Formal Modelling, Analysis and Verification of Hybrid Systems

Hybrid systems is a mathematical model of embedded systems, and has been widely used in the design of complex embedded systems. In this chapter, we will introduce our systematic approach to formal modelling, analysis and verification of hybrid systems. In our framework, a hybrid system is modelled using Hybird CSP HCSP, and specified and reasoned about by Hybrid Hoare Logic HHL, which is an extension of Hoare logic to hybrid systems. For deductive verification of hybrid systems, a complete approach to generating polynomial invariants for polynomial hybrid systems is proposed; meanwhile, a theorem prover for HHL that can provide tool support for the verification has been implemented. We give some case studies from real world, for instance, Chinese High-Speed Train Control System at Level 3 CTCS-3. In addition, based on our invariant generation approach, we consider how to synthesize a switching logic for a considered hybrid system by reduction to constraint solving, to meet a given safety, liveness, optimality requirement, or any of their combinations. We also discuss other issues of hybrid systems, e.g., stability analysis.

[1]  Lu Yang,et al.  Recent Advances on Determining the Number of Real Roots of Parametric Polynomials , 1999, J. Symb. Comput..

[2]  Robert W. Floyd,et al.  Assigning Meanings to Programs , 1993 .

[3]  P. Naur Proof of algorithms by general snapshots , 1966 .

[4]  Nikolaj Bjørner,et al.  Z3: An Efficient SMT Solver , 2008, TACAS.

[5]  Chaochen Zhou,et al.  Recent advances in program verification through computer algebra , 2009, Frontiers of Computer Science in China.

[6]  Ashish Tiwari,et al.  Synthesis of optimal switching logic for hybrid systems , 2011, 2011 Proceedings of the Ninth ACM International Conference on Embedded Software (EMSOFT).

[7]  George J. Pappas,et al.  Probabilistic testing for stochastic hybrid systems , 2008, 2008 47th IEEE Conference on Decision and Control.

[8]  C. A. R. Hoare,et al.  A Calculus of Durations , 1991, Inf. Process. Lett..

[9]  Thomas A. Henzinger,et al.  Modularity for Timed and Hybrid Systems , 1997, CONCUR.

[10]  Tobias Nipkow,et al.  Certifying Machine Code Safety: Shallow Versus Deep Embedding , 2004, TPHOLs.

[11]  Joseph Sifakis,et al.  An Approach to the Description and Analysis of Hybrid Systems , 1992, Hybrid Systems.

[12]  S. Shankar Sastry,et al.  Mode Switching Synthesis for Reachability Specifications , 2001, HSCC.

[13]  Zhou Chaochen,et al.  Duration Calculus: A Formal Approach to Real-Time Systems , 2004 .

[14]  Thomas Marthedal Rasmussen,et al.  Interval logic. Proof theory and theorem proving , 2002 .

[15]  Sriram Sankaranarayanan,et al.  Automatic invariant generation for hybrid systems using ideal fixed points , 2010, HSCC '10.

[16]  Edward A. Lee,et al.  Taming heterogeneity - the Ptolemy approach , 2003, Proc. IEEE.

[17]  Anders P. Ravn,et al.  A Formal Description of Hybrid Systems , 1996, Hybrid Systems.

[18]  Ali Jadbabaie,et al.  Safety Verification of Hybrid Systems Using Barrier Certificates , 2004, HSCC.

[19]  George J. Pappas,et al.  A Framework for Worst-Case and Stochastic Safety Verification Using Barrier Certificates , 2007, IEEE Transactions on Automatic Control.

[20]  George J. Pappas,et al.  Approximate bisimulation for a class of stochastic hybrid systems , 2006, 2006 American Control Conference.

[21]  Rajeev Alur,et al.  Predicate abstraction for reachability analysis of hybrid systems , 2006, TECS.

[22]  Stefan Ratschan,et al.  Safety Verification of Hybrid Systems by Constraint Propagation Based Abstraction Refinement , 2005, HSCC.

[23]  Robert Shorten,et al.  Stability Criteria for Switched and Hybrid Systems , 2007, SIAM Rev..

[24]  Henny B. Sipma,et al.  Constructing invariants for hybrid systems , 2004, Formal Methods Syst. Des..

