Forward invariant cuts to simplify proofs of safety

The use of deductive techniques, such as theorem provers, has several advantages in safety verification of hybrid systems; however, state-of-the-art theorem provers require manual intervention to handle complex systems. Furthermore, there is often a gap between the type of assistance that a theorem prover requires to make progress on a proof task and the assistance that a system designer is able to provide directly. This paper presents an extension to KeYmaera, a deductive verification tool for differential dynamic logic; the new technique allows local reasoning using system designer intuition about performance within particular modes as part of a proof task. Our approach allows the theorem prover to leverage forward invariants, discovered using numerical techniques, as part of a proof of safety. We introduce a new inference rule into the proof calculus of KeYmaera, the forward invariant cut rule, and we present a methodology to discover useful forward invariants, which are then used with the new cut rule to complete verification tasks. We demonstrate how our new approach can be used to complete verification tasks that lie out of the reach of existing automatic verification approaches using several examples, including one involving an automotive powertrain control system.

[1]  William Craig,et al.  Three uses of the Herbrand-Gentzen theorem in relating model theory and proof theory , 1957, Journal of Symbolic Logic.

[2]  Branicky [IEEE 1994 33rd IEEE Conference on Decision and Control - Lake Buena Vista, FL, USA (14-16 Dec. 1994)] Proceedings of 1994 33rd IEEE Conference on Decision and Control - Stability of switched and hybrid systems , 1994 .

[3]  G. Gentzen Untersuchungen über das logische Schließen. I , 1935 .

[4]  Sriram Sankaranarayanan,et al.  Simulation-guided lyapunov analysis for hybrid dynamical systems , 2014, HSCC.

[5]  Rupak Majumdar,et al.  Deductive control synthesis for alternating-time logics , 2014, 2014 International Conference on Embedded Software (EMSOFT).

[6]  André Platzer,et al.  Logical Analysis of Hybrid Systems - A Complete Answer to a Complexity Challenge , 2012, DCFS.

[7]  Ufuk Topcu,et al.  Local stability analysis using simulations and sum-of-squares programming , 2008, Autom..

[8]  Ali Jadbabaie,et al.  Safety Verification of Hybrid Systems Using Barrier Certificates , 2004, HSCC.

[9]  Kenneth L. McMillan,et al.  Lazy Abstraction with Interpolants , 2006, CAV.

[10]  Erika Ábrahám,et al.  Verification of hybrid systems: formalization and proof rules in PVS , 2001, Proceedings Seventh IEEE International Conference on Engineering of Complex Computer Systems.

[11]  J. Doyle,et al.  Optimization-based methods for nonlinear and hybrid systems verification , 2005 .

[12]  Pravin Varaiya,et al.  What's decidable about hybrid automata? , 1995, STOC '95.

[13]  Edmund M. Clarke,et al.  δ-Complete Decision Procedures for Satisfiability over the Reals , 2012, IJCAR.

[14]  Edmund M. Clarke,et al.  Computing differential invariants of hybrid systems as fixedpoints , 2008, Formal Methods Syst. Des..

[15]  Thomas A. Henzinger,et al.  Lazy abstraction , 2002, POPL '02.

[16]  J. Kapinski,et al.  Verifying asymptotic bounds for discrete-time sliding mode systems with disturbance inputs , 2004, Proceedings of the 2004 American Control Conference.

[17]  Anton van den Hengel,et al.  Semidefinite Programming , 2014, Computer Vision, A Reference Guide.

[18]  P. Olver Nonlinear Systems , 2013 .

[19]  James D. Meiss Differential Dynamical Systems (Monographs on Mathematical Modeling and Computation) , 2007 .

[20]  P. Parrilo Structured semidefinite programs and semialgebraic geometry methods in robustness and optimization , 2000 .

[21]  Mark R. Greenstreet,et al.  Hybrid Systems: Computation and Control , 2002, Lecture Notes in Computer Science.

[22]  Anders Rantzer,et al.  Computation of piecewise quadratic Lyapunov functions for hybrid systems , 1997, 1997 European Control Conference (ECC).

[23]  Kenneth R. Butts,et al.  Powertrain control verification benchmark , 2014, HSCC.

[24]  Antoine Girard,et al.  SpaceEx: Scalable Verification of Hybrid Systems , 2011, CAV.

[25]  M. Branicky Stability of switched and hybrid systems , 1994, Proceedings of 1994 33rd IEEE Conference on Decision and Control.

[26]  Goran Frehse,et al.  PHAVer: algorithmic verification of hybrid systems past HyTech , 2005, International Journal on Software Tools for Technology Transfer.

[27]  André Platzer,et al.  Logical Analysis of Hybrid Systems - Proving Theorems for Complex Dynamics , 2010 .

[28]  Stephen P. Boyd,et al.  Linear Matrix Inequalities in Systems and Control Theory , 1994 .

[29]  Xin Chen,et al.  Flow*: An Analyzer for Non-linear Hybrid Systems , 2013, CAV.

[30]  Stephen Prajna Barrier certificates for nonlinear model validation , 2006, Autom..

[31]  James D. Meiss,et al.  Differential dynamical systems , 2007, Mathematical modeling and computation.

[32]  Bernhard Beckert,et al.  Verification of Object-Oriented Software. The KeY Approach - Foreword by K. Rustan M. Leino , 2007, The KeY Approach.

[33]  E. Yaz Linear Matrix Inequalities In System And Control Theory , 1998, Proceedings of the IEEE.

[34]  André Platzer,et al.  The Structure of Differential Invariants and Differential Cut Elimination , 2011, Log. Methods Comput. Sci..

[35]  Erika Ábrahám,et al.  Assertion-Based Analysis of Hybrid Systems with PVS , 2001, EUROCAST.