Falsification of Cyber-Physical Systems with Constrained Signal Spaces

Barbot, Benoît; Basset, Nicolas; Dang, Thao; Donzé, Alexandre; Kapinski, James; Yamaguchi, Tomoya

doi:10.1007/978-3-030-55754-6_25

Cited by 14 publications

(16 citation statements)

References 39 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…More recent work on falsification of hybrid and cyber-physical systems extends inputs to sets of signals described by piecewise functions encoded using a finite number of bounded parameters. The literature on CPS falsification and testing has become vast, we include here only some most recent papers [13,15,41,4,5] and more references can be found therein as well as in the papers and websites related to the major state-of-the-art tools S-TaLiRo [38] and Breach [11]. Compared to this approach, our work can deal with more general signals described by complex constraints involving both time and value domains.…”

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

“…with slope in (1,2) and duration in (0.5, 2), and (E) with slope in (5,900) and duration in (0.01, 2). We finally also allow the concatenation of segments (D) and (E) to be replaced by a single segment (F), a linearly increasing segment with slope in (1,5) and duration in (2,10). We observe that the above specification uses parametric shapes, where the parameters are possibly constrained, and describes perfect shapes without accounting for noise.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Sampling of shape expressions with ShapEx

Basset

Dang

Gigler

et al. 2021

Proceedings of the 19th ACM-IEEE International Conference on Formal Methods and Models for System Design

Self Cite

View full text Add to dashboard Cite

Cyber-physical systems (CPS) are increasingly becoming driven by data, using multiple types of sensors to capture huge amounts of data. Extraction and characterization of useful information from big streams of data is a challenging problem. Shape expressions facilitate formal specification of rich temporal patterns encountered in time series as well as in behaviors of CPS. In this paper, we introduce a method for systematically sampling shape expressions. The proposed approach combines methods for uniform sampling of automata (for exploring qualitative shapes) with hit-and-run Monte Carlo sampling procedures (for exploring multi-dimensional parameter spaces defined by sets of possibly non-linear constraints). We study and implement several possible solutions and evaluate them in the context of visualisation and testing applications.

show abstract

Section: Related Workmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Sampling of shape expressions with ShapEx

Basset

Dang

Gigler

et al. 2021

Proceedings of the 19th ACM-IEEE International Conference on Formal Methods and Models for System Design

Self Cite

View full text Add to dashboard Cite

show abstract

“…These methods are suited for the type of problems mentioned above requiring targeting a small region of the input signal space, but they might fail to converge toward counterexamples living in some high-frequency regions, simply because this will require adding too many control points. In [1], the authors introduce an input generator using the words accepted by a time automaton (TA) and show in particular that it can address the generation of complex periodic behaviors. This is much more general than the simple pulse generator that we consider in this paper and requires more effort in modeling the TA for input generation.…”

Section: Discussion and Related Workmentioning

confidence: 99%

“…three different ranges: [-0.35, 0.35], [-0.40, 0.40], [-0.45, 0.45]; with three initial conditions x init 1 , x init 2 , x init 3 in the range [-0.1, 0.1]; • Switched System (SS): Two inputs defined in the range [-1, 1]; Three different values are consideredfor parameter thresh: 0.7, 0.8, 0.9;• Neural Network (NN): One input (reference) chosen in[1,3];• Fuel Control (AFC): Two inputs, throttle in [0, 61.2], and engine speed in [900, 1000];• Steam Condenser (SC): One input with possible values in[3.99, 4.01].…”

mentioning

confidence: 99%

Temporal Logic Falsification of Cyber-Physical Systems using Input Pulse Generators

Ramezani¹,

Donzé²,

Fabian³

et al.

EPiC Series in Computing

View full text Add to dashboard Cite

Falsification is a testing method for cyber-physical systems where numerical optimization is used to find counterexamples of a given specification that the system must fulfill. The falsification process uses quantitative semantics that play the role of objective functions to minimize the distance to falsifying the specification. Falsification has gained attention due to its versatile applicability, and much work exists on various ways of implementing the falsification process, often focusing on which optimization algorithm to use, or more recently, the semantics for the formal requirements. In this work, we look at some practical aspects of input generation, i.e., the mapping from parameters used as optimization variables to signals that form the actual test cases for the system. This choice is critical but often overlooked. It is assumed that problem experts can guide how to parameterize inputs; however, this assumption is often too optimistic in practice. We observe that pulse generation is a surprisingly good first option that can falsify many common benchmarks after only a few simulations while requiring only a few parameters per signal.

show abstract