About
301
Publications
22,169
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
5,113
Citations
Introduction
Additional affiliations
May 2014 - present
December 2013 - April 2014
September 2012 - November 2013
Education
January 2009 - September 2012
September 2008 - July 2012
September 2005 - November 2007
Publications
Publications (301)
Hyperproperties are system properties that require quantification over multiple execution traces of a system. Hyperproperties can express several specifications of interest for cyber-physical systems—such as opacity, robustness, and noninterference—which cannot be expressed using linear time properties. This paper presents for the first time a disc...
Finite-state abstractions (a.k.a. symbolic models) present a promising avenue for the formal verification and synthesis of controllers in continuous-space control systems. These abstractions provide simplified models that capture the fundamental behaviors of the original systems. However, the creation of such abstractions typically relies on the av...
Diagnosability is a system theoretical property characterizing whether fault occurrences in a system can always be detected within a finite time. In this paper, we investigate the verification of diagnosability for cyber-physical systems with continuous state sets. We develop an abstraction-free and automata-based framework to verify (the lack of)...
We compute probabilistic controlled invariant sets for nonlinear systems using Gaussian process state space models, which are data-driven models that account for unmodeled and unknown nonlinear dynamics. We investigate the relationship between robust and probabilistic invariance, leveraging this relationship to design state-feedback controllers tha...
Control barrier certificates have proven effective in formally guaranteeing the safety of the control systems. However, designing a control barrier certificate is a time-consuming and computationally expensive endeavor that requires expert input in the form of domain knowledge and mathematical maturity. Additionally, when a system undergoes slight...
Notions of transition invariants and closure certificates have seen recent use in the formal verification of controlled dynamical systems against \omega-regular properties. Unfortunately, existing approaches face limitations in two directions. First, they require a closed-form mathematical expression representing the model of the system. Such an ex...
In this letter, we introduces a data-driven framework for synthesizing controllers that enforce properties expressed by so-called
$\ell $
universal co-Büchi automata (
$\ell $
-UCA) over control systems with finite input sets and unknown mathematical models. The proposed framework leverages the notion of co-Büchi control barrier certificates (CB...
Closure certificates (CCs), function analogs of transition invariants, provide a framework to verify discrete-time dynamical systems against ω-regular specifications. Such certificates are similar to barrier certificates (BCs) yet are less conservative than BCs when leveraged to verify ω-regular properties. However, CCs are defined over pairs of st...
This paper addresses the problem of synthesizing controllers that enforce properties expressed by Universal Co-Büchi Automata (UCA) over stochastic control systems. Our approach introduces a notion of Stochastic Co-Büchi Control Barrier Certificates (SCBC), which, together with their associated controllers, ensure that specific regions in the state...
In this paper, we present the synthesis of secure-by-construction controllers that address safety and security properties simultaneously in cyber-physical systems. Our focus is on studying a specific security property called opacity, which characterizes the system's ability to maintain plausible deniability of its secret behavior in the presence of...
Nowadays, AI-based techniques, such as deep neural networks (DNNs), are widely deployed in autonomous systems for complex mission requirements (e.g., motion planning in robotics). However, DNNs-based controllers are typically very complex, and it is very hard to formally verify their correctness, potentially causing severe risks for safety-critical...
A barrier certificate, defined over the states of a dynamical system, is a real-valued function whose zero level set characterizes an inductively verifiable state invariant separating reachable states from unsafe ones. When combined with powerful decision procedures such as sum-of-squares programming (SOS) or satisfiability-modulo-theory solvers (S...
This paper is concerned with a formal verification scheme for both discrete- and continuous-time deterministic systems with unknown mathematical models. The main target is to verify the safety of unknown systems based on the construction of barrier certificates via a set of data collected from trajectories of systems while providing an a-priori gua...
In this work, we propose an abstraction and refinement methodology for the controller synthesis of discrete-time stochastic systems to enforce complex logical properties expressed by deterministic finite automata (a.k.a. DFA). Our proposed scheme is based on a notion of so-called (ϵ,δ)-approximate probabilistic relations, allowing one to quantify t...
In this paper, we present how to synthesize controllers to enforce
$\omega$
-regular properties over linear control systems affected by bounded disturbances. In particular, these controllers are synthesized based on so-called hybrid controlled invariant (HCI) sets. To compute these sets, we first construct a product system between the linear cont...
