Computing Differential Invariants as Fixed Points

We introduce a fixed-point algorithm for verifying safety properties of hybrid systems with differential equations whose right-hand sides are polynomials in the state variables. In order to verify nontrivial systems without solving their differential equations and without numerical errors, we use differential induction as a continuous generalisation of induction, for which our algorithm computes the required differential invariants. As a means for combining local differential invariants into global system invariants in a sound way, our fixed-point algorithm works with differential dynamic logic as a compositional verification logic for hybrid systems. To improve the verification power, we further introduce a saturation procedure that refines the system dynamics successively by differential cuts with differential invariants until the property becomes provable. By complementing our symbolic verification algorithm with a robust version of numerical falsification, we obtain a fast and sound verification procedure. We verify roundabout manoeuvres in air traffic control and collision avoidance in train control.

[1]  Ali Jadbabaie,et al.  Safety Verification of Hybrid Systems Using Barrier Certificates , 2004, HSCC.

[2]  George J. Pappas,et al.  A Framework for Worst-Case and Stochastic Safety Verification Using Barrier Certificates , 2007, IEEE Transactions on Automatic Control.

[3]  Carla Piazza,et al.  Algorithmic Algebraic Model Checking I: Challenges from Systems Biology , 2005, CAV.

[4]  Edmund M. Clarke,et al.  Program invariants as fixedpoints , 1979, Computing.

[5]  Henny B. Sipma,et al.  Constructing invariants for hybrid systems , 2008, Formal Methods Syst. Des..

[6]  T. Henzinger The theory of hybrid automata , 1996, LICS 1996.

[7]  Enric Rodríguez-Carbonell,et al.  Generating all polynomial invariants in simple loops , 2007, J. Symb. Comput..

[8]  George E. Collins,et al.  Partial Cylindrical Algebraic Decomposition for Quantifier Elimination , 1991, J. Symb. Comput..

[9]  Mieke Massink,et al.  Modelling free flight with collision avoidance , 2001, Proceedings Seventh IEEE International Conference on Engineering of Complex Computer Systems.

[10]  S. Shankar Sastry,et al.  Conflict resolution for air traffic management: a study in multiagent hybrid systems , 1998, IEEE Trans. Autom. Control..

[11]  André Platzer,et al.  Differential-algebraic Dynamic Logic for Differential-algebraic Programs , 2010, J. Log. Comput..

[12]  Enric Rodríguez-Carbonell,et al.  Automatic generation of polynomial invariants of bounded degree using abstract interpretation , 2007, Sci. Comput. Program..

[13]  Mieke Massink,et al.  Modelling Free Flight with Collision Avoidance. : 270-280 , 2001 .

[14]  Hirokazu Anai,et al.  Reach Set Computations Using Real Quantifier Elimination , 2001, HSCC.

[15]  Simone Tini,et al.  Taylor approximation for hybrid systems , 2005, Inf. Comput..

[16]  Stefan Ratschan,et al.  Guaranteed Termination in the Verification of LTL Properties of Non-linear Robust Discrete Time Hybrid Systems , 2005, ATVA.

[17]  Ashish Tiwari,et al.  Generating Polynomial Invariants for Hybrid Systems , 2005, HSCC.

[18]  André Platzer,et al.  Differential Dynamic Logic for Hybrid Systems , 2008, Journal of Automated Reasoning.

[19]  Edmund M. Clarke,et al.  The Image Computation Problem in Hybrid Systems Model Checking , 2007, HSCC.

[20]  Gilles Dowek,et al.  Provably Safe Coordinated Strategy for Distributed Conflict Resolution , 2005 .

[21]  Enric Rodríguez-Carbonell,et al.  An Abstract Interpretation Approach for Automatic Generation of Polynomial Invariants , 2004, SAS.

[22]  André Platzer,et al.  Differential Dynamic Logic for Verifying Parametric Hybrid Systems , 2007, TABLEAUX.

[23]  George J. Pappas,et al.  Hybrid Systems: Computation and Control , 2004, Lecture Notes in Computer Science.

[24]  Inseok Hwang,et al.  Protocol-Based Conflict Resolution for Air Traffic Control , 2007 .

[25]  Anders Rantzer,et al.  Primal-dual tests for safety and reachability , 2005 .

[26]  Martin Fränzle,et al.  Analysis of Hybrid Systems: An Ounce of Realism Can Save an Infinity of States , 1999, CSL.

[27]  Antoine Girard,et al.  Reachability Analysis of Nonlinear Systems Using Conservative Approximation , 2003, HSCC.

[28]  André Platzer,et al.  KeYmaera: A Hybrid Theorem Prover for Hybrid Systems (System Description) , 2008, IJCAR.

[29]  Pablo A. Parrilo,et al.  Semidefinite programming relaxations for semialgebraic problems , 2003, Math. Program..

[30]  Sofi Stenström Differential Gröbner bases , 2002 .

[31]  Oded Maler,et al.  Systematic Simulation Using Sensitivity Analysis , 2007, HSCC.