deductive verification of hybrid systems
play

Deductive Verification Of Hybrid Systems Lectures on Formal Methods - PowerPoint PPT Presentation

Nov 26, 2023 •143 likes •986 views

Deductive Verification Of Hybrid Systems Lectures on Formal Methods for Cyber-Physical Systems SOKENDAI, 07/29/19 Jrmy Dubut National Institute of Informatics Japanese-French Laboratory of Informatics Objectives of this lecture

  1. Deductive Verification Of Hybrid Systems Lectures on Formal Methods for Cyber-Physical Systems SOKENDAI, 07/29/19 Jérémy Dubut National Institute of Informatics Japanese-French Laboratory of Informatics

  2. Objectives of this lecture • Deductive system to prove invariants of hybrid systems • Representability of HS (hybrid programs) • Platzer’s Di ff erential Dynamic Logic • Sequent calculus for this logic

  3. References • T. A. Henzinger, The Theory of Hybrid Automata, Verification of 
 Digital and Hybrid Systems, volume 170 of the NATO ASI Series , 
 pp 265-292. Springer, 2000. • A. Platzer’s group. http://symbolaris.com • A. Platzer, Logical Foundations of Cyber-Physical Systems. 
 Springer, 2018. • J. Kol č ák, I. Hasuo, J. Dubut, S. Katsumata, D. Sprunger, 
 A. Yamada, Relational Di ff erential Dynamic Logic. Preprint 
 arXiv:1903.00153.

  4. Recap’ on hybrid automata A hybrid automaton is: o ff · x ≥ T x = − 0.1 x T ∈ [15,30] x ≥ T − 2 c ∈ {1,2,3} x > T + 1 turn x < T − 1 turn on o ff c ∈ {1,2,3} T ∈ [15,30] on · x ≤ T x = 4 c − 0.1 x T ∈ [15,30] x ≤ T + 2 c ∈ {1,2,3} Thermostat system

  5. Recap’ on hybrid automata A hybrid automaton is: o ff • a set M of modes · x ≥ T x = − 0.1 x T ∈ [15,30] x ≥ T − 2 c ∈ {1,2,3} M = {on, off} x > T + 1 turn x < T − 1 turn on o ff c ∈ {1,2,3} T ∈ [15,30] on · x ≤ T x = 4 c − 0.1 x T ∈ [15,30] x ≤ T + 2 c ∈ {1,2,3} Thermostat system

  6. Recap’ on hybrid automata A hybrid automaton is: o ff • a set M of modes · x ≥ T x = − 0.1 x • a set V of variables T ∈ [15,30] x ≥ T − 2 c ∈ {1,2,3} V = {x, c, T} x > T + 1 turn x < T − 1 turn on o ff c ∈ {1,2,3} T ∈ [15,30] on · x ≤ T x = 4 c − 0.1 x T ∈ [15,30] x ≤ T + 2 c ∈ {1,2,3} Thermostat system

  7. Recap’ on hybrid automata A hybrid automaton is: o ff • a set M of modes · x ≥ T x = − 0.1 x • a set V of variables • a set E of events T ∈ [15,30] x ≥ T − 2 c ∈ {1,2,3} x > T + 1 turn x < T − 1 turn E = {turn on, turn off} on o ff c ∈ {1,2,3} T ∈ [15,30] on · x ≤ T x = 4 c − 0.1 x T ∈ [15,30] x ≤ T + 2 c ∈ {1,2,3} Thermostat system

  8. Recap’ on hybrid automata A hybrid automaton is: o ff • a set M of modes · x ≥ T x = − 0.1 x • a set V of variables • a set E of events T ∈ [15,30] • source and target functions x ≥ T − 2 c ∈ {1,2,3} s , t : E ⟶ M x > T + 1 turn x < T − 1 turn on o ff c ∈ {1,2,3} s(turn off) = on T ∈ [15,30] s(turn on) = off t(turn off) = off on t(turn on) = on · x ≤ T x = 4 c − 0.1 x T ∈ [15,30] x ≤ T + 2 c ∈ {1,2,3} Thermostat system

