Structural Synthesis for GXW Specifications

We define the GXW fragment of linear temporal logic (LTL) as the basis for synthesizing embedded control software for safety-critical applications. Since GXW includes the use of a weak-until operator we are able to specify a number of diverse programmable logic control (PLC) problems, which we have compiled from industrial training sets. For GXW controller specifications, we develop a novel approach for synthesizing a set of synchronously communicating actor-based controllers. This synthesis algorithm proceeds by means of recursing over the structure of GXW specifications, and generates a set of dedicated and synchronously communicating sub-controllers according to the formula structure. In a subsequent step, 2QBF constraint solving identifies and tries to resolve potential conflicts between individual GXW specifications. This structural approach to GXW synthesis supports traceability between requirements and the generated control code as mandated by certification regimes for safety-critical software. Synthesis for GXW specifications is in PSPACE compared to 2EXPTIME-completeness of full-fledged LTL synthesis. Indeed our experimental results suggest that GXW synthesis scales well to industrial-sized control synthesis problems with 20 input and output ports and beyond.Comment: The long (including appendix) version being reviewed by CAV'16 program committee. Compared to the submitted version, one author (out of her wish) is moved to the Acknowledgement. (v2) Corrected typos. (v3) Add an additional remark over environment assumption and easy corner case

Synthesis of minimum-cost shields for multi-agent systems

In this paper, we propose a general approach to derive runtime enforcement implementations for multiagent systems, called shields, from temporal logical specifications. Each agent of the multi-agent system is monitored, and if needed corrected, by the shield, such that a global specification is always satisfied. The different ways of how a shield can interfere with each agent in the system in case of an error introduces the need for quantitative objectives. This work is the first to discuss the shield synthesis problem with quantitative objectives. We provide several cost functions that are utilized in the multi-agent setting and provide methods for the synthesis of cost-optimal shields and fair shields, under the given assumptions on the multi-agent system. We demonstrate the applicability of our approach via a detailed case study on UAV mission planning for warehouse logistics and simulating the shielded multi-agent system on ROS/Gazebo

Temporal Stream Logic: Synthesis beyond the Bools

Reactive systems that operate in environments with complex data, such as mobile apps or embedded controllers with many sensors, are difficult to synthesize. Synthesis tools usually fail for such systems because the state space resulting from the discretization of the data is too large. We introduce TSL, a new temporal logic that separates control and data. We provide a CEGAR-based synthesis approach for the construction of implementations that are guaranteed to satisfy a TSL specification for all possible instantiations of the data processing functions. TSL provides an attractive trade-off for synthesis. On the one hand, synthesis from TSL, unlike synthesis from standard temporal logics, is undecidable in general. On the other hand, however, synthesis from TSL is scalable, because it is independent of the complexity of the handled data. Among other benchmarks, we have successfully synthesized a music player Android app and a controller for an autonomous vehicle in the Open Race Car Simulator (TORCS.

OBDD-Based Representation of Interval Graphs

A graph $G = (V,E)$ can be described by the characteristic function of the edge set $\chi_E$ which maps a pair of binary encoded nodes to 1 iff the nodes are adjacent. Using \emph{Ordered Binary Decision Diagrams} (OBDDs) to store $\chi_E$ can lead to a (hopefully) compact representation. Given the OBDD as an input, symbolic/implicit OBDD-based graph algorithms can solve optimization problems by mainly using functional operations, e.g. quantification or binary synthesis. While the OBDD representation size can not be small in general, it can be provable small for special graph classes and then also lead to fast algorithms. In this paper, we show that the OBDD size of unit interval graphs is $O(\ | V \ | /\log \ | V \ |)$ and the OBDD size of interval graphs is $O(\ | V \ | \log \ | V \ |)$which both improve a known result from Nunkesser and Woelfel (2009). Furthermore, we can show that using our variable order and node labeling for interval graphs the worst-case OBDD size is$\Omega(\ | V \ | \log \ | V \ |)$. We use the structure of the adjacency matrices to prove these bounds. This method may be of independent interest and can be applied to other graph classes. We also develop a maximum matching algorithm on unit interval graphs using$O(\log \ | V \ |)$operations and a coloring algorithm for unit and general intervals graphs using$O(\log^2 \ | V \ |)$ operations and evaluate the algorithms empirically.Comment: 29 pages, accepted for 39th International Workshop on Graph-Theoretic Concepts 201

Parallelizing Synthesis from Temporal Logic Specifications by Identifying Equicontrollable States