[25]  Antoine Girard,et al.  Controller synthesis for safety and reachability via approximate bisimulation , 2010, Autom..

[26]  Edmund M. Clarke,et al.  Design and Synthesis of Synchronization Skeletons Using Branching-Time Temporal Logic , 1981, Logic of Programs.

[27]  David A. Cox,et al.  Ideals, Varieties, and Algorithms: An Introduction to Computational Algebraic Geometry and Commutative Algebra, 3/e (Undergraduate Texts in Mathematics) , 2007 .

[28]  Brian Campbell,et al.  Amortised Memory Analysis Using the Depth of Data Structures , 2009, ESOP.

[29]  Frits W. Vaandrager,et al.  Automata Learning through Counterexample Guided Abstraction Refinement , 2012, FM.

[30]  Deepak Kapur,et al.  A "Hybrid" Approach for Synthesizing Optimal Controllers of Hybrid Systems: A Case Study of the Oil Pump Industrial Example , 2012, FM.

[31]  Ana Cavalcanti,et al.  FM 2009: Formal Methods, Second World Congress, Eindhoven, The Netherlands, November 2-6, 2009. Proceedings , 2009, FM.

[32]  Mohamed Nassim Seghir,et al.  A Lightweight Approach for Loop Summarization , 2011, ATVA.

[33]  Bruce H. Krogh,et al.  Verification of Polyhedral-Invariant Hybrid Automata Using Polygonal Flow Pipe Approximations , 1999, HSCC.

[34]  A. Pnueli,et al.  Effective synthesis of switching controllers for linear systems , 2000, Proceedings of the IEEE.

[35]  C. Rattray,et al.  Specification and Verification of Concurrent Systems , 1990, Workshops in Computing.

[36]  C. A. R. HOARE,et al.  An axiomatic basis for computer programming , 1969, CACM.

[37]  G. Sacks A DECISION METHOD FOR ELEMENTARY ALGEBRA AND GEOMETRY , 2003 .

[38]  Michael Golomb,et al.  Ordinary Differential Equations.@@@Differential Equations. , 1952 .

[39]  Yinghua Chen,et al.  Generating Polynomial Invariants with DISCOVERER and QEPCAD , 2007, Formal Methods and Hybrid Real-Time Systems.

[40]  Stefan Ratschan,et al.  Guaranteed Termination in the Verification of LTL Properties of Non-linear Robust Discrete Time Hybrid Systems , 2005, ATVA.

[41]  David A. Cox,et al.  Ideals, Varieties, and Algorithms , 1997 .

[42]  Nancy A. Lynch,et al.  Hybrid I/O automata , 1995, Inf. Comput..

[43]  M. Branicky Stability of switched and hybrid systems , 1994, Proceedings of 1994 33rd IEEE Conference on Decision and Control.

[44]  Rajeev Alur,et al.  Formal verification of hybrid systems , 2011, 2011 Proceedings of the Ninth ACM International Conference on Embedded Software (EMSOFT).

[45]  Marco Bozzano,et al.  Verifying Industrial Hybrid Systems with MathSAT , 2005, BMC@CAV.

[46]  Erwin Engeler,et al.  Logic of Programs , 1981, Lecture Notes in Computer Science.

[47]  J. Lygeros,et al.  A game theoretic approach to controller design for hybrid systems , 2000, Proceedings of the IEEE.

[48]  R. Decarlo,et al.  Perspectives and results on the stability and stabilizability of hybrid systems , 2000, Proceedings of the IEEE.

[49]  Joseph Sifakis,et al.  Specification and verification of concurrent systems in CESAR , 1982, Symposium on Programming.

[50]  Robert L. Grossman,et al.  Timed Automata , 1999, CAV.

[51]  Natarajan Shankar,et al.  Towards a Duration Calculus Proof Assistant in PVS , 1994, FTRTFT.

[52]  Pravin Varaiya,et al.  What's decidable about hybrid automata? , 1995, STOC '95.

[53]  Naijun Zhan,et al.  An Assume/Guarantee Based Compositional Calculus for Hybrid CSP , 2012, TAMC.

[54]  Yassine Lakhnech,et al.  A Transformational Approach for Generating Non-linear Invariants , 2000, SAS.

