High-Assurance SPIRAL: End-to-End Guarantees for Robot and Car Control

Cyberphysical systems (CPSs), ranging from critical infrastructures such as power plants, to modern (semi) autonomous vehicles, are systems that use software to control physical processes. CPSs are made up of many different computational components. Each component runs its own piece of software that implements its control algorithms, based on its model of the environment. Every component then interacts with other components through the signals and values it sends out. Collectively, these components, and the code they run, drive the complex behaviors modern society has come to expect and rely on. Due to these intricate interactions between components, managing the hundreds to millions of lines of software to ensure that the system, as a whole, performs as desired can often be unwieldy.

[1]  Franz Franchetti,et al.  Operator Language: A Program Generation Framework for Fast Kernels , 2009, DSL.

[2]  André Platzer,et al.  How to model and prove hybrid systems with KeYmaera: a tutorial on safety , 2015, International Journal on Software Tools for Technology Transfer.

[3]  Peter Kazanzides,et al.  Certifying the safe design of a virtual fixture control algorithm for a surgical robot , 2013, HSCC '13.

[4]  André Platzer,et al.  KeYmaera: A Hybrid Theorem Prover for Hybrid Systems (System Description) , 2008, IJCAR.

[5]  S. Shankar Sastry,et al.  Research Challenges for the Security of Control Systems , 2008, HotSec.

[6]  Martin Leucker,et al.  A brief account of runtime verification , 2009, J. Log. Algebraic Methods Program..

[7]  Soummya Kar,et al.  Cyber-physical systems: Dynamic sensor attacks and strong observability , 2015, 2015 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP).

[8]  Alvaro A. Cárdenas,et al.  Attacks against process control systems: risk assessment, detection, and response , 2011, ASIACCS '11.

[9]  André Platzer,et al.  ModelPlex: verified runtime validation of verified cyber-physical system models , 2014, Formal Methods in System Design.

[10]  Thomas A. Henzinger,et al.  The Algorithmic Analysis of Hybrid Systems , 1995, Theor. Comput. Sci..

[11]  André Platzer,et al.  On Provably Safe Obstacle Avoidance for Autonomous Robotic Ground Vehicles , 2013, Robotics: Science and Systems.

[12]  André Platzer,et al.  A Method for Invariant Generation for Polynomial Continuous Systems , 2016, VMCAI.

[13]  A. Nerode,et al.  Logics for hybrid systems , 2000, Proceedings of the IEEE.

[14]  R. W. Johnson,et al.  A methodology for designing, modifying, and implementing Fourier transform algorithms on various architectures , 1990 .

[15]  André Platzer,et al.  Differential Dynamic Logic for Hybrid Systems , 2008, Journal of Automated Reasoning.

[16]  Karl Henrik Johansson,et al.  Attack models and scenarios for networked control systems , 2012, HiCoNS '12.

[17]  Edmund M. Clarke,et al.  Formal Verification of Curved Flight Collision Avoidance Maneuvers: A Case Study , 2009, FM.

[18]  Hugo Herbelin,et al.  The Coq proof assistant : reference manual, version 6.1 , 1997 .

[19]  André Platzer,et al.  Adaptive Cruise Control: Hybrid, Distributed, and Now Formally Verified , 2011, FM.

[20]  André Platzer,et al.  European Train Control System: A Case Study in Formal Verification , 2009, ICFEM.

[21]  Manuela M. Veloso,et al.  Focused optimization for online detection of anomalous regions , 2014, 2014 IEEE International Conference on Robotics and Automation (ICRA).

[22]  Thomas A. Henzinger,et al.  The theory of hybrid automata , 1996, Proceedings 11th Annual IEEE Symposium on Logic in Computer Science.

[23]  Karl Henrik Johansson,et al.  Revealing stealthy attacks in control systems , 2012, 2012 50th Annual Allerton Conference on Communication, Control, and Computing (Allerton).

[24]  Franz Franchetti,et al.  An ensemble technique for estimating vehicle speed and gear position from acoustic data , 2015, 2015 IEEE International Conference on Digital Signal Processing (DSP).

[25]  Rajeev Alur,et al.  Formal verification of hybrid systems , 2011, 2011 Proceedings of the Ninth ACM International Conference on Embedded Software (EMSOFT).

[26]  Xavier Leroy,et al.  Formal verification of a realistic compiler , 2009, CACM.

[27]  Yilin Mo,et al.  False Data Injection Attacks in Control Systems , 2010 .

[28]  Matti Valovirta,et al.  Experimental Security Analysis of a Modern Automobile , 2011 .

