Model Checking Tap Withdrawal in C. Elegans

We present what we believe to be the first formal verification of a biologically realistic (nonlinear ODE) model of a neural circuit in a multicellular organism: Tap Withdrawal (TW) in \emph{C. Elegans}, the common roundworm. TW is a reflexive behavior exhibited by \emph{C. Elegans} in response to vibrating the surface on which it is moving; the neural circuit underlying this response is the subject of this investigation. Specifically, we perform reachability analysis on the TW circuit model of Wicks et al. (1996), which enables us to estimate key circuit parameters. Underlying our approach is the use of Fan and Mitra's recently developed technique for automatically computing local discrepancy (convergence and divergence rates) of general nonlinear systems. We show that the results we obtain are in agreement with the experimental results of Wicks et al. (1995). As opposed to the fixed parameters found in most biological models, which can only produce the predominant behavior, our techniques characterize ranges of parameters that produce (and do not produce) all three observed behaviors: reversal of movement, acceleration, and lack of response

Bounded Verification with On-the-Fly Discrepancy Computation

Simulation-based verification algorithms can provide formal safety guarantees for nonlinear and hybrid systems. The previous algorithms rely on user provided model annotations called discrepancy function, which are crucial for computing reachtubes from simulations. In this paper, we eliminate this requirement by presenting an algorithm for computing piece-wise exponential discrepancy functions. The algorithm relies on computing local convergence or divergence rates of trajectories along a simulation using a coarse over-approximation of the reach set and bounding the maximal eigenvalue of the Jacobian over this over-approximation. The resulting discrepancy function preserves the soundness and the relative completeness of the verification algorithm. We also provide a coordinate transformation method to improve the local estimates for the convergence or divergence rates in practical examples. We extend the method to get the input-to-state discrepancy of nonlinear dynamical systems which can be used for compositional analysis. Our experiments show that the approach is effective in terms of running time for several benchmark problems, scales reasonably to larger dimensional systems, and compares favorably with respect to available tools for nonlinear models.Comment: 24 page

Compositional Falsification of Cyber-Physical Systems with Machine Learning Components

Cyber-physical systems (CPS), such as automotive systems, are starting to include sophisticated machine learning (ML) components. Their correctness, therefore, depends on properties of the inner ML modules. While learning algorithms aim to generalize from examples, they are only as good as the examples provided, and recent efforts have shown that they can produce inconsistent output under small adversarial perturbations. This raises the question: can the output from learning components can lead to a failure of the entire CPS? In this work, we address this question by formulating it as a problem of falsifying signal temporal logic (STL) specifications for CPS with ML components. We propose a compositional falsification framework where a temporal logic falsifier and a machine learning analyzer cooperate with the aim of finding falsifying executions of the considered model. The efficacy of the proposed technique is shown on an automatic emergency braking system model with a perception component based on deep neural networks

LNCS

We address the problem of analyzing the reachable set of a polynomial nonlinear continuous system by over-approximating the flowpipe of its dynamics. The common approach to tackle this problem is to perform a numerical integration over a given time horizon based on Taylor expansion and interval arithmetic. However, this method results to be very conservative when there is a large difference in speed between trajectories as time progresses. In this paper, we propose to use combinations of barrier functions, which we call piecewise barrier tube (PBT), to over-approximate flowpipe. The basic idea of PBT is that for each segment of a flowpipe, a coarse box which is big enough to contain the segment is constructed using sampled simulation and then in the box we compute by linear programming a set of barrier functions (called barrier tube or BT for short) which work together to form a tube surrounding the flowpipe. The benefit of using PBT is that (1) BT is independent of time and hence can avoid being stretched and deformed by time; and (2) a small number of BTs can form a tight over-approximation for the flowpipe, which means that the computation required to decide whether the BTs intersect the unsafe set can be reduced significantly. We implemented a prototype called PBTS in C++. Experiments on some benchmark systems show that our approach is effective

Exploration of Shared Genetic Architecture Between Subcortical Brain Volumes and Anorexia Nervosa