[55]  Rajeev Alur,et al.  Counterexample-guided predicate abstraction of hybrid systems , 2006, Theor. Comput. Sci..

[56]  Ashish Tiwari,et al.  Switching logic synthesis for reachability , 2010, EMSOFT '10.

[57]  Lijun Zhang,et al.  Measurability and safety verification for stochastic hybrid systems , 2011, HSCC '11.

[58]  Thomas A. Henzinger,et al.  The Algorithmic Analysis of Hybrid Systems , 1995, Theor. Comput. Sci..

[59]  Zohar Manna,et al.  From Timed to Hybrid Systems , 1991, REX Workshop.

[60]  Michael R. Hansen,et al.  Duration Calculus: A Formal Approach to Real-Time Systems (Monographs in Theoretical Computer Science. an Eatcs Seris) , 2004 .

[61]  Deepak Kapur,et al.  Synthesizing Switching Controllers for Hybrid Systems by Continuous Invariant Generation , 2013, ArXiv.

[62]  Thomas A. Henzinger,et al.  Automatic symbolic verification of embedded systems , 1993, 1993 Proceedings Real-Time Systems Symposium.

[63]  Kim G. Larsen,et al.  Automatic Synthesis of Robust and Optimal Controllers - An Industrial Case Study , 2009, HSCC.

[64]  Kousha Etessami,et al.  Analysis of Recursive Game Graphs Using Data Flow Equations , 2004, VMCAI.

[65]  He Jifeng,et al.  From CSP to hybrid systems , 1994 .

[66]  André Platzer,et al.  Differential-algebraic Dynamic Logic for Differential-algebraic Programs , 2010, J. Log. Comput..

[67]  Rajeev Alur,et al.  A Temporal Logic of Nested Calls and Returns , 2004, TACAS.

[68]  Henny B. Sipma,et al.  Linear Invariant Generation Using Non-linear Constraint Solving , 2003, CAV.

[69]  Harold R. Parks,et al.  A Primer of Real Analytic Functions , 1992 .

[70]  Zohar Manna,et al.  Verifying Hybrid Systems , 1992, Hybrid Systems.

[71]  Vijay Kumar,et al.  Hierarchical modeling and analysis of embedded systems , 2003, Proc. IEEE.

[72]  Chaochen Zhou,et al.  A Calculus for Hybrid CSP , 2010, APLAS.

[73]  Thomas A. Henzinger,et al.  The Embedded Systems Design Challenge , 2006, FM.

[74]  Thomas A. Henzinger,et al.  Hybrid Systems III , 1995, Lecture Notes in Computer Science.

[75]  Gerardo Lafferriere,et al.  Symbolic Reachability Computation for Families of Linear Vector Fields , 2001, J. Symb. Comput..

[76]  David Aspinall,et al.  Formalising Java's Data Race Free Guarantee , 2007, TPHOLs.

[77]  Olaf Stursberg,et al.  Verification of Hybrid Systems Based on Counterexample-Guided Abstraction Refinement , 2003, TACAS.

[78]  Pravin Varaiya,et al.  Decidability of Hybrid Systems with Rectangular Differential Inclusion , 1994, CAV.

[79]  P. Hartman Ordinary Differential Equations , 1965 .

[80]  Pravin Varaiya,et al.  SHIFT: A Formalism and a Programming Language for Dynamic Networks of Hybrid Automata , 1996, Hybrid Systems.

[81]  Deepak Kapur,et al.  Synthesizing Controllers for Hybrid Systems , 1997, HART.

[82]  J. Doyle,et al.  Optimization-based methods for nonlinear and hybrid systems verification , 2005 .

[83]  Oded Maler,et al.  Hybrid and Real-Time Systems , 1997 .

[84]  Alan Bundy,et al.  Constructing Induction Rules for Deductive Synthesis Proofs , 2006, CLASE.

[85]  Jim Woodcock,et al.  Formal Methods and Hybrid Real-Time Systems, Essays in Honor of Dines Bjørner and Chaochen Zhou on the Occasion of Their 70th Birthdays, Papers presented at a Symposium held in Macao, China, September 24-25, 2007 , 2007, Formal Methods and Hybrid Real-Time Systems.

