AVERIST Algorithmic Verifier for Stability of Linear Hybrid Systems - - PowerPoint PPT Presentation

averist
SMART_READER_LITE
LIVE PREVIEW

AVERIST Algorithmic Verifier for Stability of Linear Hybrid Systems - - PowerPoint PPT Presentation

Oct 05, 2023 452 likes •848 views

AVERIST Algorithmic Verifier for Stability of Linear Hybrid Systems Miriam Garca Soto and Pavithra Prabhakar HSCC, April 2018 AVERIST Formal stability verification of hybrid systems Classes considered: polyhedral hybrid systems (

slide-1
SLIDE 1

AVERIST

Algorithmic Verifier for Stability

  • f Linear Hybrid Systems

Miriam García Soto and Pavithra Prabhakar

HSCC, April 2018

slide-2
SLIDE 2

AVERIST

✤ Formal stability verification of hybrid systems ✤ Classes considered: ✤ polyhedral hybrid systems (PHS) ✤ linear hybrid systems (LHS) ✤ Techniques implemented: ✤ Counterexample Guided Abstraction Refinement (CEGAR) for state-space

reduction

✤ Hybridization for dynamics simplification

slide-3
SLIDE 3

Input & Stability property

var: x,y; location: quad1, quad2, quad3, quad4; loc: quad1; inv: x>=0 AND y>=0; dyn: dx==y AND dy==-4*x; guards: when y==0 goto quad4; loc: quad2; inv: x<=0 AND y>=0; dyn: dx==10*y AND dy==-x; guards: when x==0 goto quad1; loc: quad3; inv: x<=0 AND y<=0; dyn: dx==y AND dy==-4*x; guards: when y==0 goto quad2; loc: quad4; inv: x>=0 AND y<=0; dyn: dx==10*y AND dy==-x; guards: when x==0 goto quad3;

<latexit sha1_base64="kPkwc1xN7+45lGzyKO1kene/4=">AD83icpZLNjtMwEMfdhI9t+OrCkYtFhYRWoUqylRBtgxbBgRNaJMpW2lYrJ3FTq4kdbKebEPVNOCGuPAlPwNvgJgE1GzjtSNGM/jPz83gcL4mIkJb1q6PpN27eun3QNe7cvXf/Qe/w4SfBUu7jqc8ixmceEjgiFE8lkRGeJRyj2Ivwmbd+s8ufbTAXhNGPMk/wIkYhJUviI6mki8POz7mHQ0ILVeQpLZbI2xobxEcwM/OxEbGqcgQ/pyiwzdI5lTu3HBs7MrqirHRJXSjul+5Fnz9/i3MVaDEIFeMIHPdvFSD3HWfD48ylQlTxAMxMrdyxWmUCUsGDLJ2nDnL3zyH7htHe3x/0HPGnR7n37cpk+uM7qzDx+29zK51uhq2jmQePdLnp9a2CVBtuBXQd9UNupev7ePGB+GmMq/QgJcW5biVwUiEviR3hrzFOBE+SvUYjPVUhRjMWiKH+7LXyqlAuGVcflbBU9zsKyQJGmcSiASpQLHYNV9Q/FzGhysdIrspA5LFnwpCjZEX8zKwOMaEk6y/N9rYiUm9JwpQ3r1FcKpbSm2LMON4NsDXUDu2rG2sHU2fwcmB/cPong3qZB+AxeAKeARu8ACfgHTgFU+BrjbTkObpG/2r/k3/XpVqnbrnEWiY/uM3yVgs9Q=</latexit><latexit