In MRI scans of patients with anorexia nervosa (AN), reductions in brain volume are often apparent. However, it is unknown whether such brain abnormalities are influenced by genetic determinants that partially overlap with those underlying AN. Here, we used a battery of methods (LD score regression, genetic risk scores, sign test, SNP effect concordance analysis, and Mendelian randomization) to investigate the genetic covariation between subcortical brain volumes and risk for AN based on summary measures retrieved from genome-wide association studies of regional brain volumes (ENIGMA consortium, n = 13,170) and genetic risk for AN (PGC-ED consortium, n = 14,477). Genetic correlations ranged from − 0.10 to 0.23 (all p > 0.05). There were some signs of an inverse concordance between greater thalamus volume and risk for AN (permuted p = 0.009, 95% CI: [0.005, 0.017]). A genetic variant in the vicinity of ZW10, a gene involved in cell division, and neurotransmitter and immune system relevant genes, in particular DRD2, was significantly associated with AN only after conditioning on its association with caudate volume (pFDR = 0.025). Another genetic variant linked to LRRC4C, important in axonal and synaptic development, reached significance after conditioning on hippocampal volume (pFDR = 0.021). In this comprehensive set of analyses and based on the largest available sample sizes to date, there was weak evidence for associations between risk for AN and risk for abnormal subcortical brain volumes at a global level (that is, common variant genetic architecture), but suggestive evidence for effects of single genetic markers. Highly powered multimodal brain- and disorder-related genome-wide studies are needed to further dissect the shared genetic influences on brain structure and risk for AN

A Low-Frequency Inactivating Akt2 Variant Enriched in the Finnish Population is Associated With Fasting Insulin Levels and Type 2 Diabetes Risk

To identify novel coding association signals and facilitate characterization of mechanisms influencing glycemic traits and type 2 diabetes risk, we analyzed 109,215 variants derived from exome array genotyping together with an additional 390,225 variants from exome sequence in up to 39,339 normoglycemic individuals from five ancestry groups. We identified a novel association between the coding variant (p.Pro50Thr) in AKT2 and fasting insulin, a gene in which rare fully penetrant mutations are causal for monogenic glycemic disorders. The low-frequency allele is associated with a 12% increase in fasting plasma insulin (FI) levels. This variant is present at 1.1% frequency in Finns but virtually absent in individuals from other ancestries. Carriers of the FI-increasing allele had increased 2-hour insulin values, decreased insulin sensitivity, and increased risk of type 2 diabetes (odds ratio=1.05). In cellular studies, the AKT2-Thr50 protein exhibited a partial loss of function. We extend the allelic spectrum for coding variants in AKT2 associated with disorders of glucose homeostasis and demonstrate bidirectional effects of variants within the pleckstrin homology domain of AKT2.Academy of Finland (129293, 128315, 129330, 131593, 139635, 139635, 121584, 126925, 124282, 129378, 258753); Action on Hearing Loss (G51); Ahokas Foundation; American Diabetes Association (#7-12-MN-02); Atlantic Canada Opportunities Agency; Augustinus foundation; Becket foundation; Benzon Foundation; Biomedical Research Council; British Heart Foundation (SP/04/002); Canada Foundation for Innovation; Commission of the European Communities, Directorate C-Public Health (2004310); Copenhagen County; Danish Centre for Evaluation and Health Technology Assessment; Danish Council for Independent Research; Danish Heart Foundation (07-10-R61-A1754-B838-22392F); Danish Medical Research Council; Danish Pharmaceutical Association; Emil Aaltonen Foundation; European Research Council Advanced Research Grant; European Union FP7 (EpiMigrant, 279143; FP7/2007-2013; 259749); Finland's Slottery Machine Association; Finnish Cultural Foundation; Finnish Diabetes Research Foundation; Finnish Foundation for Cardiovascular Research; Finnish Foundation of Cardiovascular Research; Finnish Medical Society; Finnish National Public Health Institute; Finska Läkaresällskapet; Folkhälsan Research Foundation; Foundation for Life and Health in Finland; German Center for Diabetes Research (DZD) ; German Federal Ministry of Education and Research; Health Care Centers in Vasa, Närpes and Korsholm; Health Insurance Foundation (2012B233) ; Helsinki University Central Hospital Research Foundation; Hospital districts of Pirkanmaa, Southern Ostrobothnia, North Ostrobothnia, Central Finland, and Northern Savo; Ib Henriksen foundation; Juho Vainio Foundation; Korea Centers for Disease Control and Prevention (4845–301); Korea National Institute of Health (2012-N73002-00); Li Ka Shing Foundation; Liv och Hälsa; Lundbeck Foundation; Marie-Curie Fellowship (PIEF-GA-2012-329156); Medical Research Council (G0601261, G0900747-91070, G0601966, G0700931); Ministry of Education in Finland; Ministry of Social Affairs and Health in Finland; MRC-PHE Centre for Environment and Health;Municipal Heath Care Center and Hospital in Jakobstad; Närpes Health Care Foundation; National Institute for Health Research (RP-PG-0407-10371); National Institutes of Health (U01 DK085526, U01 DK085501, U01 DK085524, U01 DK085545, U01 DK085584, U01 DK088389, RC2-DK088389, DK085545, DK098032, HHSN268201300046C, HHSN268201300047C, HHSN268201300048C, HHSN268201300049C, HHSN, R01MH107666 and K12CA139160268201300050C, U01 DK062370, R01 DK066358, U01DK085501, R01HL102830, R01DK073541, PO1AG027734, R01AG046949, 1R01AG042188, P30AG038072, R01 MH101820, R01MH090937, P30DK020595, R01 DK078616, NIDDK K24 DK080140, 1RC2DK088389, T32GM007753); National Medical Research Council; National Research Foundation of Korea (NRF-2012R1A2A1A03006155); Nordic Center of Excellence in Disease Genetics; Novo Nordisk; Ollqvist Foundation; OrionFarmos Research Foundation; Paavo Nurmi Foundation; Perklén Foundation; Samfundet Folkhälsan; Signe and Ane Gyllenberg Foundation; Sigrid Juselius Foundation; Social Insurance Institution of Finland; South East Norway Health Authority (2011060); Swedish Cultural Foundation in Finland; Swedish Heart-Lung Foundation; Swedish Research Council; Swedish Research Council (Linné and Strategic Research Grant); The American Federation for Aging Research; The Einstein Glenn Center; The European Commission (HEALTH-F4-2007-201413); The Finnish Diabetes Association; The Folkhälsan Research Foundation; The Påhlssons Foundation; The provinces of Newfoundland and Labrador, Nova Scotia, and New Brunswick; The Sigrid Juselius Foundation; The Skåne Regional Health Authority; The Swedish Heart-Lung Foundation; Timber Merchant Vilhelm Bang’s Foundation; Turku University Foundation; Uppsala University; Wellcome Trust (064890, 083948, 085475, 086596, 090367, 090532, 092447, 095101/Z/10/Z, 200837/Z/16/Z, 095552, 098017, 098381, 098051, 084723, 072960/2/ 03/2, 086113/Z/08/Z, WT098017, WT064890, WT090532, WT098017, 098051, WT086596/Z/08/A and 086596/Z/08/Z). Detailed acknowledgment of funding sources is provided in the Additional Acknowledgements section of the Supplementary Materials

