Verification of liveness properties on hybrid dynamical systems

A hybrid dynamical system is a mathematical model for a part of the real world where discrete and continuous parts interact with each other. Typically such systems are complex, and it is difficult to know how they will behave for general parameters and initial conditions. However, the method of formal verification gives us the ability to prove automatically that certain behaviour does or does not happen for a range of parameters in a system. The challenge is then to define suitable methods for proving properties on hybrid systems.This thesis looks at using formal verification for proving liveness properties on hybrid systems: a liveness property says that something good eventually happens in the system. This work presents the theoretical background and practical application of various methods for proving and disproving inevitability properties (a type of liveness) in different classes of hybrid systems. The methods combine knowledge of dynamical behaviour of a system with the brute-force approach of model checking, in order to make the most of the benefits of both sides. The work on proving liveness properties is based on abstraction of dynamical systems to timed automata. This thesis explores the limits of a pre-defined abstraction method, adds some dynamical knowledge to the method, and shows that this improvement makes liveness properties provable in certain continuous dynamical systems. The limits are then pushed further to see how this method can be used for piecewise-continuous dynamical systems. The resulting algorithms are implemented for both classes of systems.In order to disprove liveness properties in hybrid systems a novel framework is proposed, using a new property called deadness. Deadness is a dynamically-aware property of the hybrid system which, if true, disproves the liveness property by means of a finite execution: we usually require an infinite execution to disprove a liveness property. An algorithm is proposed which uses dynamical properties of hybrid systems to derive deadness properties automatically, and the implementation of this algorithm is discussed and applied to a simplified model of an oilwell drillstring.

[1]  Stefan Ratschan,et al.  Providing a Basin of Attraction to a Target Region of Polynomial Systems by Computation of Lyapunov-Like Functions , 2010, SIAM J. Control. Optim..

[2]  Nicolas Halbwachs,et al.  Verification of Linear Hybrid Systems by Means of Convex Approximations , 1994, SAS.

[3]  Ron Koymans,et al.  Specifying real-time properties with metric temporal logic , 1990, Real-Time Systems.

[4]  Ashish Tiwari,et al.  Nonlinear Systems: Approximating Reach Sets , 2004, HSCC.

[5]  Janan Zaytoon,et al.  On the formal verification of hybrid systems , 2004 .

[6]  Pravin Varaiya,et al.  Decidability of Hybrid Systems with Rectangular Differential Inclusion , 1994, CAV.

[7]  Peter J Seiler,et al.  SOSTOOLS and its control applications , 2005 .

[8]  Johannes Schumacher,et al.  An Introduction to Hybrid Dynamical Systems, Springer Lecture Notes in Control and Information Sciences 251 , 1999 .

[9]  Antoine Girard,et al.  Approximate simulation Relations for Hybrid Systems , 2006, ADHS.

[10]  Edmund M. Clarke,et al.  Characterizing Correctness Properties of Parallel Programs Using Fixpoints , 1980, ICALP.

[11]  Sayan Mitra,et al.  Lyapunov abstractions for inevitability of hybrid systems , 2012, HSCC '12.

[12]  Ashish Tiwari,et al.  Series of Abstractions for Hybrid Automata , 2002, HSCC.

[13]  C. Tomlin,et al.  Symbolic reachable set computation of piecewise affine hybrid automata and its application to biological modelling: Delta-Notch protein signalling. , 2004, Systems biology.

[14]  Reinhart Heinrich,et al.  Mathematical models of protein kinase signal transduction. , 2002, Molecular cell.

[15]  Joël Ouaknine,et al.  On the decidability of metric temporal logic , 2005, 20th Annual IEEE Symposium on Logic in Computer Science (LICS' 05).

[16]  Thomas A. Henzinger,et al.  Prooving Safety Properties of Hybrid Systems , 1994, FTRTFT.

[17]  John Guckenheimer Computing Periodic Orbits , 2001 .

[18]  Stavros Tripakis,et al.  Analysis of Timed Systems Using Time-Abstracting Bisimulations , 2001, Formal Methods Syst. Des..

[19]  Rafael Wisniewski,et al.  Compositional safety analysis using barrier certificates , 2012, HSCC '12.

[20]  Eva M. Navarro-López,et al.  Hybrid automata: an insight into the discrete abstraction of discontinuous systems , 2011, Int. J. Syst. Sci..

