11,537 research outputs found
Positive loop-closed automata: a decidable class of hybrid systems
AbstractThe model-checking problem for real-time and hybrid systems is very difficult, even for a well-formed class of hybrid systems—the class of linear hybrid automata—the problem is still undecidable in general. So an important question for the analysis and design of real-time and hybrid systems is the identification of subclasses of such systems and corresponding restricted classes of analysis problems that can be settled algorithmically. In this paper, we show that for a class of linear hybrid automata called positive loop-closed automata, the satisfaction problem for linear duration properties can be solved by linear programming. We extend the traditional regular expressions with duration constraints and use them as a language to describe the behaviour of this class of linear hybrid automata. The extended notation is called duration-constrained regular expressions. Based on this formalism, we show that the model-checking problem can be reduced formally to linear programs
Interrupt Timed Automata: verification and expressiveness
We introduce the class of Interrupt Timed Automata (ITA), a subclass of
hybrid automata well suited to the description of timed multi-task systems with
interruptions in a single processor environment. While the reachability problem
is undecidable for hybrid automata we show that it is decidable for ITA. More
precisely we prove that the untimed language of an ITA is regular, by building
a finite automaton as a generalized class graph. We then establish that the
reachability problem for ITA is in NEXPTIME and in PTIME when the number of
clocks is fixed. To prove the first result, we define a subclass ITA- of ITA,
and show that (1) any ITA can be reduced to a language-equivalent automaton in
ITA- and (2) the reachability problem in this subclass is in NEXPTIME (without
any class graph). In the next step, we investigate the verification of real
time properties over ITA. We prove that model checking SCL, a fragment of a
timed linear time logic, is undecidable. On the other hand, we give model
checking procedures for two fragments of timed branching time logic. We also
compare the expressive power of classical timed automata and ITA and prove that
the corresponding families of accepted languages are incomparable. The result
also holds for languages accepted by controlled real-time automata (CRTA), that
extend timed automata. We finally combine ITA with CRTA, in a model which
encompasses both classes and show that the reachability problem is still
decidable. Additionally we show that the languages of ITA are neither closed
under complementation nor under intersection
Improving HyLTL model checking of hybrid systems
The problem of model-checking hybrid systems is a long-time challenge in the
scientific community. Most of the existing approaches and tools are either
limited on the properties that they can verify, or restricted to simplified
classes of systems. To overcome those limitations, a temporal logic called
HyLTL has been recently proposed. The model checking problem for this logic has
been solved by translating the formula into an equivalent hybrid automaton,
that can be analized using existing tools. The original construction employs a
declarative procedure that generates exponentially many states upfront, and can
be very inefficient when complex formulas are involved. In this paper we solve
a technical issue in the construction that was not considered in previous
works, and propose a new algorithm to translate HyLTL into hybrid automata,
that exploits optimized techniques coming from the discrete LTL community to
build smaller automata.Comment: In Proceedings GandALF 2013, arXiv:1307.416
Remedies for building reliable cyber-physical systems
Cyber-physical systems (CPS) are systems that are tight integration of computer programs as controllers or cyber parts, and physical environments. The interaction is carried out by obtaining information about the physical environment through reading sensors and responding to the current knowledge through actuators. Examples of such systems are autonomous automobile systems, avionic systems, robotic systems, and medical devices. Perhaps the most common feature of all these systems is that they are all safety critical systems and failure most likely causes catastrophic consequences. This means that while testing continues to increase confidence in cyber-physical systems, formal or mathematical proofs are needed at the very least for the safety requirements of these systems.
Hybrid automata is the main modeling language for cyber-physical systems. However, verifying safety properties is undecidable for all but very restricted known classes of these automata. Our first result introduces a new subclass of hybrid automata for which bounded time safety model checking problem is decidable. We also prove that unbounded time model checking for this subclass is undecidable which suggests this is the best one can hope for the new class. Our second result in this thesis is a counter-example guided abstraction refinement algorithm for unbounded time model checking of non- linear hybrid automata. Clearly, this is an undecidable problem and that is the main reason for using abstraction refinement techniques. Our CEGAR framework for this class is sound but not complete, meaning the algorithm never incorrectly says a system is safe, but may output unsafe incorrectly. We have also implemented our algorithm and compared it with seven other tools.
