HYTECH: a model checker for hybrid systems

doi:10.1007/S100090050008

Home
/
Papers
/
HYTECH: a model checker for hybrid systems

Journal Article•DOI•

HYTECH: a model checker for hybrid systems

Thomas A. Henzinger¹, Pei-Hsin Ho², Howard Wong-Toi³•Institutions (3)

University of California, Berkeley¹, Intel², Lawrence Berkeley National Laboratory³

01 Dec 1997-International Journal on Software Tools for Technology Transfer (Springer-Verlag)-Vol. 1, Iss: 1, pp 110-122

TL;DR: HyTech is a symbolic model checker for linear hybrid automata, a subclass of hybrids that can be analyzed automatically by computing with polyhedral state sets that combines automaton transitions for capturing discrete change with differential equations for capturing continuous change.

read less

Abstract: A hybrid system consists of a collection of digital programs that interact with each other and with an analog environment. Examples of hybrid systems include medical equipment, manufacturing controllers, automotive controllers, and robots. The formal analysis of the mixed digital-analog nature of these systems requires a model that incorporates the discrete behavior of computer programs with the continuous behavior of environment variables, such as temperature and pressure. Hybrid automata capture both types of behavior by combining finite automata with differential inclusions (i.e. differential inequalities). HyTech is a symbolic model checker for linear hybrid automata, an expressive, yet automatically analyzable, subclass of hybrid automata. A key feature of HyTech is its ability to perform parametric analysis, i.e. to determine the values of design parameters for which a linear hybrid automaton satisfies a temporal requirement.

...read moreread less

Citations

PDF

Open Access

More filters

Journal Article•DOI•

What's Decidable about Hybrid Automata?

[...]

Thomas A. Henzinger

01 Aug 1998-Journal of Computer and System Sciences

TL;DR: It is proved that the reachability problem is undecidable for timed automata augmented with a single stopwatch, and an (optimal) PSPACE reachability algorithm is given for the case of initialized rectangular automata.

...read moreread less

903 citations

Book Chapter•DOI•

SpaceEx: scalable verification of hybrid systems

[...]

Goran Frehse¹, Colas Le Guernic², Alexandre Donzé¹, Scott Cotton¹, Rajarshi Ray¹, Olivier Lebeltel¹, Rodolfo Ripado¹, Antoine Girard³, Thao Dang¹, Oded Maler¹ - Show less +6 more•Institutions (3)

Centre national de la recherche scientifique¹, New York University², University of Grenoble³

14 Jul 2011

TL;DR: A scalable reachability algorithm for hybrid systems with piecewise affine, non-deterministic dynamics that combines polyhedra and support function representations of continuous sets to compute an over-approximation of the reachable states is presented.

...read moreread less

Abstract: We present a scalable reachability algorithm for hybrid systems with piecewise affine, non-deterministic dynamics. It combines polyhedra and support function representations of continuous sets to compute an over-approximation of the reachable states. The algorithm improves over previous work by using variable time steps to guarantee a given local error bound. In addition, we propose an improved approximation model, which drastically improves the accuracy of the algorithm. The algorithm is implemented as part of SpaceEx, a new verification platform for hybrid systems, available at spaceex.imag.fr. Experimental results of full fixed-point computations with hybrid systems with more than 100 variables illustrate the scalability of the approach.

...read moreread less

901 citations

Journal Article•DOI•

Cyber–Physical Systems: A Perspective at the Centennial

[...]

Kyoung-Dae Kim¹, P. R. Kumar¹•Institutions (1)

Texas A&M University¹

03 Apr 2012

TL;DR: This work overviews CPS research from both a historical point of view in terms of technologies developed for early generations of control systems, as well as recent results on CPSs in many relevant research domains such as networked control, hybrid systems, real-time computing,real-time networking, wireless sensor networks, security, and model-driven development.

