CLSE: Closed-Loop Symbolic Execution

We present CLSE, a closed-loop symbolic execution engine for control system implementations. CLSE takes as input the description of a physical plant represented by a system of linear ordinary differential equations, the software implementation and execution frequency for a discrete-time controller that senses and actuates the plant, and a time horizon, and symbolically executes the closed-loop system --the combination of the plant and the controller-- up to the time horizon. The execution helps capture the bounded-time dynamics of the system in terms of the finite sequences of the plant's sampled state-sets and symbolic control inputs. We show the use of CLSE in symbolic execution of a set of control systems benchmarks. Using the symbolic execution engine, we also build a robustness analysis tool which computes the maximum deviation of the states of the plant due to measurement uncertainties in the controller up to the time horizon.

[1]  A. Tiwari Formal Semantics and Analysis Methods for Simulink Stateflow Models , 2001 .

[2]  Brian Campbell,et al.  Amortised Memory Analysis Using the Depth of Data Structures , 2009, ESOP.

[3]  B.H. Krogh,et al.  Model checking in-the-loop: Finding counterexamples by systematic simulation , 2008, 2008 American Control Conference.

[4]  Thomas A. Henzinger,et al.  The Algorithmic Analysis of Hybrid Systems , 1995, Theor. Comput. Sci..

[5]  Koushik Sen,et al.  DART: directed automated random testing , 2005, PLDI '05.

[6]  Patrick Cousot,et al.  A static analyzer for large safety-critical software , 2003, PLDI '03.

[7]  Rupak Majumdar,et al.  Testing for buffer overflows with length abstraction , 2008, ISSTA '08.

[8]  Rupak Majumdar,et al.  Symbolic Robustness Analysis , 2009, 2009 30th IEEE Real-Time Systems Symposium.

[9]  Klaus Havelund Formal Approaches to Software Testing and Runtime Verification, First Combined International Workshops, FATES 2006 and RV 2006, Seattle, WA, USA, August 15-16, 2006, Revised Selected Papers , 2006, FATES/RV.

[10]  Patrick Cousot,et al.  Integrating Physical Systems in the Static Analysis of Embedded Control Software , 2005, APLAS.

[11]  Paulo Tabuada,et al.  Automatic verification of control system implementations , 2010, EMSOFT '10.

[12]  Eric Goubault,et al.  Static Analysis of the Accuracy in Control Systems: Principles and Experiments , 2007, FMICS.

[13]  Oded Maler,et al.  Computing reachable states for nonlinear biological models , 2009, Theor. Comput. Sci..

[14]  George J. Pappas,et al.  Robustness of Temporal Logic Specifications , 2006, FATES/RV.

[15]  Sriram Sankaranarayanan,et al.  Generating and Analyzing Symbolic Traces of Simulink/Stateflow Models , 2009, CAV.

[16]  Marco Caccamo,et al.  A step towards verification and synthesis from simulink/stateflow models , 2011, HSCC '11.

[17]  E Feron,et al.  From Control Systems to Control Software , 2010, IEEE Control Systems.

[18]  U.T. Jonsson,et al.  A MATLAB toolbox for robustness analysis , 2004, 2004 IEEE International Conference on Robotics and Automation (IEEE Cat. No.04CH37508).

[19]  Ian Stark,et al.  The Continuous pi-Calculus: A Process Algebra for Biochemical Modelling , 2008, CMSB.

[20]  Oded Maler,et al.  Hybrid and Real-Time Systems , 1997 .

[21]  Gabor Karsai,et al.  Model Based Analysis and Test Generation for Flight Software , 2009, 2009 Third IEEE International Conference on Space Mission Challenges for Information Technology.

[22]  Thomas A. Henzinger,et al.  HYTECH: a model checker for hybrid systems , 1997, International Journal on Software Tools for Technology Transfer.

[23]  Rajeev Alur,et al.  Symbolic analysis for improving simulation coverage of Simulink/Stateflow models , 2008, EMSOFT '08.

[24]  J. Doyle,et al.  Essentials of Robust Control , 1997 .

[25]  E. Feron,et al.  Robust hybrid control for autonomous vehicle motion planning , 2000, Proceedings of the 39th IEEE Conference on Decision and Control (Cat. No.00CH37187).

[26]  Koushik Sen,et al.  CUTE: a concolic unit testing engine for C , 2005, ESEC/FSE-13.

[27]  Eric Goubault,et al.  HybridFluctuat: A Static Analyzer of Numerical Programs within a Continuous Environment , 2009, CAV.

[28]  B. Anderson,et al.  Digital control of dynamic systems , 1981, IEEE Transactions on Acoustics, Speech, and Signal Processing.

[29]  Sumit Gulwani,et al.  Proving programs robust , 2011, ESEC/FSE '11.

[30]  Thomas A. Henzinger,et al.  Robust Timed Automata , 1997, HART.

[31]  Antoine Girard,et al.  SpaceEx: Scalable Verification of Hybrid Systems , 2011, CAV.

[32]  A. Girard,et al.  Reachability analysis of linear systems using support functions , 2010 .

[33]  Matthieu Martel,et al.  Some future challenges in the validation of control systems , 2006 .

[34]  Sriram Sankaranarayanan,et al.  Robustness of Model-Based Simulations , 2009, 2009 30th IEEE Real-Time Systems Symposium.

[35]  François E. Cellier,et al.  Computer Aided Control Systems Design , 1983, ESC.