  9. Recap’ on hybrid automata A hybrid automaton is: o ff • a set M of modes · x ≥ T x = − 0.1 x • a set V of variables • a set E of events T ∈ [15,30] • source and target functions x ≥ T − 2 c ∈ {1,2,3} s , t : E ⟶ M • for every mode m, a flow function x > T + 1 turn x < T − 1 turn F m : ℝ V × ℝ ⟶ ℝ V on o ff c ∈ {1,2,3} T ∈ [15,30] F off ( x , c , T , t ) = ( − 0.1 x ,0,0) on · x ≤ T x = 4 c − 0.1 x T ∈ [15,30] x ≤ T + 2 c ∈ {1,2,3} F on ( x , c , T , t ) = (4 c − 0.1 x ,0,0) Thermostat system

  10. Recap’ on hybrid automata A hybrid automaton is: o ff • a set M of modes · x ≥ T x = − 0.1 x • a set V of variables • a set E of events T ∈ [15,30] • source and target functions x ≥ T − 2 c ∈ {1,2,3} s , t : E ⟶ M • for every mode m, a flow function x > T + 1 turn x < T − 1 turn F m : ℝ V × ℝ ⟶ ℝ V on o ff c ∈ {1,2,3} T ∈ [15,30] F off ( x , c , T , t ) = ( − 0.1 x ,0,0) on · x ≤ T x = 4 c − 0.1 x x ( t ) = cst exp( − 0.1 t ) c = cst , T = cst T ∈ [15,30] x ≤ T + 2 c ∈ {1,2,3} F on ( x , c , T , t ) = (4 c − 0.1 x ,0,0) Thermostat system x ( t ) = 40 c + cst exp( − 0.1 t ) c = cst , T = cst

  11. Recap’ on hybrid automata A hybrid automaton is: o ff • a set M of modes · x ≥ T x = − 0.1 x • a set V of variables • a set E of events T ∈ [15,30] • source and target functions x ≥ T − 2 c ∈ {1,2,3} s , t : E ⟶ M • for every mode m, a flow function x > T + 1 turn x < T − 1 turn F m : ℝ V × ℝ ⟶ ℝ V on o ff • for every mode m, an invariant predicate c ∈ {1,2,3} I m ⊆ ℝ V T ∈ [15,30] on · I off = {( x , c , T ) ∣ x ≥ T − 2} x ≤ T x = 4 c − 0.1 x T ∈ [15,30] x ≤ T + 2 c ∈ {1,2,3} I on = {( x , c , T ) ∣ x ≤ T + 2} Thermostat system

  12. Recap’ on hybrid automata A hybrid automaton is: o ff • a set M of modes · x ≥ T x = − 0.1 x • a set V of variables • a set E of events T ∈ [15,30] • source and target functions x ≥ T − 2 c ∈ {1,2,3} s , t : E ⟶ M • for every mode m, a flow function x > T + 1 turn x < T − 1 turn F m : ℝ V × ℝ ⟶ ℝ V on o ff • for every mode m, an invariant predicate c ∈ {1,2,3} I m ⊆ ℝ V T ∈ [15,30] • for every event e, a guard predicate G e ⊆ ℝ V on · x ≤ T x = 4 c − 0.1 x T ∈ [15,30] x ≤ T + 2 G turn off = {( x , c , T ) ∣ x > T + 1} c ∈ {1,2,3} Thermostat system G turn on = {( x , c , T ) ∣ x < T − 1}

