Model Checking for Hybrid Systems - PowerPoint PPT Presentation

About This Presentation
Title:

Model Checking for Hybrid Systems

Description:

F 16 auto-land system (Lockheed-DARPA) Batch process shut down controller (ESPRIT VHS Project) ... Transmission shift controller (Ford-DARPA) ... – PowerPoint PPT presentation

Number of Views:44
Avg rating:3.0/5.0
Slides: 34
Provided by: danielk7
Learn more at: http://www.cs.cmu.edu
Category:

less

Transcript and Presenter's Notes

Title: Model Checking for Hybrid Systems


1
Model Checking for Hybrid Systems
  • Bruce H. Krogh
  • Carnegie Mellon University

2
Hybrid Dynamic Systems
Dynamic systems with both continuous discrete
state variables
3
Three Main Thrusts of Our Project
  • Verifying system integrity
  • Synchronization constraints
  • Resource constraints
  • Real-time constraints
  • Modeling the environment
  • Hybrid dynamics
  • Stochastic models
  • Usability
  • Extracting models
  • Explaining tool feedback

system
environment
4
Embedded systems with significant hybrid dynamics
Source ESP, Dec, 1998
5
Opportunity to Apply Formal Verification
Techniques
Computer-Aided Control System Design
executable spec.
executable spec.
feature specification
simulation
code
code generation
test on engine/vehicle
hardware in the loop
production
6
Example Variable CAM Timing
2-mode PID/saturationcontroller
look-uptable
operatingstate
cam angle
actuator command
7
Example Variable CAM Timing Controller
Verification Problem Determine whether the
controller will switch only once from saturation
to PID mode.
8
Continuous-Time Model
9
Switching Rule
Discrete-time rule Switch on magnitude of the
error and the sign of this filter
state of the filter
Continuous-time rule Switch on magnitude of the
error and the sign of this filter
error
10
Finite-State Analysis
  • Assign discrete states to each switch boundary
    and the initial condition set
  • Determine reachability from each discrete state
    to the other discrete states
  • Analyze the resulting finite state system

11
Reachability Analysis
12
Finite-State Model
13
Applying Model Checking to Hybrid Systems
  • interpret a hybrid system as a transition system
    (with an infinite state space)
  • find an equivalent finite-state transition
    systems (bisimulation)
  • perform verification using the bisimulation

