Model Checking for Hybrid Systems Bruce H. Krogh Carnegie Mellon University.

Slides:

Advertisements

Similar presentations

1 of 13 STABILIZING a SWITCHED LINEAR SYSTEM by SAMPLED - DATA QUANTIZED FEEDBACK 50 th CDC-ECC, Orlando, FL, Dec 2011, last talk in the program! Daniel.

Advertisements

1 of 14 LIMITED - INFORMATION CONTROL of SWITCHED and HYBRID SYSTEMS via PROPAGATION of REACHABLE SETS HSCC, Philadelphia, April 2013 Daniel Liberzon Coordinated.

CONTROL of SWITCHED SYSTEMS with LIMITED INFORMATION

Introduction to Formal Methods for SW and HW Development 09: SAT Based Abstraction/Refinement in Model-Checking Roberto Sebastiani Based on work and slides.

ECOE 560 Design Methodologies and Tools for Software/Hardware Systems Spring 2004 Serdar Taşıran.

Hybrid System Verification Synchronous Workshop 2003 A New Verification Algorithm for Planar Differential Inclusions Gordon Pace University of Malta December.

Hybrid Systems Presented by: Arnab De Anand S. An Intuitive Introduction to Hybrid Systems Discrete program with an analog environment. What does it mean?

CS 367: Model-Based Reasoning Lecture 2 (01/15/2002)

Timed Automata.

Model Checker In-The-Loop Flavio Lerda, Edmund M. Clarke Computer Science Department Jim Kapinski, Bruce H. Krogh Electrical & Computer Engineering MURI.

Model Checking Genetic Regulatory Networks with Parameter Uncertainty Grégory Batt, Calin Belta, Ron Weiss HSCC 2007 Presented by Spring Berman ESE :

Hydra (A General Framework for Formalizing UML with Formal Languages for Embedded Systems*) *from the Ph.D. thesis of William E. McUmber Software Engineering.

ESE601: Hybrid Systems Some tools for verification Spring 2006.

Zonotopes Techniques for Reachability Analysis Antoine Girard Workshop “Topics in Computation and Control” March 27 th 2006, Santa Barbara, CA, USA

Verification of Hybrid Systems An Assessment of Current Techniques Holly Bowen.

ECE 720T5 Fall 2012 Cyber-Physical Systems Rodolfo Pellizzoni.

Combining Symbolic Simulation and Interval Arithmetic for the Verification of AMS Designs Mohamed Zaki, Ghiath Al Sammane, Sofiene Tahar, Guy Bois FMCAD'07.

Semantic Translation of Simulink/Stateflow Models to Hybrid Automata using Graph Transformations A. Agarwal, Gy. Simon, G. Karsai ISIS, Vanderbilt University.

1 Formal Models for Stability Analysis : Verifying Average Dwell Time * Sayan Mitra MIT,CSAIL Research Qualifying Exam 20 th December.

Modeling and Verification of Embedded Software Rajeev Alur POPL Mentoring Workshop, Jan 2012 University of Pennsylvania.

1 Verification and Synthesis of Hybrid Systems Thao Dang October 10, 2000.

EECE Hybrid and Embedded Systems: Computation T. John Koo, Ph.D. Institute for Software Integrated Systems Department of Electrical Engineering and.

Systems Engineering for Automating V&V of Dependable Systems John S. Baras Institute for Systems Research University of Maryland College Park

Discrete Abstractions of Hybrid Systems Rajeev Alur, Thomas A. Henzinger, Gerardo Lafferriere and George J. Pappas.

1 University of Pennsylvania Demonstrations Alur, Kumar, Lee, Pappas Rafael Fierro Yerang Hur Franjo Ivancic PK Mishra.

1 Compositional Verification of Hybrid Systems Using Simulation Relations Doctorate Defense Goran Frehse Radboud Universiteit, Nijmegen, Oct. 10, 2005.

