Formal Verification of Neural Network Controlled Autonomous Systems

In this paper, we consider the problem of formally verifying the safety of an autonomous robot equipped with a Neural Network (NN) controller that processes LiDAR images to produce control actions. Given a workspace that is characterized by a set of polytopic obstacles, our objective is to compute the set of safe initial conditions such that a robot trajectory starting from these initial conditions is guaranteed to avoid the obstacles. Our approach is to construct a finite state abstraction of the system and use standard reachability analysis over the finite state abstraction to compute the set of the safe initial states. The first technical problem in computing the finite state abstraction is to mathematically model the imaging function that maps the robot position to the LiDAR image. To that end, we introduce the notion of imaging-adapted sets as partitions of the workspace in which the imaging function is guaranteed to be affine. We develop a polynomial-time algorithm to partition the workspace into imaging-adapted sets along with computing the corresponding affine imaging functions. Given this workspace partitioning, a discrete-time linear dynamics of the robot, and a pre-trained NN controller with Rectified Linear Unit (ReLU) nonlinearity, the second technical challenge is to analyze the behavior of the neural network. To that end, we utilize a Satisfiability Modulo Convex (SMC) encoding to enumerate all the possible segments of different ReLUs. SMC solvers then use a Boolean satisfiability solver and a convex programming solver and decompose the problem into smaller subproblems. To accelerate this process, we develop a pre-processing algorithm that could rapidly prune the space feasible ReLU segments. Finally, we demonstrate the efficiency of the proposed algorithms using numerical simulations with increasing complexity of the neural network controller

Hybrid modeling and control of mechatronic systems using a piecewise affine dynamics approach

This thesis investigates the topic of modeling and control of PWA systems based on two experimental cases of an electrical and hydraulic nature with varying complexity that were also built, instrumented and evaluated. A full-order model has been created for both systems, including all dominant system dynamics and non-linearities. The unknown parameters and characteristics have been identi ed via an extensive parameter identi cation. In the following, the non-linear characteristics are linearized at several points, resulting in PWA models for each respective setup. Regarding the closed loop control of the generated models and corresponding experimental setups, a linear control structure comprised of integral error, feed-forward and state-feedback control has been used. Additionally, the hydraulic setup has been controlled in an autonomous hybrid position/force control mode, resulting in a switched system with each mode's dynamics being de ned by the previously derived PWA-based model in combination with the control structure and respective mode-dependent controller gains. The autonomous switch between control modes has been de ned by a switching event capable of consistently switching between modes in a deterministic manner despite the noise-a icted measurements. Several methods were used to obtain suitable controller gains, including optimization routines and pole placement. Validation of the system's fast and accurate response was obtained through simulations and experimental evaluation. The controlled system's local stability was proven for regions in state-space associated with operational points by using pole-zero analysis. The stability of the hybrid control approach was proven by using multiple Lyapunov functions for the investigated test scenarios.publishedVersio

Breaking Dense Structures: Proving Stability of Densely Structured Hybrid Systems

Abstraction and refinement is widely used in software development. Such techniques are valuable since they allow to handle even more complex systems. One key point is the ability to decompose a large system into subsystems, analyze those subsystems and deduce properties of the larger system. As cyber-physical systems tend to become more and more complex, such techniques become more appealing. In 2009, Oehlerking and Theel presented a (de-)composition technique for hybrid systems. This technique is graph-based and constructs a Lyapunov function for hybrid systems having a complex discrete state space. The technique consists of (1) decomposing the underlying graph of the hybrid system into subgraphs, (2) computing multiple local Lyapunov functions for the subgraphs, and finally (3) composing the local Lyapunov functions into a piecewise Lyapunov function. A Lyapunov function can serve multiple purposes, e.g., it certifies stability or termination of a system or allows to construct invariant sets, which in turn may be used to certify safety and security. In this paper, we propose an improvement to the decomposing technique, which relaxes the graph structure before applying the decomposition technique. Our relaxation significantly reduces the connectivity of the graph by exploiting super-dense switching. The relaxation makes the decomposition technique more efficient on one hand and on the other allows to decompose a wider range of graph structures.Comment: In Proceedings ESSS 2015, arXiv:1506.0325