coasterx a case study in component driven hybrid systems
play

CoasterX: A Case Study in Component-Driven Hybrid Systems Proof - PowerPoint PPT Presentation

Mar 08, 2023 •219 likes •889 views

CoasterX: A Case Study in Component-Driven Hybrid Systems Proof Automation Based on ADHS 18 [BLCP18] Brandon Bohrer (joint work with Adriel Luo, Xuean Chuang, Andr e Platzer) Logical Systems Lab Computer Science Department Carnegie

  1. CoasterX: A Case Study in Component-Driven Hybrid Systems Proof Automation Based on ADHS ’18 [BLCP18] Brandon Bohrer (joint work with Adriel Luo, Xuean Chuang, Andr´ e Platzer) Logical Systems Lab Computer Science Department Carnegie Mellon University Speaking Skills, Mar 26 2018 1 / 49

  2. Outline 1 Motivation 2 Approach 3 Modeling and Verification Background: d L Identifying Assumptions Formal Specification Formal Verification 4 Evaluation 5 Future Work and Conclusion 2 / 49

  3. Roller Coasters are Safety-Critical Systems Top Thrill Steel Phantom Mindbender [BLCP18] Joker’s Jinx Phantom’s Revenge Fujin Raijin II Rollback Head Injury Derailment 3 / 49

  4. Formal Proofs in d L Ensure Safe Designs [BLCP18] Top Thrill Steel Phantom Mindbender Rollback Head Injury Derailment ⇓ Pre → [ phys ] Post Identify: • Notion of safety Post ( acc < acc hi ) 4 / 49

  5. Formal Proofs in d L Ensure Safe Designs [BLCP18] Top Thrill Steel Phantom Mindbender Rollback Head Injury Derailment ⇓ Pre → [ phys ] Post Identify: • Notion of safety Post ( acc < acc hi ) • Safe conditions Pre ( v = v 0 ) 4 / 49

  6. Formal Proofs in d L Ensure Safe Designs [BLCP18] Top Thrill Steel Phantom Mindbender Rollback Head Injury Derailment ⇓ Pre → [ phys ] Post Identify: • Notion of safety Post ( acc < acc hi ) • Safe conditions Pre ( v = v 0 ) Verify physical environment design phys ( { x ′ = . . . , y ′ = . . . } ) 4 / 49

  7. Design Verification Supplements Simulation Simulations typically used today [XXLY12, Wei15] Approach Pro Con Simulate Rich dynamics, easy Low rigor+precision Verify High rigor+precision Simple dynamics, hard 5 / 49

  8. Verifying Physical Designs is a Challenge • How do we verify models at scale? • How do we make verification accessible to non-experts? 6 / 49

  9. Verifying Environment Designs is Important ⇓ 7 / 49

  10. Outline 1 Motivation 2 Approach 3 Modeling and Verification Background: d L Identifying Assumptions Formal Specification Formal Verification 4 Evaluation 5 Future Work and Conclusion 8 / 49

  11. Component-Driven Proof Automation Enables Design Verification KeYmaera X Prover Core d L fml. GUI Builder (1700 Lines) CoasterX [FMQ + 15] Backend Component d L pf. model Goal Solution Accessible High-level graphical modeling 9 / 49

  12. Component-Driven Proof Automation Enables Design Verification KeYmaera X Prover Core d L fml. GUI Builder (1700 Lines) CoasterX [FMQ + 15] Backend Component d L pf. model Goal Solution Accessible High-level graphical modeling Rigorous Formal proof checked by small prover core 9 / 49

  13. Component-Driven Proof Automation Enables Design Verification KeYmaera X Prover Core d L fml. GUI Builder (1700 Lines) CoasterX [FMQ + 15] Backend Component d L pf. model Goal Solution Accessible High-level graphical modeling Rigorous Formal proof checked by small prover core Scalable Proof scales by exploiting component structure 9 / 49

  14. Track Sections are Components for Coasters Generic Component 10 / 49

  15. Track Sections are Components for Coasters Generic Component � � � Automatic Composition 10 / 49

  16. Track Sections are Components for Coasters Generic Component � � � Automatic Composition 11 / 49

  17. Track Sections are Components for Coasters Generic Component � � � Automatic Composition 12 / 49

  18. Track Sections are Components for Coasters Generic Component � � � Automatic Composition 13 / 49

  19. Track Sections are Components for Coasters Generic Component � � � Automatic Composition 14 / 49

  20. Outline 1 Motivation 2 Approach 3 Modeling and Verification Background: d L Identifying Assumptions Formal Specification Formal Verification 4 Evaluation 5 Future Work and Conclusion 15 / 49

