1. No category

Statistical Model Checking, Refinement Checking, Optimization

Statistical Model Checking,
Refinement Checking, Optimization, ..
for
Stochastic Hybrid Systems
Kim G. Larsen
Peter Bulychev, Alexandre David,
Dehui Du, Axel Legay, Guangyuan Li,
Marius Mikucionis, Danny B. Poulsen,
Amalie Stainer, Zheng Wang
4
IDEA CPS Foundations for CPS
I
Inst. of Software Chinese Academy of Sciences,
Beijing, China
D
Technical University of Denmark,
Lyngby, Denmark
E
East China Normal University,
Shanghai, China
A
Aalborg University,
Denmark
FORMATS, Sep 2012
Kim Larsen [2]
Cyber-Physical Systems
 Complex systems
that tightly integrate
multiple, networked
computing elements
(hardware and
Smart X
Hybrid
Systems
software) with noncomputing physical
elements such as
electrical or
mechanical
components.
FORMATS, Sep 2012
Kim Larsen [3]
Trustworthiness
 (TCPS) .. by which we mean
CPS on which reliance can
justifiably be placed.
 (wiki) .. of a component isProbabilities
..
defined by how well it
secures a set of functional
and non-functional
Confidence
properties, deriving from its
architecture, construction,
and environment, and
evaluated as appropriate.
FORMATS, Sep 2012
Kim Larsen [4]
Current State
Stochastic
Hybrid Systems
Probabilistic
Temporal Logic
Statistical Model Checking
FORMATS, Sep 2012
Kim Larsen [5]
Overview
 Stochastic Hybrid Systems
 Weighted Metric Interval Temporal Logic
 UPPAAL SMC (Demo)
 Energy Aware Buildings
 SMC and Refinement Checking
 SMC and Optimization
 Conclusion
FORMATS, Sep 2012
Kim Larsen [6]
Stochastic Hybrid Systems
 A Bouncing Ball
Simulate 5 [<=20] {p}
Pr[<=20](<>(time >=12 && p >= 4))
FORMATS, Sep 2012
Kim Larsen [7/52]
Hybrid Automata
H=(L, l0,§, X,E,F,Inv)
where
 L set of locations
 l0 initial location
 §=§i [ §o set of actions
 X set of continuous
variables
valuation º: X!R
(=RX)
 E set of edges (l,g,a,Á,l’)
with gµRX and
X
ÁµRX£R and a2§
 For each l a
delay function
F(l): R>0£RX ! RX
 For each l an invariant
Inv(l)µRX
FORMATS, Sep 2012
Kim Larsen [8]
Hybrid Automata
Semantics
d
(p = 10; v = 0) ! (p = 10 ¡ 9:81=2d2 ; v = ¡ 9:81d)
bounce!
!
(p = 0; v = 14:02 ¢0:83) at d = 1:43
!
d
(p = 6:92; v = 0) at d = 1:18
d
!
(p = 0; v = 11:51) at d = 1:18
bounce!
!
:::
FORMATS, Sep 2012
 States
(l,º) where º2RX
 Transitions
(l,º) !d (l,º’) where
º’=F(l)(d)(º)
provided º’2 Inv(l)
(l,º) !a (l’,º’) if
there exists (l,g,a,Á,l’)2E
with º2g and
(º,º’)2Á and
º’2 Inv(l’)
Kim Larsen [9]
Stochastic Hybrid Automata
Stochastic Semantics
For each state s=(l,º)
Delay density function*
¹s: R>0! R
d
2
(p = 10; v = 0) ! (p = 10 ¡ 9:81=2d ; v = ¡ 9:81d)
bounce!
!
(p = 0; v = 14:02 ¢0:83) at d = 1:43
Z
Next-state density function*
´a s: St! R
where a2§.
t = 1:43
(2:5e¡
P [hit !] =
=
[¡
Output Probability Function
°s: §o! [0,1]
t= 0
e¡ 2:5t ]1:43
0
FORMATS, Sep 2012
2:5t
)dt
* Dirac’s delta functions for
deterministic delays / next state
= 0:97
Kim Larsen [10]
Stochastic Hybrid Automata
Stochastic Semantics
For each state s=(l,º)
UPPAAL
Delay density function*
Uniform distributions (bounded delay)
¹s: R>0! R
Exponential distributions (unbounded
delay)
Syntax
for discrete
probabilistic
choice
Output
Probability Function
d
2
(p = 10; v = 0) ! (p = 10 ¡ 9:81=2d ; v = ¡ 9:81d)
§o! [0,1]
Distribution on next state by use of°s:random
bounce!
! Hybrid
(p = 0; vflow
= 14:02by
¢0:83)
at dof
= 1:43
use
ODEs
Next-state density function*
´a s: St! R
where a2§.
Networks
Repeated
Z t = 1:43 races between components for outputting
(2:5e¡
P [hit !] =
=
[¡
t= 0
e¡ 2:5t ]1:43
0
FORMATS, Sep 2012
2:5t
)dt
* Dirac’s delta functions for
deterministic delays / next state
= 0:97
Kim Larsen [11]
Stochastic Semantics NTAs
Pr[time<=2](<> T.T3) ?
Pr[time<=T](<>
Pr[c<=C](<> T.T3) ?
Composition = Race between components
for outputting
FORMATS, Sep 2012
Kim Larsen [12]
Stochastic Semantics of NHAs
Assumptions:
Component SHAs are:
• Input enabled
• Deterministic
• Disjoint set of output actions
¼ ( s , a1 a2 …. an ) :
the set of maximal runs from s with a prefix
t1 a1 t2 a2 … tn ak
for some t1,…,tn 2 R.
FORMATS, Sep 2012
Kim Larsen [13]
Metric Interval Temporal Logic
 MITL≤ syntax:
ϕ ::=σ | ¬ϕ | ϕ1 ∧ ϕ2 | Oϕ | ϕ1 U≤d ϕ2
where d ∈ ℕ is a natural number.
 MITL≤ semantics [ r=(a1,t1)(a2,t2)(a3,t3) … ]:





