static analysis of control command systems floating point
play

Static Analysis of Control-Command Systems: Floating-Point and - PowerPoint PPT Presentation

Sep 16, 2023 •325 likes •1.17k views

Static Analysis of Control-Command Systems: Floating-Point and Integer Invariants Vivien Maisonneuve Thesis supervisors: Olivier Hermant Franois Irigoin Thesis defense Paris, February 6, 2015 Control-Command Systems A control-command

  1. Static Analysis of Control-Command Systems: Floating-Point and Integer Invariants Vivien Maisonneuve Thesis supervisors: Olivier Hermant François Irigoin Thesis defense Paris, February 6, 2015

  2. Control-Command Systems A control-command system is a system that regulates the behavior of a device. command Control System Device actuators sensors 2 / 41

  3. Control-Command Systems A control-command system is a system that regulates the behavior of a device. command Control System Device actuators sensors 2 / 41

  4. Control-Command Systems Wide spectrum of control-command systems 3 / 41 Critical applications ⇒ need for reliability

  5. Development Constraints Often implemented on embedded systems Extra constraints: • reactivity (real time) • autonomy • cost • energy, memory 4 / 41

  6. low-level C program • thousands of LOC • computations • management of sensors • floating-point numbers How to ensure that the executed program is correct? Step-by-step refinements GCC, CLANG and actuators elementary operations decomposed into Description Levels Formalization Realization MATLAB, Simulink (stability) system behavior 4 control theory: (differential equations) 3 model of the environment 2 constraint specification 1 system conception 5 / 41 mathematical proofs of

  7. Description Levels Realization How to ensure that the executed program is correct? Step-by-step refinements GCC, CLANG and actuators elementary operations decomposed into Formalization 5 / 41 MATLAB, Simulink (stability) system behavior 4 control theory: (differential equations) 3 model of the environment 2 constraint specification 1 system conception low-level C program • thousands of LOC • computations mathematical proofs of • management of sensors • floating-point numbers

  8. Description Levels Realization How to ensure that the executed program is correct? Step-by-step refinements GCC, CLANG and actuators elementary operations decomposed into Formalization 5 / 41 MATLAB, Simulink (stability) system behavior 4 control theory: (differential equations) 3 model of the environment 2 constraint specification 1 system conception low-level C program • thousands of LOC • computations mathematical proofs of • management of sensors • floating-point numbers

  9. Programming Critical Systems Combination of different methods: (dynamic allocation, global variables…) Successes in implementing critical software: software • documentation and specification of all software components • coding standard to limit “dangerous” programming techniques • extensive testing • zero bug in space shuttle code (400 KLOC) • after decades of civil aviation, no human casualty due to a defective 6 / 41

  10. Drawbacks Long and expensive development process: 25 % of the total development cost electronic throttle control defect in Toyota Camry vehicles Exhaustive testing is impossible: can miss bugs. correctness. • 70 % of software development cost for Boeing 777, • development constraint sometimes poorly respected: ⇒ Interest in formal methods to provide mathematical insurances of 7 / 41

  11. Context compute response each location in the code Numerical invariants: mathematical properties on program variables, at stability domain”: … “During execution, controller state variables // property P 4 send response to actuators // property P 3 // property P 2 Formalization input sensors // property P 1 input command repeat every 10ms: and a stability proof Output after formalization: MATLAB pseudocode of a discrete-time C code implementation controller with a frequency 8 / 41

  12. Context Formalization C code implementation Output after formalization: MATLAB pseudocode of a discrete-time repeat every 10ms: input sensors // property P 2 compute response // property P 3 send response to actuators // property P 4 Numerical invariants: mathematical properties on program variables, at each location in the code controller with a frequency and a stability proof input command // property P 1 “During execution, controller state variables ∈ stability domain”: … � 8 / 41

  13. Problems & Contributions Formalization C code implementation 1 Stability proof on real numbers Implementation on machine arithmetic • numeric constants • rounding errors in computations 9 / 41

