Results 1  10
of
196
The algorithmic analysis of hybrid systems
 THEORETICAL COMPUTER SCIENCE
, 1995
"... We present a general framework for the formal specification and algorithmic analysis of hybrid systems. A hybrid system consists of a discrete program with an analog environment. We model hybrid systems as nite automata equipped with variables that evolve continuously with time according to dynamica ..."
Abstract

Cited by 596 (69 self)
 Add to MetaCart
We present a general framework for the formal specification and algorithmic analysis of hybrid systems. A hybrid system consists of a discrete program with an analog environment. We model hybrid systems as nite automata equipped with variables that evolve continuously with time according to dynamical laws. For verification purposes, we restrict ourselves to linear hybrid systems, where all variables follow piecewiselinear trajectories. We provide decidability and undecidability results for classes of linear hybrid systems, and we show that standard programanalysis techniques can be adapted to linear hybrid systems. In particular, we consider symbolic modelchecking and minimization procedures that are based on the reachability analysis of an infinite state space. The procedures iteratively compute state sets that are definable as unions of convex polyhedra in multidimensional real space. We also present approximation techniques for dealing with systems for which the iterative procedures do not converge.
Hybrid Automata: An Algorithmic Approach to the Specification and Verification of Hybrid Systems
, 1992
"... We introduce the framework of hybrid automata as a model and specification language for hybrid systems. Hybrid automata can be viewed as a generalization of timed automata, in which the behavior of variables is governed in each state by a set of differential equations. We show that many of the examp ..."
Abstract

Cited by 360 (20 self)
 Add to MetaCart
We introduce the framework of hybrid automata as a model and specification language for hybrid systems. Hybrid automata can be viewed as a generalization of timed automata, in which the behavior of variables is governed in each state by a set of differential equations. We show that many of the examples considered in the workshop can be defined by hybrid automata. While the reachability problem is undecidable even for very restricted classes of hybrid automata, we present two semidecision procedures for verifying safety properties of piecewiselinear hybrid automata, in which all variables change at constant rates. The two procedures are based, respectively, on minimizing and computing fixpoints on generally infinite state spaces. We show that if the procedures terminate, then they give correct answers. We then demonstrate that for many of the typical workshop examples, the procedures do terminate and thus provide an automatic way for verifying their properties. 1 Introduction More and...
From Timed to Hybrid Systems
"... We propose a framework for the formal speci cation and veri cation of timed and hybrid systems. For timed systems we propose a speci cation language that refers to time only through age functions which measure the length of the most recent timeinterval in which agiven formula has been continuously t ..."
Abstract

Cited by 146 (16 self)
 Add to MetaCart
We propose a framework for the formal speci cation and veri cation of timed and hybrid systems. For timed systems we propose a speci cation language that refers to time only through age functions which measure the length of the most recent timeinterval in which agiven formula has been continuously true. We then consider hybrid systems, which are systems consisting of a nontrivial mixture of discrete and continuous components, such as a digital controller that controls acontinuous environment. The proposed framework extends the temporal logic approach which has proven useful for the formal analysis of discrete systems such as reactive programs. The new framework consists of a semantic model for hybrid time, the notion of phase transition systems, which extends the formalism of discrete transition systems, an extended version of Statecharts for the speci cation of hybrid behaviors, and an extended version of temporal logic that enables reasoning about continuous change.
Verifying Hybrid Systems
 In Grossman et al
, 1993
"... . Hybrid systems are modeled as phase transition systems with sampling semantics. By identifying a set of important events it is ensured that all significant state changes are observed, thus correcting previous drawbacks of the sampling computations semantics. A proof rule for verifying properties o ..."
Abstract

Cited by 73 (1 self)
 Add to MetaCart
. Hybrid systems are modeled as phase transition systems with sampling semantics. By identifying a set of important events it is ensured that all significant state changes are observed, thus correcting previous drawbacks of the sampling computations semantics. A proof rule for verifying properties of hybrid systems is presented and illustrated on several examples. Keywords: Temporal logic, realtime, specification, verification, hybrid systems, statecharts, proof rules, phase transition system, sampling semantics, important events. 1 Introduction Hybrid systems are reactive systems that intermix discrete and continuous components. Typical examples are digital controllers that interact with continuously changing physical environments. A formal model for hybrid systems was proposed in [MMP92], based on the notion of phase transition systems (PTS). Two types of semantics were considered in [MMP92]. The first semantics, to which we refer here as the super dense semantics, is based on hyb...
Integration Graphs: A Class of Decidable Hybrid Systems
 In Hybrid Systems, volume 736 of Lecture Notes in Computer Science
, 1993
"... . Integration Graphs are a computational model developed in the attempt to identify simple Hybrid Systems with decidable analysis problems. We start with the class of constant slope hybrid systems (cshs), in which the right hand side of all differential equations is an integer constant. We refer to ..."
Abstract

