Presentation is loading. Please wait.

Presentation is loading. Please wait.

Model Checking for Hybrid Systems Bruce H. Krogh Carnegie Mellon University.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Model Checking for Hybrid Systems Bruce H. Krogh Carnegie Mellon University."— Presentation transcript:

1 Model Checking for Hybrid Systems Bruce H. Krogh Carnegie Mellon University

2 Carnegie Mellon: The Rare Glitch Project2Bruce H. Krogh Hybrid Dynamic Systems Dynamic systems with both continuous & discrete state variables Lyapunov functions, eigenvalue analysis, etc. Boolean algebra, formal logics, recursion, etc. Analytical Tools MATLAB, Matrix X, VisSim, etc., Statemate, Design CPN, Slam II, SMV, etc. Software Tools Continuous-State Systems differential equations, transfer functions, etc. Discrete-State Systems automata, Petri nets, statecharts, etc. Models

3 Carnegie Mellon: The Rare Glitch Project3Bruce H. Krogh Three Main Thrusts of Our Project Verifying system integrity  Synchronization constraints  Resource constraints  Real-time constraints Modeling the environment  Hybrid dynamics  Stochastic models Usability  Extracting models  Explaining tool feedback system environment

4 Carnegie Mellon: The Rare Glitch Project4Bruce H. Krogh Embedded systems with significant hybrid dynamics Source: ESP, Dec, 1998

5 Carnegie Mellon: The Rare Glitch Project5Bruce H. Krogh Opportunity to Apply Formal Verification Techniques test on engine/ vehicle feature specification code production executable spec. code generation simulation hardware in the loop executable spec. Computer-Aided Control System Design model checking Objective: Verify feature behavior for the entire range of operating conditions.

6 Carnegie Mellon: The Rare Glitch Project6Bruce H. Krogh Example: Variable CAM Timing look-up table 2-mode PID/ saturation controller operating state cam angle actuator command

7 Carnegie Mellon: The Rare Glitch Project7Bruce H. Krogh Example: Variable CAM Timing Controller Verification Problem: Determine whether the controller will switch only once from saturation to PID mode.

8 Carnegie Mellon: The Rare Glitch Project8Bruce H. Krogh Continuous-Time Model

9 Carnegie Mellon: The Rare Glitch Project9Bruce H. Krogh Switching Rule Discrete-time rule Switch on magnitude of the error and the sign of this filter Continuous-time rule Switch on magnitude of the error and the sign of this filter state of the filter error

10 Carnegie Mellon: The Rare Glitch Project10Bruce H. Krogh Finite-State Analysis Assign discrete states to each switch boundary and the initial condition set Determine reachability from each discrete state to the other discrete states Analyze the resulting finite state system

11 Carnegie Mellon: The Rare Glitch Project11Bruce H. Krogh Reachability Analysis

12 Carnegie Mellon: The Rare Glitch Project12Bruce H. Krogh Finite-State Model Switching back to the saturation controller is certain from some initial states (i.e., specification is not satisfied)

13 Carnegie Mellon: The Rare Glitch Project13Bruce H. Krogh Applying Model Checking to Hybrid Systems: interpret a hybrid system as a transition system (with an infinite state space) find an equivalent finite-state transition systems (bisimulation) perform verification using the bisimulation Can this approach be generalized to higher-order systems?

14 Carnegie Mellon: The Rare Glitch Project14Bruce H. Krogh Polyhedral-Invariant Hybrid Automaton (PIHA) Conversion Simulink/Stateflow Front End (graphical editing, simulation) Threshold-event-driven Hybrid Systems (TEDHS) Flow Pipe Approximations Quotient Transition System ACTL Verification Partition Refinement Initial Partition

15 Carnegie Mellon: The Rare Glitch Project15Bruce H. Krogh Polyhedral-Invariant Hybrid Automaton (PIHA) Conversion Simulink/Stateflow Front End (graphical editing, simulation) Threshold-event-driven Hybrid Systems (TEDHS) Flow Pipe Approximations Quotient Transition System ACTL Verification Partition Refinement Initial Partition T T/P SWITCHED CONTINUOUS DYNAMICS dx/dt = f u (x) POLYHEDRAL REGIONS STATEFLOW FSMs

16 Carnegie Mellon: The Rare Glitch Project16Bruce H. Krogh CheckMate Block Diagram Switched Continuous Dynamics Switching Hyperplanes Discrete-State Dynamics