Combining model checking and runtime verification for safe robotics

A major challenge towards large scale deployment of autonomous mobile robots is to program them with formal guarantees and high assurance of correct operation. To this end, we present a framework for building safe robots. Our approach for validating the end-to-end correctness of robotics system consists of two parts: (1) a high-level programming language for implementing and systematically testing the reactive robotics software via model checking; (2) a signal temporal logic (STL) based online monitoring system to ensure that the assumptions about the low-level controllers (discrete models) used during model checking hold at runtime. Combining model checking with runtime verification helps us bridge the gap between software verification (discrete) that makes assumptions about the low-level controllers and the physical world, and the actual execution of the software on a real robotic platform in the physical world. To demonstrate the efficacy of our approach, we build a safe adaptive surveillance system and present software-in-the-loop simulations of the application

LNCS

Piecewise Barrier Tubes (PBT) is a new technique for flowpipe overapproximation for nonlinear systems with polynomial dynamics, which leverages a combination of barrier certificates. PBT has advantages over traditional time-step based methods in dealing with those nonlinear dynamical systems in which there is a large difference in speed between trajectories, producing an overapproximation that is time independent. However, the existing approach for PBT is not efficient due to the application of interval methods for enclosure-box computation, and it can only deal with continuous dynamical systems without uncertainty. In this paper, we extend the approach with the ability to handle both continuous and hybrid dynamical systems with uncertainty that can reside in parameters and/or noise. We also improve the efficiency of the method significantly, by avoiding the use of interval-based methods for the enclosure-box computation without loosing soundness. We have developed a C++ prototype implementing the proposed approach and we evaluate it on several benchmarks. The experiments show that our approach is more efficient and precise than other methods in the literature