No full-text available
To read the full-text of this research,
you can request a copy directly from the authors.
Formal Analysis of Discrete-Time Piecewise Affine Systems
Abstract
In this technical note, we study temporal logic properties of trajectories of discrete-time piecewise affine (PWA) systems. Specifically, given a PWA system and a linear temporal logic formula over regions in its state space, we attempt to find the largest region of initial states from which all trajectories of the system satisfy the formula. Our method is based on the iterative computation and model checking of finite quotients. We illustrate our method by analyzing PWA models of two synthetic gene networks.
... However, such finite models are usually too simple to capture the dynamics of genetic networks with the detail necessary for design applications. In our previous work [26] we used piecewise affine (PWA) systems as models of gene networks [25]. Such systems are globally complex and can approximate nonlinear dynamics with arbitrary accuracy [18], which makes them realistic models. ...
... Such systems are globally complex and can approximate nonlinear dynamics with arbitrary accuracy [18], which makes them realistic models. They are also locally simple, which allowed us to analyze them formally from temporal logic specifications through a procedure based on the construction and refinement of finite abstractions through polyhedral operations [26] and model-checking [8]. In this paper, we use a class of models that is inspired by PWA systems but is more general. ...
... We develop a procedure for the automatic construction of such models from part characterization data with the guarantee that all experimental observations can be reproduced by the identified model. We also extend our methods from [26] and integrate them with our model identification procedure, which leads to a fully automatic framework for specifying and verifying the correctness of genetic networks constructed from parts. Our approach can be used both to verify individual device designs or to automatically explore the space of potential device designs that can be constructed from characterized parts, available from libraries. ...
The design of genetic networks with specific functions is one of the major
goals of synthetic biology. However, constructing biological devices that work
"as required" remains challenging, while the cost of uncovering flawed designs
experimentally is large. To address this issue, we propose a fully automated
framework that allows the correctness of synthetic gene networks to be formally
verified in silico from rich, high level functional specifications.
Given a device, we automatically construct a mathematical model from
experimental data characterizing the parts it is composed of. The specific
model structure guarantees that all experimental observations are captured and
allows us to construct finite abstractions through polyhedral operations. The
correctness of the model with respect to temporal logic specifications can then
be verified automatically using methods inspired by model checking.
Overall, our procedure is conservative but it can filter through a large
number of potential device designs and select few that satisfy the
specification to be implemented and tested further experimentally. Illustrative
examples of the application of our methods to the design of simple synthetic
gene networks are included.
... evaluating or enforcing state space invariance of control systems [8,27,9,41,28] or reach-avoid set control and differential games [34,18,30,10,20]. A renewed interest in the (both forward and backward) reachability problem is witnessed by more recent literature too, where this tool is exploited in the derivation of dynamical systems abstraction techniques and symbolic control approaches for the verification of fundamental properties such as safety or for the enforcement of formal logics specifications [44,39,46,47,49,48,37,45,16,11,31,32]. This fact, indeed, comes from its inherent peculiarity of addressing how two regions of the state space (a starting and an ending region) are mapped through the dynamics of a (in general nonlinear) system under selected inputs. ...
... A modern trend in automatic control is to address the analysis and control of complex, high dimensional and interconnected dynamical systems. Examples of such problems are abundant in power networks, biological systems, power management, transportation problems and robotics [4,22,47,38,16,11]. In this regard and for the reasons reported above, reachability analysis appears to be a promising candidate tool to assess formal properties of these complex systems, derive related abstraction techniques and design control laws. ...
Backward reachability (also termed controllability) has been extensively studied in control theory, and tools for a wide class of systems have been developed. Nevertheless, assessing a backward reachability analysis or synthesis remains challenging as the system dimension grows. In this paper we study the backward reachability problem for large scale networked nonlinear systems with coupled dynamics and subject to states and inputs nonlinear constraints. We propose a theory for completely general nonlinear constrained large scale controllability problems. We demonstrate that it is always possible to recast such problems for the overall large scale system into an equivalent distributed form where, without introducing any conservativeness, each node of the network iteratively solves a local reachability subproblem by exchanging information with the adjacent nodes. Although the proposed algorithm is completely decentralized, the solution of the backward reachability problem for the overall system is equivalently determined by the local ones and satisfies all the given constraints. Not being linked to any specific assumption on the system dynamics nor static constraints, the proposed results hold irrespectively of any possible analytical/numerical solver to be adopted for backward reachability computation.
... This representation allows for compact and computationally fast operations on regions of the state space, and thus for fast computation of the quantities of interest. In the literature, finite abstractions have been applied to models such as hybrid (Alur et al. 2000;Lafferriere et al. 2000;Pappas 2003) and PWA systems (Yordanov and Belta 2010;Yordanov et al. 2013), however with tolling computational costs. While we leverage a PWA representation of the given MPL dynamics (Heemels et al. 2001) -a particular case of the PWA system used in Yordanov and Belta (2010) and Yordanov et al. (2013) -to build the abstract transition system, techniques for abstractions of PWA systems developed in Yordanov et al. (2013) do not appear to be applicable in the context of the models derived from MPL systems, since the abstraction depends on a specific LTL formula. ...
... In the literature, finite abstractions have been applied to models such as hybrid (Alur et al. 2000;Lafferriere et al. 2000;Pappas 2003) and PWA systems (Yordanov and Belta 2010;Yordanov et al. 2013), however with tolling computational costs. While we leverage a PWA representation of the given MPL dynamics (Heemels et al. 2001) -a particular case of the PWA system used in Yordanov and Belta (2010) and Yordanov et al. (2013) -to build the abstract transition system, techniques for abstractions of PWA systems developed in Yordanov et al. (2013) do not appear to be applicable in the context of the models derived from MPL systems, since the abstraction depends on a specific LTL formula. Furthermore, the new approach in this work, hinging on DBM manipulations and on a partitioning that is tailored to the underlying dynamics, appears to be drastically more scalable. ...
