Nonlinear Control as Program Synthesis (A Starter)

Similar documents
Bounded Model Checking with SAT/SMT. Edmund M. Clarke School of Computer Science Carnegie Mellon University 1/39

Nonlinear Real Arithmetic and δ-satisfiability. Paolo Zuliani

Stability and Stabilization of polynomial dynamical systems. Hadi Ravanbakhsh Sriram Sankaranarayanan University of Colorado, Boulder

Substitutions and by Parts, Area Between Curves. Goals: The Method of Substitution Areas Integration by Parts

Synthesizing from Components: Building from Blocks

Computable Analysis, Hybrid Automata, and Decision Procedures (Extended Thesis Abstract)

Formal methods in analysis

Verification and Synthesis. Using Real Quantifier Elimination. Ashish Tiwari, SRI Intl. Verif. and Synth. Using Real QE: 1

Tutorial 1: Modern SMT Solvers and Verification

Lecture 20: conp and Friends, Oracles in Complexity Theory

Scalable and Accurate Verification of Data Flow Systems. Cesare Tinelli The University of Iowa

LOGIC PROPOSITIONAL REASONING

ProbReach: Probabilistic Bounded Reachability for Uncertain Hybrid Systems

Undecidability and Rice s Theorem. Lecture 26, December 3 CS 374, Fall 2015

Definition: conp = { L L NP } What does a conp computation look like?

: Computational Complexity Lecture 3 ITCS, Tsinghua Univesity, Fall October 2007

Analysis and synthesis: a complexity perspective

δ-complete Analysis for Bounded Reachability of Hybrid Systems

Propositional Logic: Evaluating the Formulas

conp, Oracles, Space Complexity

Chapter 2. Reductions and NP. 2.1 Reductions Continued The Satisfiability Problem (SAT) SAT 3SAT. CS 573: Algorithms, Fall 2013 August 29, 2013

CSCI 1590 Intro to Computational Complexity

Deductive Verification

CS154, Lecture 17: conp, Oracles again, Space Complexity

From SAT To SMT: Part 1. Vijay Ganesh MIT

POLYNOMIAL SPACE QSAT. Games. Polynomial space cont d

arxiv: v1 [cs.lo] 29 May 2014

WHAT IS AN SMT SOLVER? Jaeheon Yi - April 17, 2008

Limits of Computability

Overview, cont. Overview, cont. Logistics. Optional Reference #1. Optional Reference #2. Workload and Grading

6-1 Computational Complexity

SAT, NP, NP-Completeness

Learning Goals of CS245 Logic and Computation

Reasoning about State Constraints in the Situation Calculus

Umans Complexity Theory Lectures

HybridSAL Relational Abstracter

Introduction to Advanced Results

CSE 311 Lecture 28: Undecidability of the Halting Problem. Emina Torlak and Kevin Zatloukal

On the Computational Hardness of Graph Coloring

Lecture 4 : Quest for Structure in Counting Problems

Formally Analyzing Adaptive Flight Control

SAT/SMT/AR Introduction and Applications

Reasoning with Quantified Boolean Formulas

r. Matthias Bretschneider amburg - Dept. Safety Fehleranalyse mit Hilfe von Model Checkern

CSC 5170: Theory of Computational Complexity Lecture 9 The Chinese University of Hong Kong 15 March 2010

an efficient procedure for the decision problem. We illustrate this phenomenon for the Satisfiability problem.

Ivy: Safety Verification by Interactive Generalization

Lecture 8. MINDNF = {(φ, k) φ is a CNF expression and DNF expression ψ s.t. ψ k and ψ is equivalent to φ}

Information Flow Analysis via Path Condition Refinement

Certified Roundoff Error Bounds using Semidefinite Programming

Complete problems for classes in PH, The Polynomial-Time Hierarchy (PH) oracle is like a subroutine, or function in

Ranking Verification Counterexamples: An Invariant guided approach

Exam Computability and Complexity

CSCI3390-Lecture 18: Why is the P =?NP Problem Such a Big Deal?

