Real-Time Reachability for Verified Simplex Design

The Simplex Architecture ensures the safe use of an unverifiable complex controller by using a verified safety controller and verified switching logic. This architecture enables the safe use of high-performance, untrusted, and complex control algorithms without requiring them to be formally verified. Simplex incorporates a supervisory controller and safety controller that will take over control if the unverified logic misbehaves. The supervisory controller should (1) guarantee the system never enters and unsafe state (safety), but (2) use the complex controller as much as possible (minimize conservatism). The problem of precisely and correctly defining this switching logic has previously been considered either using a control-theoretic optimization approach, or through an offline hybrid systems reach ability computation. In this work, we prove that a combined online/offline approach, which uses aspects of the two earlier methods along with a real-time reach ability computation, also maintains safety, but with significantly less conservatism. We demonstrate the advantages of this unified approach on a saturated inverted pendulum system, where the usable region of attraction is 227% larger than the earlier approach.

[1]  John D. Schierman,et al.  Run-Time Assurance for Advanced Flight-Critical Control Systems * , 2010 .

[2]  Pravin Varaiya,et al.  What's decidable about hybrid automata? , 1995, STOC '95.

[3]  Oded Maler,et al.  Accurate hybridization of nonlinear systems , 2010, HSCC '10.

[4]  Stephen P. Boyd,et al.  Determinant Maximization with Linear Matrix Inequality Constraints , 1998, SIAM J. Matrix Anal. Appl..

[5]  Xin Chen,et al.  Toward online hybrid systems model checking of cyber-physical systems' time-bounded short-run behavior , 2011, SIGBED.

[6]  Goran Frehse,et al.  PHAVer: algorithmic verification of hybrid systems past HyTech , 2005, International Journal on Software Tools for Technology Transfer.

[7]  Marco Caccamo,et al.  Sandboxing Controllers for Cyber-Physical Systems , 2011, 2011 IEEE/ACM Second International Conference on Cyber-Physical Systems.

[8]  S. Shankar Sastry,et al.  O-Minimal Hybrid Systems , 2000, Math. Control. Signals Syst..

[9]  Stanley Zbigniew Bak Verifiable COTS-based cyber-physical systems , 2013 .

[10]  T. Dang Vérification et synthèse des systèmes hybrides , 2000 .

[11]  Thomas A. Henzinger,et al.  The Algorithmic Analysis of Hybrid Systems , 1995, Theor. Comput. Sci..

[12]  Feng Shi,et al.  Performance Evaluation of a Self-Maintained Memory Module , 2007, RTSS 2007.

[13]  Stanley Bak,et al.  Hybrid Cyberphysical System Verification with Simplex Using Discrete Abstractions , 2010, 2010 16th IEEE Real-Time and Embedded Technology and Applications Symposium.

[14]  Lui Sha,et al.  A Case Study on Analytical Analysis of the Inverted Pendulum Real-Time Control System , 1999 .

[15]  Chung Laung Liu,et al.  Scheduling Algorithms for Multiprogramming in a Hard-Real-Time Environment , 1989, JACM.

[16]  Tao Li,et al.  From Offline toward Real-Time : A Hybrid Systems Model Checking and CPS Co-Design Approach for Medical Device Plug-and-Play ( MDPnP ) , 2012 .

[17]  Kim-Chuan Toh,et al.  SDPT3 -- A Matlab Software Package for Semidefinite Programming , 1996 .

[18]  Claire J. Tomlin,et al.  Sampling-based approximation of the viability kernel for high-dimensional linear sampled-data systems , 2014, HSCC.

[19]  Marco Caccamo,et al.  S3A: secure system simplex architecture for enhanced security and robustness of cyber-physical systems , 2013, HiCoNS '13.

[20]  Oded Maler,et al.  Reachability Analysis via Face Lifting , 1998, HSCC.

[21]  Insup Lee,et al.  A Study on Run Time Assurance for Complex Cyber Physical Systems , 2013 .

[22]  Xin Chen,et al.  Taylor Model Flowpipe Construction for Non-linear Hybrid Systems , 2012, 2012 IEEE 33rd Real-Time Systems Symposium.

[23]  Kaj Madsen,et al.  Automatic Validation of Numerical Solutions , 1997 .

[24]  Jane W.-S. Liu,et al.  Imprecise Results: Utilizing Partial Comptuations in Real-Time Systems , 1987, RTSS.

[25]  Lui Sha,et al.  Using Simplicity to Control Complexity , 2001, IEEE Softw..

[26]  Johan Löfberg,et al.  YALMIP : a toolbox for modeling and optimization in MATLAB , 2004 .

[27]  Danbing Seto,et al.  Case Study: Development of a Baseline Controller for Automatic Landing of an F-16 Aircraft Using Linear Matrix Inequalities (LMIs) , 2000 .

[28]  Wang Yi,et al.  UPPAAL - a Tool Suite for Automatic Verification of Real-Time Systems , 1996, Hybrid Systems.

[29]  M. Branicky Multiple Lyapunov functions and other analysis tools for switched and hybrid systems , 1998, IEEE Trans. Autom. Control..

[30]  Tao Li,et al.  From Offline toward Real Time: A Hybrid Systems Model Checking and CPS Codesign Approach for Medical Device Plug-and-Play Collaborations , 2014, IEEE Transactions on Parallel and Distributed Systems.

[31]  Antoine Girard,et al.  SpaceEx: Scalable Verification of Hybrid Systems , 2011, CAV.

[32]  Lui Sha,et al.  The System-Level Simplex Architecture for Improved Real-Time Embedded System Safety , 2009, 2009 15th IEEE Real-Time and Embedded Technology and Applications Symposium.

[33]  Thomas A. Henzinger,et al.  HYTECH: a model checker for hybrid systems , 1997, International Journal on Software Tools for Technology Transfer.

[34]  Janan Zaytoon,et al.  Safety verification and reachability analysis for hybrid systems , 2009, Annu. Rev. Control..

[35]  Nedialko S. Nedialkov,et al.  On Taylor Model Based Integration of ODEs , 2007, SIAM J. Numer. Anal..

[36]  Stanley Bak Industrial Application of the System-Level Simplex Architecture for Real-Time Embedded System Safety , 2009 .

[37]  Rajeev Alur,et al.  A Theory of Timed Automata , 1994, Theor. Comput. Sci..