Dina Workshop Analysing Properties of Hybrid Systems Rafael Wisniewski Aalborg University.
-
Upload
scott-lawrence -
Category
Documents
-
view
215 -
download
1
Transcript of Dina Workshop Analysing Properties of Hybrid Systems Rafael Wisniewski Aalborg University.
Dina Workshop
Contents
Example of Coffee Machine Models for Closed Systems Reachability Problem Control Synthesis Continuous Systems
Dina Workshop
Example of the Coffe Machine
Consider a machine M, which distributes coffee and tea. A customer inserts a unit coin and presses a button for tea or coffee, the machine heats water with certain ingredients and releases plastic cups filled with appropriate drinks.
Such a system is decomposed into: Physical Interface (takes care of signals and energy
exchange) Information Processing (processes information enterring the
system regardless the physical origin)
Dina Workshop
Physical Interface vs. Information Processing
Coins
Drinks
Bottons
Coins
Information Processing
PhysicalInformation
Dina Workshop
Information Processing ComponentsPort Meaning
1 A coin was inserted
2 cancel button pressed
3 release the coin
4 suffucuent money inserted
5 money returned to user
6 drink distribution ended
7 coffee button pressed
tea button pressed
8 drink preparation ended
9 start preparing coffee
start preparing tea
M2M1
coin-out
cancel
coin-in
done
reset
ok
st-coffeest-tea
drink-ready
req-coffeereq-tea
1
2
3
4
5
6
7
8
9
Dina Workshop
Machines M1 and M2 – Formalism of Automata
0 1
coin-in/ ok
done/
cancel/ coin-out, reset
M1
A B
C
D
req-tea/ st-tea
req-coffee/ st-coffee
drink-ready/ done
ok/
reset/
drink-ready/ done
M2
Dina Workshop
Synchronous Product M = M1 || M2
Consider two automata G1 = (X1, E1, f1, G1, x01, Xm1), G2 = (X2, E2, f2, G2, x02, Xm2) and
event in G1||G2 occurs if it occurs either in G1 or G2,
G1||G2 = (X1x X2, E1 E2, f, G1||2, (x01, x02), Xm1 x Xm2)
where
(f(x1, e), f(x2, e)) if eG1(x1) G2(x2)
f((x1, x2),e) = (f(x1, e), x2)) if eG1(x1) \ E2
(x1, f(x2, e)) if eG2(x2) \ E1
and
G1||2(x1, x2) = (G1(x1) G2(x2)) (G1(x1) \ E2) (G2(x2) \ E1)
Dina Workshop
M1 and M2
0 1
coin-in/ ok
done/
cancel/ coin-out, reset
M1
A B
C
D
req-tea/ st-tea
req-coffee/ st-coffee
drink-ready/ done
ok/
reset/
drink-ready/ done
M2
Dina Workshop
M1 || M2
0A 1B
1C
1D
req-tea/ st-tea
req-coffee/ st-coffee
drink-ready/
coin-in/
cancel/ coin-out
drink-ready/
0C
0D
cancel/ coin-out
cancel/ coin-out
drink-ready/
drink-ready/
Dina Workshop
Fixing the Bug by ”lock” Label
0 1
coin-in/ ok
done/
cancel/ coin-out, reset
M1
2lock/
A B
C
D
req-tea/ st-tea, lock
req-coffee/ st-coffee, lock
drink-ready/ done
ok/
reset/
drink-ready/ done
M2
Dina Workshop
Well Behaving Product of M1 and M2
0A 1B
2C
2D
req-tea/ st-tea,
req-coffee/ st-coffee
drink-ready/
coin-in/
cancel/ coin-out
drink-ready/
Dina Workshop
Conclusions from the Example
Systems may consist of a great number of components thus the global system appears to be very complicated.
Set of behaviors are paths in the global transition graph. The desired behavior of a system can be specified as a
set of allowed sequences of states and events. Proving that the system is correct amounts to showing that
all sequences generated by the system are those allowed by the specifications.
Dina Workshop
System D-I
D-I is a system not exposed to the external influence and its future evolution depends exclusively on its current state
Definition (System D-I)A transition system is S = (X, f), where X is a set of finite states, and f: X X is the transition function and x0 is the initial state.
NotationX* denotes the set of all sequences over XXk are sequences of length k
Definition (Behavior)Given a transition system S = (X, f) the behavior of S starting from an initial state x0 X is a sequence = {i} X*, i N such that 0 = x0 and i+1 = f(i) i N.
Dina Workshop
Basic Reachability Problem Definition (Basic Reachability Problem)
For a system S with given x0 and a set P X the Basic Reachability Problem is the question if the behavior of S starting at x0 reaches P (does there exist k such that
k P ?). Set of all reachable sets can be generated by
Algorithm 1 (Forward Simulation/Reachability)
0 := x0
F0 := {x0}repeat
k+1 := f(k) Fk+1 := Fk {k+1}until Fk+1 = Fk
F* := Fk
if F* P then the system is reachable Finiteness of X plays a crucial role since the sets P, Fk, and the transition
functions can be stored in finite data structure, secondly the algorithm converges
Dina Workshop
System with One Input
Definition (System D-II)
A one-input transition system is S = (X, V, f), where X and V are finite sets and f: X x V X is the transition function (a partial function).
x1
x2 x4
x3 x5
v1
v1
v1
v1
v2
v1, v2
v2v2
v2
Dina Workshop
System D-II
Definition (Behavior Induced by Input)
Given a system S=(X,V,f) and an input sequence = {i}V*. The behavior of S starting from x0 in the presence of is a sequence:
() = {i} X* such that 0 = x0 and i+1 = f(I, i) i N. Definition (Reachability)
For a D-II system S with given x0 and a set P X the Reachability Problem is the question if Is there some input sequence such that () reaches P.
