Lecture 9: Reachability

Transcription

1 Lecture 9: Reachability

2 Outline of Lecture Reachability General Transition Systems Algorithms for Reachability Safety through Reachability Backward Reachability Algorithm

3 Given hybrid automaton H : set of Reachability Invariant set: set for which

4 Reachability and Safety Proposition: H satisfies safety property where is nonempty if and only if

5 Over-approximation of a Reachable set Over-approximation of the reachable set: Safety verification is enough to show that

6 Methods for reachability Formal methods Safety is guaranteed Simulation Safety is not guaranteed Methods for Reachability Optimal control (game theory): convex optimization tools Deductive techniques : establish invariants to bound Reach(H): theorem provers e.g. predicate abstraction. (continuous dynamics -> abstract discrete system) Model checking techniques: automatically compute Reach(H): model checkers (limited to simple dynamic models) e.g. CheckMate: CMU, HyTech: UC Berkeley, Approximation

7 Methods for Reachability: Approximation Methods for reachability Approximation: works with all of the previous methods Over-approximation For optimal control, approximate sets by Ellipsoidal approximation Polytopic approximation Exact Reachable Set

8 General Transition Systems Generalization of finite automaton, differential equations, hybrid automaton, etc. General Transition System : a set of states : alphabet of events : transition relation : set of initial states : set of a final states

9 Finite automaton Example: Finite Automaton the same

10 Example: Autonomous Hybrid System Autonomous hybrid system not specified

11 Reachability Reachability: Given a transition system T, is any state reachable from a state by a sequence of transitions? Remarks: For finite automata we can always decide reachability problems by brute force

12 Example: Finite Automata

13 Initialization: Algorithm 1: Reachability (forward) while begin non-decreasing do end set of states that can be reached by one step transition

14 Example: Finite Automata

15 Example: Finite Automata For finite automata the algorithm always terminates. This is based on the fact that there are finite number of states and transitions.

16 Algorithm 1: Reachability (forward) Three difficulties with hybrid automata 1. The set of states is not finite (algorithm may not terminate) 2. In the while loop: : discrete transitions : continuous evolution Computation of is easy but that of is not in general. 3. Union operations of sets is not easy in general.

17 Example: Water Tank [from ECE229 J. Hespanha at UCSB]

18 Example: Water Tank

19 Example: Water Tank

20 Example: Water Tank

21 Example: Water Tank

22 Example: Water Tank

23 Example: Water Tank

24 Example: Water Tank

25 Example: Water Tank

26 Example: Water Tank

27 Example: Water Tank

28 Example: Water Tank

29 Safety through Reachability Proposition: H satisfies safety property where is nonempty if and only if Initialization While do begin If return Unsafe end If then H satisfies p, else H does not satisfy p

30 Example: Verification of Safety and the Synthesis of Safe Controllers unsafe set Need reachable set computation!!! Backward reachability! Compute sets of states from which the system may reach an unsafe configuration Control the system so that it remains outside of these unsafe sets

31 Backward Reachability Given hybrid automaton H with a set of final states : set of

32 Safety H satisfies safety property where is nonempty if and only if safe!

33 Algorithm 2: Reachability (backward) Predecessor operator Initialization: Set of states from which s is reachable in one transition Repeat if return end if non-decreasing Until return

34 Example: Finite Automata Stop condition If is unsafe, H is unsafe

35 Example: Finite Automata For a finite automaton, the backward reachability algorithm always terminate in a finite number of steps.

36 Relation between Forward and Backward Reachability In general, For deterministic systems

37 References Optimal control (game theory): A. Varaiya, Reach set computation using optimal control, Proc. Of the KIT workshop on verification of hybrid systems, K. Kurzhanski et al. Dynamic optimization for reachability problems, Journal of optimization Theory and Applications, I. Mitchell et al. Validating a Hamilton-Jacobi approximation to hybrid system reachable sets, Hybrid Systems: Computation and Control, LNCS 2034, Deductive techniques : predicate abstraction. A. Tiwari and G. Khanna, Series of Abstractions for Hybrid Automata, Hybrid Systems: Computation and Control, LNCS 2289, 2002 R. Alur et al., Reachability Analysis of Hybrid Systems via Predicate Abstraction, Hybrid Systems: Computation and Control, LNCS 2289, 2002 I. Hwang et al., Reachability analysis of delta-notch lateral inhibition using predicate abstraction, High Performance Computing-HiPC 2002, LNCS 2552, 2002 Model checking techniques A. Chutinan et al., Computing Polyhedral approximations to flow pipes for dynamic systems, Proc. Of the IEEE Conference on Decision and Control, A. Chutinan et al., Verification of polyhedral-invariant hybrid automata using polygonal flow pipe approximations, Hybrid Systems: Computation and Control, LNCS 1569, E. Asarin et al., Approximate reachability analysis of piecewise linear systems, Hybrid Systems: Computation and Control, LNCS 1790, Approximation A. Kurzhanski et al., Ellipsoidal techniques for reachability analysis, Hybrid Systems: Computation and Control, LNCS 1790, O. Botchkarev et al. Verification of hybrid systems with linear differential inclusions using ellipsoidal approximations, Hybrid Systems: Computation and Control, LNCS 1790, 2000