Computational techniques for the verification of hybrid systems

Hybrid system theory lies at the intersection of the fields of engineering control theory and computer science verification. It is defined as the modeling, analysis, and control of systems that involve the interaction of both discrete state systems, represented by finite automata, and continuous state dynamics, represented by differential equations. The embedded autopilot of a modern commercial jet is a prime example of a hybrid system: the autopilot modes correspond to the application of different control laws, and the logic of mode switching is determined by the continuous state dynamics of the aircraft, as well as through interaction with the pilot. To understand the behavior of hybrid systems, to simulate, and to control these systems, theoretical advances, analyses, and numerical tools are needed. In this paper, we first present a general model for a hybrid system along with an overview of methods for verifying continuous and hybrid systems. We describe a particular verification technique for hybrid systems, based on two-person zero-sum game theory for automata and continuous dynamical systems. We then outline a numerical implementation of this technique using level set methods, and we demonstrate its use in the design and analysis of aircraft collision avoidance protocols and in verification of autopilot logic.

[1]  T. Dang Vérification et synthèse des systèmes hybrides , 2000 .

[2]  S. Osher,et al.  High-order essentially nonsocillatory schemes for Hamilton-Jacobi equations , 1990 .

[3]  Rodney Teo,et al.  Provably Safe Evasive Maneuvers against Blunders in Closely Spaced Parallel Approaches , 2001 .

[4]  Ashish Tiwari,et al.  Series of Abstractions for Hybrid Automata , 2002, HSCC.

[5]  Alberto L. Sangiovanni-Vincentelli,et al.  Hybrid Control for Automotive Engine Management: The Cut-Off Case , 1998, HSCC.

[6]  Sergio Yovine,et al.  KRONOS: a verification tool for real-time systems , 1997, International Journal on Software Tools for Technology Transfer.

[7]  Danping Peng,et al.  Weighted ENO Schemes for Hamilton-Jacobi Equations , 1999, SIAM J. Sci. Comput..

[8]  David L. Dill,et al.  The Murphi Verification System , 1996, CAV.

[9]  Thomas A. Henzinger,et al.  The theory of hybrid automata , 1996, Proceedings 11th Annual IEEE Symposium on Logic in Computer Science.

[10]  S. Osher,et al.  Algorithms Based on Hamilton-Jacobi Formulations , 1988 .

[11]  Christos G. Cassandras,et al.  Introduction to Discrete Event Systems , 1999, The Kluwer International Series on Discrete Event Dynamic Systems.

[12]  S. Sastry Nonlinear Systems: Analysis, Stability, and Control , 1999 .

[13]  John N. Tsitsiklis,et al.  On the control of discrete-event dynamical systems , 1987, 26th IEEE Conference on Decision and Control.

[14]  John Lygeros,et al.  Hierarchical, Hybrid Control of Large Scale Systems , 1996 .

[15]  Ian M. Mitchell,et al.  Integrating Projections , 1998, HSCC.

[16]  Nancy A. Lynch,et al.  Hybrid I/O automata , 1995, Inf. Comput..

[17]  Ian M. Mitchell,et al.  Reachability Analysis Using Polygonal Projections , 1999, HSCC.

[18]  Pravin Varaiya,et al.  What's decidable about hybrid automata? , 1995, STOC '95.

[19]  Thomas A. Henzinger,et al.  Hybrid Automata: An Algorithmic Approach to the Specification and Verification of Hybrid Systems , 1992, Hybrid Systems.

[20]  James Glanz,et al.  Mathematical Logic Flushes Out the Bugs in Chip Designs , 1995, Science.

[21]  Joseph Sifakis,et al.  On the Synthesis of Discrete Controllers for Timed Systems (An Extended Abstract) , 1995, STACS.

[22]  Bruce A. Francis,et al.  Feedback Control Theory , 1992 .

[23]  Alexandre M. Bayen,et al.  Hybrid verification of an interface for an automatic landing , 2002, Proceedings of the 41st IEEE Conference on Decision and Control, 2002..

[24]  J. R. Büchi,et al.  Solving sequential conditions by finite-state strategies , 1969 .

[25]  Anil Nerode,et al.  Models for Hybrid Systems: Automata, Topologies, Controllability, Observability , 1992, Hybrid Systems.

[26]  Thomas A. Henzinger,et al.  The Algorithmic Analysis of Hybrid Systems , 1995, Theor. Comput. Sci..

[27]  John Lygeros,et al.  Controlled Invariance of Discrete Time Systems , 2000, HSCC.

[28]  E. H. J Pallett,et al.  Automatic Flight Control , 1979 .

[29]  Pravin Varaiya,et al.  Decidability of Hybrid Systems with Rectangular Differential Inclusion , 1994, CAV.

[30]  Pravin Varaiya,et al.  Ellipsoidal Techniques for Reachability Analysis , 2000, HSCC.

[31]  Rufus Isaacs,et al.  Differential Games , 1965 .

[32]  Alberto Bemporad,et al.  Verification of Hybrid Systems via Mathematical Programming , 1999, HSCC.

[33]  Rodney Teo Computing danger zones for provably safe closely spaced parallel approaches: Theory and experiment , 2003 .

[34]  Jean-Pierre Aubin,et al.  Impulse differential inclusions: a viability approach to hybrid systems , 2002, IEEE Trans. Autom. Control..

[35]  H. Wong-Toi,et al.  The synthesis of controllers for linear hybrid automata , 1997, Proceedings of the 36th IEEE Conference on Decision and Control.

[36]  J. Sethian,et al.  FRONTS PROPAGATING WITH CURVATURE DEPENDENT SPEED: ALGORITHMS BASED ON HAMILTON-JACOB1 FORMULATIONS , 2003 .

