Model checking in-the-loop: Finding counterexamples by systematic simulation

Model checkers for program verification have enjoyed considerable success in recent years. In the control systems domain, however, they suffer from an inability to account for the physical environment. For control systems, simulation is the most widely used approach for validating system designs. We present a new technique for finding counterexamples that uses a software model checker to perform a systematic simulation of the software implementation of a controller coupled with a continuous plant. Instead of performing a large set of independent simulations, our approach uses the model checking notion of state-space exploration by piecing together numerical simulations of the plant and transitions of the controller. Our implementation of this technique uses an explicit-state source-code model checker to analyze the software and the MATLAB/Simulink environment to model and simulate the plant. We present an illustrative example involving a supervisory controller for an unmanned aerial vehicle (UAV). We show that our technique is able to detect an error in the controller design.

[1]  Klaus D. Müller-Glaser,et al.  Multiparadigm modeling in embedded systems design , 2004, IEEE Transactions on Control Systems Technology.

[2]  Olaf Stursberg,et al.  Verification of logic controllers for continuous plants using timed condition/event-system models , 1999, Autom..

[3]  Klaus Havelund,et al.  Model Checking Programs , 2004, Automated Software Engineering.

[4]  Thomas A. Henzinger,et al.  The theory of hybrid automata , 1996, Proceedings 11th Annual IEEE Symposium on Logic in Computer Science.

[5]  Sriram K. Rajamani,et al.  Bebop: A Symbolic Model Checker for Boolean Programs , 2000, SPIN.

[6]  Claire J. Tomlin,et al.  Quadrotor Helicopter Flight Dynamics and Control: Theory and Experiment , 2007 .

[7]  Joseph Sifakis,et al.  Specification and verification of concurrent systems in CESAR , 1982, Symposium on Programming.

[8]  Edmund M. Clarke,et al.  Model Checking , 1999, Handbook of Automated Reasoning.

[9]  Olaf Stursberg,et al.  Verification of Logic Controllers for Continuous Plants , 1999 .

[10]  Thomas A. Henzinger,et al.  Lazy abstraction , 2002, POPL '02.

[11]  Bruce H. Krogh,et al.  Verification of infinite-state dynamic systems using approximate quotient transition systems , 2001, IEEE Trans. Autom. Control..

[12]  Alex Groce,et al.  Modular verification of software components in C , 2003, 25th International Conference on Software Engineering, 2003. Proceedings..

[13]  Stavros Tripakis,et al.  Verification of Hybrid Systems with Linear Differential Inclusions Using Ellipsoidal Approximations , 2000, HSCC.