statistical model checking , refinement checking , optimization , .. for stochastic hybrid...
DESCRIPTION
Statistical Model Checking , Refinement Checking , Optimization , .. for Stochastic Hybrid Systems. Kim G. Larsen Peter Bulychev , Alexandre David , Dehui Du, Axel Legay , Guangyuan Li, Marius Mikucionis , Danny B. Poulsen , Amalie Stainer , Zheng Wang. - PowerPoint PPT PresentationTRANSCRIPT
Kim G. Larsen Peter Bulychev, Alexandre David,
Dehui Du, Axel Legay, Guangyuan Li, Marius Mikucionis, Danny B. Poulsen,
Amalie Stainer, Zheng Wang
Statistical Model Checking, Refinement Checking,
Optimization, .. for Stochastic Hybrid Systems
FORMATS, Sep 2012
IDEA4CPS Foundations for CPS
Kim Larsen [2]
I
D
E
A
Inst. of Software Chinese Academy of Sciences, Beijing, China
Technical University of Denmark,Lyngby, Denmark
East China Normal University, Shanghai, China
Aalborg University, Denmark
FORMATS, Sep 2012
Cyber-Physical Systems
Complex systems that tightly integrate multiple, networked computing elements (hardware and software) with non-computing physical elements such as electrical or mechanical components.
Kim Larsen [3]
Smart XHybrid Systems
FORMATS, Sep 2012
Trustworthiness (TCPS) .. by which we
mean CPS on which reliance can justifiably be placed.
(wiki) .. of a component is .. defined by how well it secures a set of functional and non-functional properties, deriving from its architecture, construction, and environment, and evaluated as appropriate.Kim Larsen [4]
Probabilities
Confidence
Current State
FORMATS, Sep 2012 Kim Larsen [5]
StochasticHybrid Systems
ProbabilisticTemporal Logic
Statistical Model Checking
FORMATS, Sep 2012
Overview
Stochastic Hybrid Systems Weighted Metric Interval Temporal Logic UPPAAL SMC (Demo)
Energy Aware Buildings SMC and Refinement Checking SMC and Optimization
Conclusion
Kim Larsen [6]
FORMATS, Sep 2012
Stochastic Hybrid Systems
A Bouncing Ball
Kim Larsen [7/52]
Simulate 5 [<=20] {p}
Pr[<=20](<>(time >=12 && p >= 4))
FORMATS, Sep 2012
Hybrid AutomataH=(L, l0,§, X,E,F,Inv)where
L set of locations l0 initial location §=§i [ §o set of actions X set of continuous variables
valuation º: X!R (=RX)
E set of edges (l,g,a,Á,l’) with gµRX and
ÁµRX£RX and a2§ For each l a
delay function F(l): R>0£RX ! RX
For each l an invariant Inv(l)µRX
Kim Larsen [8]
FORMATS, Sep 2012
Hybrid Automata
Kim Larsen [9]
Semantics States
(l,º) where º2RX
Transitions (l,º) !d (l,º’) where º’=F(l)(d)(º) provided º’2 Inv(l)
(l,º) !a (l’,º’) if there exists (l,g,a,Á,l’)2E with º2g and (º,º’)2Á and º’2 Inv(l’)
(p= 10;v = 0) d! (p= 10¡ 9:81=2d2;v = ¡ 9:81d)bounce!! (p= 0;v = 14:02¢0:83) at d = 1:43
d! (p= 6:92;v = 0) at d = 1:18d! (p= 0;v = 11:51) at d = 1:18
bounce!! : : :
FORMATS, Sep 2012
Stochastic Hybrid Automata
Kim Larsen [10]
* Dirac’s delta functions for deterministic delays / next state
P [hit!] =Z t=1:43
t=0(2:5e¡ 2:5t)dt
= [¡ e¡ 2:5t]1:430 = 0:97
(p= 10;v = 0) d! (p= 10¡ 9:81=2d2;v = ¡ 9:81d)bounce!! (p= 0;v = 14:02¢0:83) at d = 1:43
Stochastic SemanticsFor each state s=(l,º)
Delay density function* ¹s: R>0! R
Output Probability Function°s: §o! [0,1]
Next-state density function*
´a s: St! R where a2§.
