Scalable Dynamic Analysis of Large Linear Systems Parasara Sridhar - PowerPoint PPT Presentation

Scalable Dynamic Analysis of Large Linear Systems Parasara Sridhar Duggirala

Joint Work Mahesh Viswanathan – UIUC Stanley Bak - AFRL P. S. Duggirala, M. Viswanathan. “ Parsimonous , Simulation Based Verification of Linear Systems” International Conference on Computer Aided Verification (CAV) 2016. S. Bak , P. S. Duggirala. “Rigorous Simulation Based Analysis for Linear Hybrid Systems” Tools and Algorithms for Construction and Analysis of Systems (TACAS) 2017. S. Bak , P. S. Duggirala. “ HyLAA: A tool for simulation –equivalent reachability for linear systems” Hybrid Systems Computation and Control (HSCC) 2017. S. Bak , P. S. Duggirala. “Direct Verification of Liner Systems over 10,000 Dimensions” Applied Continuous and Hybrid Systems Verification Workshop (ARCH) 2017. Best Paper Award S. Bak , P. S. Duggirala. “Simulation Equivalent Verification Of Large Linear Systems with Inputs” International Conference on Computer Aided Verification (CAV) 2017. CPS V&V I&F - CMU 2

ሶ ሶ ሶ ሶ ሶ ሶ Leader-Follower System Dynamics of the system 𝑡 = 𝑤 𝑔 − 𝑤; velocity = 𝑤 ; velocity = 𝑤 𝑔 ; acceleration = 𝑏 ; acceleration = 0 ; 𝑤 = 𝑏 − 𝑙 𝑏𝑓𝑠𝑝 𝑤; 𝑏 = 𝑣; s 𝑙 𝑏𝑓𝑠𝑝 is the air – drag Control Law if(cond1) then leader follower 𝑣 = −2𝑏 − 2(𝑤 − 𝑤 𝑔 ) ; if(cond2) then 𝑣 = −3𝑏 − 2(𝑤 − 𝑤 𝑔 ) ; Physical Plant 𝑔 𝑗 𝑦 = 𝐵 𝑗 𝑦 + 𝐶 𝑗 𝐻 3 𝐲 = 𝐠 𝟐 (𝐲) 𝐻 1 𝐃 𝟐 𝐃 𝟑 𝐲 = 𝐠 𝟒 (𝐲) Logic 𝐲 = 𝐠 𝟑 (𝐲) ⋮ 𝐻 2 𝐃 𝐨 Linear Hybrid Automata CPS V&V I&F - CMU 3

ሶ ሶ ሶ Safety Verification Problem ▪ Given a Linear Hybrid Automata 𝐼 , with initial set Θ and unsafe set 𝑉 , are all the behaviors starting from Θ for bounded time 𝑈 𝑐 are safe? 𝑔 𝑗 𝑦 = 𝐵 𝑗 𝑦 + 𝐶 𝑗 U 𝐻 3 𝐲 = 𝐠 𝟐 (𝐲) 𝐻 1 𝐲 = 𝐠 𝟒 (𝐲) 𝐲 = 𝐠 𝟑 (𝐲) Θ Linear Hybrid Automata 𝐻 2 CPS V&V I&F - CMU 4

ሶ ሶ ሶ Safety Verification Problem ▪ Given a Linear Hybrid Automata 𝐼 , with initial set Θ and unsafe set 𝑉 , are all the behaviors starting from Θ for bounded time 𝑈 𝑐 are safe? 𝑔 𝑗 𝑦 = 𝐵 𝑗 𝑦 + 𝐶 𝑗 U 𝐻 3 𝐲 = 𝐠 𝟐 (𝐲) 𝐻 1 𝐲 = 𝐠 𝟒 (𝐲) 𝐲 = 𝐠 𝟑 (𝐲) Θ Linear Hybrid Automata 𝐻 2 ▪ One technique: Use a safety verification tool such as KeyMeara, SpaceEx, Flow*, or CORA, etc. CPS V&V I&F - CMU 5

