## HyTech: A Model Checker for Hybrid Systems (1997)

### Cached

### Download Links

- [www.cis.upenn.edu]
- [www-cad.eecs.berkeley.edu]
- DBLP

### Other Repositories/Bibliography

Venue: | Software Tools for Technology Transfer |

Citations: | 357 - 6 self |

### BibTeX

@ARTICLE{Henzinger97hytech:a,

author = {Thomas A. Henzinger and Pei-Hsin Ho and Howard Wong-toi},

title = {HyTech: A Model Checker for Hybrid Systems},

journal = {Software Tools for Technology Transfer},

year = {1997},

volume = {1},

pages = {460--463}

}

### Years of Citing Articles

### OpenURL

### Abstract

A hybrid system is a dynamical system whose behavior exhibits both discrete and continuous change. A hybrid automaton is a mathematical model for hybrid systems, which combines, in a single formalism, automaton transitions for capturing discrete change with differential equations for capturing continuous change. HyTech is a symbolic model checker for linear hybrid automata, a subclass of hybrid automata that can be analyzed automatically by computing with polyhedral state sets. A key feature of HyTech is its ability to perform parametric analysis, i.e. to determine the values of design parameters for which a linear hybrid automaton satisfies a temporal-logic requirement. 1 Introduction A hybrid system typically consists of a collection of digital programs that interact with each other and with an analog environment. Examples of hybrid systems include manufacturing controllers, automotive and flight controllers, medical equipment, micro-electromechanical systems, and robots. When thes...

### Citations

1977 | A theory of timed automata
- Alur, Dill
- 1994
(Show Context)
Citation Context ...al time. One such model is the timed automaton---a finite automaton augmented with a finite number of clocks, which are real-valued variables whose values change continuously with the constant rate 1 =-=[4]-=-. Timed automata have been used successfully to analyze real-time protocols and asynchronous circuits. For modeling more general kinds of hybrid systems, we use the hybrid automaton---a finite automat... |

795 |
The design and synthesis of synchronization skeletons using temporal logic
- Clarke, Emerson
- 1981
(Show Context)
Citation Context ...SF grant CCR-9504469, by the AFOSR contract F49620-93-1-0056, by the ARO MURI grant DAAH-04-96-1-0341, by the ARPA grant NAG2-892, and by the SRC contract 95-DC-324.036. 1 expressed in temporal logic =-=[11, 37]-=-. For this purpose, the entire state space of the system is explored. This can be done enumeratively, by considering each state individually, or symbolically, by computing with constraints that repres... |

598 | The algorithmic analysis of hybrid systems
- Alur, Courcoubetis, et al.
- 1995
(Show Context)
Citation Context ...ton---a finite automaton with a finite number of real-valued variables that change continuously, as specified by differential equations and differential inequalities, in more general ways than clocks =-=[3, 36, 2]-=-. For analyzing hybrid systems, we build on the model-checking technology, in which a formal model of the system is checked, fully automatically, for correctness with respect to a requirement A prelim... |

574 | Symbolic model checking: 1020 states and beyond
- Burch, Clarke, et al.
- 1990
(Show Context)
Citation Context ...te sets. Because of its ability to deal with very large state spaces, symbolic model checking has been proven an e ective technique for the automatic analysis of complex nite state-transition systems =-=[10]-=-. In recent years, the model-checking approach has been extended to several classes of in nite state-transition systems, including timed automata [1]. Since clock values range over the in nite domain ... |

361 | Hybrid automata: An algorithmic approach to the specification and verification of hybrid systems - Alur, Courcoubetis, et al. - 1993 |

323 |
Symbolic model checking: 10 states and beyond
- Burch, Clarke, et al.
- 1990
(Show Context)
Citation Context ...sets. Because of its ability to deal with very large state spaces, symbolic model checking has been proven an effective technique for the automatic analysis of complex finite state-transition systems =-=[10]-=-. In recent years, the model-checking approach has been extended to several classes of infinite state-transition systems, including timed automata [1]. Since clock values range over the infinite domai... |