sha1_base64="kPkwc1xN7+45lGzyKO1kene/4=">AD83icpZLNjtMwEMfdhI9t+OrCkYtFhYRWoUqylRBtgxbBgRNaJMpW2lYrJ3FTq4kdbKebEPVNOCGuPAlPwNvgJgE1GzjtSNGM/jPz83gcL4mIkJb1q6PpN27eun3QNe7cvXf/Qe/w4SfBUu7jqc8ixmceEjgiFE8lkRGeJRyj2Ivwmbd+s8ufbTAXhNGPMk/wIkYhJUviI6mki8POz7mHQ0ILVeQpLZbI2xobxEcwM/OxEbGqcgQ/pyiwzdI5lTu3HBs7MrqirHRJXSjul+5Fnz9/i3MVaDEIFeMIHPdvFSD3HWfD48ylQlTxAMxMrdyxWmUCUsGDLJ2nDnL3zyH7htHe3x/0HPGnR7n37cpk+uM7qzDx+29zK51uhq2jmQePdLnp9a2CVBtuBXQd9UNupev7ePGB+GmMq/QgJcW5biVwUiEviR3hrzFOBE+SvUYjPVUhRjMWiKH+7LXyqlAuGVcflbBU9zsKyQJGmcSiASpQLHYNV9Q/FzGhysdIrspA5LFnwpCjZEX8zKwOMaEk6y/N9rYiUm9JwpQ3r1FcKpbSm2LMON4NsDXUDu2rG2sHU2fwcmB/cPong3qZB+AxeAKeARu8ACfgHTgFU+BrjbTkObpG/2r/k3/XpVqnbrnEWiY/uM3yVgs9Q=</latexit><latexit sha1_base64="kPkwc1xN7+45lGzyKO1kene/4=">AD83icpZLNjtMwEMfdhI9t+OrCkYtFhYRWoUqylRBtgxbBgRNaJMpW2lYrJ3FTq4kdbKebEPVNOCGuPAlPwNvgJgE1GzjtSNGM/jPz83gcL4mIkJb1q6PpN27eun3QNe7cvXf/Qe/w4SfBUu7jqc8ixmceEjgiFE8lkRGeJRyj2Ivwmbd+s8ufbTAXhNGPMk/wIkYhJUviI6mki8POz7mHQ0ILVeQpLZbI2xobxEcwM/OxEbGqcgQ/pyiwzdI5lTu3HBs7MrqirHRJXSjul+5Fnz9/i3MVaDEIFeMIHPdvFSD3HWfD48ylQlTxAMxMrdyxWmUCUsGDLJ2nDnL3zyH7htHe3x/0HPGnR7n37cpk+uM7qzDx+29zK51uhq2jmQePdLnp9a2CVBtuBXQd9UNupev7ePGB+GmMq/QgJcW5biVwUiEviR3hrzFOBE+SvUYjPVUhRjMWiKH+7LXyqlAuGVcflbBU9zsKyQJGmcSiASpQLHYNV9Q/FzGhysdIrspA5LFnwpCjZEX8zKwOMaEk6y/N9rYiUm9JwpQ3r1FcKpbSm2LMON4NsDXUDu2rG2sHU2fwcmB/cPong3qZB+AxeAKeARu8ACfgHTgFU+BrjbTkObpG/2r/k3/XpVqnbrnEWiY/uM3yVgs9Q=</latexit><latexit sha1_base64="kPkwc1xN7+45lGzyKO1kene/4=">AD83icpZLNjtMwEMfdhI9t+OrCkYtFhYRWoUqylRBtgxbBgRNaJMpW2lYrJ3FTq4kdbKebEPVNOCGuPAlPwNvgJgE1GzjtSNGM/jPz83gcL4mIkJb1q6PpN27eun3QNe7cvXf/Qe/w4SfBUu7jqc8ixmceEjgiFE8lkRGeJRyj2Ivwmbd+s8ufbTAXhNGPMk/wIkYhJUviI6mki8POz7mHQ0ILVeQpLZbI2xobxEcwM/OxEbGqcgQ/pyiwzdI5lTu3HBs7MrqirHRJXSjul+5Fnz9/i3MVaDEIFeMIHPdvFSD3HWfD48ylQlTxAMxMrdyxWmUCUsGDLJ2nDnL3zyH7htHe3x/0HPGnR7n37cpk+uM7qzDx+29zK51uhq2jmQePdLnp9a2CVBtuBXQd9UNupev7ePGB+GmMq/QgJcW5biVwUiEviR3hrzFOBE+SvUYjPVUhRjMWiKH+7LXyqlAuGVcflbBU9zsKyQJGmcSiASpQLHYNV9Q/FzGhysdIrspA5LFnwpCjZEX8zKwOMaEk6y/N9rYiUm9JwpQ3r1FcKpbSm2LMON4NsDXUDu2rG2sHU2fwcmB/cPong3qZB+AxeAKeARu8ACfgHTgFU+BrjbTkObpG/2r/k3/XpVqnbrnEWiY/uM3yVgs9Q=</latexit>