  13. Recap’ on hybrid automata A hybrid automaton is: o ff • a set M of modes · x ≥ T x = − 0.1 x • a set V of variables • a set E of events T ∈ [15,30] • source and target functions x ≥ T − 2 c ∈ {1,2,3} s , t : E ⟶ M • for every mode m, a flow function x > T + 1 turn x < T − 1 turn F m : ℝ V × ℝ ⟶ ℝ V on o ff • for every mode m, an invariant predicate c ∈ {1,2,3} I m ⊆ ℝ V T ∈ [15,30] • for every event e, a guard predicate G e ⊆ ℝ V on • for every event e, a jump relation · J e ⊆ ℝ V × ℝ V x ≤ T x = 4 c − 0.1 x T ∈ [15,30] x ≤ T + 2 c ∈ {1,2,3} J turn off = {( x , c , T , x ′ � , c ′ � , T ′ � ) ∣ x = x ′ � ∧ c = c ′ � ∧ T = T ′ � } Thermostat system J turn on = {( x , c , T , x ′ � , c ′ � , T ′ � ) ∣ x = x ′ � ∧ c ′ � ∈ {1,2,3} ∧ T ′ � ∈ [15,30]}

  14. Recap’ on hybrid automata A hybrid automaton is: o ff • a set M of modes · x ≥ T x = − 0.1 x • a set V of variables • a set E of events T ∈ [15,30] • source and target functions x ≥ T − 2 c ∈ {1,2,3} s , t : E ⟶ M • for every mode m, a flow function x > T + 1 turn x < T − 1 turn F m : ℝ V × ℝ ⟶ ℝ V on o ff • for every mode m, an invariant predicate c ∈ {1,2,3} I m ⊆ ℝ V T ∈ [15,30] • for every event e, a guard predicate G e ⊆ ℝ V on • for every event e, a jump relation · J e ⊆ ℝ V × ℝ V x ≤ T x = 4 c − 0.1 x • for every mode m, an initial predicate T ∈ [15,30] I 0, m ⊆ ℝ V x ≤ T + 2 c ∈ {1,2,3} I 0, off = {( x , c , T ) ∣ x ≥ T ∧ c ∈ {1,2,3} ∧ T ∈ [15,30]} Thermostat system I 0, on = {( x , c , T ) ∣ x ≤ T ∧ c ∈ {1,2,3} ∧ T ∈ [15,30]}

  15. Verification of hybrid systems Goal: prove that the system is not going wrong This means proving some properties on the set of 
 reachable configurations

  16. Configurations of a hybrid automaton A hybrid automaton is: • a set M of modes • a set V of variables • a set E of events A configuration is an element of the form • source and target functions ( m , ω ) ∈ M × ℝ V s , t : E ⟶ M • for every mode m, a flow function F m : ℝ V × ℝ ⟶ ℝ V An initial configuration is a configuration • for every mode m, an invariant predicate such that . ( m , ω ) ω ∈ I 0, m I m ⊆ ℝ V • for every event e, a guard predicate G e ⊆ ℝ V A valid configuration is a configuration • for every event e, a jump relation such that . ( m , ω ) ω ∈ I m J e ⊆ ℝ V × ℝ V • for every mode m, an initial predicate I 0, m ⊆ ℝ V

  17. Example o ff · x ≥ T x = − 0.1 x T ∈ [15,30] x ≥ T − 2 c ∈ {1,2,3} configuration initial valid ( m , x , c , T ) x > T + 1 turn x < T − 1 turn ( o ff ,18,1,20) on o ff c ∈ {1,2,3} ( o ff ,17,2,20) T ∈ [15,30] ( on ,17,2,20) on ( on ,21,1,20) · x ≤ T x = 4 c − 0.1 x T ∈ [15,30] x ≤ T + 2 c ∈ {1,2,3} Thermostat system

  18. Example o ff · x ≥ T x = − 0.1 x T ∈ [15,30] x ≥ T − 2 c ∈ {1,2,3} configuration initial valid ( m , x , c , T ) x > T + 1 turn x < T − 1 turn ( o ff ,18,1,20) No Yes on o ff c ∈ {1,2,3} ( o ff ,17,2,20) No No T ∈ [15,30] ( on ,17,2,20) Yes Yes on ( on ,21,1,20) · No Yes x ≤ T x = 4 c − 0.1 x T ∈ [15,30] x ≤ T + 2 c ∈ {1,2,3} Thermostat system

