Verification of Hybrid Systems An Assessment of Current Techniques Holly Bowen.

Slides:

Advertisements

Similar presentations

1 Verification by Model Checking. 2 Part 1 : Motivation.

Advertisements

Copyright 2000 Cadence Design Systems. Permission is granted to reproduce without modification. Introduction An overview of formal methods for hardware.

Auto-Generation of Test Cases for Infinite States Reactive Systems Based on Symbolic Execution and Formula Rewriting Donghuo Chen School of Computer Science.

Robustness Analysis and Tuning of Synthetic Gene Networks Grégory Batt Center for Information and Systems Engineering and Center for BioDynamics Boston.

Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.

Automatic Verification Book: Chapter 6. What is verification? Traditionally, verification means proof of correctness automatic: model checking deductive:

Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.

UPPAAL Introduction Chien-Liang Chen.

Hybrid System Verification Synchronous Workshop 2003 A New Verification Algorithm for Planar Differential Inclusions Gordon Pace University of Malta December.

Hybrid Systems Presented by: Arnab De Anand S. An Intuitive Introduction to Hybrid Systems Discrete program with an analog environment. What does it mean?

Timed Automata.

Model Checking Genetic Regulatory Networks with Parameter Uncertainty Grégory Batt, Calin Belta, Ron Weiss HSCC 2007 Presented by Spring Berman ESE :

Zonotopes Techniques for Reachability Analysis Antoine Girard Workshop “Topics in Computation and Control” March 27 th 2006, Santa Barbara, CA, USA

Combining Symbolic Simulation and Interval Arithmetic for the Verification of AMS Designs Mohamed Zaki, Ghiath Al Sammane, Sofiene Tahar, Guy Bois FMCAD'07.

Hybrid Approach to Model-Checking of Timed Automata DAT4 Project Proposal Supervisor: Alexandre David.

Semantic Translation of Simulink/Stateflow Models to Hybrid Automata using Graph Transformations A. Agarwal, Gy. Simon, G. Karsai ISIS, Vanderbilt University.

1 Verification and Synthesis of Hybrid Systems Thao Dang October 10, 2000.

Discrete Abstractions of Hybrid Systems Rajeev Alur, Thomas A. Henzinger, Gerardo Lafferriere and George J. Pappas.

EECE Hybrid and Embedded Systems: Computation T. John Koo, Ph.D. Institute for Software Integrated Systems Department of Electrical Engineering and.

Abstractions. Outline Informal intuition Why do we need abstraction? What is an abstraction and what is not an abstraction A framework for abstractions.

1 8. Safe Query Languages Safe program – its semantics can be at least partially computed on any valid database input. Safety is tied to program verification,

Model Checking for Hybrid Systems Bruce H. Krogh Carnegie Mellon University.

Automatic Rectangular Refinement of Affine Hybrid Automata Tom Henzinger EPFL Laurent Doyen ULB Jean-François Raskin ULB FORMATS 2005 – Sep 27 th - Uppsala.

Models of Computation for Embedded System Design Alvise Bonivento.

Embedded Systems Laboratory Department of Computer and Information Science Linköping University Sweden Formal Verification and Model Checking Traian Pop.

Hybrid System Verification Using Discrete Model Approximations

School of Computer ScienceG53FSP Formal Specification1 Dr. Rong Qu Introduction to Formal Specification

© 2006 Pearson Addison-Wesley. All rights reserved2-1 Chapter 2 Principles of Programming & Software Engineering.

Tool Integration of Ptolemy II EE290N Class Project Haiyang Zheng May

Beyond HyTech Presented by: Ben Horowitz and Rupak Majumdar Joint work with Tom Henzinger and Howard Wong-Toi.

Real-Time System Requirements & Design Specs Shaw - Chapters 3 & 4 Homework #2: 3.3.1, 3.4.1, Add Error states to Fig 4.1 Lecture 4/17.

Formal verification Marco A. Peña Universitat Politècnica de Catalunya.

Antoine Girard VAL-AMS Project Meeting April 2007 Behavioral Metrics for Simulation-based Circuit Validation.

Formal Methods 1. Software Engineering and Formal Methods  Every software engineering methodology is based on a recommended development process  proceeding.

Regular Model Checking Ahmed Bouajjani,Benget Jonsson, Marcus Nillson and Tayssir Touili Moran Ben Tulila

1 DISTRIBUTION A. Approved for public release; Distribution unlimited. (Approval AFRL PA # 88ABW , 09 April 2014) Reducing the Wrapping Effect.

ECE 720T5 Winter 2014 Cyber-Physical Systems Rodolfo Pellizzoni.

Verification of Discrete & Hybrid Powertrain Controllers

Model-based Analysis and Implementation of Embedded Systems

Mathematical Modeling and Formal Specification Languages CIS 376 Bruce R. Maxim UM-Dearborn.

Benjamin Gamble. What is Time?  Can mean many different things to a computer Dynamic Equation Variable System State 2.

Transformation of Timed Automata into Mixed Integer Linear Programs Sebastian Panek.

1 Automatic Refinement and Vacuity Detection for Symbolic Trajectory Evaluation Orna Grumberg Technion Haifa, Israel Joint work with Rachel Tzoref.

Institute e-Austria in Timisoara 1 Author: prep. eng. Calin Jebelean Verification of Communication Protocols using SDL ( )

CS6133 Software Specification and Verification

ISBN Chapter 3 Describing Semantics -Attribute Grammars -Dynamic Semantics.

Formal Verification Lecture 9. Formal Verification Formal verification relies on Descriptions of the properties or requirements Descriptions of systems.

Introduction to Problem Solving. Steps in Programming A Very Simplified Picture –Problem Definition & Analysis – High Level Strategy for a solution –Arriving.