Scheduling Using Timed Automata Borzoo Bonakdarpour Wednesday, April 13, 2005 Selected Topics in Algorithms and Complexity (CSE960)

Approximate Abstraction for Verification of Continuous and Hybrid Systems Antoine Girard Guest lecture ESE601: Hybrid Systems 03/22/2006

The Symbolic Approach to Hybrid Systems Tom Henzinger University of California, Berkeley.

The Rare Glitch Project: Verification Tools for Embedded Systems Carnegie Mellon University Pittsburgh, PA Ed Clarke, David Garlan, Bruce Krogh, Reid Simmons,

System Design Research Laboratory Model-based Testing and Monitoring for Hybrid Embedded Systems Li Tan Jesung Kim Oleg Sokolsky Insup Lee University of.

ESE601: Hybrid Systems Introduction to verification Spring 2006.

Hybrid System Verification Using Discrete Model Approximations

Testing and Monitoring at Penn An Integrated Framework for Validating Model-based Embedded Software Li Tan University of Pennsylvania September, 2003.

Beyond HyTech Presented by: Ben Horowitz and Rupak Majumdar Joint work with Tom Henzinger and Howard Wong-Toi.

NSF Foundations of Hybrid and Embedded Software Systems UC Berkeley: Chess Vanderbilt University: ISIS University of Memphis: MSI Program Review May 10,

Hybrid automata Rafael Wisniewski Automation and Control, Dept. of Electronic Systems Aalborg University, Denmark Hybrid Systems October 9th 2009.

Code Generation from CHARON Rajeev Alur, Yerang Hur, Franjo Ivancic, Jesung Kim, Insup Lee, and Oleg Sokolsky University of Pennsylvania.

Petri Nets An Overview IE 680 Presentation April 30, 2007 Renata Kopach- Konrad.

Antoine Girard VAL-AMS Project Meeting April 2007 Behavioral Metrics for Simulation-based Circuit Validation.

Approximation Metrics for Discrete and Continuous Systems Antoine Girard and George J. Pappas VERIMAG Workshop.

MoBIES meeting Deerfield Beach ETC Challenge Problem ETC Model Requirements Simulation results Parametric verification Results Towards a Checkmate model.

1 DISTRIBUTION A. Approved for public release; Distribution unlimited. (Approval AFRL PA # 88ABW , 09 April 2014) Reducing the Wrapping Effect.

ECE 720T5 Winter 2014 Cyber-Physical Systems Rodolfo Pellizzoni.

Verification of Discrete & Hybrid Powertrain Controllers

Model-based Analysis and Implementation of Embedded Systems

Benjamin Gamble. What is Time?  Can mean many different things to a computer Dynamic Equation Variable System State 2.

CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur

Department of Mechanical Engineering The University of Strathclyde, Glasgow Hybrid Systems: Modelling, Analysis and Control Yan Pang Department of Mechanical.

CIS 540 Principles of Embedded Computation Spring Instructor: Rajeev Alur

Software Engineering Research paper presentation Ali Ahmad Formal Approaches to Software Testing Hierarchal GUI Test Case Generation Using Automated Planning.

Hybrid automata and temporal logics

MESA Lab Two Interesting Papers Introduction at ICFDA 2014 Xiaobao Jia MESA (Mechatronics, Embedded Systems and Automation) Lab School of Engineering,

Dynamic software reconfiguration using control supervisors Ugo Buy 13 June 2005.

Lecture 81 Regional Automaton CS 5270 Lecture 8. Lecture 82 What We Need to Do Problem: –We need to analyze the timed behavior of a TTS. –The timed behavior.

Model Checking and Model-Based Design Bruce H. Krogh Carnegie Mellon University.

Petri Nets Lecturer: Roohollah Abdipour. Agenda Introduction Petri Net Modelling with Petri Net Analysis of Petri net 2.

1 CSEP590 – Model Checking and Automated Verification Lecture outline for August 6, 2003.

Control Synthesis and Reconfiguration for Hybrid Systems October 2001 Sherif Abdelwahed ISIS Vanderbilt University.