...read moreread less

Abstract: Cyber-physical systems (CPSs) are the next generation of engineered systems in which computing, communication, and control technologies are tightly integrated. Research on CPSs is fundamentally important for engineered systems in many important application domains such as transportation, energy, and medical systems. We overview CPS research from both a historical point of view in terms of technologies developed for early generations of control systems, as well as recent results on CPSs in many relevant research domains such as networked control, hybrid systems, real-time computing, real-time networking, wireless sensor networks, security, and model-driven development. We outline the potential for CPSs in many societally important application domains.

...read moreread less

702 citations

Cites background or methods from "HYTECH: a model checker for hybrid ..."

...Some examples are UPPAAL [118], a verification tool for real-time systems based on timed automata, HyTech [99] and PHAVer [119] for LHA, SpaceEx [120] which is based on the LeGuernic-Girard (LGG) algorithm [121] that can efficiently...
[...]
...An example of a hybrid automaton [99]....
[...]
...In [99], an approximation technique, called linear phase portrait approximation, is proposed....
[...]
...An interesting class of hybrid systems, called linear hybrid automata (LHA) [110], [99], are those for which, for each v ∈ V and e ∈ E, (i) the vertex labeling functions flow(v), inv(v), init(v), and edge labeling functions guard(e), reset(e) are finite conjunctions of linear inequalities, and (ii) more importantly, the flow function flow(v) is finite conjunction of linear inequalities over the variables in Ẋ only....
[...]

Book Chapter•DOI•

PHAVer: algorithmic verification of hybrid systems past hytech

[...]

Goran Frehse¹•Institutions (1)

Carnegie Mellon University¹

09 Mar 2005

TL;DR: This work addresses the main problems of HyTech with PHAVer, a new tool for the exact verification of safety properties of hybrid systems with piecewise constant bounds on the derivatives and proposes methods to conservatively limit the number of bits and constraints of polyhedra.

...read moreread less

Abstract: In 1995, HyTech broke new ground as a potentially powerful tool for verifying hybrid systems – yet it has remained severely limited in its applicability to more complex systems. We address the main problems of HyTech with PHAVer, a new tool for the exact verification of safety properties of hybrid systems with piecewise constant bounds on the derivatives. Affine dynamics are handled by on-the-fly overapproximation and by partitioning the state space based on user-definable constraints and the dynamics of the system. PHAVer's exact arithmetic is robust due to the use of the Parma Polyhedra Library, which supports arbitrarily large numbers. To manage the complexity of the polyhedral computations, we propose methods to conservatively limit the number of bits and constraints of polyhedra. Experimental results for a navigation benchmark and a tunnel diode circuit show the effectiveness of the approach.

...read moreread less

560 citations

Cites methods from "HYTECH: a model checker for hybrid ..."

...presented the tool HyTech [1]....
[...]
...We present PHAVer (Polyhedral Hybrid Automaton Verifier), a verification tool that aims at overcoming the limitations of predecessors such as as HyTech [1]....
[...]
...The initial states for for NAV01–NAV03 are defined by x0 ∈ [2, 3] × [1, 2], for NAV04 by x0 ∈ [0, 1] × [0, 1], and v0,NAV01 ∈ [−0....
[...]

Journal Article•DOI•

The Parma Polyhedra Library: Toward a complete set of numerical abstractions for the analysis and verification of hardware and software systems

[...]

Roberto Bagnara¹, Patricia M. Hill², Enea Zaffanella¹•Institutions (2)

University of Parma¹, University of Leeds²

01 Jun 2008-Science of Computer Programming

TL;DR: The main features of the current version of the Parma Polyhedra Library are presented, emphasizing those that distinguish it from other similar libraries and those that are important for applications in the field of analysis and verification of hardware and software systems.

...read moreread less

518 citations

Cites background from "HYTECH: a model checker for hybrid ..."

...04f) [59]; 4 • the Octagon Abstract Domain Library (version 0....
[...]

1
2
3
4
…
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200

Collapse

References

PDF

Open Access

More filters

Journal Article•DOI•

A theory of timed automata

[...]