1 Outline:  Optimization of Timed Systems  TA-Modeling of Scheduling Tasks  Transformation of TA into Mixed-Integer Programs  Tree Search for TA using.

1 CSEP590 – Model Checking and Automated Verification Lecture outline for August 6, 2003.

THE LAPLACE TRANSFORM LEARNING GOALS Definition

© 2006 Pearson Addison-Wesley. All rights reserved2-1 Chapter 2 Principles of Programming & Software Engineering.

© 2006 Pearson Addison-Wesley. All rights reserved 2-1 Chapter 2 Principles of Programming & Software Engineering.

Verification & Validation By: Amir Masoud Gharehbaghi

Predicate Abstraction. Abstract state space exploration Method: (1) start in the abstract initial state (2) use to compute reachable states (invariants)

SAT-Based Model Checking Without Unrolling Aaron R. Bradley.

This Week Lecture on relational semantics Exercises on logic and relations Labs on using Isabelle to do proofs.

ECE/CS 584: Verification of Embedded Computing Systems Model Checking Timed Automata Sayan Mitra Lecture 09.

Model Checking Lecture 1. Model checking, narrowly interpreted: Decision procedures for checking if a given Kripke structure is a model for a given formula.

Equivalence checking Prof Shobha Vasudevan ECE 598SV.

DEPENDABILITY ANALYSIS (towards Networked Information Systems) Ester Ciancamerla, Michele Minichino ENEA {ciancamerlae, In.

Model Checking Lecture 1: Specification Tom Henzinger.

ECE/CS 584: Verification of Embedded Computing Systems Timed to Hybrid Automata Sayan Mitra (edited by Yu Wang) Lecture 10.

CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.

Chapter 2- Visual Basic Schneider

Aspect Validation: Connecting Aspects and Formal Methods

IS 2935: Developing Secure Systems

ECE-C662 Introduction to Behavioral Synthesis Knapp Text Ch

Over-Approximating Boolean Programs with Unbounded Thread Creation

Chapter 2- Visual Basic Schneider

Presentation transcript:

Verification of Hybrid Systems An Assessment of Current Techniques Holly Bowen

Verification Methods Formal verification – determining whether given properties are true for a given model of a dynamic system Theorem proving – inferring/contradicting a specification using logical proof systems Not restricted to finite-state systems Model checking – using the state-transition relation in iterative computations to arrive at the set of states for which the specification is true Algorithmic technique

Model Checking Requires the construction of a finite-state approximation of the continuous dynamics Verification of properties for the finite-state approximation may be inconclusive! E.g. if a state is reachable in the finite-state approximation, that doesn’t imply it is reachable in the underlying hybrid system Tools can refine the approximation, but refinement will not necessarily terminate

Example: Batch Reactor System Exothermic reaction: 2A + B  D Discrete controller: v A, v B, v C, v O Variables: T R, V R, t R, c A

Operation Procedure Formal verification: Are the forbidden states (z 5, z 6 ) reachable?

Hybrid Model of System

Model Checking Tools UPPAAL HYTECH d/dt CheckMate VERDICT

UPPAAL Systems are represented as networks of timed automata (TA) Can analyze simple liveness properties and reachability properties Uses clock difference diagrams to represent TA in a compact format User must manually translate the process behavior into a set of concurrent TA

UPPAAL operation procedure reactor behavior Desired states: S2, S5, S9 Result: S10 is reachable!

HYTECH Specifications are given as temporal logic expressions Uses symbolic model checking in the continuous state space Can only model flows with form (linear hybrid automata)

HYTECH Three approaches to verify systems of higher complexity than LHA: Clock transition models – continuous state variables are replaced by clock variables (pure integrators with different rates) Constraints identify regions for which given rates are valid Rate translation – Retains original state variables, but approximates continuous behavior with piecewise- constant bounds on first derivatives Linear phase-portrait approximation – Derivatives of state variables can be constrained in linear combinations Gives a better approximation to original state equations

Rate Translation

d/dt Performs reachability analysis for hybrid systems with linear continuous dynamics Face-lifting – computing collections of orthogonal polyhedra to represent reachable sets Allows models with uncertainty in the input in the dynamics equations E.g. User must linearize system dynamics around the operating point of interest

Face Lifting Each face is moved by an amount that bounds all possible trajectories starting on the face

CheckMate MATLAB-based tool, handles systems with arbitrary nonlinear continuous dynamics Allows any Simulink/StateFlow blocks for simulation Verification: Logical operators (AND, OR, XOR, etc.) MUX/DEMUX Switched Continuous System Block (SCSB) Polyhedral Threshold Block (PTHB) Finite State Machine Block (FSMB)

CheckMate Computes finite-state approximation using general polyhedral over-approximation to sets of reachable states for continuous dynamics Can refine current approximation and attempt verification again if result is inconclusive Searches for states that led to failure, splits them, recomputes reachable states, evaluates logic expression again

CheckMate Controller (FSMB) PHTBs

CheckMate within 1 hour?

VERDICT Modular modelling/verification of timed/hybrid systems Structure of system is built in a modular manner Behavior of each module is described by a discrete, timed, or hybrid transition system Translates the model into the input languages of different model checkers for discrete/timed automata HYTECH, KRONOS, SMV, UPPAAL

VERDICT controller hybrid behavior

Comparisons Two key issues: Computation takes hours – only very small systems can be verified! Modularity: break systems down into smaller pieces Interpretation of results – cause of failure is not clear

Making Tools Useful for Industry Connecting with Existing Models Model-building process is time-consuming, could introduce errors Tools for Exploring Models and Results Useful results are obtained only when the user is directing the verification process Tools for Building Verification Specifications & Interpreting Results Difficult to translate requirement specifications into formal specifications to be verified