[21]  Ian M. Mitchell,et al.  Level Set Methods for Computation in Hybrid Systems , 2000, HSCC.

[22]  Thomas A. Henzinger,et al.  Lazy abstraction , 2002, POPL '02.

[23]  Hassen Saïdi,et al.  Construction of Abstract State Graphs with PVS , 1997, CAV.

[24]  Roberto Segala,et al.  Modeling and verification of randomized distributed real-time systems , 1996 .

[25]  Klaus Schneider,et al.  Successive Abstractions of Hybrid Automata for Monotonic CTL Model Checking , 2007, LFCS.

[26]  Sofiène Tahar,et al.  Formal verification of analog designs using MetiTarski , 2009, 2009 Formal Methods in Computer-Aided Design.

[27]  Hossein Mokhtari,et al.  Global hybrid modeling and control of a buck converter: A novel concept , 2009, Int. J. Circuit Theory Appl..

[28]  Leslie Lamport,et al.  Proving Liveness Properties of Concurrent Programs , 1982, TOPL.

[29]  Christos G. Cassandras,et al.  Introduction to Discrete Event Systems , 1999, The Kluwer International Series on Discrete Event Dynamic Systems.

[30]  Domingo Cortes,et al.  Avoiding harmful oscillations in a drillstring through dynamical analysis , 2007 .

[31]  Wassim M. Haddad,et al.  Dissipativity theory and stability of feedback interconnections for hybrid dynamical systems , 2000, Proceedings of the 2000 American Control Conference. ACC (IEEE Cat. No.00CH36334).

[32]  Daniel Liberzon,et al.  Common Lyapunov functions for families of commuting nonlinear systems , 2005, Syst. Control. Lett..

[33]  Joseph Sifakis,et al.  Using Abstractions for the Verification of Linear Hybrid Systems , 1994, CAV.

[34]  S. Shankar Sastry,et al.  Conflict resolution for air traffic management: a study in multiagent hybrid systems , 1998, IEEE Trans. Autom. Control..

[35]  Lawrence Flon,et al.  The Total Correctness of Parallel Programs , 1981, SIAM J. Comput..

[36]  Marta Z. Kwiatkowska,et al.  PRISM 4.0: Verification of Probabilistic Real-Time Systems , 2011, CAV.

[37]  Natarajan Shankar,et al.  PVS: A Prototype Verification System , 1992, CADE.

[38]  Fred Kröger,et al.  Temporal Logic of Programs , 1987, EATCS Monographs on Theoretical Computer Science.

[39]  Vadim I. Utkin,et al.  Sliding Modes in Control and Optimization , 1992, Communications and Control Engineering Series.

[40]  Thomas A. Henzinger,et al.  Beyond HYTECH: Hybrid Systems Analysis Using Interval Numerical Methods , 2000, HSCC.

[41]  Leslie Lamport,et al.  Proving the Correctness of Multiprocess Programs , 1977, IEEE Transactions on Software Engineering.

[42]  A. Prasad Sistla,et al.  Symmetry and model checking , 1993, Formal Methods Syst. Des..

[43]  Panos J. Antsaklis,et al.  Timed Petri Nets in Hybrid Systems: Stability and Supervisory Control , 1998, Discret. Event Dyn. Syst..

[44]  R. Decarlo,et al.  Perspectives and results on the stability and stabilizability of hybrid systems , 2000, Proceedings of the IEEE.

[45]  Oded Maler,et al.  Approximating Continuous Systems by Timed Automata , 2008, FMSB.

[46]  Oliver E. Theel,et al.  Decompositional Construction of Lyapunov Functions for Hybrid Systems , 2009, HSCC.

[47]  Thomas A. Henzinger,et al.  Symbolic Model Checking for Real-Time Systems , 1994, Inf. Comput..

[48]  M. Egerstedt,et al.  On the regularization of Zeno hybrid automata , 1999 .

[49]  Claire J. Tomlin,et al.  An algorithm for reachability computations on hybrid automata models of protein signaling networks , 2004, 2004 43rd IEEE Conference on Decision and Control (CDC) (IEEE Cat. No.04CH37601).

[50]  Ian M. Mitchell Comparing Forward and Backward Reachability as Tools for Safety Analysis , 2007, HSCC.