  14. • Linear systems • Floating-point & fixed-point arithmetic, parametric precision • [Feron ICSM’10]: open-loop 32 bits, closed-loop 117 bits Transposition of Stability Proof to Machine Arithmetic % d Implementation Functions Constants Machine (C) d % d Theoretical Framework Intermediate d % d % d Real (MATLAB) i % d Transpose code + invariants in two steps % d ′ = θ ( d , i ) 10 / 41

  15. • Linear systems • Floating-point & fixed-point arithmetic, parametric precision • [Feron ICSM’10]: open-loop 32 bits, closed-loop 117 bits Implementation Functions Constants Machine (C) d % d % d Intermediate Theoretical Framework Transposition of Stability Proof to Machine Arithmetic d Real (MATLAB) i % d Transpose code + invariants in two steps % ˜ ı ˜ % d ′ = θ ( d , i ) d ′ = θ (˜ % ˜ d , ˜ ı ) 10 / 41

  16. • Linear systems • Floating-point & fixed-point arithmetic, parametric precision • [Feron ICSM’10]: open-loop 32 bits, closed-loop 117 bits Transposition of Stability Proof to Machine Arithmetic Theoretical Framework % d i Real (MATLAB) d Implementation Functions Constants Machine (C) d Intermediate Transpose code + invariants in two steps % ¯ % ˜ ı ˜ ¯ ı % d ′ = θ ( d , i ) d ′ = θ (˜ d ′ ⊃ θ (¯ % ¯ % ˜ d , ˜ ı ) d , ˜ ı ) ⊕ ε 10 / 41

  17. Transposition of Stability Proof to Machine Arithmetic Intermediate % d i Implementation Real (MATLAB) Functions d Constants Machine (C) d Theoretical Framework Transpose code + invariants in two steps % ¯ % ˜ ı ˜ ¯ ı % d ′ = θ ( d , i ) d ′ = θ (˜ d ′ ⊃ θ (¯ % ¯ % ˜ d , ˜ ı ) d , ˜ ı ) ⊕ ε • Linear systems • Floating-point & fixed-point arithmetic, parametric precision • [Feron ICSM’10]: open-loop 32 bits, closed-loop 117 bits 10 / 41

  18. Problems & Contributions Formalization C code implementation 2 Data acquisition through interrupt handlers outside the main loop SIGNAL (SIG_COMMAND) { ... } SIGNAL (SIG_SENSOR1) { ... } void main_loop() { ... } New invariant computation techniques 11 / 41 ⇒ different code structure ⇒ computation of global invariants to check the program runs at the ⇒ correct frequency • transformers • benchmark to compare tools and algorithms

  19. Outline 1 Transformers: Scalability and Accuracy 2 Improvements in Transformer Computation Control-Path Transformers Iterative Analysis Arbitrary-Precision Numbers 3 Model Restructuring State Splitting State Merge 12 / 41

  20. Linear Relation Analysis (LRA) [Cousot & Halbwachs POPL’78] // invariant (precondition) program instruction // invariant (postcondition) x 1 x 2 Good trade-off: computational cost vs. accuracy invariant = system of affine (in)equalities = convex polyhedron x 1 + 7 ≥ 2 x 2 x 2 ≥ 5 − x 1 x 2 ≥ 1 13 / 41

  21. • Propagation • Branch output P 6 : either P 4 or P 5 • Branch output P 7 : • Loop invariant: P 2 entering the loop P 7 after one iteration 1 n 0 P 6 P 2 Linear Relation Analysis (LRA) P 7 [Halbwachs & Henry SAS’12] } else n = 0; if (n < 60) n++; if (rand()) while (rand()) int n = 0; void foo() { 14 / 41

  22. • Branch output P 6 : either P 4 or P 5 • Branch output P 7 : • Loop invariant: P 2 entering the loop P 7 after one iteration 1 n 0 P 6 P 2 P 7 Linear Relation Analysis (LRA) [Halbwachs & Henry SAS’12] } else n = 0; if (n < 60) n++; if (rand()) while (rand()) int n = 0; void foo() { • Propagation // P 0 : true 14 / 41

  23. • Branch output P 6 : either P 4 or P 5 • Branch output P 7 : • Loop invariant: P 2 entering the loop P 7 after one iteration 1 n 0 P 6 P 2 P 7 Linear Relation Analysis (LRA) [Halbwachs & Henry SAS’12] } else n = 0; if (n < 60) n++; if (rand()) while (rand()) int n = 0; void foo() { • Propagation // P 0 : true // P 1 : n = 0 14 / 41