This work presents a technique to generate finite abstractions of autonomous Max-Plus-Linear (MPL) systems, a class of discrete-event systems employed to characterize the dynamics of the timing related to the synchronization of successive events. Abstractions of MPL systems are derived as finite-state transition systems. A transition system is obtained first by partitioning the state space of the MPL system into finitely many regions and then by associating a unique state of the transition system to each partitioning region. Relations among the states of the transition system are then set up based on the underlying dynamical transitions between the corresponding partitioning regions of the MPL state space. In order to establish formal equivalences, the obtained finite abstractions are proven either to simulate or to bisimulate the original MPL system. The approach enables the study of general properties of the original MPL system formalized as logical specifications, by verifying them over the finite abstraction via model checking. The article presents a new, extended and improved implementation of a software tool (available online) for the discussed formal abstraction of MPL systems, and is tested on a numerical benchmark against a previous version.
... IV-A) and analysis (Sec. IV-C) procedures and direct the interested reader to [20] and [21], respectively, for additional details. ...
... In [21] we developed an analysis procedure based on the construction, model checking and refinement of simulation quotients such as T . Our algorithm used model checking to partition the set of states L into set L φ ⊆ L from which T satisfied an LTL formula φ and L ¬φ ⊆ L from which T satisfied the negation ¬φ. ...
We present a framework that allows us to construct and formally analyze the behavior of synthetic gene circuits from specifications in a high level language used in describing electronic circuits. Our back-end synthesis tool automatically generates genetic-regulatory network (GRN) topology realizing the specifications with assigned biological “parts” from a database. We describe experimental procedures to acquire characterization data for the assigned parts and construct mathematical models capturing all possible behaviors of the generated GRN. We delineate algorithms to create finite abstractions of these models, and novel analysis techniques inspired from model-checking to verify behavioral specifications using Linear Temporal Logic (LTL) formulae.
... The concept of constructing a finite quotient of an infinite system has been widely studied, e.g., [7]- [9]. It is known that finite state bisimulation quotients exist only for specific classes of systems (e.g., timed automata [9] and controllable linear systems [7]), and the well known bisimulation algorithm [4] in general does not terminate [10]. Approximately bisimilar finite abstractions for continuoustime switched systems were constructed under incremental stability assumptions in [11]. ...
... Approximately bisimilar finite abstractions for continuoustime switched systems were constructed under incremental stability assumptions in [11]. For piecewise linear systems, guided refinement procedures were employed with the goal of constructing the quotient system for verification of certain properties [8], [10]. ...
In this paper, we consider the problem of constructing a finite bisimulation
quotient for a discrete-time switched linear system in a bounded subset of its
state space. Given a set of observations over polytopic subsets of the state
space and a switched linear system with stable subsystems, the proposed
algorithm generates the bisimulation quotient in a finite number of steps with
the aid of sublevel sets of a polyhedral Lyapunov function. Starting from a
sublevel set that includes the origin in its interior, the proposed algorithm
iteratively constructs the bisimulation quotient for any larger sublevel set.
The bisimulation quotient can then be further used for synthesis of the
switching law and system verification with respect to specifications given as
syntactically co-safe Linear Temporal Logic formulas over the observed
polytopic subsets.
... When the continuous dynamics and the discrete abstraction can be related by some formal behavioral relationship such as simulation, bisimulation and their alternating or approximate versions [13,37,42], controllers designed using the abstraction can be refined into controllers for the original system with formal guarantees of correctness. Most of the existing approaches for computing discrete abstractions are based on partitions or discretizations of the continuous state space [1,6,9,14,21,23,24,34,36,43,45,47]. As these typically scale exponentially in the state space dimension, it is clear that these approaches, applied naively, are only suitable for low dimensional dynamics. ...
Control of continuous and hybrid systems using discrete abstractions often suffers from scalability issues, due to the use of state space partitions as symbolic states. In this paper, for incrementally stable switched systems, we introduce a class of abstractions that do not rely on state space partitions but use mode sequences as symbolic states. Our approach differs from existing works by the possibility of considering sequences of varying length, giving the possibility to adjust locally the resolution of the abstraction. Temporal constraints on the switching signal can also be taken into account. We thus define multi-resolution bisimilar abstractions that enjoy interesting properties that can be used to design specific algorithms to synthesize safety controllers. These algorithms need not compute the full abstraction that is built incrementally during controller synthesis, exploring finer resolutions only when the specification cannot be enforced at the coarser level. We illustrate the approach by a numerical example inspired by road traffic regulation.
... Model checking techniques for hybrid systems are under ongoing investigation, mostly by discretizing the continuous dynamics and applying discrete model checking techniques [9,12,15]. Our verification approach is inspired by the optimal control method for LTL requirements on discrete-time mixed logical dynamical (MLD) plants [7,14] and similar to [4]. ...
The article addresses the semi-formal verification of behavioral specifications for subsystems consisting of physical parts and controllers, complemented by simulation-based integration testing. Since design errors in early phases tend to be particularly expensive, the method is tailored towards applicability in these phases. We verify behavioral specifications with proof-like credibility, or falsify them while providing a violation scenario that is reusable as a test case. The system is represented as a mixed logical dynamical (MLD) system, and specifications are expressed by a temporal logic with affine signal abstractions. The verification problem is converted into an equivalent mixed-integer linear feasibility problem solved using off-the-shelf solvers. An example illustrates the effectiveness of the method.
... (D1) (D2) (R1)-(E1) [9] [23, 18] (R1)-(E2) [8,28,10] [12, 5] (R2)-(E1) [40,3,26,45,46,20,36] [24,37] (R2)-(E2) [40,16,13,29] [47, 48, 1] (R3)-(E1) [41,17,34] [7, 38, 39, 4] (R3)-(E2) [15] [19] Table 1. Related literature on equivalences based reduction of discrete/continuous/hybrid deterministic/non-deterministic/stochastic systems. ...
In this paper we propose definitions of equivalence via stochastic bisimulation and of equivalence of stochastic external behavior for the class of discrete-time stochastic linear control systems with possibly degenerate normally distributed disturbances. The first notion is inspired by the notion of probabilistic bisimulation for probabilistic chains while the second one by the notion of equivalence of external behavior for (nonstochastic) behavioral systems. Geometric necessary and sufficient conditions for checking these notions are derived. Model reduction via Kalman-like decomposition is also proposed. Connections with stochastic linear realization theory and stochastic reachability are established.
