Teaching CPS Foundations With Contracts Andr e Platzer - PowerPoint PPT Presentation

Teaching CPS Foundations With Contracts Andr´ e Platzer aplatzer@cs.cmu.edu Computer Science Department Carnegie Mellon University, Pittsburgh, PA http://symbolaris.com/course/fcps13.html 0.5 0.4 0.3 0.2 1.0 0.1 0.8 0.6 0.4 0.2 Andr´ e Platzer (CMU) Teaching CPS Foundations With Contracts CPS-Ed 1 / 8

Can you trust a computer to control physics? Andr´ e Platzer (CMU) Teaching CPS Foundations With Contracts CPS-Ed 2 / 8

CPS Analysis & Design: Robot Lab Challenge (Hybrid Systems) Design & verify controller for 3.5 a robot avoiding obstacles 3.0 2.5 Accelerate / brake 2.0 (discrete dynamics) 1.5 1.0 1D motion 0.5 (continuous dynamics) 0.0 0 1 2 3 4 5 6 0.2 a v p 2.5 p x 0.8 0.1 2.0 10 t 0.6 2 4 6 8 1.5 0.4 � 0.1 1.0 p y � 0.2 0.2 0.5 � 0.3 10 t 10 t 2 4 6 8 2 4 6 8 Andr´ e Platzer (CMU) Teaching CPS Foundations With Contracts CPS-Ed 3 / 8

CPS Analysis & Design: Robot Lab Challenge (Hybrid Systems) Design & verify controller for 3.5 a robot avoiding obstacles 3.0 2.5 Accelerate / brake 2.0 (discrete dynamics) 1.5 1.0 1D motion 0.5 (continuous dynamics) 0.0 0 1 2 3 4 5 6 0.2 a d Ω 1.0 d x 0.00008 0.1 0.8 0.00006 10 t 0.6 2 4 6 8 0.00004 � 0.1 0.4 0.00002 � 0.2 0.2 10 t 2 4 6 8 � 0.3 d y 10 t 2 4 6 8 Andr´ e Platzer (CMU) Teaching CPS Foundations With Contracts CPS-Ed 3 / 8

CPS Analysis & Design: Robot Lab Challenge (Hybrid Systems) Design & verify controller for 3.5 a robot avoiding obstacles 3.0 2.5 Accel / brake / steer 2.0 (discrete dynamics) 1.5 1.0 2D motion 0.5 (continuous dynamics) 0.0 0 1 2 3 4 5 6 a 1.0 v p 0.2 8 0.8 10 t 2 4 6 8 6 0.6 � 0.2 p x 4 0.4 � 0.4 � 0.6 0.2 2 p y � 0.8 10 t 10 t 2 4 6 8 2 4 6 8 Andr´ e Platzer (CMU) Teaching CPS Foundations With Contracts CPS-Ed 4 / 8

CPS Analysis & Design: Robot Lab Challenge (Hybrid Systems) Design & verify controller for 3.5 a robot avoiding obstacles 3.0 2.5 Accel / brake / steer 2.0 (discrete dynamics) 1.5 1.0 2D motion 0.5 (continuous dynamics) 0.0 0 1 2 3 4 5 6 a d Ω 1.0 d x 0.2 0.5 10 t 2 4 6 8 0.5 10 t 2 4 6 8 � 0.2 � 0.5 10 t � 0.4 2 4 6 8 d y � 0.6 � 1.0 � 0.5 � 0.8 Andr´ e Platzer (CMU) Teaching CPS Foundations With Contracts CPS-Ed 4 / 8

CPS Analysis & Design: Robot Lab Challenge (Hybrid Systems) Design & verify controller for 3.5 a robot avoiding obstacles 3.0 2.5 Dynamic obstacles 2.0 (other agents) 1.5 1.0 Avoid collisions 0.5 (define safety) 0.0 0 1 2 3 4 5 6 a 1.0 v p 10 t p x 2 4 6 8 4 0.8 � 1 3 0.6 � 2 2 0.4 � 3 1 0.2 p y 10 t � 4 10 t 2 4 6 8 2 4 6 8 Andr´ e Platzer (CMU) Teaching CPS Foundations With Contracts CPS-Ed 5 / 8

