Optimization of Lyapunov Invariants in Verification of Software Systems

The paper proposes a control-theoretic framework for verification of numerical software systems, and puts forward software verification as an important application of control and systems theory. The idea is to transfer Lyapunov functions and the associated computational techniques from control systems analysis and convex optimization to verification of various software safety and performance specifications. These include but are not limited to absence of overflow, absence of division-by-zero, termination in finite time, absence of dead-code, and certain user-specified assertions. Central to this framework are Lyapunov invariants. These are properly constructed functions of the program variables, and satisfy certain properties-analogous to those of Lyapunov functions-along the execution trace. The search for the invariants can be formulated as a convex optimization problem. If the associated optimization problem is feasible, the result is a certificate for the specification.

[1]  Thomas A. Henzinger,et al.  The Algorithmic Analysis of Hybrid Systems , 1995, Theor. Comput. Sci..

[2]  Assalé Adjé,et al.  Optimisation et jeux appliqués à l'analyse statique de programmes par interprétation abstraite. (Opimisation and games applied to static analysis by abstract interpretation) , 2011 .

[3]  Pablo A. Parrilo,et al.  Semidefinite programming relaxations for semialgebraic problems , 2003, Math. Program..

[4]  Edmund M. Clarke,et al.  Model Checking , 1999, Handbook of Automated Reasoning.

[5]  Dennis Dams,et al.  Abstract interpretation and partition refinement for model checking , 1996 .

[6]  A. Kurzhanski,et al.  Ellipsoidal Calculus for Estimation and Control , 1996 .

[7]  Stephen P. Boyd,et al.  Linear Matrix Inequalities in Systems and Control Theory , 1994 .

[8]  Paulo Tabuada,et al.  Bisimulation relations for dynamical, control, and hybrid systems , 2005, Theor. Comput. Sci..

[9]  Didier Henrion,et al.  GloptiPoly: global optimization over polynomials with Matlab and SeDuMi , 2002, Proceedings of the 41st IEEE Conference on Decision and Control, 2002..

[10]  Jérôme Feret,et al.  Static Analysis of Digital Filters , 2004, ESOP.

[11]  D. Henrion,et al.  Guest Editorial: Special Issue on Positive Polynomials in Control , 2009 .

[12]  Peter J Seiler,et al.  SOSTOOLS: Sum of squares optimization toolbox for MATLAB , 2002 .

[13]  Hanif D. Sherali,et al.  A Hierarchy of Relaxations and Convex Hull Characterizations for Mixed-integer Zero-one Programming Problems , 1994, Discret. Appl. Math..

[14]  Pablo A. Parrilo,et al.  Minimizing Polynomial Functions , 2001, Algorithmic and Quantitative Aspects of Real Algebraic Geometry in Mathematics and Computer Science.

[15]  Gerardo Lafferriere,et al.  Symbolic Reachability Computation for Families of Linear Vector Fields , 2001, J. Symb. Comput..

[16]  S. Rajamani,et al.  A decade of software model checking with SLAM , 2011, Commun. ACM.

[17]  M. Laurent Sums of Squares, Moment Matrices and Optimization Over Polynomials , 2009 .

[18]  Emilio Frazzoli,et al.  Distributed Lyapunov Functions in Analysis of Graph Models of Software , 2008, HSCC.

[19]  David P. Williamson,et al.  Improved approximation algorithms for maximum cut and satisfiability problems using semidefinite programming , 1995, JACM.

[20]  Patrick Cousot,et al.  Proving Program Invariance and Termination by Parametric Abstraction, Lagrangian Relaxation and Semidefinite Programming , 2005, VMCAI.

[21]  Y. Ye,et al.  Semidefinite programming relaxations of nonconvex quadratic optimization , 2000 .

[22]  A. Garulli,et al.  Positive Polynomials in Control , 2005 .

[23]  Patrick Cousot,et al.  Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[24]  Sharad Malik,et al.  Chaff: engineering an efficient SAT solver , 2001, Proceedings of the 38th Design Automation Conference (IEEE Cat. No.01CH37232).

[25]  M. Branicky Multiple Lyapunov functions and other analysis tools for switched and hybrid systems , 1998, IEEE Trans. Autom. Control..

[26]  A. Miné Weakly Relational Numerical Abstract Domains , 2004 .

[27]  Andreas Podelski,et al.  Termination proofs for systems code , 2006, PLDI '06.

[28]  Lori A. Clarke,et al.  Verification of communication protocols using data flow analysis , 1996, SIGSOFT '96.

[29]  Christel Baier,et al.  Model-Checking Algorithms for Continuous-Time Markov Chains , 2002, IEEE Trans. Software Eng..

[30]  Antoine Girard,et al.  Verification Using Simulation , 2006, HSCC.