Introduction to discrete event systems

Symbolic Algorithms for Infinite-state Systems Rupak Majumdar (UC Berkeley) Joint work with Luca de Alfaro (UC Santa Cruz) Thomas A. Henzinger (UC Berkeley)

ECE/CS 584: Verification of Embedded Computing Systems Model Checking Timed Automata Sayan Mitra Lecture 09.

Mapping of Regular Nested Loop Programs to Coarse-grained Reconfigurable Arrays – Constraints and Methodology Presented by: Luis Ortiz Department of Computer.

ECE/CS 584: Verification of Embedded Computing Systems Timed to Hybrid Automata Sayan Mitra (edited by Yu Wang) Lecture 10.

CS5270 Lecture 41 Timed Automata I CS 5270 Lecture 4.

Presentation Title 2/4/2018 Software Verification using Predicate Abstraction and Iterative Refinement: Part Bug Catching: Automated Program Verification.

Instructor: Rajeev Alur

CSEP590 – Model Checking and Automated Verification

Discrete Controller Synthesis

Introduction to verification

Presentation transcript:

Model Checking for Hybrid Systems Bruce H. Krogh Carnegie Mellon University

Carnegie Mellon: The Rare Glitch Project2Bruce H. Krogh Hybrid Dynamic Systems Dynamic systems with both continuous & discrete state variables Lyapunov functions, eigenvalue analysis, etc. Boolean algebra, formal logics, recursion, etc. Analytical Tools MATLAB, Matrix X, VisSim, etc., Statemate, Design CPN, Slam II, SMV, etc. Software Tools Continuous-State Systems differential equations, transfer functions, etc. Discrete-State Systems automata, Petri nets, statecharts, etc. Models

Carnegie Mellon: The Rare Glitch Project3Bruce H. Krogh Three Main Thrusts of Our Project Verifying system integrity  Synchronization constraints  Resource constraints  Real-time constraints Modeling the environment  Hybrid dynamics  Stochastic models Usability  Extracting models  Explaining tool feedback system environment

Carnegie Mellon: The Rare Glitch Project4Bruce H. Krogh Embedded systems with significant hybrid dynamics Source: ESP, Dec, 1998

Carnegie Mellon: The Rare Glitch Project5Bruce H. Krogh Opportunity to Apply Formal Verification Techniques test on engine/ vehicle feature specification code production executable spec. code generation simulation hardware in the loop executable spec. Computer-Aided Control System Design model checking Objective: Verify feature behavior for the entire range of operating conditions.

Carnegie Mellon: The Rare Glitch Project6Bruce H. Krogh Example: Variable CAM Timing look-up table 2-mode PID/ saturation controller operating state cam angle actuator command

Carnegie Mellon: The Rare Glitch Project7Bruce H. Krogh Example: Variable CAM Timing Controller Verification Problem: Determine whether the controller will switch only once from saturation to PID mode.

Carnegie Mellon: The Rare Glitch Project8Bruce H. Krogh Continuous-Time Model

Carnegie Mellon: The Rare Glitch Project9Bruce H. Krogh Switching Rule Discrete-time rule Switch on magnitude of the error and the sign of this filter Continuous-time rule Switch on magnitude of the error and the sign of this filter state of the filter error

Carnegie Mellon: The Rare Glitch Project10Bruce H. Krogh Finite-State Analysis Assign discrete states to each switch boundary and the initial condition set Determine reachability from each discrete state to the other discrete states Analyze the resulting finite state system

Carnegie Mellon: The Rare Glitch Project11Bruce H. Krogh Reachability Analysis

Carnegie Mellon: The Rare Glitch Project12Bruce H. Krogh Finite-State Model Switching back to the saturation controller is certain from some initial states (i.e., specification is not satisfied)

Carnegie Mellon: The Rare Glitch Project13Bruce H. Krogh Applying Model Checking to Hybrid Systems: interpret a hybrid system as a transition system (with an infinite state space) find an equivalent finite-state transition systems (bisimulation) perform verification using the bisimulation Can this approach be generalized to higher-order systems?

