Verification and Synthesis of Hybrid Systems

1
Verification and Synthesis of Hybrid Systems

• Thao Dang
• October 10, 2000

2
Plan
1- Algorithmic Verification of Hybrid Systems 2-
Reachability Analysis of Continuous Systems 3-
Safety Verification of Hybrid Systems 4- Safety
Controller Synthesis for Hybrid Systems 5-
Implementation
3
Plan
1- Algorithmic Verification of Hybrid Systems 2-
Reachability Analysis of Continuous Systems 3-
Safety Verification of Hybrid Systems 4- Safety
Controller Synthesis for Hybrid Systems 5-
Implementation
4
Hybrid systems

• Hybrid systems systems which combine
• continuous-time dynamics and discrete-event
  dynamics

Continuous processes
Digital controllers,
(e.g., chemical reactions)
switches, gears..

• Arisen virtually everywhere (due to the
  increasing use of computers)

5
Analysis of Hybrid Systems

• Formal verification prove that the system
  satisfies a given property
• Controller synthesis design controllers so that
  the controlled system satisfies a desired
  property
• We concentrate on invariance properties all
  trajectories of the system stay in a subset of
  the state space
• Hybrid systems are difficult to analyze
• No existing general method

6
Illustrative Example A Thermostat
on
off

• Verification problem prove that the temperature
  x?a,b

• Characterize all behaviors ? Reachability
  Analysis

7
The Thermostat Example (contd)
x
?max
?0
?min
0
t

• Two-phase behavior
• Non-deterministic behavior
• Set of initial states

How to characterize and represent tubes of
trajectories of continuous dynamics in order to
treat discrete transitions??
8
Algorithmic Analysis of Hybrid Systems

• Exact symbolic methods
• applicable for restricted classes of hybrid
  systems
• Our objective verification method for general
  hybrid systems in any dimension

9
Algorithmic Verification of Hybrid Systems
What do we need?? a reachability technique
which
? is applicable for arbitrary continuous
systems ? can be extended to hybrid systems
? ? approximate reachability techniques ?
represent reachable sets by orthogonal polyhedra
10
Approximations by Orthogonal Polyhedra
Non-convex orthogonal polyhedra (unions of
hyperrectangles)
Motivations ? canonical representation,
efficient manipulation in any dimension ? easy
extension to hybrid systems ? termination can
be guaranteed
Under-approximation
Over-approximation
11
Plan
1- Approach to Algorithmic Verification of Hybrid
Systems 2- Reachability Analysis of Continuous
Systems ? Abstract Reachability Algorithm
? Algorithm for Linear Continuous Systems ?
Algorithm for Non-Linear Continuous Systems 3-
Safety Verification of Hybrid Systems 4- Safety
Controller Synthesis for Hybrid Systems 5-
Implementation
12
Plan
1- Approach to Algorithmic Verification of Hybrid
Systems 2- Reachability Analysis of Continuous
Systems ? Abstract Reachability Algorithm
? Algorithm for Linear Continuous Systems ?
Algorithm for Non-Linear Continuous Systems 3-
Safety Verification of Hybrid Systems 4- Safety
Controller Synthesis for Hybrid Systems 5-
Implementation
13
Reachability Analysis of Continuous Systems
x(0)?F, set of initial states
Problem Find an orthogonal polyhedron
over-approximating the reachable set from F
14
Successor Operator
?r(F)
F
Reachable set from F ?(F) ?0,?)(F)
15
Abstract Algorithm for Calculating ?(F)
P0 F repeat k 0, 1, 2 .. Pk1 Pk
? ?0,r(Pk) until Pk1 Pk
r time step

• Use orthogonal polyhedra to
• represent Pk
• approximate ?0,r

16
Plan
1- Algorithmic Verification of Hybrid Systems 2-
Reachability Analysis of Continuous Systems ?
Abstract Reachability Algorithm ? Algorithm
for Linear Continuous Systems ? Algorithm for
Non-Linear Continuous Systems 3- Safety
Verification of Hybrid Systems 4- Safety
Controller Synthesis for Hybrid Systems 5-
Implementation
17
Reachability of Linear Continuous Systems
F is the set of initial states
?r(F) eArF
F is a convex polyhedron F convv1,..,vm
?r(vi)eArvi
vi
?r(F) conv?r(v1),.., ?r(vm)
F
18
Over-Approximating the Reachable Set
Extension to under-approximations
19
Example
20
Extension to Linear Systems with Uncertain Input
u1
u2
? Computation of ?r(F) Varaiya 98
? Bloating amount
(Maximum Principle)
21
Example
Kurzhanski and Valyi 97
Advantage time-efficiency
22
Plan
1- Algorithmic Verification of Hybrid Systems 2-
Reachability Analysis of Continuous Systems ?
Abstract Reachability Algorithm ? Algorithm
for Linear Continuous Systems ? Algorithm for
Non-Linear Continuous Systems 3- Safety
Verification of Hybrid Systems 4- Safety
Controller Synthesis for Hybrid Systems 5-
Implementation
23
Principle of the Reachability Technique
x(0)?F, set of initial states
? Face lifting technique, inspired by
Greenstreet 96
F
y
? Continuity of trajectories ? compute from
the boundary of F
x
24
Over-Approximating ?0,r(F)
Step 1 rough approximation N(F)
Step 2 more accurate approximation
N(F)
F
e
25
Computation Procedure
F

• Decompose F into non-overlapping
  hyper-rectangles
• Apply the lifting operation to each
  hyper-rectangle (faces on the boundary of F)
• Make the union of the new hyper-rectangles