  21. Outline 1 Motivation 2 Approach 3 Modeling and Verification Background: d L Identifying Assumptions Formal Specification Formal Verification 4 Evaluation 5 Future Work and Conclusion 16 / 49

  22. Background: d L Formulas P , Q ::= P ∧ Q | ¬ P | ∀ xP | ∃ xP | θ 1 ≥ θ 2 | [ α ] P | � α � P Example: Pre → [ phys ] Post Construct Meaning P ∧ Q , ¬ P Classical propositional connectives 17 / 49

  23. Background: d L Formulas P , Q ::= P ∧ Q | ¬ P | ∀ xP | ∃ xP | θ 1 ≥ θ 2 | [ α ] P | � α � P Example: Pre → [ phys ] Post Construct Meaning P ∧ Q , ¬ P Classical propositional connectives ∀ x P , ∃ x P First-order real quantifiers θ 1 ≥ θ 2 Real arithmetic comparisons 17 / 49

  24. Background: d L Formulas P , Q ::= P ∧ Q | ¬ P | ∀ xP | ∃ xP | θ 1 ≥ θ 2 | [ α ] P | � α � P Example: Pre → [ phys ] Post Construct Meaning P ∧ Q , ¬ P Classical propositional connectives ∀ x P , ∃ x P First-order real quantifiers θ 1 ≥ θ 2 Real arithmetic comparisons [ α ] P After α runs, P always holds � α � P After α runs, P sometimes holds 17 / 49

  25. Background: Hybrid Programs α, β ::= ? P | x := θ | { x ′ = θ & P } | α ∪ β | α ; β | α ∗ Construct Meaning ? P Assert formula P , else fail 18 / 49

  26. Background: Hybrid Programs α, β ::= ? P | x := θ | { x ′ = θ & P } | α ∪ β | α ; β | α ∗ Construct Meaning ? P Assert formula P , else fail x := θ Assign value of term θ to x 18 / 49

  27. Background: Hybrid Programs α, β ::= ? P | x := θ | { x ′ = θ & P } | α ∪ β | α ; β | α ∗ Construct Meaning ? P Assert formula P , else fail x := θ Assign value of term θ to x { x ′ = θ & P } Evolve x at continuous rate θ 18 / 49

  28. Background: Hybrid Programs α, β ::= ? P | x := θ | { x ′ = θ & P } | α ∪ β | α ; β | α ∗ Construct Meaning ? P Assert formula P , else fail x := θ Assign value of term θ to x { x ′ = θ & P } Evolve x at continuous rate θ Evolution domain constraint P asserted continuously 18 / 49

  29. Background: Hybrid Programs α, β ::= ? P | x := θ | { x ′ = θ & P } | α ∪ β | α ; β | α ∗ Construct Meaning ? P Assert formula P , else fail x := θ Assign value of term θ to x { x ′ = θ & P } Evolve x at continuous rate θ Evolution domain constraint P asserted continuously P must also hold initially (like ? P ) 18 / 49

  30. Background: Hybrid Programs α, β ::= ? P | x := θ | { x ′ = θ & P } | α ∪ β | α ; β | α ∗ Construct Meaning ? P Assert formula P , else fail x := θ Assign value of term θ to x { x ′ = θ & P } Evolve x at continuous rate θ Evolution domain constraint P asserted continuously P must also hold initially (like ? P ) α ∪ β Choose either α or β nondeterministically 18 / 49

  31. Background: Hybrid Programs α, β ::= ? P | x := θ | { x ′ = θ & P } | α ∪ β | α ; β | α ∗ Construct Meaning ? P Assert formula P , else fail x := θ Assign value of term θ to x { x ′ = θ & P } Evolve x at continuous rate θ Evolution domain constraint P asserted continuously P must also hold initially (like ? P ) α ∪ β Choose either α or β nondeterministically α ; β First α then β in any resulting state 18 / 49

  32. Background: Hybrid Programs α, β ::= ? P | x := θ | { x ′ = θ & P } | α ∪ β | α ; β | α ∗ Construct Meaning ? P Assert formula P , else fail x := θ Assign value of term θ to x { x ′ = θ & P } Evolve x at continuous rate θ Evolution domain constraint P asserted continuously P must also hold initially (like ? P ) α ∪ β Choose either α or β nondeterministically α ; β First α then β in any resulting state α ∗ Loop α nondeterministically n ≥ 0 times 18 / 49

  33. Outline 1 Motivation 2 Approach 3 Modeling and Verification Background: d L Identifying Assumptions Formal Specification Formal Verification 4 Evaluation 5 Future Work and Conclusion 19 / 49