Carnegie Mellon: The Rare Glitch Project14Bruce H. Krogh Polyhedral-Invariant Hybrid Automaton (PIHA) Conversion Simulink/Stateflow Front End (graphical editing, simulation) Threshold-event-driven Hybrid Systems (TEDHS) Flow Pipe Approximations Quotient Transition System ACTL Verification Partition Refinement Initial Partition

Carnegie Mellon: The Rare Glitch Project15Bruce H. Krogh Polyhedral-Invariant Hybrid Automaton (PIHA) Conversion Simulink/Stateflow Front End (graphical editing, simulation) Threshold-event-driven Hybrid Systems (TEDHS) Flow Pipe Approximations Quotient Transition System ACTL Verification Partition Refinement Initial Partition T T/P SWITCHED CONTINUOUS DYNAMICS dx/dt = f u (x) POLYHEDRAL REGIONS STATEFLOW FSMs

Carnegie Mellon: The Rare Glitch Project16Bruce H. Krogh CheckMate Block Diagram Switched Continuous Dynamics Switching Hyperplanes Discrete-State Dynamics

Carnegie Mellon: The Rare Glitch Project17Bruce H. Krogh Polyhedral-Invariant Hybrid Automaton (PIHA) Conversion Simulink/Stateflow Front End (graphical editing, simulation) Threshold-event-driven Hybrid Systems (TEDHS) Flow Pipe Approximations Quotient Transition System ACTL Verification Partition Refinement Initial Partition T T/P mode select integrator m(t) xdot(t) flow constraints x(t) jump mapping initial condition e(t) threshold-driven discrete dynamics x(t) e(t) m(t) cont. state discrete state discrete event F1 F2 F3 1S1S X0X0 JeJe e(t)

Carnegie Mellon: The Rare Glitch Project18Bruce H. Krogh Polyhedral-Invariant Hybrid Automaton (PIHA) Conversion Simulink/Stateflow Front End (graphical editing, simulation) Threshold-event-driven Hybrid Systems (TEDHS) Flow Pipe Approximations Quotient Transition System ACTL Verification Partition Refinement Initial Partition Elements of CheckMate

Carnegie Mellon: The Rare Glitch Project19Bruce H. Krogh Polyhedral-Invariant Hybrid Automaton (PIHA) Conversion Simulink/Stateflow Front End (graphical editing, simulation) Threshold-event-driven Hybrid Systems (TEDHS) Flow Pipe Approximations Quotient Transition System ACTL Verification Partition Refinement Initial Partition u u’u’ x  INV u’ dx/dt = F u’ (x) x  INV u dx/dt = F u (x) x  Xox  Xo e i : g i (x)  0 x u’  J i (x u )

Carnegie Mellon: The Rare Glitch Project20Bruce H. Krogh Polyhedral-Invariant Hybrid Automaton (PIHA) Conversion Simulink/Stateflow Front End (graphical editing, simulation) Threshold-event-driven Hybrid Systems (TEDHS) Flow Pipe Approximations Quotient Transition System ACTL Verification Partition Refinement Initial Partition Elements of CheckMate

Carnegie Mellon: The Rare Glitch Project21Bruce H. Krogh Polyhedral-Invariant Hybrid Automaton (PIHA) Conversion Simulink/Stateflow Front End (graphical editing, simulation) Threshold-event-driven Hybrid Systems (TEDHS) Flow Pipe Approximations Quotient Transition System ACTL Verification Partition Refinement Initial Partition

Carnegie Mellon: The Rare Glitch Project22Bruce H. Krogh Polyhedral-Invariant Hybrid Automaton (PIHA) Conversion Simulink/Stateflow Front End (graphical editing, simulation) Threshold-event-driven Hybrid Systems (TEDHS) Flow Pipe Approximations Quotient Transition System ACTL Verification Partition Refinement Initial Partition T T/P

Carnegie Mellon: The Rare Glitch Project23Bruce H. Krogh Computing Transitions  ('1,p',q')('1,p',q') '1'1 '2'2 ('2,p',q')('2,p',q') (,p,q)(,p,q) pp'p' qq'q'

