Automated generation of dynamics-based runtime certificates for high-level control


This paper addresses the problem of synthesizing controllers for reactive missions carried out by dynamical systems operating in environments of known physical geometry but consisting of uncontrolled elements that the system must react to at execution time. Such problems have value in semi-structured industrial automation settings, especially those in which robots must behave collaboratively yet safely with their human counterparts. The proposed synthesis framework addresses cases where there exists no satisfying controller for the mission, given the dynamical system and the environment’s assumed behaviors. We introduce an approach that leverages information about an abstraction of the dynamical system to automatically generate a concise set of revisions to such specifications. We provide a graphical visualization tool as a design aid, allowing the revisions to be conveyed to the user interactively and added to the specification at the user’s discretion. Any accepted statements become certificates that, if satisfied at runtime, provide guarantees for the current mission on the given dynamics. Our approach is cast into a general framework that works with various discrete representations (i.e. abstractions) of the system dynamics. We present case studies that illustrate application of our approach to controller synthesis for two example robotic missions employing different abstractions of the system.

This is a preview of subscription content, log in to check access.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11


  1. 1.

    We only make the action explicit (W in this case), since mutual exclusion disallows the other actions from being activated at the same time.

  2. 2.

  3. 3.

  4. 4.


  1. Alur R, Moarref S, Topcu U (2013) Counter-strategy guided refinement of gr(1) temporal logic specifications. In: Formal methods in computer-aided design (FMCAD 2013), pp 26–33

  2. Bhatia A, Kavraki L, Vardi M (2010) Sampling-based motion planning with temporal goals. In: IEEE International conference on robotics and automation (ICRA 2010). IEEE, pp 2689–2696

  3. Bloem R, Cimatti A, Greimel K, Hofferek G, Könighofer R, Roveri M, Schuppan V, Seeber R (2010) RATSY – a new requirements analysis tool with synthesis. Springer Berlin Heidelberg, Berlin Heidelberg, pp 425–429 doi:10.1007/978-3-642-14295-6_37

    Google Scholar 

  4. Bloem R, Jobstmann B, Piterman N, Pnueli A, Sa’ar Y (2012) Synthesis of reactive (1) designs. J Comput Syst Sci 78(3):911–938

    MathSciNet  Article  MATH  Google Scholar 

  5. DeCastro JA, Ehlers R, Rungger M, Balkan A, Tabuada P, Kress-Gazit H (2014) Dynamics-based reactive synthesis and automated revisions for high-level robot control. CoRR arXiv:1410.6375

  6. DeCastro JA, Kress-Gazit H (2015) Synthesis of nonlinear continuous controllers for verifiably-correct high-level, reactive behaviors. Int J Robot Res 34(3):378–394. doi:10.1177/0278364914557736.

  7. DeCastro JA, Kress-Gazit H (2016) Nonlinear controller synthesis and automatic workspace partitioning for reactive high-level behaviors. In: Proceedings of the 19th ACM international conference on hybrid systems: computation and control (HSCC). Vienna

  8. Ehlers R, Raman V (2016) Slugs: extensible GR(1) synthesis. In: Computer aided verification - 28th international conference, CAV 2016, Toronto, ON, Canada, July 17-23, 2016, Proceedings, Part II, pp 333–339. doi:10.1007/978-3-319-41540-6_18

  9. Fainekos GE (2011) Revising temporal logic specifications for motion planning. In: Proceedings of the IEEE conference on robotics and automation

  10. Fainekos GE, Girard A, Kress-Gazit H, Pappas GJ (2009) Temporal logic motion planning for dynamic robots. Automatica 45(2):343–352. doi:10.1016/j.automatica.2008.08.008

  11. Girard A, Pola G, Tabuada P (2010) Approximately bisimilar symbolic models for incrementally stable switched systems. IEEE Trans Autom Control 55(1):116–126

    MathSciNet  Article  MATH  Google Scholar 

  12. Kloetzer M, Belta C (2008) Dealing with nondeterminism in symbolic control. In: Egerstedt M, Mishra B (eds) Hybrid systems: computation and control, 11th international workshop (HSCC 2008), lecture notes in computer science, vol 4981. Springer, pp 287–300

  13. Könighofer R, Hofferek G, Bloem R (2009) Debugging formal specifications using simple counterstrategies. In: Proceedings of 9th International conference on formal methods in computer-aided design, FMCAD 2009, pp 152–159

  14. Kress-Gazit H, Fainekos GE, Pappas GJ (2009) Temporal logic based reactive mission and motion planning. IEEE Trans Robot 25(6):1370–1381

    Article  Google Scholar 

  15. Li W, Dworkin L, Seshia SA (2011) Mining assumptions for synthesis. In: 9th IEEE/ACM International conference on formal methods and models for Codesign, MEMOCODE 2011, pp 43–50