[29]  George E. Collins,et al.  Partial Cylindrical Algebraic Decomposition for Quantifier Elimination , 1991, J. Symb. Comput..

[30]  André Platzer,et al.  Logics of Dynamical Systems , 2012, 2012 27th Annual IEEE Symposium on Logic in Computer Science.

[31]  André Platzer,et al.  Differential Dynamic Logic for Verifying Parametric Hybrid Systems , 2007, TABLEAUX.

[32]  Soummya Kar,et al.  Dynamic Attack Detection in Cyber-Physical Systems With Side Initial State Information , 2015, IEEE Transactions on Automatic Control.

[33]  Jean-Baptiste Jeannin,et al.  A Formally Verified Hybrid System for the Next-Generation Airborne Collision Avoidance System , 2015, TACAS.

[34]  Wolfram Burgard,et al.  The dynamic window approach to collision avoidance , 1997, IEEE Robotics Autom. Mag..

[35]  André Platzer,et al.  Logical Analysis of Hybrid Systems - Proving Theorems for Complex Dynamics , 2010 .

[36]  André Platzer,et al.  A hierarchy of proof rules for checking positive invariance of algebraic and semi-algebraic sets , 2017, Comput. Lang. Syst. Struct..

[37]  Johann Schumann,et al.  Software health management: a necessity for safety critical systems , 2013, Innovations in Systems and Software Engineering.

[38]  Jan Willem Klop,et al.  Term Rewriting Systems: From Church-Rosser to Knuth-Bendix and Beyond , 1990, ICALP.

[39]  André Platzer,et al.  The Complete Proof Theory of Hybrid Systems , 2012, 2012 27th Annual IEEE Symposium on Logic in Computer Science.

[40]  Lui Sha,et al.  The Simplex architecture for safe online control system upgrades , 1998, Proceedings of the 1998 American Control Conference. ACC (IEEE Cat. No.98CH36207).

[41]  Nachum Dershowitz,et al.  Chapter 9 – Rewriting , 2001 .

[42]  André Platzer,et al.  Formal verification of obstacle avoidance and navigation of ground robots , 2016, Int. J. Robotics Res..

[43]  George E. Collins,et al.  Hauptvortrag: Quantifier elimination for real closed fields by cylindrical algebraic decomposition , 1975, Automata Theory and Formal Languages.

[44]  Samson Abramsky,et al.  Handbook of logic in computer science. , 1992 .

[45]  Franz Franchetti,et al.  Discrete fourier transform on multicore , 2009, IEEE Signal Processing Magazine.

[46]  Franz Franchetti,et al.  SPIRAL: Code Generation for DSP Transforms , 2005, Proceedings of the IEEE.

[47]  Franz Franchetti,et al.  Barometric and GPS altitude sensor fusion , 2014, 2014 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP).

[48]  Heinz H. Bauschke,et al.  On Projection Algorithms for Solving Convex Feasibility Problems , 1996, SIAM Rev..

[49]  Bruno Sinopoli,et al.  Integrity attacks on cyber-physical systems , 2012, HiCoNS '12.

[50]  André Platzer,et al.  Towards Formal Verification of Freeway Traffic Control , 2012, 2012 IEEE/ACM Third International Conference on Cyber-Physical Systems.

[51]  Nathan Fulton,et al.  KeYmaera X: An Axiomatic Tactical Theorem Prover for Hybrid Systems , 2015, CADE.

[52]  A. Platzer,et al.  ModelPlex: verified runtime validation of verified cyber-physical system models , 2016, Formal Methods Syst. Des..

[53]  R. Baker Kearfott,et al.  Introduction to Interval Analysis , 2009 .

[54]  Bruce H. Krogh,et al.  Using theorem provers to guarantee closed-loop system properties , 2012, 2012 American Control Conference (ACC).

[55]  André Platzer,et al.  From Safety to Guilty & from Liveness to Niceness , 2014 .

[56]  Stephanie Rosenthal,et al.  CoBots: Collaborative robots servicing multi-floor buildings , 2012, 2012 IEEE/RSJ International Conference on Intelligent Robots and Systems.

[57]  André Platzer,et al.  A Uniform Substitution Calculus for Differential Dynamic Logic , 2015, CADE.

[58]  Michael G. Safonov,et al.  The unfalsified control concept and learning , 1997 .

[59]  Florian Dörfler,et al.  Attack Detection and Identification in Cyber-Physical Systems -- Part II: Centralized and Distributed Monitor Design , 2012, ArXiv.