Cited by 67 (9 self)
 Add to MetaCart
. Integration Graphs are a computational model developed in the attempt to identify simple Hybrid Systems with decidable analysis problems. We start with the class of constant slope hybrid systems (cshs), in which the right hand side of all differential equations is an integer constant. We refer to continuous variables whose right hand side constants are always 1 as timers. All other continuous variables are called integrators. The first result shown in the paper is that simple questions such as reachability of a given state are undecidable for even this simple class of systems. To restrict the model even further, we impose the requirement that no test that refers to integrators may appear within a loop in the graph. This restricted class of cshs is called integration graphs . The main results of the paper are that the reachability problem of integration graphs is decidable for two special cases: The case of a single timer and the case of a single test involving integrators. The expres...
Hybrid Automata with Finite Bisimulations
, 1995
"... . The analysis, verification, and control of hybrid automata with finite bisimulations can be reduced to finitestate problems. We advocate a timeabstract, phasebased methodology for checking if a given hybrid automaton has a finite bisimulation. First, we factor the automaton into two components, ..."
Abstract

Cited by 57 (6 self)
 Add to MetaCart
. The analysis, verification, and control of hybrid automata with finite bisimulations can be reduced to finitestate problems. We advocate a timeabstract, phasebased methodology for checking if a given hybrid automaton has a finite bisimulation. First, we factor the automaton into two components, a boolean automaton with a discrete dynamics on the finite state space B m and a euclidean automaton with a continuous dynamics on the infinite state space R n . Second, we investigate the phase portrait of the euclidean component. In this fashion, we obtain new decidability results for hybrid systems as well as new, uniform proofs of known decidability results. For example, we prove that if two hybrid automata have finite bisimulations, and both can be calibrated to a common time scale, then their product also has a finite bisimulation. 1 Introduction A hybrid automaton [2] is a mathematical model for a digital program that interacts with an analog environment. Hybrid automata are usef...
Specifying Timed State Sequences in Powerful Decidable Logics and Timed Automata (Extended Abstract)
 LNCS 863
, 1994
"... ) Thomas Wilke ChristianAlbrechtsUniversitat zu Kiel, Institut fur Informatik und Praktische Mathematik, D24098 Kiel, Germany ? Abstract. A monadic secondorder language, denoted by Ld, is introduced for the specification of sets of timed state sequences. A fragment of Ld, denoted by L $ d, is ..."
Abstract

Cited by 52 (0 self)
 Add to MetaCart
) Thomas Wilke ChristianAlbrechtsUniversitat zu Kiel, Institut fur Informatik und Praktische Mathematik, D24098 Kiel, Germany ? Abstract. A monadic secondorder language, denoted by Ld, is introduced for the specification of sets of timed state sequences. A fragment of Ld, denoted by L $ d, is proved to be expressively complete for timed automata (Alur and Dill), i. e., every timed regular language is definable by a L $ dformula and every L $ dformula defines a timed regular language. As a consequence the satisfiability problem for L $ d is decidable. Timed temporal logics are shown to be effectively embeddable into L $ d and hence turn out to have a decidable theory. This applies to TL \Gamma (Manna and Pnueli) and EMITLp , which is obtained by extending the logic MITLp (Alur and Henzinger) by automata operators (Sistla, Vardi, and Wolper). For every positive natural number k the full monadic secondorder logic Ld and L $ d are equally expressive modulo the set of timed...
Computing Accumulated Delays in Realtime Systems
, 1993
"... . We present a verification algorithm for duration properties of realtime systems. While simple realtime properties constrain the total elapsed time between events, duration properties constrain the accumulated satisfaction time of state predicates. We formalize the concept of durations by introdu ..."
Abstract

Cited by 40 (6 self)
 Add to MetaCart
. We present a verification algorithm for duration properties of realtime systems. While simple realtime properties constrain the total elapsed time between events, duration properties constrain the accumulated satisfaction time of state predicates. We formalize the concept of durations by introducing duration measures for timed automata. A duration measure assigns to each finite run of a timed automaton a real number the duration of the run which may be the accumulated satisfaction time of a state predicate along the run. Given a timed automaton with a duration measure, an initial and a final state, and an arithmetic constraint, the durationbounded reachability problem asks if there is a run of the automaton from the initial state to the final state such that the duration of the run satisfies the constraint. Our main result is an (optimal) Pspace decision procedure for the durationbounded reachability problem. 1 Introduction Over the past decade, model checking [CE81, QS81]...
Deductive verification of realtime systems using STeP
 COMPUTER SCIENCE DEPARTMENT, STANFORD UNIVERSITY
, 1998
"... We present a modular framework for proving temporal properties of realtime systems, based on clocked transition systems and lineartime temporal logic. We show how deductive verification rules, verification diagrams, and automatic invariant generation can be used to establish properties of realtim ..."
Abstract

Cited by 30 (8 self)
 Add to MetaCart
We present a modular framework for proving temporal properties of realtime systems, based on clocked transition systems and lineartime temporal logic. We show how deductive verification rules, verification diagrams, and automatic invariant generation can be used to establish properties of realtime systems in this framework. We also discuss global and modular proofs of the branchingtime property of nonZenoness. As an example, we present the mechanical verification of the generalized railroad crossing case study using the Stanford Temporal Prover, STeP.