PHAVer: Algorithmic verification of hybrid systems past HyTech
, 2005
Abstract

In 1995, HyTech broke new ground as a potentially powerful tool for verifying hybrid systems – yet it has remained severely limited in its applicability to more complex systems. We address the main problems of HyTech with PHAVer, a new tool for the exact verification of safety properties of hybrid systems with piecewise constant bounds on the derivatives. Affine dynamics are handled by onthefly overapproximation and by partitioning the state space based on userdefinable constraints and the dynamics of the system. PHAVer’s exact arithmetic is robust due to the use of the Parma Polyhedra Library, which supports arbitrarily large numbers. To manage the complexity of the polyhedral computations, we propose methods to conservatively limit the number of bits and constraints of polyhedra. Experimental results for a navigation benchmark and a tunnel diode circuit show the effectiveness of the approach.
Approximate Reachability Analysis of PiecewiseLinear Dynamical Systems
, 2000
Abstract

. In this paper we describe an experimental system called d=dt for approximating reachable states for hybrid systems whose continuous dynamics is defined by linear differential equations. We use an approximation algorithm whose accumulation of errors during the continuous evolution is much smaller than in previouslyused methods. The d=dt system can, so far, treat nontrivial continuous systems, hybrid systems, convex differential inclusions and controller synthesis problems. 1 Introduction The problem of calculating reachable states for continuous and hybrid systems has emerged as one of the major problems in hybrid systems research [G96,GM98,DM98,KV97,V98,GM99,CK99,PSK99,HHMW99]. It constitutes a prerequisite for exporting algorithmic verification methodology outside discrete systems or hybrid systems with piecewisetrivial dynamics. For computer scientists it poses new challenges in treating continuous functions and their approximations and in applying computational geometry...
Computational Techniques for Hybrid System Verification
 IEEE Trans. on Automatic Control
, 2003
Abstract

Abstract—This paper concerns computational methods for verifying properties of polyhedral invariant hybrid automata (PIHA), which are hybrid automata with discrete transitions governed by polyhedral guards. To verify properties of the state trajectories for PIHA, the planar switching surfaces are partitioned to define a finite set of discrete states in an approximate quotient transition system (AQTS). State transitions in the AQTS are determined by the reachable states, or flow pipes, emitting from the switching surfaces according to the continuous dynamics. This paper presents a method for computing polyhedral approximations to flow pipes. It is shown that the flowpipe approximation error can be made arbitrarily small for general nonlinear dynamics and that the computations can be made more efficient for affine systems. The paper also describes CheckMate, a MATLABbased tool for modeling, simulating and verifying properties of hybrid systems based on the computational methods previously described. Index Terms—Hybrid systems, model checking, reachability, verification. I.
Effective Synthesis of Switching Controllers for Linear Systems
, 2000
Abstract

In this work we suggest a novel methodology for synthesizing switching controllers for continuous and hybrid systems whose dynamics are defined by linear differential equations. We formulate the synthesis problem as finding the conditions upon which a controller should switch the behavior of the system from one "mode" to another in order to avoid a set of bad states, and propose an abstract algorithm which solves the problem by an iterative computation of reachable states. We have implemented a concrete version of the algorithm, which uses a new approximation scheme for reachability analysis of linear systems.
Safety verification of hybrid systems by constraint propagation based abstraction refinement
, 2005
Abstract

This paper deals with the problem of safety verification of nonlinear hybrid systems. We start from a classical method that uses interval arithmetic to check whether trajectories can move over the boundaries in a rectangular grid. We put this method into an abstraction refinement framework and improve it by developing an additional refinement step that employs interval constraint propagation to add information to the abstraction without introducing new grid elements. Moreover, the resulting method allows switching conditions, initial states and unsafe states to be described by complex constraints instead of sets that correspond to grid elements. Nevertheless, the method can be easily implemented since it is based on a welldefined set of constraints, on which one can run any constraint propagation based solver. Tests of such an implementation are promising.
Adaptive RRTs for validating hybrid robotic control systems
 in Algorithmic Foundations of Robotics VI
, 2005
Abstract

Abstract. Most robot control and planning algorithms are complex, involving a combination of reactive controllers, behaviorbased controllers, and deliberative controllers. The switching between different behaviors or controllers makes such systems hybrid, i.e. combining discrete and continuous dynamics. While proofs of convergence, robustness and stability are often available for simple controllers under a carefully crafted set of operating conditions, there is no systematic approach to experimenting with, testing, and validating the performance of complex hybrid control systems. In this paper we address the problem of generating sets of conditions (inputs, disturbances, and parameters) that might be used to ”test ” a given hybrid system. We use the method of Rapidly exploring Random Trees (RRTs) to obtain test inputs. We extend the traditional RRT, which only searches over continuous inputs, to a new algorithm, called the Rapidly exploring Random Forest of Trees (RRFT), which can also search over time invariant parameters by growing a set of trees for each parameter value choice. We introduce new measures for coverage and tree growth that allows us to dynamically allocate our resources among the set of trees and to plant new trees when the growth rate of existing ones slows to an unacceptable level. We demonstrate the application of RRFT to testing and validation of aerial robotic control systems. 1
Process algebra for hybrid systems
 Theoretical Computer Science
, 2003
Abstract

Abstract. We propose a process algebra obtained by extending a combination of the process algebra with continuous relative timing from Baeten and Middelburg [Process Algebra with Timing, Springer, Chap. 4, 2002] and the process algebra with propositional signals from Baeten and
Reachability Analysis of Nonlinear Systems with Uncertain Parameters using Conservative Linearization
Abstract

Given an initial set of a nonlinear system with uncertain parameters and inputs, the set of states that can possibly be reached is computed. The approach is based on local linearizations of the nonlinear system, while linearization errors are considered by Lagrange remainders. These errors are added as uncertain inputs, such that the reachable set of the locally linearized system encloses the one of the original system. The linearization error is controlled by splitting of reachable sets. Reachable sets are represented by zonotopes, allowing an efficient computation in relatively highdimensional space.
Some lessons from the HyTech experience
 In Proceedings of the 40th Annual Conference on Decision and Control
, 2001
Abstract

We provide an overview of the current status of the tool HyTech, and re ect on some of the lessons learned from our experiences with the tool. HyTech is a symbolic model checker for mixed discretecontinuous systems that are modeled as automata with piecewiseconstant polyhedral di erential inclusions. The use of a formal input language and automated procedures for statespace traversal lay the foundation for formally verifying properties of hybrid dynamical systems. We describe some recent experiences analyzing three hybrid systems. We point out the successes and limitations of the tool. The analysis procedure has been extended in a number of ways to address some of the tool's shortcomings. We evaluate these extensions, and conclude with some desiderata for veri cation tools for hybrid systems. 1