Differential Dynamic Logic for Hybrid Systems

Hybrid systems are models for complex physical systems and are defined as dynamical systems with interacting discrete transitions and continuous evolutions along differential equations. With the goal of developing a theoretical and practical foundation for deductive verification of hybrid systems, we introduce a dynamic logic for hybrid programs, which is a program notation for hybrid systems. As a verification technique that is suitable for automation, we introduce a free variable proof calculus with a novel combination of real-valued free variables and Skolemisation for lifting quantifier elimination for real arithmetic to dynamic logic. The calculus is compositional, i.e., it reduces properties of hybrid programs to properties of their parts. Our main result proves that this calculus axiomatises the transition behaviour of hybrid systems completely relative to differential equations. In a case study with cooperating traffic agents of the European Train Control System, we further show that our calculus is well-suited for verifying realistic hybrid systems with parametric system dynamics.

[1]  Thomas A. Henzinger,et al.  The Algorithmic Analysis of Hybrid Systems , 1995, Theor. Comput. Sci..

[2]  Carla Piazza,et al.  Algorithmic Algebraic Model Checking II: Decidability of Semi-algebraic Model Checking and Its Applications to Systems Biology , 2005, ATVA.

[3]  P. Hartman Ordinary Differential Equations , 1965 .

[4]  Michael S. Branicky,et al.  Universal Computation and Other Capabilities of Hybrid and Continuous Dynamical Systems , 1995, Theor. Comput. Sci..

[5]  Kaisa Sere,et al.  Hybrid action systems , 2003, Theor. Comput. Sci..

[6]  André Platzer,et al.  Differential Dynamic Logic for Verifying Parametric Hybrid Systems , 2007, TABLEAUX.

[7]  Stephen A. Cook,et al.  Soundness and Completeness of an Axiom System for Program Verification , 1978, SIAM J. Comput..

[8]  Hscc Hybrid systems : computation and control : 6th International Workshop, HSCC 2003, Prague, Czech Republic, April 3-5, 2003 : proceedings , 2003 .

[9]  Cesare Tinelli,et al.  Cooperation of Background Reasoners in Theory Reasoning by Residue Sharing , 2003, Journal of Automated Reasoning.

[10]  Fred Kröger,et al.  Temporal Logic of Programs , 1987, EATCS Monographs on Theoretical Computer Science.

[11]  Anders Rantzer,et al.  Primal-dual tests for safety and reachability , 2005 .

[12]  André Platzer,et al.  Combining Deduction and Algebraic Constraints for Hybrid System Analysis , 2007, VERIFY.

[13]  Thomas A. Henzinger,et al.  Symbolic Model Checking for Real-Time Systems , 1994, Inf. Comput..

[14]  William C. Rounds,et al.  A Spatial Logic for the Hybrid p-Calculus , 2004, HSCC.

[15]  André Platzer,et al.  A Temporal Dynamic Logic for Verifying Hybrid System Invariants , 2007, LFCS.

[16]  Jerzy Tiuryn,et al.  Dynamic logic , 2001, SIGA.

[17]  Henny B. Sipma,et al.  Deductive Verification of Hybrid Systems Using STeP , 1998, HSCC.

[18]  Stephan Merz,et al.  Model Checking , 2000 .

[19]  Ernst-Rüdiger Olderog,et al.  Automating Verification of Cooperation, Control, and Design in Traffic Applications , 2007, Formal Methods and Hybrid Real-Time Systems.

[20]  L. Pontryagin,et al.  Ordinary differential equations , 1964 .

[21]  Bruce H. Krogh,et al.  Computational techniques for hybrid system verification , 2003, IEEE Trans. Autom. Control..

[22]  Martin Fränzle,et al.  Analysis of Hybrid Systems: An Ounce of Realism Can Save an Infinity of States , 1999, CSL.

[23]  L. Perko Differential Equations and Dynamical Systems , 1991 .

[24]  Bernhard Beckert Equality and Other Theories , 1999 .

[25]  Edmund M. Clarke,et al.  Using Branching Time Temporal Logic to Synthesize Synchronization Skeletons , 1982, Sci. Comput. Program..

[26]  Anders P. Ravn,et al.  An Extended Duration Calculus for Hybrid Real-Time Systems , 1992, Hybrid Systems.

[27]  Amir Pnueli,et al.  Hybrid systems : computation and control : 6th International Workshop, HSCC 2003, Prague, Czech Republic, April 3-5, 2003 : proceedings , 2003 .

[28]  Vaughan R. Pratt,et al.  SEMANTICAL CONSIDERATIONS ON FLOYD-HOARE LOGIC , 1976, FOCS 1976.