ሶ ሶ ሶ Safety Verification Problem ▪ Given a Linear Hybrid Automata 𝐼 , with initial set Θ and unsafe set 𝑉 , are all the behaviors starting from Θ for bounded time 𝑈 𝑐 are safe? 𝑔 𝑗 𝑦 = 𝐵 𝑗 𝑦 + 𝐶 𝑗 U 𝐻 3 𝐲 = 𝐠 𝟐 (𝐲) 𝐻 1 𝐲 = 𝐠 𝟒 (𝐲) 𝐲 = 𝐠 𝟑 (𝐲) Θ Linear Hybrid Automata 𝐻 2 ▪ One technique: Use a safety verification tool such as KeyMeara, SpaceEx, Flow*, or CORA, etc. ▪ However, most of design analysis is done using simulations. CPS V&V I&F - CMU 6

ሶ ሶ ሶ Safety Verification Problem ▪ Given a Linear Hybrid Automata 𝐼 , with initial set Θ and unsafe set 𝑉 , are all the behaviors starting from Θ for bounded time 𝑈 𝑐 are safe? 𝑔 𝑗 𝑦 = 𝐵 𝑗 𝑦 + 𝐶 𝑗 U 𝐻 3 𝐲 = 𝐠 𝟐 (𝐲) 𝐻 1 𝐲 = 𝐠 𝟒 (𝐲) 𝐲 = 𝐠 𝟑 (𝐲) Θ Linear Hybrid Automata 𝐻 2 ▪ One technique: Use a safety verification tool such as KeyMeara, SpaceEx, Flow*, or CORA, etc. ▪ However, most of design analysis is done using simulations. This work(s) Simulations ↔ Verification CPS V&V I&F - CMU 7

ሶ ሶ ሶ Hybrid Automata Semantics Linear Hybrid Automata 𝐼 = ⟨𝑀𝑝𝑑, 𝑌, 𝐺𝑚𝑝𝑥, 𝐽𝑜𝑤, 𝑈𝑠𝑏𝑜𝑡, 𝐻𝑣𝑏𝑠𝑒⟩ Modes Discrete transitions Dynamics Guards State space 𝑦 = 𝐵 𝑗 𝑦 + 𝐶 𝑗 Invariants 𝐽𝑜𝑤 2 𝑦 = 𝐵 2 𝑦 + 𝐶 2 𝐽𝑜𝑤 1 𝑦 = 𝐵 1 𝑦 + 𝐶 1 CPS V&V I&F - CMU 8

ሶ ሶ ሶ Hybrid Automata Semantics Linear Hybrid Automata 𝐼 = ⟨𝑀𝑝𝑑, 𝑌, 𝐺𝑚𝑝𝑥, 𝐽𝑜𝑤, 𝑈𝑠𝑏𝑜𝑡, 𝐻𝑣𝑏𝑠𝑒⟩ Modes Discrete transitions Dynamics Guards State space 𝑦 = 𝐵 𝑗 𝑦 + 𝐶 𝑗 Invariants 𝐽𝑜𝑤 2 𝑦 = 𝐵 2 𝑦 + 𝐶 2 𝐽𝑜𝑤 1 Reachable Set 𝑦 = 𝐵 1 𝑦 + 𝐶 1 CPS V&V I&F - CMU 9

ሶ ሶ ሶ Hybrid Automata Semantics Linear Hybrid Automata 𝐼 = ⟨𝑀𝑝𝑑, 𝑌, 𝐺𝑚𝑝𝑥, 𝐽𝑜𝑤, 𝑈𝑠𝑏𝑜𝑡, 𝐻𝑣𝑏𝑠𝑒⟩ Modes Discrete transitions Reachable set computation Dynamics Guards State space 𝑦 = 𝐵 𝑗 𝑦 + 𝐶 𝑗 Invariants 𝐽𝑜𝑤 2 1.Compute reachable set for each mode. 𝑦 = 𝐵 2 𝑦 + 𝐶 2 2.Take into account the mode invariants. 𝐽𝑜𝑤 1 3.Handle the discrete transitions Reachable Set 𝑦 = 𝐵 1 𝑦 + 𝐶 1 Perform steps 1, 2, and 3 using simulation based techniques CPS V&V I&F - CMU 10

Pop Quiz Q) Given dynamics ሶ 𝑦 = 𝐵𝑦 + 𝐶 , initial set Θ , and time instance 𝑢 , how many simulations does it take to compute 𝑆𝑓𝑏𝑑ℎ(Θ, 𝑢) ? CPS V&V I&F - CMU 11

