Verification condition generation for hybrid systems

Verification condition generators (VCGs) can reduce overall correctness statements about sequential programs to verification conditions (VCs) that can then be proved independently by automatic theorem provers like SMT solvers. SMT solvers became not only more powerful in recent years in that they can now solve much bigger problems than before, they can now also solve problems of less restricted logics, for example, by covering non-linear arithmetic as required by some hybrid systems. However, there is so far still no VCG procedure that could generate VCs of hybrid programs for these SMT solvers. We therefore propose in this paper a first VCG procedure for hybrid systems that is based on induction proofs on the strongly connected components (SCCs) of the underlying state transition diagrams. Given the right invariants for a safety property, the VCs can be automatically generated for the considered hybrid system. The validity of the VCs is then independently proved by SMT solvers and implies the correctness of the considered safety property.

[1]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[2]  Thomas A. Henzinger,et al.  The theory of hybrid automata , 1996, Proceedings 11th Annual IEEE Symposium on Logic in Computer Science.

[3]  Martin Fränzle,et al.  What Will Be Eventually True of Polynomial Hybrid Automata? , 2001, TACS.

[4]  Martin Fränzle,et al.  HySAT: An efficient proof engine for bounded model checking of hybrid systems , 2007, Formal Methods Syst. Des..

[5]  Bernd Becker,et al.  Implication Graph Compression inside the SMT Solver iSAT3 , 2014, MBMV.

[6]  Krzysztof R. Apt,et al.  Ten Years of Hoare's Logic: A Survey—Part I , 1981, TOPL.

[7]  Zohar Manna,et al.  The Translation of 'Go To' Programs to 'While' Programs , 1971, IFIP Congress.

[8]  Thomas A. Henzinger,et al.  The Algorithmic Analysis of Hybrid Systems , 1995, Theor. Comput. Sci..

[9]  Thomas A. Henzinger,et al.  Modularity for Timed and Hybrid Systems , 1997, CONCUR.

[10]  Olivier Bournez,et al.  Approximate Reachability Analysis of Piecewise-Linear Dynamical Systems , 2000, HSCC.

[11]  Aarti Gupta,et al.  Formal hardware verification methods: A survey , 1992, Formal Methods Syst. Des..

[12]  Natarajan Shankar,et al.  The ICS Decision Procedures for Embedded Deduction , 2004, IJCAR.

[13]  Pieter J. Mosterman,et al.  An Overview of Hybrid Simulation Phenomena and Their Support by Simulation Packages , 1999, HSCC.

[14]  Bruce H. Krogh,et al.  Verification of Polyhedral-Invariant Hybrid Automata Using Polygonal Flow Pipe Approximations , 1999, HSCC.

[15]  Michael J. C. Gordon,et al.  Why higher-order logic is a good formalism for specifying and verifying hardware , 1985 .

[16]  André Platzer,et al.  KeYmaera: A Hybrid Theorem Prover for Hybrid Systems (System Description) , 2008, IJCAR.

[17]  Bernd Becker,et al.  Recent Improvements in the SMT Solver iSAT , 2013, MBMV.

[18]  David L. Dill,et al.  Checking Satisfiability of First-Order Formulas by Incremental Translation to SAT , 2002, CAV.

[19]  Alberto Griggio,et al.  The MathSAT5 SMT Solver , 2013, TACAS.

[20]  Edward A. Lee,et al.  Modeling Cyber–Physical Systems , 2012, Proceedings of the IEEE.

[21]  Matt Kaufmann,et al.  An ACL2 Tutorial , 2008, TPHOLs.

[22]  Ali Jadbabaie,et al.  Safety Verification of Hybrid Systems Using Barrier Certificates , 2004, HSCC.

[23]  Mark R. Greenstreet,et al.  Formal verification in hardware design: a survey , 1999, TODE.

[24]  Ashish Tiwari,et al.  HybridSAL Relational Abstracter , 2012, CAV.

[25]  Thomas A. Henzinger,et al.  HYTECH: a model checker for hybrid systems , 1997, International Journal on Software Tools for Technology Transfer.