  19. Discrete transitions of HA A hybrid automaton is: • a set M of modes • a set V of variables • a set E of events • source and target functions Given two valid configurations and s , t : E ⟶ M ( m 1 , ω 1 ) ( m 2 , ω 2 ) • for every mode m, a flow function we have a discrete transition F m : ℝ V × ℝ ⟶ ℝ V ( m 1 , ω 1 ) ⟶ d ( m 2 , ω 2 ) • for every mode m, an invariant predicate if there is an event such that: e ∈ E • and I m ⊆ ℝ V s ( e ) = m 1 t ( e ) = m 2 • • for every event e, a guard predicate ω 1 ∈ G e • G e ⊆ ℝ V ( ω 1 , ω 2 ) ∈ J e • for every event e, a jump relation J e ⊆ ℝ V × ℝ V • for every mode m, an initial predicate I 0, m ⊆ ℝ V

Recommend

Verification of hybrid dynamical systems Jri Vain Tallinn Technical University/Institute of

Verification of hybrid dynamical systems Jri Vain Tallinn Technical University/Institute of

Arvutiteaduse teooriapev Veebruar 2003 Verification of hybrid dynamical systems Jri Vain Tallinn Technical University/Institute of Cybernetics vain@ioc.ee Outline What are Hybrid Systems? Hybrid automata Verification of hybrid

479 views • 30 slides
Verification of Hybrid Systems George Pappas University of Pennsylvania, USA

Verification of Hybrid Systems George Pappas University of Pennsylvania, USA

st 1 HYCON PhD School on Hybrid Systems www.ist-hycon.org www.unisi.it Verification of Hybrid Systems George Pappas University of Pennsylvania, USA pappasg@central.cis.upenn.edu scimanyd suounitnoc enibmoc smetsys dirbyH lacipyt (snoitauqe

526 views • 23 slides
Why3 What is why3? A platform for deductive program verification What is why3? A platform

Why3 What is why3? A platform for deductive program verification What is why3? A platform

Why3 What is why3? A platform for deductive program verification What is why3? A platform for deductive program verification Made by: Franois Bobot Martin Clochard Lon Gondelman Jean-Christophe Fillitre Claude

98 views • 9 slides
Design Verification: Deductive Verification Virendra Singh Associate Professor C omputer A

Design Verification: Deductive Verification Virendra Singh Associate Professor C omputer A

Design Verification: Deductive Verification Virendra Singh Associate Professor C omputer A rchitecture and D ependable S ystems L ab Department of Electrical Engineering Indian Institute of Technology Bombay http://www.ee.iitb.ac.in/~viren/

627 views • 27 slides
An Algorithmic Approach to Global Asymptotic Stability Verification of Hybrid Systems Miriam

An Algorithmic Approach to Global Asymptotic Stability Verification of Hybrid Systems Miriam

An Algorithmic Approach to Global Asymptotic Stability Verification of Hybrid Systems Miriam Garca Soto &amp; Pavithra Prabhakar IMDEA Software Institute &amp; Kansas State University EMSOFT16 Pittsburgh, PA, USA October, 2016 1 Hybrid

574 views • 54 slides
An Algorithmic Approach to Stability Verification of Hybrid Systems: A Summary Miriam Garca Soto

An Algorithmic Approach to Stability Verification of Hybrid Systems: A Summary Miriam Garca Soto

An Algorithmic Approach to Stability Verification of Hybrid Systems: A Summary Miriam Garca Soto Joint work with Pavithra Prabhakar Hybrid system A dynamical system exhibiting a mixed discrete and continuous behavior. Hybrid system A

371 views • 33 slides
Logic as a Tool Chapter 2: Deductive Reasoning in Propositional Logic 2.1 Logical Deductive

Logic as a Tool Chapter 2: Deductive Reasoning in Propositional Logic 2.1 Logical Deductive

Logic as a Tool Chapter 2: Deductive Reasoning in Propositional Logic 2.1 Logical Deductive Systems: an overview Valentin Goranko Stockholm University October 2016 Goranko Deductive systems Goranko Deductive systems Logical consequence:

1.16k views • 28 slides
Algorithmic Verification of Stability of Hybrid Systems Pavithra Prabhakar Kansas State