Can this approach be generalized to higher-order
systems?
14
Simulink/Stateflow Front End (graphical editing,
simulation)
Threshold-event-driven Hybrid Systems (TEDHS)
Flow Pipe Approximations
Conversion
Quotient Transition System
Partition Refinement
Polyhedral-Invariant Hybrid Automaton (PIHA)
ACTL Verification
Initial Partition
15
Simulink/Stateflow Front End (graphical editing,
simulation)
Threshold-event-driven Hybrid Systems (TEDHS)
Flow Pipe Approximations
Conversion
Quotient Transition System
Partition Refinement
Polyhedral-Invariant Hybrid Automaton (PIHA)
ACTL Verification
Initial Partition
16
CheckMate Block Diagram
17
Simulink/Stateflow Front End (graphical editing,
simulation)
Threshold-event-driven Hybrid Systems (TEDHS)
Flow Pipe Approximations
Conversion
Quotient Transition System
Partition Refinement
Polyhedral-Invariant Hybrid Automaton (PIHA)
ACTL Verification
Initial Partition
18
Simulink/Stateflow Front End (graphical editing,
simulation)
Elements of CheckMate
Threshold-event-driven Hybrid Systems (TEDHS)
Flow Pipe Approximations
Conversion
Quotient Transition System
Partition Refinement
Polyhedral-Invariant Hybrid Automaton (PIHA)
ACTL Verification
Initial Partition
19
Simulink/Stateflow Front End (graphical editing,
simulation)
Threshold-event-driven Hybrid Systems (TEDHS)
Flow Pipe Approximations
Conversion
Quotient Transition System
Partition Refinement
Polyhedral-Invariant Hybrid Automaton (PIHA)
ACTL Verification
Initial Partition
20
Simulink/Stateflow Front End (graphical editing,
simulation)
Elements of CheckMate
Threshold-event-driven Hybrid Systems (TEDHS)
Flow Pipe Approximations
Conversion
Quotient Transition System
Partition Refinement
Polyhedral-Invariant Hybrid Automaton (PIHA)
ACTL Verification
Initial Partition
21
Simulink/Stateflow Front End (graphical editing,
simulation)
Threshold-event-driven Hybrid Systems (TEDHS)
Flow Pipe Approximations
Conversion
Quotient Transition System
Partition Refinement
Polyhedral-Invariant Hybrid Automaton (PIHA)
ACTL Verification
Initial Partition
22
Simulink/Stateflow Front End (graphical editing,
simulation)
Threshold-event-driven Hybrid Systems (TEDHS)
Flow Pipe Approximations
Conversion
Quotient Transition System
Partition Refinement
Polyhedral-Invariant Hybrid Automaton (PIHA)
ACTL Verification
Initial Partition
23
Computing Transitions
q
q'
p
p'
?'1
?'2
?
(?'1,p',q')
(?,p,q)
(?'2,p',q')
24
Approximating reachable sets
  • E.K. Kornoushenko. Finite-automaton approximation
    to the behavior of continuous plants, Automation
    and Remote Control, 1975
  • J. Reisch and S. OYoung, A DES approach to
    control of hybrid dynamical systems, Hybrid
    Systems III, LNCS 1066, Springer, 1996
  • A. Puri, V. Borkar and P. Varaiya,
    ?-Approximation of differential inclusions,
    Hybrid Systems III, LNCS 1066, Springer, 1996
  • M.R. Greenstreet, Verifying safety properties of
    differential equations, CAV96
  • M.R. Greenstreet and I. Mitchell, Integrating
    projections, HSCC98
  • T. Dang and O. Maler, Reachability analysis via
    face lifting, HSCC98
  • A. Chutinan and B. H. Krogh, Verification of
    polyhedral-invariant hybrid systems using
    polygonal flow pipe approximations, HSCC99

25
Polyhedral flow pipe approximation
X0
  • RM0,T(X0) union of polytopes

A. Chutinan and B. H. Krogh, Computing polyhedral
approximations to dynamic flow pipes, IEEE CDC,
1998
26
Flow Pipe Segment Approximation
Vertices(X0) at tk
Step 1. a. Simulate trajectories from each vertex
of X0.
Vertices(X0) at tk1
27
Flow Pipe Approximationfor a Linear System
Vertices for X0
Uniform time step Dtk 0.1
28
Flow Pipe Approximation
  • Applies to nonlinear dynamics
  • Applies in arbitrary dimensions
  • Approximation error doesn't grow with time
  • Estimation error (Hausdorff distance) can be made
    arbitrarily small with Dt lt d and size of X0 lt d
  • Integrated into CheckMate

29
Simulink/Stateflow Front End (graphical editing,
simulation)
Threshold-event-driven Hybrid Systems (TEDHS)
Flow Pipe Approximations
Conversion
Quotient Transition System
Partition Refinement
Polyhedral-Invariant Hybrid Automaton (PIHA)
ACTL Verification
Initial Partition
30
Simulink/Stateflow Front End (graphical editing,
simulation)
Threshold-event-driven Hybrid Systems (TEDHS)
Flow Pipe Approximations
Conversion
Quotient Transition System
Partition Refinement
Polyhedral-Invariant Hybrid Automaton (PIHA)
ACTL Verification
Initial Partition
31
Application Case Studies
  • F 16 auto-land system (Lockheed-DARPA)
  • Batch process shut down controller (ESPRIT VHS
    Project)
  • Automotive powertrain
  • Engine shut-off mode (PARADES)
  • Idle speed control (CADENCE)
  • Transmission shift controller (Ford-DARPA)

32
CheckMate - Current Work
  • Sampled-data systems
  • clocked unclocked events
  • Resets (jumps in the continuous state)
  • Efficient hybrid automata generation

33
The Rare Glitch Project
  • Hybrid system abstractions composable with
    independent embedded software models
  • Generation of requirements from hybrid system
    models (timing and resource constraints)
  • Improved technology
  • order-reduction
  • focused refinement
  • automatic model abstraction
  • usability
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Model Checking for Hybrid Systems" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!