r
r
r
r
r
⊨σ
⊨¬ϕ
⊨ ϕ1 ∧ ϕ2
⊨Oϕ
⊨ϕ1 U≤d ϕ2
FORMATS, Sep 2012
if
if
if
if
if
a1= σ
r⊭ϕ
r ⊨ ϕ1 and r ⊨ ϕ2
(a2,t2)(a3,t3)… ⊨ ϕ
9 i. (ai,ti)(ai+1,ti+1)… ⊨ ϕ2
with t1 +t2 +…+ti ≤d
and (aj,tj)(aj+1,tj+1)… ⊨ ϕ1 for j<i
Kim Larsen [14]
Logical Properties– WMITL
Á=
MODEL M
PrM(Á) = ??
FORMATS, Sep 2012
Kim Larsen [15]
Statistical Model Checking
M
Generator
Á
Inconclusive
}<T p
Validator
µ, ²
p,®
Core Algorithm
PrM(Á) ¸ p
at significance level ®
FORMATS, Sep 2012
[FORMATS11,
RV12]
PrM(Á) 2 [a-²,a+²]
with confidence µ
Kim Larsen [16]
Logical Properties– WMITL
Á=
OBSERVER
(det)
MODEL M
95% confidence interval: [0.215,0.225]
FORMATS, Sep 2012
Kim Larsen [17]
Statistical Model Checking
M | OÁ
M
Á
Generator
M | UÁ
UÁ
CASAAL
AÁ
} acc
Validator
µ, ²
p,®
Core Algorithm
PrM(Á) ¸ p
at significance level ®
FORMATS, Sep 2012
Inconclusive
OÁ
[LPAR2012]
PrM(Á) 2 [a-²,a+²]
with confidence µ
Kim Larsen [18]
Experiments
How exact is the O/U?
1000 random formulas
2, 3, 4 actions
15 connectives
FORMATS, Sep 2012
Kim Larsen [19]
Energy Aware
Buildings
With Alexandre David,
Dehui Du
Marius Mikucionis
Arne Skou
Fehnker, Ivancic.
Benchmarks for Hybrid Systems Verification.
HSCC04
Stochastic Hybrid Systems
1
simulate 1Room
[<=100]{Temp(0).T,
Temp(1).T}
simulate 10 [<=100]{Temp(0).T, Temp(1).T}
Pr[<=100](<> Temp(1).T<=5 and time>30) >= 0.2
on/off
Pr[<=100](<>
>=on/off
10)
Room Temp(0).T
2
FORMATS, Sep 2012
Kim Larsen [21]
Heater
Framework
Design
Space
Exploration
FORMATS, Sep 2012
Kim Larsen [22]
Rooms & Heaters – MODELS
FORMATS, Sep 2012
Kim Larsen [23]
Control Strategies – MODELS
Temperature Threshold
Strategies
FORMATS, Sep 2012
Kim Larsen [24]
Weather & User Profile – MODELS
FORMATS, Sep 2012
Kim Larsen [25]
Results – Simulations
simulate 1 [<=2*day] { T[1], T[2], T[3], T[4], T[5] }
simulate 1 [<=2*day] { Heater(1).r, Heater(2).r, Heater(3).r }
FORMATS, Sep 2012
Kim Larsen [26]
Results – Discomfort
Pr[<=2*day](<> time>0
&& Monitor.Discomfort)
FORMATS, Sep 2012
Kim Larsen [27]
Results – Comfort
Pr[comfort<=2*day] (<> time>=2*day)
FORMATS, Sep 2012
Kim Larsen [28]
Results – Energy
Pr[Monitor.energy<=1000000](<> time>=2*day)
FORMATS, Sep 2012
Kim Larsen [29]
Result – User Profile
Pr[Monitor.energy<=1000000](<> time>=2*day)
FORMATS, Sep 2012
Kim Larsen [30]
Refinement
FORMATS, Sep 2012
