Model-Checking and Game theory for Synthesis of Safety Rules

Ensuring that safety requirements are respected is a critical issue for the deployment of hazardous and complex reactive systems. We consider a separate safety channel, called a monitor, that is able to partially observe the system and to trigger safety-ensuring actuations. We address the issue of correctly specifying such a monitor with respect to safety and liveness requirements. Two safety requirement synthesis programs are presented and compared. Based on a formal model of the system and its hazards, they compute a monitor behavior that ensures system safety without unduly compromising system liveness. The first program uses the model-checker NuSMV to check safety requirements. These requirements are automatically generated by a branch-and-bound algorithm. Based on a game theory approach, the second program uses the TIGA extension of UPPAAL to synthesize safety requirements, starting from an appropriately reformulated representation of the problem.

[1]  Thomas A. Henzinger,et al.  MOCHA: Modularity in Model Checking , 1998, CAV.

[2]  Gerard J. Holzmann,et al.  The Model Checker SPIN , 1997, IEEE Trans. Software Eng..

[3]  Axel Graser,et al.  Building a safe care-providing robot , 2011, 2011 IEEE International Conference on Rehabilitation Robotics.

[4]  P. Ramadge,et al.  Supervisory control of a class of discrete event processes , 1987 .

[5]  Marco Pistore,et al.  NuSMV 2: An OpenSource Tool for Symbolic Model Checking , 2002, CAV.

[6]  Hadas Kress-Gazit,et al.  Temporal-Logic-Based Reactive Mission and Motion Planning , 2009, IEEE Transactions on Robotics.

[7]  Kim G. Larsen,et al.  UPPAAL-Tiga: Time for Playing Games! , 2007, CAV.

[8]  A. Pnueli,et al.  CONTROLLER SYNTHESIS FOR TIMED AUTOMATA , 2006 .

[9]  David Powell,et al.  Specifying safety monitors for autonomous systems , 2013 .

[10]  S. Smith,et al.  Functional Safety Of Programmable Electronic Systems , 1990 .

[11]  Martin Leucker,et al.  A brief account of runtime verification , 2009, J. Log. Algebraic Methods Program..

[12]  R. Malik,et al.  Supremica - An integrated environment for verification, synthesis and simulation of discrete event systems , 2006, 2006 8th International Workshop on Discrete Event Systems.

[13]  Matthieu Roy,et al.  Safety Trigger Conditions for Critical Autonomous Systems , 2012, 2012 IEEE 18th Pacific Rim International Symposium on Dependable Computing.

[14]  Wang Yi,et al.  UPPAAL - a Tool Suite for Automatic Verification of Real-Time Systems , 1996, Hybrid Systems.

[15]  Joseph Sifakis,et al.  Controller Synthesis for Timed Automata 1 , 1998 .

[16]  Paulo Tabuada,et al.  Pessoa 2.0: a controller synthesis tool for cyber-physical systems , 2011, HSCC '11.

[17]  Andrew McLennan,et al.  Gambit: Software Tools for Game Theory , 2006 .