Goran Frehse

Goran Frehse
ENSTA Paris · Computer Science and Systems Engineering Laboratory (U2IS)

PhD in Computer Science

About

79
Publications
11,299
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
3,396
Citations
Introduction
Goran Frehse is a professor and director of the department of computer science and system engineering (U2IS) at ENSTA Paris. He holds a diploma in electrical engineering from Karlsruhe Institute of Technology and a PhD in computer science from Radboud University, Nijmegen. His research focus is assuring the trustworthiness of cyber-physical and AI systems through formal design and analysis methods.
Additional affiliations
September 2018 - present
ENSTA Paris
Position
  • Professor
September 2006 - August 2018
Université Grenoble Alpes
Position
  • Professor (Associate)
November 2005 - August 2006
University Joseph Fourier - Grenoble 1
Position
  • PostDoc Position
Education
September 2004 - October 2005
Radboud University
Field of study
  • Computer Science
January 2000 - December 2003
Technische Universität Dortmund
Field of study
  • Process Dynamics and Operations
October 1993 - December 1999
Karlsruhe Institute of Technology
Field of study
  • Electrical Engineering

Publications

Publications (79)
Article
Full-text available
In 1995, HyTech broke new ground as a potentially powerful tool for verifying hybrid systems. But due to practical and systematic limitations it is only applicable to relatively simple systems. We address the main problems of HyTech with PHAVer, a new tool for the exact verification of safety properties of hybrid systems with piecewise constant bou...
Conference Paper
Full-text available
We present a scalable reachability algorithm for hybrid systems with piecewise affine, non-deterministic dynamics. It combines polyhedra and support function representations of continuous sets to compute an over-approximation of the reachable states. The algorithm improves over previous work by using variable time steps to guarantee a given local e...
Article
Full-text available
The falsification of a hybrid system aims at finding trajectories that violate a given safety property. This is a challenging problem, and the practical applicability of current falsification algorithms still suffers from their high time complexity. In contrast to falsification, verification algorithms aim at providing guarantees that no such traje...
Article
Reachability analysis consists in computing the set of states that are reachable by a dynamical system from all initial states and for all admissible inputs and parameters. It is a fundamental problem motivated by many applications in formal verification, controller synthesis, and estimation, to name only a few. This article focuses on a class of m...
Article
Reachability analysis aims at identifying states reachable by a system within a given time horizon. This task is known to be computationally expensive for linear hybrid systems. Reachability analysis works by iteratively applying continuous and discrete post operators to compute states reachable according to continuous and discrete dynamics, respec...
Preprint
Full-text available
Mining temporal assertions from time-series data using information theory to filter real properties from incidental ones is a practically significant challenge. The problem is complex for continuous or hybrid systems because the degrees of influence on a consequent from a timed-sequence of predicates (called its prefix sequence), varies continuousl...
Preprint
Full-text available
Reachability analysis aims at identifying states reachable by a system within a given time horizon. This task is known to be computationally hard for hybrid systems. One of the main challenges is the handling of discrete transitions, including computation of intersections with invariants and guards. In this paper, we address this problem by proposi...
Preprint
Full-text available
We present JuliaReach, a toolbox for set-based reachability analysis of dynamical systems. JuliaReach consists of two main packages: Reachability, containing implementations of reachability algorithms for continuous and hybrid systems, and LazySets, a standalone library that implements state-of-the-art algorithms for calculus with convex sets. The...
Article
Full-text available
In current practice a formal analysis of hybrid system models is assertion-based. The work presented here is based on features that look beyond functional correctness toward a quantitative evaluation of behavioral attributes. A feature defines a real-valued evaluation function over a specific set of traces. This paper describes an improved method...
Chapter
Reachability analysis is difficult for hybrid automata with affine differential equations, because the reach set needs to be approximated. Promising abstraction techniques usually employ interval methods or template polyhedra. Interval methods account for dense time and guarantee soundness, and there are interval-based tools that overapproximate af...
Chapter
Hybrid systems are models which combine discrete and continuous behavior. They occur frequently in safety-critical applications in various domains such as health care, transportation, and robotics, as a result of interactions between a digital controller and a physical environment. They also have relevance in other areas such as systems biology, in...
