1 / 70

Automatic Rectangular Refinement of Affine Hybrid Automata

This paper presents a methodology for the automatic analysis of affine hybrid systems through rectangular refinement. It outlines the complexities of affine dynamics and proposes over-approximation techniques to deal with them effectively. The main focus is on verifying properties of affine automata by checking reachability against defined bad states. Several examples are provided, illustrating different classes of hybrid automata, such as timed, rectangular, and linear automata, and the limitations of decision procedures, including the language emptiness problem.

diamond
Télécharger la présentation

Automatic Rectangular Refinement of Affine Hybrid Automata

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Automatic Rectangular Refinement of Affine Hybrid Automata Laurent Doyen ULB Jean-François Raskin ULB Tom Henzinger EPFL FORMATS 2005 – Sep 27th - Uppsala

  2. Overview • Automatic analysis of affine hybrid systems

  3. Overview { Navigation Benchmark • Automatic analysis of affine hybrid systems • Example:

  4. Overview { • Automatic analysis of affinehybrid systems • Example: Two trajectories

  5. Overview { Navigation Benchmark • Automatic analysis of affine hybrid systems • Example: Affine dynamics

  6. Overview { • Automatic analysis of affine hybrid systems • Example: B 2 4 4 3 4 2 A 2 Discrete states Affine dynamics +

  7. Reminder • Some classes of hybrid automata: • Timed automata ( ) • Rectangular automata ( ) • Linear automata ( )

  8. Reminder Limit for decidability of Language Emptiness • Some classes of hybrid automata: • Timed automata ( ) • Rectangular automata ( ) • Linear automata ( )

  9. Reminder Limit for decidability of Language Emptiness • Some classes of hybrid automata: • Timed automata ( ) • Rectangular automata ( ) • Linear automata ( ) • Affine automata ( ) • Polynomial automata ( ) • etc.

  10. Reminder Limit for symbolic computation of Post with HyTech Limit for decidability of Language Emptiness • Some classes of hybrid automata: • Timed automata ( ) • Rectangular automata ( ) • Linear automata ( ) • Affine automata ( ) • Polynomial automata ( ) • etc.

  11. Methodology • Affine automaton A and set of states Bad • Check that Reach(A)  Bad = Ø

  12. Methodology • Affine automaton A and set of states Bad • Check that Reach(A)  Bad = Ø • Affine dynamics is too complex ? • Abstract it !

  13. Methodology • Affine dynamics is too complex ? • Abstract it ! • Abstraction is too coarse ? • Refine it ! • Affine automaton A and set of states Bad • Check that Reach(A)  Bad = Ø HOW ?

  14. Methodology • 1. Abstraction: over-approximation Affine dynamics Rectangular dynamics

  15. Methodology • 1. Abstraction: over-approximation Affine dynamics Rectangular dynamics { Let Then

  16. Methodology l 3 0 • 2. Refinement: split locations by a line cut Line l

  17. Methodology l 3 0 • 2. Refinement: split locations by a line cut Line l

  18. Methodology Abstract Reach(A’)Bad Ø ? = Original Automaton A A’ Yes Property verified

  19. Methodology Abstract Reach(A’)Bad Ø ? = Original Automaton A A’ Yes (Undecidable) Property verified

  20. Methodology Refine Abstract Reach(A’)Bad Ø ? = Original Automaton A • using Reach(A’) • using Pre*(Bad) A’ No Yes (Undecidable) Property verified

  21. Refinement • 2. Refinement: split locations by a line cut • Which location(s) ? • Loc1 = Locations reachable in the last step • Loc2 = Reachable locations that can reach Bad • Better: replace the state space by Loc2

  22. Refinement • 2. Refinement: split locations by a line cut • Which location(s) ? • Loc1 = Locations reachable in the last step • Loc2 = Reachable locations that can reach Bad • Better: replace the state space by Loc2 • Which line cut ? • The best cut for some criterion characterizing the goodness of the resulting approximation.

  23. Notations

  24. Notations

  25. Notations l A P+ B P-

  26. Notations l A P+ B P-

  27. Goodness of a cut • A good cut should minimize • ?

  28. Goodness of a cut • A good cut should minimize • ? • ?

  29. Goodness of a cut • A good cut should minimize • ? • ? • ? • …

  30. Goodness of a cut • A good cut should minimize • ? • ? • ? • … Our choice

  31. Finding the optimal cut P

  32. Extremal level sets of f(x,y) P

  33. Extremal level sets of g(x,y) P

  34. Example Assume P

  35. Example Assume P Then any line separating { } and { } is better than any other line.

  36. Example P

  37. Example P Any line separating { } and { } is better than any other line.

  38. Example P Any line separating { } and { } is better than any other line.

  39. Example P Thus, for every the best line separates and

  40. Example P Thus, for every the best line separates and

  41. Example P Thus, for every the best line separates and

  42. Example P Thus, for every the best line separates and

  43. Example P When

  44. Example the best line cut must separate both from and from P When

  45. Example The best line cut must separate both from and from P

  46. Example Intersection P When an intersection occurs… The process continues because it is still possible to separate both from and from

  47. Example P

  48. Example P

  49. Example P

  50. Example P

More Related