way we can conduct verification of hybrid dynamical systems that existing methods are not capable of dealing with. Some preliminary experiments demonstrate the performance of our approach.

View PDFchevron_right
Bounded Model Checking of Hybrid Dynamical Systems
George Pappas

Proceedings of the 44th IEEE Conference on Decision and Control, 2005

Bounded model checking (BMC) has recently emerged as a very powerful methodology for the verification of purely discrete systems. Given a horizon of interest, bounded model checking verifies whether all finite-horizon trajectories satisfy a temporal logic formula by first translating the problem to a large satisfiability SAT-problem and then relying on extremely powerful state-of-the art SAT-solvers for a counterexample or a certification of safety. In this paper we consider the problem of bounded model checking for a general class of discrete-time hybrid systems. Critical to our approach is the abstraction of continuous trajectories under discrete observations with a purely discrete system that captures the same discrete sequences. Bounded model checking can then be applied to the purely discrete, abstracted system. The performance of our approach is illustrated by verifying temporal properties of a hybrid model of an electronic height controller.

View PDFchevron_right
Hybrid systems: from verification to falsification by combining motion planning and discrete search
Moshe Vardi

2009

Abstract We propose HyDICE, Hybrid Discrete Continuous Exploration, a multi-layered approach for hybrid-system falsification that combines motion planning with discrete search and discovers safety violations by computing witness trajectories to unsafe states. The discrete search uses discrete transitions and a state-space decomposition to guide the motion planner during the search for witness trajectories.

View PDFchevron_right

Related topics

  • Computational Method
  • Robot Motion Planning

    • Cited by

    Robot motion planning with task specifications via regular languages
    Erion Plaku

    Robotica, 2015

    SUMMARY This paper presents an efficient approach for planning collision-free and dynamically feasible trajectories that enable a mobile robot to carry out tasks specified as regular languages over workspace regions. A sampling-based tree search is conducted over the feasible motions and over an abstraction obtained by combining the automaton representing the regular language with a workspace decomposition. The abstraction is used to partition the motion tree into equivalence classes and estimate the feasibility of reaching accepting automaton states from these equivalence classes. The partition is continually refined to discover new ways to expand the search. Comparisons to related work show significant speedups.

    View PDFchevron_right
    Motion planning with temporal-logic specifications: Progress and challenges
    Erion Plaku

    AI Communications, 2015

    Integrating task and motion planning is becoming increasingly important due to the recognition that a growing number of robotics applications in navigation, search-and-rescue missions, manipulation, and medicine involve reasoning with both discrete abstractions and continuous motions. The problem poses unique computational challenges: a vast hybrid discrete/continuous space must be searched while accounting for complex geometries, motion dynamics, collision avoidance, and temporal goals. This paper takes the position that continued progress relies on integrative approaches that bring together techniques from robotics and AI. In this context, the paper examines robot motion planning with temporal-logic specifications and discusses open challenges and directions for future research. The paper aims to promote a continuing dialog between robotics and AI communities.

    View PDFchevron_right
    Model checking and abstract interpretation as building blocks of advanced program analysis techniques
    Anna Philippou

    International Journal on Software Tools for Technology Transfer, 2013

    View PDFchevron_right
    580 California St., Suite 400
    San Francisco, CA, 94104
    © 2025 Academia. All rights reserved