Skip to main content
SpringerLink
Log in

Computing differential invariants of hybrid systems as fixedpoints

  • Published:
Formal Methods in System Design Aims and scope Submit manuscript

Abstract

We introduce a fixedpoint algorithm for verifying safety properties of hybrid systems with differential equations whose right-hand sides are polynomials in the state variables. In order to verify nontrivial systems without solving their differential equations and without numerical errors, we use a continuous generalization of induction, for which our algorithm computes the required differential invariants. As a means for combining local differential invariants into global system invariants in a sound way, our fixedpoint algorithm works with a compositional verification logic for hybrid systems. With this compositional approach we exploit locality in system designs. To improve the verification power, we further introduce a saturation procedure that refines the system dynamics successively with differential invariants until safety becomes provable. By complementing our symbolic verification algorithm with a robust version of numerical falsification, we obtain a fast and sound verification procedure. We verify roundabout maneuvers in air traffic management and collision avoidance in train control and car control.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Alur R, Pappas GJ (eds) (2004) Hybrid systems: computation and control, Proceedings of the 7th International Workshop, HSCC 2004, Philadelphia, PA, USA, March 25–27, 2004. LNCS, vol 2993. Springer, Berlin

    MATH  Google Scholar 

  2. Anai H, Weispfenning V (2001) Reach set computations using real quantifier elimination. In: Benedetto MDD, Sangiovanni-Vincentelli AL (eds) HSCC. LNCS, vol 2034. Springer, Berlin, pp 63–76. doi:10.1007/3-540-45351-2_9

    Google Scholar 

  3. Asarin E, Dang T, Girard A (2003) Reachability analysis of nonlinear systems using conservative approximation. In: Maler O, Pnueli A (eds) HSCC. LNCS, vol 2623. Springer, Berlin, pp 20–35. doi:10.1007/3-540-36580-X_5

    Google Scholar 

  4. Chutinan A, Krogh BH (2003) Computational techniques for hybrid system verification. IEEE Trans Autom Control 48(1):64–75. doi:10.1109/TAC.2002.806655

    Article  MathSciNet  Google Scholar 

  5. Clarke EM (1979) Program invariants as fixedpoints. Computing 21(4):273–294. doi:10.1007/BF02248730

    Article  MATH  Google Scholar 

  6. Collins GE, Hong H (1991) Partial cylindrical algebraic decomposition for quantifier elimination. J Symb Comput 12(3):299–328. doi:10.1016/S0747-7171(08)80152-6

    Article  MathSciNet  MATH  Google Scholar 

  7. Damm W, Hungar H, Olderog ER (2006) Verification of cooperating traffic agents. Int J Control 79(5):395–421

    Article  MathSciNet  MATH  Google Scholar 

  8. Damm W, Pinto G, Ratschan S (2005) Guaranteed termination in the verification of LTL properties of non-linear robust discrete time hybrid systems. In: Peled D, Tsay YK (eds) ATVA. LNCS, vol 3707. Springer, Berlin, pp 99–113. doi:10.1007/11562948_10

    Google Scholar 

  9. Davoren JM, Nerode A (2000) Logics for hybrid systems. IEEE 88(7):985–1010. doi:10.1109/5.871305

    Article  Google Scholar 

  10. Donzé A, Maler O (2004) Systematic simulation using sensitivity analysis. In: Bemporad A et al. (eds) Hybrid systems: computation and control, Proceedings of the 10th international conference, HSCC 2007, Pisa, Italy. LNCS, vol 4416. Springer, Berlin, pp 174–189. doi:10.1007/978-3-540-71493-4_16

    Chapter  Google Scholar 

  11. Dowek G, Muñoz C, Carreño VA (2005) Provably safe coordinated strategy for distributed conflict resolution. In: Proceedings of the AIAA guidance navigation, and control conference and exhibit 2005, AIAA-2005-6047

  12. Fränzle M (1999) Analysis of hybrid systems: an ounce of realism can save an infinity of states. In: Flum J, Rodríguez-Artalejo M (eds) CSL. LNCS, vol 1683. Springer, Berlin, pp 126–140

    Google Scholar 

  13. Frehse G (2005) PHAVer: Algorithmic verification of hybrid systems past HyTech. In: Morari M, Thiele L (eds) Hybrid systems: computation and control, Proceedings of the 8th international workshop, HSCC 2005, Zurich, Switzerland, March 9–11, 2005. LNCS, vol 3414. Springer, Berlin, pp 258–273. doi:10.1007/b106766

    Google Scholar 

  14. Gulwani S, Tiwari A (2008) Constraint-based approach for analysis of hybrid systems. In: Gupta A, Malik S (eds) Proceedings computer aided verification, CAV 2008, Princeton, NJ, USA. LNCS, vol 5123. Springer, Berlin, pp 190–203. doi:10.1007/978-3-540-70545-1

    Chapter  Google Scholar 

  15. Harel D, Kozen D, Tiuryn J (2000) Dynamic logic. MIT Press, Cambridge

    MATH  Google Scholar 

  16. Henzinger TA (1996) The theory of hybrid automata. In: LICS. IEEE Computer Society, Los Alamitos, pp 278–292

    Google Scholar 

  17. Henzinger TA, Ho PH, Wong-Toi H (1997) HyTech: a model checker for hybrid systems. In: Grumberg O (ed) CAV. LNCS, vol 1254. Springer, Berlin, pp 460–463

    Google Scholar 

  18. Hwang I, Kim J, Tomlin C (2007) Protocol-based conflict resolution for air traffic control. Air Traffic Control Q 15(1):1–34