[26]  Klaus Schneider,et al.  A hoare calculus for the verification of synchronous languages , 2012, PLPV '12.

[27]  Martin Fränzle,et al.  Efficient Solving of Large Non-linear Arithmetic Constraint Systems with Complex Boolean Structure , 2007, J. Satisf. Boolean Model. Comput..

[28]  Edmund M. Clarke,et al.  Computing Differential Invariants of Hybrid Systems as Fixedpoints , 2008, CAV.

[29]  Natarajan Shankar,et al.  PVS: A Prototype Verification System , 1992, CADE.

[30]  Robert W. Floyd,et al.  Assigning Meanings to Programs , 1993 .

[31]  Sandip Ray,et al.  Verification Condition Generation Via Theorem Proving , 2006, LPAR.

[32]  Alberto Griggio,et al.  Parameter synthesis with IC3 , 2013, 2013 Formal Methods in Computer-Aided Design.

[33]  Rajeev Alur,et al.  Counterexample-guided predicate abstraction of hybrid systems , 2003, Theor. Comput. Sci..

[34]  Antoine Girard,et al.  SpaceEx: Scalable Verification of Hybrid Systems , 2011, CAV.

[35]  You Li,et al.  BACH : Bounded ReAchability CHecker for Linear Hybrid Automata , 2008, 2008 Formal Methods in Computer-Aided Design.

[36]  Stefan Ratschan,et al.  Incremental Computation of Succinct Abstractions for Hybrid Systems , 2011, FORMATS.

[37]  Lawrence Charles Paulson,et al.  Isabelle: A Generic Theorem Prover , 1994 .

[38]  Klaus Schneider,et al.  A Uniform Approach to Three-Valued Semantics for µ-Calculus on Abstractions of Hybrid Automata , 2008, Haifa Verification Conference.

[39]  Henny B. Sipma,et al.  Constructing invariants for hybrid systems , 2008, Formal Methods Syst. Des..

[40]  Rajeev Alur,et al.  Counterexample-guided predicate abstraction of hybrid systems , 2006, Theor. Comput. Sci..

[41]  Timothy Bourke,et al.  Non-standard semantics of hybrid systems modelers , 2012, J. Comput. Syst. Sci..

[42]  Thomas A. Henzinger,et al.  A User Guide to HyTech , 1995, TACAS.

[43]  Thomas A. Henzinger,et al.  HYTECH: the next generation , 1995, Proceedings 16th IEEE Real-Time Systems Symposium.

[44]  Rajeev Alur,et al.  A Theory of Timed Automata , 1994, Theor. Comput. Sci..

[45]  Lawrence C. Paulson,et al.  MetiTarski: Past and Future , 2012, ITP.

[46]  Piergiorgio Bertoli,et al.  A SAT Based Approach for Solving Formulas over Boolean and Linear Mathematical Propositions , 2002, CADE.

[47]  David Gries,et al.  The Science of Programming , 1981, Text and Monographs in Computer Science.

[48]  Cesare Tinelli,et al.  A tour of CVC4: How it works, and how to use it , 2014, 2014 Formal Methods in Computer-Aided Design (FMCAD).

[49]  Klaus Schneider,et al.  Successive Abstractions of Hybrid Automata for Monotonic CTL Model Checking , 2007, LFCS.

[50]  Calvin C. Elgot,et al.  Structured Programming With and Without go to Statements , 1976, IEEE Transactions on Software Engineering.

[51]  Martin Fränzle,et al.  SAT Modulo ODE: A Direct SAT Approach to Hybrid Systems , 2008, ATVA.

[52]  Maria Paola Bonacina,et al.  On theorem proving for program checking: historical perspective and recent developments , 2010, PPDP.

[53]  Joël Ouaknine,et al.  Abstraction and Counterexample-Guided Refinement in Model Checking of Hybrid Systems , 2003, Int. J. Found. Comput. Sci..

[54]  André Platzer,et al.  Logical Analysis of Hybrid Systems - Proving Theorems for Complex Dynamics , 2010 .