... While the general goals of VeriSiMPL go beyond the topics of this work and are thus left to the interested reader, in this article we describe the details of the implementation of the suite for reachability analysis within this toolbox over a running example. With an additional numerical case study, we display the scalability of the tool as a function of model dimension (the number of its continuous variables): let us emphasize that related approaches for reachability analysis of discrete-time dynamical systems based on finite abstractions do not reasonably scale beyond models with a few variables [29], whereas our procedure comfortably handles models with about twenty continuous variables. In this numerical benchmark we have purposely generated the underlying dynamics randomly: this allows deriving empirical outcomes that are general and not biased towards possible structural features of a particular model. ...
This work discusses the computation of forward reachability for autonomous (that is, deterministic) Max-Plus-Linear (MPL) systems, a class of continuous-space discrete-event models that are relevant for applications dealing with synchronization and scheduling. Given an MPL model and a set of initial states, we characterize and compute its “reach tube,” namely the sequential collection of the sets of reachable states (these sets are regarded step-wise as “reach sets”). We show that the exact computation of the reach sets can be quickly and compactly performed by manipulations of difference-bound matrices, and derive explicit worst-case bounds for the complexity of these operations. The concepts and techniques are implemented within the toolbox VeriSiMPL, and are practically elucidated by a running example. We further display the computational performance of the approach by two concluding numerical benchmarks: the technique comfortably handles reachability computations over twenty-dimensional MPL models (i.e., models with twenty continuous variables), and it clearly outperforms an alternative state-of-the-art approach in the literature.
... The performance objectives are formulated in terms of the state trajectories of the original system, and controller synthesis is a two step procedure yielding a certified hybrid controller for the original plant [13]. Other related research directions make use of symbolic models [2], [6] , approximating automata [4], and finite quotients of the system [3], [23]. ...
We consider discrete-time plants that interact with their controllers via fixed discrete alphabets in the absence of exogenous inputs. For this class of systems, we revisit a general procedure for constructing a sequence of finite state approxi-mate models starting from finite length sequences of input and output signal pairs. After providing intuition for the proposed construction, we show that it satisfies the desired properties of ρ/µ approximations. We then propose a readily verifiable sufficient condition for ensuring finiteness of the approximation error gain. Finally, we show that the proposed construct satisfies an interesting 'completeness' property, making it attractive as a medium for studying fundamental limitations of finite state approximation and state observation under coarse sensing.
... Since the number of continuous-states of H is smaller than that of H, it is easier to do verification forH than for the original model. Note that verification of piecewise-affine hybrid systems has high (in certain cases exponential) computational complexity, [6], [22]. Likewise, assume that it is desired to design a control law for H which ensures that the switching signal generated by the closedloop system belongs to a certain prefix closed set L. Such problems arise in various settings for hybrid systems [20]. ...
We present a procedure for reducing the number of continuous states of
discrete-time linear switched systems, such that the reduced system has the
same behavior as the original system for a subset of switching sequences. The
proposed method is expected to be useful for abstraction based control
synthesis methods for hybrid systems.
... The conservatism of the approaches based on explicit discretization is often reduced by refining the state space partition based on the dynamics, resulting in larger abstract finite state systems [33]. As a result, these approaches face a combinatorial blow up in the size of the underlying discrete abstractions, commonly known as the state explosion problem. ...
We consider temporal logic verification of (possibly nonlinear) dynamical
systems evolving over continuous state spaces. Our approach combines
automata-based verification and the use of so-called barrier certificates.
Automata-based verification allows the decomposition the verification task into
a finite collection of simpler constraints over the continuous state space. The
satisfaction of these constraints in turn can be (potentially conservatively)
proved by appropriately constructed barrier certificates. As a result, our
approach, together with optimization-based search for barrier certificates,
allows computational verification of dynamical systems against temporal logic
properties while avoiding explicit abstractions of the dynamics as commonly
done in literature.
... Such systems, as well as other infinite-state, continuous and hybrid models used in biology, can be encoded into SMT directly but might require expensive (or incomplete) decision procedures. As an alternative, (conservative) finite transition system abstractions can be constructed (e.g. as in [78]), enabling the analysis and integration of infinite state systems within the framework described here. The application of formal methods to Petri Nets [15], which also describe chemical reaction networks, has been studied extensively and can provide useful analysis procedures, which can then be extended to all the formalisms we consider through their common representation. ...
Synthetic biology focuses on the re-engineering of living organisms for useful purposes while DNA computing targets the construction of therapeutics and computational circuits directly from DNA strands. The complexity of biological systems is a major engineering challenge and their modeling relies on a number of diverse formalisms. Moreover, many applications are “mission-critical” (e.g. as recognized by NASA’s Synthetic Biology Initiative) and require robustness which is difficult to obtain. The ability to formally specify desired behavior and perform automated computational analysis of system models can help address these challenges, but today there are no unifying scalable analysis frameworks capable of dealing with this complexity.
In this work, we study pertinent problems and modeling formalisms for DNA computing and synthetic biology and describe how they can be formalized and encoded to allow analysis using Satisfiability Modulo Theories (SMT). This work highlights biological engineering as a domain that can benefit extensively from the application of formal methods. It provides a step towards the use of such methods in computational design frameworks for biology and is part of a more general effort towards the formalization of biology and the study of biological computation.
... Other related research directions make use of symbolic models [3], [9], approximating automata [4], [6], [24], and finite quotients of the system [5], [40]. While the subject of inputoutput robustness of discrete systems has been garnering more attention recently [28], we are not aware of any alternative notions of discrete approximation developed in conjunction with that work. ...
We consider discrete-time plants that interact with their controllers via
fixed discrete alphabet sets in the absence of exogenous inputs. For this class
of systems, we propose a general procedure for constructing a sequence of
finite state approximate models starting from finite length sequences of input
and output signal pairs. We show that the proposed construction satisfies
desirable properties of $\rho/\mu$ approximations, thus leading to nominal
deterministic finite state machine models that can be used in
certified-by-design controller synthesis. We also show that the proposed
construction satisfies a relevant `completeness' property, and we conclude with
directions for future work.
