Abstract
Hybrid systems—more precisely, their mathematical models—can exhibit behaviors, like Zeno behaviors, that are absent in purely discrete or purely continuous systems. First, we observe that, in this context, the usual definition of reachability—namely, the reflexive and transitive closure of a transition relation—can be unsafe, i.e., it may compute a proper subset of the set of states reachable in finite time from a set of initial states. Therefore, we propose safe reachability, which always computes a superset of the set of reachable states.Second, in safety analysis of hybrid and continuous systems, it is important to ensure that a reachability analysis is also robust w.r.t. small perturbations to the set of initial states and to the system itself, since discrepancies between a system and its mathematical models are unavoidable. We show that, under certain conditions, the best Scott continuous approximation of an analysis A is also its best robust approximation. Finally, we exemplify the gap between the set of reachable states and the supersets computed by safe reachability and its best robust approximation.
Highlights
In a transition system—i.e., a relation → on a set of states—reachability is a clearly defined notion, namely, the reflexive and transitive closure →∗ of →
The first contribution of this paper is the notion of safe reachability (Definition 3.6), which gives an over-approximation— i.e., a superset—of the states reachable in finite time, including the case where the hybrid system has Zeno behaviors
We show that co-monads on a complete lattice X are closed w.r.t. sups computed in X X, i.e., if ( fi:2( X)|i:I) and f = { fi|i:I}, f ≤ f 2 ( f ≤ idX is immediate)
Summary
In a transition system—i.e., a relation → on a set of states—reachability is a clearly defined notion, namely, the reflexive and transitive closure →∗ of →. Reachability analysis plays an important role in computer-assisted verification and analysis [2], since safety (a key system requirement) is usually formalized in terms of reachability, namely: state s is safe ⇐⇒ it is not possible to reach a bad state from s. For a hybrid system one can define a transition relation → on a continuous and uncountable state space, but →∗ captures only the states reachable in finitely many transitions, and they can be a proper subset of those reachable in finite time! The first contribution of this paper is the notion of safe reachability (Definition 3.6), which gives an over-approximation— i.e., a superset—of the states reachable in finite time, including the case where the hybrid system has Zeno behaviors. In safety analysis robust over-approximations are important, because inaccuracies in the modeling of a cyber-physical system (as well as in its building and testing) are unavoidable, as convincingly argued in [13]
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have