[29]  Zohar Manna,et al.  Verification of clocked and hybrid systems , 2000, Acta Informatica.

[30]  Martin Giese,et al.  Incremental Closure of Free Variable Tableaux , 2001, IJCAR.

[31]  A. Nerode,et al.  Logics for hybrid systems , 2000, Proceedings of the IEEE.

[32]  Erika Ábrahám,et al.  Verification of hybrid systems: formalization and proof rules in PVS , 2001, Proceedings Seventh IEEE International Conference on Engineering of Complex Computer Systems.

[33]  Daniel S. Graça,et al.  Computability with polynomial differential equations , 2008, Adv. Appl. Math..

[34]  Michael S. Branicky,et al.  Studies in hybrid systems: modeling, analysis, and control , 1996 .

[35]  Claude Kirchner,et al.  Theorem Proving Modulo , 2003, Journal of Automated Reasoning.

[36]  Thomas A. Henzinger,et al.  The theory of hybrid automata , 1996, Proceedings 11th Annual IEEE Symposium on Logic in Computer Science.

[37]  L. Tavernini Differential automata and their discrete simulators , 1987 .

[38]  Hardi Hungar,et al.  Verification of cooperating traffic agents , 2006 .

[39]  Gerardo Lafferriere,et al.  A New Class of Decidable Hybrid Systems , 1999, HSCC.

[40]  Hirokazu Anai,et al.  Reach Set Computations Using Real Quantifier Elimination , 2001, HSCC.

[41]  He Jifeng,et al.  From CSP to hybrid systems , 1994 .

[42]  Richard L. Mendelsohn,et al.  First-Order Modal Logic , 1998 .

[43]  Bernhard Beckert,et al.  Verification of Object-Oriented Software. The KeY Approach - Foreword by K. Rustan M. Leino , 2007, The KeY Approach.

[44]  Zohar Manna,et al.  Proving termination with multiset orderings , 1979, CACM.

[45]  Joël Ouaknine,et al.  Abstraction and Counterexample-Guided Refinement in Model Checking of Hybrid Systems , 2003, Int. J. Found. Comput. Sci..

[46]  Leo F. Boron,et al.  Introduction to topological dynamics , 1975 .

[47]  M. Fitting First-order logic and automated theorem proving (2nd ed.) , 1996 .

[48]  Ashish Tiwari Approximate Reachability for Linear Systems , 2003, HSCC.

[49]  Antoine Girard,et al.  Reachability Analysis of Nonlinear Systems Using Conservative Approximation , 2003, HSCC.

[50]  V. Borkar,et al.  A unified framework for hybrid control: model and optimal control theory , 1998, IEEE Trans. Autom. Control..

[51]  Jörg H. Siekmann,et al.  Deduction in the Verification Support Environment (VSE) , 1996, FME.

[52]  Edmund M. Clarke,et al.  The Image Computation Problem in Hybrid Systems Model Checking , 2007, HSCC.

[53]  Goran Frehse PHAVer: Algorithmic Verification of Hybrid Systems Past HyTech , 2005, HSCC.

[54]  Michał Morayne On differentiability of Peano type functions , 1987 .

[55]  G. Sacks A DECISION METHOD FOR ELEMENTARY ALGEBRA AND GEOMETRY , 2003 .

[56]  Melvin Fitting,et al.  First-Order Logic and Automated Theorem Proving , 1990, Graduate Texts in Computer Science.

[57]  Bernhard Beckert,et al.  Dynamic logic with non-rigid functions a basis for object-oriented program verification , 2006 .

[58]  George E. Collins,et al.  Partial Cylindrical Algebraic Decomposition for Quantifier Elimination , 1991, J. Symb. Comput..

[59]  Jennifer M. Davoren,et al.  On Hybrid Systems and the Modal µ-calculus , 1997, Hybrid Systems.

[60]  David Harel,et al.  First-Order Dynamic Logic , 1979, Lecture Notes in Computer Science.

[61]  Joseph Y. Halpern,et al.  “Sometimes” and “not never” revisited: on branching versus linear time temporal logic , 1986, JACM.

[62]  Anders P. Ravn,et al.  A Formal Description of Hybrid Systems , 1996, Hybrid Systems.

[63]  Peter H. Schmitt,et al.  The liberalized δ-rule in free variable semantic tableaux , 2004, Journal of Automated Reasoning.

[64]  K. Gödel Über formal unentscheidbare Sätze der Principia Mathematica und verwandter Systeme I , 1931 .