Algorithmic Verification of Stability of Hybrid Systems Pavithra Prabhakar Kansas State

Algorithmic Verification of Stability of Hybrid Systems Pavithra Prabhakar Kansas State University Mysore Park Workshop Joint work with Miriam Garcia Soto (IMDEA Software Institute, Madrid) February 4, 2016 1 Cyber-Physical Systems (CPS)

1.17k views • 57 slides
Deductive Safety and Liveness Verification for Ordinary Differential Equations Yong Kiam Tan

Deductive Safety and Liveness Verification for Ordinary Differential Equations Yong Kiam Tan

Deductive Safety and Liveness Verification for Ordinary Differential Equations Yong Kiam Tan Computer Science Department, Carnegie Mellon University INRIA, 30th Apr 2020 1 / 34 Motivation: Cyber-Physical Systems (CPSs) Cyber-Physical System:

1.14k views • 89 slides
Verification of Hybrid Systems Using Linear Hybrid Automata Bruce H. Krogh Department of

Verification of Hybrid Systems Using Linear Hybrid Automata Bruce H. Krogh Department of

Verification of Hybrid Systems Using Linear Hybrid Automata Bruce H. Krogh Department of Electrical and Computer Engineering Carnegie Mellon University Carnegie Mellon University Pittsburgh, Pennsylvania USA krogh@ece.cmu.edu g @ 1

1.19k views • 90 slides
Challenges In Deductive Software Verification Reiner Hhnle (with Marieke Huisman, U Twente)

Challenges In Deductive Software Verification Reiner Hhnle (with Marieke Huisman, U Twente)

Challenges In Deductive Software Verification Reiner Hhnle (with Marieke Huisman, U Twente) www.se.tu-darmstadt.de TU Darmstadt, Software Engineering Group Many challenges apply to AD in general Deductive Software Verification

165 views • 15 slides
Deductive Program Verification with W HY 3 Andrei Paskevich LRI, Universit Paris-Sud

Deductive Program Verification with W HY 3 Andrei Paskevich LRI, Universit Paris-Sud

Deductive Program Verification with W HY 3 Andrei Paskevich LRI, Universit Paris-Sud Toccata, Inria Saclay JCP 2016 1. A short look back 2 / 100 Introduction Software is hard. D ONALD K NUTH ... 1996: Ariane 5 explosion an

1.13k views • 100 slides
Verification of Hybrid Controlled Processing Systems based on Decomposition and Deduction Goran

Verification of Hybrid Controlled Processing Systems based on Decomposition and Deduction Goran

Verification of Hybrid Controlled Processing Systems based on Decomposition and Deduction Goran Frehse Olaf Stursberg Sebastian Engell Process Control Laboratory, University of Dortmund, Germany Ralf Huuck Ben Lukoschus * Chair of

545 views • 18 slides
Verification and Qualitative analysis of hybrid systems: dimension 2 Joint work with Gerardo

Verification and Qualitative analysis of hybrid systems: dimension 2 Joint work with Gerardo

Verification and Qualitative analysis of hybrid systems: dimension 2 Joint work with Gerardo Schneider, Sergio Yovine and Gordon Pace Eugene Asarin VERIMAG AS - Paris - 27/06/02 p.1/38 Outline Motivation and Context SPDI -

626 views • 59 slides
A CEGAR Approach for Stability Verification of Linear Hybrid Systems Miriam Garca Soto

A CEGAR Approach for Stability Verification of Linear Hybrid Systems Miriam Garca Soto

A CEGAR Approach for Stability Verification of Linear Hybrid Systems Miriam Garca Soto Co-authored work with Pavithra Prabhakar DARS 2017 1 Cyber-Physical Systems (CPSs) Systems in which software &quot;cyber&quot; interacts with the

529 views • 42 slides
Logic as a Tool Chapter 2: Deductive Reasoning in Propositional Logic 2.1 Logical Deductive

Logic as a Tool Chapter 2: Deductive Reasoning in Propositional Logic 2.1 Logical Deductive