CPS Analysis & Design: Robot Lab Challenge (Hybrid Systems) Design & verify controller for 3.5 a robot avoiding obstacles 3.0 2.5 Dynamic obstacles 2.0 (other agents) 1.5 1.0 Avoid collisions 0.5 (define safety) 0.0 0 1 2 3 4 5 6 a d Ω 10 t 1.0 2 4 6 8 d x 0.5 � 1 0.5 10 t 2 4 6 8 � 2 10 t � 0.5 2 4 6 8 � 3 d y � 1.0 � 0.5 � 4 Andr´ e Platzer (CMU) Teaching CPS Foundations With Contracts CPS-Ed 5 / 8

CPS Analysis & Design: Robot Lab Challenge (Hybrid Systems) Design & verify controller for 3.5 a robot avoiding obstacles 3.0 2.5 Control robot 2.0 (respect delays) 1.5 1.0 Environment interaction 0.5 (obstacles, agents, 0.0 0 1 2 3 4 5 6 uncertainty) a 1.2 v 7 p 0.4 6 1.0 0.2 5 0.8 10 t 4 2 4 6 8 0.6 p x � 0.2 3 0.4 � 0.4 2 0.2 1 � 0.6 p y 10 t 10 t 2 4 6 8 2 4 6 8 Andr´ e Platzer (CMU) Teaching CPS Foundations With Contracts CPS-Ed 6 / 8

CPS Analysis & Design: Robot Lab Challenge (Hybrid Systems) Design & verify controller for 3.5 a robot avoiding obstacles 3.0 2.5 Control robot 2.0 (respect delays) 1.5 1.0 Environment interaction 0.5 (obstacles, agents, 0.0 0 1 2 3 4 5 6 uncertainty) a d Ω 1.0 d x 0.4 0.5 0.2 0.5 10 t 10 t d y 2 4 6 8 2 4 6 8 � 0.2 � 0.5 10 t 2 4 6 8 � 0.4 � 1.0 � 0.6 � 0.5 Andr´ e Platzer (CMU) Teaching CPS Foundations With Contracts CPS-Ed 6 / 8

CPS Design & CPS Contracts in Programs Reveal in layers HP Contracts Reason about CPS @requires ( vˆ2 < = 2 ∗ b ∗ (m − x )) @requires ( v > =0 & A > =0 & b > 0) @ensures ( x < = m) { ( vˆ2 < = 2 ∗ b ∗ (m − x ) − (A+b ) ∗ (A+2 ∗ v )) { i f a := A; } else { a := − b ; } t := 0; { x’=v , v’=a , t ’=1 , v > =0 & t < =1 } }∗ @invariant ( vˆ2 < = 2 ∗ b ∗ (m − x )) Design-by-invariant CPS Simulate for intuition CT Andr´ e Platzer (CMU) Teaching CPS Foundations With Contracts CPS-Ed 7 / 8

Teaching CPS Foundations With Contracts differential dynamic logic [ α ] φ φ d L = DL + HP α e o n c t t e i n r u c s o i u d d Ω s 1.0 d x 0.5 0.5 10 t d y 2 4 6 8 � 0.5 10 t 2 4 6 8 � 1.0 � 0.5 l a stochastic i r a Develop CPS models s KeYmaera r nondet e v Express CPS contracts d a Intuition for operation Reason rigorously about CPS Focus on core principles CPS programs + contracts Andr´ e Platzer (CMU) Teaching CPS Foundations With Contracts CPS-Ed 8 / 8

pre / post- design-by- conditions invariant abstraction & archi- rigorous tectures reasoning Computational Thinking specs & properties verification CPS Foundations Learning Objectives core principles model- predictive control Modeling CPS skills & Control develop operational effects dynamical semantics aspects Andr´ e Platzer (CMU) Teaching CPS Foundations With Contracts CPS-Ed 1 / 4

Successful Hybrid Systems Proofs 0 * [SB := ((amax / b + 1) * ep * v + (v ^ 2 - d ^ 2) / (2 * b) + ((amax / b + 1) * amax * ep ^ 2) / 2)] far 1 [do := d] [state := brake] [?v <= vdes] [?v >= vdes] 2 10 13 neg [mo := m] 8 [a := *] [a := *] 3 11 14 [m := *] [?a >= 0 & a <= amax] [?a <= 0 & a >= -b] 4 12 15 [d := *] cor 5 24 [vdes := *] [?m - z <= SB | state = brake] [?m - z >= SB & state != brake] * 6 17 [?d >= 0 & do ^ 2 - d ^ 2 <= 2 * b * (m - mo) & vdes >= 0] [a := -b] 19 7 18 17 28 [t := 0] rec fsa 21 [{z‘ = v, v‘ = a, t‘ = 1, v >= 0 & t <= ep}] 22 31  � � y t i x e c c c � �  � e n t � r y x x y � z ¯ ϑ y 2 y � ̟ ω e x x 2 � c d x 1 y 1 x Andr´ e Platzer (CMU) Teaching CPS Foundations With Contracts CPS-Ed 2 / 4

