Change and Delay Contracts for Hybrid System Component Verification

In this paper, we present reasoning techniques for a component-based modeling and verification approach for hybrid systems comprising discrete dynamics as well as continuous dynamics, in which the components have local responsibilities. Our approach supports component contracts i.e., input assumptions and output guarantees of interfaces that are more general than previous component-based hybrid systems verification techniques in the following ways: We introduce change contracts, which characterize how current values exchanged between components along ports relate to previous values. We also introduce delay contracts, which describe the change relative to the time that has passed since the last value was exchanged. Together, these contracts can take into account what has changed between two components in a given amount of time since the last exchange of information. Most crucially, we prove that the safety of compatible components implies safety of the composite. The proof steps of the theorem are also implemented as a tactic in KeYmaerai¾?X, allowing automatic generation of a KeYmaerai¾?X proof for the composite system from proofs of the concrete components.

[1]  André Platzer,et al.  On Provably Safe Obstacle Avoidance for Autonomous Robotic Ground Vehicles , 2013, Robotics: Science and Systems.

[2]  Nathan Fulton,et al.  KeYmaera X: An Axiomatic Tactical Theorem Prover for Hybrid Systems , 2015, CADE.

[3]  Enrico Vicario,et al.  Formal Modeling and Analysis of Timed Systems , 2015, Lecture Notes in Computer Science.

[4]  G. Frehse,et al.  Assume-guarantee reasoning for hybrid I/O-automata by over-approximation of continuous interaction , 2004, 2004 43rd IEEE Conference on Decision and Control (CDC) (IEEE Cat. No.04CH37601).

[5]  Nancy A. Lynch,et al.  Hybrid I/O automata , 1995, Inf. Comput..

[6]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[7]  Ka Lok Man,et al.  Formal Semantics of Hybrid Chi , 2003, FORMATS.

[8]  Thomas A. Henzinger,et al.  The theory of hybrid automata , 1996, Proceedings 11th Annual IEEE Symposium on Logic in Computer Science.

[9]  Thomas A. Henzinger,et al.  Hybrid Automata: An Algorithmic Approach to the Specification and Verification of Hybrid Systems , 1992, Hybrid Systems.

[10]  Barbara König,et al.  Tools and Algorithms for the Construction and Analysis of Systems , 2012, Lecture Notes in Computer Science.

[11]  André Platzer,et al.  Logics of Dynamical Systems , 2012, 2012 27th Annual IEEE Symposium on Logic in Computer Science.

[12]  Thomas A. Henzinger,et al.  Assume-Guarantee Reasoning for Hierarchical Hybrid Systems , 2001, HSCC.

[13]  André Platzer,et al.  A Complete Axiomatization of Quantified Differential Dynamic Logic for Distributed Hybrid Systems , 2012, Log. Methods Comput. Sci..

[14]  André Platzer,et al.  Quantified Differential Dynamic Logic for Distributed Hybrid Systems , 2010, CSL.

[15]  André Platzer,et al.  The Complete Proof Theory of Hybrid Systems , 2012, 2012 27th Annual IEEE Symposium on Logic in Computer Science.

[16]  André Platzer,et al.  A Complete Uniform Substitution Calculus for Differential Dynamic Logic , 2016, Journal of Automated Reasoning.

[17]  Werner Retschitzegger,et al.  A Component-Based Approach to Hybrid Systems Safety Verification , 2016, IFM.

[18]  André Platzer,et al.  European Train Control System: A Case Study in Formal Verification , 2009, ICFEM.

[19]  André Platzer,et al.  Formally verified differential dynamic logic , 2017, CPP.

[20]  Helmut Veith,et al.  Proceedings of the 24th international conference/19th annual conference on Computer science logic , 2010 .

[21]  André Platzer,et al.  Differential-algebraic Dynamic Logic for Differential-algebraic Programs , 2010, J. Log. Comput..

[22]  Ka Lok Man,et al.  Case Studies in The Hybrid Process Algebra Hypa , 2005, Int. J. Softw. Eng. Knowl. Eng..

[23]  Michel A. Reniers,et al.  Hybrid process algebra , 2005, J. Log. Algebraic Methods Program..

[24]  Hosung Song,et al.  SPHIN: A model checker for reconfigurable hybrid systems based on SPIN , 2006, Electron. Notes Theor. Comput. Sci..

[25]  André Platzer,et al.  The Structure of Differential Invariants and Differential Cut Elimination , 2011, Log. Methods Comput. Sci..

[26]  André Platzer,et al.  Verified Traffic Networks: Component-Based Verification of Cyber-Physical Flow Systems , 2015, 2015 IEEE 18th International Conference on Intelligent Transportation Systems.

[27]  Lacramioara Astefanoaei,et al.  A Compositional Approach to the Verification of Hybrid Systems , 2016, Theory and Practice of Formal Methods.

[28]  Davide Bresolin,et al.  Assume–guarantee verification of nonlinear hybrid systems with Ariadne , 2014 .

[29]  André Platzer,et al.  Adaptive Cruise Control: Hybrid, Distributed, and Now Formally Verified , 2011, FM.

[30]  Hosung Song,et al.  The Phi-Calculus: A Language for Distributed Control of Reconfigurable Embedded Systems , 2003, HSCC.

[31]  Amir Pnueli,et al.  Towards Component Based Design of Hybrid Systems: Safety and Stability , 2010, Essays in Memory of Amir Pnueli.