We present a method to verify transient and settling time properties, called band convergence properties, of digitally controlled continuous systems, wherein we consider a linear dynamical system model for a plant and a PID controller. We consider the discrete-time sampled behavior of the closed loop system, and verify band convergence for the discrete-time behavior. The basic idea is to look for a box-shaped invariant for the system which is adequate to ensure that the system stays within the given band. We first give a technique to handle a general discrete-time system, but with determinate matrix entries. We then give a technique to handle discrete-time systems with matrices that lie in a range which over-approximate the matrix exponentials (which arise when we consider the discrete-time version of a continuous system), using the notion of an abstract discrete-time system. We have implemented the verification approach, and evaluate its efficacy on some popular Simulink models.
Today's increasingly populous cities require intelligent transportation systems that make efficient use of existing transportation infrastructure. However, inefficient traffic management is pervasive [1], [2], costing US$160 billion in the United States in 2015, including 6.9 billion h of additional travel time and 3.1 billion gal of wasted fuel [3]. To mitigate these costs, the next generation of transportation systems will include connected vehicles, connected infrastructure, and increased automation. In addition, these advances must coexist with legacy technology into the foreseeable future. This complexity makes the goal of improved mobility and safety even more daunting.
In this paper, we study the hierarchical problem of large-scale control systems. As a natural extension of traditional simulation function, the new notion of vector simulation function is introduced for investigating the hierarchies between abstract systems and concrete systems. By constructing a comparison system, we present a generalized result on this problem which, in the case of a scalar simulation function, specializes to the classical result. When interconnected nonlinear systems are considered, an easily checkable sufficient condition is obtained to facilitate the compositional construction of abstractions. Based on the condition, we propose a particular construction of abstractions for interconnected linear systems. Finally, two examples are included.
Verification of switched systems has to include the continuous trajectories as well as the discrete states of the system. For strongly interconnected systems with mutual dependencies it is not sufficient to verify the two system parts individually. It is necessary to examine the combined behaviour in such a setting. The approach presented in this paper is based on the well known concept of using system identification methods for verification which is extended to switched systems. The authors introduce the idea to tackle the verification of complex mechatronical systems as hybrid identification problem. Therefore the specification is given by the user in terms of the parameters of linear dynamic systems and a superimposed state machine. The implemented system under test can be transformed into the same representation using input/output measurement data and a recently developed hybrid identification procedure. Finally it is possible to compare the two representations automatically and calculate a formal statement about the consistency between specification and implementation.
We present an algorithm for reducing the number of continuous states of a discrete time linear switched system, such that the reduced system has the same input–output behavior as the original system for a subset of switching sequences. The procedure can be interpreted as reachability and observability reduction for a linear switched system with constrained switching. The proposed method is expected to be useful for abstraction based control synthesis methods for hybrid systems.
Symbolic models have been recently used as a sound mathematical formalism for the formal verification and control design of purely continuous and hybrid systems. In this paper we propose a sequence of symbolic models that approximates a discrete-time Piecewise Affine (PWA) system in the sense of approximate simulation and converges to the PWA system in the so-called simulation metric. Symbolic control design is then addressed with specifications expressed in terms of non-deterministic finite automata. A sequence of symbolic control strategies is derived which converges, in the sense of simulation metric, to the maximal controller solving the given specification on the PWA system.
In this paper, we consider the problem of constructing a finite bisimulation quotient for a discrete-time switched linear system in a bounded subset of its state space. Given a set of observations over polytopic subsets of the state space and a switched linear system with stable subsystems, the proposed algorithm generates the bisimulation quotient in a finite number of steps with the aid of sublevel sets of a polyhedral Lyapunov function. Starting from a sublevel set that includes the origin in its interior, the proposed algorithm iteratively constructs the bisimulation quotient for the region bounded by any larger sublevel set. We show how this bisimulation quotient can be used for synthesis of switching laws and verification with respect to specifications given as syntactically co-safe Linear Temporal Logic formulae over the observed polytopic subsets.
Formal methods are increasingly being used for control and verification of dynamic systems against complex specifications. In general, these methods rely on a relatively simple system model, such as a transition graph, Markov chain, or Markov decision process, and require abstraction of the original continuous-state dynamics. It can be difficult or impossible, however, to find a perfectly equivalent abstraction, particularly when the original system is stochastic. Here we develop an abstraction procedure that maps a discrete-time stochastic system to an Interval-valued Markov Chain (IMC) and a switched discrete-time stochastic system to a Bounded-parameter Markov Decision Process (BMDP). We construct model checking algorithms for these models against Probabilistic Computation Tree Logic (PCTL) formulas and a synthesis procedure for BMDPs. Finally, we develop an efficient refinement algorithm that reduces the uncertainty in the abstraction. The technique is illustrated through simulation.
We propose a methodology for synthesizing ramp metering control strategies for freeway networks from linear temporal logic specifications. Such specifications allow very rich control objectives constructed from temporal operators such as “always” and “eventually” combined with Boolean operators and encompass e.g. safety, reachability, and liveness conditions. We use the cell transmission model of traffic flow on freeway networks to obtain a piecewise affine model of the traffic network, and we apply recent results on control of such systems from temporal logic specifications to synthesize ramp metering strategies that are correct by construction. We demonstrate our approach on several examples.
We present a computational framework for automatic synthesis of a feedback control strategy for a discrete-time piece-wise affine (PWA) system from a specification given as a linear temporal logic (LTL) formula over an arbitrary set of linear predicates in the system's state variables. Our approach consists of two main steps. First, by defining appropriate partitions for its state and input spaces, we construct a finite abstraction of the PWA system in the form of a control transition system. Second, by leveraging ideas and techniques from LTL model checking and Rabin games, we develop an algorithm to generate a control strategy for the finite abstraction. While provably correct and robust to state measurements and small perturbations in the applied inputs, the overall procedure is conservative and expensive. The proposed algorithms have been implemented as a software package and made available for download. Illustrative examples are included.