Successful Hybrid Systems Proofs ( r x , r y ) f y ( v x , v y ) e y x b ( l x , l y ) e x f x Andr´ e Platzer (CMU) Teaching CPS Foundations With Contracts CPS-Ed 2 / 4

Successful Hybrid Systems Proofs z x � i � d � i � x � l � 2 minr � i � � y � i r n x � j � i m p x � k � disc � i � x � i � c x � m � x D Virtual fixture boundary d 0.3 0.2 1 0.3 0.2 0.1 0.2 0.4 0.6 0.8 1.0 0.1 - 1 0.0 5 10 15 20 � 0.1 � 0.1 � 0.2 � 0.3 � 0.2 Andr´ e Platzer (CMU) Teaching CPS Foundations With Contracts CPS-Ed 2 / 4 � 0.3

Logic for Hybrid Systems differential dynamic logic d L = FOL R v v 2 ≤ 2 b ( M − z ) z M Andr´ e Platzer (CMU) Teaching CPS Foundations With Contracts CPS-Ed 3 / 4

Logic for Hybrid Systems differential dynamic logic d L = FOL R + DL + HP v 2 ≤ 2 b v 2 ≤ 2 b C → [ if ( z > SB ) a := − b ; z ′′ = a ] v 2 ≤ 2 b � �� � v 2 ≤ 2 b hybrid program Andr´ e Platzer (CMU) Teaching CPS Foundations With Contracts CPS-Ed 3 / 4

Logic for Hybrid Systems differential dynamic logic d L = FOL R + DL + HP v 2 ≤ 2 b v 2 ≤ 2 b C → [ if ( z > SB ) a := − b ; z ′′ = a ] v 2 ≤ 2 b � �� � v 2 ≤ 2 b hybrid program Initial System Post condition dynamics condition Andr´ e Platzer (CMU) Teaching CPS Foundations With Contracts CPS-Ed 3 / 4

Differential Dynamic Logic: Axiomatization [:=] [ x := θ ][( x )] φ x ↔ [( x )] φθ [?] [? H ] φ ↔ ( H → φ ) [ x ′ = f ( x )] φ ↔ ∀ t ≥ 0 [ x := y ( t )] φ [ ′ ] ( y ′ ( t ) = f ( y )) [ ∪ ] [ α ∪ β ] φ ↔ [ α ] φ ∧ [ β ] φ [;] [ α ; β ] φ ↔ [ α ][ β ] φ [ ∗ ] [ α ∗ ] φ ↔ φ ∧ [ α ][ α ∗ ] φ K [ α ]( φ → ψ ) → ([ α ] φ → [ α ] ψ ) [ α ∗ ]( φ → [ α ] φ ) → ( φ → [ α ∗ ] φ ) I C [ α ∗ ] ∀ v > 0 ( ϕ ( v ) → � α � ϕ ( v − 1)) → ∀ v ( ϕ ( v ) → � α ∗ �∃ v ≤ 0 ϕ ( v )) Andr´ e Platzer (CMU) Teaching CPS Foundations With Contracts CPS-Ed 4 / 4

Andr´ e Platzer. Differential dynamic logic for hybrid systems. J. Autom. Reas. , 41(2):143–189, 2008. Andr´ e Platzer. Logical Analysis of Hybrid Systems: Proving Theorems for Complex Dynamics . Springer, Heidelberg, 2010. Andr´ e Platzer. Logics of dynamical systems. In LICS , pages 13–24. IEEE, 2012. Andr´ e Platzer and Jan-David Quesel. KeYmaera: A hybrid theorem prover for hybrid systems. In Alessandro Armando, Peter Baumgartner, and Gilles Dowek, editors, IJCAR , volume 5195 of LNCS , pages 171–178. Springer, 2008. Andr´ e Platzer (CMU) Teaching CPS Foundations With Contracts CPS-Ed 4 / 4