This paper presents algorithms for the automatic synthesis of real-time controllers by finding a winning strategy for certain games defined by the timed-automata of Alur and Dill. In such games, the outcome depends on the players' actions as well as on their timing. We believe that these results will pave the way for the application of program synthesis techniques to the construction of real-time embedded systems from their specifications.

On the synthesis of discrete controllers for timed systems

We describe the open-source tool dReal, an SMT solver for nonlinear formulas over the reals. The tool can handle various nonlinear real functions such as polynomials, trigonometric functions, exponential functions, etc. dReal implements the framework of δ-complete decision procedures: It returns either unsat or δ-sat on input formulas, where δ is a numerical error bound specified by the user. dReal also produces certificates of correctness for both δ-sat (a solution) and unsat answers (a proof of unsatisfiability).

dReal: an SMT solver for nonlinear theories over the reals

Invited Lectures.- Tableau Algorithms for Description Logics.- Modality and Databases.- Local Symmetries in Propositional Logic.- Comparison.- Design and Results of TANCS-2000 Non-classical (Modal) Systems Comparison.- Consistency Testing: The RACE Experience.- Benchmark Analysis with FaCT.- MSPASS: Modal Reasoning by Translation and First-Order Resolution.- TANCS-2000 Results for DLP.- Evaluating *SAT on TANCS 2000 Benchmarks.- Research Papers.- A Labelled Tableau Calculus for Nonmonotonic (Cumulative) Consequence Relations.- A Tableau System for Godel-Dummett Logic Based on a Hypersequent Calculus.- An Analytic Calculus for Quantified Propositional Godel Logic.- A Tableau Method for Inconsistency-Adaptive Logics.- A Tableau Calculus for Integrating First-Order and Elementary Set Theory Reasoning.- Hypertableau and Path-Hypertableau Calculi for some Families of Intermediate Logics.- Variants of First-Order Modal Logics.- Complexity of Simple Dependent Bimodal Logics.- Properties of Embeddings from Int to S4.- Term-Modal Logics.- A Subset-Matching Size-Bounded Cache for Satisfiability in Modal Logics.- Dual Intuitionistic Logic Revisited.- Model Sets in a Nonconstructive Logic of Partial Terms with Definite Descriptions.- Search Space Compression in Connection Tableau Calculi Using Disjunctive Constraints.- Matrix-Based Inductive Theorem Proving.- Monotonic Preorders for Free Variable Tableaux.- The Mosaic Method for Temporal Logics.- Sequent-Like Tableau Systems with the Analytic Superformula Property for the Modal Logics KB, KDB, K5, KD5.- A Tableau Calculus for Equilibrium Entailment.- Towards Tableau-Based Decision Procedures for Non-Well-Founded Fragments of Set Theory.- Tableau Calculus for Only Knowing and Knowing At Most.- A Tableau-Like Representation Framework for Efficient Proof Reconstruction.- The Semantic Tableaux Version of the Second Incompleteness Theorem Extends Almost to Robinson's Arithmetic Q.- System Descriptions.- Redundancy-Free Lemmatization in the Automated Model-Elimination Theorem Prover AI-SETHEO.- E-SETHEO: An Automated3 Theorem Prover.

Automated Reasoning with Analytic Tableaux and Related Methods: International Conference, TABLEAUX 2000 St Andrews, Scotland, UK, July 3-7, 2000 Proceedings

Static analysis of software with deductive methods is a highly dynamic field of research on the verge of becoming a mainstream technology in software engineering. It consists of a large portfolio of - mostly fully automated - analyses: formal verification, test generation, security analysis, visualization, and debugging. All of them are realized in the state-of-art deductive verification framework KeY. This book is the definitive guide to KeY that lets you explore the full potential of deductive software verification in practice. It contains the complete theory behind KeY for active researchers who want to understand it in depth or use it in their own work. But the book also features fully self-contained chapters on the Java Modeling Language and on Using KeY that require nothing else than familiarity with Java. All other chapters are accessible for graduate students (M.Sc. level and beyond). The KeY framework is free and open software, downloadable from the book companion website which contains also all code examples mentioned in this book.

Deductive Software Verification - The KeY Book

We present a new algorithm for deciding satisfiability of non-linear arithmetic constraints. The algorithm performs a Conflict-Driven Clause Learning (CDCL)-style search for a feasible assignment, while using projection operators adapted from cylindrical algebraic decomposition to guide the search away from the conflicting states.

