SENSE: Abstraction-Based Synthesis of Networked Control Systems

Transcription

1 SENSE: Abstraction-Based Synthesis of Networked Control Systems Mahmoud Khaled, Matthias Rungger, and Majid Zamani Hybrid Control Systems Group Electrical and Computer Engineering Technical University of Munich MeTRiD 2018 Thessaloniki, Greece April,

2 2/18 NCS: Motivation Networked control systems (NCS): Remote access/control. Flexibility in deployment. Easy maintenance/upgrading. Reduced cost and complexity. Source: Wikipedia, Spaceflight Wide range of applications: Factory automation. Space exploration. Remote diagnosis and troubleshooting. Aircrafts and automobiles. Source: WifiBot,

3 3/18 NCS: a Complex Cyber-Physical System NCS combine: Physical environment: a plant, sensors and actuators. Computing devices: a remote digital controller. Communication networks: transfer state information and control actions. Imperfections of communication networks: Time-varying sampling/transmission intervals. Time-varying communication delays Limited bandwidth. Quantization errors. Packet dropouts. C C: Controller S: Sensor A: Actuator Network wired/wireless S A S A S Physical Environment Control of NCS: Traditionally: classical control, existing methods are limited to stabilizability problem. Recently: formal methods, automated synthesis, correct-by-construction, developing research area.

4 3/18 NCS: a Complex Cyber-Physical System NCS combine: Physical environment: a plant, sensors and actuators. Computing devices: a remote digital controller. Communication networks: transfer state information and control actions. Imperfections of communication networks: Time-varying sampling/transmission intervals. Time-varying communication delays Limited bandwidth. Quantization errors. Packet dropouts. C C: Controller S: Sensor A: Actuator Network wired/wireless S A S A S Physical Environment Control of NCS: Traditionally: classical control, existing methods are limited to stabilizability problem. Recently: formal methods, automated synthesis, correct-by-construction, developing research area. SENSE: a framework for symbolic control of NCS

5 4/18 SENSE: Modeling the NCS Σ A control system (plant): Σ = (R n, U, U, f ). A sensor/sampler (time-driven): non-varying sampling-time: τ. A zero-order-hold (ZOH). Two communication channels: Delays as integer multiples of τ: sc k := Nk sc τ and ca k := Nk caτ. Delays are bounded: [Nmin sc ; Nsc max] N + Nk sc Nk ca [N ca min ; Nca max] N +. f Σ u k ca k ZOH v(t) Control System ξ(t) Σ : ξ _ = f(ξ;v) Communication Channel τ Sampler x k sc k Considered Imperfections: Bounded delays. Packet dropouts (emulation). Limited bandwidth. Quantization errors. Next Symbolic Controller What is symbolic control? How to apply it to NCS? ^x k

6 Symbolic Control: Abstraction-based Synthesis Abstraction 1 : Plants: physical systems (e.g. differential equations). Symbolic models: finite state/input systems representing plants up to some predefined accuracy. Specifications: Linear temporal logic (LTL) formulae; or Automata on infinite strings. 1 P. Tabuada, Verification and control of hybrid systems. New York, Springer, /18

7 Symbolic Control: Abstraction-based Synthesis Abstraction 1 : Plants: physical systems (e.g. differential equations). Symbolic models: finite state/input systems representing plants up to some predefined accuracy. Specifications: Linear temporal logic (LTL) formulae; or Automata on infinite strings. Controller Synthesis: Automated synthesis: Fixed-point or graph-search algorithms. Complex specifications can be handled. Symbolic controllers are refined with suitable interfaces. 1 P. Tabuada, Verification and control of hybrid systems. New York, Springer, /18

8 Symbolic Control: Abstraction-based Synthesis Abstraction 1 : Plants: physical systems (e.g. differential equations). Symbolic models: finite state/input systems representing plants up to some predefined accuracy. Specifications: Linear temporal logic (LTL) formulae; or Automata on infinite strings. Controller Synthesis: Automated synthesis: Fixed-point or graph-search algorithms. Complex specifications can be handled. Symbolic controllers are refined with suitable interfaces. 1 P. Tabuada, Verification and control of hybrid systems. New York, Springer, /18

9 Symbolic Control: Abstraction-based Synthesis Abstraction 1 : Plants: physical systems (e.g. differential equations). Symbolic models: finite state/input systems representing plants up to some predefined accuracy. Specifications: Linear temporal logic (LTL) formulae; or Automata on infinite strings. Controller Synthesis: Automated synthesis: Fixed-point or graph-search algorithms. Complex specifications can be handled. Symbolic controllers are refined with suitable interfaces. 1 P. Tabuada, Verification and control of hybrid systems. New York, Springer, /18