Conference Paper
Approximating the set of reachable states of a dynamical system is an algorithmic yet mathematically rigorous way to reason about its safety. Although progress has been made in the development of efficient algorithms for affine dynamical systems, available algorithms still lack scalability to ensure their wide adoption in the industrial setting. Wh...
Article
Full-text available
Approximating the set of reachable states of a dynamical system is an algorithmic yet mathematically rigorous way to reason about its safety. Although progress has been made in the development of efficient algorithms for affine dynamical systems, available algorithms still lack scalability to ensure their wide adoption in the industrial setting. Wh...
Research
Welcome to the proceedings of the 20th ACM International Conference on Hybrid Systems: Computation and Control (HSCC'17), held in Pittsburgh, Pennsylvania. HSCC is the premier research conference on foundations of Cyber-Physical Systems. It covers design, analysis, control synthesis techniques and their applications in various domains such as auton...
Article
Presents information on the The 20th ACM International Conference on Hybrid Systems: Computation and Control.
Technical Report
Full-text available
We present novel techniques for computation of reachable sets and pre-computation of maneuver automata. The techniques are applicable for non-deterministic, non-linear systems and allow to find solutions with safety guarantees for reach-avoid type problems.
Conference Paper
Full-text available
This report presents the results of a friendly competition for formal verification of continuous and hybrid systems with linear continuous dynamics. The friendly competition took place as part of the workshop Applied Verification for Continuous and Hybrid Systems (ARCH) in 2017. In its first edition, seven tools have been applied to solve three dif...
Conference Paper
Full-text available
Template polyhedra generalize intervals and octagons to polyhedra whose facets are orthogonal to a given set of arbitrary directions. They have been employed in the abstract interpretation of programs and, with particular success, in the reachability analysis of hybrid automata. While previously, the choice of directions has been left to the user o...
Conference Paper
Full-text available
Reachability analysis is an important technique for formally verifying continuous systems, as well as for guaranteed state estimation, stability analysis, and controller synthesis. We present a detailed assessment of the computational efficiency for the reachability analysis of linear systems with respect to the two most scalable set representation...
Conference Paper
Full-text available
We consider the problem of translating a deterministic \emph{simulation model} (like Matlab-Simunk, Modelica or Ptolemy models) into a \emph{verification model} expressed by a network of hybrid automata. The goal is to verify safety using reachability analysis on the verification model. Simulation models typically use transitions with urgent semant...
Conference Paper
Full-text available
The tool Matlab/Simulink is a numerical simulation environment that is widely used in industry for model-based design. Numerical simulation scales well and can be applied to systems with highly complex dynamics, but it is also inherently incomplete in the sense that critical events or behavior may be overlooked. The application of formal verificati...
Conference Paper
Full-text available
Latest developments brought interesting theoretical results and powerful tools for the reachability analysis of hybrid systems. However, there are still challenging problems to be solved in order to make those technologies applicable to large-scale applications in industrial context. To support this development, in this paper we give a brief overvi...
Article
Full-text available
Hybrid systems represent an important and powerful formalism for modeling real-world applications such as embedded systems. A verification tool like SpaceEx is based on the exploration of a symbolic search space (the region space). As a verification tool, it is typically optimized towards proving the absence of errors. In some settings, e.g., when...
Chapter
Full-text available
Hybrid automata combine finite state models with continuous variables that are governed by differential equations. Hybrid automata are used to model systems in a wide range of domains such as automotive control, robotics, electronic circuits, systems biology, and health care. Numerical simulation approximates the evolution of the variables with a s...
Conference Paper
Since about two decades, formal methods for continuous and hybrid systems enjoy increasing interest in the research community. A wide range of analysis techniques were developed and implemented in powerful tools. However, the lack of appropriate benchmarks make the testing, evaluation and comparison of those tools difficult. To support these proces...
Article
Full-text available
Computing an approximation of the reachable states of a hybrid system is a challenge, mainly because overapproximating the solutions of ODEs with a finite number of sets does not scale well. Using template polyhedra can greatly reduce the computational complexity, since it replaces complex operations on sets with a small number of optimization prob...
