19 research outputs found
Uniform Substitution for Differential Game Logic
This paper presents a uniform substitution calculus for differential game
logic (dGL). Church's uniform substitutions substitute a term or formula for a
function or predicate symbol everywhere. After generalizing them to
differential game logic and allowing for the substitution of hybrid games for
game symbols, uniform substitutions make it possible to only use axioms instead
of axiom schemata, thereby substantially simplifying implementations. Instead
of subtle schema variables and soundness-critical side conditions on the
occurrence patterns of logical variables to restrict infinitely many axiom
schema instances to sound ones, the resulting axiomatization adopts only a
finite number of ordinary dGL formulas as axioms, which uniform substitutions
instantiate soundly. This paper proves soundness and completeness of uniform
substitutions for the monotone modal logic dGL. The resulting axiomatization
admits a straightforward modular implementation of dGL in theorem provers
Towards learning and verifying invariants of cyber-physical systems by code mutation
Cyber-physical systems (CPS), which integrate algorithmic control with
physical processes, often consist of physically distributed components
communicating over a network. A malfunctioning or compromised component in such
a CPS can lead to costly consequences, especially in the context of public
infrastructure. In this short paper, we argue for the importance of
constructing invariants (or models) of the physical behaviour exhibited by CPS,
motivated by their applications to the control, monitoring, and attestation of
components. To achieve this despite the inherent complexity of CPS, we propose
a new technique for learning invariants that combines machine learning with
ideas from mutation testing. We present a preliminary study on a water
treatment system that suggests the efficacy of this approach, propose
strategies for establishing confidence in the correctness of invariants, then
summarise some research questions and the steps we are taking to investigate
them.Comment: Short paper accepted by the 21st International Symposium on Formal
Methods (FM 2016
Constructive Hybrid Games
Hybrid games are models which combine discrete, continuous, and adversarial
dynamics. Game logic enables proving (classical) existence of winning
strategies. We introduce constructive differential game logic (CdGL) for hybrid
games, where proofs that a player can win the game correspond to computable
winning strategies. This is the logical foundation for synthesis of correct
control and monitoring code for safety-critical cyber-physical systems. Our
contributions include novel static and dynamic semantics as well as soundness
and consistency.Comment: 60 pages, preprint, under revie
Spatio-Temporal Model-Checking of Cyber-Physical Systems Using Graph Queries
We explore the application of graph database technology to
spatio-temporal model checking of cooperating cyber-physical systems-of-systems such as vehicle platoons. We present a translation of spatio-temporal automata (STA) and the spatio-temporal logic STAL to semantically equivalent property graphs and graph queries respectively. We prove a sound reduction of the spatio-temporal verification problem to graph database query solving. The practicability and efficiency of this approach is evaluated by introducing NeoMC, a prototype implementation of our explicit model checking approach based on Neo4j. To evaluate NeoMC we consider case studies of verifying vehicle platooning models. Our evaluation demonstrates the effectiveness of our approach in terms
of execution time and counterexample detection
Low Flow Displacement Compressor: Thermodynamical Process Analysis
Abstract. We propose a new logic, called differential dynamic game logic (dDGL), that adds several game constructs on top of differential dynamic logic (dL) so that it can be used for hybrid games. The logic dDGL is a conservative extension of dL, which we exploit for our implementation of dDGL in the theorem prover KeYmaera. We provide rules for extending the dL sequent proof calculus to handle the dDGL constructs by identifying analogs to operators of dL. We have implemented dDGL in an extension of KeYmaera and verified a case study in which a robot satisfies a joint safety and liveness objective in a factory automation scenario, in which the factory may perform interfering actions independently
Modelling hybrid programs with Event-B
International audienceHybrid systems are one of the most common mathematical models for Cyber-Physical Systems (CPSs). They combine discrete dynamics represented by state machines or finite automata with continuous behaviors represented by differential equations. The measurement of continuous behaviors is performed by sensors. When these sensors have a continuous access to these measurements, we call such model an Event-Triggered model. The properties of this model are easier to prove, while its implementation is difficult in practice. Therefore, it is preferable to introduce a more realistic model, called Time-Triggered model, where the sensors take periodic measurements. Contrary to Event-Triggered models, Time-Triggered models are much easier to implement, but much more difficult to verify. Based on the differential refinement logic (dRL), a dynamic logic for refinement relations on hybrid systems, it is possible to prove that a Time-Triggered model refines an Event-Triggered model. The major limitation of such logic is that it is not supported by any prover. In this paper, we propose a correct-by-construction approach that implements the reasoning on hybrid programs particularly the reasoning of dRL in Event-B to take advantage of its associated tools
A One-Dimensional Sparse Space-Time Specification of the Generalized Railroad Crossing
Part 4: INFRASTRUCTURE MODELING AND SIMULATIONInternational audienceModeling and reasoning about critical infrastructure systems is a complex endeavor. Various calculi and algebras have been crafted to help specify physical properties such as time and space, but these do not always translate well between physical entities and their conceptual specifications. Although real-world critical infrastructure systems involve components of both time and space, many existing specification methods focus most strongly on the temporal components, leaving spatial details largely ignored or forcing then to fit within the confines of the temporal specification. This paper presents a one-dimensional sparse space-time specification created using a spatial-temporal logic in which real-world constraints are incorporated in the logic using the next operator. The simplicity and utility of the spatial-temporal formalism is demonstrated by applying it to the generalized railroad crossing problem