266 | Automatic symbolic verification of embedded systems - Alur, Henzinger, et al. - 1996 |

233 | The tool kronos
- Daws, Olivero, et al.
- 1996
(Show Context)
Citation Context ...systems that are primarily discrete but include clocks, we recommend the use of specialized tools for the restricted class of timed automata. Symbolic model checkers for timed automata include Kronos =-=[13]-=-, timed Cospan [7], timed Hsis [8], Uppaal [9], and Veriti [15]. These systems use algorithms that are specific to clocks, and therefore are more efficient for clock systems than the more general algo... |

171 | UPPAAL - a tool suite for automatic verification of real-time systems
- Bengtsson, Larsen, et al.
(Show Context)
Citation Context ... clocks, we recommend the use of specialized tools for the restricted class of timed automata. Symbolic model checkers for timed automata include Kronos [13], timed Cospan [7], timed Hsis [8], Uppaal =-=[9]-=-, and Veriti [15]. These systems use algorithms that are specific to clocks, and therefore are more efficient for clock systems than the more general algorithms of HyTech. For the analysis of hybrid s... |

83 |
Model checking in dense real time
- Alur, Courcoubetis, et al.
- 1993
(Show Context)
Citation Context ...lysis of complex finite state-transition systems [10]. In recent years, the model-checking approach has been extended to several classes of infinite state-transition systems, including timed automata =-=[1]-=-. Since clock values range over the infinite domain of the nonnegative reals, it is impossible to enumerate all states of a timed automaton, and symbolic representations of state sets must be employed... |

79 | P.: Verification of Linear Hybrid Systems by Means of Convex Approximations
- Halbwachs, Proy, et al.
- 1994
(Show Context)
Citation Context ...deling and analysis of timed circuits. Tools are also available for the simulation of hybrid automata, such as Shift [14], and for the abstract interpretation of linear hybrid automata, such as Polka =-=[16]-=-. Abstract-interpretation techniques can enforce the convergence of fixpoint computations by relaxing state assertions. For the verification of hybrid systems that are primarily discrete but include c... |

53 | L.: SHIFT Programming Language and Run-Time System for Dynamic Networks of Hybrid Automata
- Deshpande, Gollu, et al.
(Show Context)
Citation Context ...ybrid automata for analysis with HyTech. We are currently experimenting with the modeling and analysis of timed circuits. Tools are also available for the simulation of hybrid automata, such as Shift =-=[14]-=-, and for the abstract interpretation of linear hybrid automata, such as Polka [16]. Abstract-interpretation techniques can enforce the convergence of fixpoint computations by relaxing state assertion... |

41 | Timing analysis in cospan
- Alur, Kurshan
- 1996
(Show Context)
Citation Context ...imarily discrete but include clocks, we recommend the use of specialized tools for the restricted class of timed automata. Symbolic model checkers for timed automata include Kronos [13], timed Cospan =-=[7]-=-, timed Hsis [8], Uppaal [9], and Veriti [15]. These systems use algorithms that are specific to clocks, and therefore are more efficient for clock systems than the more general algorithms of HyTech. ... |

36 | Timing analysis of Ada tasking programs
- Corbett
- 1996
(Show Context)
Citation Context ...linear temperature controller [20], a predator-prey ecology [30], an aircraft landing-gear system [35], a steam-boiler controller [31], and an automotive engine chassis-level controller [38]. Corbett =-=[12]-=- has verified robot controllers written in a subset of Ada by automatically translating them into linear hybrid automata for analysis with HyTech. We are currently experimenting with the modeling and ... |

31 |
Verification of real-time systems by successive over and under approximation
- Dill, Wong-Toi
- 1995
(Show Context)
Citation Context ...mmend the use of specialized tools for the restricted class of timed automata. Symbolic model checkers for timed automata include Kronos [13], timed Cospan [7], timed Hsis [8], Uppaal [9], and Veriti =-=[15]-=-. These systems use algorithms that are specific to clocks, and therefore are more efficient for clock systems than the more general algorithms of HyTech. For the analysis of hybrid systems whose 19 c... |