✤ A system is Lyapunov stable with respect to the

equilibrium point 0 if for every ε > 0 there exists δ > 0 such that for every execution σ starting from Bδ(0) , σ(t) ∈ Bε(0), for all time t.

slide-4
SLIDE 4

Input & Stability property

var: x,y; location: quad1, quad2, quad3, quad4; loc: quad1; inv: x>=0 AND y>=0; dyn: dx==y AND dy==-4*x; guards: when y==0 goto quad4; loc: quad2; inv: x<=0 AND y>=0; dyn: dx==10*y AND dy==-x; guards: when x==0 goto quad1; loc: quad3; inv: x<=0 AND y<=0; dyn: dx==y AND dy==-4*x; guards: when y==0 goto quad2; loc: quad4; inv: x>=0 AND y<=0; dyn: dx==10*y AND dy==-x; guards: when x==0 goto quad3;

<latexit sha1_base64="kPkwc1xN7+45lGzyKO1kene/4=">AD83icpZLNjtMwEMfdhI9t+OrCkYtFhYRWoUqylRBtgxbBgRNaJMpW2lYrJ3FTq4kdbKebEPVNOCGuPAlPwNvgJgE1GzjtSNGM/jPz83gcL4mIkJb1q6PpN27eun3QNe7cvXf/Qe/w4SfBUu7jqc8ixmceEjgiFE8lkRGeJRyj2Ivwmbd+s8ufbTAXhNGPMk/wIkYhJUviI6mki8POz7mHQ0ILVeQpLZbI2xobxEcwM/OxEbGqcgQ/pyiwzdI5lTu3HBs7MrqirHRJXSjul+5Fnz9/i3MVaDEIFeMIHPdvFSD3HWfD48ylQlTxAMxMrdyxWmUCUsGDLJ2nDnL3zyH7htHe3x/0HPGnR7n37cpk+uM7qzDx+29zK51uhq2jmQePdLnp9a2CVBtuBXQd9UNupev7ePGB+GmMq/QgJcW5biVwUiEviR3hrzFOBE+SvUYjPVUhRjMWiKH+7LXyqlAuGVcflbBU9zsKyQJGmcSiASpQLHYNV9Q/FzGhysdIrspA5LFnwpCjZEX8zKwOMaEk6y/N9rYiUm9JwpQ3r1FcKpbSm2LMON4NsDXUDu2rG2sHU2fwcmB/cPong3qZB+AxeAKeARu8ACfgHTgFU+BrjbTkObpG/2r/k3/XpVqnbrnEWiY/uM3yVgs9Q=</latexit><latexit sha1_base64="kPkwc1xN7+45lGzyKO1kene/4=">AD83icpZLNjtMwEMfdhI9t+OrCkYtFhYRWoUqylRBtgxbBgRNaJMpW2lYrJ3FTq4kdbKebEPVNOCGuPAlPwNvgJgE1GzjtSNGM/jPz83gcL4mIkJb1q6PpN27eun3QNe7cvXf/Qe/w4SfBUu7jqc8ixmceEjgiFE8lkRGeJRyj2Ivwmbd+s8ufbTAXhNGPMk/wIkYhJUviI6mki8POz7mHQ0ILVeQpLZbI2xobxEcwM/OxEbGqcgQ/pyiwzdI5lTu3HBs7MrqirHRJXSjul+5Fnz9/i3MVaDEIFeMIHPdvFSD3HWfD48ylQlTxAMxMrdyxWmUCUsGDLJ2nDnL3zyH7htHe3x/0HPGnR7n37cpk+uM7qzDx+29zK51uhq2jmQePdLnp9a2CVBtuBXQd9UNupev7ePGB+GmMq/QgJcW5biVwUiEviR3hrzFOBE+SvUYjPVUhRjMWiKH+7LXyqlAuGVcflbBU9zsKyQJGmcSiASpQLHYNV9Q/FzGhysdIrspA5LFnwpCjZEX8zKwOMaEk6y/N9rYiUm9JwpQ3r1FcKpbSm2LMON4NsDXUDu2rG2sHU2fwcmB/cPong3qZB+AxeAKeARu8ACfgHTgFU+BrjbTkObpG/2r/k3/XpVqnbrnEWiY/uM3yVgs9Q=</latexit><latexit sha1_base64="kPkwc1xN7+45lGzyKO1kene/4=">AD83icpZLNjtMwEMfdhI9t+OrCkYtFhYRWoUqylRBtgxbBgRNaJMpW2lYrJ3FTq4kdbKebEPVNOCGuPAlPwNvgJgE1GzjtSNGM/jPz83gcL4mIkJb1q6PpN27eun3QNe7cvXf/Qe/w4SfBUu7jqc8ixmceEjgiFE8lkRGeJRyj2Ivwmbd+s8ufbTAXhNGPMk/wIkYhJUviI6mki8POz7mHQ0ILVeQpLZbI2xobxEcwM/OxEbGqcgQ/pyiwzdI5lTu3HBs7MrqirHRJXSjul+5Fnz9/i3MVaDEIFeMIHPdvFSD3HWfD48ylQlTxAMxMrdyxWmUCUsGDLJ2nDnL3zyH7htHe3x/0HPGnR7n37cpk+uM7qzDx+29zK51uhq2jmQePdLnp9a2CVBtuBXQd9UNupev7ePGB+GmMq/QgJcW5biVwUiEviR3hrzFOBE+SvUYjPVUhRjMWiKH+7LXyqlAuGVcflbBU9zsKyQJGmcSiASpQLHYNV9Q/FzGhysdIrspA5LFnwpCjZEX8zKwOMaEk6y/N9rYiUm9JwpQ3r1FcKpbSm2LMON4NsDXUDu2rG2sHU2fwcmB/cPong3qZB+AxeAKeARu8ACfgHTgFU+BrjbTkObpG/2r/k3/XpVqnbrnEWiY/uM3yVgs9Q=</latexit><latexit sha1_base64="kPkwc1xN7+45lGzyKO1kene/4=">AD83icpZLNjtMwEMfdhI9t+OrCkYtFhYRWoUqylRBtgxbBgRNaJMpW2lYrJ3FTq4kdbKebEPVNOCGuPAlPwNvgJgE1GzjtSNGM/jPz83gcL4mIkJb1q6PpN27eun3QNe7cvXf/Qe/w4SfBUu7jqc8ixmceEjgiFE8lkRGeJRyj2Ivwmbd+s8ufbTAXhNGPMk/wIkYhJUviI6mki8POz7mHQ0ILVeQpLZbI2xobxEcwM/OxEbGqcgQ/pyiwzdI5lTu3HBs7MrqirHRJXSjul+5Fnz9/i3MVaDEIFeMIHPdvFSD3HWfD48ylQlTxAMxMrdyxWmUCUsGDLJ2nDnL3zyH7htHe3x/0HPGnR7n37cpk+uM7qzDx+29zK51uhq2jmQePdLnp9a2CVBtuBXQd9UNupev7ePGB+GmMq/QgJcW5biVwUiEviR3hrzFOBE+SvUYjPVUhRjMWiKH+7LXyqlAuGVcflbBU9zsKyQJGmcSiASpQLHYNV9Q/FzGhysdIrspA5LFnwpCjZEX8zKwOMaEk6y/N9rYiUm9JwpQ3r1FcKpbSm2LMON4NsDXUDu2rG2sHU2fwcmB/cPong3qZB+AxeAKeARu8ACfgHTgFU+BrjbTkObpG/2r/k3/XpVqnbrnEWiY/uM3yVgs9Q=</latexit>

