Statistical verification and differential privacy in cyber-physical systems

This thesis studies the statistical verification and differential privacy in Cyber-Physical Systems. The first part focuses on the statistical verification of stochastic hybrid system, a class of formal models for Cyber-Physical Systems. Model reduction techniques are performed on both Discrete-Time and Continuous-Time Stochastic Hybrid Systems to reduce them to Discrete-Time Markov Chains and Continuous-Time Markov Chains, respectively; and statistical verification algorithms are proposed to verify Linear Inequality LTL and Metric Interval Temporal Logic on these discrete probabilistic models. In addition, the advantage of stratified sampling in verifying Probabilistic Computation Tree Logic on Labeled Discrete-Time Markov Chains is studied; this method can potentially be extended to other statistical verification algorithms to reduce computational costs. The second part focuses on the Differential Privacy in multi-agent systems that involve share information sharing to achieve overall control goals. A general formulation of the systems and a notion of Differential Privacy are proposed, and a trade-off between the Differential Privacy and the tracking performance of the systems is demonstrated. In addition, it is proved that there is a trade-off between Differential Privacy and the entropy of the unbiased estimator of the private data, and an optimal algorithm to achieve the best trade-off is given

Parameter Invariant Monitoring for Signal Temporal Logic

Signal Temporal Logic (STL) is a prominent specification formalism for real-time systems, and monitoring these specifications, specially when (for different reasons such as learning) behavior of systems can change over time, is quite important. There are three main challenges in this area: (1) full observation of system state is not possible due to noise or nuisance parameters, (2) the whole execution is not available during the monitoring, and (3) computational complexity of monitoring continuous time signals is very high. Although, each of these challenges has been addressed by different works, to the best of our knowledge, no one has addressed them all together. In this paper, we show how to extend any parameter invariant test procedure for single points in time to a parameter invariant test procedure for efficiently monitoring continuous time executions of a system against STL properties. We also show, how to extend probabilistic error guarantee of the input test procedure to a probabilistic error guarantee for the constructed test procedure

Remedies for building reliable cyber-physical systems

Cyber-physical systems (CPS) are systems that are tight integration of computer programs as controllers or cyber parts, and physical environments. The interaction is carried out by obtaining information about the physical environment through reading sensors and responding to the current knowledge through actuators. Examples of such systems are autonomous automobile systems, avionic systems, robotic systems, and medical devices. Perhaps the most common feature of all these systems is that they are all safety critical systems and failure most likely causes catastrophic consequences. This means that while testing continues to increase confidence in cyber-physical systems, formal or mathematical proofs are needed at the very least for the safety requirements of these systems. Hybrid automata is the main modeling language for cyber-physical systems. However, verifying safety properties is undecidable for all but very restricted known classes of these automata. Our first result introduces a new subclass of hybrid automata for which bounded time safety model checking problem is decidable. We also prove that unbounded time model checking for this subclass is undecidable which suggests this is the best one can hope for the new class. Our second result in this thesis is a counter-example guided abstraction refinement algorithm for unbounded time model checking of non- linear hybrid automata. Clearly, this is an undecidable problem and that is the main reason for using abstraction refinement techniques. Our CEGAR framework for this class is sound but not complete, meaning the algorithm never incorrectly says a system is safe, but may output unsafe incorrectly. We have also implemented our algorithm and compared it with seven other tools. There are multiple inherent problems with traditional model checking approaches. First, it is well-known that most models do not depict physical environments precisely. Second, the model checking problem is undecidable for most classes of hybrid automata. And third, even when model checking is decidable, controller part in most models cannot be implemented. These problems suggest that current methods of modeling cyber-physical systems and problems might not be the right ones. Our last result focuses on robust model checking of cyber-physical systems. In this part of the thesis, we focus on the implementability issue and show how to solve four different robust model checking problem for timed automata. We also introduce an optimal algorithm for robust time bounded safety model checking of monotonic rectangular automata

Computer Aided Verification

The open access two-volume set LNCS 12224 and 12225 constitutes the refereed proceedings of the 32st International Conference on Computer Aided Verification, CAV 2020, held in Los Angeles, CA, USA, in July 2020.* The 43 full papers presented together with 18 tool papers and 4 case studies, were carefully reviewed and selected from 240 submissions. The papers were organized in the following topical sections: Part I: AI verification; blockchain and Security; Concurrency; hardware verification and decision procedures; and hybrid and dynamic systems. Part II: model checking; software verification; stochastic systems; and synthesis. *The conference was held virtually due to the COVID-19 pandemic