[86]  Deepak Kapur Automatically Generating Loop Invariants Using Quantifier Elimination , 2005, Deduction and Applications.

[87]  Olivier Bournez,et al.  Approximate Reachability Analysis of Piecewise-Linear Dynamical Systems , 2000, HSCC.

[88]  Naijun Zhan,et al.  Automatically Discovering Relaxed Lyapunov Functions for Polynomial Dynamical Systems , 2011, Math. Comput. Sci..

[89]  Naijun Zhan,et al.  Computing semi-algebraic invariants for polynomial dynamical systems , 2011, 2011 Proceedings of the Ninth ACM International Conference on Embedded Software (EMSOFT).

[90]  Rajeev Alur,et al.  A Theory of Timed Automata , 1994, Theor. Comput. Sci..

[91]  Joost-Pieter Katoen,et al.  A probabilistic extension of UML statecharts: Specification and Verification. , 2002 .

[92]  Claire J. Tomlin,et al.  Robust reach-avoid controller synthesis for switched nonlinear systems , 2010, 49th IEEE Conference on Decision and Control (CDC).

[93]  Peter Baumgartner,et al.  Deduction and applications , 2006 .

[94]  Sumit Gulwani,et al.  Synthesizing switching logic using constraint solving , 2010, International Journal on Software Tools for Technology Transfer.

[95]  T. Henzinger,et al.  Algorithmic Analysis of Nonlinear Hybrid Systems , 1998, CAV.

[96]  Ashish Tiwari,et al.  Deductive Verification of Continuous Dynamical Systems , 2009, FSTTCS.

[97]  Martin Fränzle,et al.  Engineering constraint solvers for automatic analysis of probabilistic hybrid automata , 2010, J. Log. Algebraic Methods Program..

[98]  Christopher W. Brown QEPCAD B: a program for computing with semi-algebraic sets using CADs , 2003, SIGS.

[99]  M. Branicky Multiple Lyapunov functions and other analysis tools for switched and hybrid systems , 1998, IEEE Trans. Autom. Control..

[100]  Edmund M. Clarke,et al.  Computing differential invariants of hybrid systems as fixedpoints , 2008, Formal Methods Syst. Des..

[101]  Thomas A. Henzinger,et al.  Hybrid Automata: An Algorithmic Approach to the Specification and Verification of Hybrid Systems , 1992, Hybrid Systems.

[102]  Henny B. Sipma,et al.  Non-linear loop invariant generation using Gröbner bases , 2004, POPL.

[103]  Tobias Nipkow,et al.  FM 2006: Formal Methods, 14th International Symposium on Formal Methods, Hamilton, Canada, August 21-27, 2006, Proceedings , 2006, FM.

[104]  Edmund M. Clarke,et al.  Formal Verification of Curved Flight Collision Avoidance Maneuvers: A Case Study , 2009, FM.

[105]  Thomas A. Henzinger,et al.  Hybrid Systems: Computation and Control , 1998, Lecture Notes in Computer Science.

[106]  Thomas A. Henzinger,et al.  The theory of hybrid automata , 1996, Proceedings 11th Annual IEEE Symposium on Logic in Computer Science.

[107]  Bican Xia,et al.  DISCOVERER: a tool for solving semi-algebraic systems , 2007, ACCA.

[108]  Antoni Mazurkiewicz,et al.  CONCUR '97: Concurrency Theory , 1997, Lecture Notes in Computer Science.

[109]  Panos J. Antsaklis,et al.  Hybrid Systems IV , 1997, Lecture Notes in Computer Science.

[110]  Ugo Montanari,et al.  International Symposium on Programming , 1982, Lecture Notes in Computer Science.

[111]  Richard J. Boulton,et al.  Experience with Embedding Hardware Description Languages in HOL , 1992, TPCD.

[112]  Tao Tang,et al.  Verifying Chinese Train Control System under a Combined Scenario by Theorem Proving , 2013, VSTTE.

[113]  Bican Xia,et al.  Real Solution Classification for Parametric Semi-Algebraic Systems , 2005, Algorithmic Algebra and Logic.

[114]  Grzegorz Rozenberg,et al.  Real-Time: Theory in Practice: Rex Workshop, Mook, the Netherlands, June 3-7, 1991: Proceedings , 1992 .