Logic as a Tool Chapter 2: Deductive Reasoning in Propositional Logic 2.1 Logical Deductive Systems: an overview Valentin Goranko Stockholm University October 2016 Goranko Deductive systems Logical consequence: A 1 , . . . , A n C

70 views • 5 slides
AVERIST Algorithmic Verifier for Stability of Linear Hybrid Systems Miriam Garca Soto and

AVERIST Algorithmic Verifier for Stability of Linear Hybrid Systems Miriam Garca Soto and

AVERIST Algorithmic Verifier for Stability of Linear Hybrid Systems Miriam Garca Soto and Pavithra Prabhakar HSCC, April 2018 AVERIST Formal stability verification of hybrid systems Classes considered: polyhedral hybrid systems (

846 views • 38 slides
Modeling and Verification of Real-time/Hybrid/Cyber-Physical Systems via Concurrent Co-inductive

Modeling and Verification of Real-time/Hybrid/Cyber-Physical Systems via Concurrent Co-inductive

Motivation Background Contribution Summary Modeling and Verification of Real-time/Hybrid/Cyber-Physical Systems via Concurrent Co-inductive Constraint Logic Programming Neda Saeedloei Department of Computer Science University of Texas at

929 views • 77 slides
Invariant-Based Verification and Synthesis for Hybrid Systems Naijun Zhan Institute of Software,

Invariant-Based Verification and Synthesis for Hybrid Systems Naijun Zhan Institute of Software,

Invariant-Based Verification and Synthesis for Hybrid Systems Naijun Zhan Institute of Software, Chinese Academy of Sciences (Joint work with Hengjun Zhao, Jiang Liu, Deepak Kapur, Kim G. Larsen, Liang Zou, etc.) IFIP WG 2.2 Scientific

649 views • 40 slides
Deductive Program Verification with W HY 3 Andrei Paskevich LRI, Universit Paris-Sud

Deductive Program Verification with W HY 3 Andrei Paskevich LRI, Universit Paris-Sud

Deductive Program Verification with W HY 3 Andrei Paskevich LRI, Universit Paris-Sud Toccata, Inria Saclay http://why3.lri.fr/ejcp-2019 JCP 2019 Software is hard. D ONALD K NUTH 2 / 171 Ensure the absence of bugs Several

2k views • 171 slides
Towards Deductive Compilation: Implementing a Partial Evaluator Via a Software Verification Tool

Towards Deductive Compilation: Implementing a Partial Evaluator Via a Software Verification Tool

Towards Deductive Compilation: Implementing a Partial Evaluator Via a Software Verification Tool Reiner H ahnle (joint work with Richard Bubel and Ran Ji) Chalmers University of Technology Department of Computer Science and Engineering 10

1.11k views • 82 slides
1 Deductive Verification Extremely powerful Extremely hard One proof can cover very

1 Deductive Verification Extremely powerful Extremely hard One proof can cover very

Methods of Assessing Model Behavior Testing spot checks aspects of real system Simulation spot checks aspects of abstract (model) system Deductive verification Uses axioms and proofs on a mathematical model of

596 views • 21 slides
Assume-Guarantee verification of Hybrid Systems in A RIADNE Davide Bresolin and Tiziano Villa

Assume-Guarantee verification of Hybrid Systems in A RIADNE Davide Bresolin and Tiziano Villa

Assume-Guarantee verification of Hybrid Systems in A RIADNE Davide Bresolin and Tiziano Villa University of Verona Games 2009 Udine, Italy Davide Bresolin and Tiziano Villa (University of Verona) Assume-Guarantee verification of Hybrid Systems

434 views • 31 slides
Deductive Verification of Object-Oriented Software Part A Bernhard Beckert | VTSA,

Deductive Verification of Object-Oriented Software Part A Bernhard Beckert | VTSA,

Deductive Verification of Object-Oriented Software Part A Bernhard Beckert | VTSA, 24.28.08.2015 KIT I NSTITUTE FOR T HEORETICAL C OMPUTER S CIENCE www.kit.edu KIT University of the State of Baden-Wuerttemberg and National Laboratory

1.29k views • 106 slides

More recommend