17 Carnegie Mellon: The Rare Glitch Project17Bruce H. Krogh Polyhedral-Invariant Hybrid Automaton (PIHA) Conversion Simulink/Stateflow Front End (graphical editing, simulation) Threshold-event-driven Hybrid Systems (TEDHS) Flow Pipe Approximations Quotient Transition System ACTL Verification Partition Refinement Initial Partition T T/P mode select integrator m(t) xdot(t) flow constraints x(t) jump mapping initial condition e(t) threshold-driven discrete dynamics x(t) e(t) m(t) cont. state discrete state discrete event F1 F2 F3 1S1S X0X0 JeJe e(t)

18 Carnegie Mellon: The Rare Glitch Project18Bruce H. Krogh Polyhedral-Invariant Hybrid Automaton (PIHA) Conversion Simulink/Stateflow Front End (graphical editing, simulation) Threshold-event-driven Hybrid Systems (TEDHS) Flow Pipe Approximations Quotient Transition System ACTL Verification Partition Refinement Initial Partition Elements of CheckMate

19 Carnegie Mellon: The Rare Glitch Project19Bruce H. Krogh Polyhedral-Invariant Hybrid Automaton (PIHA) Conversion Simulink/Stateflow Front End (graphical editing, simulation) Threshold-event-driven Hybrid Systems (TEDHS) Flow Pipe Approximations Quotient Transition System ACTL Verification Partition Refinement Initial Partition u u’u’ x  INV u’ dx/dt = F u’ (x) x  INV u dx/dt = F u (x) x  Xox  Xo e i : g i (x)  0 x u’  J i (x u )

20 Carnegie Mellon: The Rare Glitch Project20Bruce H. Krogh Polyhedral-Invariant Hybrid Automaton (PIHA) Conversion Simulink/Stateflow Front End (graphical editing, simulation) Threshold-event-driven Hybrid Systems (TEDHS) Flow Pipe Approximations Quotient Transition System ACTL Verification Partition Refinement Initial Partition Elements of CheckMate

21 Carnegie Mellon: The Rare Glitch Project21Bruce H. Krogh Polyhedral-Invariant Hybrid Automaton (PIHA) Conversion Simulink/Stateflow Front End (graphical editing, simulation) Threshold-event-driven Hybrid Systems (TEDHS) Flow Pipe Approximations Quotient Transition System ACTL Verification Partition Refinement Initial Partition

22 Carnegie Mellon: The Rare Glitch Project22Bruce H. Krogh Polyhedral-Invariant Hybrid Automaton (PIHA) Conversion Simulink/Stateflow Front End (graphical editing, simulation) Threshold-event-driven Hybrid Systems (TEDHS) Flow Pipe Approximations Quotient Transition System ACTL Verification Partition Refinement Initial Partition T T/P

23 Carnegie Mellon: The Rare Glitch Project23Bruce H. Krogh Computing Transitions  ('1,p',q')('1,p',q') '1'1 '2'2 ('2,p',q')('2,p',q') (,p,q)(,p,q) pp'p' qq'q'

24 Carnegie Mellon: The Rare Glitch Project24Bruce H. Krogh Approximating reachable sets E.K. Kornoushenko. Finite-automaton approximation to the behavior of continuous plants, Automation and Remote Control, 1975 J. Reisch and S. O’Young, A DES approach to control of hybrid dynamical systems, Hybrid Systems III, LNCS 1066, Springer, 1996 A. Puri, V. Borkar and P. Varaiya,  -Approximation of differential inclusions, Hybrid Systems III, LNCS 1066, Springer, 1996 M.R. Greenstreet, Verifying safety properties of differential equations, CAV’96 M.R. Greenstreet and I. Mitchell, Integrating projections, HSCC98 T. Dang and O. Maler, Reachability analysis via face lifting, HSCC98 A. Chutinan and B. H. Krogh, Verification of polyhedral-invariant hybrid systems using polygonal flow pipe approximations, HSCC99

25 Carnegie Mellon: The Rare Glitch Project25Bruce H. Krogh Polyhedral flow pipe approximation A. Chutinan and B. H. Krogh, Computing polyhedral approximations to dynamic flow pipes, IEEE CDC, 1998 X0X0 t1t1 t2t2 t3t3 t4t4 t5t5 t6t6 t7t7 t8t8 t9t9 divide R [0,T] (X 0 ) into [t k,t k+1 ] segments enclose each segment with a convex polytope R M [0,T] (X 0 ) = union of polytopes

26 Carnegie Mellon: The Rare Glitch Project26Bruce H. Krogh Flow Pipe Segment Approximation Vertices(X 0 ) at t k Vertices(X 0 ) at t k+1 Step 1. a. Simulate trajectories from each vertex of X 0. Step 2. Solve optimization for d i flow pipe segment approximated by { x | c i T x  d i,  i } b. Take the convex hull and identify outward normal vectors.

