Probabilistic bounded reachability for stochastic hybrid systems

PhD ThesisStochastic parametric hybrid systems provide a means of formalising automata with continuous nonlinear dynamics, discrete interruptions, and parametric uncertainty (e.g. randomness and/or nondeterminism). They can be used for modelling a vast class of cyber-physical systems – machines comprising physical components orchestrated by a digital control (e.g. medical devices, self-driving cars, and aircraft autopilots). Assuring correct and safe behaviour of such systems is crucial as human lives are often involved. One of the main problems in system verification is reachability analysis. It amounts to determining whether the studied model reaches an unsafe state during its evolution. Introduction of parametric randomness allows the formulation of a quantitative version of the problem – computing the probability of reaching the undesired state. Reachability analysis is a highly challenging problem due to its general undecidability for hybrid systems and undecidability of nonlinear arithmetic (e.g. involving trigonometric functions) over the real numbers. A common approach in this case is to solve a simpler, yet useful, problem. In particular, there are techniques for solving reachability rigorously up to a given numerical precision. The central problem of this research is probabilistic reachability analysis of hybrid systems with random and nondeterministic parameters. In this thesis I have developed two new distinct techniques: a formal approach, based on formal reasoning which provides absolute numerical guarantees; and a statistical one, utilising Monte Carlo sampling that gives statistical guarantees. Namely, the former computes an interval which is guaranteed to contain the exact reachability probability value, while the latter returns an interval containing the probability value with some statistical confidence. By providing weaker guarantees, the statistical approach is capable of handling difficult cases more efficiently than the formal one, which in turn, can be used for parameter set synthesis in the absence of random uncertainty. The latter is one of the key problems in system modelling: identifying sets of parameter values for which a given model satisfies the desired behaviour. I have implemented the described techniques in the publicly available tool ProbReach, which I have then applied to several realistic case studies such as the synthesis of safe and robust controllers for artificial pancreas and the design of UVB treatment for psoriasis.award N00014-13-1-0090 of the US Office of Naval Research

Signal Convolution Logic

We introduce a new logic called Signal Convolution Logic (SCL) that combines temporal logic with convolutional filters from digital signal processing. SCL enables to reason about the percentage of time a formula is satisfied in a bounded interval. We demonstrate that this new logic is a suitable formalism to effectively express non-functional requirements in Cyber-Physical Systems displaying noisy and irregular behaviours. We define both a qualitative and quantitative semantics for it, providing an efficient monitoring procedure. Finally, we prove SCL at work to monitor the artificial pancreas controllers that are employed to automate the delivery of insulin for patients with type-1 diabetes

The speed of psoriasis onset in ODE model depends on the strength and the duration of the immune stimulus.

Panels: (a)—heatmap where white-coloured area denotes combinations of immune stimulus strength and duration that do not lead to psoriasis; other colours denote psoriasis; (b) and (c)—examples of model simulations for the combinations of stimulus strength and duration values, as highlighted in Panel (a), leading to fast and slow psoriasis onsets, respectively. Psoriasis onset occurs if totC = totCH + 0.9(totCP − totCH) ≈ 247,376 cells/mm2 ≈ 0.93 ⋅ totCP (i.e., the total cell density of the model has covered 90% of the distance between the healthy state and the psoriatic state—see Table 2 for the actual cell densities). This is due to the relatively slow convergence of the model to the psoriatic steady state.</p