Pop Quiz Q) Given dynamics ሶ 𝑦 = 𝐵𝑦 + 𝐶 , initial set Θ , and time instance 𝑢 , how many simulations does it take to compute 𝑆𝑓𝑏𝑑ℎ(Θ, 𝑢) ? A) Answer (in early 2000s), depends on Θ . If Θ is a convex polytope, simulate the vertices of Θ to get the vertices of 𝑆𝑓𝑏𝑑ℎ(Θ, 𝑢) . CPS V&V I&F - CMU 12

Pop Quiz Q) Given dynamics ሶ 𝑦 = 𝐵𝑦 + 𝐶 , initial set Θ , and time instance 𝑢 , how many simulations does it take to compute 𝑆𝑓𝑏𝑑ℎ(Θ, 𝑢) ? A) Answer (in early 2000s), depends on Θ . If Θ is a convex polytope, simulate the vertices of Θ to get the vertices of 𝑆𝑓𝑏𝑑ℎ(Θ, 𝑢) . Can we do better? CPS V&V I&F - CMU 13

Pop Quiz Q) Given dynamics ሶ 𝑦 = 𝐵𝑦 + 𝐶 , initial set Θ , and time instance 𝑢 , how many simulations does it take to compute 𝑆𝑓𝑏𝑑ℎ(Θ, 𝑢) ? A) Answer (in early 2000s), depends on Θ . If Θ is a convex polytope, simulate the vertices of Θ to get the vertices of 𝑆𝑓𝑏𝑑ℎ(Θ, 𝑢) . Can we do better? Yes, the number of simulations is independent of Θ . If 𝑦 is 𝑜 dimensional, you need a mere 𝑜 + 1 simulations! CPS V&V I&F - CMU 14

Dynamic Analysis Technique 1. The representation: Generalized stars . 2. The property of linear systems: Superposition principle . 3. The reachable set computing technique: Safety verification of an 𝒐 dimensional system using 𝒐 + 𝟐 simulations . P.S.Duggirala, M.Viswanathan, “Parsimonious, Simulation Based Verification of Linear Systems” , International Conference on Computer Aided Verification (CAV) 2016. CPS V&V I&F - CMU 15

Representation: Generalized Stars ▪ Generalized star is represented as 〈𝑑, 𝑊, 𝑄〉 ▪ 𝑑 – center, 𝑊 – set of vectors, 𝑄 – predicate. 𝑑, 𝑊, 𝑄 = 𝑦 ∃ ത 𝛽 = (𝛽 1 , … , 𝛽 𝑜 ), c + Σ 𝑗 𝛽 𝑗 𝑤 𝑗 = 𝑦, 𝑄 ത 𝛽 = ⊤} . 𝑄 𝛽 1 , 𝛽 2 𝑑 1 + 𝛽 1 𝑤 1 + 𝛽 2 𝑤 2 𝑤 2 ≜ 𝑑 1 𝑤 1 𝛽 1 ≤ 1 ∧ 𝛽 2 ≤ 1 CPS V&V I&F - CMU 16

Representation: Generalized Stars ▪ Generalized star is represented as 〈𝑑, 𝑊, 𝑄〉 ▪ 𝑑 – center, 𝑊 – set of vectors, 𝑄 – predicate. 𝑑, 𝑊, 𝑄 = 𝑦 ∃ ത 𝛽 = (𝛽 1 , … , 𝛽 𝑜 ), c + Σ 𝑗 𝛽 𝑗 𝑤 𝑗 = 𝑦, 𝑄 ത 𝛽 = ⊤} 𝑄 𝛽 1 , 𝛽 2 𝑤 2 ≜ 𝑑 1 𝑤 1 𝛽 1 ≤ 1 ∧ 𝛽 2 ≤ 1 ∧ 𝛽 1 + 𝛽 2 ≤ 1.5 CPS V&V I&F - CMU 17

Representation: Generalized Stars ▪ Generalized star is represented as 〈𝑑, 𝑊, 𝑄〉 ▪ 𝑑 – center, 𝑊 – set of vectors, 𝑄 – predicate. 𝑑, 𝑊, 𝑄 = 𝑦 ∃ ത 𝛽 = (𝛽 1 , … , 𝛽 𝑜 ), c + Σ 𝑗 𝛽 𝑗 𝑤 𝑗 = 𝑦, 𝑄 ത 𝛽 = ⊤} 𝑄 𝛽 1 , 𝛽 2 𝑤 2 ≜ 2 𝑑 1 𝑤 1 𝛽 1 ≤ 1 − 𝛽 2 CPS V&V I&F - CMU 18