  16. Li W, Sadigh D, Sastry SS, Seshia SA (2014) Synthesis for human-in-the-loop control systems. In: Tools and algorithms for the construction and analysis of systems - 20th international conference, TACAS 2014, pp 470–484

  17. Liu J, Ozay N (2014) Abstraction, discretization, and robustness in temporal logic control of dynamical systems. In: Proc. of the 17th int. conf. on hybrid systems: computation and control (HSCC’14), pp 293–302. doi:10.1145/2562059.2562137

  18. Liu J, Ozay N, Topcu U, Murray RM (2013) Synthesis of reactive switching protocols from temporal logic specifications. IEEE Trans Automat Contr 58 (7):1771–1785

    MathSciNet  Article  Google Scholar 

  19. Maly M, Lahijanian M, Kavraki L E, Kress-Gazit H, Vardi M Y (2013) Iterative temporal motion planning for hybrid systems in partially unknown environments. In: ACM International conference on hybrid systems: computation and control (HSCC). ACM, Philadelphia, pp 353–362

  20. Nilsson P, Ozay N (2014) Incremental synthesis of switching protocols via abstraction refinement. In: 53rd IEEE conference on decision and control, CDC 2014, Los Angeles, CA, USA, December 15-17, 2014. IEEE, pp 6246–6253. doi:10.1109/CDC.2014.7040368

  21. Pola G, Girard A, Tabuada P (2008) Approximately bisimilar symbolic models for nonlinear control systems. Automatica 44(10):2508–2516

    MathSciNet  Article  MATH  Google Scholar 

  22. Raman V, Kress-Gazit H (2013) Towards minimal explanations of unsynthesizability for high-level robot behaviors. In: Proc. of the IEEE/RSJ int. conf. on intelligent robots and systems (IROS 2013)

  23. Raman V, Piterman N, Kress-Gazit H (2013) Provably correct continuous control for high-level robot behaviors with actions of arbitrary execution durations. In: IEEE International conference on robotics and automation. Karlsruhe, pp 4075–4081

  24. Reißig G (2011) Computing abstractions of nonlinear systems. IEEE Trans Autom Control 56(11):2583–2598

    MathSciNet  Article  Google Scholar 

  25. Tabuada P, Pappas GJ (2006) Linear time logic control of discrete-time linear systems. IEEE Trans Autom Contr 51(12):1862–1877

    MathSciNet  Article  Google Scholar 

  26. Tarjan R (1972) Depth-first search and linear graph algorithms. SIAM J Comput 1(2):146–160. doi:10.1137/0201010

  27. Tumova J, Yordanov B, Belta C, Cerna I, Barnat J (2010) A symbolic approach to controlling piecewise affine systems. In: 49th IEEE Conference on decision and control (CDC), pp 4230–4235. doi:10.1109/CDC.2010.5717316. pdf/cdc10b.pdf

  28. Vardi MY (1996) An automata-theoretic approach to linear temporal logic. In: Logics for concurrency. Springer, pp 238–266

  29. Wolff E M, Topcu U, Murray RM (2013) Automaton-guided controller synthesis for nonlinear systems with temporal logic. In: Proc. of the IEEE/RSJ int. conf. on intelligent robots and systems (IROS 2013)

  30. Wongpiromsarn T, Topcu U, Murray RM (2010) Receding horizon control for temporal logic specifications. In: Proc. of the 13th Int. conf. on hybrid systems: computation and control (HSCC’10)

  31. Yordanov B, Tumova J, Cerna I, Barnat J, Belta C (2012) Temporal logic control of discrete-time piecewise affine systems. IEEE Trans Autom Control 57 (6):1491–1504

    MathSciNet  Article  MATH  Google Scholar 

  32. Zamani M, Pola G, Mazo M, Tabuada P (2012) Symbolic models for nonlinear control systems without stability assumptions. IEEE Trans Autom Control 57(7):1804–1809

    MathSciNet  Article  Google Scholar 

Download references


The authors thank Paulo Tabuada for insightful discussions and assistance with PESSOA, Vasumathi Raman and Salar Moarref for insightful discussions relating to synthesis of counterstrategy-based environment revisions, and Divyansha Sehgal for her assistance with the visualization tool. The authors lastly thank the anonymous reviewers for their constructive critique.

Author information



Corresponding author

Correspondence to Jonathan DeCastro.

Additional information

This work was supported by the NSF Expeditions in Computing project ExCAPE: Expeditions in Computer Augmented Program Engineering [grant number CCF-1138996]

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

DeCastro, J., Ehlers, R., Rungger, M. et al. Automated generation of dynamics-based runtime certificates for high-level control. Discrete Event Dyn Syst 27, 371–405 (2017).

Download citation


  • Formal methods
  • Discrete abstractions
  • Counterstrategies
  • Reactive mission planning
  • Dynamical systems