[37]  B. Krogh,et al.  Approximating quotient transition systems for hybrid systems , 2000, Proceedings of the 2000 American Control Conference. ACC (IEEE Cat. No.00CH36334).

[38]  S. Shankar Sastry,et al.  Decidable Controller Synthesis for Classes of Linear Systems , 2000, HSCC.

[39]  John Lygeros,et al.  Controllers for reachability specifications for hybrid systems , 1999, Autom..

[40]  Thomas A. Henzinger,et al.  HYTECH: A Model Checker for Hybrid Systems , 1997, CAV.

[41]  Ian M. Mitchell,et al.  Overapproximating Reachable Sets by Hamilton-Jacobi Projections , 2003, J. Sci. Comput..

[42]  Alexandre M. Bayen,et al.  A construction procedure using characteristics for viscosity solutions of the Hamilton-Jacobi equation , 2001, Proceedings of the 40th IEEE Conference on Decision and Control (Cat. No.01CH37228).

[43]  Alexandre M. Bayen,et al.  Validating a Hamilton-Jacobi Approximation to Hybrid System Reachable Sets , 2001, HSCC.

[44]  Akash Deshpande,et al.  Control of hybrid systems , 1994 .

[45]  P. Souganidis,et al.  Differential Games and Representation Formulas for Solutions of Hamilton-Jacobi-Isaacs Equations. , 1983 .

[46]  Ilan Kroo,et al.  Aircraft Design: Synthesis and Analysis , 1999 .

[47]  P. Saint-Pierre,et al.  Set-Valued Numerical Analysis for Optimal Control and Differential Games , 1999 .

[48]  Rajeev Alur,et al.  A Theory of Timed Automata , 1994, Theor. Comput. Sci..

[49]  Wang Yi,et al.  Uppaal in a nutshell , 1997, International Journal on Software Tools for Technology Transfer.

[50]  Bruce H. Krogh,et al.  Verification of infinite-state dynamic systems using approximate quotient transition systems , 2001, IEEE Trans. Autom. Control..

[51]  Thomas A. Henzinger,et al.  HYTECH: a model checker for hybrid systems , 1997, International Journal on Software Tools for Technology Transfer.

[52]  Natarajan Shankar,et al.  PVS: A Prototype Verification System , 1992, CADE.

[53]  Gerard J. Holzmann,et al.  The Model Checker SPIN , 1997, IEEE Trans. Software Eng..

[54]  Asaf Degani,et al.  Modeling human-machine systems :on modes, error, and patterns of interaction , 1996 .

[55]  J. Lygeros,et al.  A game theoretic approach to controller design for hybrid systems , 2000, Proceedings of the IEEE.

[56]  A. Merz The game of two identical cars , 1972 .

[57]  Alberto Bemporad,et al.  Optimization-Based Verification and Stability Characterization of Piecewise Affine and Hybrid Systems , 2000, HSCC.

[58]  Ian M. Mitchell,et al.  Level Set Methods for Computation in Hybrid Systems , 2000, HSCC.

[59]  P. Lions,et al.  Two approximations of solutions of Hamilton-Jacobi equations , 1984 .

[60]  P. Lions,et al.  Some Properties of Viscosity Solutions of Hamilton-Jacobi Equations. , 1984 .

[61]  Roger W. Brockett,et al.  Hybrid Models for Motion Control Systems , 1993 .

[62]  Olivier Bournez,et al.  Approximate Reachability Analysis of Piecewise-Linear Dynamical Systems , 2000, HSCC.

[63]  Ronald Fedkiw,et al.  Level set methods and dynamic implicit surfaces , 2002, Applied mathematical sciences.

[64]  Stavros Tripakis,et al.  Verification of Hybrid Systems with Linear Differential Inclusions Using Ellipsoidal Approximations , 2000, HSCC.

[65]  Oded Maler,et al.  Reachability Analysis via Face Lifting , 1998, HSCC.

[66]  S. Osher,et al.  Efficient implementation of essentially non-oscillatory shock-capturing schemes,II , 1989 .

[67]  M. Bardi,et al.  Optimal Control and Viscosity Solutions of Hamilton-Jacobi-Bellman Equations , 1997 .

[68]  George J. Pappas,et al.  Hybrid control in air traffic management systems , 1995, Proceedings of 1995 34th IEEE Conference on Decision and Control.

[69]  Amir Pnueli,et al.  Symbolic Controller Synthesis for Discrete and Timed Systems , 1994, Hybrid Systems.

[70]  E. Rowland Theory of Games and Economic Behavior , 1946, Nature.

[71]  Datta N. Godbole,et al.  Addressing Multiobjective Control: Safety and Performance through Constrained Optimization , 2001, HSCC.

[72]  E. Clarke,et al.  Symbolic Model Checking : IO * ’ States and Beyond * , 1992 .

[73]  Edmund M. Clarke,et al.  Symbolic Model Checking: 10^20 States and Beyond , 1990, Inf. Comput..

[74]  Alonzo Church,et al.  Logic, arithmetic, and automata , 1962 .

[75]  W. M. Wonham,et al.  The control of discrete event systems , 1989 .

[76]  Ian M. Mitchell,et al.  Safety verification of conflict resolution manoeuvres , 2001, IEEE Trans. Intell. Transp. Syst..

[77]  James A. Sethian,et al.  Level Set Methods and Fast Marching Methods , 1999 .

[78]  Alexandre M. Bayen,et al.  Guaranteed Overapproximations of Unsafe Sets for Continuous and Hybrid Systems: Solving the Hamilton-Jacobi Equation Using Viability Techniques , 2002, HSCC.

[79]  J. Anderson,et al.  Fundamentals of Aerodynamics , 1984 .