Runtime Verification with Particle Filtering

Kalajdzic, Kenan; Bartocci, Ezio; Smolka, Scott A.; Stoller, Scott D.; Grosu, Radu

doi:10.1007/978-3-642-40787-1_9

Cited by 35 publications

(23 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We, instead, use prediction on the basis of disturbed plant models for hybrid systems at runtime to ensure safety for future behavior of the system and switch to a fail-safe fallback controller if necessary. Adaptive runtime verification [4] uses state estimation to reduce monitoring overhead by sampling while still maintaining accuracy with Hidden Markov Models, or more recently, particle filtering [17] to fill the sampling gaps. The authors present interesting ideas for managing the overhead of runtime monitoring, which could be beneficial to transfer into the hybrid systems world.…”

Section: Related Workmentioning

confidence: 99%

“…-Unlike [4,17,19,22], who focus on the discrete aspects of CPS, we use hybrid system models with differential equations to address controller and plant. -Unlike [19,39], who assume that fail-safe controllers have been verified with some other approach and do not synthesize code, we can use the same technical approach (dL ) for verifying controllers and synthesizing provably correct monitors.…”

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

ModelPlex: verified runtime validation of verified cyber-physical system models

Mitsch

Platzer

2016

Form Methods Syst Des

View full text Add to dashboard Cite

Formal verification and validation play a crucial role in making cyber-physical systems (CPS) safe. Formal methods make strong guarantees about the system behavior if accurate models of the system can be obtained, including models of the controller and of the physical dynamics. In CPS, models are essential; but any model we could possibly build necessarily deviates from the real world. If the real system fits to the model, its behavior is guaranteed to satisfy the correctness properties verified with respect to the model. Otherwise, all bets are off. This article introduces ModelPlex, a method ensuring that verification results about models apply to CPS implementations. ModelPlex provides correctness guarantees for CPS executions at runtime: it combines offline verification of CPS models with runtime validation of system executions for compliance with the model. ModelPlex ensures in a provably correct way that the verification results obtained for the model apply to the actual system runs by monitoring the behavior of the world for compliance with the model. If, at some point, the observed behavior no longer complies with the model so that offline verification results no longer apply, ModelPlex initiates provably safe fallback actions, assuming the system dynamics deviation is bounded. This article, furthermore, develops a systematic technique to synthesize provably correct monitors automatically from CPS proofs in differential dynamic logic by a correct-by-construction approach, leading to verifiably correct runtime model validation. Overall, ModelPlex generates provably correct monitor conditions that, if checked to hold at runtime, are provably guaranteed to imply that the offline safety verification results about the CPS model apply to the present run of the actual CPS implementation.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

ModelPlex: verified runtime validation of verified cyber-physical system models

Mitsch

Platzer

2016

Form Methods Syst Des

View full text Add to dashboard Cite

show abstract

“…In R2U2, however, we use the SamIam tool for the graphical modeling of our Bayesian Network models. In Runtime Verification with Particle Filtering [19] the authors use dynamic Bayesian networks to model the program, the program monitor, their interaction, and their observations. They provide a method to control the tradeoff between uncertainty and overhead.…”

Section: Related Workmentioning

confidence: 99%

R2U2: monitoring and diagnosis of security threats for unmanned aerial systems

Moosbrugger

Rozier

Schumann

2017

Form Methods Syst Des

View full text Add to dashboard Cite

We present R2U2, a novel framework for runtime monitoring of security properties and diagnosing of security threats on-board Unmanned Aerial Systems (UAS). R2U2, implemented in FPGA hardware, is a real-time, Realizable, Responsive, Unobtrusive Unit for runtime system analysis, now including security threat detection. R2U2 is designed to continuously monitor inputs from on-board components such as the GPS, the ground control station, other sensor readings, actuator outputs, and flight software status. By simultaneously monitoring and performing statistical reasoning, attack patterns and post-attack discrepancies in the UAS behavior can be detected. R2U2 uses runtime observer pairs for Linear and Metric Temporal Logics for property monitoring and Bayesian networks for diagnosis of system health during runtime. We discuss the design and implementation that now enables R2U2 to handle security threats and present simulation results of several attack scenarios on the NASA DragonEye UAS.

show abstract

“…We, instead, use prediction on the basis of disturbed plant mod-els for hybrid systems at runtime to ensure safety for future behavior of the system and switch to a fail-safe fallback controller if necessary. Adaptive runtime verification [4] uses state estimation to reduce monitoring overhead by sampling while still maintaining accuracy with Hidden Markov Models, or more recently, particle filtering [15] to fill the sampling gaps. The authors present interesting ideas for managing the overhead of runtime monitoring, which could be beneficial to transfer into the hybrid systems world.…”

Section: Related Workmentioning

confidence: 99%

ModelPlex: Verified Runtime Validation of Verified Cyber-Physical System Models

Mitsch

Platzer

2014

Runtime Verification

View full text Add to dashboard Cite

Abstract. Formal verification and validation play a crucial role in making cyberphysical systems (CPS) safe. Formal methods make strong guarantees about the system behavior if accurate models of the system can be obtained, including models of the controller and of the physical dynamics. In CPS, models are essential; but any model we could possibly build necessarily deviates from the real world. If the real system fits to the model, its behavior is guaranteed to satisfy the correctness properties verified w.r.t. the model. Otherwise, all bets are off. This paper introduces ModelPlex, a method ensuring that verification results about models apply to CPS implementations. ModelPlex provides correctness guarantees for CPS executions at runtime: it combines offline verification of CPS models with runtime validation of system executions for compliance with the model. ModelPlex ensures that the verification results obtained for the model apply to the actual system runs by monitoring the behavior of the world for compliance with the model, assuming the system dynamics deviation is bounded. If, at some point, the observed behavior no longer complies with the model so that offline verification results no longer apply, ModelPlex initiates provably safe fallback actions. This paper, furthermore, develops a systematic technique to synthesize provably correct monitors automatically from CPS proofs in differential dynamic logic.

show abstract

Runtime Verification with Particle Filtering

Cited by 35 publications

References 7 publications

ModelPlex: verified runtime validation of verified cyber-physical system models

ModelPlex: verified runtime validation of verified cyber-physical system models

R2U2: monitoring and diagnosis of security threats for unmanned aerial systems

ModelPlex: Verified Runtime Validation of Verified Cyber-Physical System Models

Contact Info

Product

Resources

About