    Google Scholar 

  19. Lanotte R, Tini S (2005) Taylor approximation for hybrid systems. In: Morari M, Thiele L (eds) Hybrid systems: computation and control, Proceedings of the 8th international workshop, HSCC 2005, Zurich, Switzerland, March 9–11, 2005. LNCS, vol 3414. Springer, Berlin, pp 402–416. doi:10.1007/b106766

    Google Scholar 

  20. Mansfield EL (1991) Differential Gröbner bases. PhD thesis, University of Sydney

  21. Massink M, Francesco ND (2001) Modelling free flight with collision avoidance. In: Andler SF, Offutt J (eds) ICECCS. IEEE Computer Society, Los Alamitos, pp 270–280. doi:10.1109/ICECCS.2001.930186

    Google Scholar 

  22. Parrilo PA (2003) Semidefinite programming relaxations for semialgebraic problems. Math Program 96(2):293–320. doi:10.1007/s10107-003-0387-5

    Article  MathSciNet  MATH  Google Scholar 

  23. Piazza C, Antoniotti M, Mysore V, Policriti A, Winkler F, Mishra B (2005) Algorithmic algebraic model checking, I: challenges from systems biology. In: Etessami K, Rajamani SK (eds) CAV. LNCS, vol 3576. Springer, Berlin, pp 5–19. doi:10.1007/11513988_3

    Google Scholar 

  24. Platzer A (2008) Differential-algebraic dynamic logic for differential-algebraic programs. J Log Comput. doi:10.1093/logcom/exn070

    Google Scholar 

  25. Platzer A (2008) Differential dynamic logic for hybrid systems. J Autom Reas 41(2):143–189. doi:10.1007/s10817-008-9103-8

    Article  MathSciNet  Google Scholar 

  26. Platzer A, Clarke EM (2007) The image computation problem in hybrid systems model checking. In: Bemporad A et al. (eds) Hybrid systems: computation and control, Proceedings of the 10th international conference, HSCC 2007, Pisa, Italy. LNCS, vol 4416. Springer, Berlin, pp 473–486. doi:10.1007/978-3-540-71493-4_37

    Chapter  Google Scholar 

  27. Platzer A, Clarke EM (2008) Computing differential invariants of hybrid systems as fixedpoints. In: Gupta A, Malik S (eds) Proceedings computer aided verification, CAV 2008, Princeton, NJ, USA. LNCS, vol 5123. Springer, Berlin, pp 176–189. doi:10.1007/978-3-540-70545-1_17

    Chapter  Google Scholar 

  28. Platzer A, Clarke EM (2008) Computing differential invariants of hybrid systems as fixedpoints. Tech Rep CMU-CS-08-103, School of Computer Science, Carnegie Mellon University, Pittsburgh, PA

  29. Platzer A, Quesel JD (2008) KeYmaera: A hybrid theorem prover for hybrid systems. In: Armando A, Baumgartner P, Dowek G (eds) IJCAR. LNCS, vol 5195. Springer, Berlin, pp 171–178. doi:10.1007/978-3-540-71070-7_15

    Google Scholar 

  30. Platzer A, Quesel JD (2008) Logical verification and systematic parametric analysis in train control. In: Egerstedt M, Mishra B (eds) HSCC. LNCS, vol 4981. Springer, Berlin, pp 646–649. doi:10.1007/978-3-540-78929-1_55

    Google Scholar 

  31. Prajna S, Jadbabaie A (2004) Safety verification of hybrid systems using barrier certificates. In: Alur R, Pappas GJ (eds) Hybrid systems: computation and control, Proceedings of the 7th international workshop, HSCC 2004, Philadelphia, PA, USA, March 25–27, 2004. LNCS, vol 2993. Springer, Berlin, pp 477–492. doi:10.1007/b96398

    Google Scholar 

  32. Prajna S, Jadbabaie A, Pappas GJ (2007) A framework for worst-case and stochastic safety verification using barrier certificates. IEEE Trans Autom Control 52(8):1415–1429. doi:10.1109/TAC.2007.902736

    Article  MathSciNet  Google Scholar 

  33. Rodríguez-Carbonell E, Tiwari A (2005) Generating polynomial invariants for hybrid systems. In: Morari M, Thiele L (eds) Hybrid systems: computation and control, Proceedings of the 8th international workshop, HSCC 2005, Zurich, Switzerland, March 9–11, 2005. LNCS, vol 3414. Springer, Berlin, pp 590–605. doi:10.1007/b106766

    Google Scholar 

  34. Sankaranarayanan S, Sipma H, Manna Z (2004) Constructing invariants for hybrid systems. In: Alur R, Pappas GJ (eds) Hybrid systems: computation and control, Proceedings of the 7th international workshop, HSCC 2004, Philadelphia, PA, USA, March 25–27, 2004. LNCS, vol 2993. Springer, Berlin, pp 539–554. doi:10.1007/b96398

    Google Scholar 

  35. Tomlin C, Pappas GJ, Sastry S (1998) Conflict resolution for air traffic management: a study in multi-agent hybrid systems. IEEE Trans Autom Control 43(4):509–521. doi:10.1109/9.664154

    Article  MathSciNet  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Science Department, Carnegie Mellon University, Pittsburgh, PA, 15213, USA

    André Platzer & Edmund M. Clarke

Authors
  1. André Platzer
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Edmund M. Clarke
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to André Platzer.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Platzer, A., Clarke, E.M. Computing differential invariants of hybrid systems as fixedpoints. Form Methods Syst Des 35, 98–120 (2009). https://doi.org/10.1007/s10703-009-0079-8

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10703-009-0079-8

Keywords

Search

Navigation