Rajeev Alur¹, David L. Dill¹•Institutions (1)

Stanford University¹

25 Apr 1994-Theoretical Computer Science

TL;DR: Alur et al. as discussed by the authors proposed timed automata to model the behavior of real-time systems over time, and showed that the universality problem and the language inclusion problem are solvable only for the deterministic automata: both problems are undecidable (II i-hard) in the non-deterministic case and PSPACE-complete in deterministic case.

...read moreread less

7,096 citations

Book Chapter•DOI•

Design and Synthesis of Synchronization Skeletons Using Branching-Time Temporal Logic

[...]

Edmund M. Clarke¹, E. Allen Emerson¹•Institutions (1)

Harvard University¹

01 May 1981

TL;DR: It is shown that it is possible to automatically synthesize the synchronization skeleton of a concurrent program from a Temporal Logic specification and it is believed that this approach may in the long run turn out to be quite practical.

...read moreread less

Abstract: We have shown that it is possible to automatically synthesize the synchronization skeleton of a concurrent program from a Temporal Logic specification We believe that this approach may in the long run turn out to be quite practical Since synchronization skeletons are, in general, quite small, the potentially exponential behavior of our algorithm need not be an insurmountable obstacle Much additional research will be needed, however, to make the approach feasible in practice

...read moreread less

2,333 citations

Journal Article•DOI•

The algorithmic analysis of hybrid systems

[...]

Rajeev Alur¹, Costas Courcoubetis², Nicolas Halbwachs, Thomas A. Henzinger³, Pei Ho³, Xavier Nicollin, Alfredo Olivero, Joseph Sifakis, Sergio Yovine - Show less +5 more•Institutions (3)

Bell Labs¹, University of Crete², Cornell University³

06 Feb 1995-Theoretical Computer Science

TL;DR: A general framework for the formal specification and algorithmic analysis of hybrid systems is presented, which considers symbolic model-checking and minimization procedures that are based on the reachability analysis of an infinite state space.

...read moreread less

2,091 citations

"HYTECH: a model checker for hybrid ..." refers background or methods in this paper

...x= 2∧y = 0∧z = 0 ∧ ẋ ∈ [2, 4]∧ ẏ = 1∧ ż = 1∧x = x+ δẋ ∧ y = y+ δẏ∧z = z+ δż = (∃ δ ≥0....
[...]
...For modeling more general kinds of hybrid systems, we use the hybrid automaton – a finite automaton with a finite number of real-valued variables that change continuously, as specified by differential equations and differential inequalities, in more general ways than clocks [2, 3, 36]....
[...]
...A hybrid automaton is a systemA= (X,V,flow , inv , init , E, jump,Σ, syn) that consists of the following components [2]:...
[...]
...Relaxation, then, yields the linear flow conditions ẋ ∈ [3, 4] for on1 and ẋ ∈ [2, 3] for on2....
[...]
...Hence the flow condition ẋ=−x+5 can be relaxed to the linear condition ẋ ∈ [2, 4]....
[...]

Proceedings Article•DOI•

The theory of hybrid automata

[...]

Thomas A. Henzinger¹•Institutions (1)

University of California, Berkeley¹

27 Jul 1996

TL;DR: The goal is to demonstrate that concepts from the theory of discrete concurrent systems can give insights into partly continuous systems, and that methods for the verification of finite-state systems can be used to analyze certain systems with uncountable state spaces.

...read moreread less

Abstract: We summarize several recent results about hybrid automata. Our goal is to demonstrate that concepts from the theory of discrete concurrent systems can give insights into partly continuous systems, and that methods for the verification of finite-state systems can be used to analyze certain systems with uncountable state spaces.

...read moreread less

1,900 citations

Book Chapter•DOI•

Specification and verification of concurrent systems in CESAR

[...]

Jean-Pierre Queille, Joseph Sifakis

06 Apr 1982

TL;DR: By an example, the alternating bit protocol, the use of CESAR, an interactive system for aiding the design of distributed applications, is illustrated.

...read moreread less

Abstract: The aim of this paper is to illustrate by an example, the alternating bit protocol, the use of CESAR, an interactive system for aiding the design of distributed applications

...read moreread less

1,509 citations