Naive solution Use Algorithm 1 and feed it with a sufficiently large finite sequence
V* we obtain the set F*() of states reached by (). The set of all reachable states is F* = F*().
Dina Workshop
Execution Tree
x1
x2 x4
x3 x5
v1
v1
v1
v1
v2
v1, v2
v2v2
v2
x1
x2 x3
x5
x2 x5
x3
x4
x5 x5
x3
x4 x5
x2
x1
v1
v1
v1
v1v1 v1 v1
v2
v2v2
v2 v2 v2 v2
Dina Workshop
Forward Reachability Algorithm in Breadth-First Search
x1 x5
x2 x5
x3
x4
x5 x5
x3
x2
x1
v1
v1
v1v1
v2
v2v2
v2 v2
v1
Denote f(x) the set of all immediate successors of x, i.e.
f(x) = {z: u f(x,u) = z} and
f(F) = {f(x): x F}
Algorithm 2 (Forward Reachability)
F0 := {x0}
repeat
Fk+1 := Fk f(Fk)
until Fk+1 = Fk
F* := Fk
Dina Workshop
Forward Reachability Algorithm in Depth-First Search
x5
x2 x5
x3
x4
x5
x3
x4 x5
x2
x1
v1
v1
v1 v1
v1
v2
v2
v2 v2
v2
Dina Workshop
Backward Reachability Denote f -1(x) the set of all immediate predecessors of x, i.e.
f -1(x) = {z: u f(z,u) = x} and
f -1(F) = {f -1(x): x F}
Algorithm 3 (Backward Reachability)
F0 := P
repeat
Fk+1 := Fk f-1(Fk)
until Fk+1 = Fk
F* := Fk
Theorem 1(Algorithmic Verification)
For each type II-D system there exists an algorithm (with a finite number of steps), which verifies reachability to a finite set P.
Dina WorkshopSystem with Two Inputs Definition (System III-D)
A two-input transition system is S = (X, U, V, f) where X, U, V are finite sets and f: X x U x V X is the transition function. (The set U is interpreted as the set of control actions and the set V represents disturbances.)
Definition (Strategy and State Strategy)Let S = (X, U, V, f) be III-D system. A strategy for U is a function c: X* U. A state strategy is a strategy satisfying c(•x) = c(´•x) for every and ´ and hence it can be written as a function d: X U (I.e. strategy is only dependent on the current state, not the entire history).
Remark
Each state strategy converts a type III system S = (X, U, V, f) into type II, Sc = (X, V, fc) such that fc(x, v) = f(x, c(x), v).
Definition (Synthesis for Reachability)Let S = (X, U, V, f) be a type III system and let P X. The controller synthesis problem is to find a startegy c such that all the behaviors of the closed-loop system Sc = (X, V, fc) never reaches P.
Dina Workshop
An Example of Type III System
Let P = {x5} then the state x5 cannot be avoided from x4 by any control, since if we choose u1 the environment can choose v2 and if we choose u2 the environment can choose v1.
x1 x2 x4
x3 x5
v2
u1v1, v2
u2
v2
u2
v2
v2
u2
v2
v2
u2
v2
v1
v1
u1
v1v1
v1
v1
u1
u1
v1
Dina WorkshopController Synthesis Definition (Controllable Predecessors)
Let S = (X, U, V, f) be a type III system. The set of controllable predecessors of F X is defined(F) = {x: u U v V f(x, u, v) F}and it denotes all the states from which the controller, by properly selecting u, can force the system into F in the next step.
Algorithm 4 (Controller Synthesis)
F0 := X-P
repeat
Fk+1 := Fk (Fk)
until Fk+1 = Fk
F* := Fk
Algorithm 4 produces the set F* of states from which reaching P can be forever avoided.
Dina Workshop
An Example of Type III System
In the example the algorithm produces a sequence {x1, x2, x3, x4}, {x1, x2, x3}. The control strategy is c(x1) = u1, c(x2) = u2, and c(x3) = u1.
x1 x2 x4
x3 x5
v2
u1v1, v2
u2
v2
u2
v2
v2
u2
v2
v2
u2
v2
v1
v1
u1
v1v1
v1
v1
u1
u1
v1
Dina Workshop
General Comments on Continuous Systems
In general the reachability problem for infinite state systems is undecidable. Promising idea is to investigate morphisms from infinite-state systems to finite ones.
One can investigate system of the form dx/dt = f(x, ) with control signals of the form : T V.
The first problem is simulation
´[(n+1)] = ´[n] + h(´[n], )
providing approximate of the solution of for discrete time T = {n: n N}.
x0
P
Dina Workshop
Continuous Reachability
Notationx t x’ indicates that there exists an input : [0, t] V such that the behavior () starting at x reaches x’ at time t.
Let F X and I R+ then I-successors of F are all the states that can be reached from F within the time interval I i.e.
fI(F) = {x’: x F t I x t x’ }
x0 Algorithm 5 (Continuous Reachability)
F0 := {x0}
repeat
Fk+1 := Fk f[0,r](Fk)
until Fk+1 = Fk
F* := Fk