VeriSiMPL (“very simple”) is a software tool to obtain finite abstractions of Max-Plus-Linear (MPL) models. MPL models (Sect. 2), specified in MATLAB, are abstracted to Labeled Transition Systems (LTS). The LTS abstraction is formally put in relationship with the concrete MPL model via a (bi)simulation relation. The abstraction procedure (Sect. 3) runs in MATLAB and leverages sparse representations, fast manipulations based on vector calculus, and optimized data structures such as Difference-Bound Matrices. LTS abstractions can be exported to structures defined in the PROMELA. This enables the verification of MPL models against temporal specifications within the SPIN model checker (Sect. 4). The toolbox is available at
http://sourceforge.net/projects/verisimpl/
A symbolic abstraction method is used to synthesize stabilizing state-feedback controllers for piecewise affine plants. An increasing sequence of symbolic models of the piecewise affine plant and the corresponding sequence of convex synthesis conditions are obtained in the order of decreasing conservatism. Whenever one of these conditions is feasible, synthesis of a stabilizing piecewise affine controller is guaranteed. At least in principle, the synthesis conditions are capable of identifying the largest stabilizable region, and hence they do not suffer from inherent conservatism.
In this paper, we present a method to generate a finite Markovian abstraction for a discrete time linear stochastic system evolving in a full dimensional polytope. Our approach involves an adaptation of an existing approximate abstraction procedure combined with a bisimulation-like refinement algorithm. It proceeds by approximating the transition probabilities from one region to another by calculating the probability from a single representative point in the first region. We derive the exact bound of the approximation error and an explicit expression for its growth over time. To achieve a desired error value, we employ an adaptive refinement algorithm that takes advantage of the dynamics of the system. We demonstrate the performance of our method through simulations.
This work puts forward a novel technique to generate finite abstractions of autonomous and nonautonomous Max-Plus-Linear (MPL) models, a class of discrete-event systems used to characterize the dynamics of the timing related to successive events that synchronize autonomously. Nonautonomous versions of MPL models embed within their dynamics nondeterminism, namely a signal choice that is usually regarded as an exogenous control or schedule. In this paper, abstractions of MPL models are characterized as finite-state Labeled Transition Systems (LTS). LTS are obtained first by partitioning the state space (and, for the nonautonomous model, by covering the input space) of the MPL model and by associating states of the LTS to the introduced partitions, then by defining relations among the states of the LTS based on dynamical transitions between the corresponding partitions of the MPL state space, and finally by labeling the LTS edges according to the one-step timing properties of the events of the original MPL model. In order to establish formal equivalences, the finite abstractions are proven to either simulate or to bisimulate the original MPL model. This approach enables the study of general properties of the original MPL model by verifying (via model checking) equivalent logical specifications over the finite LTS abstraction. The computational aspects related to the abstraction procedure are thoroughly discussed and its performance is tested on a numerical benchmark.
We present a computational framework for identifying a set of initial states from which all trajectories of a piecewise affine (PWA) system satisfy a Linear Temporal Logic (LTL) formula over a set of linear predicates in its state variables. Our approach is based on the construction and refinement of finite abstractions of infinite systems. We derive conditions guaranteeing the equivalence of an infinite system and its finite abstraction with respect to a specific temporal logic formula and propose methods aimed at the construction of such formula-equivalent abstractions. We show that the proposed procedure can be implemented using polyhedral operations and analysis of finite graphs. While provably correct, the overall method is conservative and expensive. The proposed algorithms have been implemented as a software tool that is available for download. An illustrative example for a PWA gene network model is included.
This paper considers exponential stability and quadratic performance of discrete-time piecewise affine systems. We propose a procedure to obtain an increasing sequence of state-space partitions, and show that, whenever the procedure terminates after a finite number of steps, a nonconservative stability and performance analysis is achieved by solving a finite number of linear matrix inequalities. The result is illustrated via numerical examples, which include a model of the PWM DC-DC power converter.
Symbolic models have been recently used as a sound mathematical
formalism for the formal verification and control design of purely
continuous and hybrid systems. In this paper we propose a sequence of
symbolic models that approximates a discrete-time Piecewise Affine (PWA)
system in the sense of approximate simulation and converges to the PWA
system in the so-called simulation metric. Symbolic control design is
then addressed with specifications expressed in terms of
non-deterministic finite automata. A sequence of symbolic control
strategies is derived which converges, in the sense of simulation
metric, to the maximal controller solving the given specification on the
PWA system.
In this paper, we use the constructs of branching temporal logic to formalize reasoning about a class of general flow systems,
including discrete-time transition systems, continuous-time differential inclusions, and hybrid-time systems such as hybrid
automata. We introduce Full General Flow Logic, GFL
⋆ , which has essentially the same syntax as the well-known Full Computation Tree Logic, CTL
⋆ , but generalizes the semantics to general flow systems over arbitrary time-lines. We propose an axiomatic proof system for
GFL
⋆ and establish its soundness w.r.t. the general flow semantics.
Robot motion planning algorithms have focused on low-level reachability goals taking into account robot kinematics, or on high level task planning while ignoring low-level dynamics. In this paper, we present an integrated approach to the design of closed–loop hybrid controllers that guarantee by construction that the resulting continuous robot trajectories satisfy sophisticated specifications expressed in the so–called Linear Temporal Logic. In addition, our framework ensures that the temporal logic specification is satisfied even in the presence of an adversary that may instantaneously reposition the robot within the environment a finite number of times. This is achieved by obtaining a Büchi automaton realization of the temporal logic specification, which supervises a finite family of continuous feedback controllers, ensuring consistency between the discrete plan and the continuous execution.
Our goal is to find the set of parameters for which a given linear hybrid automaton does not reach a given set of bad states. The problem is known to be semi-solvable (if the algorithm terminates the result is correct) by introducing the parameters as state variables and computing the set of reachable states. This is usually too expensive, how- ever, and in our experiments only possible for very simple systems with few parameters. We propose an adaptation of counterexample-guided abstraction refinement (CEGAR) with which one can obtain an under- approximation of the set of good parameters using linear programming. The adaptation is generic and can be applied on top of any CEGAR method where the counterexamples correspond to paths in the concrete system. For each counterexample, the cost incurred by underapproximat- ing the parameters is polynomial in the number of variables, parameters, and the length of counterexample. We identify a syntactic condition for which the approach is complete in the sense that the underapproxima- tion is empty only if the problem has no solution. Experimental results are provided for two CEGAR methods, a simple discrete version and iterative relaxation abstraction (IRA), both of which show a drastic im- provement in performance compared to standard reachability.