✤ A system is Lyapunov stable with respect to the

equilibrium point 0 if for every ε > 0 there exists δ > 0 such that for every execution σ starting from Bδ(0) , σ(t) ∈ Bε(0), for all time t. ✏

slide-5
SLIDE 5

Input & Stability property

var: x,y; location: quad1, quad2, quad3, quad4; loc: quad1; inv: x>=0 AND y>=0; dyn: dx==y AND dy==-4*x; guards: when y==0 goto quad4; loc: quad2; inv: x<=0 AND y>=0; dyn: dx==10*y AND dy==-x; guards: when x==0 goto quad1; loc: quad3; inv: x<=0 AND y<=0; dyn: dx==y AND dy==-4*x; guards: when y==0 goto quad2; loc: quad4; inv: x>=0 AND y<=0; dyn: dx==10*y AND dy==-x; guards: when x==0 goto quad3;

<latexit sha1_base64="kPkwc1xN7+45lGzyKO1kene/4=">AD83icpZLNjtMwEMfdhI9t+OrCkYtFhYRWoUqylRBtgxbBgRNaJMpW2lYrJ3FTq4kdbKebEPVNOCGuPAlPwNvgJgE1GzjtSNGM/jPz83gcL4mIkJb1q6PpN27eun3QNe7cvXf/Qe/w4SfBUu7jqc8ixmceEjgiFE8lkRGeJRyj2Ivwmbd+s8ufbTAXhNGPMk/wIkYhJUviI6mki8POz7mHQ0ILVeQpLZbI2xobxEcwM/OxEbGqcgQ/pyiwzdI5lTu3HBs7MrqirHRJXSjul+5Fnz9/i3MVaDEIFeMIHPdvFSD3HWfD48ylQlTxAMxMrdyxWmUCUsGDLJ2nDnL3zyH7htHe3x/0HPGnR7n37cpk+uM7qzDx+29zK51uhq2jmQePdLnp9a2CVBtuBXQd9UNupev7ePGB+GmMq/QgJcW5biVwUiEviR3hrzFOBE+SvUYjPVUhRjMWiKH+7LXyqlAuGVcflbBU9zsKyQJGmcSiASpQLHYNV9Q/FzGhysdIrspA5LFnwpCjZEX8zKwOMaEk6y/N9rYiUm9JwpQ3r1FcKpbSm2LMON4NsDXUDu2rG2sHU2fwcmB/cPong3qZB+AxeAKeARu8ACfgHTgFU+BrjbTkObpG/2r/k3/XpVqnbrnEWiY/uM3yVgs9Q=</latexit><latexit sha1_base64="kPkwc1xN7+45lGzyKO1kene/4=">AD83icpZLNjtMwEMfdhI9t+OrCkYtFhYRWoUqylRBtgxbBgRNaJMpW2lYrJ3FTq4kdbKebEPVNOCGuPAlPwNvgJgE1GzjtSNGM/jPz83gcL4mIkJb1q6PpN27eun3QNe7cvXf/Qe/w4SfBUu7jqc8ixmceEjgiFE8lkRGeJRyj2Ivwmbd+s8ufbTAXhNGPMk/wIkYhJUviI6mki8POz7mHQ0ILVeQpLZbI2xobxEcwM/OxEbGqcgQ/pyiwzdI5lTu3HBs7MrqirHRJXSjul+5Fnz9/i3MVaDEIFeMIHPdvFSD3HWfD48ylQlTxAMxMrdyxWmUCUsGDLJ2nDnL3zyH7htHe3x/0HPGnR7n37cpk+uM7qzDx+29zK51uhq2jmQePdLnp9a2CVBtuBXQd9UNupev7ePGB+GmMq/QgJcW5biVwUiEviR3hrzFOBE+SvUYjPVUhRjMWiKH+7LXyqlAuGVcflbBU9zsKyQJGmcSiASpQLHYNV9Q/FzGhysdIrspA5LFnwpCjZEX8zKwOMaEk6y/N9rYiUm9JwpQ3r1FcKpbSm2LMON4NsDXUDu2rG2sHU2fwcmB/cPong3qZB+AxeAKeARu8ACfgHTgFU+BrjbTkObpG/2r/k3/XpVqnbrnEWiY/uM3yVgs9Q=</latexit><latexit sha1_base64="kPkwc1xN7+45lGzyKO1kene/4=">AD83icpZLNjtMwEMfdhI9t+OrCkYtFhYRWoUqylRBtgxbBgRNaJMpW2lYrJ3FTq4kdbKebEPVNOCGuPAlPwNvgJgE1GzjtSNGM/jPz83gcL4mIkJb1q6PpN27eun3QNe7cvXf/Qe/w4SfBUu7jqc8ixmceEjgiFE8lkRGeJRyj2Ivwmbd+s8ufbTAXhNGPMk/wIkYhJUviI6mki8POz7mHQ0ILVeQpLZbI2xobxEcwM/OxEbGqcgQ/pyiwzdI5lTu3HBs7MrqirHRJXSjul+5Fnz9/i3MVaDEIFeMIHPdvFSD3HWfD48ylQlTxAMxMrdyxWmUCUsGDLJ2nDnL3zyH7htHe3x/0HPGnR7n37cpk+uM7qzDx+29zK51uhq2jmQePdLnp9a2CVBtuBXQd9UNupev7ePGB+GmMq/QgJcW5biVwUiEviR3hrzFOBE+SvUYjPVUhRjMWiKH+7LXyqlAuGVcflbBU9zsKyQJGmcSiASpQLHYNV9Q/FzGhysdIrspA5LFnwpCjZEX8zKwOMaEk6y/N9rYiUm9JwpQ3r1FcKpbSm2LMON4NsDXUDu2rG2sHU2fwcmB/cPong3qZB+AxeAKeARu8ACfgHTgFU+BrjbTkObpG/2r/k3/XpVqnbrnEWiY/uM3yVgs9Q=</latexit><latexit sha1_base64="kPkwc1xN7+45lGzyKO1kene/4=">AD83icpZLNjtMwEMfdhI9t+OrCkYtFhYRWoUqylRBtgxbBgRNaJMpW2lYrJ3FTq4kdbKebEPVNOCGuPAlPwNvgJgE1GzjtSNGM/jPz83gcL4mIkJb1q6PpN27eun3QNe7cvXf/Qe/w4SfBUu7jqc8ixmceEjgiFE8lkRGeJRyj2Ivwmbd+s8ufbTAXhNGPMk/wIkYhJUviI6mki8POz7mHQ0ILVeQpLZbI2xobxEcwM/OxEbGqcgQ/pyiwzdI5lTu3HBs7MrqirHRJXSjul+5Fnz9/i3MVaDEIFeMIHPdvFSD3HWfD48ylQlTxAMxMrdyxWmUCUsGDLJ2nDnL3zyH7htHe3x/0HPGnR7n37cpk+uM7qzDx+29zK51uhq2jmQePdLnp9a2CVBtuBXQd9UNupev7ePGB+GmMq/QgJcW5biVwUiEviR3hrzFOBE+SvUYjPVUhRjMWiKH+7LXyqlAuGVcflbBU9zsKyQJGmcSiASpQLHYNV9Q/FzGhysdIrspA5LFnwpCjZEX8zKwOMaEk6y/N9rYiUm9JwpQ3r1FcKpbSm2LMON4NsDXUDu2rG2sHU2fwcmB/cPong3qZB+AxeAKeARu8ACfgHTgFU+BrjbTkObpG/2r/k3/XpVqnbrnEWiY/uM3yVgs9Q=</latexit>