[31]  George J. Pappas,et al.  A Framework for Worst-Case and Stochastic Safety Verification Using Barrier Certificates , 2007, IEEE Transactions on Automatic Control.

[32]  Fernando Paganini,et al.  IEEE Transactions on Automatic Control , 2006 .

[33]  C. Siva Ram Murthy,et al.  Resource management in real-time systems and networks , 2001 .

[34]  Rajeev Alur,et al.  Predicate abstraction for reachability analysis of hybrid systems , 2006, TECS.

[35]  Marie-Françoise Roy,et al.  Real algebraic geometry , 1992 .

[36]  John N. Tsitsiklis,et al.  Introduction to linear optimization , 1997, Athena scientific optimization and computation series.

[37]  A. Megretski Positivity of trigonometric polynomials , 2003, 42nd IEEE International Conference on Decision and Control (IEEE Cat. No.03CH37475).

[38]  A. Megretski,et al.  Convex optimization proves software correctness , 2005, Proceedings of the 2005, American Control Conference, 2005..

[39]  A. Megretski,et al.  Safety Verification of Iterative Algorithms over Polynomial Vector Fields , 2006, Proceedings of the 45th IEEE Conference on Decision and Control.

[40]  Nancy A. Lynch,et al.  The Theory of Timed I/o Automata , 2003 .

[41]  Jos F. Sturm,et al.  A Matlab toolbox for optimization over symmetric cones , 1999 .

[42]  Eric Goubault,et al.  A Policy Iteration Algorithm for Computing Fixed Points in Static Analysis of Programs , 2005, CAV.

[43]  Laurence A. Wolsey,et al.  Integer and Combinatorial Optimization , 1988 .

[44]  Antoine Miné,et al.  Relational Abstract Domains for the Detection of Floating-Point Run-Time Errors , 2004, ESOP.

[45]  J. Lofberg,et al.  YALMIP : a toolbox for modeling and optimization in MATLAB , 2004, 2004 IEEE International Conference on Robotics and Automation (IEEE Cat. No.04CH37508).

[46]  P. Olver Nonlinear Systems , 2013 .

[47]  Alexander Schrijver,et al.  Cones of Matrices and Set-Functions and 0-1 Optimization , 1991, SIAM J. Optim..

[48]  P. Parrilo Structured semidefinite programs and semialgebraic geometry methods in robustness and optimization , 2000 .

[49]  V. Borkar,et al.  A unified framework for hybrid control: model and optimal control theory , 1998, IEEE Trans. Autom. Control..

[50]  S. Shankar Sastry,et al.  Hierarchically consistent control systems , 2000, IEEE Trans. Autom. Control..

[51]  Flemming Nielson,et al.  Principles of Program Analysis , 1999, Springer Berlin Heidelberg.

[52]  George J. Vachtsevanos,et al.  Software technology for implementing reusable, distributed control systems , 2003 .

[53]  Paulo Tabuada,et al.  Approximately Bisimilar Symbolic Models for Incrementally Stable Switched Systems , 2008, IEEE Transactions on Automatic Control.

[54]  Patrick Cousot,et al.  Design and Implementation of a Special-Purpose Static Program Analyzer for Safety-Critical Real-Time Embedded Software , 2002, The Essence of Computation.

[55]  A. Rantzer,et al.  System analysis via integral quadratic constraints , 1997, IEEE Trans. Autom. Control..

[56]  A. Liapounoff,et al.  Problème général de la stabilité du mouvement , 1907 .

[57]  Somesh Jha,et al.  Verification of the Futurebus+ cache coherence protocol , 1993, Formal Methods Syst. Des..

[58]  Somesh Jha,et al.  Verification of the Futurebus+ cache coherence protocol , 1993, Formal Methods Syst. Des..

[59]  Andreas Podelski,et al.  A Complete Method for the Synthesis of Linear Ranking Functions , 2004, VMCAI.

[60]  Zohar Manna,et al.  Temporal Verification of Reactive Systems , 1995, Springer New York.

[61]  Pierre Marzin,et al.  Understanding Formal Methods , 2003, Springer London.

[62]  Ashish Tiwari,et al.  Series of Abstractions for Hybrid Automata , 2002, HSCC.

[63]  Laurence A. Wolsey,et al.  Integer and Combinatorial Optimization , 1988, Wiley interscience series in discrete mathematics and optimization.

[64]  Hermann Kopetz,et al.  Real-time systems , 2018, CSC '73.

[65]  Matthew S. Hecht,et al.  Flow Analysis of Computer Programs , 1977 .

[66]  Antonis Papachristodoulou,et al.  A Converse Sum of Squares Lyapunov Result With a Degree Bound , 2012, IEEE Transactions on Automatic Control.

[67]  Patrick Cousot,et al.  Static Analysis and Verification of Aerospace Software by Abstract Interpretation , 2010, Found. Trends Program. Lang..

