Enhancing Temporal Logic Falsification of Cyber-Physical Systems using multiple objective functions and a new optimization method

Cyber-physical systems (CPSs) are engineering systems that bridge the cyber-world of communications and computing with the physical world. These systems are usually safety-critical and exhibit both discrete and continuous dynamics that may have complex behavior. Typically, these systems have to satisfy given specifications, i.e., properties that define the valid behavior. One commonly used approach to evaluate the correctness of CPSs is testing. The main aim of testing is to detect if there are situations that may falsify the specifications.\ua0For many industrial applications, it is only possible to simulate the system under test because mathematical models do not exist, thus formal verification is not a viable option. Falsification is a strategy that can be used for testing CPSs as long as the system can be simulated and formal specifications exist. Falsification attempts to find counterexamples, in the form of input signals and parameters, that violate the specifications of the system. Random search or optimization can be used for the falsification process. In the case of an optimization-based approach, a quantitative semantics is needed to associate a simulation with a measure of the distance to a specification being falsified. This measure is used to guide the search in a direction that is more likely to falsify a specification, if possible. \ua0The measure can be defined in different ways. In this thesis, we evaluate different quantitative semantics that can be used to define this measure. The efficiency of the falsification can be affected by both the quantitative semantics used and the choice of the optimization method. The presented work attempts to improve the efficiency of the falsification process by suggesting to use multiple quantitative semantics, as well as a new optimization method. The use of different quantitative semantics and the new optimization method have been evaluated on standard benchmark problems. We show that the proposed methods improve the efficiency of the falsification process

Combining Machine Learning and Formal Methods for Complex Systems Design

During the last 20 years, model-based design has become a standard practice in many fields such as automotive, aerospace engineering, systems and synthetic biology. This approach allows a considerable improvement of the final product quality and reduces the overall prototyping costs. In these contexts, formal methods, such as temporal logics, and model checking approaches have been successfully applied. They allow a precise description and automatic verification of the prototype's requirements. In the recent past, the increasing market requests for performing and safer devices shows an unstoppable growth which inevitably brings to the creation of more and more complicated devices. The rise of cyber-physical systems, which are on their way to become massively pervasive, brings the complexity level to the next step and open many new challenges. First, the descriptive power of standard temporal logics is no more sufficient to handle all kind of requirements the designers need (consider, for example, non-functional requirements). Second, the standard model checking techniques are unable to manage such level of complexity (consider the well-known curse of state space explosion). In this thesis, we leverage machine learning techniques, active learning, and optimization approaches to face the challenges mentioned above. In particular, we define signal measure logic, a novel temporal logic suited to describe non-functional requirements. We also use evolutionary algorithms and signal temporal logic to tackle a supervised classification problem and a system design problem which involves multiple conflicting requirements (i.e., multi-objective optimization problems). Finally, we use an active learning approach, based on Gaussian processes, to deal with falsification problems in the automotive field and to solve a so-called threshold synthesis problem, discussing an epidemics case study.During the last 20 years, model-based design has become a standard practice in many fields such as automotive, aerospace engineering, systems and synthetic biology. This approach allows a considerable improvement of the final product quality and reduces the overall prototyping costs. In these contexts, formal methods, such as temporal logics, and model checking approaches have been successfully applied. They allow a precise description and automatic verification of the prototype's requirements. In the recent past, the increasing market requests for performing and safer devices shows an unstoppable growth which inevitably brings to the creation of more and more complicated devices. The rise of cyber-physical systems, which are on their way to become massively pervasive, brings the complexity level to the next step and open many new challenges. First, the descriptive power of standard temporal logics is no more sufficient to handle all kind of requirements the designers need (consider, for example, non-functional requirements). Second, the standard model checking techniques are unable to manage such level of complexity (consider the well-known curse of state space explosion). In this thesis, we leverage machine learning techniques, active learning, and optimization approaches to face the challenges mentioned above. In particular, we define signal measure logic, a novel temporal logic suited to describe non-functional requirements. We also use evolutionary algorithms and signal temporal logic to tackle a supervised classification problem and a system design problem which involves multiple conflicting requirements (i.e., multi-objective optimization problems). Finally, we use an active learning approach, based on Gaussian processes, to deal with falsification problems in the automotive field and to solve a so-called threshold synthesis problem, discussing an epidemics case study

Active fuzzing for testing and securing cyber-physical systems

National Research Foundation (NRF) Singapore under its National Satellite of Excellence Programm