  34. Velocity and Acceleration Bounds are Fundamental Rollback Head Injury Derailment 0 < v lo ≤ v | a | ≤ a hi | a | ≤ a hi [AST17] 20 / 49

  35. Tracks are 2D • 2D modeling greatly simplifies GUI • Vertical and horizontal bounds only (no lateral bound) • Ignores banking, wind, roll resistance (1-2%) ⇒ 21 / 49

  36. Acceleration Bound is Conservative Top Thrill Steel Phantom Mindbender Joker’s Jinx Phantom’s Revenge Fujin Raijin II Rollback Head Injury Derailment ( > ) ( < ) ( < ) 22 / 49

  37. Conservative Bound Suffices for Phantom Top Thrill Steel Phantom Mindbender Joker’s Jinx Phantom’s Revenge Fujin Raijin II Rollback Head Injury Derailment ( > ) ( < ) ( < ) 23 / 49

  38. Outline 1 Motivation 2 Approach 3 Modeling and Verification Background: d L Identifying Assumptions Formal Specification Formal Verification 4 Evaluation 5 Future Work and Conclusion 24 / 49

  39. Example √ √ √ phys ≡ {{ x ′ = 2 / 2 v , y ′ = 2 / 2 v , v ′ = − 2 / 2 g & 0 ≤ x ≤ 100 } √ ∪ { x ′ = dx v , y ′ = dy , v ′ = − dy g , dx ′ = − dy v / 100 2 , √ dy ′ = dx v / 100 2 & 100 ≤ x ≤ 200 } √ √ √ ∪ { x ′ = 2 / 2 v , y ′ = − 2 / 2 v , v ′ = 2 / 2 g & 200 ≤ x ≤ 300 }} ∗ 25 / 49

  40. Example phys ≡ {{ Line( . . . ) & 0 ≤ x ≤ 100 } ∪ { Arc( . . . ) & 100 ≤ x ≤ 200 } ∪ { Line( . . . ) & 200 ≤ x ≤ 300 }} ∗ 26 / 49

Recommend

CoasterX: A Case Study in Component-Driven Hybrid Systems Proof Automation Brandon Bohrer (joint

CoasterX: A Case Study in Component-Driven Hybrid Systems Proof Automation Brandon Bohrer (joint

CoasterX: A Case Study in Component-Driven Hybrid Systems Proof Automation Brandon Bohrer (joint work with Adriel Luo, Xuean Chuang, Andr e Platzer) Logical Systems Lab Computer Science Department Carnegie Mellon University ADHS, Jul 7

639 views • 41 slides
HRML: a hybrid relational modelling language He Jifeng + + 2 + Hybrid

HRML: a hybrid relational modelling language He Jifeng + + 2 + Hybrid

1 + HRML: a hybrid relational modelling language He Jifeng + + 2 + Hybrid Systems Systems are composed by continuous physical component and discrete control component The system state evoles over time

968 views • 51 slides
On linear output regulation: data-driven, hybrid, optimal, and more! Sergio Galeani joint work

On linear output regulation: data-driven, hybrid, optimal, and more! Sergio Galeani joint work

On linear output regulation: data-driven, hybrid, optimal, and more! Sergio Galeani joint work with (data-driven) D. Carnevale, M. Sassano, A. Serrani HYBRID DYNAMICAL SYSTEMS: OPTIMIZATION, STABILITY AND APPLICATIONS, Trento, January 9-11,

419 views • 31 slides
A systems re-engineering case study Programming robots with occam and Handel-C Dan Slipper

A systems re-engineering case study Programming robots with occam and Handel-C Dan Slipper

A systems re-engineering case study Programming robots with occam and Handel-C Dan Slipper Supervisors: Alistair A. McEwan Wilson Ifill AWE 1 The Problem 2 Re-engineering Platform Independent Model Legacy System Replacement Component

349 views • 31 slides
How to Generate Worst-Case Crisp Case Scenarios When Testing Component-Wise . . . Applying the

How to Generate Worst-Case Crisp Case Scenarios When Testing Component-Wise . . . Applying the

Traditional Systems . . . Systems of Systems Specific Example Need for Generating . . . How to Generate Worst-Case Crisp Case Scenarios When Testing Component-Wise . . . Applying the . . . Already Deployed Systems Algorithm: Next . . .