FORMATS, Sep 2012
Stochastic Hybrid Automata
Kim Larsen [11]
* Dirac’s delta functions for deterministic delays / next state
P [hit!] =Z t=1:43
t=0(2:5e¡ 2:5t)dt
= [¡ e¡ 2:5t]1:430 = 0:97
(p= 10;v = 0) d! (p= 10¡ 9:81=2d2;v = ¡ 9:81d)bounce!! (p= 0;v = 14:02¢0:83) at d = 1:43
Stochastic SemanticsFor each state s=(l,º)
Delay density function* ¹s: R>0! R
Output Probability Function°s: §o! [0,1]
Next-state density function*
´a s: St! R where a2§.
UPPAALUniform distributions (bounded delay)Exponential distributions (unbounded delay)Syntax for discrete probabilistic choiceDistribution on next state by use of randomHybrid flow by use of ODEs
NetworksRepeated races between components for outputting
FORMATS, Sep 2012
Pr[c<=C](<> T.T3) ?
Stochastic Semantics NTAs
Composition = Race between componentsfor outputting
Kim Larsen [12]
Pr[time<=2](<> T.T3) ?Pr[time<=T](<> T.T3) ?
FORMATS, Sep 2012
Stochastic Semantics of NHAsAssumptions: Component SHAs are:
• Input enabled• Deterministic• Disjoint set of output actions
¼ ( s , a1 a2 …. an ) : the set of maximal runs from s with a prefix
t1 a1 t2 a2 … tn ak for some t1,…,tn 2 R.
Kim Larsen [13]
FORMATS, Sep 2012
Metric Interval Temporal Logic MITL≤ syntax:
ϕ ::=σ | ¬ϕ | ϕ1 ∧ ϕ2 | Oϕ | ϕ1 U≤d ϕ2
where d ∈ ℕ is a natural number. MITL≤ semantics [ r=(a1,t1)(a2,t2)(a3,t3) … ]:
r ⊨σ if a1= σ r ⊨¬ϕ if r ⊭ ϕ r ⊨ ϕ1 ∧ ϕ2 if r ⊨ ϕ1 and r ⊨ ϕ2
r ⊨Oϕ if (a2,t2)(a3,t3)… ⊨ ϕ r ⊨ϕ1 U≤d ϕ2 if 9 i. (ai,ti)(ai+1,ti+1)… ⊨ ϕ2
with t1 +t2 +…+ti ≤d and (aj,tj)(aj+1,tj+1)… ⊨ ϕ1
for j<i
Kim Larsen [14]
FORMATS, Sep 2012
Logical Properties– WMITL
Kim Larsen [15]
MODEL M
Á =
PrM(Á) = ??
FORMATS, Sep 2012
Statistical Model Checking
Kim Larsen [16]
M
Á
µ, ²
Generator
Validator
Core Algorithm
Inco
nclu
sive
PrM(Á) 2 [a-²,a+²] with confidence µ
p,®
PrM(Á) ¸ pat significance level ®
}<T p
[FORMATS11,RV12]
FORMATS, Sep 2012
Logical Properties– WMITL
Kim Larsen [17]
95% confidence interval: [0.215,0.225]
MODEL M OBSERVER(det)
Á =
FORMATS, Sep 2012
Statistical Model Checking [LPAR2012]
Kim Larsen [18]
M
Á
µ, ²
Generator
Validator
Core Algorithm
Inco
nclu
sive
PrM(Á) 2 [a-²,a+²] with confidence µ
p,®
PrM(Á) ¸ pat significance level ®
CASAAL
OÁUÁ AÁ
} acc
M | OÁ
M | UÁ
FORMATS, Sep 2012
Experiments
Kim Larsen [19]
How exact is the O/U?1000 random formulas
2, 3, 4 actions15 connectives
New exact method for full MITL[a,b]
using rewriting [RV12]
Energy Aware Buildings
Fehnker, Ivancic. Benchmarks for Hybrid Systems Verification. HSCC04
With Alexandre David,Dehui Du
Marius MikucionisArne Skou
FORMATS, Sep 2012
Stochastic Hybrid Systems
Kim Larsen [21]
on/off
on/off
Room 1
Room 2Heater
simulate 1 [<=100]{Temp(0).T, Temp(1).T}
simulate 10 [<=100]{Temp(0).T, Temp(1).T}
Pr[<=100](<> Temp(0).T >= 10)
Pr[<=100](<> Temp(1).T<=5 and time>30) >= 0.2
FORMATS, Sep 2012
Framework
DesignSpace
Exploration
Kim Larsen [22]
FORMATS, Sep 2012
Rooms & Heaters – MODELS
Kim Larsen [23]
FORMATS, Sep 2012
Control Strategies – MODELS Temperature Threshold
