29,282 research outputs found
Sound and Automated Synthesis of Digital Stabilizing Controllers for Continuous Plants
Modern control is implemented with digital microcontrollers, embedded within
a dynamical plant that represents physical components. We present a new
algorithm based on counter-example guided inductive synthesis that automates
the design of digital controllers that are correct by construction. The
synthesis result is sound with respect to the complete range of approximations,
including time discretization, quantization effects, and finite-precision
arithmetic and its rounding errors. We have implemented our new algorithm in a
tool called DSSynth, and are able to automatically generate stable controllers
for a set of intricate plant models taken from the literature within minutes.Comment: 10 page
Quantitative Verification: Formal Guarantees for Timeliness, Reliability and Performance
Computerised systems appear in almost all aspects of our daily lives, often in safety-critical scenarios such as embedded control systems in cars and aircraft
or medical devices such as pacemakers and sensors. We are thus increasingly reliant on these systems working correctly, despite often operating in unpredictable or unreliable environments. Designers of such devices need ways to guarantee that they will operate in a reliable and efficient manner.
Quantitative verification is a technique for analysing quantitative aspects of a system's design, such as timeliness, reliability or performance. It applies formal methods, based on a rigorous analysis of a mathematical model of the system, to automatically prove certain precisely specified properties, e.g. ``the airbag will always deploy within 20 milliseconds after a crash'' or ``the probability of both sensors failing simultaneously is less than 0.001''.
The ability to formally guarantee quantitative properties of this kind is beneficial across a wide range of application domains. For example, in safety-critical systems, it may be essential to establish credible bounds on the probability with which certain failures or combinations of failures can occur. In embedded control systems, it is often important to comply with strict constraints on timing or resources. More generally, being able to derive guarantees on precisely specified levels of performance or efficiency is a valuable tool in the design of, for example, wireless networking protocols, robotic systems or power management algorithms, to name but a few.
This report gives a short introduction to quantitative verification, focusing in particular on a widely used technique called model checking, and its generalisation to the analysis of quantitative aspects of a system such as timing, probabilistic behaviour or resource usage.
The intended audience is industrial designers and developers of systems such as those highlighted above who could benefit from the application of quantitative verification,but lack expertise in formal verification or modelling
Synthesis of Minimal Error Control Software
Software implementations of controllers for physical systems are at the core
of many embedded systems. The design of controllers uses the theory of
dynamical systems to construct a mathematical control law that ensures that the
controlled system has certain properties, such as asymptotic convergence to an
equilibrium point, while optimizing some performance criteria. However, owing
to quantization errors arising from the use of fixed-point arithmetic, the
implementation of this control law can only guarantee practical stability:
under the actions of the implementation, the trajectories of the controlled
system converge to a bounded set around the equilibrium point, and the size of
the bounded set is proportional to the error in the implementation. The problem
of verifying whether a controller implementation achieves practical stability
for a given bounded set has been studied before. In this paper, we change the
emphasis from verification to automatic synthesis. Using synthesis, the need
for formal verification can be considerably reduced thereby reducing the design
time as well as design cost of embedded control software.