Computer Aided Verification

This open access two-volume set LNCS 11561 and 11562 constitutes the refereed proceedings of the 31st International Conference on Computer Aided Verification, CAV 2019, held in New York City, USA, in July 2019. The 52 full papers presented together with 13 tool papers and 2 case studies, were carefully reviewed and selected from 258 submissions. The papers were organized in the following topical sections: Part I: automata and timed systems; security and hyperproperties; synthesis; model checking; cyber-physical systems and machine learning; probabilistic systems, runtime techniques; dynamical, hybrid, and reactive systems; Part II: logics, decision procedures; and solvers; numerical programs; verification; distributed systems and networks; verification and invariants; and concurrency

Computer Aided Verification

This open access two-volume set LNCS 11561 and 11562 constitutes the refereed proceedings of the 31st International Conference on Computer Aided Verification, CAV 2019, held in New York City, USA, in July 2019. The 52 full papers presented together with 13 tool papers and 2 case studies, were carefully reviewed and selected from 258 submissions. The papers were organized in the following topical sections: Part I: automata and timed systems; security and hyperproperties; synthesis; model checking; cyber-physical systems and machine learning; probabilistic systems, runtime techniques; dynamical, hybrid, and reactive systems; Part II: logics, decision procedures; and solvers; numerical programs; verification; distributed systems and networks; verification and invariants; and concurrency

Guaranteed Verification of Dynamic Systems

Diese Arbeit beschreibt einen neuen Spezifikations- und Verifikationsansatz für dynamische Systeme. Der neue Ansatz ermöglicht dabei Ergebnisse, die per Definition frei von Fehlern 2. Art sind. Dies bedeutet, dass das Ergebnis der Verifikation keine versteckten Fehler enthalten kann. Somit können zuverlässige Ergebnisse für die Analyse von sicherheitskritischen Systemen generiert werden. Dazu wird ein neues Verständnis von mengenbasierter Konsistenz dynamischer Systeme mit einer gegebenen Spezifikation eingeführt. Dieses basiert auf der Verwendung von Kaucher Intervall Arithmetik zur Einschließung von Messdaten. Konsistenz wird anhand der vereinigten Lösungsmenge der Kaucher Arithmetik definiert. Dies führt zu mathematisch garantierten Ergebnissen. Die resultierende Methode kann das spezifizierte Verhalten eines dynamischen System auch im Falle von Rauschen und Sensorungenauigkeiten anhand von Messdaten verifizieren. Die mathematische Beweisbarkeit der Konsistenz wird für eine große Klasse von Systemen gezeigt. Diese beinhalten zeitinvariante, intervallartige und hybride Systeme, wobei letztere auch zur Beschreibung von Nichtlinearitäten verwendet werden können. Darüber hinaus werden zahlreiche Erweiterungen dargestellt. Diese führen bis hin zu einem neuartigen iterativen Identifikations- und Segmentierungsverfahren für hybride Systeme. Dieses ermöglicht die Verfikation hybrider Systeme auch ohne Wissen über Schaltzeitpunkte. Die entwickelten Verfahren können darüber hinaus zur Diagnose von dynamischen Systemen verwendet werden, falls eine ausreichend schnelle Berechnung der Ergebnisse möglich ist. Die Verfahren werden erfolgreich auf eine beispielhafte Variation verschiedener Tanksysteme angewendet. Die neuen Theorien, Methoden und Algortihmen dieser Arbeit bilden die Grundlage für eine zuverlässige Analyse von hochautomatisierten sicherheitskritischen Systemen

Reachability Analysis of Cyber-Physical Systems Using Symbolic-Numeric Techniques

In this thesis, we address the problem of reachability analysis in cyber-physical systems. These are systems engineered by interfacing computational components with the physical world. They provide partially or fully automated safety-critical services in the form of medical devices, autonomous vehicles, avionics and power systems. We propose techniques to reason about the reachability of such systems, and provide methods for falsifying their safety properties. We model the cyber component as a software program and the physical component as a hybrid dynamical system. Unlike model based analysis, which uses either a purely symbolic or a numerical approach, we argue in favor of using a combination of the two. We justify this by noting that the software program running on a computer is completely specified and has precise semantics. In contrast, the model of the physical system is only an approximation. Hence, we treat the former as a white box, but treat the latter as a black box. Using symbolic methods for the cyber components and numerical methods for hybrid systems, we carefully capture the complex behaviors of software programs and circumvent the difficulty in analyzing complex models developed through first principles. To combine the two techniques, we use a Counterexample Guided Abstraction Refinement (CEGAR) framework. Furthermore, we explore learning techniques like regression and piecewise affine modeling to estimate and represent black box hybrid dynamical systems for the purpose of falsification. We use prototype implementations to demonstrate the effectiveness of presented ideas. Using non-trivial benchmarks, we compare their performance against the state of the art. We also comment on their applicability and discuss ideas for further improvement