Strategies
Kim Larsen [24]
FORMATS, Sep 2012
Weather & User Profile – MODELS
Kim Larsen [25]
FORMATS, Sep 2012
Results – Simulations
simulate 1 [<=2*day] { T[1], T[2], T[3], T[4], T[5] }
simulate 1 [<=2*day] { Heater(1).r, Heater(2).r, Heater(3).r }
Kim Larsen [26]
FORMATS, Sep 2012
Results – Discomfort
Pr[<=2*day](<> time>0 && Monitor.Discomfort)
Kim Larsen [27]
FORMATS, Sep 2012
Results – Comfort
Pr[comfort<=2*day] (<> time>=2*day)
Kim Larsen [28]
FORMATS, Sep 2012
Results – Energy
Pr[Monitor.energy<=1000000](<> time>=2*day)
Kim Larsen [29]
FORMATS, Sep 2012
Result – User Profile
Pr[Monitor.energy<=1000000](<> time>=2*day)
Kim Larsen [30]
Refinement
FORMATS, Sep 2012 Kim Larsen [31]
FORMATS, Sep 2012
const int Tenv=7;const int k=2;const int H=20;const int TB[4]= {12, 18, 25, 28};
Controller Synthesis
Kim Larsen [32]
on/off
??const int Tenv=7;const int k=2;const int H=20;const int TB[4]= {12, 18, 25, 28};
low
normal
high
critical high
critical low
12
18
2528
Room
Room Heater
FORMATS, Sep 2012
Unfolding
Kim Larsen [33]
low
normal
high
critical high
critical low
12
18
2528
FORMATS, Sep 2012
Timing
Kim Larsen [34]
low
normal
high
critical high
critical low
12
18
2528
FORMATS, Sep 2012
TA Abstraction
Kim Larsen [35]
const int uL[3]={3,5,2};const int uU[3]={4,6,3};const int dL[3]={3,9,15};const int dU[3]={4,10,16}
FORMATS, Sep 2012
Validation by Simulation
Kim Larsen [36]
FORMATS, Sep 2012
Validation by Simulation
Kim Larsen [37]
const int uL[3]={3,8,2};const int uU[3]={4,9,3};const int dL[3]={3,9,15};const int dU[3]={4,10,16}
Optimization
FORMATS, Sep 2012 Kim Larsen [38]
WATA, Dresden, May 30, 2012
Time Bounded L-problem [Qest12]
Kim Larsen [39]
simulate 1 [time<=5] {C, x, y} Problem:Determine schedule that maximizestime until out of energy
WATA, Dresden, May 30, 2012
Time Bounded L-problem [Qest12]
Kim Larsen [40]
Pr[time<=30] (<> C<0 )
WATA, Dresden, May 30, 2012
TEST
Time Bounded L-problem [Qest12]
Kim Larsen [41]
simulate 10000 [time<=10] {C,x,y}: 1 : time>=7 && Test.GOOD
Pr [time<=10] (<> time>=7 && Test.GOOD
Can we do better?
FORMATS, Sep 2012
RESTART Method
Kim Larsen [42]
FORMATS, Sep 2012
Meta Modeling
Kim Larsen [43]
RESTART Approach
FORMATS, Sep 2012
Meta Modeling
Kim Larsen [44]
Direct Approach
FORMATS, Sep 2012
Meta Analysis
Kim Larsen [45]
Direct ApproachRE
STAR
T Ap
proa
ch
FORMATS, Sep 2012
Meta Analysis
Kim Larsen [46]
FORMATS, Sep 2012
Meta Analysis
Kim Larsen [47]
FORMATS, Sep 2012
Other Case Studies
FIREWIRE BLUETOOTH 10 node LMAC
ROBOT
Kim Larsen [48]
Energy AwareBuildings
Genetic Oscilator(HBS)
SchedulabilityAnalysis forMix Cr Sys
PassengerSeating in
Aircraft
FORMATS, Sep 2012
Contribution & More Natural stochastic semantics of networks of
stochastic hybrid systems. Efficient implementation of SMC
algorithms: Estimation of Sequential testing ¸ p Sequential probability comparison ¸ Parameterized comparison
Distributed Implementation of SMC !Kim Larsen [49]
FORMATS, Sep 2012
Thank You !
Kim Larsen [50]