Counterexample-Guided Refinement of Template Polyhedra

  • Sergiy Bogomolov
  • Goran Frehse
  • Mirco GiacobbeEmail author
  • Thomas A. Henzinger
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10205)


Template polyhedra generalize intervals and octagons to polyhedra whose facets are orthogonal to a given set of arbitrary directions. They have been employed in the abstract interpretation of programs and, with particular success, in the reachability analysis of hybrid automata. While previously, the choice of directions has been left to the user or a heuristic, we present a method for the automatic discovery of directions that generalize and eliminate spurious counterexamples. We show that for the class of convex hybrid automata, i.e., hybrid automata with (possibly nonlinear) convex constraints on derivatives, such directions always exist and can be found using convex optimization. We embed our method inside a CEGAR loop, thus enabling the time-unbounded reachability analysis of an important and richer class of hybrid automata than was previously possible. We evaluate our method on several benchmarks, demonstrating also its superior efficiency for the special case of linear hybrid automata.


Template Polyhedra Hybrid Automata Counter-example Guided Abstraction Refinement (CEGAR) Spurious Counter-examples Abstract Interpreter 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    GLPK (GNU linear programming kit).
  2. 2.
    Albarghouthi, A., McMillan, K.L.: Beautiful interpolants. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 313–329. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-39799-8_22 CrossRefGoogle Scholar
  3. 3.
    Alizadeh, F., Goldfarb, D.: Second-order cone programming. Math. Program. 95(1), 3–51 (2003)MathSciNetCrossRefzbMATHGoogle Scholar
  4. 4.
    Alur, R., Dang, T., Ivančić, F.: Counter-example guided predicate abstraction of hybrid systems. In: Garavel, H., Hatcliff, J. (eds.) TACAS 2003. LNCS, vol. 2619, pp. 208–223. Springer, Heidelberg (2003). doi: 10.1007/3-540-36577-X_15 CrossRefGoogle Scholar
  5. 5.
    Alur, R., Henzinger, T.A., Ho, P.: Automatic symbolic verification of embedded systems. In: RTSS. IEEE Computer Society (1993)Google Scholar
  6. 6.
    Asarin, E., Dang, T., Maler, O., Testylier, R.: Using redundant constraints for refinement. In: Bouajjani, A., Chin, W.-N. (eds.) ATVA 2010. LNCS, vol. 6252, pp. 37–51. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-15643-4_5 CrossRefGoogle Scholar
  7. 7.
    Bogomolov, S., Frehse, G., Greitschus, M., Grosu, R., Pasareanu, C., Podelski, A., Strump, T.: Assume-guarantee abstraction refinement meets hybrid systems. In: Yahav, E. (ed.) HVC 2014. LNCS, vol. 8855, pp. 116–131. Springer, Heidelberg (2014). doi: 10.1007/978-3-319-13338-6_10 Google Scholar
  8. 8.
    Bogomolov, S., Frehse, G., Grosu, R., Ladan, H., Podelski, A., Wehrle, M.: A box-based distance between regions for guiding the reachability analysis of SpaceEx. In: Madhusudan, P., Seshia, S.A. (eds.) CAV 2012. LNCS, vol. 7358, pp. 479–494. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-31424-7_35 CrossRefGoogle Scholar
  9. 9.
    Bogomolov, S., Herrera, C., Steiner, W.: Benchmark for verification of fault-tolerant clock synchronization algorithms. In: ARCH (2016)Google Scholar
  10. 10.