A Multi-Parametric Toolbox (MPT) for computing optimal or suboptimal feedback controllers for constrained linear and piecewise affine systems is under development at ETH. The toolbox offers a broad spectrum of algorithms compiled in a user friendly and accessible format: starting from different performance objectives (linear, quadratic, minimum time) to the handling of systems with persistent additive disturbances and polytopic uncertainties. The algorithms included in the toolbox are a collection of results from recent publications in the field of constrained optimal control of linear and piecewise affine systems [10,13, 4,9,16,17,15,14,7].
In this paper we compare four recently proposed procedures for the identication of PieceWise AutoRegressive eXogenous (PWARX) and switched ARX models. We consider the clustering-based procedure, the bounded-error procedure, and the Bayesian procedure which all iden- tify PWARX models. We also study the algebraic procedure, which iden- ties switched linear models. We introduce quantitative measures for assessing the quality of the obtained models. Specic behaviors of the procedures are pointed out, using suitably constructed one dimensional examples. The methods are also applied to the experimental identi- cation of the electronic component placement process in pick-and-place machines.
This paper describes version 2 of the NuSMV tool. NuSMV is a symbolic model checker originated from the reengineering, reimplementation and extension of SMV, the original BDD-based model checker developed at CMU. The NuSMV project aims at the development of a state-of-the-art symbolic model checker, designed to be applicable in technology transfer projects: it is a well structured, open, flexible and documented platform for model checking, and is robust and close to industrial systems standards.
Hybrid dynamic systems include both continuous and discrete state variables. Properties of hy- brid systems, which have an infinite state space, can often be verified using ordinary model checking together with a finite-state abstraction. Model checking can be inconclusive, however, in which case the abstraction must be refined. This paper presents a new procedure to perform this refinement op- eration for abstractions of hybrid systems. Following an approach originally developed for finite-state systems (11, 25), the refinement procedure constructs a new abstraction that eliminates a counterexam- ple generated by the model checker. For hybrid systems, analysis of the counterexample requires the computation of sets of reachable states in the continuous state space. We show how such reachability computations with varying degrees of complexity can be used to refine hybrid system abstractions ef- ficiently. Examples illustrate our counterexample-guided refinement procedure. Experimental results for a prototype implementation indicate significant advantages over existing methods.
It has been proposed' that gene-regulatory circuits with virtually any desired property can be constructed from networks of simple regulatory elements. These properties, which include multistability and oscillations, have been found in specialized gene circuits such as the bacteriophage lambda switch and the Cyanobacteria circadian oscillator. However, these behaviours have not been demonstrated in networks of non-specialized regulatory components. Here we present the construction of a genetic toggle switch-a synthetic, bistable gene-regulatory network-in Escherichia coli and provide a simple theory that predicts the conditions necessary for bistability. The toggle is constructed from any two repressible promoters arranged in a mutually inhibitory network. It is flipped between stable states using transient chemical or thermal induction and exhibits a nearly ideal switching threshold. As a practical device, the toggle switch forms a synthetic, addressable cellular memory unit and has implications for biotechnology, biocomputing and gene therapy.
The modeling and simulation of genetic regulatory networks have created the need for tools for model validation. The main challenges of model validation are the achievement of a match between the precision of model predictions and experimental data, as well as the efficient and reliable comparison of the predictions and observations.
We present an approach towards the validation of models of genetic regulatory networks addressing the above challenges. It combines a method for qualitative modeling and simulation with techniques for model checking, and is supported by a new version of the computer tool Genetic Network Analyzer (GNA). The model-validation approach has been applied to the analysis of the network controlling the nutritional stress response in Escherichia coli.
GNA and the model of the stress response network are available at http://www-helix.inrialpes.fr/gna.
In this paper we propose a methodology for automatically synthesizing motion task controllers based on linear temporal logic (LTL) specifications. The proposed design of the underlying multi-agent controllers possesses a special structure that allows for implicit satisfaction of basic liveness and safety specifications. The resulting closed loop system is of hybrid nature combining the continuous dynamics of the underlying system with the automatically synthesized switching logic that enforces the LTL specification. The effectiveness of the proposed scheme is verified through non-trivial computer simulations.
The control of complex systems poses new challenges that fall beyond the traditional methods of control theory. One of these challenges is given by the need to control, coordinate and synchronize the operation of several interacting submodules within a system. The desired objectives are no longer captured by usual control specifications such as stabilization or output regulation. Instead, we consider specifications given by linear temporal logic (LTL) formulas. We show that existence of controllers for discrete-time controllable linear systems and LTL specifications can be decided and that such controllers can be effectively computed. The closed-loop system is of hybrid nature, combining the original continuous dynamics with the automatically synthesized switching logic required to enforce the specification
This paper deals with computational methods for verifying
properties of labeled infinite-state transition systems using quotient
transition system (QTS). A QTS is a conservative approximation to the
infinite-state transition system based on a finite partition of the
infinite state space. For universal specifications, positive
verification for a QTS implies the specification is true for the
infinite-state transition system. We introduce the approximate QTS or
AQTS. The paper presents a sufficient condition for an AQTS to be a
bisimulation of the infinite state transition system. An AQTS
bisimulation is essentially equivalent to the infinite-state system for
the purposes of verification. It is well known, however, that
finite-state bisimulations do not exist for most hybrid systems of
practical interest. Therefore, the use of the AQTS for verification of
universal specifications is proposed and illustrated with an example.
