Falsification of LTL safety properties in hybrid systems

This paper develops a novel approach for the falsification of safety properties given by a syntactically safe linear temporal logic (LTL) formula $${\phi}$$ for hybrid systems with nonlinear dynamics and input controls. When the hybrid system is unsafe, the approach computes a trajectory that indicates violation of $${\phi}$$ . The approach is based on an effective combination of model checking and motion planning. Model checking searches on-the-fly the automaton of $${\neg\phi}$$ and an abstraction of the hybrid system for a sequence σ of propositional assignments that violates $${\phi}$$ . Motion planning incrementally extends trajectories that satisfy more and more of the propositional assignments in σ. Model checking and motion planning regularly exchange information to find increasingly useful sequences σ for extending the current trajectories. Experiments that test LTL safety properties on a robot navigation benchmark modeled as a hybrid system with nonlinear dynamics and input controls demonstrate the computational efficiency of the approach. Experiments also indicate significant speedup when using minimized DFA instead of non-minimized NFA for representing $${\neg\phi}$$ .

[1]  Moshe Y. Vardi,et al.  Efficient LTL compilation for SAT-based model checking , 2005, ICCAD-2005. IEEE/ACM International Conference on Computer-Aided Design, 2005..

[2]  J. Aubin A survey of viability theory , 1990 .

[3]  Rajeev Motwani,et al.  Path planning in expansive configuration spaces , 1997, Proceedings of International Conference on Robotics and Automation.

[4]  Steven M. LaValle,et al.  Randomized Kinodynamic Planning , 1999, Proceedings 1999 IEEE International Conference on Robotics and Automation (Cat. No.99CH36288C).

[5]  Thomas A. Henzinger,et al.  The Algorithmic Analysis of Hybrid Systems , 1995, Theor. Comput. Sci..

[6]  Vijay Kumar,et al.  Adaptive RRTs for Validating Hybrid Robotic Control Systems , 2004, WAFR.

[7]  Emilio Frazzoli,et al.  Sampling-Based Resolution-Complete Algorithms for Safety Falsification of Linear Systems , 2008, HSCC.

[8]  J. Lygeros,et al.  A game theoretic approach to controller design for hybrid systems , 2000, Proceedings of the IEEE.

[9]  Steven M. LaValle,et al.  Resolution complete rapidly-exploring random trees , 2002, Proceedings 2002 IEEE International Conference on Robotics and Automation (Cat. No.02CH37292).

[10]  Howie Choset,et al.  Principles of Robot Motion: Theory, Algorithms, and Implementation ERRATA!!!! 1 , 2007 .

[11]  Rajeev Alur,et al.  Progress on Reachability Analysis of Hybrid Systems Using Predicate Abstraction , 2003, HSCC.

[12]  John N. Tsitsiklis,et al.  Complexity of stability and controllability of elementary hybrid systems , 1999, Autom..

[13]  Tarik Nahhal,et al.  Coverage-guided test generation for continuous and hybrid systems , 2009, Formal Methods Syst. Des..

[14]  Pravin Varaiya,et al.  Ellipsoidal Techniques for Reachability Analysis , 2000, HSCC.

[15]  M. Branicky,et al.  Sampling-Based Planning and Control , 2003 .

[16]  Arjan van der Schaft,et al.  Non-linear dynamical control systems , 1990 .

[17]  Stephan Merz,et al.  Model Checking , 2000 .

[18]  Calin Belta,et al.  Temporal Logic Planning and Control of Robotic Swarms by Hierarchical Abstractions , 2007, IEEE Transactions on Robotics.

[19]  Emilio Frazzoli,et al.  Incremental Search Methods for Reachability Analysis of Continuous and Hybrid Systems , 2004, HSCC.

[20]  Vijay Kumar,et al.  Accurate Event Detection for Simulating Hybrid Systems , 2001, HSCC.

[21]  Vijay Kumar,et al.  Sampling-based Falsification and Verification of Controllers for Continuous Dynamic Systems , 2008, Int. J. Robotics Res..

[22]  Orna Kupferman,et al.  Model Checking of Safety Properties , 1999, Formal Methods Syst. Des..

[23]  Ian M. Mitchell,et al.  Level Set Methods for Computation in Hybrid Systems , 2000, HSCC.