Kim Larsen [31]
Controller Synthesis
Heater
Room
??
on/off
Room
const
const
const
const
int Tenv=7;
int k=2;
int H=20;
int TB[4]=
{12, 18, 25, 28};
critical high
28
25
high
normal
18
12
low
critical low
FORMATS, Sep 2012
Kim Larsen [32]
Unfolding
critical high
28
25
high
normal
18
12
low
critical low
FORMATS, Sep 2012
Kim Larsen [33]
Timing
critical high
28
25
high
normal
18
12
low
critical low
FORMATS, Sep 2012
Kim Larsen [34]
TA Abstraction
const
const
const
const
FORMATS, Sep 2012
int
int
int
int
uL[3]={3,5,2};
uU[3]={4,6,3};
dL[3]={3,9,15};
dU[3]={4,10,16}
Kim Larsen [35]
Validation by Simulation
FORMATS, Sep 2012
Kim Larsen [36]
Validation by Simulation
const
const
const
const
FORMATS, Sep 2012
int
int
int
int
uL[3]={3,8,2};
uU[3]={4,9,3};
dL[3]={3,9,15};
dU[3]={4,10,16}
Kim Larsen [37]
Optimization
FORMATS, Sep 2012
Kim Larsen [38]
Time Bounded L-problem
simulate 1 [time<=5] {C, x, y}
WATA, Dresden, May 30, 2012
[Qest12]
Problem:
Determine schedule that maximizes
time until out of energy
Kim Larsen [39]
Time Bounded L-problem
[Qest12]
Pr[time<=30] (<> C<0 )
WATA, Dresden, May 30, 2012
Kim Larsen [40]
Time Bounded L-problem
[Qest12]
simulate 10000 [time<=10] {C,x,y}: 1 : time>=7 && Test.GOOD
TEST
Pr [time<=10] (<> time>=7 && Test.GOOD
WATA, Dresden, May 30, 2012
Kim Larsen [41]
RESTART Method
FORMATS, Sep 2012
Kim Larsen [42]
Meta Modeling
RESTART Approach
FORMATS, Sep 2012
Kim Larsen [43]
Meta Modeling
Direct Approach
FORMATS, Sep 2012
Kim Larsen [44]
Meta Analysis
RESTART Approach
Direct Approach
FORMATS, Sep 2012
Kim Larsen [45]
Meta Analysis
FORMATS, Sep 2012
Kim Larsen [46]
Meta Analysis
FORMATS, Sep 2012
Kim Larsen [47]
Other Case Studies
BLUETOOTH
FIREWIRE
ROBOT
FORMATS, Sep 2012
Schedulability
Analysis for
Mix Cr Sys
Energy Aware
Buildings
10 node LMAC
Genetic Oscilator
(HBS)
Kim Larsen [48]
Passenger
Seating in
Aircraft
Contribution & More
 Natural stochastic semantics of networks of
stochastic hybrid systems.
 Efficient implementation of SMC algorithms:
 Estimation of
 Sequential testing
¸p
 Sequential probability comparison
¸
 Parameterized comparison
 Distributed Implementation of SMC !
FORMATS, Sep 2012
Kim Larsen [49]
Thank You !
FORMATS, Sep 2012
Kim Larsen [50]

 Download  Report

Paperzz.com

Your Paperzz

© Copyright 2026 Paperzz