174 research outputs found
Synthesizing Switching Controllers for Hybrid Systems by Continuous Invariant Generation
We extend a template-based approach for synthesizing switching controllers
for semi-algebraic hybrid systems, in which all expressions are polynomials.
This is achieved by combining a QE (quantifier elimination)-based method for
generating continuous invariants with a qualitative approach for predefining
templates. Our synthesis method is relatively complete with regard to a given
family of predefined templates. Using qualitative analysis, we discuss
heuristics to reduce the numbers of parameters appearing in the templates. To
avoid too much human interaction in choosing templates as well as the high
computational complexity caused by QE, we further investigate applications of
the SOS (sum-of-squares) relaxation approach and the template polyhedra
approach in continuous invariant generation, which are both well supported by
efficient numerical solvers
Forward Invariant Cuts to Simplify Proofs of Safety
The use of deductive techniques, such as theorem provers, has several
advantages in safety verification of hybrid sys- tems; however,
state-of-the-art theorem provers require ex- tensive manual intervention.
Furthermore, there is often a gap between the type of assistance that a theorem
prover requires to make progress on a proof task and the assis- tance that a
system designer is able to provide. This paper presents an extension to
KeYmaera, a deductive verification tool for differential dynamic logic; the new
technique allows local reasoning using system designer intuition about per-
formance within particular modes as part of a proof task. Our approach allows
the theorem prover to leverage for- ward invariants, discovered using numerical
techniques, as part of a proof of safety. We introduce a new inference rule
into the proof calculus of KeYmaera, the forward invariant cut rule, and we
present a methodology to discover useful forward invariants, which are then
used with the new cut rule to complete verification tasks. We demonstrate how
our new approach can be used to complete verification tasks that lie out of the
reach of existing deductive approaches us- ing several examples, including one
involving an automotive powertrain control system.Comment: Extended version of EMSOFT pape
The Structure of Differential Invariants and Differential Cut Elimination
The biggest challenge in hybrid systems verification is the handling of
differential equations. Because computable closed-form solutions only exist for
very simple differential equations, proof certificates have been proposed for
more scalable verification. Search procedures for these proof certificates are
still rather ad-hoc, though, because the problem structure is only understood
poorly. We investigate differential invariants, which define an induction
principle for differential equations and which can be checked for invariance
along a differential equation just by using their differential structure,
without having to solve them. We study the structural properties of
differential invariants. To analyze trade-offs for proof search complexity, we
identify more than a dozen relations between several classes of differential
invariants and compare their deductive power. As our main results, we analyze
the deductive power of differential cuts and the deductive power of
differential invariants with auxiliary differential variables. We refute the
differential cut elimination hypothesis and show that, unlike standard cuts,
differential cuts are fundamental proof principles that strictly increase the
deductive power. We also prove that the deductive power increases further when
adding auxiliary differential variables to the dynamics
Programming in three-valued logic
AbstractThe aim of this paper is to propose a logical and algebraic theory which seems well-suited to logic programs with negation and deductive databases. This theory has similar properties to those of Prolog theory limited to programs with Horn clauses and thus can be considered as an extension of the usual theory. This parallel with logic programming without negation lies in the introduction of a third truth value (Indefinite) and of a new non-monotonic implication connective. Our proposition is different from the other ways of introducing a third truth value already used in Logic Programming and databases but it is somehow related to some of them, especially to Fitting's theory. We introduce a “consequence” operator associated with a logic program with negation which extends the operator of Apt and Van Emden. In the case of a consistent program, the post-fixpoints of this operator are the models of the program as they are usually. This operator is related to Fitting's one, the relation being obtained by completing the program. We finally give an operational semantics for a program with negation by the obtention of a three-valued interpreter from a bivalued one
Hidden-Markov Program Algebra with iteration
We use Hidden Markov Models to motivate a quantitative compositional
semantics for noninterference-based security with iteration, including a
refinement- or "implements" relation that compares two programs with respect to
their information leakage; and we propose a program algebra for source-level
reasoning about such programs, in particular as a means of establishing that an
"implementation" program leaks no more than its "specification" program.
This joins two themes: we extend our earlier work, having iteration but only
qualitative, by making it quantitative; and we extend our earlier quantitative
work by including iteration. We advocate stepwise refinement and
source-level program algebra, both as conceptual reasoning tools and as targets
for automated assistance. A selection of algebraic laws is given to support
this view in the case of quantitative noninterference; and it is demonstrated
on a simple iterated password-guessing attack
A Contracting Dynamical System Perspective toward Interval Markov Decision Processes
Interval Markov decision processes are a class of Markov models where the
transition probabilities between the states belong to intervals. In this paper,
we study the problem of efficient estimation of the optimal policies in
Interval Markov Decision Processes (IMDPs) with continuous action-space. Given
an IMDP, we show that the pessimistic (resp. the optimistic) value iterations,
i.e., the value iterations under the assumption of a competitive adversary
(resp. cooperative agent), are monotone dynamical systems and are contracting
with respect to the -norm. Inspired by this dynamical system
viewpoint, we introduce another IMDP, called the action-space relaxation IMDP.
We show that the action-space relaxation IMDP has two key features: (i) its
optimal value is an upper bound for the optimal value of the original IMDP, and
(ii) its value iterations can be efficiently solved using tools and techniques
from convex optimization. We then consider the policy optimization problems at
each step of the value iterations as a feedback controller of the value
function. Using this system-theoretic perspective, we propose an
iteration-distributed implementation of the value iterations for approximating
the optimal value of the action-space relaxation IMDP
Complex type 4 structure changing dynamics of digital agents: Nash equilibria of a game with arms race in innovations
The new digital economy has renewed interest in how digital agents can innovate. This follows the legacy of John von Neumann dynamical systems theory on complex biological systems as computation. The Gödel-Turing-Post (GTP) logic is shown to be necessary to generate innovation based structure changing Type 4 dynamics of the Wolfram-Chomsky schema. Two syntactic procedures of GTP logic permit digital agents to exit from listable sets of digital technologies to produce novelty and surprises. The first is meta-analyses or offline simulations. The second is a fixed point with a two place encoding of negation or opposition, referred to as the Gödel sentence. It is postulated that in phenomena ranging from the genome to human proteanism, the Gödel sentence is a ubiquitous syntactic construction without which escape from hostile agents qua the Liar is impossible and digital agents become entrained within fixed repertoires. The only recursive best response function of a 2-person adversarial game that can implement strategic innovation in lock-step formation of an arms race is the productive function of the Emil Post [58] set theoretic proof of the Gödel incompleteness result. This overturns the view of game theorists that surprise and innovation cannot be a Nash equilibrium of a game
- …