1,101 research outputs found
A Metric for Linear Temporal Logic
We propose a measure and a metric on the sets of infinite traces generated by
a set of atomic propositions. To compute these quantities, we first map
properties to subsets of the real numbers and then take the Lebesgue measure of
the resulting sets. We analyze how this measure is computed for Linear Temporal
Logic (LTL) formulas. An implementation for computing the measure of bounded
LTL properties is provided and explained. This implementation leverages SAT
model counting and effects independence checks on subexpressions to compute the
measure and metric compositionally
Online Causation Monitoring of Signal Temporal Logic
Online monitoring is an effective validation approach for hybrid systems,
that, at runtime, checks whether the (partial) signals of a system satisfy a
specification in, e.g., Signal Temporal Logic (STL). The classic STL monitoring
is performed by computing a robustness interval that specifies, at each
instant, how far the monitored signals are from violating and satisfying the
specification. However, since a robustness interval monotonically shrinks
during monitoring, classic online monitors may fail in reporting new violations
or in precisely describing the system evolution at the current instant. In this
paper, we tackle these issues by considering the causation of violation or
satisfaction, instead of directly using the robustness. We first introduce a
Boolean causation monitor that decides whether each instant is relevant to the
violation or satisfaction of the specification. We then extend this monitor to
a quantitative causation monitor that tells how far an instant is from being
relevant to the violation or satisfaction. We further show that classic
monitors can be derived from our proposed ones. Experimental results show that
the two proposed monitors are able to provide more detailed information about
system evolution, without requiring a significantly higher monitoring cost.Comment: 31 pages, 7 figures, the full version of the paper accepted by CAV
202
MoonLight: a lightweight tool for monitoring spatio-temporal properties
We present MoonLight, a tool for monitoring temporal and spatio-temporal properties of mobile, spatially distributed, and interacting entities such as biological and cyber-physical systems. In MoonLight the space is represented as a weighted graph describing the topological configuration in which the single entities are arranged. Both nodes and edges have attributes modeling physical quantities and logical states of the system evolving in time. MoonLight is implemented in Java and supports the monitoring of Spatio-Temporal Reach and Escape Logic (STREL). MoonLight can be used as a standalone command line tool, such as Java API, or via MatlabTM and Python interfaces. We provide here the description of the tool, its interfaces, and its scripting language using a sensor network and a bike sharing example. We evaluate the tool performances both by comparing it with other tools specialized in monitoring only temporal properties and by monitoring spatio-temporal requirements considering different sizes of dynamical and spatial graphs
On Falsification of Large-Scale Cyber-Physical Systems
In the development of modern Cyber-Physical Systems, Model-Based Testingof the closed-loop system is an approach for finding potential faults andincreasing quality of developed products. Testing is done on many differentabstraction levels, and for large-scale industrial systems, there are severalchallenges. Executing tests on the systems can be time-consuming and largenumbers of complex specifications need to be thoroughly tested, while manyof the popular academic benchmarks do not necessarily reflect on this complexity.This thesis proposes new methods for analyzing and generating test casesas a means for being more certain that proper testing has been performed onthe system under test. For analysis, the proposed approach can automaticallyfind out how much of the physical parts of the system that the test suite hasexecuted.For test case generation, an approach to find errors is optimization-basedfalsification. This thesis attempts to close the gap between academia and industryby applying falsification techniques to real-world models from VolvoCar Corporation and adapting the falsification procedure where it has shortcomingsfor certain classes of systems. Specifically, the main contributionsof this thesis are (i) a method for automatically transforming a signal-basedspecification into a formal specification allowing an optimization-based falsificationapproach, (ii) a new collection of specifications inspired by large-scalespecifications from industry, (iii) an algorithm to perform optimization-basedfalsification for such a large set of specifications, and (iv) a new type of coveragecriterion for Cyber-Physical Systems that can help to assess when testingcan be concluded.The proposed methods have been evaluated for both academic benchmarkexamples and real-world industrial models. One of the main conclusions isthat the proposed additions and changes to the analysis and generation oftests can be useful, given that one has enough information about the systemunder test. The methods presented in this thesis have been applied to realworldmodels in a way that allows for higher-quality products by finding morefaults in early phases of development
Falsification of Signal-Based Specifications for Cyber-Physical Systems
In the development of software for modern Cyber-Physical Systems, testing is an integral part that is rightfully given a lot of attention. Testing is done on many different abstraction levels, and especially for large-scale industrial systems, it can be difficult to know when the testing should conclude and the software can be considered correct enough for making its way into production. This thesis proposes new methods for analyzing and generating test cases as a means of being more certain that proper testing has been performed for the system under test. For analysis, the proposed approach includes automatically finding how much a given test suite has executed the physical properties of the simulated system. For test case generation, an up-and-coming approach to find errors in Cyber-Physical Systems is simulation-based falsification. While falsification is suitable also for some large-scale industrial systems, sometimes there is a gap between what has been researched and what problems need to be solved to make the approach tractable in the industry. This thesis attempts to close this gap by applying falsification techniques to real-world models from Volvo Car Corporation, and adapting the falsification procedure where it has shortcomings for certain classes of systems. Specifically, the thesis includes a method for automatically transforming a signal-based specification into a formal specification in temporal logic, as well as a modification to the underlying optimization problem that makes falsification more viable in an industrial setting. The proposed methods have been evaluated for both academic benchmark examples and real-world industrial models. One of the main conclusions is that the proposed additions and changes to analysis and generation of tests can be useful, given that one has enough information about the system under test. It is difficult to provide a general solution that will always work best -- instead, the challenge lies in identifying which properties of the given system should be taken into account when trying to find potential errors in the system
Generalized Robust MTL Semantics for Problems in Cardiac Electrophysiology
Robustness-Guided Falsification (RGF) is an efficient
testing technique that tries to find a system execution that
violates some formal specification, by minimizing the robustness
of the specification over the set of initial conditions of the
system. Robustness uses an underlying distance function on
the space of system executions. As RGF is applied to new fields
like medicine, it is essential to determine whether our distances
still capture the domain expert’s intuition of which executions
are similar and which are not. Motivated by the problem of
testing the algorithms of cardiac defibrillators implanted in
millions of patients worldwide, this work develops a (pseudo-
)distance function, called conformance, over the space of cardiac
signals. By using it to distinguish between fatal and non-fatal
arrhythmias obtained from real patients, it is demonstrated
that conformance measures the meaningful distance between
cardiac signals much better than distances used in medical
devices today. Next, conformance is used to re-define the
robustness degrees of Metric Temporal Logic (MTL), and it
is shown that conformance-based robust semantics of MTL
can bound the (conformance-based) robustness degree, thus
enabling a principled application of RGF to problems in the
cardiac domain, using the appropriate distance notion. Using
existing robust semantics based on sup norm can yield incorrect
conclusions, with potentially severe consequences to patients
- …