[68]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[69]  Sayan Mitra,et al.  A verification framework for hybrid systems , 2007 .

[70]  T. Başar The Solution of Certain Matrix Inequalities in Automatic Control Theory , 2001 .

[71]  Ashish Tiwari,et al.  Relational Abstractions for Continuous and Hybrid Systems , 2011, CAV.

[72]  Guillaume Brat,et al.  Precise and efficient static array bound checking for large embedded C programs , 2004, PLDI '04.

[73]  Glenn Vinnicombe,et al.  Scalable Decentralized Robust Stability Certificates for Networks of Interconnected Heterogeneous Dynamical Systems , 2006, IEEE Transactions on Automatic Control.

[74]  Alberto Bemporad,et al.  Optimization-Based Verification and Stability Characterization of Piecewise Affine and Hybrid Systems , 2000, HSCC.

[75]  Didier Henrion,et al.  GloptiPoly: Global optimization over polynomials with Matlab and SeDuMi , 2003, TOMS.

[76]  Mihailo R. Jovanovic,et al.  A Passivity-Based Approach to Stability of Spatially Distributed Systems With a Cyclic Interconnection Structure , 2008, IEEE Transactions on Automatic Control.

[77]  Amir Ali Ahmadi,et al.  Non-monotonic Lyapunov functions for stability of discrete time nonlinear and switched systems , 2008, 2008 47th IEEE Conference on Decision and Control.

[78]  Zohar Manna,et al.  Temporal verification of reactive systems - safety , 1995 .

[79]  Anders Rantzer,et al.  Convex Programs for Temporal Verification of Nonlinear Dynamical Systems , 2007, SIAM J. Control. Optim..

[80]  J. Doyle,et al.  Optimization-based methods for nonlinear and hybrid systems verification , 2005 .

[81]  Anton van den Hengel,et al.  Semidefinite Programming , 2014, Computer Vision, A Reference Guide.

[82]  J. Lasserre Moments, Positive Polynomials And Their Applications , 2009 .

[83]  Benjamin C. Pierce,et al.  Types and programming languages: the next generation , 2003, 18th Annual IEEE Symposium of Logic in Computer Science, 2003. Proceedings..

[84]  Rajeev Alur,et al.  A Theory of Timed Automata , 1994, Theor. Comput. Sci..

[85]  John C. Doyle Analysis of Feedback Systems with Structured Uncertainty , 1982 .

[86]  A. Megretski Relaxations of Quadratic Programs in Operator Theory and System Analysis , 2001 .

[87]  Alberto Bemporad,et al.  Control of systems integrating logic, dynamics, and constraints , 1999, Autom..

[88]  Roger W. Brockett,et al.  Hybrid Models for Motion Control Systems , 1993 .

[89]  Mardavij Roozbehani,et al.  Certifying controls and systems software , 2007, ArXiv.

[90]  Sumit Gulwani,et al.  Control-flow refinement and progress invariants for bound analysis , 2009, PLDI '09.

[91]  Masakazu Muramatsu,et al.  SparsePOP: a Sparse Semidefinite Programming Relaxation of Polynomial Optimization Problems , 2005 .

[92]  Orna Grumberg,et al.  Model checking and modular verification , 1994, TOPL.

[93]  Patrick Cousot,et al.  Abstract Interpretation Based Formal Methods and Future Challenges , 2001, Informatics.

[94]  George J. Pappas,et al.  Approximate Bisimulations for Constrained Linear Systems , 2005, Proceedings of the 44th IEEE Conference on Decision and Control.

[95]  Jeffrey D. Ullman,et al.  Introduction to Automata Theory, Languages and Computation , 1979 .

[96]  Anders Rantzer,et al.  Computation of piecewise quadratic Lyapunov functions for hybrid systems , 1997, 1997 European Control Conference (ECC).

[97]  Randal E. Bryant,et al.  Graph-Based Algorithms for Boolean Function Manipulation , 1986, IEEE Transactions on Computers.

[98]  S. Gusev,et al.  Kalman-Popov-Yakubovich lemma and the S-procedure: A historical essay , 2006 .

[99]  S. Shankar Sastry,et al.  Hybrid Systems with Finite Bisimulations , 1997, Hybrid Systems.

[100]  Sumit Gulwani,et al.  Program analysis as constraint solving , 2008, PLDI '08.

[101]  Rajeev Alur,et al.  Reachability Analysis of Hybrid Systems via Predicate Abstraction , 2002, HSCC.

[102]  Mardavij Roozbehani,et al.  Modeling, Optimization and Computation for Software Verification , 2005, HSCC.

[103]  Eduardo Valido-Cabrera Software reliability methods , 2006 .

[104]  Eric Goubault,et al.  Static Analyses of the Precision of Floating-Point Operations , 2001, SAS.

[105]  Somesh Jha,et al.  Model Checking for Security Protocols , 1997 .