Modern control is implemented with digital microcontrollers, embedded within a dynamical plant that represents physical components. We present a new algorithm based on counterexample guided inductive synthesis that automates the design of digital controllers that are correct by construction. The synthesis result is sound with respect to the complete range of approximations, including time discretization, quantization effects, and finite-precision arithmetic and its rounding errors. We have implemented our new algorithm in a tool called DSSynth, and are able to automatically generate stable controllers for a set of intricate plant models taken from the literature within minutes.
Reachability analysis of continuous and discrete time systems is a hard problem that has seen much progress in the last decades. In many cases the problem has been reduced to bisimulations with a number of limitations in the nature of the dynamics, soundness, or time horizon. In this article we focus on sound safety verification of Unbounded-Time Linear Time-Invariant (LTI) systems with inputs using reachability analysis. We achieve this by using Abstract Acceleration, which over-approximates the reach tube of a system over unbounded time by using abstraction . The technique is applied to a number of models and the results show good performance when compared to state-of-the-art tools. I. IntroductionLinear loops are an ubiquitous programming pattern. Linear loops iterate over continuous variables, which are updated with a linear transformation. Linear loops may be guarded, i.e., terminate if a given linear condition holds. Inputs from the environment can be modelled by means of non-deterministic choices within the loop. These features make linear loops expressive enough to capture the dynamics of many hybrid dynamical models. The usage of such models in safety-critical embedded systems makes linear loops a fundamental target for formal methods.Many high-level requirements for embedded control systems can be modelled as safety properties, i.e. deciding reachability of certain bad states, in which the system exhibits unsafe behaviour. Bad states may, in linear loops, be encompassed by guard assertions.Reachability in linear programs, however, is a formidable challenge for automatic analysers: the problem is undecidable despite the restriction to linear transformations (i.e., linear dynamics) and linear guards.The goal of this article is to push the frontiers of unbounded-time reachability analysis: we aim at devising a method that is able to reason soundly about unbounded trajectories. We present a new approach for performing abstract acceleration. Abstract acceleration [26], [27], [34] approximates the effect of an arbitrary number of loop iterations (up to infinity) with a single, non-iterative transfer function that is applied to the entry state of the loop (i.e., to the set of initial conditions of the linear dynamics). This article extends the work in [34] to systems with non-deterministic inputs elaborating the details omitted in [39].The key contributions of this article are: 1) We present a new technique to include inputs (non-determinism) in the abstract acceleration of general linear loops. 2) We introduce the use of support functions in complex spaces, in order to increase the precision of previous abstract acceleration methods.
This report presents the results of a friendly competition for formal verification of continuous and hybrid systems with linear continuous dynamics. The friendly competition took place as part of the workshop Applied Verification for Continuous and Hybrid Systems (ARCH) in 2017. In its first edition, seven tools have been applied to solve three different benchmark problems in the category for linear continuous dynamics (in alphabetical order): Axelerator, CORA, Flow*, HyDRA, Hylaa, SpaceEx, and XSpeed. The result is a snapshot of the current landscape of tools and the types of benchmarks they are particularly suited for. Due to the diversity of problems, we are not ranking tools, yet the presented results probably provide the most complete assessment of tools for the safety verification of continuous and hybrid systems with linear continuous dynamics up to this date.
Soundness is a major objective for verification tools. Methods that use exact arithmetic or symbolic representations are often prohibitively slow and do not scale past small examples. We propose the use of numerical floating-point computations to improve performance combined with an interval analysis to ensure soundness in reach-set computations for numerical dynamical models. Since the interval analysis cannot provide exact answers we reason about over-approximations of the reachable sets that are guaranteed to contain the true solution of the problem. Our theory is implemented in a numerical algorithm for Abstract Acceleration in a tool called Axelerator. Experimental results show a large increase in performance while maintaining soundness of reachability results.
Reachability analysis of dynamical models is a relevant problem that has seen much progress in the last decades, however with clear limitations pertaining to the nature of the dynamics and the soundness of the results. This article focuses on sound safety verification of unbounded-time (infinite-horizon) linear time-invariant (LTI) models with inputs using reachability analysis. We achieve this using counterexample-guided Abstract Acceleration: this approach over-approximates the reachability tube of the LTI model over an unbounded time horizon by using abstraction, possibly finding concrete counterexamples for refinement based on the given safety specification. The technique is applied to a number of LTI models and the results show robust performance when compared to state-of-the-art tools.
We present a sound and automated approach to synthesize safe digital feedback controllers for physical plants represented as linear, time-invariant models. Models are given as dynamical equations with inputs, evolving over a continuous state space and accounting for errors due to the digitization of signals by the controller. Our counterexample guided inductive synthesis (CEGIS) approach has two phases: We synthesize a static feedback controller that stabilizes the system but that may not be safe for all initial conditions. Safety is then verified either via BMC or abstract acceleration; if the verification step fails, a counterexample is provided to the synthesis engine and the process iterates until a safe controller is obtained. We demonstrate the practical value of this approach by automatically synthesizing safe controllers for intricate physical plant models from the digital control literature.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.