✤ A system is Lyapunov stable with respect to the

equilibrium point 0 if for every ε > 0 there exists δ > 0 such that for every execution σ starting from Bδ(0) , σ(t) ∈ Bε(0), for all time t. ✏

δ

slide-6
SLIDE 6

Input & Stability property

var: x,y; location: quad1, quad2, quad3, quad4; loc: quad1; inv: x>=0 AND y>=0; dyn: dx==y AND dy==-4*x; guards: when y==0 goto quad4; loc: quad2; inv: x<=0 AND y>=0; dyn: dx==10*y AND dy==-x; guards: when x==0 goto quad1; loc: quad3; inv: x<=0 AND y<=0; dyn: dx==y AND dy==-4*x; guards: when y==0 goto quad2; loc: quad4; inv: x>=0 AND y<=0; dyn: dx==10*y AND dy==-x; guards: when x==0 goto quad3;

<latexit sha1_base64="kPkwc1xN7+45lGzyKO1kene/4=">AD83icpZLNjtMwEMfdhI9t+OrCkYtFhYRWoUqylRBtgxbBgRNaJMpW2lYrJ3FTq4kdbKebEPVNOCGuPAlPwNvgJgE1GzjtSNGM/jPz83gcL4mIkJb1q6PpN27eun3QNe7cvXf/Qe/w4SfBUu7jqc8ixmceEjgiFE8lkRGeJRyj2Ivwmbd+s8ufbTAXhNGPMk/wIkYhJUviI6mki8POz7mHQ0ILVeQpLZbI2xobxEcwM/OxEbGqcgQ/pyiwzdI5lTu3HBs7MrqirHRJXSjul+5Fnz9/i3MVaDEIFeMIHPdvFSD3HWfD48ylQlTxAMxMrdyxWmUCUsGDLJ2nDnL3zyH7htHe3x/0HPGnR7n37cpk+uM7qzDx+29zK51uhq2jmQePdLnp9a2CVBtuBXQd9UNupev7ePGB+GmMq/QgJcW5biVwUiEviR3hrzFOBE+SvUYjPVUhRjMWiKH+7LXyqlAuGVcflbBU9zsKyQJGmcSiASpQLHYNV9Q/FzGhysdIrspA5LFnwpCjZEX8zKwOMaEk6y/N9rYiUm9JwpQ3r1FcKpbSm2LMON4NsDXUDu2rG2sHU2fwcmB/cPong3qZB+AxeAKeARu8ACfgHTgFU+BrjbTkObpG/2r/k3/XpVqnbrnEWiY/uM3yVgs9Q=</latexit><latexit sha1_base64="kPkwc1xN7+45lGzyKO1kene/4=">AD83icpZLNjtMwEMfdhI9t+OrCkYtFhYRWoUqylRBtgxbBgRNaJMpW2lYrJ3FTq4kdbKebEPVNOCGuPAlPwNvgJgE1GzjtSNGM/jPz83gcL4mIkJb1q6PpN27eun3QNe7cvXf/Qe/w4SfBUu7jqc8ixmceEjgiFE8lkRGeJRyj2Ivwmbd+s8ufbTAXhNGPMk/wIkYhJUviI6mki8POz7mHQ0ILVeQpLZbI2xobxEcwM/OxEbGqcgQ/pyiwzdI5lTu3HBs7MrqirHRJXSjul+5Fnz9/i3MVaDEIFeMIHPdvFSD3HWfD48ylQlTxAMxMrdyxWmUCUsGDLJ2nDnL3zyH7htHe3x/0HPGnR7n37cpk+uM7qzDx+29zK51uhq2jmQePdLnp9a2CVBtuBXQd9UNupev7ePGB+GmMq/QgJcW5biVwUiEviR3hrzFOBE+SvUYjPVUhRjMWiKH+7LXyqlAuGVcflbBU9zsKyQJGmcSiASpQLHYNV9Q/FzGhysdIrspA5LFnwpCjZEX8zKwOMaEk6y/N9rYiUm9JwpQ3r1FcKpbSm2LMON4NsDXUDu2rG2sHU2fwcmB/cPong3qZB+AxeAKeARu8ACfgHTgFU+BrjbTkObpG/2r/k3/XpVqnbrnEWiY/uM3yVgs9Q=</latexit><latexit