The study of minimal data rate for control using some notions of entropy has been so far limited to classical control tasks such as set invariance, state-estimation, or stabilization. In this work, for the first time, we present a study on sufficient data rates to enforce regular safety properties over uncertain systems with dynamics described by s...
This letter proposes a data-driven framework to synthesize safety controllers for nonlinear systems with finite input sets and unknown mathematical models. The proposed scheme leverages new notions of
multiple control barrier certificates (M-CBC)
and provides controllers ensuring the safety of systems with confidence 1. While there may not exist...
Inductive approaches to deductive verification has gained widespread adoption in the control and verification of safety-critical dynamical systems. The practical success of barrier certificates attests to their effectiveness and ongoing theoretical and practical refinement. However, when verification conditions are non-inductive, various strategies...
We propose a compositional approach to synthesize policies for networks of continuous-space stochastic control systems with unknown dynamics using model-free reinforcement learning (RL). The approach is based on
implicitly
abstracting each subsystem in the network with a finite Markov decision process with
unknown
transition probabilities, synt...
Construction of finite-state abstractions (a.k.a. symbolic abstractions) is a promising approach for formal verification and controller synthesis of complex systems. Finite-state abstractions provide simpler models that can replicate the behaviors of original complex systems. These abstractions are usually constructed by leveraging precise knowledg...
In this work, we propose a data-driven approach for synthesizing safety controllers for unknown nonlinear control systems using Gaussian Process (GP) transfer learning. Our approach involves two steps. The first step involves learning a GP model using data sampled from the system. Our method allows for leveraging a previously learned GP model of a...
We introduce an approach for designing foolproof control software for Cyber-Physical Systems (CPS) by using formal descriptions of the design requirements and, at the same time, automating the development and deployment phases. Symbolic Control is first introduced as an approach for automated synthesis of controllers for CPS in which finite abstrac...
Stochastic hybrid systems have received significant attentions as a relevant modeling framework describing many systems, from engineering to the life sciences: they enable the study of numerous applications, including transportation networks, biological systems and chemical reaction networks, smart energy and power grids, and beyond. Automated veri...
For a closed-loop system with a digital channel between the sensor and controller, invariance entropy quantifies the smallest average rate of information above which a compact subset Q of the state set can be made invariant. There exist different versions of invariance entropy for deterministic and uncertain control systems, which are equivalent in...
In this paper, we consider the problem of verifying pre-opacity for discrete-time control systems. Pre-opacity is an important information-flow security property that secures the intention of a system to execute some secret behaviors in the future. Existing works on pre-opacity only consider non-metric discrete systems, where it is assumed that int...
Symbolic control is an abstraction-based controller synthesis approach that provides, algorithmically, certifiable-by-construction controllers for cyber-physical systems. Symbolic control approaches usually assume that full-state information is available which is not suitable for many real-world applications with partially-observable states or outp...
In this work, we propose a compositional framework for the construction of control barrier functions for networks of continuous-time stochastic hybrid systems enforcing complex logic specifications expressed by finite-state automata. The proposed scheme is based on a notion of so-called pseudo-barrier functions computed for subsystems, by employing...
This article is concerned with a compositional approach for the construction of control barrier certificates for large-scale interconnected stochastic systems while synthesizing hybrid controllers against high-level logic properties. Our proposed methodology involves decomposition of interconnected systems into smaller subsystems and leverages the...
This work is concerned with a compositional technique for the construction of finite abstractions (
a.k.a.,
finite Markov decision processes (MDPs)) for networks of discrete-time stochastic switched systems. We propose a framework based on a notion of
stochastic simulation functions
, using which one can quantify the probabilistic distance betwe...
We propose a compositional approach to synthesize policies for networks of continuous-space stochastic control systems with unknown dynamics using model-free reinforcement learning (RL). The approach is based on implicitly abstracting each subsystem in the network with a finite Markov decision process with unknown transition probabilities, synthesi...
This paper is concerned with a data-driven technique for constructing finite Markov decision processes (MDPs) as finite abstractions of discrete-time stochastic control systems with unknown dynamics while providing formal closeness guarantees. The proposed scheme is based on notions of stochastic bisimulation functions (SBF) to capture the probabil...