  24. • Branch output P 6 : either P 4 or P 5 • Branch output P 7 : • Loop invariant: P 2 entering the loop P 7 after one iteration 1 n 0 P 6 P 2 P 7 Linear Relation Analysis (LRA) [Halbwachs & Henry SAS’12] } else n = 0; if (n < 60) n++; if (rand()) while (rand()) int n = 0; void foo() { • Propagation // P 0 : true // P 1 : n = 0 // P 2 : n = 0 14 / 41

  25. • Branch output P 6 : either P 4 or P 5 • Branch output P 7 : • Loop invariant: P 2 entering the loop P 7 after one iteration Linear Relation Analysis (LRA) [Halbwachs & Henry SAS’12] P 6 P 2 P 7 if (n < 60) n++; } else n = 0; n 1 if (rand()) while (rand()) int n = 0; void foo() { 0 • Propagation // P 0 : true // P 1 : n = 0 // P 2 : n = 0 // P 3 : n = 0 14 / 41

  26. • Branch output P 6 : either P 4 or P 5 • Branch output P 7 : • Loop invariant: P 2 entering the loop P 7 after one iteration Linear Relation Analysis (LRA) } P 2 P 7 [Halbwachs & Henry SAS’12] if (n < 60) n++; else n = 0; n 0 1 if (rand()) while (rand()) int n = 0; void foo() { P 6 • Propagation in each branch // P 0 : true // P 1 : n = 0 // P 2 : n = 0 // P 3 : n = 0 // P 4 : n = 1 14 / 41

Recommend

Lecture 3 Floating Point Representations 1 Floating-point arithmetic We often incur

Lecture 3 Floating Point Representations 1 Floating-point arithmetic We often incur

ECE 0142 Computer Organization Lecture 3 Floating Point Representations 1 Floating-point arithmetic We often incur floating-point programming. Floating point greatly simplifies working with large (e.g., 2 70 ) and small (e.g., 2 -17 )

638 views • 30 slides
Floating Point CSE 238/2038/2138: Systems Programming Instructor: Fatma CORUT ERGN Slides

Floating Point CSE 238/2038/2138: Systems Programming Instructor: Fatma CORUT ERGN Slides

Floating Point CSE 238/2038/2138: Systems Programming Instructor: Fatma CORUT ERGN Slides adapted from Bryant &amp; OHallarons slides Today: Floating Point Background: Fractional binary numbers IEEE floating point standard:

803 views • 52 slides
for Optimization and Analysis of Floating-Point Computations Heiko Becker, Pavel Panchekha, Eva

for Optimization and Analysis of Floating-Point Computations Heiko Becker, Pavel Panchekha, Eva

Combining Tools for Optimization and Analysis of Floating-Point Computations Heiko Becker, Pavel Panchekha, Eva Darulova, Zachary Tatlock FM 2018, 17.07.2018 Floating-Point Computations Are Ubiquitous 2 Floating-Point Computations are Tricky

341 views • 18 slides
Floating-point numbers Fractional binary numbers IEEE floating-point standard Floating-point

Floating-point numbers Fractional binary numbers IEEE floating-point standard Floating-point

Floating-point numbers Fractional binary numbers IEEE floating-point standard Floating-point operations and rounding Lessons for programmers Many more details we will skip (its a 58-page standard) See CSAPP 2.4 for more detail. 1

381 views • 15 slides
15-213 The course that gives CMU its Zip! Floating Point Sept 6, 2006 Topics Topics

15-213 The course that gives CMU its Zip! Floating Point Sept 6, 2006 Topics Topics

15-213 The course that gives CMU its Zip! Floating Point Sept 6, 2006 Topics Topics IEEE Floating Point Standard Rounding Floating Point Operations Mathematical properties class03.ppt 15-213, F06 Floating Point

1.03k views • 34 slides
COMMAND AND CONTROL SYSTEMS zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA CRITICAL PATH

COMMAND AND CONTROL SYSTEMS zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA CRITICAL PATH

COMMAND AND CONTROL SYSTEMS zyxwvutsrqponmlkjihgfedcbaZYXWVUTSRQPONMLKJIHGFEDCBA CRITICAL PATH APPROACH TO BY D. J. LAMB AND P. F. O'NEILL OPERATIONAL RESEARCH AND ANALYSIS NATIONAL DEFENCE HEADQUARTERS OTTAWA, CANADA OUTLINE OF PRESENTATION

680 views • 45 slides
Floating point Today ! IEEE Floating Point Standard ! Rounding ! Floating Point Operations !

