Computing differential invariants of hybrid systems as fixedpoints

We introduce a fixedpoint algorithm for verifying safety properties of hybrid systems with differential equations whose right-hand sides are polynomials in the state variables. In order to verify nontrivial systems without solving their differential equations and without numerical errors, we use a continuous generalization of induction, for which our algorithm computes the required differential invariants. As a means for combining local differential invariants into global system invariants in a sound way, our fixedpoint algorithm works with a compositional verification logic for hybrid systems. With this compositional approach we exploit locality in system designs. To improve the verification power, we further introduce a saturation procedure that refines the system dynamics successively with differential invariants until safety becomes provable. By complementing our symbolic verification algorithm with a robust version of numerical falsification, we obtain a fast and sound verification procedure. We verify roundabout maneuvers in air traffic management and collision avoidance in train control and car control.

[1]  Melvin Fitting,et al.  First-Order Logic and Automated Theorem Proving , 1990, Graduate Texts in Computer Science.

[2]  Vaughan R. Pratt,et al.  SEMANTICAL CONSIDERATIONS ON FLOYD-HOARE LOGIC , 1976, FOCS 1976.

[3]  Martin Fränzle,et al.  Analysis of Hybrid Systems: An Ounce of Realism Can Save an Infinity of States , 1999, CSL.

[4]  George E. Collins,et al.  Partial Cylindrical Algebraic Decomposition for Quantifier Elimination , 1991, J. Symb. Comput..

[5]  Edmund M. Clarke,et al.  Program invariants as fixedpoints , 1979, Computing.

[6]  Jerzy Tiuryn,et al.  Dynamic logic , 2001, SIGA.

[7]  George J. Pappas,et al.  Hybrid Systems: Computation and Control , 2004, Lecture Notes in Computer Science.

[8]  Richard L. Mendelsohn,et al.  First-Order Modal Logic , 1998 .

[9]  André Platzer,et al.  Differential-algebraic Dynamic Logic for Differential-algebraic Programs , 2010, J. Log. Comput..

[10]  Inseok Hwang,et al.  Protocol-Based Conflict Resolution for Air Traffic Control , 2007 .

[11]  Mieke Massink,et al.  Modelling free flight with collision avoidance , 2001, Proceedings Seventh IEEE International Conference on Engineering of Complex Computer Systems.

[12]  Thomas A. Henzinger,et al.  HYTECH: A Model Checker for Hybrid Systems , 1997, CAV.

[13]  Henny B. Sipma,et al.  Constructing invariants for hybrid systems , 2004, Formal Methods Syst. Des..

[14]  Antoine Girard,et al.  Reachability Analysis of Nonlinear Systems Using Conservative Approximation , 2003, HSCC.

[15]  Manfred Morari,et al.  Hybrid Systems: Computation and Control, 8th International Workshop, HSCC 2005, Zurich, Switzerland, March 9-11, 2005, Proceedings , 2005, HSCC.

[16]  Hirokazu Anai,et al.  Reach Set Computations Using Real Quantifier Elimination , 2001, HSCC.

[17]  S. Shankar Sastry,et al.  Conflict resolution for air traffic management: a study in multiagent hybrid systems , 1998, IEEE Trans. Autom. Control..

[18]  Simone Tini,et al.  Taylor approximation for hybrid systems , 2005, Inf. Comput..

[19]  Anders Rantzer,et al.  Primal-dual tests for safety and reachability , 2005 .

[20]  Carla Piazza,et al.  Algorithmic Algebraic Model Checking I: Challenges from Systems Biology , 2005, CAV.

[21]  Hardi Hungar,et al.  Verification of cooperating traffic agents , 2006 .

[22]  Sumit Gulwani,et al.  Constraint-Based Approach for Analysis of Hybrid Systems , 2008, CAV.

[23]  Edmund M. Clarke,et al.  The Image Computation Problem in Hybrid Systems Model Checking , 2007, HSCC.

[24]  Goran Frehse PHAVer: Algorithmic Verification of Hybrid Systems Past HyTech , 2005, HSCC.

[25]  Olivier Bournez,et al.  Approximate Reachability Analysis of Piecewise-Linear Dynamical Systems , 2000, HSCC.

[26]  Yde Venema,et al.  Dynamic Logic by David Harel, Dexter Kozen and Jerzy Tiuryn. The MIT Press, Cambridge, Massachusetts. Hardback: ISBN 0–262–08289–6, $50, xv + 459 pages , 2002, Theory and Practice of Logic Programming.

[27]  Edmund M. Clarke,et al.  Computing Differential Invariants of Hybrid Systems as Fixedpoints , 2008, CAV.

[28]  André Platzer,et al.  KeYmaera: A Hybrid Theorem Prover for Hybrid Systems (System Description) , 2008, IJCAR.

[29]  Ali Jadbabaie,et al.  Safety Verification of Hybrid Systems Using Barrier Certificates , 2004, HSCC.

[30]  George J. Pappas,et al.  A Framework for Worst-Case and Stochastic Safety Verification Using Barrier Certificates , 2007, IEEE Transactions on Automatic Control.

[31]  Hscc,et al.  Hybrid systems : computation and control : 7th International Workshop, HSCC 2004, Philadelphia, PA, USA, March 25-27, 2004 : proceedings , 2004 .

[32]  César A. Muñoz,et al.  Formal Verification of an Optimal Air Traffic Conflict Resolution and Recovery Algorithm , 2007, WoLLIC.

[33]  Mieke Massink,et al.  Modelling Free Flight with Collision Avoidance. : 270-280 , 2001 .

[34]  André Platzer,et al.  Logical Verification and Systematic Parametric Analysis in Train Control , 2008, HSCC.

[35]  Bruce H. Krogh,et al.  Computational techniques for hybrid system verification , 2003, IEEE Trans. Autom. Control..

[36]  Pablo A. Parrilo,et al.  Semidefinite programming relaxations for semialgebraic problems , 2003, Math. Program..

[37]  A. Nerode,et al.  Logics for hybrid systems , 2000, Proceedings of the IEEE.

[38]  Ashish Tiwari,et al.  Generating Polynomial Invariants for Hybrid Systems , 2005, HSCC.

[39]  André Platzer,et al.  Differential Dynamic Logic for Hybrid Systems , 2008, Journal of Automated Reasoning.

[40]  Stefan Ratschan,et al.  Guaranteed Termination in the Verification of Ltl Properties of Non-linear Robust Discrete Time Hybrid Systems , 2005, Int. J. Found. Comput. Sci..

[41]  Thomas A. Henzinger,et al.  The theory of hybrid automata , 1996, Proceedings 11th Annual IEEE Symposium on Logic in Computer Science.

[42]  Oded Maler,et al.  Systematic Simulation Using Sensitivity Analysis , 2007, HSCC.

[43]  Alberto Bemporad,et al.  Hybrid systems : computation and control : 10th International Conference, HSCC 2007, Pisa, Italy, April 3-5, 2007 : proceedings , 2007 .

[44]  G. Carrà Ferro,et al.  Differential Gröbner bases in one variable and in the partial case , 1997 .

[45]  Nancy A. Lynch,et al.  High-level modeling and analysis of TCAS , 1999, Proceedings 20th IEEE Real-Time Systems Symposium (Cat. No.99CB37054).

[46]  Gilles Dowek,et al.  Provably Safe Coordinated Strategy for Distributed Conflict Resolution , 2005 .

[47]  André Platzer,et al.  Differential Dynamic Logic for Verifying Parametric Hybrid Systems , 2007, TABLEAUX.

[48]  Arjan van der Schaft,et al.  Analysis of hybrid systems , 2000 .