Pegasus: A Framework for Sound Continuous Invariant Generation

Continuous invariants are an important component in deductive verification of hybrid and continuous systems. Just like discrete invariants are used to reason about correctness in discrete systems without unrolling their loops forever, continuous invariants are used to reason about differential equations without having to solve them. Automatic generation of continuous invariants remains one of the biggest practical challenges to automation of formal proofs of safety in hybrid systems. There are at present many disparate methods available for generating continuous invariants; however, this wealth of diverse techniques presents a number of challenges, with different methods having different strengths and weaknesses. To address some of these challenges, we develop Pegasus: an automatic continuous invariant generator which allows for combinations of various methods, and integrate it with the KeYmaera X theorem prover for hybrid systems. We describe some of the architectural aspects of this integration, comment on its methods and challenges, and present an experimental evaluation on a suite of benchmarks.

[1]  B. Kendall Nonlinear Dynamics and Chaos , 2001 .

[2]  David A. Cox,et al.  Ideals, Varieties, and Algorithms , 1997 .

[3]  W. Böge,et al.  Quantifier Elimination for Real Closed Fields , 1985, AAECC.

[4]  Xin Chen,et al.  A Linear Programming Relaxation Based Approach for Generating Barrier Certificates of Hybrid Systems , 2016, FM.

[5]  A. Platzer,et al.  ModelPlex: verified runtime validation of verified cyber-physical system models , 2016, Formal Methods Syst. Des..

[6]  Tjark Weber,et al.  Integrating a SAT Solver with an LCF-style Theorem Prover , 2005, PDPAR@CAV.

[7]  Ashish Tiwari Generating Box Invariants , 2008, HSCC.

[8]  Ashish Tiwari,et al.  Verification and synthesis using real quantifier elimination , 2011, ISSAC '11.

[9]  Antoine Girard,et al.  SpaceEx: Scalable Verification of Hybrid Systems , 2011, CAV.

[10]  Ashish Tiwari,et al.  Series of Abstractions for Hybrid Automata , 2002, HSCC.

[11]  Sriram Sankaranarayanan,et al.  Automatic invariant generation for hybrid systems using ideal fixed points , 2010, HSCC '10.

[12]  Yumi Iwasaki,et al.  Safety Verification Proofs for Physical Systems , 1998 .

[13]  Yiu-Kwong Man,et al.  Computing Closed Form Solutions of First Order ODEs Using the Prelle-Singer Procedure , 1993, J. Symb. Comput..

[14]  André Platzer,et al.  Differential Equation Axiomatization: The Impressive Power of Differential Ghosts , 2018, LICS.

[15]  César A. Muñoz,et al.  Automated Real Proving in PVS via MetiTarski , 2014, FM.

[16]  André Platzer,et al.  VeriPhy: verified controller executables from verified cyber-physical system models , 2018, PLDI.

[17]  Nathan Fulton,et al.  KeYmaera X: An Axiomatic Tactical Theorem Prover for Hybrid Systems , 2015, CADE.

[18]  Naijun Zhan,et al.  Computing semi-algebraic invariants for polynomial dynamical systems , 2011, 2011 Proceedings of the Ninth ACM International Conference on Embedded Software (EMSOFT).

[19]  M. J. Prelle,et al.  Elementary first integrals of differential equations , 1981, SYMSAC '81.

[20]  N. Rouche,et al.  Stability Theory by Liapunov's Direct Method , 1977 .

[21]  André Platzer,et al.  A hierarchy of proof rules for checking positive invariance of algebraic and semi-algebraic sets , 2017, Comput. Lang. Syst. Struct..

[22]  André Platzer,et al.  ModelPlex: verified runtime validation of verified cyber-physical system models , 2014, Formal Methods in System Design.

[23]  Ashish Tiwari,et al.  Generating Polynomial Invariants for Hybrid Systems , 2005, HSCC.

[24]  André Platzer,et al.  Differential Dynamic Logic for Hybrid Systems , 2008, Journal of Automated Reasoning.

[25]  Matthias Althoff,et al.  ARCH-COMP18 Category Report: Continuous and Hybrid Systems with Nonlinear Dynamics , 2018, ARCH@ADHS.

[26]  Nathan Fulton,et al.  Bellerophon: Tactical Theorem Proving for Hybrid Systems , 2017, ITP.

[27]  Liyun Dai,et al.  Barrier certificates revisited , 2013, J. Symb. Comput..

[28]  G. Darboux,et al.  Mémoire sur les équations différentielles algébriques du premier ordre et du premier degré , 1878 .

[29]  A. Goriely Integrability and Nonintegrability of Dynamical Systems , 2001 .

[30]  Sriram Sankaranarayanan,et al.  Validating numerical semidefinite programming solvers for polynomial invariants , 2016, SAS.

[31]  Ali Jadbabaie,et al.  Safety Verification of Hybrid Systems Using Barrier Certificates , 2004, HSCC.

[32]  Taylor T. Johnson,et al.  Non-linear Continuous Systems for Safety Verification , 2016, ARCH@CPSWeek.