Floating point Today ! IEEE Floating Point Standard ! Rounding ! Floating Point Operations !

Floating point Today ! IEEE Floating Point Standard ! Rounding ! Floating Point Operations ! Mathematical properties Next time ! The machine model Chris Riesbeck, Fall 2011 Monday, October 3, 2011 Checkpoint Monday, October 3, 2011 IEEE

1.07k views • 28 slides
2/10/2020 Today: Floating Point Background: Fractional binary numbers IEEE floating point

2/10/2020 Today: Floating Point Background: Fractional binary numbers IEEE floating point

2/10/2020 Today: Floating Point Background: Fractional binary numbers IEEE floating point standard: Definition Floating Point Example and properties Rounding, addition, multiplication CSci 2021: Machine Architecture and

411 views • 7 slides
9/20/2018 Today: Floating Point Background: Fractional binary numbers IEEE floating point

9/20/2018 Today: Floating Point Background: Fractional binary numbers IEEE floating point

9/20/2018 Today: Floating Point Background: Fractional binary numbers IEEE floating point standard: Definition Floating Point Example and properties Rounding, addition, multiplication CSci 2021: Machine Architecture and

339 views • 7 slides
CENG 342 Digital Systems Simplified Floating-point Adder Larry Pyeatt SDSM&amp;T Binary

CENG 342 Digital Systems Simplified Floating-point Adder Larry Pyeatt SDSM&amp;T Binary

CENG 342 Digital Systems Simplified Floating-point Adder Larry Pyeatt SDSM&amp;T Binary Floating Point Representation Floating point number consists of three components: sign bit, exponent, and mantissa. Example: 12.75: sign is + , exponent

253 views • 12 slides
7. Floating-point Numbers II p 1 , the precision (number of places), e min , the smallest

7. Floating-point Numbers II p 1 , the precision (number of places), e min , the smallest

Floating-point Number Systems A Floating-point number system is defined by the four natural numbers: 2 , the base, 7. Floating-point Numbers II p 1 , the precision (number of places), e min , the smallest possible exponent, e max , the

296 views • 14 slides
CS 356 Unit 3 IEEE 754 Floating Point Representation 3.2 Floating Point Used to represent

CS 356 Unit 3 IEEE 754 Floating Point Representation 3.2 Floating Point Used to represent

3.1 CS 356 Unit 3 IEEE 754 Floating Point Representation 3.2 Floating Point Used to represent very small numbers (fractions) and very large numbers Avogadros Number: +6.0247 * 10 23 Plancks Constant: +6.6254 * 10 -27

789 views • 33 slides
Machine numbers: how floating point numbers are stored? Floating-point number representation

Machine numbers: how floating point numbers are stored? Floating-point number representation

Machine numbers: how floating point numbers are stored? Floating-point number representation What do we need to store when representing floating point numbers in a computer? ! = 1. &amp; 2 ! Initially, different floating-point

379 views • 18 slides
Floating point How arithmetic operations mathematics involving floating point numbers

Floating point How arithmetic operations mathematics involving floating point numbers

Numerical and Scientific Computing with Applications David F . Gleich CS 314, Purdue September 7, 2016 In this class: Floating point How arithmetic operations mathematics involving floating point numbers work. Next class IEEE

812 views • 11 slides
An Asynchronous Floating-Point Multiplier Basit Riaz Sheikh and Rajit Manohar Computer Systems

An Asynchronous Floating-Point Multiplier Basit Riaz Sheikh and Rajit Manohar Computer Systems