There are multiple inherent problems with traditional model checking approaches. First, it is well-known that most models do not depict physical environments precisely. Second, the model checking problem is undecidable for most classes of hybrid automata. And third, even when model checking is decidable, controller part in most models cannot be implemented. These problems suggest that current methods of modeling cyber-physical systems and problems might not be the right ones. Our last result focuses on robust model checking of cyber-physical systems. In this part of the thesis, we focus on the implementability issue and show how to solve four different robust model checking problem for timed automata. We also introduce an optimal algorithm for robust time bounded safety model checking of monotonic rectangular automata
IST Austria Thesis
Hybrid automata combine finite automata and dynamical systems, and model the interaction of digital with physical systems. Formal analysis that can guarantee the safety of all behaviors or rigorously witness failures, while unsolvable in general, has been tackled algorithmically using, e.g., abstraction, bounded model-checking, assisted theorem proving.
Nevertheless, very few methods have addressed the time-unbounded reachability analysis of hybrid automata and, for current sound and automatic tools, scalability remains critical. We develop methods for the polyhedral abstraction of hybrid automata, which construct coarse overapproximations and tightens them incrementally, in a CEGAR fashion. We use template polyhedra, i.e., polyhedra whose facets are normal to a given set of directions.
While, previously, directions were given by the user, we introduce (1) the first method
for computing template directions from spurious counterexamples, so as to generalize and
eliminate them. The method applies naturally to convex hybrid automata, i.e., hybrid
automata with (possibly non-linear) convex constraints on derivatives only, while for linear
ODE requires further abstraction. Specifically, we introduce (2) the conic abstractions,
which, partitioning the state space into appropriate (possibly non-uniform) cones, divide
curvy trajectories into relatively straight sections, suitable for polyhedral abstractions.
Finally, we introduce (3) space-time interpolation, which, combining interval arithmetic
and template refinement, computes appropriate (possibly non-uniform) time partitioning
and template directions along spurious trajectories, so as to eliminate them.
We obtain sound and automatic methods for the reachability analysis over dense
and unbounded time of convex hybrid automata and hybrid automata with linear ODE.
We build prototype tools and compare—favorably—our methods against the respective
state-of-the-art tools, on several benchmarks
Enzymatic competition: Modeling and verification with timed hybrid petri nets
International audienceThe formalism of hybrid functional petri nets (HFPN) has proved its convenience for simulating biological systems. The drawback of the noticeable expressiveness of HFPN is the difficulty to perform formal verifications of dynamical properties. In this article, we propose a model-checking procedure for timed hybrid petri nets (THPN), a sub-class of HFPN. This procedure is based on the translation of the THPN model and of the studied property into real-time automata. It is applied to model enzymatic competitions existing in amphibian metamorphosis
Weak Singular Hybrid Automata
The framework of Hybrid automata, introduced by Alur, Courcourbetis,
Henzinger, and Ho, provides a formal modeling and analysis environment to
analyze the interaction between the discrete and the continuous parts of
cyber-physical systems. Hybrid automata can be considered as generalizations of
finite state automata augmented with a finite set of real-valued variables
whose dynamics in each state is governed by a system of ordinary differential
equations. Moreover, the discrete transitions of hybrid automata are guarded by
constraints over the values of these real-valued variables, and enable
discontinuous jumps in the evolution of these variables. Singular hybrid
automata are a subclass of hybrid automata where dynamics is specified by
state-dependent constant vectors. Henzinger, Kopke, Puri, and Varaiya showed
that for even very restricted subclasses of singular hybrid automata, the
fundamental verification questions, like reachability and schedulability, are
undecidable. In this paper we present \emph{weak singular hybrid automata}
(WSHA), a previously unexplored subclass of singular hybrid automata, and show
the decidability (and the exact complexity) of various verification questions
for this class including reachability (NP-Complete) and LTL model-checking
(PSPACE-Complete). We further show that extending WSHA with a single
unrestricted clock or extending WSHA with unrestricted variable updates lead to
undecidability of reachability problem
- …