30 | Real-time system = discrete system + clock variables. Software Tools for Technology Transfer
- Alur, Henzinger
- 1997
(Show Context)
Citation Context ...n present approaching ds1000 d := 5000 \Gamma55sds\Gamma45 far d = 5000 Figure 12: Train automaton Example: railroad-gate controller We consider the railroad-gate controller from Figures 17 and 19 of =-=[6]-=-. The controller, modeled by the automaton of Figure 11, lowers and raises a gate at a railroad crossing. Whenever it detects the presence of an oncoming train, it closes the gate after 5 time units, ... |

24 |
Automatic symbolic veri cation of embedded systems
- Alur, Henzinger
- 1996
(Show Context)
Citation Context ...c, whereA is a constant matrixandc is a constant vector, the symbolic model-checking method for timed automata can be extended to a more general class of hybrid automata called linear hybrid automata =-=[5]-=-. In a linear hybrid automaton, the dynamics of the continuous variables are de ned by linear di erential inequalities of the form A _x b, where _x is the vector of rst derivatives of the variables x.... |

12 |
Uppaal | a Tool Suite for Automatic Veri cation of Real{Time Systems
- Bengtsson, Larsen, et al.
- 1995
(Show Context)
Citation Context ... clocks, we recommend the use of specialized tools for the restricted class of timed automata. Symbolic model checkers for timed automata include Kronos [13], timed Cospan [7], timed Hsis [8], Uppaal =-=[9]-=-, and Veriti [15]. These systems use algorithms that are speci c to clocks, and therefore are more e cient for clock systems than the more general algorithms of HyTech. For the analysis of hybrid syst... |

10 |
Veri cation of linear hybrid systems by means of convex approximations
- Halbwachs, Proy, et al.
- 1994
(Show Context)
Citation Context ...odeling and analysis of timed circuits. Tools are also available for the simulation of hybrid automata, such asShift [14], and for the abstract interpretation of linear hybrid automata, such as Polka =-=[16]-=-. Abstract-interpretation techniques can enforce the convergence of xpoint computations by relaxing state assertions. For the veri cation of hybrid systems that are primarily discrete but include cloc... |

6 |
Veri cation of Real-Time Systems by Successive over and under Approximation
- Dill, Wong-Toi
- 1995
(Show Context)
Citation Context ...mmend the use of specialized tools for the restricted class of timed automata. Symbolic model checkers for timed automata include Kronos [13], timed Cospan [7], timed Hsis [8], Uppaal [9], and Veriti =-=[15]-=-. These systems use algorithms that are speci c to clocks, and therefore are more e cient for clock systems than the more general algorithms of HyTech. For the analysis of hybrid systems whose 19scomp... |

1 |
Iterative algorithms for formal verification of embedded real-time systems
- Balarin, Sangiovanni-Vincentelli
- 1994
(Show Context)
Citation Context ... but include clocks, we recommend the use of specialized tools for the restricted class of timed automata. Symbolic model checkers for timed automata include Kronos [13], timed Cospan [7], timed Hsis =-=[8]-=-, Uppaal [9], and Veriti [15]. These systems use algorithms that are specific to clocks, and therefore are more efficient for clock systems than the more general algorithms of HyTech. For the analysis... |

1 |
Iterative algorithms for formal veri cation of embedded real-time systems
- Balarin, Sangiovanni-Vincentelli
- 1994
(Show Context)
Citation Context ... but include clocks, we recommend the use of specialized tools for the restricted class of timed automata. Symbolic model checkers for timed automata include Kronos [13], timed Cospan [7], timed Hsis =-=[8]-=-, Uppaal [9], and Veriti [15]. These systems use algorithms that are speci c to clocks, and therefore are more e cient for clock systems than the more general algorithms of HyTech. For the analysis of... |