Assume-guarantee reasoning for hybrid I/O-automata by over-approximation of continuous interaction

Frehse, Goran; Han, Zhi; Krogh, Bruce H.

doi:10.1109/cdc.2004.1428676

Cited by 35 publications

(34 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Frehse et al [9] develop assume-guarantee reasoning for hybrid systems based on over-approximation by simulation to enable compositional reasoning. A similar approach is taken by Girard and Pappas [11] using bisimulation, simulation, and language inclusion to develop approximate system relationships.…”

Section: Discussionmentioning

confidence: 99%

Contract-based integration of cyber-physical analyses

Ruchkin

Niz

Garlan

et al. 2014

Proceedings of the 14th International Conference on Embedded Software

View full text Add to dashboard Cite

Developing cyber-physical systems involves creating systems with properties from multiple domains, e.g., timing, logical correctness, thermal resilience, aerodynamics, and mechanical stress. In today's industrial practice, multiple analyses are used to obtain and verify such properties. Unfortunately, given that these analyses originate from different scientific domains, they abstract away interactions among themselves, risking the invalidation of their results. Specifically, one challenge is to ensure that an analysis is never applied to a model that violates its assumptions. Since such violation can originate from the updating of the model by another analysis, analyses must be executed in the correct order. Another challenge is to do this soundly and scalably over models of realistic complexity and diverse set of analyses. To address these challenges, we develop an analysis integration approach that uses contracts to specify dependencies between analyses, determine their correct orders of application, and specify and verify applicability conditions across multiple domains. We present an implementation of our approach, and demonstrate its effectiveness, extensibility, and scalability.

show abstract

Section: Discussionmentioning

confidence: 99%

Contract-based integration of cyber-physical analyses

Ruchkin

Niz

Garlan

et al. 2014

Proceedings of the 14th International Conference on Embedded Software

View full text Add to dashboard Cite

show abstract

“…The single output port d (8) provides the current speed advice, which, by output guarantee π out rc (9), is never further away than D from the previous advice d − (10).…”

Section: Example: Interfacesmentioning

confidence: 99%

“…Thus, techniques to prevent state-space explosion are needed, such as assume-guarantee reasoning (AGR, e. g., [4,9,14]), which was developed to decompose a verification task into subtasks. Timed transition systems are used to approximate a component's behavior by discretization [9].…”

Section: Related Workmentioning

confidence: 99%

Tactical contract composition for hybrid system component verification

Müller

Mitsch

Retschitzegger

et al. 2018

Int J Softw Tools Technol Transfer

View full text Add to dashboard Cite

We present an approach for hybrid systems that combines the advantages of component-based modeling (e.g., reduced model complexity) with the advantages of formal verification (e.g., guaranteed contract compliance). Component-based modeling can be used to split large models into multiple component models with local responsibilities to reduce modeling complexity. Yet, this only helps the analysis if verification proceeds one component at a time. In order to benefit from the decomposition of a system into components for both modeling and verification purposes, we prove that the safety of compatible components implies safety of the composed system. We implement our composition theorem as a tactic in the KeYmaera X theorem prover, allowing automatic generation of a KeYmaera X proof for the composite system from proofs for the components without soundness-critical changes to KeYmaera X. Our approach supports component contracts (i.e., input assumptions and output guarantees for each component) that characterize the magnitude and rate of change of values exchanged between components. These contracts can take into account what has changed between two components in a given amount of time since the last exchange of information.

show abstract

“…It is a very general framework that is based on (almost) arbitrary trajectories of a set of variables, which can have different dynamic types. Since our focus is on obtaining a computable framework for compositional reasoning, we have proposed a simple concept of I/O-automata in [9], which is largely based on the hybrid automata in [1]. Given a set …”

Section: Hybrid I/o-automata With Affine Dynamicsmentioning

confidence: 99%

“…It can be used to verify equivalence or abstraction between different models, and for assume-guarantee reasoning. For lack of space, the reader is referred to [9] for further details on the approach.…”

mentioning

confidence: 99%

PHAVer: algorithmic verification of hybrid systems past HyTech

Frehse

2008

Int J Softw Tools Technol Transf

207

117

View full text Add to dashboard Cite

Abstract. In 1995, HyTech broke new ground as a potentially powerful tool for verifying hybrid systems -yet it has remained severely limited in its applicability to more complex systems. We address the main problems of HyTech with PHAVer, a new tool for the exact verification of safety properties of hybrid systems with piecewise constant bounds on the derivatives. Affine dynamics are handled by on-the-fly overapproximation and by partitioning the state space based on user-definable constraints and the dynamics of the system. PHAVer's exact arithmetic is robust due to the use of the Parma Polyhedra Library, which supports arbitrarily large numbers. To manage the complexity of the polyhedral computations, we propose methods to conservatively limit the number of bits and constraints of polyhedra. Experimental results for a navigation benchmark and a tunnel diode circuit show the effectiveness of the approach.

show abstract

Assume-guarantee reasoning for hybrid I/O-automata by over-approximation of continuous interaction

Cited by 35 publications

References 11 publications

Contract-based integration of cyber-physical analyses

Contract-based integration of cyber-physical analyses

Tactical contract composition for hybrid system component verification

PHAVer: algorithmic verification of hybrid systems past HyTech

Contact Info

Product

Resources

About