[51]  André Platzer,et al.  Logical Analysis of Hybrid Systems - Proving Theorems for Complex Dynamics , 2010 .

[52]  Thomas A. Henzinger,et al.  The theory of hybrid automata , 1996, Proceedings 11th Annual IEEE Symposium on Logic in Computer Science.

[53]  Arjan van der Schaft,et al.  Compositional analysis for linear control systems , 2010, HSCC '10.

[54]  Henny B. Sipma,et al.  Deductive Verification of Hybrid Systems Using STeP , 1998, HSCC.

[55]  André Platzer,et al.  KeYmaera: A Hybrid Theorem Prover for Hybrid Systems (System Description) , 2008, IJCAR.

[56]  A. M. Lyapunov The general problem of the stability of motion , 1992 .

[57]  Thomas A. Henzinger,et al.  Towards Refining Temporal Specifications into Hybrid Systems , 1992, Hybrid Systems.

[58]  S. Pettersson,et al.  Stability and robustness for hybrid systems , 1996, Proceedings of 35th IEEE Conference on Decision and Control.

[59]  Marta Z. Kwiatkowska,et al.  Symbolic model checking for probabilistic timed automata , 2007, Inf. Comput..

[60]  S. Hammarling Numerical Solution of the Stable, Non-negative Definite Lyapunov Equation , 1982 .

[61]  Nancy A. Lynch,et al.  Liveness in Timed and Untimed Systems , 1998, Inf. Comput..

[62]  Antoine Girard,et al.  Verification of Safety and Liveness Properties of Metric Transition Systems , 2012, TECS.

[63]  V. S. Varadarajan Introduction to Calculus and Classical Analysis , 2009 .

[64]  Pravin Varaiya,et al.  What's decidable about hybrid automata? , 1995, STOC '95.

[65]  Michael D. Lemmon,et al.  Lyapunov Stability of Continuous-Valued Systems under the Supervision of Discrete-Event Transition Systems , 1998, HSCC.

[66]  Panos J. Antsaklis,et al.  An invariant‐based approach to the design of hybrid control systems , 2001 .

[67]  Ali Jadbabaie,et al.  Safety Verification of Hybrid Systems Using Barrier Certificates , 2004, HSCC.

[68]  George J. Pappas,et al.  A Framework for Worst-Case and Stochastic Safety Verification Using Barrier Certificates , 2007, IEEE Transactions on Automatic Control.

[69]  A. Morse,et al.  Basic problems in stability and design of switched systems , 1999 .

[70]  G. F. Simmons Differential Equations With Applications and Historical Notes , 1972 .

[71]  Andreas Podelski,et al.  Model Checking of Hybrid Systems: From Reachability Towards Stability , 2006, HSCC.

[72]  María M. Seron,et al.  Componentwise ultimate bound and invariant set computation for switched linear systems , 2010, Autom..

[73]  Sayan Mitra,et al.  Abstraction Refinement for Stability , 2011, 2011 IEEE/ACM Second International Conference on Cyber-Physical Systems.

[74]  Sayan Mitra,et al.  A verification framework for hybrid systems , 2007 .

[75]  T. Henzinger,et al.  Algorithmic Analysis of Nonlinear Hybrid Systems , 1998, CAV.

[76]  Thomas A. Henzinger,et al.  HYTECH: a model checker for hybrid systems , 1997, International Journal on Software Tools for Technology Transfer.

[77]  Felix Klaedtke,et al.  Language-Based Abstraction Refinement for Hybrid System Verification , 2007, VMCAI.

[78]  André Platzer,et al.  Differential-algebraic Dynamic Logic for Differential-algebraic Programs , 2010, J. Log. Comput..

[79]  David R. Lester,et al.  The world's shortest correct exact real arithmetic program? , 2012, Inf. Comput..

[80]  Patrice Godefroid,et al.  Partial-Order Methods for the Verification of Concurrent Systems , 1996, Lecture Notes in Computer Science.

[81]  Stefan Kowalewski,et al.  Introduction to the Analysis and Verification of Hybrid Systems , 2002 .

[82]  E. Kindler Safety and Liveness Properties: A Survey , 2007 .

[83]  Sriram Sankaranarayanan,et al.  Automatic invariant generation for hybrid systems using ideal fixed points , 2010, HSCC '10.