[24]  Lydia E. Kavraki,et al.  Hybrid Systems: From Verification to Falsification , 2007, CAV.

[25]  Vijay Kumar,et al.  Hierarchical modeling and analysis of embedded systems , 2003, Proc. IEEE.

[26]  A. Prasad Sistla,et al.  Safety, liveness and fairness in temporal logic , 1994, Formal Aspects of Computing.

[27]  Lydia E. Kavraki,et al.  On finding narrow passages with probabilistic roadmap planners , 1998 .

[28]  Pravin Varaiya,et al.  What's decidable about hybrid automata? , 1995, STOC '95.

[29]  Mark R. Greenstreet,et al.  Hybrid Systems: Computation and Control , 2002, Lecture Notes in Computer Science.

[30]  Michael S. Branicky,et al.  Universal Computation and Other Capabilities of Hybrid and Continuous Dynamical Systems , 1995, Theor. Comput. Sci..

[31]  Wang Yi,et al.  UPPAAL - present and future , 2001, Proceedings of the 40th IEEE Conference on Decision and Control (Cat. No.01CH37228).

[32]  Gerardo Lafferriere,et al.  Symbolic Reachability Computation for Families of Linear Vector Fields , 2001, J. Symb. Comput..

[33]  Emilio Frazzoli,et al.  Sampling-based resolution-complete safety falsification of linear hybrid systems , 2007, 2007 46th IEEE Conference on Decision and Control.

[34]  David P. Dobkin,et al.  The quickhull algorithm for convex hulls , 1996, TOMS.

[35]  Edmund M. Clarke,et al.  Counterexample-guided abstraction refinement , 2003, 10th International Symposium on Temporal Representation and Reasoning, 2003 and Fourth International Conference on Temporal Logic. Proceedings..

[36]  Alexandre M. Bayen,et al.  Computational techniques for the verification of hybrid systems , 2003, Proc. IEEE.

[37]  B. Faverjon,et al.  Probabilistic Roadmaps for Path Planning in High-Dimensional Con(cid:12)guration Spaces , 1996 .

[38]  Joshua A. Levine,et al.  Sampling-based planning, control and verification of hybrid systems , 2000 .

[39]  Lydia E. Kavraki,et al.  Motion planning for physical simulation , 2007 .

[40]  George J. Pappas,et al.  Discrete abstractions of hybrid systems , 2000, Proceedings of the IEEE.

[41]  Insup Lee,et al.  Robust Test Generation and Coverage for Hybrid Systems , 2007, HSCC.

[42]  Bruce H. Krogh,et al.  Verification of Polyhedral-Invariant Hybrid Automata Using Polygonal Flow Pipe Approximations , 1999, HSCC.

[43]  Alexandre M. Bayen,et al.  Validating a Hamilton-Jacobi Approximation to Hybrid System Reachable Sets , 2001, HSCC.

[44]  Hadas Kress-Gazit,et al.  Temporal-Logic-Based Reactive Mission and Motion Planning , 2009, IEEE Transactions on Robotics.

[45]  Vijay Kumar,et al.  An RRT-Based Algorithm for Testing and Validating Multi-Robot Controllers , 2005, Robotics: Science and Systems.

[46]  Jean-Claude Latombe,et al.  Randomized Kinodynamic Motion Planning with Moving Obstacles , 2002, Int. J. Robotics Res..

[47]  Armando Tacchella,et al.  Benefits of Bounded Model Checking at an Industrial Setting , 2001, CAV.

[48]  Lydia E. Kavraki,et al.  Path planning using lazy PRM , 2000, Proceedings 2000 ICRA. Millennium Conference. IEEE International Conference on Robotics and Automation. Symposia Proceedings (Cat. No.00CH37065).

[49]  Steven M. LaValle,et al.  On the Relationship between Classical Grid Search and Probabilistic Roadmaps , 2004, Int. J. Robotics Res..

[50]  Alexandre M. Bayen,et al.  Computational Techniques for the Verification and Control of Hybrid Systems , 2005 .

[51]  T. Henzinger,et al.  Algorithmic Analysis of Nonlinear Hybrid Systems , 1998, CAV.

[52]  Ufuk Topcu,et al.  Receding horizon temporal logic planning for dynamical systems , 2009, Proceedings of the 48h IEEE Conference on Decision and Control (CDC) held jointly with 2009 28th Chinese Control Conference.