[55]  Martin Fränzle,et al.  Efficient Proof Engines for Bounded Model Checking of Hybrid Systems , 2005, FMICS.

[56]  André Platzer,et al.  Differential-algebraic Dynamic Logic for Differential-algebraic Programs , 2010, J. Log. Comput..

[57]  Edmund M. Clarke,et al.  Delta-Decidability over the Reals , 2012, 2012 27th Annual IEEE Symposium on Logic in Computer Science.

[58]  A. Pnueli,et al.  Effective synthesis of switching controllers for linear systems , 2000, Proceedings of the IEEE.

[59]  Klaus Schneider,et al.  A uniform approach to three-valued semantics for μ-calculus on abstractions of hybrid automata , 2010, International Journal on Software Tools for Technology Transfer.

[60]  Zohar Manna,et al.  From Timed to Hybrid Systems , 1991, REX Workshop.

[61]  Edmund M. Clarke,et al.  Formal Methods: State of the Art and Future Directions Working Group Members , 1996 .

[62]  Pieter J. Mosterman,et al.  Zero-Crossing Location and Detection Algorithms For Hybrid System Simulation , 2008 .

[63]  George J. Pappas,et al.  Discrete abstractions of hybrid systems , 2000, Proceedings of the IEEE.

[64]  Alberto L. Sangiovanni-Vincentelli,et al.  Languages and Tools for Hybrid Systems Design , 2006, Found. Trends Electron. Des. Autom..

[65]  Bor-Yuh Evan Chang,et al.  Boogie: A Modular Reusable Verifier for Object-Oriented Programs , 2005, FMCO.

[66]  Andreas Bauer,et al.  Tool-support for the analysis of hybrid systems and models , 2007, 2007 Design, Automation & Test in Europe Conference & Exhibition.

[67]  Goran Frehse PHAVer: Algorithmic Verification of Hybrid Systems Past HyTech , 2005, HSCC.

[68]  Edward A. Lee,et al.  Beyond Zeno: Get on with It! , 2006, HSCC.

[69]  Goran Frehse,et al.  Compositional verification of hybrid systems using simulation relations , 2005 .

[70]  Rajeev Alur,et al.  Formal verification of hybrid systems , 2011, 2011 Proceedings of the Ninth ACM International Conference on Embedded Software (EMSOFT).

[71]  T. Henzinger,et al.  Algorithmic Analysis of Nonlinear Hybrid Systems , 1998, CAV.

[72]  Lauretta O. Osho,et al.  Axiomatic Basis for Computer Programming , 2013 .

[73]  S. Sastry,et al.  Is there life after Zeno? Taking executions past the breaking (Zeno) point , 2006, 2006 American Control Conference.

[74]  Oded Maler,et al.  Systematic Simulation Using Sensitivity Analysis , 2007, HSCC.

[75]  Kenneth L. McMillan,et al.  Interpolation and SAT-Based Model Checking , 2003, CAV.

[76]  Sumit Kumar Jha,et al.  Refining Abstractions of Hybrid Systems Using Counterexample Fragments , 2005, HSCC.

[77]  K. Rustan M. Leino Designing Verification Conditions for Software , 2007, CADE.

[78]  Pravin Varaiya,et al.  What's decidable about hybrid automata? , 1995, STOC '95.

[79]  Edmund M. Clarke,et al.  δ-Complete Decision Procedures for Satisfiability over the Reals , 2012, IJCAR.

[80]  Edmund M. Clarke,et al.  Computing differential invariants of hybrid systems as fixedpoints , 2008, Formal Methods Syst. Des..

[81]  Thomas A. Henzinger,et al.  Hybrid Automata: An Algorithmic Approach to the Specification and Verification of Hybrid Systems , 1992, Hybrid Systems.

[82]  Kerstin Bauer,et al.  A New Modelling Language for Cyber-physical Systems , 2012 .

[83]  Klaus Schneider,et al.  The Synchronous Programming Language Quartz , 2009 .