This approach has been implemented in a tool for computer-aided
verification of a general class of hybrid systems
A hybrid system is a dynamical system with both discrete and
continuous state changes. For analysis purposes, it is often useful to
abstract a system in a way that preserves the properties being analysed
while hiding the details that are of no interest. We show that
interesting classes of hybrid systems can be abstracted to purely
discrete systems while preserving all properties that are definable in
temporal logic. The classes that permit discrete abstractions fall into
two categories. Either the continuous dynamics must be restricted, as is
the case for timed and rectangular hybrid systems, or the discrete
dynamics must be restricted, as is the case for o-minimal hybrid
systems. In this paper, we survey and unify results from both
areas
Networks of interacting biomolecules carry out many essential functions in living cells, but the ‘design principles’ underlying the functioning of such intracellular networks remain poorly understood, despite intensive efforts including quantitative analysis of relatively simple systems. Here we present a complementary approach to this problem: the design and construction of a synthetic network to implement a particular function. We used three transcriptional repressor systems that are not part of any natural biological clock to build an oscillating network, termed the repressilator, in Escherichia coli. The network periodically induces the synthesis of green fluorescent protein as a readout of its state in individual cells. The resulting oscillations, with typical periods of hours, are slower than the cell-division cycle, so the state of the oscillator has to be transmitted from generation to generation. This artificial clock displays noisy behaviour, possibly because of stochastic fluctuations of its components. Such ‘rational network design’ may lead both to the engineering of new cellular behaviours and to an improved understanding of naturally occurring networks.
In this paper, we focus on discrete-time continuous-space Piecewise Affine (PWA) systems, and study properties of their trajectories expressed as temporal and logical statements over polyhedral regions. Specifically, given a PWA system and a Linear Temporal Logic (LTL) formula over linear predicates in its state variables, we attempt to find the largest region of initial states from which all trajectories of the system satisfy the formula. Our method is based on a classical algorithm for the iterative computation of simulation quotients augmented with model checking. We show that the determinism inherent in the problem and the particular linear structure of the invariants and of the dynamics can be exploited in a computationally attractive algorithm. We illustrate the application of our method to the computation of basins of attraction for the two equilibria of a PWA model of a two-gene network.
In this paper, we consider discrete-time continuous-space Piecewise Affine (PWA) systems with parameter uncertainties, and
study temporal logic properties of their trajectories. Specifically, given a PWA system with polytopal parameter uncertainties,
and a Linear Temporal Logic (LTL) formula over linear predicates in the states of the system, we attempt to find subsets of
parameters guaranteeing the satisfaction of the formula by all trajectories of the system. We illustrate our method by applying
it to a PWA model of a two-gene network.
This paper adresses the problem of generating a minimal state graph from a program, without building first the whole state graph. The minimality is considered here with respect to bisimulation. A generation algorithm is presented and illustrated.
In this paper, we consider discrete-time continuous-space piecewise affine (PWA) systems with uncertain parameters, and study temporal logic properties of their trajectories. Specifically, given a PWA system with polyhedral parameter uncertainties and a linear temporal logic (LTL) formula over linear predicates in its state variables, we attempt to find the largest region of initial states from which all trajectories of the system satisfy the formula. Our method is based on the iterative computation and model checking of finite transition systems simulating the original PWA system. We illustrate our method by computing the basins of attraction for the two equilibria of a PWA model of a two-gene network.
We deal with the optimal control problem for piecewise linear and
hybrid systems by using a computational approach based on
performance-driven reachability analysis. The idea consists of coupling
a reach-set exploration algorithm, essentially based on a repetitive use
of linear programming, to a quadratic programming solver which
selectively drives the exploration. In particular, an upper bound on the
optimal cost is continually updated during the procedure, and used as a
criterion to discern non-optimal evolutions and to prevent their
exploration. The result is an efficient strategy of branch-and-bound
nature, which is especially attractive for solving long-horizon hybrid
optimal control and scheduling problems
The notion of bisimulation in theoretical computer science is one of the main complexity reduction methods for the analysis and synthesis of labeled transition systems. Bisimulations are special quotients of the state space that preserve many important properties expressible in temporal logics, and, in particular, reachability. In this paper, the framework of bisimilar transition systems is applied to various transition systems that are generated by linear control systems. Given a discrete-time or continuous-time linear system, and a finite observation map, we characterize linear quotient maps that result in quotient transition systems that are bisimilar to the original system. Interestingly, the characterizations for discrete-time systems are more restrictive than for continuous-time systems, due to the existence of an atomic time step. We show that computing the coarsest bisimulation, which results in maximum complexity reduction, corresponds to computing the maximal controlled or reachability invariant subspace inside the kernel of the observations map. These results establish strong connections between complexity reduction concepts in control theory and computer science.
We introduce a formalism to represent and analyze protein–protein and protein–DNA interaction networks. We illustrate the expressivity of this language, by proposing a formal counterpart of Kohn's compilation on the mammalian cell-cycle control. This effectively turns an otherwise static knowledge into a discrete transition system incorporating a qualitative description of the dynamics. We then propose to use the computation tree logic (CTL) as a query language for querying the possible behaviors of the system. We provide examples of biologically relevant queries expressed in CTL about the mammalian cell-cycle control and show the effectiveness of symbolic model checking tools to evaluate CTL queries in this context.
This paper establishes equivalences among five classes of hybrid systems: mixed logical dynamical (MLD) systems, linear complementarity (LC) systems, extended linear complementarity (ELC) systems, piecewise affine (PWA) systems, and max-min-plus-scaling (MMPS) systems. Some of the equivalences are established under (rather mild) additional assumptions. These results are of paramount importance for transferring theoretical properties and tools from one class to another, with the consequence that for the study of a particular hybrid system that belongs to any of these classes, one can choose the most convenient hybrid modeling framework.
Networks of interacting biomolecules carry out many essential functions in living cells, but the 'design principles' underlying the functioning of such intracellular networks remain poorly understood, despite intensive efforts including quantitative analysis of relatively simple systems. Here we present a complementary approach to this problem: the design and construction of a synthetic network to implement a particular function. We used three transcriptional repressor systems that are not part of any natural biological clock to build an oscillating network, termed the repressilator, in Escherichia coli. The network periodically induces the synthesis of green fluorescent protein as a readout of its state in individual cells. The resulting oscillations, with typical periods of hours, are slower than the cell-division cycle, so the state of the oscillator has to be transmitted from generation to generation. This artificial clock displays noisy behaviour, possibly because of stochastic fluctuations of its components. Such 'rational network design may lead both to the engineering of new cellular behaviours and to an improved understanding of naturally occurring networks.
