Proving the Correctness of the Implementation of a Control-Command Algorithm

In this article, we study the interactions between a control-command program and its physical environment via sensors and actuators. We are interested in finding invariants on the continuous trajectories of the physical values that the program is supposed to control. The invariants we are looking for are periodic sequences of intervals that are abstractions of the values read by the program. To compute them, we first build octrees that abstract the impact of the program on its environment. Then, we compute a period of the abstract periodic sequence and we finally define the values of this sequence as the fixpoint of a monotone map. We present a prototype analyzer that computes such invariants for C programs using a simple specification language for describing the continuous environment. It shows good results on classical benchmarks for hybrid systems verification.

[1]  Thomas A. Henzinger,et al.  Reachability Verification for Hybrid Automata , 1998, HSCC.

[2]  John B. Shoven,et al.  I , Edinburgh Medical and Surgical Journal.

[3]  Eric Goubault,et al.  Static Analysis of Numerical Algorithms , 2006, SAS.

[4]  Emden R. Gansner,et al.  A C++ data model supporting reachability analysis and dead code detection , 1997, ESEC '97/FSE-5.

[5]  Thomas A. Henzinger,et al.  Hybrid Systems: Computation and Control , 1998, Lecture Notes in Computer Science.

[6]  Thomas A. Henzinger,et al.  The theory of hybrid automata , 1996, Proceedings 11th Annual IEEE Symposium on Logic in Computer Science.

[7]  O. Bouissou,et al.  GRKLib: a Guaranteed Runge Kutta Library , 2006, 12th GAMM - IMACS International Symposium on Scientific Computing, Computer Arithmetic and Validated Numerics (SCAN 2006).

[8]  Andreas Podelski,et al.  Proving that programs eventually do something good , 2007, POPL '07.

[9]  João Pedro Hespanha,et al.  Uniform stability of switched linear systems: extensions of LaSalle's Invariance Principle , 2004, IEEE Transactions on Automatic Control.

[10]  O. Bouissou,et al.  A Hybrid Denotational Semantics for Hybrid Systems – Extended Version , 2017 .

[11]  Panos J. Antsaklis,et al.  Hybrid Systems V , 1999, Lecture Notes in Computer Science.

[12]  Antoine Girard,et al.  Zonotope/Hyperplane Intersection for Hybrid Systems Reachability Analysis , 2008, HSCC.

[13]  Wolfram Luther,et al.  Numerical Software with Result Verification , 2004, Lecture Notes in Computer Science.

[14]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[15]  Kousha Etessami,et al.  Analysis of Recursive Game Graphs Using Data Flow Equations , 2004, VMCAI.

[16]  Sriram Sankaranarayanan,et al.  Static Analysis in Disjunctive Numerical Domains , 2006, SAS.

[17]  Charles Hymans,et al.  Newspeak, Doubleplussimple Minilang for Goodthinkful Static Analysis of C EADS IW/SE Technical Note 2008-IW-SE-00010-1 , 2008 .

[18]  Nedialko S. Nedialkov,et al.  Validated solutions of initial value problems for ordinary differential equations , 1999, Appl. Math. Comput..

[19]  Matthieu Martel,et al.  Abstract Interpretation of the Physical Inputs of Embedded Programs , 2008, VMCAI.

[20]  Robert Shorten,et al.  A Numerical Technique for Stability Analysis of Linear Switched Systems , 2004, HSCC.

[21]  Daniel Liberzon,et al.  Switching in Systems and Control , 2003, Systems & Control: Foundations & Applications.

[22]  Stefan Kowalewski,et al.  An Evaluation of two Recent Reachability Analysis Tools for Hybrid Systems , 2006, ADHS.

[23]  Ansgar Fehnker,et al.  Benchmarks for Hybrid Systems Verification , 2004, HSCC.

[24]  Henrik Theiling,et al.  Reliable and Precise WCET Determination for a Real-Life Processor , 2001, EMSOFT.

[25]  Andreas Podelski,et al.  Termination proofs for systems code , 2006, PLDI '06.

[26]  Brian Campbell,et al.  Amortised Memory Analysis Using the Depth of Data Structures , 2009, ESOP.

[27]  Thomas A. Henzinger,et al.  Proving non-termination , 2008, POPL '08.

[28]  Goran Frehse PHAVer: Algorithmic Verification of Hybrid Systems Past HyTech , 2005, HSCC.

[29]  Nacim Meslem,et al.  Reachability of Uncertain Nonlinear Systems Using a Nonlinear Hybridization , 2008, HSCC.

[30]  Patrick Cousot,et al.  A static analyzer for large safety-critical software , 2003, PLDI.

[31]  Mehdi Jazayeri,et al.  Software Engineering — ESEC/FSE'97 , 1997, Lecture Notes in Computer Science.

[32]  Olaf Stursberg,et al.  A Case Study in Tool-Aided Analysis of Discretely Controlled Continuous Systems: The Two Tanks Problem , 1997, Hybrid Systems.

[33]  Eric Goubault,et al.  Static Analysis-Based Validation of Floating-Point Computations , 2003, Numerical Software with Result Verification.

[34]  Richard M. Murray,et al.  Periodically Controlled Hybrid Systems , 2009, HSCC.

[35]  Paulo Sérgio Cugnasca,et al.  Checking Safe Trajectories of Aircraft Using Hybrid Automata , 2002, SAFECOMP.

[36]  Patrick Cousot,et al.  Abstract Interpretation Frameworks , 1992, J. Log. Comput..