[53]  S. LaValle Rapidly-exploring random trees : a new tool for path planning , 1998 .

[54]  Ansgar Fehnker,et al.  Benchmarks for Hybrid Systems Verification , 2004, HSCC.

[55]  George J. Pappas,et al.  Bounded Model Checking of Hybrid Dynamical Systems , 2005, Proceedings of the 44th IEEE Conference on Decision and Control.

[56]  David L. Dill,et al.  Experience with Predicate Abstraction , 1999, CAV.

[57]  Bruce H. Krogh,et al.  Computational techniques for hybrid system verification , 2003, IEEE Trans. Autom. Control..

[58]  Stefan Ratschan,et al.  Guaranteed Termination in the Verification of Ltl Properties of Non-linear Robust Discrete Time Hybrid Systems , 2005, Int. J. Found. Comput. Sci..

[59]  Gerardo Lafferriere,et al.  A New Class of Decidable Hybrid Systems , 1999, HSCC.

[60]  Stavros Tripakis,et al.  Verification of Hybrid Systems with Linear Differential Inclusions Using Ellipsoidal Approximations , 2000, HSCC.

[61]  Hassen Saïdi,et al.  Construction of Abstract State Graphs with PVS , 1997, CAV.

[62]  Timo Latvala,et al.  Efficient Model Checking of Safety Properties , 2003, SPIN.

[63]  Ian M. Mitchell,et al.  Games of Two Identical Vehicles , 2007 .

[64]  Lydia E. Kavraki,et al.  Discrete Search Leading Continuous Exploration for Kinodynamic Motion Planning , 2007, Robotics: Science and Systems.

[65]  Edmund M. Clarke,et al.  Verification Tools for Finite-State Concurrent Systems , 1993, REX School/Symposium.

[66]  Rajeev Alur,et al.  A Theory of Timed Automata , 1994, Theor. Comput. Sci..

[67]  Tarik Nahhal,et al.  Test Coverage for Continuous and Hybrid Systems , 2007, CAV.

[68]  Stavros Tripakis,et al.  The Tool KRONOS , 1996, Hybrid Systems.

[69]  Bowen Alpern,et al.  Recognizing safety and liveness , 2005, Distributed Computing.

[70]  John H. Reif,et al.  Complexity of the mover's problem and generalizations , 1979, 20th Annual Symposium on Foundations of Computer Science (sfcs 1979).

[71]  Calin Belta,et al.  Hybrid Modeling and Simulation of Biomolecular Networks , 2001, HSCC.

[72]  Rajeev Alur,et al.  Counterexample-guided predicate abstraction of hybrid systems , 2003, Theor. Comput. Sci..

[73]  Ian M. Mitchell Comparing Forward and Backward Reachability as Tools for Safety Analysis , 2007, HSCC.

[74]  Rajeev Alur,et al.  Reachability Analysis of Hybrid Systems via Predicate Abstraction , 2002, HSCC.

[75]  Steven M. LaValle,et al.  Planning algorithms , 2006 .

[76]  Hadas Kress-Gazit,et al.  Temporal Logic Motion Planning for Mobile Robots , 2005, Proceedings of the 2005 IEEE International Conference on Robotics and Automation.

[77]  Calin Belta,et al.  A Fully Automated Framework for Control of Linear Systems from Temporal Logic Specifications , 2008, IEEE Transactions on Automatic Control.

[78]  Calin Belta,et al.  Temporal Logic Analysis of Gene Networks Under Parameter Uncertainty , 2008, IEEE Transactions on Automatic Control.

[79]  Lydia E. Kavraki,et al.  Hybrid systems: from verification to falsification by combining motion planning and discrete search , 2007, CAV.

[80]  A. Merz The game of two identical cars , 1972 .

[81]  Pravin Varaiya,et al.  What's decidable about hybrid automata? , 1995, STOC '95.

[82]  J. Tsitsiklis,et al.  The boundedness of all products of a pair of matrices is undecidable , 2000 .

[83]  Joël Ouaknine,et al.  Abstraction and Counterexample-Guided Refinement in Model Checking of Hybrid Systems , 2003, Int. J. Found. Comput. Sci..

[84]  Thomas A. Henzinger,et al.  HYTECH: The Cornell HYbrid TECHnology Tool , 1994, Hybrid Systems.