We give a methodology and a tool to synthesize embedded control software that
is Pareto optimal w.r.t. both performance criteria and practical stability
regions. Our technique is a combination of static analysis to estimate
quantization errors for specific controller implementations and stochastic
local search over the space of possible controllers using particle swarm
optimization. The effectiveness of our technique is illustrated using examples
of various standard control systems: in most examples, we achieve controllers
with close LQR-LQG performance but with implementation errors, hence regions of
practical stability, several times as small.Comment: 18 pages, 2 figure
Strategy Synthesis for Autonomous Agents Using PRISM
We present probabilistic models for autonomous agent search and retrieve missions derived from Simulink models for an Unmanned Aerial Vehicle (UAV) and show how probabilistic model checking and the probabilistic model checker PRISM can be used for optimal controller generation. We introduce a sequence of scenarios relevant to UAVs and other autonomous agents such as underwater and ground vehicles. For each scenario we demonstrate how it can be modelled using the PRISM language, give model checking statistics and present the synthesised optimal controllers. We conclude with a discussion of the limitations when using probabilistic model checking and PRISM in this context and what steps can be taken to overcome them. In addition, we consider how the controllers can be returned to the UAV and adapted for use on larger search areas
Quantitative multi-objective verification for probabilistic systems
We present a verification framework for analysing multiple quantitative objectives of systems that exhibit both nondeterministic and stochastic behaviour. These systems are modelled as probabilistic automata, enriched with cost or reward structures that capture, for example, energy usage or performance metrics. Quantitative properties of these models are expressed in a specification language that incorporates probabilistic safety and liveness properties, expected total cost or reward, and supports multiple objectives of these types. We propose and implement an efficient verification framework for such properties and then present two distinct applications of it: firstly, controller synthesis subject to multiple quantitative objectives; and, secondly, quantitative compositional verification. The practical applicability of both approaches is illustrated with experimental results from several large case studies
Verification and Control of Partially Observable Probabilistic Real-Time Systems
We propose automated techniques for the verification and control of
probabilistic real-time systems that are only partially observable. To formally
model such systems, we define an extension of probabilistic timed automata in
which local states are partially visible to an observer or controller. We give
a probabilistic temporal logic that can express a range of quantitative
properties of these models, relating to the probability of an event's
occurrence or the expected value of a reward measure. We then propose
techniques to either verify that such a property holds or to synthesise a
controller for the model which makes it true. Our approach is based on an
integer discretisation of the model's dense-time behaviour and a grid-based
abstraction of the uncountable belief space induced by partial observability.
The latter is necessarily approximate since the underlying problem is
undecidable, however we show how both lower and upper bounds on numerical
results can be generated. We illustrate the effectiveness of the approach by
implementing it in the PRISM model checker and applying it to several case
studies, from the domains of computer security and task scheduling
Sequential Synthesis of Distributed Controllers for Cascade Interconnected Systems
We consider the problem of designing distributed controllers to ensure
passivity of a large-scale interconnection of linear subsystems connected in a
cascade topology. The control design process needs to be carried out at the
subsystem-level with no direct knowledge of the dynamics of other subsystems in
the interconnection. We present a distributed approach to solve this problem,
where subsystem-level controllers are locally designed in a sequence starting
at one end of the cascade using only the dynamics of the particular subsystem,
coupling with the immediately preceding subsystem and limited information from
the preceding subsystem in the cascade to ensure passivity of the
interconnected system up to that point. We demonstrate that this design
framework also allows for new subsystems to be compositionally added to the
interconnection without requiring redesign of the pre-existing controllers.Comment: Accepted to appear in the proceedings of the American Control
Conference (ACC) 201
SOTER: A Runtime Assurance Framework for Programming Safe Robotics Systems
The recent drive towards achieving greater autonomy and intelligence in
robotics has led to high levels of complexity. Autonomous robots increasingly
depend on third party off-the-shelf components and complex machine-learning
techniques. This trend makes it challenging to provide strong design-time
certification of correct operation.
To address these challenges, we present SOTER, a robotics programming
framework with two key components: (1) a programming language for implementing
and testing high-level reactive robotics software and (2) an integrated runtime
assurance (RTA) system that helps enable the use of uncertified components,
while still providing safety guarantees. SOTER provides language primitives to
declaratively construct a RTA module consisting of an advanced,
high-performance controller (uncertified), a safe, lower-performance controller
(certified), and the desired safety specification. The framework provides a
formal guarantee that a well-formed RTA module always satisfies the safety
specification, without completely sacrificing performance by using higher
performance uncertified components whenever safe. SOTER allows the complex
robotics software stack to be constructed as a composition of RTA modules,
where each uncertified component is protected using a RTA module.
To demonstrate the efficacy of our framework, we consider a real-world
case-study of building a safe drone surveillance system. Our experiments both
in simulation and on actual drones show that the SOTER-enabled RTA ensures the
safety of the system, including when untrusted third-party components have bugs
or deviate from the desired behavior
- …