GM-CMU Collaborative Research Laboratory Temporal Logics for Analyzing Hybrid Systems Simulation Traces.

GM-CMU Collaborative Research Laboratory

Temporal Logics for Analyzing Temporal Logics for Analyzing Hybrid Systems Simulation TracesHybrid Systems Simulation Traces

GM-CMU Collaborative Research Laboratory

Sources of Simulation TracesSources of Simulation Traces• VehicleSim : A software simulator

for vehicle dynamics

• Simulation Traces from MATLAB / Simulink

• Physical testing of vehicles on roads

• Hybrid Systems Visual Tools: Ptolemy (Berkeley), CHARON (UPenn)

VehicleSim Simulator

MATLAB Simulink

PhysicalSimulation

Visual ToolsPTOLEMYCHARON

GM-CMU Collaborative Research Laboratory

Temporal LogicTemporal Logic

• We can define “interesting” events and sequence of events.– Event a does not ever happen before event b– Event a is eventually followed by event b– Event a is always accompanied by event b– Event a follows event b within two time steps.

• Forces definition of formal correctness properties– Easier-to-use sugar-coated versions like Intel’s

FORSPEC

GM-CMU Collaborative Research Laboratory

Overall System DesignOverall System Design

VehicleSim Simulator

MATLAB Simulink

PhysicalSimulation

Visual ToolsPTOLEMYCHARON

Simulation Trace

TemporalProperty

Automated Trace

Analyzer

Report

GM-CMU Collaborative Research Laboratory

ExampleExample

• Always (a <= b)

• The value of a never exceeds the value of b.

a <= b

a > b

ERROR

GM-CMU Collaborative Research Laboratory

ExampleExample

• Always (a=b X (c=100) )

• If the value of a equals the value of b, then c must take the value 100 in 1 time step.

True

a = b

c!=100c=100

Trace:

a b c

0 0 0

1 2 100

ERROR

GM-CMU Collaborative Research Laboratory

ExampleExample

• Always (a=b X (c=100) )

• If the value of a equals the value of b, then c must take the value 100 in 1 time step.

True

a = b

c!=100c=100

Trace:

a b c

0 0 0

1 2 100

ERROR

GM-CMU Collaborative Research Laboratory

ExampleExample

• Always (a=b X (c=100) )

• If the value of a equals the value of b, then c must take the value 100 in 1 time step.

True

a = b

c!=100c=100

Trace:

a b c

0 0 0

1 2 100

ERROR

GM-CMU Collaborative Research Laboratory

ExampleExample

• Always (a=b X (c=100) )

• If the value of a equals the value of b, then c must take the value 100 in 1 time step.

True

a = b

c!=100c=100

Trace:

a b c

0 0 0

1 2 99

ERROR

GM-CMU Collaborative Research Laboratory

ExampleExample

• Always (a=b X (c=100) )

• If the value of a equals the value of b, then c must take the value 100 in 1 time step.

True

a = b

c!=100c=100

Trace:

a b c

0 0 0

1 2 99

ERROR

GM-CMU Collaborative Research Laboratory

ExampleExample

• Always (a=b X (c=100) )

• If the value of a equals the value of b, then c must take the value 100 in 1 time step.

True

a = b

c!=100c=100

Trace:

a b c

0 0 0

1 2 99

ERROR

GM-CMU Collaborative Research Laboratory

Research QuestionsResearch Questions

• How to capture the continuity of trace data ?• How to capture the notion of continuous time?– Do we need a richer yet understandable logic in

line with FORSPEC for Hybrid Systems?

• Online vs. Offline monitoring– If monitoring is offline, can we write efficient

algorithms that can “look into the future”

GM-CMU Collaborative Research Laboratory

Overall System DesignOverall System Design

VehicleSim Simulator

MATLAB Simulink

PhysicalSimulation

Visual ToolsPTOLEMYCHARON

Simulation Trace

TemporalProperty

Automated Trace

Analyzer

ReportYour inputs?

GM-CMU Collaborative Research Laboratory

GM-CMU Collaborative Research Laboratory

Robustness of Hybrid Systems Robustness of Hybrid Systems and Simulation Tracesand Simulation Traces

•If two traces have a prefix equivalent under a “robustness” assumption, we can combine them into an execution tree.