    Boyd, S., Vandenberghe, L.: Convex Optimization. Cambridge University Press, Cambridge (2004)CrossRefzbMATHGoogle Scholar
  11. 11.
    Bu, L., Zhao, J., Li, X.: Path-oriented reachability verification of a class of nonlinear hybrid automata using convex programming. In: Barthe, G., Hermenegildo, M. (eds.) VMCAI 2010. LNCS, vol. 5944, pp. 78–94. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-11319-2_9 CrossRefGoogle Scholar
  12. 12.
    Chen, X., Ábrahám, E., Sankaranarayanan, S.: Taylor model flowpipe construction for non-linear hybrid systems. In: RTSS (2012)Google Scholar
  13. 13.
    Chen, X., Ábrahám, E., Sankaranarayanan, S.: Flow*: an analyzer for non-linear hybrid systems. In: Sharygina, N., Veith, H. (eds.) CAV 2013. LNCS, vol. 8044, pp. 258–263. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-39799-8_18 CrossRefGoogle Scholar
  14. 14.
    Cimatti, A., Mover, S., Tonetta, S.: A quantifier-free SMT encoding of non-linear hybrid automata. In: FMCAD (2012)Google Scholar
  15. 15.
    Clarke, E.M., Fehnker, A., Han, Z., Krogh, B.H., Ouaknine, J., Stursberg, O., Theobald, M.: Abstraction and counterexample-guided refinement in model checking of hybrid systems. Int. J. Found. Comput. Sci. 14, 583–604 (2003)MathSciNetCrossRefzbMATHGoogle Scholar
  16. 16.
    Clarke, E., Grumberg, O., Jha, S., Lu, Y., Veith, H.: Counterexample-guided abstraction refinement. In: Emerson, E.A., Sistla, A.P. (eds.) CAV 2000. LNCS, vol. 1855, pp. 154–169. Springer, Heidelberg (2000). doi: 10.1007/10722167_15 CrossRefGoogle Scholar
  17. 17.
    Cousot, P., Cousot, R.: Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: POPL (1977)Google Scholar
  18. 18.
    Dang, T., Salinas, D.: Image computation for polynomial dynamical systems using the Bernstein expansion. In: Bouajjani, A., Maler, O. (eds.) CAV 2009. LNCS, vol. 5643, pp. 219–232. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-02658-4_19 CrossRefGoogle Scholar
  19. 19.
    Doyen, L., Henzinger, T.A., Raskin, J.-F.: Automatic rectangular refinement of affine hybrid systems. In: Pettersson, P., Yi, W. (eds.) FORMATS 2005. LNCS, vol. 3829, pp. 144–161. Springer, Heidelberg (2005). doi: 10.1007/11603009_13 CrossRefGoogle Scholar
  20. 20.
    Dreossi, T., Dang, T., Piazza, C.: Parallelotope bundles for polynomial reachability. In: HSCC (2016)Google Scholar
  21. 21.
    Frehse, G.: PHAVer: algorithmic verification of hybrid systems past HyTech. In: Morari, M., Thiele, L. (eds.) HSCC 2005. LNCS, vol. 3414, pp. 258–273. Springer, Heidelberg (2005). doi: 10.1007/978-3-540-31954-2_17 CrossRefGoogle Scholar
  22. 22.
    Frehse, G., Bogomolov, S., Greitschus, M., Strump, T., Podelski, A.: Eliminating spurious transitions in reachability with support functions. In: HSCC (2015)Google Scholar
  23. 23.
    Frehse, G., et al.: SpaceEx: scalable verification of hybrid systems. In: Gopalakrishnan, G., Qadeer, S. (eds.) CAV 2011. LNCS, vol. 6806, pp. 379–395. Springer, Heidelberg (2011). doi: 10.1007/978-3-642-22110-1_30 CrossRefGoogle Scholar
  24. 24.
    Frehse, G., Kateja, R., Guernic, C.L.: Flowpipe approximation and clustering in space-time. In: HSCC (2013)Google Scholar
  25. 25.
    Guernic, C., Girard, A.: Reachability analysis of hybrid systems using support functions. In: Bouajjani, A., Maler, O. (eds.) CAV 2009. LNCS, vol. 5643, pp. 540–554. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-02658-4_40 CrossRefGoogle Scholar