Solving non-linear arithmetic

KeYmaera X is a theorem prover for differential dynamic logic (
Open image in new window
), a logic for specifying and verifying properties of hybrid systems Reasoning about complicated hybrid systems models requires support for sophisticated proof techniques, efficient computation, and a user interface that crystallizes salient properties of the system KeYmaera X allows users to specify custom proof search techniques as tactics, execute these tactics in parallel, and interface with partial proofs via an extensible user interface

/pdf/keymaera-x-an-axiomatic-tactical-theorem-prover-for-hybrid-3gqkke8blf.pdf

KeYmaera X: An Axiomatic Tactical Theorem Prover for Hybrid Systems

KeYmaera is a hybrid verification tool for hybrid systems that combines deductive, real algebraic, and computer algebraic prover technologies. It is an automated and interactive theorem prover for a natural specification and verification logic for hybrid systems. KeYmaera supports differential dynamic logic, which is a real-valued first-order dynamic logic for hybrid programs, a program notation for hybrid automata. For automating the verification process, KeYmaera implements a generalized free-variable sequent calculus and automatic proof strategies that decompose the hybrid system specification symbolically. To overcome the complexity of real arithmetic, we integrate real quantifier elimination following an iterative background closure strategy. Our tool is particularly suitable for verifying parametric hybrid systems and has been used successfully for verifying collision avoidance in case studies from train control and air traffic management.

KeYmaera: A Hybrid Theorem Prover for Hybrid Systems (System Description)

Complex physical systems have several degrees of freedom. They only work correctly when their control parameters obey corresponding constraints. Based on the informal specification of the European Train Control System (ETCS), we design a controller for its cooperation protocol. For its free parameters, we successively identify constraints that are required to ensure collision freedom. We formally prove the parameter constraints to be sharp by characterizing them equivalently in terms of reachability properties of the hybrid system dynamics. Using our deductive verification tool KeYmaera, we formally verify controllability, safety, liveness, and reactivity properties of the ETCS protocol that entail collision freedom. We prove that the ETCS protocol remains correct even in the presence of perturbation by disturbances in the dynamics. We verify that safety is preserved when a PI controlled speed supervision is used.

/pdf/european-train-control-system-a-case-study-in-formal-2k56bnw6wx.pdf

European Train Control System: A Case Study in Formal Verification

KeYmaera is a hybrid verication tool for hybrid systems that combines deductive, real algebraic, and computer algebraic prover technologies. It is an automated and interactive theorem prover for a nat- ural specication and verication logic for hybrid systems. KeYmaera supports dierential dynamic logic , which is a real-valued rst-order dynamic logic for hybrid programs, a program notation for hybrid au- tomata. For automating the verication process, KeYmaera implements a generalized free-variable sequent calculus and automatic proof strate- gies that decompose the hybrid system specication symbolically. To overcome the complexity of real arithmetic, we integrate real quantier elimination following an iterative background closure strategy. Our tool is particularly suitable for verifying parametric hybrid systems and has been used successfully for verifying collision avoidance in case studies from train control and air trac management.

/pdf/keymaera-a-hybrid-theorem-prover-for-hybrid-systems-d37a0pl1j6.pdf

KeYmaera: A Hybrid Theorem Prover for Hybrid Systems ?

This paper is a tutorial on how to model hybrid systems as hybrid programs in differential dynamic logic and how to prove complex properties about these complex hybrid systems in KeYmaera, an automatic and interactive formal verification tool for hybrid systems. Hybrid systems can model highly nontrivial controllers of physical plants, whose behaviors are often safety critical such as trains, cars, airplanes, or medical devices. Formal methods can help design systems that work correctly. This paper illustrates how KeYmaera can be used to systematically model, validate, and verify hybrid systems. We develop tutorial examples that illustrate challenges arising in many real-world systems. In the context of this tutorial, we identify the impact that modeling decisions have on the suitability of the model for verification purposes. We show how the interactive features of KeYmaera can help users understand their system designs better and prove complex properties for which the automatic prover of KeYmaera still takes an impractical amount of time. We hope this paper is a helpful resource for designers of embedded and cyber---physical systems and that it illustrates how to master common practical challenges in hybrid systems verification.

http://www.cs.cmu.edu/~smitsch/pdf/KeYmaera-tutorial.pdf

Jan-David Quesel

Papers

KeYmaera X: An Axiomatic Tactical Theorem Prover for Hybrid Systems

KeYmaera: A Hybrid Theorem Prover for Hybrid Systems (System Description)

European Train Control System: A Case Study in Formal Verification

KeYmaera: A Hybrid Theorem Prover for Hybrid Systems ?

How to model and prove hybrid systems with KeYmaera: a tutorial on safety