Abstract:Approximating the set of reachable states of a dynamical system is an algorithmic yet mathematically rigorous way to reason about its safety. Although progress has been made in the development of efficient algorithms for affine dynamical systems, available algorithms still lack scalability to ensure their wide adoption in the industrial setting. While modern linear algebra packages are efficient for matrices with tens of thousands of dimensions, set-based image computations are limited to a few hundred. We pro… Show more
“…Measurements were performed using Amazon Web Services Elastic Computing Cloud (EC2), on a powerful m4.10xlarge instance with 40 cores and a large 160 GB of memory that can be rented by the hour. Note that we perform analysis in discrete time, whereas SpaceEx [26] and the decomposition method [13] we compare against do dense time analysis. Although this requires a few more operations, specifically a bloating at the initial step using an approximation model, we do not expect qualitative runtime differences.…”
Affine systems reachability is the basis of many verification methods. With further computation, methods exist to reason about richer models with inputs, nonlinear differential equations, and hybrid dynamics. As such, the scalability of affine systems verification is a prerequisite to scalable analysis for more complex systems. In this paper, we improve the scalability of affine systems verification, in terms of the number of dimensions (variables) in the system.The reachable states of affine systems can be written in terms of the matrix exponential, and safety checking can be performed at specific time steps with linear programming. Unfortunately, for large systems with many state variables, this direct approach requires an intractable amount of memory while using an intractable amount of computation time. We overcome these challenges by combining several methods that leverage common problem structure. Memory is reduced by exploiting initial states that are not full-dimensional and safety properties (outputs) over a few linear projections of the state variables. Computation time is saved by using numerical simulations to compute only projections of the matrix exponential relevant for the verification problem. Since large systems often have sparse dynamics, we use Krylov-subspace simulation approaches based on the Arnoldi or Lanczos iterations. Our method produces accurate counter-examples when properties are violated and, in the extreme case with sufficient problem structure, can analyze a system with one billion real-valued state variables.
CCS CONCEPTS• General and reference → Verification; • Theory of computation → Timed and hybrid models; • Software and its engineering → Formal methods;
“…Measurements were performed using Amazon Web Services Elastic Computing Cloud (EC2), on a powerful m4.10xlarge instance with 40 cores and a large 160 GB of memory that can be rented by the hour. Note that we perform analysis in discrete time, whereas SpaceEx [26] and the decomposition method [13] we compare against do dense time analysis. Although this requires a few more operations, specifically a bloating at the initial step using an approximation model, we do not expect qualitative runtime differences.…”
Affine systems reachability is the basis of many verification methods. With further computation, methods exist to reason about richer models with inputs, nonlinear differential equations, and hybrid dynamics. As such, the scalability of affine systems verification is a prerequisite to scalable analysis for more complex systems. In this paper, we improve the scalability of affine systems verification, in terms of the number of dimensions (variables) in the system.The reachable states of affine systems can be written in terms of the matrix exponential, and safety checking can be performed at specific time steps with linear programming. Unfortunately, for large systems with many state variables, this direct approach requires an intractable amount of memory while using an intractable amount of computation time. We overcome these challenges by combining several methods that leverage common problem structure. Memory is reduced by exploiting initial states that are not full-dimensional and safety properties (outputs) over a few linear projections of the state variables. Computation time is saved by using numerical simulations to compute only projections of the matrix exponential relevant for the verification problem. Since large systems often have sparse dynamics, we use Krylov-subspace simulation approaches based on the Arnoldi or Lanczos iterations. Our method produces accurate counter-examples when properties are violated and, in the extreme case with sufficient problem structure, can analyze a system with one billion real-valued state variables.
CCS CONCEPTS• General and reference → Verification; • Theory of computation → Timed and hybrid models; • Software and its engineering → Formal methods;
“…For out-of-the-box usage, we provide an efficient implementation of a recent approach for the reachability analysis of LTI systems [2,8]. The idea is to first decompose the system into low-dimensional blocks and then solve many small reachability problems.…”
Section: Continuous-post Operatorsmentioning
confidence: 99%
“…The JuliaReach toolbox consists of two main packages: The first package, Reachability, offers core infrastructure for implementing reachability algorithms for continuous and hybrid systems. As a proof of concept, the package currently provides implementations of an algorithm for the analysis of linear time-invariant (LTI) systems based on decomposition [8], and of the classic interleaving algorithm of continuous and discrete-post operators as used in hybrid system tools such as SpaceEx [7,9,12].…”
We present JuliaReach, a toolbox for set-based reachability analysis of dynamical systems. JuliaReach consists of two main packages: Reachability, containing implementations of reachability algorithms for continuous and hybrid systems, and LazySets, a standalone library that implements state-of-the-art algorithms for calculus with convex sets. The library offers both concrete and lazy set representations, where the latter stands for the ability to delay set computations until they are needed. The choice of the programming language Julia and the accompanying documentation of our toolbox allow researchers to easily translate set-based algorithms from mathematics to software in a platform-independent way, while achieving runtime performance that is comparable to statically compiled languages. Combining lazy operations in high dimensions and explicit computations in low dimensions, JuliaReach can be applied to solve complex, large-scale problems.
CCS CONCEPTS• Security and privacy → Logic and verification;
“…Reachability analysis is a rigorous alternative to sampling-based veri cation of dynamic systems, and at least for linear (or a ne) systems there have been recent demonstrations of techniques capable of handling thousands of continuous state space dimensions [6,7]. Reachable sets and tubes-or more typically over-approximations of them to ensure soundness-are an e ective tool for demonstrating safety: If the forward / backward reach set or tube does not intersect the unsafe / initial set respectively then the system is safe.…”
Scalable safety veri cation of continuous state dynamic systems has been demonstrated through both reachability and viability analyses using parametric set representations; however, these two analyses are not interchangable in practice for such parametric representations. In this paper we consider viability analysis for discrete time a ne dynamic systems with adversarial inputs. Given a set of state and input constraints, and treating the inputs in best-case and/or worst-case fashion, we construct invariant, viable and discriminating sets, which must therefore under-approximate the invariant, viable and discriminating kernels respectively. The sets are constructed by scaling zonotopes represented in center-generator form. The scale factors are found through e cient convex optimizations. The results are demonstrated on two toy examples and a six dimensional nonlinear longitudinal model of a quadrotor.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.