Unbounded, Fully Symbolic Model Checking of Timed Automata using Boolean Methods

CS151 Complexity Theory. Lecture 13 May 15, 2017

Integrating Induction and Deduction for Verification and Synthesis

Hybrid systems and computer science a short tutorial

Hoare Logic I. Introduction to Deductive Program Verification. Simple Imperative Programming Language. Hoare Logic. Meaning of Hoare Triples

Slope Fields and Differential Equations. Copyright Cengage Learning. All rights reserved.

Explain: A Tool for Performing Abductive Inference

From Electrical Switched Networks to Hybrid Automata. Alessandro Cimatti 1, Sergio Mover 2, Mirko Sessa 1,3

Topics in Model-Based Reasoning

CSE507. Course Introduction. Computer-Aided Reasoning for Software. Emina Torlak

Essential facts about NP-completeness:

SOLUTION: SOLUTION: SOLUTION:

Complexity Theory. Knowledge Representation and Reasoning. November 2, 2005

NP-Complete problems

CSE200: Computability and complexity Space Complexity

NP-Completeness. Until now we have been designing algorithms for specific problems

Chapter 4: Computation tree logic

Simulation-guided Contraction Analysis

SMT BASICS WS 2017/2018 ( ) LOGIC SATISFIABILITY MODULO THEORIES. Institute for Formal Models and Verification Johannes Kepler Universität Linz

Automatic Evaluation of Reductions between NP-Complete Pro

Lecture 7 Limits on inapproximability

Proofs of Correctness: Introduction to Axiomatic Verification

CS154, Lecture 18: 1

Umans Complexity Theory Lectures

Decidability: Church-Turing Thesis

Verification of Distributed Protocols Using Decidable Logic

COP4020 Programming Languages. Introduction to Axiomatic Semantics Prof. Robert van Engelen

Neural Networks in Structured Prediction. November 17, 2015

Algorithmic Verification of Stability of Hybrid Systems

DryVR: Data-driven verification and compositional reasoning for automotive systems

CSE 105 THEORY OF COMPUTATION

Math 261 Calculus I. Test 1 Study Guide. Name. Decide whether the limit exists. If it exists, find its value. 1) lim x 1. f(x) 2) lim x -1/2 f(x)

Quantified Boolean Formulas Part 1

Complexity of 10 Decision Problems in Continuous Time Dynamical Systems. Amir Ali Ahmadi IBM Watson Research Center

DIFFERENTIAL EQUATIONS

Theorem Proving for Verification

SD & Turing Enumerable. Lecture 33: Reductions and Undecidability. Lexicographically Enumerable. SD & Turing Enumerable

First-Order Logic First-Order Theories. Roopsha Samanta. Partly based on slides by Aaron Bradley and Isil Dillig

Constraint Solving for Finite Model Finding in SMT Solvers

The Immerman-Szelepcesnyi Theorem and a hard problem for EXPSPACE

CSCI3390-Lecture 14: The class NP

Lecture 26. Daniel Apon

Formalizing Simplex within Isabelle/HOL

Decision Procedures for Satisfiability and Validity in Propositional Logic

Integration, Separation of Variables

Lecture 8: Complete Problems for Other Complexity Classes

Transcription:

Nonlinear Control as Program Synthesis (A Starter) Sicun Gao MIT December 15, 2014

Preliminaries Definition (L RF ) L RF is the first-order language over the reals that allows arbitrary numerically computable functions in F. {polys, exp, sin, ODE, PDE,...} F. Example (Lyapunov Stability) ( ε δ t x 0 x. ( x 0 < δ) (x = x 0 + t 0 ) ( ) f (s)ds) x < ε.

Preliminaries Definition (Delta-Decisions) Given a bounded first-order sentence ϕ over real numbers and δ Q +, decide ϕ is false ϕ δ is true. Theorem (Delta-Decidability) Bounded L RF -sentences are δ-decidable. Complexity: δ-decisions of Σ n -sentences are in (Σ P n ) C.

Theoretical Implications Bounded first-order properties of general nonlinear hybrid systems are mostly δ-decidable with reasonable complexity: Bounded Lyapunov stability: (Π P 3 )C. Bounded reachability of hybrid systems: NP C to (Σ P 3 )C. Invariant checking for hybrid systems: (conp) C. All within PSPACE, in sharp contrast to undecidability results.