10 6/18 Symbolic Control of NCS: Plants as Systems Definition 1: Systems A system S is a tuple consisting of: S = (X, X 0, U, ) a (possibly infinite) set of states X. a (possibly infinite) set of initial states X 0 X. a (possibly infinite) set of inputs U. a transition relation X U X. Describing the plant as a system: Given a sampling period τ, Σ : ξ(t) = f (ξ(t), v(t)) is described by the system: S τ (Σ) = (X τ, X τ,0, U τ, τ ) which encapsulates all the information contained in the control system Σ at sampling times kτ, k N 0, where: X τ = R n, X τ,0 = R n. U τ = {v : R + 0 U v(t) = v((s 1)τ), t [(s 1)τ, sτ[, s N}. v τ τ x τ ξ xτ v τ : [0, τ] R n in the x τ system Σ s.t. ξ xτ v τ (τ) = x τ.

11 Symbolic Control of NCS: Symbolic Models of Plants - Used relation: feedback refinement relation 2 (denoted by Q). - S q (Σ) = (X q, X q, U τ, q ) - X q is a finite cover/partition over X τ - Advantage: only a static quantization map to refine the synthesized controller. 2 G. Reissig, A. Weber and M. Rungger, "Feedback Refinement Relations for the Synthesis of Symbolic Controllers," in IEEE Transactions on Automatic Control 7/18

12 SENSE: Symbolic Models of NCS S(e Σ) S(Σ) Abstraction S (e Σ) S q (Σ) Communication Channels Communication Channels - The L-map is introduced 3 :: L : T (U, X) N 4 T (U, X). S ( Σ) = ( X, X0, U τ, ) = L(S q (Σ), N sc min, N sc max, N ca min, N ca max), 3 M. Khaled, M. Rungger and M. Zamani (2016): Symbolic models of networked control systems: A feedback refinement relation approach. In: 54th Annual Allerton Conference on Communication, Control, and Computing (Allerton), pp /18

13 SENSE: Symbolic Models of NCS S(e Σ) S(Σ) Abstraction S (e Σ) S q (Σ) Communication Channels Communication Channels - The L-map is introduced 3 :: L : T (U, X) N 4 T (U, X). where S ( Σ) = ( X, X0, U τ, ) = L(S q (Σ), N sc min, N sc max, N ca min, N ca max), max X = {Xq q} Nsc N max U ca [Nmin ca ; Nca max] Nca τ [N sc min ; Nsc max] Nsc max max, where q is a dummy symbol. X0 and are depicted visually. 3 M. Khaled, M. Rungger and M. Zamani (2016): Symbolic models of networked control systems: A feedback refinement relation approach. In: 54th Annual Allerton Conference on Communication, Control, and Computing (Allerton), pp /18

14 SENSE: Efficient Symbolic 4Abstractions of NCS Remark 1 The map L provides a systematic technique of constructing the NCS from its plant and the delays. Theorem 1 Consider an NCS Σ and suppose there exists a simple finite system S q (Σ) such that S τ (Σ) Q S q (Σ). Then we have S( Σ) Q S ( Σ), for some feedback refinement relation Q, where S ( Σ) := L(S q (Σ), Nmin sc, Nsc max, Nmin ca, Nca max) is finite. 4 M. Khaled, M. Rungger and M. Zamani (2016): Symbolic models of networked control systems: A feedback refinement relation approach. 54th Annual Allerton Conference on Communication, Control, and Computing (Allerton) 9/18

15 SENSE: Efficient Symbolic 4Abstractions of NCS Remark 1 The map L provides a systematic technique of constructing the NCS from its plant and the delays. Theorem 1 Consider an NCS Σ and suppose there exists a simple finite system S q (Σ) such that S τ (Σ) Q S q (Σ). Then we have S( Σ) Q S ( Σ), for some feedback refinement relation Q, where S ( Σ) := L(S q (Σ), Nmin sc, Nsc max, Nmin ca, Nca max) is finite. 4 M. Khaled, M. Rungger and M. Zamani (2016): Symbolic models of networked control systems: A feedback refinement relation approach. 54th Annual Allerton Conference on Communication, Control, and Computing (Allerton) 9/18

16 SENSE: Efficient Symbolic 4Abstractions of NCS Remark 1 The map L provides a systematic technique of constructing the NCS from its plant and the delays. Theorem 1 Consider an NCS Σ and suppose there exists a simple finite system S q (Σ) such that S τ (Σ) Q S q (Σ). Then we have S( Σ) Q S ( Σ), for some feedback refinement relation Q, where S ( Σ) := L(S q (Σ), Nmin sc, Nsc max, Nmin ca, Nca max) is finite. Remark 2 (a) (b) Σ Σ Sampling τ Sampling τ S τ (Σ) Delay Bounds S τ (Σ) L S( Σ) e Abstraction S ( Σ) eq e Abstraction Sq (Σ) Q Delay Bounds a- Normal methodology: one should first derive an infinite system S( Σ) that captures all NCS information and then, construct the symbolic model S ( Σ) from it. L S ( e Σ) b- Efficient methodology: systematically construct the symbolic abstraction S ( Σ) directly from the symbolic model S q (Σ). 4 M. Khaled, M. Rungger and M. Zamani (2016): Symbolic models of networked control systems: A feedback refinement relation approach. 54th Annual Allerton Conference on Communication, Control, and Computing (Allerton) 9/18

17 10/18 SENSE: Abstraction Construction Engine BDD-based abstraction construction: S q (Σ) is given as a BDD-object. The library SCOTS can be used to generate S q (Σ). Apply L to S q (Σ) via BDD operations. NCS settings guides the engine about the class of NCS. Fully customizable: different classes of NCS. input: Delay Bounds BDD Manager input: Plant's Symbolic Model Symbolid Model Manager construct BDD-Based NCS Transition Relation.bdd NCS Setting: Transition Relation Configuration output: Symbolic Model for NCS.nbdd Efficient implementation of the map L BDD bit-list of S q (Σ) gets more bits for: {X q q} Nsc max, {U Nmax ca, [N sc min ; Nsc max] Nsc max, and [N ca min ; Nca max] Nca max. Transition relation of S ( Σ): BDD operations on expanded S q (Σ).

18 11/18 SENSE: Controller Synthesis and Refinement Synthesis of symbolic controllers C : BDD-based fixed-point operations on S ( Σ). Supports safety, reachability, persistence and recurrence specifications. u C ^x k =?

19 11/18 SENSE: Controller Synthesis and Refinement Synthesis of symbolic controllers C : BDD-based fixed-point operations on S ( Σ). Supports safety, reachability, persistence and recurrence specifications. Problem: C has no access to full state of NCS. Not possible to construct the states of S ( Σ). u C ^x k =?

20 11/18 SENSE: Controller Synthesis and Refinement Synthesis of symbolic controllers C : BDD-based fixed-point operations on S ( Σ). Supports safety, reachability, persistence and recurrence specifications. Problem: C has no access to full state of NCS. Not possible to construct the states of S ( Σ). Solution: delay prolongation: - All packets suffer same delay. - Realizable via buffers. - Results in simpler map L. - Less conservative for existence of controllers. - Controllers refined with state reconstructors. u C ^x k = x N sc max

21 11/18 SENSE: Controller Synthesis and Refinement Synthesis of symbolic controllers C : BDD-based fixed-point operations on S ( Σ). Supports safety, reachability, persistence and recurrence specifications. Problem: C has no access to full state of NCS. Not possible to construct the states of S ( Σ). Solution: delay prolongation: - All packets suffer same delay. - Realizable via buffers. - Results in simpler map L. - Less conservative for existence of controllers. - Controllers refined with state reconstructors. u C ^x k = x N sc max Remark 3 SENSE constructs abstractions of any class of NCS. However, only to resolve the refinement issue, prolonged-delay NCS need to be considered.

22 12/18 SENSE: Simulation, Analysis and Code Generation Interfaces to simulate the closed-loop: MATLAB: closed-loop simulation. OMNet++: realistic NCS simulation and visualization. Supporting tools: bdd2implement: automatically generate C/C++ or VHDL/Verilog for controllers. bdd2fsm: generate files following the FSM data format to be used for visualization. bdddump: extract the meta-data information stored inside BDD files. contcoverage: fast terminal-based ASCII-art visualization. sysexplorer: testing the expanded transition relation.

23 13/18 SENSE: Work-Flow Summary Compute S q (Σ) as a BDD using SCOTS. Pass the NCS delays and BDD file of S q (Σ) to SENSE. SENSE takes the specifications as input. SENSE generates BDD files for S ( Σ) and C. Use the interfaces for MATLAB and/or OMNet++ to simulate/visualize the closed-loop NCS. Use bdd2implement to generate C/C++ or VHDL/Verilog source codes for implementations of final controllers. Input: Network Delays Input: Specifications SENSE Engine BDD Manager Input: Symbolic Model BDD-based NCS Construction Manager expand BDD-based NCS Transition Relation compute controller BDD-based Fixed Point Operations Symbolic Controller Interface NCS Construction Rules write write read L Helper Tools: Analysis / Codegen Use the interfaces for MATLAB and/or OMNet++ to simulate/visualize the closed-loop NCS. Use bdd2implement to generate the final controller for implementation. FPGA Microcontroller VHDL Code C/C++ Code

24 14/18 SENSE: Test Drive Available download/manual in: Requires: C/C++ Compiler. CUDD Library. MATLAB or OMNet++ (optional). Install and usage: Video!

25 14/18 SENSE: Test Drive Available download/manual in: Requires: C/C++ Compiler. CUDD Library. MATLAB or OMNet++ (optional). Install and usage: Video! Example: Robot in 2D arena: [ ] ξ1 = ξ 2 [ υ1 (ξ 1, ξ 2 ) X = [0, 64] [0, 64] quantized by (1, 1). (υ 1, υ 2 ) U = [ 1, 1] [ 1, 1] quantized by (1, 1). Specifications: ( 9 ψ = i=1 υ 2 ) ( Obstacle i ) (Target1) (Target2), ]

26 14/18 SENSE: Test Drive Available download/manual in: Requires: C/C++ Compiler. CUDD Library. MATLAB or OMNet++ (optional). Install and usage: Video! Example: Robot in 2D arena: [ ] ξ1 = ξ 2 [ υ1 (ξ 1, ξ 2 ) X = [0, 64] [0, 64] quantized by (1, 1). (υ 1, υ 2 ) U = [ 1, 1] [ 1, 1] quantized by (1, 1). Specifications: ( 9 ψ = i=1 υ 2 ) ( Obstacle i ) (Target1) (Target2), ] Results: S ( Σ): in 0.49 seconds ( 15 KB). C : in 8 seconds ( 11 KB). Visualized by OMNet++.

27 Video: Installation and Usage of SENSE. Link 15/18

28 16/18 Thanks! Any Questions? Table: Results for constructing symbolic models of prolonged-delay NCS using those of their plants. Case Study S q (Σ) (2,2) (2,3) (2,4) (2,5) (3,2) (3,3) (3,4) (3,5) (4,2) (4,3) Double 2039 S ( Σ) Time (sec) < 1 < 1 < 1 < 1 < 1 < 1 < 1 < 1 < 1 < 1 Integrator Memory (KB) Robot S ( Σ) Time (sec) < 1 < 1 < 1 < 1 < 1 < 1 < 1 < Memory (KB) Jet Engine S ( Σ) Time (sec) Memory (KB) DC-DC S ( Σ) Converter Time (sec) Memory (KB) Vehicle S ( Σ) Time (sec) Memory (KB) Inverted S ( Σ) Pendulum Time (sec) Memory (KB)

29 17/18 Appendix 1: More detailed model A control system (plant): Σ = (R n, U, U, f ). A sensor/sampler (time-driven): Non-varying sampling-time: τ. x k := ξ(s k ). Triggered: s k := kτ, k N 0. A zero-order-hold (ZOH). f Σ u k ZOH v(t) Control System Σ : _ ξ = f(ξ;v) Two communication channels: Delays are integer multiples of the sampling time: sc k := Nk sc τ and ca k := Nk caτ. ca k Communication Channel Delays are bounded: Nk sc [Nmin sc ; Nsc max], Nk ca [Nmin ca ; Nca Symbolic ^x k max]. Controller Packet dropouts: emulation (i.e. increasing the delays), assuming subsequent dropouts are bounded. Packet rejection: v(t) = u k+j N ca. max j : time-index shifting used to determine the correct control input by taking care of message rejection due to out of order packet arrival: two packets arrive at the same time, reject the older one. Applied to both channels. ξ(t) τ Sampler x k sc k

30 Appendix 2: Controller Synthesis and Refinement - Fixed-point operations on X U. - Possible LTL: ϕ S, ϕ T, ϕ S, ϕ T. - A Pre-map is a base for all four algorithms: SCOTS 5 : pre(z) ={(x, u) X q U q F q (x, u) π Xq (Z)} π Xq (Z) ={x X q u Uq (x, u) Z} - Symbolic Models: via FRR and encoded in BDD. - Synthesis: ϕ S and ϕ T all via BDD operations. Evolution of the Fixed-point set for the specification: 6. 5 M. Rungger and M. Zamani (2016): SCOTS: A Tool for the Synthesis of Symbolic Controllers. International Conference on Hybrid Systems: Computation and Control, HSCC /18

31 Appendix 2: Controller Synthesis and Refinement - Fixed-point operations on X U. - Possible LTL: ϕ S, ϕ T, ϕ S, ϕ T. - A Pre-map is a base for all four algorithms: SCOTS 5 : pre(z) ={(x, u) X q U q F q (x, u) π Xq (Z)} π Xq (Z) ={x X q u Uq (x, u) Z} - Symbolic Models: via FRR and encoded in BDD. - Synthesis: ϕ S and ϕ T all via BDD operations. Evolution of the Fixed-point set for the specification: 6. 5 M. Rungger and M. Zamani (2016): SCOTS: A Tool for the Synthesis of Symbolic Controllers. International Conference on Hybrid Systems: Computation and Control, HSCC /18

32 Appendix 2: Controller Synthesis and Refinement - Fixed-point operations on X U. - Possible LTL: ϕ S, ϕ T, ϕ S, ϕ T. - A Pre-map is a base for all four algorithms: SCOTS 5 : pre(z) ={(x, u) X q U q F q (x, u) π Xq (Z)} π Xq (Z) ={x X q u Uq (x, u) Z} - Symbolic Models: via FRR and encoded in BDD. - Synthesis: ϕ S and ϕ T all via BDD operations. Evolution of the Fixed-point set for the specification: 6. 5 M. Rungger and M. Zamani (2016): SCOTS: A Tool for the Synthesis of Symbolic Controllers. International Conference on Hybrid Systems: Computation and Control, HSCC /18

33 Appendix 2: Controller Synthesis and Refinement - Fixed-point operations on X U. - Possible LTL: ϕ S, ϕ T, ϕ S, ϕ T. - A Pre-map is a base for all four algorithms: SCOTS 5 : pre(z) ={(x, u) X q U q F q (x, u) π Xq (Z)} π Xq (Z) ={x X q u Uq (x, u) Z} - Symbolic Models: via FRR and encoded in BDD. - Synthesis: ϕ S and ϕ T all via BDD operations. Evolution of the Fixed-point set for the specification: 6. 5 M. Rungger and M. Zamani (2016): SCOTS: A Tool for the Synthesis of Symbolic Controllers. International Conference on Hybrid Systems: Computation and Control, HSCC /18

34 Appendix 2: Controller Synthesis and Refinement - Fixed-point operations on X U. - Possible LTL: ϕ S, ϕ T, ϕ S, ϕ T. - A Pre-map is a base for all four algorithms: SCOTS 5 : pre(z) ={(x, u) X q U q F q (x, u) π Xq (Z)} π Xq (Z) ={x X q u Uq (x, u) Z} - Symbolic Models: via FRR and encoded in BDD. - Synthesis: ϕ S and ϕ T all via BDD operations. Evolution of the Fixed-point set for the specification: 6. 5 M. Rungger and M. Zamani (2016): SCOTS: A Tool for the Synthesis of Symbolic Controllers. International Conference on Hybrid Systems: Computation and Control, HSCC /18

35 Appendix 2: Controller Synthesis and Refinement - Fixed-point operations on X U. - Possible LTL: ϕ S, ϕ T, ϕ S, ϕ T. - A Pre-map is a base for all four algorithms: SCOTS 5 : pre(z) ={(x, u) X q U q F q (x, u) π Xq (Z)} π Xq (Z) ={x X q u Uq (x, u) Z} - Symbolic Models: via FRR and encoded in BDD. - Synthesis: ϕ S and ϕ T all via BDD operations. Evolution of the Fixed-point set for the specification: 6. 5 M. Rungger and M. Zamani (2016): SCOTS: A Tool for the Synthesis of Symbolic Controllers. International Conference on Hybrid Systems: Computation and Control, HSCC /18

36 Appendix 2: Controller Synthesis and Refinement - Fixed-point operations on X U. - Possible LTL: ϕ S, ϕ T, ϕ S, ϕ T. - A Pre-map is a base for all four algorithms: SCOTS 5 : pre(z) ={(x, u) X q U q F q (x, u) π Xq (Z)} π Xq (Z) ={x X q u Uq (x, u) Z} - Symbolic Models: via FRR and encoded in BDD. - Synthesis: ϕ S and ϕ T all via BDD operations. Evolution of the Fixed-point set for the specification: 6. 5 M. Rungger and M. Zamani (2016): SCOTS: A Tool for the Synthesis of Symbolic Controllers. International Conference on Hybrid Systems: Computation and Control, HSCC /18