Abstractions of Constrained Linear Systems

Simulation relations are powerful abstraction techniques in computer science that reduce the complexity of analysis and design of labeled transition systems. In this paper, we define and characterize simulation relations for discrete-time linear systems in the presence of state and input constraints. Given a discrete-time linear system and the associated constraints, we consider a control-abstract embedding into a transition system. We then establish necessary and sufficient conditions for one constrained linear system to simulate the transitions of the other. Checking the simulation conditions is formulated as a linear programming problem which can be efficiently solved for systems of large dimensions. We provide an example where our approach is applied to the hybrid model of the Electronic Throttle Control (ETC) System

Compositional Synthesis via a Convex Parameterization of Assume-Guarantee Contracts

We develop an assume-guarantee framework for control of large scale linear (time-varying) systems from finite-time reach and avoid or infinite-time invariance specifications. The contracts describe the admissible set of states and controls for individual subsystems. A set of contracts compose correctly if mutual assumptions and guarantees match in a way that we formalize. We propose a rich parameterization of contracts such that the set of parameters that compose correctly is convex. Moreover, we design a potential function of parameters that describes the distance of contracts from a correct composition. Thus, the verification and synthesis for the aggregate system are broken to solving small convex programs for individual subsystems, where correctness is ultimately achieved in a compositional way. Illustrative examples demonstrate the scalability of our method

Compositional Verification and Optimization of Interactive Markov Chains

Interactive Markov chains (IMC) are compositional behavioural models extending labelled transition systems and continuous-time Markov chains. We provide a framework and algorithms for compositional verification and optimization of IMC with respect to time-bounded properties. Firstly, we give a specification formalism for IMC. Secondly, given a time-bounded property, an IMC component and the assumption that its unknown environment satisfies a given specification, we synthesize a scheduler for the component optimizing the probability that the property is satisfied in any such environment

A PVS-Simulink Integrated Environment for Model-Based Analysis of Cyber-Physical Systems

This paper presents a methodology, with supporting tool, for formal modeling and analysis of software components in cyber-physical systems. Using our approach, developers can integrate a simulation of logic-based specifications of software components and Simulink models of continuous processes. The integrated simulation is useful to validate the characteristics of discrete system components early in the development process. The same logic-based specifications can also be formally verified using the Prototype Verification System (PVS), to gain additional confidence that the software design complies with specific safety requirements. Modeling patterns are defined for generating the logic-based specifications from the more familiar automata-based formalism. The ultimate aim of this work is to facilitate the introduction of formal verification technologies in the software development process of cyber-physical systems, which typically requires the integrated use of different formalisms and tools. A case study from the medical domain is used to illustrate the approach. A PVS model of a pacemaker is interfaced with a Simulink model of the human heart. The overall cyber-physical system is co-simulated to validate design requirements through exploration of relevant test scenarios. Formal verification with the PVS theorem prover is demonstrated for the pacemaker model for specific safety aspects of the pacemaker design

Model-based compositional verification approaches and tools development for cyber-physical systems

The model-based design for embedded real-time systems utilizes the veriable reusable components and proper architectures, to deal with the verification scalability problem caused by state-explosion. In this thesis, we address verification approaches for both low-level individual component correctness and high-level system correctness, which are equally important under this scheme. Three prototype tools are developed, implementing our approaches and algorithms accordingly. For the component-level design-time verification, we developed a symbolic verifier, LhaVrf, for the reachability verification of concurrent linear hybrid systems (LHA). It is unique in translating a hybrid automaton into a transition system that preserves the discrete transition structure, possesses no continuous dynamics, and preserves reachability of discrete states. Afterward, model-checking is interleaved in the counterexample fragment based specification relaxation framework. We next present a simulation-based bounded-horizon reachability analysis approach for the reachability verification of systems modeled by hybrid automata (HA) on a run-time basis. This framework applies a dynamic, on-the-fly, repartition-based error propagation control method with the mild requirement of Lipschitz continuity on the continuous dynamics. The novel features allow state-triggered discrete jumps and provide eventually constant over-approximation error bound for incremental stable dynamics. The above approaches are implemented in our prototype verifier called HS3V. Once the component properties are established, the next thing is to establish the system-level properties through compositional verication. We present our work on the role and integration of quantier elimination (QE) for property composition and verication. In our approach, we derive in a single step, the strongest system property from the given component properties for both time-independent and time-dependent scenarios. The system initial condition can also be composed, which, alongside the strongest system property, are used to verify a postulated system property through induction. The above approaches are implemented in our prototype tool called ReLIC

From Resilience-Building to Resilience-Scaling Technologies: Directions -- ReSIST NoE Deliverable D13

This document is the second product of workpackage WP2, "Resilience-building and -scaling technologies", in the programme of jointly executed research (JER) of the ReSIST Network of Excellence. The problem that ReSIST addresses is achieving sufficient resilience in the immense systems of ever evolving networks of computers and mobile devices, tightly integrated with human organisations and other technology, that are increasingly becoming a critical part of the information infrastructure of our society. This second deliverable D13 provides a detailed list of research gaps identified by experts from the four working groups related to assessability, evolvability, usability and diversit

Nutzerfreundliche Modellierung mit hybriden Systemen zur symbolischen Simulation in CLP

Die Dissertation beinhaltet die Sprachen MODEL-HS und VYSMO zur modularen, deklarativen Beschreibung hybrider Systeme, die dem Nachweis zeit- und sicherheitskritischer Eigenschaften für die symbolische Simulation in CLP dienen. Zum Erlangen sprachtheoretischer Erkenntnisse wie Entscheidbarkeit wurden hybride Systeme neu unter formal nachweisbaren Akzeptanzbedingungen definiert, welche durch praktische Beispiele belegt sind. Weitere Ergebnisse sind eine neue Klassifikation hybrider Systeme, ein Werkzeug ROSSY, Anfragebeschreibungen und deren Transformation in temporal-logische Ausdrücke, Anfragemasken und Anwendungen für Studiensysteme und parallele Programme.The dissertation includes the languages MODEL-HS and VYSMO for modular, declarative description of hybrid systems that serve the proof of time- and safety-critical properties for symbolic simulation in CLP. For coming to language-theoretical conclusions like decidability hybrid systems are newly defined under acceptance conditions that can be formally proved and for which practical examples bear witness. A new classification of hybrid systems, a tool ROSSY, query descriptions and their transformation into temporal-logic expressions, query forms and applications for study systems and parallel programs are further results