Practical Tool dreal: nonlinear SMT solving over the reals. almost all the nonlinear functions you need: exp, sin, ODEs,... witnesses for delta-sat, proofs for UNSAT an interface for reachability of nonlinear hybrid systems solved many challenging benchmarks: Toyota, biological models (cardiac cells, prostate cancer), quadcopters, Kepler conjecture, floating-point implementations, etc.

What s Next? L RF -formulas with arbitrary quantification are δ-decidable. dreal has shown the Σ 1 /SMT case can be made quite practical. We are now moving one level up: Solve -sentences. This is the move from posterior verification to automating reliable design and implementation.

Control Design Given a controlled system with some initial conditions: dx dt = f (x, t) + g(x, t)u(x, t) The goal of control design is to find a control function u such that certain conditions are true (stability, safety,...).

The Logical Perspective To design a controller u(x) is to solve formula like: u(x, t) x t x 0. ( I (x 0 ) x = x 0 + t 0 ) (f + g u)ds ϕ(x, t) Second-order quantification on u(x). Different properties involve different first-order quantification and other variables. In the case of linear continuous systems, control theory gives us almost complete algorithms for solving many of these second-order formulas!

The Programming Perspective To control a continuous system is also to implement U(x) such that a program like the following can run successfully. repeat(dt, [0, T]){ assert(loop invariants); u = U(x); x = x + f(x) * dt + g(x) * u * dt; } assert(post conditions);

Going Hybrid Is Easy repeat(dt, [0, T]){ assert(loop invariants); if... then u = U1(x); else u = U2(x); if... then x = x + f1(x) * dt + g1(x) * u * dt; else x = x + f2(x) * dt + g2(x) * u * dt; } assert(post conditions);

Blurring Modelling and Coding High-level models and low-level code are all programs in different Turing-complete languages. The real question is whether there is a right set of languages to express both high-level and low-level ideas interconnectively. Ideally if we can do everything in one language then what we design is what we implement. But how can we control the complexity of writing in such a language?

Sketches and Holes Automate low-level implementation so that engineers can write high-level code in a low-level language. A high-level program is simply sketches [Solar-Lezama PLDI05 ] that can abstract away chunks of low-level code, by allowing holes in the program.

Example For a system ẋ = x 2 + sin(x), we want to design a nonlinear controller that stabilizes it. x = 0; repeat(dt, [0, T]){ u =? * x +? * x^3; //? is a hole for parameters x = x + (x^2 + sin(x) + u) * dt; } assert(lyapunov_function: poly(x) of degree 4) Synthesize u and a Lyapunov function at the same time.

We should solve: u(x) V (x, u(x)) x. V (0, u(0)) = 0 (x 0) ( ) dv (x, u) V (x, u) > 0 0 dt With sketches, this is reduced to solving for the parameters p u, p u : p u p v x. V (0, u(0)) = 0 (x 0) which is an -sentence. ( ) dv (x, u) V (x, u) > 0 0 dt

Solving Solving is like playing a game between the designer ( variables) and the verifier ( variables). Designer suggests assignments and the verifier suggests a counterexample, both by calling an SMT solver. If either one of them is out of choices, we terminate with a definite answer. It converges with a lot of ideas in control design, but automated reasoning engines can greatly enhance them. At the same time, a lot of program analysis and synthesis techniques come into play.

Benefits Engineer writes, in a high-level language, sketches of C-like programs. Easy simulation by simply running the code. Solvers automate design and implementation at the same time. The result can simply be executable C programs. Complete formal proofs can be automatically generated from the solving process. Familiar GUI to control engineers such as block diagrams can be dynamically generated.

Conclusion Moving from posterior verification to the design and implementation phase may produce problems that are algorithmically harder but socially easier. We can aim to enhance automation and correctness by construction at the same time. Formal methods should learn more from control theory. Control theory itself (not just engineering) may benefit from formal methods. We should have reasonable solver support for -formulas ready in dreal within next year.

2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback