ABSTRACT
Black-box falsification problems are most often solved by numerical optimization algorithms. In this work, we propose an alternative approach, where simulations are used to construct a surrogate model for the system dynamics using data-driven Koopman operator linearization. Since the dynamics of the Koopman model are linear, the reachable set of states can be computed and combined with an encoding of the signal temporal logic specification in a mixed-integer linear program (MILP). To determine the next sample, an MILP solver computes the least robust trajectory inside the reachable set of the surrogate model. The trajectory’s initial state and input signal are then executed on the original black-box system, where the specification is either falsified or additional simulation data is generated that we use to retrain the surrogate Koopman model and repeat the process.
The proposed method is highly effective. Evaluation on the complete set of benchmarks taken from the 2022 ARCH falsification competition demonstrates superior performance—fewer expected simulations—over all participating tools on 16 out of 19 benchmarks. Further, on three benchmarks where no tool consistently reports a falsifying trace, our method reliably uncovers a counterexample.
- H. Abbas and G. Fainekos. 2012. Convergence Proofs for Simulated Annealing Falsification of Safety Properties. In Proc. of the Annual Allerton Conference on Communication, Control, and Computing. 1594–1601.Google Scholar
- H. Abbas, A. Winn, G. Fainekos, and A. A. Julius. 2014. Functional Gradient Descent Method for Metric Temporal Logic Specifications. In Proc. of the American Control Conference. 2312–2317.Google ScholarCross Ref
- A. Aerts, B. T. Minh, M. R. Mousavi, and M. A. Reniers. 2018. Temporal Logic Falsification of Cyber-Physical Systems: An Input-Signal-Space Optimization Approach. In Proc. of the International Conference on Software Testing, Verification and Validation Workshops. 214–223.Google ScholarCross Ref
- M. Althoff. 2015. An Introduction to CORA 2015. In Proc. of the International Workshop on Applied Verification for Continuous and Hybrid Systems. 120–151.Google Scholar
- M. Althoff, G. Frehse, and A. Girard. 2021. Set Propagation Techniques for Reachability Analysis. Annual Review of Control, Robotics, and Autonomous Systems 4 (2021), 369–395.Google ScholarCross Ref
- Y. Annapureddy, C. Liu, G. Fainekos, and S. Sankaranarayanan. 2011. S-TaLiRo: A Tool for Temporal Logic Falsification for Hybrid Systems. In Proc. of the International Conference on Tools and Algorithms for the Construction and Analysis of Systems. 254–257.Google Scholar
- Y. S. R. Annapureddy and G. Fainekos. 2010. Ant Colonies for Temporal Logic Falsification of Hybrid Systems. In Proc. of the Annual Conference on IEEE Industrial Electronics Society. 91–96.Google Scholar
- S. Bak and P. S. Duggirala. 2017. Simulation-Equivalent Reachability of Large Linear Systems with Inputs. In Proc. of the International Conference on Computer Aided Verification. 401–420.Google ScholarCross Ref
- S. Bak and et al.2022. Reachability of Koopman Linearized Systems Using Random Fourier Feature Observables and Polynomial Zonotope Refinement. In Proc. of the International Conference on Computer Aided Verification. 490–510.Google Scholar
- S. Bogomolov and et al.2019. Falsification of Hybrid Systems Using Symbolic Reachability and Trajectory Splicing. In Proc. of the International Conference on Hybrid Systems: Computation and Control. Article No. 1.Google Scholar
- Xin Chen and Sriram Sankaranarayanan. 2022. Reachability Analysis for Cyber-Physical Systems: Are We There Yet?. In NASA Formal Methods Symposium. Springer, 109–130.Google Scholar
- A. M. DeGennaro and N. M. Urban. 2019. Scalable Extended Dynamic Mode Decomposition Using Random Kernel Approximation. SIAM Journal on Scientific Computing 41, 3 (2019), 1482–1499.Google ScholarDigital Library
- J. Deshmukh and et al.2017. Testing Cyber-Physical Systems Through Bayesian Optimization. ACM Transactions on Embedded Computing Systems 16, 5s (2017). Article No. 170.Google ScholarDigital Library
- J. Deshmukh, X. Jin, J. Kapinski, and O. Maler. 2015. Stochastic Local Search for Falsification of Hybrid Systems. In Proc. of International Symposium on Automated Technology for Verification and Analysis. 500–517.Google Scholar
- A. Donzé. 2010. Breach, A Toolbox for Verification and Parameter Synthesis of Hybrid Systems. In Proc. of the International Conference on Computer Aided Verification. 167–170.Google ScholarDigital Library
- A. Donzé, V. Raman, G. Frehse, and M. Althoff. 2015. BluSTL: Controller Synthesis from Signal Temporal Logic Specifications. Proc. of the International Workshop on Applied Verification for Continuous and Hybrid Systems (2015), 160–168.Google Scholar
- J. L. Eddeland and et al.2020. Enhancing Temporal Logic Falsification with Specification Transformation and Valued Booleans. IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems 39, 12 (2020), 5247–5260.Google ScholarCross Ref
- G. Ernst and et al.2022. ARCH-COMP 2022 Category Report: Falsification with Unbounded Resources. In Proc. of the International Workshop on Applied Verification for Continuous and Hybrid Systems. 204–221.Google Scholar
- G. Ernst, S. Sedwards, Z. Zhang, and I. Hasuo. 2019. Fast Falsification of Hybrid Systems Using Probabilistically Adaptive Input. In Proc. of the International Conference on Quantitative Evaluation of Systems. 165–181.Google Scholar
- G. Fainekos and G. Pappas. 2009. Robustness of Temporal Logic Specifications for Continuous-Time Signals. Theoretical Computer Science 410, 42 (2009), 4262–4291.Google ScholarDigital Library
- Y. Han and et al.2020. Deep Learning of Koopman Representation for Control. In Proc. of the International Conference on Decision and Control. 1890–1895.Google Scholar
- B. Hoxha, H. Abbas, and G. Fainekos. 2015. Benchmarks for Temporal Logic Requirements for Automotive Systems. In Proc. of the International Workshop on Applied Verification for Continuous and Hybrid Systems. 25–30.Google Scholar
- N. Kochdumper and M. Althoff. 2021. Sparse Polynomial Zonotopes: A Novel Set Representation for Reachability Analysis. IEEE Trans. Automat. Control 66, 9 (2021), 4043–4058.Google ScholarCross Ref
- N. Kochdumper, B. Schürmann, and M. Althoff. 2020. Utilizing Dependencies to Obtain Subsets of Reachable Sets. In Proc. of the International Conference on Hybrid Systems: Computation and Control. Article No. 1.Google Scholar
- K. Komatsu and H. Takata. 2008. Nonlinear Feedback Control of Stabilization Problem via Formal Linearization Using Taylor Expansion. In Proc. of the International Symposium on Information Theory and Its Applications. 1–5.Google Scholar
- B. O. Koopman. 1931. Hamiltonian Systems and Transformation in Hilbert Space. Proceedings of the National Academy of Sciences of the United States of America 17, 5 (1931), 315–318.Google ScholarCross Ref
- M. Korda and I. Mezić. 2018. Linear Predictors for Nonlinear Dynamical Systems: Koopman Operator meets Model Predictive Control. Automatica 93 (2018), 149–160.Google ScholarDigital Library
- J Nathan Kutz, Steven L Brunton, Bingni W Brunton, and Joshua L Proctor. 2016. Dynamic mode decomposition: data-driven modeling of complex systems. SIAM.Google Scholar
- E. A. Lee. 2008. Cyber Physical Systems: Design Challenges. In Proc. of the International Symposium on Object and Component-Oriented Real-Time Distributed Computing. 363–369.Google ScholarDigital Library
- H.-G. Lee, A. Arapostathis, and S. I. Marcus. 1987. Linearization of Discrete-Time Systems. Internat. J. Control 45, 5 (1987), 1803–1822.Google ScholarCross Ref
- E. Lew and et al.2023. AutoKoopman: A Toolbox for Automated System Identification via Koopman Operator Linearization. In Proc. of the International Symposium on Automated Technology for Verification and Analysis. 237–250.Google Scholar
- K. Makino and M. Berz. 2003. Taylor Models and Other Validated Functional Inclusion Methods. International Journal of Pure and Applied Mathematics 4, 4 (2003), 379–456.Google Scholar
- O. Maler and D. Nickovic. 2004. Monitoring Temporal Properties of Continuous Signals. In Proc. of the International Conference on Formal Modelling and Analysis of Timed Systems. 152–166.Google Scholar
- L. Mathesen, G. Pedrielli, and G. Fainekos. 2021. Efficient Optimization-Based Falsification of Cyber-Physical Systems with Multiple Conjunctive Requirements. In Prof. of the International Conference on Automation Science and Engineering. 732–737.Google Scholar
- L. Mathesen, S. Yaghoubi, G. Pedrielli, and G. Fainekos. 2019. Falsification of Cyber-Physical Systems with Robustness Uncertainty Quantification Through Stochastic Optimization with Adaptive Restart. In Proc. of the International Conference on Automation Science and Engineering. 991–997.Google Scholar
- C. Menghi, S. Nejati, L. Briand, and Y. I. Parache. 2020. Approximation-Refinement Testing of Compute-Intensive Cyber-Physical Models: An Approach Based on System Identification. In Proc. of the International Conference on Software Engineering. 372–384.Google ScholarDigital Library
