Towards foundational verification of cyber-physical systems

Malecha, Gregory; Ricketts, Daniel; Álvarez, Mario Moisés; Lerner, Sorin

doi:10.1109/soscyps.2016.7580000

Cited by 13 publications

(13 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…General-purpose logics have also been used for CPS proofs. ROSCoq [1] and VeriDrone [27] allow CPS specification, implementation, verification, and code generation in Coq. However, they do not synthesize and automatically verify monitors nor is their machine code verified.…”

Section: Related Workmentioning

confidence: 99%

VeriPhy: verified controller executables from verified cyber-physical system models

et al. 2018

View full text Add to dashboard Cite

We present VeriPhy, a verified pipeline which automatically transforms verified high-level models of safety-critical cyberphysical systems (CPSs) in differential dynamic logic (dL) to verified controller executables. VeriPhy proves that all safety results are preserved end-to-end as it bridges abstraction gaps, including: i) the gap between mathematical reals in physical models and machine arithmetic in the implementation, ii) the gap between real physics and its differentialequation models, and iii) the gap between nondeterministic controller models and machine code. VeriPhy reduces CPS safety to the faithfulness of the physical environment, which is checked at runtime by synthesized, verified monitors. We use three provers in this effort: KeYmaera X, HOL4, and Isabelle/HOL. To minimize the trusted base, we cross-verify KeYmaera X in Isabelle/HOL. We evaluate the resulting controller and monitors on commodity robotics hardware. CCS Concepts • Computer systems organization → Embedded and cyber-physical systems; • Software and its engineering → Formal software verification;

show abstract

Section: Related Workmentioning

confidence: 99%

VeriPhy: verified controller executables from verified cyber-physical system models

et al. 2018

View full text Add to dashboard Cite

show abstract

“…Another framework which is designed for cyber-physical systems is the VeriDrone project [28], developped in the Coq proof assistant [39]. However, it is based on a different logic (it uses an embedding of linear temporal logic in Coq) and also trusts external tools (SMT solvers).…”

Section: Related Workmentioning

confidence: 99%

A formal proof in Coq of a control function for the inverted pendulum

Rouhling¹

2018

Proceedings of the 7th ACM SIGPLAN International Conference on Certified Programs and Proofs - CPP 2018

View full text Add to dashboard Cite

Control theory provides techniques to design controllers, or control functions, for dynamical systems with inputs, so as to grant a particular behaviour of such a system. The inverted pendulum is a classic system in control theory: it is used as a benchmark for nonlinear control techniques and is a model for several other systems with various applications. We formalized in the Coq proof assistant the proof of soundness of a control function for the inverted pendulum. This is a first step towards the formal verification of more complex systems for which safety may be critical. CCS Concepts • Mathematics of computing → Ordinary differential equations; Topology; • Computer systems organization → Robotic control; • Software and its engineering → Software verification;

show abstract

“…Few people so far have addressed bugs in the implementation of algorithms at the source code level. For a safetycritical real-time system like an UAV, this negligence could result in problems such as loss of synchronization (caused by irregular response from external sensors) and high approximation errors (caused by floating-point computation) (Malecha et al, 2016). These problems are subtle but might degrade the performance or even cause the drone to crash.…”

Section: Introductionmentioning

confidence: 99%

“…Formal verification is a technique to conduct correctness proof of a program (or the contradic-arXiv:1905.06768v1 [cs.SE] 3 May 2019 tion if the program contains errors) in accurate and well-formed mathematical and logical constructs. It is used to prevent subtle errors in the source code of control systems (Ricketts et al, 2015;Malecha et al, 2016;Bohrer et al, 2018). Preventing such errors would increase the reliability and safety of drone systems.…”

Section: Introductionmentioning

confidence: 99%

“…In 2015, foundational verification techniques in the theorem prover Coq, were applied to a quadrotor system to verify the correctness of two shims (saturation blocks) that were used to limit the velocity and height of the quadrotor (Ricketts et al, 2015). In 2016, the same research group verified a runtime monitor in order to provide strong guarantees about maximum velocities and accelerations of a drone (Malecha et al, 2016). In 2018, Brandon Bohrer (Bohrer et al, 2018) designed a verified pipeline for generating concrete controller code from high-level models.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A new hierarchical software architecture towards safety-critical aspects of a drone system

Zhu

Chen

Yin

et al. 2019

Frontiers Inf Technol Electronic Eng

View full text Add to dashboard Cite

In this paper, a new hierarchical software architecture is proposed to improve the safety and reliability of a safety-critical drone system from the perspective of its source code. The proposed architecture uses formal verification methods to ensure that the implementation of each module satisfies its expected design specification, so that it prevents a drone from crashing due to unexpected software failures. This work builds on top of a formally verified operating system kernel, CertiKOS(Gu et al., 2015). Since device drivers are considered the most important parts affecting the safety of the drone system, this paper mainly focuses on verifying bus drivers such as the SPI driver and the I2C driver in a drone system using a rigorous formal verification method (Chen et al., 2016). Experiments have been carried out to demonstrate the improvement in reliability in case of device anomalies.

show abstract

Towards foundational verification of cyber-physical systems

Cited by 13 publications

References 27 publications

VeriPhy: verified controller executables from verified cyber-physical system models

VeriPhy: verified controller executables from verified cyber-physical system models

A formal proof in Coq of a control function for the inverted pendulum

A new hierarchical software architecture towards safety-critical aspects of a drone system

Contact Info

Product

Resources

About