sha1_base64="kPkwc1xN7+45lGzyKO1kene/4=">AD83icpZLNjtMwEMfdhI9t+OrCkYtFhYRWoUqylRBtgxbBgRNaJMpW2lYrJ3FTq4kdbKebEPVNOCGuPAlPwNvgJgE1GzjtSNGM/jPz83gcL4mIkJb1q6PpN27eun3QNe7cvXf/Qe/w4SfBUu7jqc8ixmceEjgiFE8lkRGeJRyj2Ivwmbd+s8ufbTAXhNGPMk/wIkYhJUviI6mki8POz7mHQ0ILVeQpLZbI2xobxEcwM/OxEbGqcgQ/pyiwzdI5lTu3HBs7MrqirHRJXSjul+5Fnz9/i3MVaDEIFeMIHPdvFSD3HWfD48ylQlTxAMxMrdyxWmUCUsGDLJ2nDnL3zyH7htHe3x/0HPGnR7n37cpk+uM7qzDx+29zK51uhq2jmQePdLnp9a2CVBtuBXQd9UNupev7ePGB+GmMq/QgJcW5biVwUiEviR3hrzFOBE+SvUYjPVUhRjMWiKH+7LXyqlAuGVcflbBU9zsKyQJGmcSiASpQLHYNV9Q/FzGhysdIrspA5LFnwpCjZEX8zKwOMaEk6y/N9rYiUm9JwpQ3r1FcKpbSm2LMON4NsDXUDu2rG2sHU2fwcmB/cPong3qZB+AxeAKeARu8ACfgHTgFU+BrjbTkObpG/2r/k3/XpVqnbrnEWiY/uM3yVgs9Q=</latexit><latexit sha1_base64="kPkwc1xN7+45lGzyKO1kene/4=">AD83icpZLNjtMwEMfdhI9t+OrCkYtFhYRWoUqylRBtgxbBgRNaJMpW2lYrJ3FTq4kdbKebEPVNOCGuPAlPwNvgJgE1GzjtSNGM/jPz83gcL4mIkJb1q6PpN27eun3QNe7cvXf/Qe/w4SfBUu7jqc8ixmceEjgiFE8lkRGeJRyj2Ivwmbd+s8ufbTAXhNGPMk/wIkYhJUviI6mki8POz7mHQ0ILVeQpLZbI2xobxEcwM/OxEbGqcgQ/pyiwzdI5lTu3HBs7MrqirHRJXSjul+5Fnz9/i3MVaDEIFeMIHPdvFSD3HWfD48ylQlTxAMxMrdyxWmUCUsGDLJ2nDnL3zyH7htHe3x/0HPGnR7n37cpk+uM7qzDx+29zK51uhq2jmQePdLnp9a2CVBtuBXQd9UNupev7ePGB+GmMq/QgJcW5biVwUiEviR3hrzFOBE+SvUYjPVUhRjMWiKH+7LXyqlAuGVcflbBU9zsKyQJGmcSiASpQLHYNV9Q/FzGhysdIrspA5LFnwpCjZEX8zKwOMaEk6y/N9rYiUm9JwpQ3r1FcKpbSm2LMON4NsDXUDu2rG2sHU2fwcmB/cPong3qZB+AxeAKeARu8ACfgHTgFU+BrjbTkObpG/2r/k3/XpVqnbrnEWiY/uM3yVgs9Q=</latexit>

✤ A system is Lyapunov stable with respect to the

equilibrium point 0 if for every ε > 0 there exists δ > 0 such that for every execution σ starting from Bδ(0) , σ(t) ∈ Bε(0), for all time t. ✏

δ

σ

slide-7
SLIDE 7

Stability verification

State-of-the-art: Lyapunov’s second method

✤ Constructs an abstract weighted graph from the hybrid system and a state

space partition

✤ Systematically iterates over the abstract systems ✤ Returns a counterexample in the case that the abstraction fails ✤ The counterexample can be used to guide the choice of the next abstraction