  26. 26.
    Henzinger, T.A.: The theory of hybrid automata. In: LICS (1996)Google Scholar
  27. 27.
    Henzinger, T.A., Ho, P.-H.: A note on abstract interpretation strategies for hybrid automata. In: Antsaklis, P., Kohn, W., Nerode, A., Sastry, S. (eds.) HS 1994. LNCS, vol. 999, pp. 252–264. Springer, Heidelberg (1995). doi: 10.1007/3-540-60472-3_13 CrossRefGoogle Scholar
  28. 28.
    Henzinger, T.A., Jhala, R., Majumdar, R., Sutre, G.: Lazy abstraction. In: POPL (2002)Google Scholar
  29. 29.
    Henzinger, T.A., Kopke, P.W., Puri, A., Varaiya, P.: What’s decidable about hybrid automata? In: STOC (1995)Google Scholar
  30. 30.
    Jha, S.K., Krogh, B.H., Weimer, J.E., Clarke, E.M.: Reachability for linear hybrid automata using iterative relaxation abstraction. In: Bemporad, A., Bicchi, A., Buttazzo, G. (eds.) HSCC 2007. LNCS, vol. 4416, pp. 287–300. Springer, Heidelberg (2007). doi: 10.1007/978-3-540-71493-4_24 CrossRefGoogle Scholar
  31. 31.
    Lamport, L.: A fast mutual exclusion algorithm. ACM Trans. Comput. Syst. (TOCS) 5(1), 1–11 (1987)CrossRefGoogle Scholar
  32. 32.
    McMillan, K.L.: Lazy abstraction with interpolants. In: Ball, T., Jones, R.B. (eds.) CAV 2006. LNCS, vol. 4144, pp. 123–136. Springer, Heidelberg (2006). doi: 10.1007/11817963_14 CrossRefGoogle Scholar
  33. 33.
    MOSEK ApS: The MOSEK C optimizer API manual, Version 7.1 (Revision 53) (2015).
  34. 34.
    Ramana, M.V.: An exact duality theory for semidefinite programming and its complexity implications. Math. Program. 77, 129–162 (1997)MathSciNetzbMATHGoogle Scholar
  35. 35.
    Ray, R., Gurung, A., Das, B., Bartocci, E., Bogomolov, S., Grosu, R.: XSpeed: accelerating reachability analysis on multi-core processors. In: Piterman, N. (ed.) HVC 2015. LNCS, vol. 9434, pp. 3–18. Springer, Heidelberg (2015). doi: 10.1007/978-3-319-26287-1_1 CrossRefGoogle Scholar
  36. 36.
    Rockafellar, R.T.: Convex Analysis. Princeton University Press, Princeton (1970)CrossRefzbMATHGoogle Scholar
  37. 37.
    Sankaranarayanan, S., Dang, T., Ivančić, F.: Symbolic model checking of hybrid systems using template polyhedra. In: Ramakrishnan, C.R., Rehof, J. (eds.) TACAS 2008. LNCS, vol. 4963, pp. 188–202. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-78800-3_14 CrossRefGoogle Scholar
  38. 38.
    Sankaranarayanan, S., Sipma, H.B., Manna, Z.: Scalable analysis of linear systems using mathematical programming. In: Cousot, R. (ed.) VMCAI 2005. LNCS, vol. 3385, pp. 25–41. Springer, Heidelberg (2005). doi: 10.1007/978-3-540-30579-8_2 CrossRefGoogle Scholar
  39. 39.
    Ben Sassi, M.A., Testylier, R., Dang, T., Girard, A.: Reachability analysis of polynomial systems using linear programming relaxations. In: Chakraborty, S., Mukund, M. (eds.) ATVA 2012. LNCS, vol. 7561, pp. 137–151. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-33386-6_12 CrossRefGoogle Scholar

Copyright information

© Springer-Verlag GmbH Germany 2017

Authors and Affiliations

  • Sergiy Bogomolov
    • 1
    • 2
  • Goran Frehse
    • 3
  • Mirco Giacobbe
    • 2
    Email author
  • Thomas A. Henzinger
    • 2
  1. 1.Australian National UniversityCanberraAustralia
  2. 2.IST AustriaKlosterneuburgAustria
  3. 3.University of Grenoble Alpes - VerimagGrenobleFrance

Personalised recommendations