Conference Paper
Full-text available
In this paper, we present experimental results from running SpaceEx on some of the benchmarks of the ARCH14 workshop. Some of the SpaceEx models were obtained from Matlab/Simulink models with the help of a new translation tool. While some benchmarks could be handled to our satisfaction, several still pose signi�cant challenges. We discuss possible...
Article
Full-text available
The theories underlying control engineering and real-time systems engineering use idealized models that mutually abstract from central aspects of the other discipline. Control theory usually assumes jitter-free sampling and negligible (constant) input-output latencies, disregarding complex real-world timing effects. Real-time systems theory uses ab...
Conference Paper
Full-text available
Compositional verification techniques in the assume-guarantee style have been successfully applied to transition systems to efficiently reduce the search space by leveraging the compositional nature of the systems under consideration. We adapt these techniques to the domain of hybrid systems with affine dynamics. To build assumptions we introduce a...
Conference Paper
Full-text available
Linear hybrid automata (LHAs) are of particular interest to formal verification because sets of successor states can be computed exactly, which is not the case in general for more complex dynamics. Enhanced with urgency, LHA can be used to model complex systems from a variety of application domains in a modular fashion. Existing algorithms are limi...
Conference Paper
Linear hybrid automata (LHAs) are of particular interest to formal verification because sets of successor states can be computed exactly, which is not the case in general for more complex dynamics. Enhanced with urgency, LHA can be used to model complex systems from a variety of application domains in a modular fashion. Existing algorithms are limi...
Article
This volume contains the proceedings of the 1st International Workshop on Synthesis of Continuous Parameters (SynCoP'14). The workshop was held in Grenoble, France on April 6th, 2014, as a satellite event of the 17th European Joint Conferences on Theory and Practice of Software (ETAPS'14). SynCoP aims at bringing together researchers working on par...
Conference Paper
Full-text available
The Hybrid I/O-automaton (HIOA) is a rigorous formal model designed for the analysis of complex hybrid (discrete-continuous) dynamical systems. The use of the HIOA formalism renders compositional reasoning possible, in the sense that once a property has been established for an automaton, it still holds if the automaton is composed with other automa...
Conference Paper
Full-text available
Hybrid systems represent an important and powerful formalism for modeling real-world applications that require both discrete and continuous behavior. A verification tool such as SpaceEx is based on the exploration of a symbolic search space (the region space). As a verification tool, it is typically optimized towards proving the absence of errors....
Conference Paper
Full-text available
In this paper, we present an approximation of the set of reachable states, called flowpipe, for a continuous system with affine dynamics. Our approach is based on a representation we call flowpipe sampling, which consists of a set of continuous, interval-valued functions over time. A flowpipe sampling attributes to each time point a polyhedral encl...
Data
We present a scalable reachability algorithm for hybrid systems with piecewise affine, non-deterministic dynamics. It combines polyhedra and support function representations of continuous sets to compute an over-approximation of the reachable states. The algorithm improves over previous work by using variable time steps to guarantee a given local e...
Conference Paper
Full-text available
A recent technique used in falsification methods for hybrid systems relies on distance-based heuristics for guiding the search towards a goal state. The question is whether the technique can be carried over to reachability analyses that use regions as their basic data structure. In this paper, we introduce a box-based distance measure between regio...
Conference Paper
Full-text available
Recently, efficient reachability algorithms for hybrid systems with piecewise affine dynamics have been developed. They achieve good scalability and precision by using support functions to represent continuous sets. In this paper, we propose an improvement of these algorithms that reduces the overapproximation error of the image computation of disc...
Conference Paper
Full-text available
We propose to combine timed automata and linear hybrid automata model checkers for formal testing and monitoring of embedded systems with a hybrid behavior, i.e., where the correctness of the system depends on discrete as well as continuous dynamics. System level testing is considered, where requirements capture abstract behavior and often include...
Conference Paper
Full-text available
We present a new approach to compute the reachable set with a bounded number of jumps for a rectangular automaton. The reachable set under a flow transition is computed as a polyhedron which is represented by a conjunction of finitely many linear constraints. If the bound is viewed as a constant, the computation time is polynomial in the number of...