234 views • 21 slides
Hybrid MPI - A Case Study on the Xeon Phi Platform Udayanga Wickramasinghe Center for Research on

Hybrid MPI - A Case Study on the Xeon Phi Platform Udayanga Wickramasinghe Center for Research on

Hybrid MPI - A Case Study on the Xeon Phi Platform Udayanga Wickramasinghe Center for Research on Extreme Scale Technologies (CREST) Indiana University Greg Bronevetsky Lawrence Livermore National Laboratory Andrew Friedley Intel Corporation

571 views • 42 slides
Case study 2 Case study 2 Case study 2 Case study 2 Former Industrial Site, London: How has

Case study 2 Case study 2 Case study 2 Case study 2 Former Industrial Site, London: How has

Case study 2 Case study 2 Case study 2 Case study 2 Former Industrial Site, London: How has innovation helped to produce a cost effective remedial design? Challenging contaminant profile Taken a traditional / well understood remedial

912 views • 4 slides
BENEFITS OF HYBRID ENERGY STORAGE SYSTEMS COMBINING LITHIUM-ION AND VRLA BATTERIES

BENEFITS OF HYBRID ENERGY STORAGE SYSTEMS COMBINING LITHIUM-ION AND VRLA BATTERIES

BENEFITS OF HYBRID ENERGY STORAGE SYSTEMS COMBINING LITHIUM-ION AND VRLA BATTERIES www.hoppecke.com HOPPECKE 1 BENEFITS OF HYBRID ENERGY STORAGE SYSTEMS What is an energy storage system? Application: Frequency Response Case Study at

432 views • 22 slides
Demystifying the Characteristics of 3D-Stacked Memories: A Case Study for the Hybrid Memory Cube

Demystifying the Characteristics of 3D-Stacked Memories: A Case Study for the Hybrid Memory Cube

Demystifying the Characteristics of 3D-Stacked Memories: A Case Study for the Hybrid Memory Cube (HMC) , BaharAsgari, Burhan Ahmad Mudassar, SaibalMukhopadhyay, SudhakarYalamanchili, and HyesoonKim IISWC17 Talk Memory Evolution 2

563 views • 54 slides
Community-Driven Pipeline Safety : A Case Study from

Community-Driven Pipeline Safety : A Case Study from

NASHUA REGIONAL PLANNING COMMISSION Community-Driven Pipeline Safety : A Case Study from the Nashua, NH Region Pipeline Safety Trust 2016 Annual Conference

475 views • 16 slides
SiPINTAR - A Case Study of Hybrid Product between Asuransiku (Micro Insurance) and Emasku (Micro

SiPINTAR - A Case Study of Hybrid Product between Asuransiku (Micro Insurance) and Emasku (Micro

SiPINTAR - A Case Study of Hybrid Product between Asuransiku (Micro Insurance) and Emasku (Micro Investment) as Part of National Strategy for Financial Inclusion in Indonesia Jakub Nugraha Micro Insurance Division and Agriculture Insurance Dept

618 views • 25 slides
Automated synthesis of reliable and efficient systems through game theory: a case study Mickael

Automated synthesis of reliable and efficient systems through game theory: a case study Mickael

Automated synthesis of reliable and efficient systems through game theory: a case study Mickael Randour UMONS - University of Mons 03.09.2012 European Conference on Complex Systems Context Case study Final words Background I must confess.

606 views • 56 slides
COMPONENT DRIVEN DESIGN AND DEVELOPMENT Cristina Chumillas CRISTINA CHUMILLAS @chumillas ckrina

COMPONENT DRIVEN DESIGN AND DEVELOPMENT Cristina Chumillas CRISTINA CHUMILLAS @chumillas ckrina

COMPONENT DRIVEN DESIGN AND DEVELOPMENT Cristina Chumillas CRISTINA CHUMILLAS @chumillas ckrina / Designer and frontend developer at Ymbra WHAT ARE WE GOING TO TALK ABOUT Components Design Systems CSS Methodologies Styles Guides In

809 views • 66 slides
Global Information Systems The Case Study: Development of an Asian-European Business Portal

Global Information Systems The Case Study: Development of an Asian-European Business Portal

Global Information Systems The Case Study: Development of an Asian-European Business Portal Henri Pirkkalainen, Prof. Dr. Jan M. Pawlowski 09.09.2013 Contents Introduction Case Study Contents of the case study The process of the

693 views • 21 slides
A hybrid LCA methodology to assess the environmental footprint of a territory - A french case

A hybrid LCA methodology to assess the environmental footprint of a territory - A french case

A hybrid LCA methodology to assess the environmental footprint of a territory - A french case study Aurlie Gallice 1 , Sverine Mehier 1 , Fanny Tarrise-Vicard 1 , Sbastjen Worbe 1 1 VEOLIA Research &amp; Innovatjon, Maison-Laffjtue, France