In this paper, we provide a direct data-driven approach to synthesize safety controllers for unknown linear systems affected by unknown-but-bounded disturbances, in which identifying the unknown model is not required. First, we propose a notion of $\gamma$-robust safety invariant ($\gamma$-RSI) sets and their associated state-feedback controllers,...
In this paper, we develop a compositional scheme for the construction of continuous abstractions for networks of infinitely many discrete-time switched systems. In particular, the constructed abstractions are themselves also continuous-space systems with potentially lower dimensions, which can be used as replacements of the original (also known as...
Correct-by-construction synthesis is a cornerstone of the confluence of formal methods and control theory towards designing safety-critical systems. Instead of following the time-tested, albeit laborious (re)design-verify-validate loop, correct-by-construction methodology advocates the use of continual refinements of formal requirements – connected...
In this paper, we propose a construction scheme for a Safe-visor architecture for sandboxing unverified controllers, e.g., artificial intelligence-based (a.k.a. AI-based) controllers, in two-players non-cooperative stochastic games. Concretely, we leverage abstraction-based approaches to construct a supervisor that checks and decides whether or not...
In this paper, we focus on the problem of compositional synthesis of controllers enforcing signal temporal logic (STL) tasks over a class of continuous-time nonlinear interconnected systems. By leveraging the idea of funnel-based control, we show that a fragment of STL specifications can be formulated as assume-guarantee contracts. A new concept of...
In this work, we introduce a notion of reachability entropy to characterize the smallest data rate which is sufficient enough to enforce reach-while-stay specification. We also define data rates of coder-controllers that can enforce this specification in finite time. Then, we establish the data-rate theorem which states that the reachability entrop...
We generalize a small-gain theorem for a network of infinitely many systems, recently developed in [Kawan et. al, IEEE TAC (2021)]. The generalized small-gain theorem addresses exponential input-to-state stability with respect to closed sets, which enables us to study diverse control-theoretic problems in a unified manner, and it also allows for ag...
Correct-by-construction synthesis is a cornerstone of the confluence of formal methods and control theory towards designing safety-critical systems. Instead of following the time-tested, albeit laborious (re)design-verify-validate loop, correct-by-construction methodology advocates the use of continual refinements of formal requirements -- connecte...
The notion of
$k$
-inductive barrier certificates generalize the idea of
$k$
-induction to verification of discrete-time continuous-state dynamical systems by requiring restrictions over
$k$
-grams (sequence of
$k$
-states in evolution) of the system transitions. The promise of
$k$
-inductive barrier certificates is in the simplicity of t...
In this letter, we develop a data-driven framework with formal confidence bounds for the estimation of infinitesimal generators for continuous-time stochastic hybrid systems with unknown dynamics. The proposed approximation scheme employs both time discretization and sampling from the solution process, and estimates the infinitesimal generator of t...
In this letter, we develop a
data-driven
approach for the safety verification of stochastic systems with unknown dynamics. First, we use a notion of barrier certificates in order to cast the safety verification as a robust convex program (RCP). Solving this optimization program is difficult because the model of the stochastic system, which is unk...
In this paper, we show that an infinite network of input-to-state stable (ISS) subsystems, admitting ISS Lyapunov functions, itself admits an ISS Lyapunov function, provided that the couplings between the subsystems are sufficiently weak. The strength of the couplings is described in terms of the properties of an infinite-dimensional nonlinear posi...
This letter is concerned with a data-driven technique for constructing finite Markov decision processes (MDPs) as finite abstractions of discrete-time stochastic control systems with
unknown
dynamics while providing formal closeness guarantees. The proposed scheme is based on notions of
stochastic bisimulation functions
(SBF) to capture the pro...
In this paper, we consider the problem of verifying pre-opacity for discrete-time control systems. Pre-opacity is an important information-flow security property that secures the intention of a system to execute some secret behaviors in the future. Existing works on pre-opacity only consider non-metric discrete systems, where it is assumed that int...
In this paper, we propose a compositional framework for the synthesis of safety controllers for networks of partially-observable discrete-time stochastic control systems (a.k.a. continuous-space POMDPs). Given an estimator, we utilize a discretization-free approach to synthesize controllers ensuring safety specifications over finite time horizons....
In this paper, we propose a data-driven approach to formally verify the safety of (potentially) unknown discrete-time continuous-space stochastic systems. The proposed framework is based on a notion of barrier certificates together with data collected from trajectories of unknown systems. We first reformulate the barrier-based safety verification a...