Book
Introduction Hybrid automata and reachability Linear hybrid automata Piecewise affine hybrid systems Hybridization techniques for reachability computations Bibliography
Conference Paper
Full-text available
The verification of continuous and hybrid systems is known to be hard, and today tools are limited to relatively small problems. Several novel approaches are currently under investigation that exploit various kinds of set representations (polyhedra, zonotopes), improved algorithms (avoiding the wrapping effect) and strategies (such as abstraction r...
Article
Full-text available
The verification of continuous and hybrid systems is known to be hard, and today tools are limited to relatively small problems. Several novel approaches are currently under investigation that exploit various kinds of set representations (polyhedra, zonotopes), improved algorithms (avoiding the wrapping effect) and strategies (such as abstraction r...
Conference Paper
Full-text available
Our goal is to find the set of parameters for which a given linear hybrid automaton does not reach a given set of bad states. The problem is known to be semi-solvable (if the algorithm terminates the result is correct) by introducing the parameters as state variables and computing the set of reachable states. This is usually too expensive, how- eve...
Conference Paper
Full-text available
Many situation in various application domains can be formalized as switched buffer networks, that is, networks of containers in which quantities of some substances are stored and transported at various rates to other buffers. A mode of such a system is defined by the channels that are active at a given time, which determine the rates of change in t...
Conference Paper
Full-text available
Set-based reachability analysis computes all possible states a system may attain, and in this sense provides knowledge about the system with a completeness, or coverage, that a finite number of simulation runs can not deliver. Due to its inherent complexity, the application of reachability analysis has been limited so far to simple systems, both in...
Conference Paper
Full-text available
Timed and weak timed simulation relations are often used to show that operations on hybrid systems result in equivalent behavior or in conservative overapproximations. Given that systems are frequently designed and verified in a modular approach, it is desirable that this relationship is compositional, which is not the case for hybrid systems in ge...
Article
Full-text available
The application of formal methods to analog and mixed signal circuits requires efficient methods for constructing abstractions of circuit behaviors. This paper concerns the verification of properties of oscillator circuits. Generic monitor automata are proposed to facilitate the application of hybrid system reachability computations to characterize...
Conference Paper
Full-text available
Properties of analog circuits can be verified formally by partitioning the continuous state space and applying hybrid system verification techniques to the resulting abstraction. To verify properties of oscillator circuits, cyclic invariants need to be computed. Methods based on forward reachability have proven to be inefficient and in some cases i...
Conference Paper
Full-text available
Assume-guarantee reasoning (AGR) is recognized as a means to counter the state explosion problem in the verification of safety properties. We propose a novel assume-guarantee rule for hybrid systems based on simulation relations. This makes it possible to perform compositional reasoning that is conservative in the sense of over-approximating the co...
Article
Full-text available
The interaction of software with a physical environment can cause complex, mixed continuous-discrete behavior, also referred to as being hybrid. Formal verification can guarantee the conformance of the system with a specification on a design level. However, the computational cost limits its applicability to relatively simple systems. To enable the...
Conference Paper
Full-text available
Simulation relations can be used to verify refinement between a system and its specification, or between models of different complexity. It is known that for the verification of safety properties, simulation between hybrid systems can be defined based on their labeled transition system semantics. We show that for hybrid systems without shared varia...
Conference Paper
The algorithmic analysis of control systems for large and distributed hybrid systems is considerably restricted by its computational complexity. In order to enable the verification of discrete controllers for such hybrid systems, this contribution proposes an approach that combines decomposition, model checking and deduction. The system under exami...
Chapter
Full-text available
The main task in the control of dynamical systems with mixed discrete-continuous behavior is to guide its hybrid state from an actual operating point to the desired target state. One precondition for the design of an appropriate controller is a reachability analysis to determine all states which are both, reachable from the initial state and contro...
Book
Full-text available
Modeling.- What Is a Hybrid System?.- Description of Hybrid Systems by Modified Petri Nets.- Model Based Development of Hybrid Systems: Specification, Simulation, Test Case Generation.- Hybrid Modeling of Complex Process Control Function Blocks.- Discrete Models for Hybrid Systems.- Simulation.- An Environment for the Integrated Modelling of System...
Article
Full-text available
The algorithmic analysis of control systems for large and distributed hybrid systems is considerably restricted by its computational complexity. In order to enable the verification of discrete controllers for such hybrid systems, this contribution proposes an approach that combines decomposition, model checking and deduction. The system under exami...