An Asynchronous Floating-Point Multiplier Basit Riaz Sheikh and Rajit Manohar Computer Systems Lab Cornell University http://vlsi.cornell.edu/ The person that did the work! Motivation Fast floating-point computation is important for

636 views • 15 slides
Floating Point Data CSCI 125 &amp; 161 / ENGR 144 Floating point numbers are not exact

Floating Point Data CSCI 125 &amp; 161 / ENGR 144 Floating point numbers are not exact

Floating Point Data CSCI 125 &amp; 161 / ENGR 144 Floating point numbers are not exact Value 0.1 is very close to 1/10, but not Lecture 13 precisely equal to it 0.1 10 = 0.000110011001100110011... 2 Cannot rely on accuracy of

313 views • 3 slides
Unit 3 IEEE 754 Floating Point Representation 3.2 Floating Point Used to represent very

Unit 3 IEEE 754 Floating Point Representation 3.2 Floating Point Used to represent very

3.1 Unit 3 IEEE 754 Floating Point Representation 3.2 Floating Point Used to represent very small numbers (fractions) and very large numbers Avogadros Number: +6.022 10 23 Boltzmanns Constant: +1.38 10 -23 32 or

1.13k views • 38 slides
ECS 231 Computer Arithmetic 1 / 27 Outline Floating-point numbers and representations 1

ECS 231 Computer Arithmetic 1 / 27 Outline Floating-point numbers and representations 1

ECS 231 Computer Arithmetic 1 / 27 Outline Floating-point numbers and representations 1 Floating-point arithmetic 2 Floating-point error analysis 3 Further reading 4 2 / 27 Outline Floating-point numbers and representations 1

438 views • 27 slides
AMath 483/583 Lecture 2 Outline: Binary storage, floating point numbers Version

AMath 483/583 Lecture 2 Outline: Binary storage, floating point numbers Version

AMath 483/583 Lecture 2 Outline: Binary storage, floating point numbers Version control main ideas Client-server version control, e.g., CVS, Subversion Distributed version control, e.g., git, Mercurial Reading: class

394 views • 36 slides
Formal verification of floating-point algorithms John Harrison Intel Corporation Floating

Formal verification of floating-point algorithms John Harrison Intel Corporation Floating

Formal verification of floating-point algorithms 1 Formal verification of floating-point algorithms John Harrison Intel Corporation Floating point algorithm verification HOL Light Floating point numbers and formats HOL floating

636 views • 28 slides
Control-dependence Analysis 2 Control-dependence Analysis 1. Introduction (motivation, overview)

Control-dependence Analysis 2 Control-dependence Analysis 1. Introduction (motivation, overview)

Class 4 Basic Analyses (4) Assign (see Schedule for links) Readings Control/program-dependence analysis Static single assignment and control dependence Problem Set 2: due 9/1/09 1 Control-dependence Analysis 2

254 views • 12 slides
Debugging Floating-Point Debugging Floating-Point Debugging Floating-Point Math in Racket Math

Debugging Floating-Point Debugging Floating-Point Debugging Floating-Point Math in Racket Math

Debugging Floating-Point Debugging Floating-Point Debugging Floating-Point Math in Racket Math in Racket Math in Racket Neil Toronto RacketCon 2013 Racket Floating-Point Support Racket Floating-Point Support Racket Floating-Point Support

914 views • 88 slides
AMath 483/583 Lecture 2 Notes: Outline: Binary storage, floating point numbers

AMath 483/583 Lecture 2 Notes: Outline: Binary storage, floating point numbers

AMath 483/583 Lecture 2 Notes: Outline: Binary storage, floating point numbers Version control main ideas Client-server version control, e.g., CVS, Subversion Distributed version control, e.g., git, Mercurial Reading:

387 views • 9 slides
DLX Floating Point Extend MIPS Pipeline to Floating Point Operations Functional units

DLX Floating Point Extend MIPS Pipeline to Floating Point Operations Functional units

DLX Floating Point Extend MIPS Pipeline to Floating Point Operations Functional units more complex than simple integer ALU Require several clock cycles for a FP arithmetic operation Add: 4 cycles, Multiply: 7 cycles, Divide: 25

377 views • 22 slides

More recommend