27 Carnegie Mellon: The Rare Glitch Project27Bruce H. Krogh Flow Pipe Approximation for a Linear System Vertices for X 0 Uniform time step  t k = 0.1

28 Carnegie Mellon: The Rare Glitch Project28Bruce H. Krogh Flow Pipe Approximation Applies to nonlinear dynamics Applies in arbitrary dimensions Approximation error doesn't grow with time Estimation error (Hausdorff distance) can be made arbitrarily small with  t <  and size of X 0 <  Integrated into CheckMate

29 Carnegie Mellon: The Rare Glitch Project29Bruce H. Krogh Polyhedral-Invariant Hybrid Automaton (PIHA) Conversion Simulink/Stateflow Front End (graphical editing, simulation) Threshold-event-driven Hybrid Systems (TEDHS) Flow Pipe Approximations Quotient Transition System ACTL Verification Partition Refinement Initial Partition

30 Carnegie Mellon: The Rare Glitch Project30Bruce H. Krogh Polyhedral-Invariant Hybrid Automaton (PIHA) Conversion Simulink/Stateflow Front End (graphical editing, simulation) Threshold-event-driven Hybrid Systems (TEDHS) Flow Pipe Approximations Quotient Transition System ACTL Verification Partition Refinement Initial Partition

31 Carnegie Mellon: The Rare Glitch Project31Bruce H. Krogh Application Case Studies F 16 auto-land system (Lockheed-DARPA) Batch process shut down controller (ESPRIT VHS Project) Automotive powertrain  Engine shut-off mode (PARADES)  Idle speed control (CADENCE)  Transmission shift controller (Ford-DARPA)

32 Carnegie Mellon: The Rare Glitch Project32Bruce H. Krogh CheckMate - Current Work Sampled-data systems  clocked + unclocked events Resets (jumps in the continuous state) Efficient hybrid automata generation

33 Carnegie Mellon: The Rare Glitch Project33Bruce H. Krogh The Rare Glitch Project Hybrid system abstractions composable with independent embedded software models Generation of requirements from hybrid system models (timing and resource constraints) Improved technology  order-reduction  focused refinement  automatic model abstraction  usability

Download ppt "Model Checking for Hybrid Systems Bruce H. Krogh Carnegie Mellon University."

Similar presentations

1 of 13 STABILIZING a SWITCHED LINEAR SYSTEM by SAMPLED - DATA QUANTIZED FEEDBACK 50 th CDC-ECC, Orlando, FL, Dec 2011, last talk in the program! Daniel.

1 of 13 STABILIZING a SWITCHED LINEAR SYSTEM by SAMPLED - DATA QUANTIZED FEEDBACK 50 th CDC-ECC, Orlando, FL, Dec 2011, last talk in the program! Daniel.
1 of 14 LIMITED - INFORMATION CONTROL of SWITCHED and HYBRID SYSTEMS via PROPAGATION of REACHABLE SETS HSCC, Philadelphia, April 2013 Daniel Liberzon Coordinated.

1 of 14 LIMITED - INFORMATION CONTROL of SWITCHED and HYBRID SYSTEMS via PROPAGATION of REACHABLE SETS HSCC, Philadelphia, April 2013 Daniel Liberzon Coordinated.
CONTROL of SWITCHED SYSTEMS with LIMITED INFORMATION

CONTROL of SWITCHED SYSTEMS with LIMITED INFORMATION
Introduction to Formal Methods for SW and HW Development 09: SAT Based Abstraction/Refinement in Model-Checking Roberto Sebastiani Based on work and slides.

Introduction to Formal Methods for SW and HW Development 09: SAT Based Abstraction/Refinement in Model-Checking Roberto Sebastiani Based on work and slides.
ECOE 560 Design Methodologies and Tools for Software/Hardware Systems Spring 2004 Serdar Taşıran.