[33]  Benjamin Kuipers,et al.  Proving Properties of Continuous Systems: Qualitative Simulation and Temporal Logic , 1997, Artif. Intell..

[34]  Tjark Weber SMT solvers: new oracles for the HOL theorem prover , 2011, International Journal on Software Tools for Technology Transfer.

[35]  Lawrence C. Paulson,et al.  Deciding Univariate Polynomial Problems Using Untrusted Certificates in Isabelle/HOL , 2017, Journal of Automated Reasoning.

[36]  Bud Mishra,et al.  Algorithmic Algebra , 1993, Texts and Monographs in Computer Science.

[37]  J. Renegar Recent Progress on the Complexity of the Decision Problem for the Reals , 1990, Discrete and Computational Geometry.

[38]  André Platzer,et al.  A Method for Invariant Generation for Polynomial Continuous Systems , 2016, VMCAI.

[39]  André Platzer,et al.  KeYmaera: A Hybrid Theorem Prover for Hybrid Systems (System Description) , 2008, IJCAR.

[40]  Xiao Han,et al.  MARS: A Toolchain for Modelling, Analysis and Verification of Hybrid Systems , 2017, Provably Correct Systems.

[41]  Ashish Tiwari,et al.  Abstractions for hybrid systems , 2008, Formal Methods Syst. Des..

[42]  Feng Zhao,et al.  Extracting and Representing Qualitative Behaviors of Complex Systems in Phase Spaces , 1991, IJCAI.

[43]  Sumit Gulwani,et al.  Constraint-Based Approach for Analysis of Hybrid Systems , 2008, CAV.

[44]  Marie-Françoise Roy Basic algorithms in real algebraic geometry and their complexity: from Sturm's theorem to the existential theory of reals , 1996 .

[45]  Jacques Herbrand Recherches sur la théorie de la démonstration , 1930 .

[46]  André Platzer,et al.  Vector Barrier Certificates and Comparison Systems , 2018, FM.

[47]  Edmund M. Clarke,et al.  Computing differential invariants of hybrid systems as fixedpoints , 2008, Formal Methods Syst. Des..

[48]  Antoine Girard,et al.  Iterative computation of polyhedral invariants sets for polynomial dynamical systems , 2014, 53rd IEEE Conference on Decision and Control.

[49]  André Platzer,et al.  The Complete Proof Theory of Hybrid Systems , 2012, 2012 27th Annual IEEE Symposium on Logic in Computer Science.

[50]  Liang Zou,et al.  An Improved HHL Prover: An Interactive Theorem Prover for Hybrid Systems , 2015, ICFEM.

[51]  André Platzer,et al.  Real World Verification , 2009, CADE.

[52]  Sofiène Tahar,et al.  Integrating Abstraction Techniques for Formal Verification of Analog Designs , 2009, J. Aerosp. Comput. Inf. Commun..

[53]  Henny B. Sipma,et al.  Constructing invariants for hybrid systems , 2008, Formal Methods Syst. Des..

[54]  Bican Xia,et al.  Reachability Analysis for Solvable Dynamical Systems , 2018, IEEE Transactions on Automatic Control.

[55]  George J. Pappas,et al.  Discrete abstractions of hybrid systems , 2000, Proceedings of the IEEE.

[56]  Sascha Böhme,et al.  Fast LCF-Style Proof Reconstruction for Z3 , 2010, ITP.

[57]  George E. Collins,et al.  Quantifier elimination for real closed fields by cylindrical algebraic decomposition , 1975 .

[58]  Thomas A. Henzinger,et al.  Safety Verification of Nonlinear Hybrid Systems Based on Invariant Clusters , 2017, HSCC.

[59]  Chaochen Zhou,et al.  A Calculus for Hybrid CSP , 2010, APLAS.

[60]  Ashish Tiwari,et al.  Nonlinear Systems: Approximating Reach Sets , 2004, HSCC.

[61]  Arnaldo Vieira Moura,et al.  Generating invariants for non-linear hybrid systems , 2015, Theor. Comput. Sci..

[62]  C. M. Place Dynamical Systems: Differential Equations, Maps, and Chaotic Behaviour , 1992 .

[63]  Ashish Tiwari Approximate Reachability for Linear Systems , 2003, HSCC.

[64]  Bernhard Beckert,et al.  The KeY system 1.0 (Deduction Component) , 2007, CADE.

[65]  Sriram Sankaranarayanan,et al.  Simulation-guided lyapunov analysis for hybrid dynamical systems , 2014, HSCC.

[66]  Hui Kong,et al.  Exponential-Condition-Based Barrier Certificate Generation for Safety Verification of Hybrid Systems , 2013, CAV.

[67]  André Platzer,et al.  Characterizing Algebraic Invariants by Differential Radical Invariants , 2014, TACAS.

[68]  Gerardo Lafferriere,et al.  Symbolic Reachability Computation for Families of Linear Vector Fields , 2001, J. Symb. Comput..