For the synthesis of correct-by-construction control policies from temporal logic specifications the scalability of the synthesis algorithms is often a bottleneck. In this paper, we parallelize synthesis from specifications in the GR(1) fragment of linear temporal logic by introducing a hierarchical procedure that allows decoupling of the fixpoint computations. The state space is partitioned into equicontrollable sets using solutions to parametrized games that arise from decomposing the original GR(1) game into smaller reachability-persistence games. Following the partitioning, another synthesis problem is formulated for composing the strategies from the decomposed reachability games. The formulation guarantees that composing the synthesized controllers ensures satisfaction of the given GR(1) property. Experiments with robot planning problems demonstrate good performance of the approach

Improving Community Healthcare for Patients with Parkinson's Disease: The Dutch Model

Because of the complex nature of Parkinson's disease, a wide variety of health professionals are involved in care. Stepwise, we have addressed the challenges in the provision of multidisciplinary care for this patient group. As a starting point, we have gained detailed insight into the current delivery of allied healthcare, as well as the barriers and facilitators for optimal care. To overcome the identified barriers, a tertiary referral centre was founded; evidence-based guidelines were developed and cost-effectively implemented within regional community networks of specifically trained allied health professionals (the ParkinsonNet concept). We increasingly use ICT to bind these professional networks together and also to empower and engage patients in making decisions about their health. This comprehensive approach is likely to be feasible for other countries as well, so we currently collaborate in a European collaboration to improve community care for persons with Parkinson's disease

SAT-Based Synthesis Methods for Safety Specs

Automatic synthesis of hardware components from declarative specifications is an ambitious endeavor in computer aided design. Existing synthesis algorithms are often implemented with Binary Decision Diagrams (BDDs), inheriting their scalability limitations. Instead of BDDs, we propose several new methods to synthesize finite-state systems from safety specifications using decision procedures for the satisfiability of quantified and unquantified Boolean formulas (SAT-, QBF- and EPR-solvers). The presented approaches are based on computational learning, templates, or reduction to first-order logic. We also present an efficient parallelization, and optimizations to utilize reachability information and incremental solving. Finally, we compare all methods in an extensive case study. Our new methods outperform BDDs and other existing work on some classes of benchmarks, and our parallelization achieves a super-linear speedup. This is an extended version of [5], featuring an additional appendix.Comment: Extended version of a paper at VMCAI'1

Exploiting the Temporal Logic Hierarchy and the Non-Confluence Property for Efficient LTL Synthesis

The classic approaches to synthesize a reactive system from a linear temporal logic (LTL) specification first translate the given LTL formula to an equivalent omega-automaton and then compute a winning strategy for the corresponding omega-regular game. To this end, the obtained omega-automata have to be (pseudo)-determinized where typically a variant of Safra's determinization procedure is used. In this paper, we show that this determinization step can be significantly improved for tool implementations by replacing Safra's determinization by simpler determinization procedures. In particular, we exploit (1) the temporal logic hierarchy that corresponds to the well-known automata hierarchy consisting of safety, liveness, Buechi, and co-Buechi automata as well as their boolean closures, (2) the non-confluence property of omega-automata that result from certain translations of LTL formulas, and (3) symbolic implementations of determinization procedures for the Rabin-Scott and the Miyano-Hayashi breakpoint construction. In particular, we present convincing experimental results that demonstrate the practical applicability of our new synthesis procedure

2D-IR Study of a Photoswitchable Isotope-Labeled α-Helix

A series of photoswitchable, α-helical peptides were studied using two-dimensional infrared spectroscopy (2D-IR). Single-isotope labeling with 13C18O at various positions in the sequence was employed to spectrally isolate particular backbone positions. We show that a single 13C18O label can give rise to two bands along the diagonal of the 2D-IR spectrum, one of which is from an amide group that is hydrogen-bonded internally, or to a solvent molecule, and the other from a non-hydrogen-bonded amide group. The photoswitch enabled examination of both the folded and unfolded state of the helix. For most sites, unfolding of the peptide caused a shift of intensity from the hydrogen-bonded peak to the non-hydrogen-bonded peak. The relative intensity of the two diagonal peaks gives an indication of the fraction of molecules hydrogen-bonded at a certain location along the sequence. As this fraction varies quite substantially along the helix, we conclude that the helix is not uniformly folded. Furthermore, the shift in hydrogen bonding is much smaller than the change of helicity measured by CD spectroscopy, indicating that non-native hydrogen-bonded or mis-folded loops are formed in the unfolded ensemble