ECOE 560 Design Methodologies and Tools for Software/Hardware Systems Spring 2004 Serdar Taşıran.
Hybrid System Verification Synchronous Workshop 2003 A New Verification Algorithm for Planar Differential Inclusions Gordon Pace University of Malta December.

Hybrid System Verification Synchronous Workshop 2003 A New Verification Algorithm for Planar Differential Inclusions Gordon Pace University of Malta December.
Hybrid Systems Presented by: Arnab De Anand S. An Intuitive Introduction to Hybrid Systems Discrete program with an analog environment. What does it mean?

Hybrid Systems Presented by: Arnab De Anand S. An Intuitive Introduction to Hybrid Systems Discrete program with an analog environment. What does it mean?
CS 367: Model-Based Reasoning Lecture 2 (01/15/2002)

CS 367: Model-Based Reasoning Lecture 2 (01/15/2002)
Timed Automata.

Timed Automata.
Model Checker In-The-Loop Flavio Lerda, Edmund M. Clarke Computer Science Department Jim Kapinski, Bruce H. Krogh Electrical & Computer Engineering MURI.

Model Checker In-The-Loop Flavio Lerda, Edmund M. Clarke Computer Science Department Jim Kapinski, Bruce H. Krogh Electrical & Computer Engineering MURI.
Model Checking Genetic Regulatory Networks with Parameter Uncertainty Grégory Batt, Calin Belta, Ron Weiss HSCC 2007 Presented by Spring Berman ESE 680-003:

Model Checking Genetic Regulatory Networks with Parameter Uncertainty Grégory Batt, Calin Belta, Ron Weiss HSCC 2007 Presented by Spring Berman ESE :
Hydra (A General Framework for Formalizing UML with Formal Languages for Embedded Systems*) *from the Ph.D. thesis of William E. McUmber Software Engineering.

Hydra (A General Framework for Formalizing UML with Formal Languages for Embedded Systems*) *from the Ph.D. thesis of William E. McUmber Software Engineering.
ESE601: Hybrid Systems Some tools for verification Spring 2006.

ESE601: Hybrid Systems Some tools for verification Spring 2006.
Zonotopes Techniques for Reachability Analysis Antoine Girard Workshop “Topics in Computation and Control” March 27 th 2006, Santa Barbara, CA, USA

Zonotopes Techniques for Reachability Analysis Antoine Girard Workshop “Topics in Computation and Control” March 27 th 2006, Santa Barbara, CA, USA
Verification of Hybrid Systems An Assessment of Current Techniques Holly Bowen.

Verification of Hybrid Systems An Assessment of Current Techniques Holly Bowen.
ECE 720T5 Fall 2012 Cyber-Physical Systems Rodolfo Pellizzoni.

ECE 720T5 Fall 2012 Cyber-Physical Systems Rodolfo Pellizzoni.
Combining Symbolic Simulation and Interval Arithmetic for the Verification of AMS Designs Mohamed Zaki, Ghiath Al Sammane, Sofiene Tahar, Guy Bois FMCAD'07.

Combining Symbolic Simulation and Interval Arithmetic for the Verification of AMS Designs Mohamed Zaki, Ghiath Al Sammane, Sofiene Tahar, Guy Bois FMCAD'07.
Semantic Translation of Simulink/Stateflow Models to Hybrid Automata using Graph Transformations A. Agarwal, Gy. Simon, G. Karsai ISIS, Vanderbilt University.

Semantic Translation of Simulink/Stateflow Models to Hybrid Automata using Graph Transformations A. Agarwal, Gy. Simon, G. Karsai ISIS, Vanderbilt University.
1 Formal Models for Stability Analysis : Verifying Average Dwell Time * Sayan Mitra MIT,CSAIL Research Qualifying Exam 20 th December.

1 Formal Models for Stability Analysis : Verifying Average Dwell Time * Sayan Mitra MIT,CSAIL Research Qualifying Exam 20 th December.
Modeling and Verification of Embedded Software Rajeev Alur POPL Mentoring Workshop, Jan 2012 University of Pennsylvania.

Modeling and Verification of Embedded Software Rajeev Alur POPL Mentoring Workshop, Jan 2012 University of Pennsylvania.

Similar presentations

Ads by Google