- T. Nghiem and et al.2010. Monte-Carlo Techniques for Falsification of Temporal Properties of Non-Linear Hybrid Systems. In Proc. of the International Conference on Hybrid Systems: Computation and Control. 211–220.Google Scholar
- Z. Pan and F. Liu. 2023. Nonlinear Set-Membership State Estimation Based on the Koopman Operator. International Journal of Robust and Nonlinear Control 33, 4 (2023), 2703–2721.Google ScholarCross Ref
- André Platzer. 2018. Logical foundations of cyber-physical systems. Vol. 662. Springer.Google Scholar
- R. Rajkumar, I. Lee, L. Sha, and J. Stankovic. 2010. Cyber-Physical Systems: The Next Computing Revolution. In Proc. of the Design Automation Conference. 731–736.Google Scholar
- V. Raman and et al.2014. Model Predictive Control with Signal Temporal Logic Specifications. In Proc. of the International Conference on Decision and Control. 81–87.Google Scholar
- A. Rashid, U. Siddique, and S. Tahar. 2020. Formal Verification of Cyber-Physical Systems Using Theorem Proving. In Proc. of the International Workshop on Formal Techniques for Safety-Critical Systems. 3–18.Google Scholar
- A. Rauh and et al.2009. Carleman Linearization for Control and for State and Disturbance Estimation of Nonlinear Dynamical Processes. In Proc. of the International Conference on Methods and Models in Automation and Robotics. 455–460.Google Scholar
- S. Sankaranarayanan and G. Fainekos. 2012. Falsification of Temporal Properties of Hybrid Systems Using the Cross-Entropy Method. In Proc. of the International Conference on Hybrid Systems: Computation and Control. 125–134.Google Scholar
- T. Söderström and P Stoica. 1989. System Identification.Google Scholar
- Q. Thibeault and et al.2021. PSY-TaLiRo: A Python Toolbox for Search-Based Test Generation for Cyber-Physical Systems. In Proc. of the International Conference on Formal Methods for Industrial Critical Systems. 223–231.Google Scholar
- M. Waga. 2020. Falsification of Cyber-Physical Systems with Robustness-Guided Black-Box Checking. In Proc. of the International Conference on Hybrid Systems: Computation and Control. Article No. 11.Google ScholarDigital Library
- M. O. Williams and et al.2015. A Data–Driven Approximation of the Koopman Operator: Extending Dynamic Mode Decomposition. Journal of Nonlinear Science 25, 6 (2015), 1307–1346.Google ScholarCross Ref
- Y. Yamagata and et al.2020. Falsification of Cyber-Physical Systems Using Deep Reinforcement Learning. IEEE Transactions on Software Engineering 47, 12 (2020), 2823–2840.Google ScholarCross Ref
- E. Yeung and et al.2019. Learning Deep Neural Network Representations for Koopman Operators of Nonlinear Dynamical Systems. In Proc. of the American Control Conference. 4832–4839.Google Scholar
- Z. Zhang and et al.2021. Effective Hybrid System Falsification Using Monte Carlo Tree Search Guided by QB-Robustness. In Proc. of the International Conference on Computer Aided Verification. 595–618.Google Scholar
- A. Zutshi, J. V. Deshmukh, S. Sankaranarayanan, and J. Kapinski. 2014. Multiple Shooting, CEGAR-Based Falsification for Hybrid Systems. In Proc. of the International Conference on Embedded Software. Article No. 5.Google Scholar
Index Terms
- Falsification using Reachability of Surrogate Koopman Models
Recommendations
Falsification of hybrid systems using symbolic reachability and trajectory splicing
HSCC '19: Proceedings of the 22nd ACM International Conference on Hybrid Systems: Computation and ControlThe falsification of a hybrid system aims at finding trajectories that violate a given safety property. This is a challenging problem, and the practical applicability of current falsification algorithms still suffers from their high time complexity. In ...
Falsification of cyber-physical systems with robustness-guided black-box checking
HSCC '20: Proceedings of the 23rd International Conference on Hybrid Systems: Computation and ControlFor exhaustive formal verification, industrial-scale cyber-physical systems (CPSs) are often too large and complex, and lightweight alternatives (e.g., monitoring and testing) have attracted the attention of both industrial practitioners and academic ...
Falsification of combined invariance and reachability specifications in hybrid control systems
We propose an abstraction-based method that can be applied to falsify a class of computation tree logic (CTL) specifications that combine invariance and reachability requirements in terms of the discrete state of a hybrid control system. The fragment of ...
Comments