[84]  Stefan Ratschan,et al.  Verification-Integrated Falsification of non-Deterministic Hybrid Systems , 2006, ADHS.

[85]  Nicanor Quijano,et al.  A polynomial approach for stability analysis of switched systems , 2010, Syst. Control. Lett..

[86]  Andrey V. Savkin,et al.  Qualitative Theory of Hybrid Dynamical Systems , 2012 .

[87]  E. Allen Emerson,et al.  The Beginning of Model Checking: A Personal Perspective , 2008, 25 Years of Model Checking.

[88]  Lars Grüne,et al.  Subdivision Techniques for the Computation of Domains of Attractions and Reachable Sets , 2001 .

[89]  Shouchuan Hu Differential equations with discontinuous right-hand sides☆ , 1991 .

[90]  Leslie Lamport,et al.  The temporal logic of actions , 1994, TOPL.

[91]  A.R. Teel,et al.  Hybrid Dynamical Systems: Robust Stability and Control , 2006, 2007 Chinese Control Conference.

[92]  Thomas A. Henzinger,et al.  Hybrid Automata with Finite Bisimulatioins , 1995, ICALP.

[93]  Rafael Wisniewski,et al.  Complete Abstractions of Dynamical Systems by Timed Automata , 2013 .

[94]  Nedialko S. Nedialkov,et al.  Computing reachable sets for uncertain nonlinear hybrid systems using interval constraint propagation techniques , 2009, ADHS.

[95]  Andreas Podelski,et al.  Composing Stability Proofs for Hybrid Systems , 2011, FORMATS.

[96]  Stefan Ratschan,et al.  Safety Verification of Hybrid Systems by Constraint Propagation Based Abstraction Refinement , 2005, HSCC.

[97]  Goran Frehse PHAVer: Algorithmic Verification of Hybrid Systems Past HyTech , 2005, HSCC.

[98]  Rafael Wisniewski,et al.  Verification of continuous dynamical systems by timed automata , 2011, Formal Methods Syst. Des..

[99]  Paulo Tabuada,et al.  Verification and Control of Hybrid Systems - A Symbolic Approach , 2009 .

[100]  Slawomir Lasota,et al.  Alternating timed automata , 2005, TOCL.

[101]  A. Michel,et al.  Stability theory for hybrid dynamical systems , 1998, IEEE Trans. Autom. Control..

[102]  Eva M. Navarro-López,et al.  Hybrid modelling of a discontinuous dynamical system including switching control , 2009 .

[103]  Alexandre M. Bayen,et al.  Computational techniques for the verification of hybrid systems , 2003, Proc. IEEE.

[104]  Jeffrey D. Ullman,et al.  Introduction to Automata Theory, Languages and Computation , 1979 .

[105]  Andreas Podelski,et al.  A method and a tool for automatic veriication of region stability for hybrid systems , 2007 .

[106]  O. Stursberg,et al.  On the Generation of Timed Discrete Approximations for Continuous Systems , 2000 .

[107]  David R. Lester,et al.  Using PVS to validate the algorithms of an exact arithmetic , 2003, Theor. Comput. Sci..

[108]  Kuo-Chung Tai Kuo-Chung Tai Definitions and Detection of Deadlock, Livelock, and Starvation in Concurrent Programs , 1994, 1994 Internatonal Conference on Parallel Processing Vol. 2.

[109]  Jun Zhao,et al.  Dissipativity Theory for Switched Systems , 2005, CDC 2005.

[110]  Martin Fränzle,et al.  Efficient Solving of Large Non-linear Arithmetic Constraint Systems with Complex Boolean Structure , 2007, J. Satisf. Boolean Model. Comput..

[111]  Hiromasa Haneda,et al.  Computer generated Lyapunov functions for a class of nonlinear systems , 1993 .

[112]  Andreas Podelski,et al.  Region Stability Proofs for Hybrid Systems , 2007, FORMATS.

[113]  Stephen P. Boyd,et al.  A Polynomial-time Algorithm for Determining Quadratic Lyapunov Functions for Nonlinear Systems , 1993 .

[114]  Anders Rantzer,et al.  Computation of piecewise quadratic Lyapunov functions for hybrid systems , 1997, 1997 European Control Conference (ECC).