CEGAR approach Template based search

✤ Choose a template ✤ Encode Lyapunov function conditions as constraints ✤ Solve using sum-of-squares programming tools

slide-8
SLIDE 8

AVERIST diagram

LHS PHS Abstract counterexample

HYBRIDIZATION ABSTRACTION MODEL-CHECKING VALIDATION REFINEMENT

AVERIST

Weighted Graph Stable Abstract counterexample

PPL GLPK NetworkX Z3

Unstable Abstract counterexample Predicates

slide-9
SLIDE 9

Hybridization

Linear hybrid system Polyhedral hybrid system ˙ x = Ax x1 x2 x1 x2

slide-10
SLIDE 10

Hybridization

R

x1 6 0 x2 > 0

Linear hybrid system Polyhedral hybrid system ˙ x = Ax x1 x2 x1 x2

slide-11
SLIDE 11

Hybridization

R

x1 6 0 x2 > 0

Linear hybrid system Polyhedral hybrid system ˙ x = Ax x1 x2 x1 x2 P = {Ax : x ∈ R}

slide-12
SLIDE 12

Hybridization

˙ x ∈ P R

x1 6 0 x2 > 0

Linear hybrid system Polyhedral hybrid system ˙ x = Ax x1 x2 x1 x2 P = {Ax : x ∈ R} P is defined as a convex polyhedron using PPL.

slide-13
SLIDE 13

Hybridization

˙ x ∈ P R

x1 6 0 x2 > 0

Linear hybrid system Polyhedral hybrid system ˙ x = Ax x1 x2 x1 x2 P = {Ax : x ∈ R} If the hybridized polyhedral hybrid system is Lyapunov stable then the original linear hybrid system is Lyapunov stable. Theorem - Hybridization P is defined as a convex polyhedron using PPL.

slide-14
SLIDE 14

Quantitative Predicate Abstraction

f1 f2 f3 f4 u1 u2 u3 u4

Facets F = {f1, f2, f3, f4} Concrete system

slide-15
SLIDE 15

Quantitative Predicate Abstraction

f1 f2 f3 f4 u1 u2 u3 u4

Facets F = {f1, f2, f3, f4} Concrete system

slide-16
SLIDE 16

Quantitative Predicate Abstraction

= ⇒

f1 f2 f3 f4 f1 f2 f3 f4 u1 u2 u3 u4

Facets F = {f1, f2, f3, f4} Concrete system Abstract system

slide-17
SLIDE 17

Quantitative Predicate Abstraction

= ⇒

f1 f2 f3 f4 f1 f2 f3 f4 u1 u2 u3 u4

Facets F = {f1, f2, f3, f4} Concrete system Abstract system

slide-18
SLIDE 18

Quantitative Predicate Abstraction

= ⇒

f1 f2 f3 f4 f1 f2 f3 f4 u1 u2 u3 u4

Facets F = {f1, f2, f3, f4} Concrete system Abstract system

An edge between facets indicates the existence of an execution.

slide-19
SLIDE 19

Quantitative Predicate Abstraction

= ⇒

f1 f2 f3 f4 f1 f2 f3 f4 u1 u2 u3 u4

Facets F = {f1, f2, f3, f4} Concrete system Abstract system

An edge between facets indicates the existence of an execution.

slide-20
SLIDE 20

Quantitative Predicate Abstraction

= ⇒

f1 f2 f3 f4 f1 f2 f3 f4 u1 u2 u3 u4

Facets F = {f1, f2, f3, f4} Concrete system Abstract system

An edge between facets indicates the existence of an execution. 1

2 2

Weights capture information about distance to the equilibrium point along the executions.

slide-21
SLIDE 21

Quantitative Predicate Abstraction

= ⇒

f1 f2 f3 f4 f1 f2 f3 f4 u1 u2 u3 u4

Facets F = {f1, f2, f3, f4} Concrete system Abstract system

An edge between facets indicates the existence of an execution.

2 3 −1 1 3

Weights capture information about distance to the equilibrium point along the executions.

1 3 1

slide-22
SLIDE 22

Quantitative Predicate Abstraction

= ⇒

f1 f2 f3 f4

1 3 1 3 1

f1 f2 f3 f4 u1 u2 u3 u4

Facets F = {f1, f2, f3, f4} Concrete system

π

Abstract system

An edge between facets indicates the existence of an execution. Weights capture information about distance to the equilibrium point along the executions.

2

W(π) = 2 · 1 3 · 1 3 · 1 = 2 9 < 1

slide-23
SLIDE 23

Model-checking

A polyhedral hybrid system is Lyapunov stable if

✤ the abstract weighted graph has no edges with infinite weights, and ✤ no cycles with product of edge weights greater than 1

Theorem - Model-checking Every cycle has weight smaller than 1 => Hybrid system is stable => Stop There is a cycle, !, with weight greater than 1 => ! is an abstract counterexample => Validation

1

1 1 2 2 3

1 1

2

Abstract system

1 1

1 2

2 1

2 1

Abstract system

π

slide-24
SLIDE 24

Model-checking

A polyhedral hybrid system is Lyapunov stable if

✤ the abstract weighted graph has no edges with infinite weights, and ✤ no cycles with product of edge weights greater than 1

Theorem - Model-checking Every cycle has weight smaller than 1 => Hybrid system is stable => Stop There is a cycle, !, with weight greater than 1 => ! is an abstract counterexample => Validation

1

1 1 2 2 3

1 1

2

Abstract system

1 1

1 2

2 1

2 1

Abstract system

π Adaptation of Bellman-Ford algorithm included in NetworkX package.