This letter proposes a compositional data-driven approach for safety verification of networks of discrete-time subsystems with
formal guarantees
. Following a modular approach and for each subsystem, we search for a so-called sub-barrier candidate represented as a linear combination of a priori user-defined basis functions. We formulate the condi...
This paper presents a compositional framework for the construction of symbolic models for a network composed of a countably infinite number of finite-dimensional discrete-time control subsystems. We refer to such a network as infinite network. The proposed approach is based on the notion of alternating simulation functions. This notion relates a co...
High performance but unverified controllers, e.g., artificial intelligence-based (a.k.a. AI-based) controllers, are widely employed in cyber–physical systems (CPSs) to accomplish complex control missions. However, guaranteeing the safety and reliability of CPSs with this kind of controllers is currently very challenging, which is of vital importanc...
In this work, we study verification and synthesis problems for safety specifications over unknown discrete-time stochastic systems. When a model of the system is available, barrier certificates have been successfully applied for ensuring the satisfaction of safety specifications. In this work, we formulate the computation of barrier certificates as...
In this paper, we present how to synthesize controllers to enforce $\omega$-regular properties over linear control systems affected by bounded disturbances. In particular, these controllers are synthesized based on so-called hybrid controlled invariant (HCI) sets. To compute these sets, we first construct a product system using the linear control s...
The security in information-flow has become a major concern for cyber–physical systems (CPSs). In this work, we focus on the analysis of an information-flow security property, called opacity. Opacity characterizes the plausible deniability of a system’s secret in the presence of a malicious outside intruder. We propose a methodology of checking a n...
This paper provides a Lyapunov-based small-gain theorem for input-to-state stability (ISS) of networks composed of infinitely many finite-dimensional systems. We model these networks on infinite-dimensional ℓ∞-type spaces. A crucial assumption in our results is that the internal Lyapunov gains, modeling the influence of the subsystems on each other...
We construct compositional continuous approximations for an interconnection of infinitely many discrete-time switched systems. An approximation (known as abstraction) is itself a continuous-space system, which can be used as a replacement of the original (known as concrete) system in a controller design process. Having synthesized a controller for...
In this paper, we introduce a compositional method for the construction of finite abstractions of interconnected discrete-time switched systems. Particularly, we use a notion of so-called alternating simulation function as a relation between each switched subsystem and its finite abstraction. Based on some small-gain type conditions, we use those a...
The paper presents a methodology for temporal logic verification of continuous-time switched stochastic systems. Our goal is to find the lower bound on the probability that a complex temporal property is satisfied over a finite time horizon. The required temporal properties of the system are expressed using a fragment of linear temporal logic, call...
In this work, we propose a compositional framework for the verification of approximate initial-state opacity for networks of discrete-time switched systems. The proposed approach is based on a notion of approximate initial-state opacity-preserving simulation functions (InitSOPSFs), which characterize how close concrete networks and their finite abs...
In this paper, we study formal synthesis of control policies for partially observed jump-diffusion systems against complex logic specifications. Given a state estimator, we utilize a discretization-free approach for formal synthesis of control policies by using a notation of control barrier functions without requiring any knowledge of the estimatio...
Current cyber-physical systems (CPS) are expected to accomplish complex tasks. To achieve this goal, high performance, but unverified controllers (e.g. deep neural network, black-box controllers from third parties) are applied, which makes it very challenging to keep the overall CPS safe. By sandboxing these controllers, we are not only able to use...
In this paper, we propose a compositional approach to construct opacity-preserving finite abstractions (a.k.a symbolic models) for networks of discrete-time nonlinear control systems. Particularly, we introduce new notions of simulation functions that characterize the distance between control systems while preserving opacity properties across them....
Cyber–physical systems usually have complex dynamics and are required to fulfill complex tasks. In recent years, formal methods from Computer Science have been used by control theorists for both describing the required tasks and ensuring that they are fulfilled by the systems. The crucial drawback of formal methods is that a complete model of the s...
In this letter, we consider the problem of verifying
initial-state opacity
for networks of discrete-time control systems. We formulate the opacity property as a safety one over an appropriately constructed
augmented system
, and aim to verify this latter property by finding suitable barrier certificates. To reduce the computational complexity a...