249 views • 14 slides
CIS 4930/6930: Principles of Cyber-Physical Systems Chapter 4: Hybrid Systems - Hybrid Automata

CIS 4930/6930: Principles of Cyber-Physical Systems Chapter 4: Hybrid Systems - Hybrid Automata

CIS 4930/6930: Principles of Cyber-Physical Systems Chapter 4: Hybrid Systems - Hybrid Automata Hao Zheng Department of Computer Science and Engineering University of South Florida Ref.: An Introduction to Hybrid Automata

623 views • 41 slides
1/31/2007 Massachusetts Institute of Technology Context Hybrid Systems Hybrid

1/31/2007 Massachusetts Institute of Technology Context Hybrid Systems Hybrid

1/31/2007 Massachusetts Institute of Technology Context Hybrid Systems Hybrid discrete-continuous models are convenient for many systems Active Estimation for Switching Failure-prone components (Funiak03, Dearden02) Piloted

418 views • 7 slides
Comparing Hybrid Peer-to-Peer Hybrid peer-to-peer systems Systems Beverly Yang and Hector

Comparing Hybrid Peer-to-Peer Hybrid peer-to-peer systems Systems Beverly Yang and Hector

Comparing Hybrid Peer-to-Peer Hybrid peer-to-peer systems Systems Beverly Yang and Hector Garcia-Molina Pure peer-to-peer systems are hard to scale Gnutella Look at hybrids between p2p and server-client Presented by Marco Barreno Servers

283 views • 6 slides
A Choreography-Driven Approach to APIs: The OpenDXL Case Study Leonardo Frittelli @ McAfee,

A Choreography-Driven Approach to APIs: The OpenDXL Case Study Leonardo Frittelli @ McAfee,

A Choreography-Driven Approach to APIs: The OpenDXL Case Study Leonardo Frittelli @ McAfee, Cordoba, AR Facundo Maldonado @ McAfee, Cordoba, AR Hern an Melgratti @ UBA, AR Emilio Tuosto @ GSSI, IT &amp; UoL, UK Coordination 2020 15-20 July

603 views • 37 slides
MODELING OF MODELING OF HYBRID SYSTEMS HYBRID SYSTEMS C. G. Cassandras C. G. Cassandras Dept.

MODELING OF MODELING OF HYBRID SYSTEMS HYBRID SYSTEMS C. G. Cassandras C. G. Cassandras Dept.

MODELING OF MODELING OF HYBRID SYSTEMS HYBRID SYSTEMS C. G. Cassandras C. G. Cassandras Dept. of Manufacturing Engineering and Center for Information and Systems Engineering (CISE) Boston University cgc@bu.edu http://vita.bu.edu/cgc CODES

448 views • 25 slides
A Numerical Framework and Benchmark Case study for Muti-modal Fuel Efficient Aircraft Conflict

A Numerical Framework and Benchmark Case study for Muti-modal Fuel Efficient Aircraft Conflict

Introduction Hybrid Optimal control Case Study Summary and Future Work The end A Numerical Framework and Benchmark Case study for Muti-modal Fuel Efficient Aircraft Conflict Avoidance Manuel Soler, Maryam Kamgarpour, and John Lygeros

1.71k views • 94 slides
Modeling Analysis and Design of Hybrid Control Systems Part I Zeno/Chatter-free Systems

Modeling Analysis and Design of Hybrid Control Systems Part I Zeno/Chatter-free Systems

Modeling Analysis and Design of Hybrid Control Systems Part I Zeno/Chatter-free Systems Joo P. Hespanha University of California at Santa Barbara Outline 1. Deterministic hybrid systems 2. Stochastic hybrid systems 3. Switched

617 views • 43 slides
Identification of Hybrid Systems Identification of Hybrid Systems Therefore, a model must be

Identification of Hybrid Systems Identification of Hybrid Systems Therefore, a model must be

Goal Goal Sometimes a hybrid model of the process (or of a part of it) cannot be derived manually from available knowledge. Identification of Hybrid Systems Identification of Hybrid Systems Therefore, a model must be either

151 views • 12 slides
GUI Basics and Windowing Systems Using X Windows as a case study 1 CS 349: Windowing Systems CS

GUI Basics and Windowing Systems Using X Windows as a case study 1 CS 349: Windowing Systems CS

GUI Basics and Windowing Systems Using X Windows as a case study 1 CS 349: Windowing Systems CS 349: Windowing Systems 2 Evolution of GUIs Apple Macintosh (1984) Xero Star (1981) Inspired by Xerox PARC Developed at Xerox PARC Not

814 views • 37 slides

More recommend