slide-25
SLIDE 25

Validation

✤ Abstract counterexample $ = f1 ⟶ f2 ⟶ f3 ⟶ … ⟶ f1 ✤ Validation checks if $ is valid, that is, corresponds to an infinite execution in

the hybrid system which follows the edges and weights of $ and diverges Theorem - Validation A counterexample f1 ⟶ f2 ⟶ f3 ⟶ … ⟶ f1 is valid ⟺ ∃ α > 1, ∃ x1 ∈ f1, …, xk ∈ fk, xk+1 ∈ f1 x1 ⟶ x2 ⟶ x3 ⟶ … ⟶ xk ⟶ xk+1, xk+1 = αx1

slide-26
SLIDE 26

Validation

✤ Abstract counterexample $ = f1 ⟶ f2 ⟶ f3 ⟶ … ⟶ f1 ✤ Validation checks if $ is valid, that is, corresponds to an infinite execution in

the hybrid system which follows the edges and weights of $ and diverges Encoded as an SMT formula and solved with Z3. Theorem - Validation A counterexample f1 ⟶ f2 ⟶ f3 ⟶ … ⟶ f1 is valid ⟺ ∃ α > 1, ∃ x1 ∈ f1, …, xk ∈ fk, xk+1 ∈ f1 x1 ⟶ x2 ⟶ x3 ⟶ … ⟶ xk ⟶ xk+1, xk+1 = αx1

slide-27
SLIDE 27

Refinement

f3

x + z = 0 x = 0 x − z = 0 y + 2z = 0 y + z = 0 y = 0 y − z = 0 A B C D E F

f2 f1

Spurious counterexample

slide-28
SLIDE 28

Refinement

f3

x + z = 0 x = 0 x − z = 0 y + 2z = 0 y + z = 0 y = 0 y − z = 0 A B C D E F

f2 f1

C E

f1 f2 f3

Spurious counterexample

slide-29
SLIDE 29

Refinement

f3

x + z = 0 x = 0 x − z = 0 y + 2z = 0 y + z = 0 y = 0 y − z = 0 A B C D E F

f2 f1

C E

f1 f2 f3

Spurious counterexample post(f1)

slide-30
SLIDE 30

Refinement

f3

x + z = 0 x = 0 x − z = 0 y + 2z = 0 y + z = 0 y = 0 y − z = 0 A B C D E F

f2 f1

C E

f1 f2 f3

Spurious counterexample post(f1)

slide-31
SLIDE 31

Refinement

f3

x + z = 0 x = 0 x − z = 0 y + 2z = 0 y + z = 0 y = 0 y − z = 0 A B C D E F

f2 f1

C E

f1 f2 f3

Spurious counterexample post(f1) pre(f3)

slide-32
SLIDE 32

Refinement

f3

x + z = 0 x = 0 x − z = 0 y + 2z = 0 y + z = 0 y = 0 y − z = 0 A B C D E F

f2 f1

C E

f1 f2 f3

Spurious counterexample post(f1) pre(f3) 3x + 2z = 0 Separation predicate

slide-33
SLIDE 33

Refinement

f3

x + z = 0 x = 0 x − z = 0 y + 2z = 0 y + z = 0 y = 0 y − z = 0 A B C D E F

f2 f1

C E

f1 f2 f3

Spurious counterexample post(f1) pre(f3) 3x + 2z = 0 Separation predicate

Post and pre-rechability computations by means of Parma Polyhedral Library (PPL). Separation predicate candidates are the linear constraints of the polyhedra to be separated.

slide-34
SLIDE 34

Running AVERIST

slide-35
SLIDE 35

AVERIST details

✤ Implemented in Python ✤ Parma Polyhedra Library (PPL) to manipulate polyhedral sets ✤ GLPK solver to compute the weights ✤ NetworkX Python package to define and analyse graphs ✤ Run through the mathematical software system sage

http://software.imdea.org/projects/averist/index.html

slide-36
SLIDE 36

Experimental Comparison

AVERIST STABHYLI Dimension/ name Regions Runtime Proved Stability Degree LF found Runtime 2D AS1 129 31 Yes 6 Yes 8 SS4 1 9 <1 Yes 8 − 452 SS8 1 17 <1 Yes 6 − 443 SS16 1 33 1 Yes 4 − 177 3D AS 4 147 194 Yes 6 − 410 SS4 4 771 484 Yes 2 Yes 75 SS8 4 771 470 Yes 2 Yes 15 SS16 4 771 568 Yes 2 Yes 138 4D AS 7 81 625 Yes 2 − 12 SS4 7 81 119 Yes 2 − 101 SS8 7 153 234 Yes 2 − 1071 SS16 7 297 533 Yes 2 − 339 AS 9 −

  • ut

No 4 Yes 34 SS4 9 81 125 Yes 4 − 105 SS8 9 153 247 Yes 2 − 16 ✤ Averist proves stability in many more

cases than Stabhyli

✤ Stabhyli can handle nonlinear systems ✤ Averist is more robust to numerical issues ✤ Underlying algorithms are highly

parallelizable

slide-37
SLIDE 37

Conclusion

✤ Averist implements an algorithmic approach for stability verification of linear

and polyhedral hybrid systems

✤ Alternate approach to template based search ✤ Can sometimes conclude instability and return counterexamples ✤ Fully automated and parallelizable ✤ Future work: ✤ Develop heuristics for scalability ✤ Extend to nonlinear system

slide-38
SLIDE 38

LHS PHS Abstract counterexample

HYBRIDIZATION ABSTRACTION MODEL-CHECKING VALIDATION REFINEMENT

AVERIST

Weighted Graph Stable Abstract counterexample

PPL GLPK NetworkX Z3

Unstable Abstract counterexample

Questions?

http://software.imdea.org/projects/averist/index.html