26
Example Airplane Safety Lygeros et al. 98
P Vmin,Vmax??min,?max
27
Plan
1- Algorithmic Verification of Hybrid Systems 2-
Reachability Analysis of Continuous Systems ?
Abstract Reachability Algorithm ? Algorithm
for Linear Continuous Systems ? Algorithm for
Non-Linear Continuous Systems 3- Safety
Verification of Hybrid Systems 4- Safety
Controller Synthesis for Hybrid Systems 5-
Implementation
28
Hybrid Systems

• Hybrid automata
• continuous dynamics linear with uncertain
  input, non-linear
• staying and switching conditions convex
  polyhedra
• reset functions affine of the form Rqq (x)
  Dqqx Jqq

switching condition
reset function
discrete state
q1
q0
continuous dynamics
staying condition
29
Reachability of Hybrid Automata

• The state (q, x) of the system can change in two
  ways
• continuous evolution q remains constant, and x
  changes continuously according to the diff. eq.
  at q
• discrete evolution (by making a transition) q
  changes, and x changes according to the reset
  function.
• Reachability analysis
• continuous-successors
• discrete-successors
• ? approximations by orthogonal polyhedra

30
Over-approximating Continuous-Successors

• Use the reachability algorithms for continuous
  systems
• Take into account the staying conditions

31
Over-approximating Discrete-Successors
?qq(q, F) (q, Rqq(F ? Gqq) ? Hq)
Hq
Fg
Gqq
F
32
Example
33
Plan
1- Algorithmic Verification of Hybrid Systems 2-
Reachability Analysis of Continuous Systems ?
Abstract Reachability Algorithm ? Algorithm
for Linear Continuous Systems ? Algorithm for
Non-Linear Continuous Systems 3- Safety
Verification of Hybrid Systems 4- Safety
Controller Synthesis for Hybrid Systems 5-
Implementation
34
Switching Controller Synthesis Introduction
Discrete Switching Controller
q1
q2
q1
q2
q
x
f1
q3
f2
Mode selection
f3
Plant
35
The Safety Synthesis Problem
Given a hybrid automaton A and a set F ? How to
restrict the guards and the staying conditions of
A so that all trajectories of the resulting
automaton A stay in F
Solution Compute the maximal invariant set (set
of winning states)
36
Operator ?
Given F(q, Fq) q?Q, ?(F) consists of states
from which all trajectories stay
indefinitely in F without switching OR stay
in F for some time and then make a transition to
another discrete state and still in F
x3
Fq
x2
Gqq?Fq
x1
37
Calculation of the Maximal Invariant Set
P0 F repeat k 1, 2, .. Pk1
Pk ? ?(Pk) until Pk1 Pk P Pk
P maximal invariant set A H H ? P, G
G ? P
38
Effective Approximate Synthesis Algorithm
To approximate the maximal invariant set

• Use our reachability techniques for hybrid
  automata to approximate ?(F)
• Under-approximations

? Effective approximate synthesis algorithm for
hybrid systems with linear continuous dynamics
39
F0
F1
G10
G01-0.2,-0.01? -0.2,-0.01
G01
G100.01,0.32? -0.01,0.1
40
Plan
1- Approach to Algorithmic Verification of Hybrid
Systems 2- Reachability Analysis of Continuous
Systems ? Abstract Reachability Algorithm
? Algorithm for Linear Continuous Systems ?
Algorithm for Non-Linear Continuous Systems 3-
Safety Verification of Hybrid Systems 4- Safety
Controller Synthesis for Hybrid Systems 5-
Implementation
41
The tool d/dt
Three types of automatic analysis for hybrid
systems with linear differential inclusions ?
Reachability Analysis compute an
over-approximation of the reachable set from a
given initial set ? Safety Verification check
whether the system reaches a set of bad states
? Safety Controller Synthesis synthesize a
switching controller so that the controlled
system always remains inside a given set
42
Implementation
d/dt
Interface
Verification Algorithms Controller Synthesis
Algorithms
OpenGL LEDA
Numerical Integration CVODE
Geometric Algorithms
Qhull, Polka, Cubes
Orthogonal Approximations
43
The tool d/dt
44
Conclusions
Generality of Systems ? Complexity of
continuous and discrete dynamics ? High
dimensional systems
Variety of Problems ? Safety Verification and
Synthesis
Applications ? collision avoidance (4
continuous variables, 1 discrete state) ?
double pendulum (3 continuous variables, 7
discrete states) ? freezing system (6
continuous variables, 9 discrete states)
45
Perspectives

• More efficient analysis techniques
• - Combining with analytic/qualitative methods
• - Adapting existing techniques for discrete/timed
  systems

• Tool
• - more interactive analysis, simulation features
• - experimentation real-life problems

46
Related Work

• Reachability Analysis
• Polygonal Projections Greenstreet and Mitchell
  99
• Ellipsoidal Techniques Kurzhanski and Varaiya
  00
• Approximations via Parallelotopes Kostoukova
  99
• Verification
• CheckMate Chutinan and Krogh 99
• HyperTech Henzinger et al. 00
• VeriShift Botchkarev and Tripakis 00
• Symbolic Method Lafferriere, Pappas, and Yovine
  99
• Synthesis
• Synthesis for timed automata Asarin, Maler,
  Pnueli, and Sifakis 98
• Hamilton Jacobi Partial Diff. Eq. Lygeros,
  Tomlin, and Sastry 98
• Computer Algebra Shakernia, Pappas, and Sastry
  00

47
FinMerci