Carnegie Mellon: The Rare Glitch Project24Bruce H. Krogh Approximating reachable sets E.K. Kornoushenko. Finite-automaton approximation to the behavior of continuous plants, Automation and Remote Control, 1975 J. Reisch and S. O’Young, A DES approach to control of hybrid dynamical systems, Hybrid Systems III, LNCS 1066, Springer, 1996 A. Puri, V. Borkar and P. Varaiya,  -Approximation of differential inclusions, Hybrid Systems III, LNCS 1066, Springer, 1996 M.R. Greenstreet, Verifying safety properties of differential equations, CAV’96 M.R. Greenstreet and I. Mitchell, Integrating projections, HSCC98 T. Dang and O. Maler, Reachability analysis via face lifting, HSCC98 A. Chutinan and B. H. Krogh, Verification of polyhedral-invariant hybrid systems using polygonal flow pipe approximations, HSCC99

Carnegie Mellon: The Rare Glitch Project25Bruce H. Krogh Polyhedral flow pipe approximation A. Chutinan and B. H. Krogh, Computing polyhedral approximations to dynamic flow pipes, IEEE CDC, 1998 X0X0 t1t1 t2t2 t3t3 t4t4 t5t5 t6t6 t7t7 t8t8 t9t9 divide R [0,T] (X 0 ) into [t k,t k+1 ] segments enclose each segment with a convex polytope R M [0,T] (X 0 ) = union of polytopes

Carnegie Mellon: The Rare Glitch Project26Bruce H. Krogh Flow Pipe Segment Approximation Vertices(X 0 ) at t k Vertices(X 0 ) at t k+1 Step 1. a. Simulate trajectories from each vertex of X 0. Step 2. Solve optimization for d i flow pipe segment approximated by { x | c i T x  d i,  i } b. Take the convex hull and identify outward normal vectors.

Carnegie Mellon: The Rare Glitch Project27Bruce H. Krogh Flow Pipe Approximation for a Linear System Vertices for X 0 Uniform time step  t k = 0.1

Carnegie Mellon: The Rare Glitch Project28Bruce H. Krogh Flow Pipe Approximation Applies to nonlinear dynamics Applies in arbitrary dimensions Approximation error doesn't grow with time Estimation error (Hausdorff distance) can be made arbitrarily small with  t <  and size of X 0 <  Integrated into CheckMate

Carnegie Mellon: The Rare Glitch Project29Bruce H. Krogh Polyhedral-Invariant Hybrid Automaton (PIHA) Conversion Simulink/Stateflow Front End (graphical editing, simulation) Threshold-event-driven Hybrid Systems (TEDHS) Flow Pipe Approximations Quotient Transition System ACTL Verification Partition Refinement Initial Partition

Carnegie Mellon: The Rare Glitch Project30Bruce H. Krogh Polyhedral-Invariant Hybrid Automaton (PIHA) Conversion Simulink/Stateflow Front End (graphical editing, simulation) Threshold-event-driven Hybrid Systems (TEDHS) Flow Pipe Approximations Quotient Transition System ACTL Verification Partition Refinement Initial Partition

Carnegie Mellon: The Rare Glitch Project31Bruce H. Krogh Application Case Studies F 16 auto-land system (Lockheed-DARPA) Batch process shut down controller (ESPRIT VHS Project) Automotive powertrain  Engine shut-off mode (PARADES)  Idle speed control (CADENCE)  Transmission shift controller (Ford-DARPA)

Carnegie Mellon: The Rare Glitch Project32Bruce H. Krogh CheckMate - Current Work Sampled-data systems  clocked + unclocked events Resets (jumps in the continuous state) Efficient hybrid automata generation

Carnegie Mellon: The Rare Glitch Project33Bruce H. Krogh The Rare Glitch Project Hybrid system abstractions composable with independent embedded software models Generation of requirements from hybrid system models (timing and resource constraints) Improved technology  order-reduction  focused refinement  automatic model abstraction  usability