The analysis of large amounts of data, produced as (numerical) traces of in vivo, in vitro and in silico experiments, has become a central activity for many biologists and biochemists. Recent advances in the mathematical modeling and computation of biochemical systems have moreover increased the prominence of in silico experiments; such experiments typically involve the simulation of sets of Differential Algebraic Equations (DAE), e.g., Generalized Mass Action systems (GMA) and S-systems. In this paper we reason about the necessary theoretical and pragmatic foundations for a query and simulation system capable of analyzing large amounts of such trace data. To this end, we propose to combine in a novel way several well-known tools from numerical analysis (approximation theory), temporal logic and verification, and visualization. The result is a preliminary prototype system: simpathica/xssys. When dealing with simulation data simpathica/xssys exploits the special structure of the underlying DAE, and reduces the search space in an efficient way so as to facilitate any queries about the traces. The proposed system is designed to give the user possibility to systematically analyze and simultaneously query different possible timed evolutions of the modeled system.
Based on the discrete definition of biological regulatory networks developed by René Thomas, we provide a computer science formal approach to treat temporal properties of biological regulatory networks, expressed in computational tree logic. It is then possible to build all the models satisfying a set of given temporal properties. Our approach is illustrated with the mucus production in Pseudomonas aeruginosa. This application of formal methods from computer science to biological regulatory networks should open the way to many other fruitful applications.
We consider the following problem: given a linear system and a linear temporal logic (LTL) formula over a set of linear predicates in its state variables, find a feedback control law with polyhedral bounds and a set of initial states so that all trajectories of the closed loop system satisfy the formula. Our solution to this problem consists of three main steps. First, we partition the state space in accordance with the predicates in the formula, and construct a transition system over the partition quotient, which captures our capability of designing controllers. Second, using a procedure resembling model checking, we determine runs of the transition system satisfying the formula. Third, we generate the control strategy. Illustrative examples are included.
We consider the discrete dynamical system x(k+1)= A(k)x(k) with n<sup>2</sup>independently varying uncertainties in the entries of A (cdot) . Although the set of possible states X(k) at time k is not necessarily convex, we show that the convex hull of this set can be recursively propagated forward in time.
We introduce a formalism to represent and analyze protein-protein and protein-DNA interaction networks. We illustrate the expressivity of this language, by proposing a formal counterpart of Kohn's compilation on the mammalian cell cycle control. This e#ectively turns an otherwise static knowledge into a discrete transition system incorporating a qualitative description of the dynamics. We then propose to use the Computation Tree Logic CTL as a query language for querying the possible behaviours of the system. We provide examples of biologically relevant queries expressed in CTL about the mammalian cell cycle control and show the e#ectiveness of symbolic model checking tools to evaluate CTL queries in this context.
We present an algorithm to generate Büchi automata from LTL formulae. This algorithm generates a very weak alternating co-Büchi automaton and then transforms it into a Büchi automaton, using a generalized Büchi automaton as an intermediate step. Each automaton is simplified on-the-fly in order to save memory and time. As usual we simplify the LTL formula before any treatment. We implemented this algorithm and compared it with Spin: the experiments show that our algorithm is much more efficient than Spin. The criteria of comparison are the size of the resulting automaton, the time of the computation and the memory used. Our implementation is available on the web at the following address:
http://verif.liafa.jussieu.fr/ltl2ba
Non-deterministic temporal logics for general flow systems in Hybrid Systems: Computation and Control, ser
- J M Davoren
- V Coulthard
- N Markey
- T Moor
J. M. Davoren, V. Coulthard, N. Markey, and T. Moor, "Non-deterministic temporal logics for general flow systems," in Hybrid Systems: Computation and Control, ser. Lecture Notes in Computer Science, R. Alur and G. J. Pappas, Eds. Berlin/Heidelberg, Germany: Springer, 2004, vol. 2993, pp. 107–121.
A counterexample-guided approach to parameter synthesis for linear hybrid automata in Hybrid Systems: Computation and Control, ser
- G Frehse
- S Jha
- B Krogh
G. Frehse, S. Jha, and B. Krogh, "A counterexample-guided approach to parameter synthesis for linear hybrid automata," in Hybrid Systems: Computation and Control, ser. Lecture Notes in Computer Science, M. Egerstedt and B. Mishra, Eds. Berlin/Heidelberg, Germany: Springer, 2008, vol. 4981, pp. 187–200.
Parameter synthesis for piecewise affine systems from temporal logic specifications in Hybrid Systems: Computation and Control, ser
- B Yordanov
- C Belta
B. Yordanov and C. Belta, "Parameter synthesis for piecewise affine systems from temporal logic specifications," in Hybrid Systems: Computation and Control, ser. Lecture Notes in Computer Science, M. Egerstedt and B. Mishra, Eds. Berlin/Heidelberg, Germany: Springer, 2008, vol. 4981, pp. 542–555.
Multi-Parametric Toolbox (MPT) Available: http://control
- M Kvasnica
- P Grieder
- M Baoti
M. Kvasnica, P. Grieder, and M. Baoti, "Multi-Parametric Toolbox (MPT)," Tech. Rep., 2004 [Online]. Available: http://control.ee.ethz.ch/mpt/
Model Checking. Cam-bridge
- E M Clarke
- D Peled
- O Grumberg
E. M. Clarke, D. Peled, and O. Grumberg, Model Checking. Cam-bridge, MA: MIT Press, 1999.
The propagation of parametric uncertainty via polytopes
- B Barmish
- J Sankaran
B. Barmish and J. Sankaran, " The propagation of parametric uncertainty via polytopes, " IEEE Trans. Autom. Control, vol. AC-24, no. 2,
pp. 249–346, Apr. 1979.
Fages and V. Sch&auml;chter "Modeling and querying biomolecular interaction networks
- N Chabrier-Rivier
- M Chiaverini
- V Danos