FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W2182272118> ?p ?o ?g. }

• W2182272118 endingPage "436" @default.
• W2182272118 startingPage "383" @default.
• W2182272118 abstract "ion. The main idea of this approach is to start with a rough (conservative and often discrete) approximation of a hybrid system and then iteratively refine it. This refinement is often local in the sense that it uses the previous analysis results to determine where the approximation error is too large to prove the property (see for example [96, 8, 28]). A popular abstraction approach is predicate abstraction where a conservative abstraction can be constructed by mapping the infinite set of states of the hybrid system to a finite set of abstract states using a set of predicates. The property is then verified in the abstract system. If it holds in the abstract system, it also holds in the concrete hybrid system. Oth1.3. EXHAUSTIVE VERIFICATION 25 erwise, a counter-example can be generated. If the abstract counter-example corresponds to a concrete trajectory, then the hybrid system does not satisfy the property; otherwise, the abstract counter-example is spurious because the abstraction is too conservative, and the abstraction can then be refined to achieve a better precision. In the following, we illustrate this approach by explaining the method using polynomials proposed in [96]. The continuous state space R is partitioned using the signs of a set of polynomials. As an example, an abstract state s defined by g1(x) 0 corresponds to a (possibly infinite) set c(s) of concrete states. Then, the abstract transition over-approximates the concrete one such that there is a transition from s to s′ if there exists a trajectory from a concrete state in c(s) to another concrete state in c(s′). More precisely, in this method, first the set of polynomials is saturated by adding all the high-order derivatives of the initial polynomials. Then, by looking at the sign of the polynomials, it is possible to decide whether a trajectory can go from one abstract state to another. For example, if there are only two polynomials g1 and g2 such that g2 = ġ1. Suppose that the abstract state s satisfies g1 = 0 and g2 > 0, then the new sign of g1 is positive and from s we add a transition to s′ satisfying gi > 0. The abstraction can be refined by adding more polynomials. Another abstraction method in [8] uses linear predicates to partition the continuous state space, and thus each abstract c(s) is a convex polyhedron. The abstract transition from s to s′ is determined by computing the reachable set from c(s) and check whether it reaches c(s′). This is less expensive than the reachability computation on the hybrid system which requires handling accumulated reachable sets with geometric complexity that grows after successive continuous and discrete evolutions. Box decompositions are also commonly used to define abstract systems, such as in [90, 59]. The abstract system can then be built by exploiting the properties of the system’s vector fields over such decompositions. The method proposed in [59] makes use of the following special property of multi-affine systems: the value of a multi-affine function f(x) with x inside some box can be expressed as a linear combination of the values of f at the vertices of the box. Using this, one can determine whether the derivative vector on the boundary 8Multi-affine systems are a particular class of polynomial systems such that if all the variables xi are constant, the derivatives are linear in xj with j not equal to i. 26CHAPTER 1. MODELING, VERIFICATION AND TESTING USING TIMED AND HYBRID AUTOMATA of a box points outwards or inwards, in order to over-approximate the reachability between adjacent boxes. While discrete abstractions allow benefiting from the well-developed verification algorithms for discrete systems, they might be too coarse to preserve interesting properties. Timed abstractions can be built by adding bounds on the time for the system to reach from one abstract state to another. A generalization of this idea is called hybridization [12] involving approximating a complex system with a simpler system, for which more efficient analysis tools are available. To this end, using a partition of the state space, one can approximate locally the system’s dynamics in each region by a simpler dynamics. Globally, the dynamics changes when moving from one region to another, and the resulting approximate system behaves like a hybrid system and this approximation process is therefore called hybridization. Then, the resulting system is used to yield approximate analysis results for the original system. The usefulness of this approach (in terms of accuracy and computational tractability) depends on the choice of the approximate system. For example, the hybridization methods using piecewise affine approximate systems, proposed in [12], allows approximating a nonlinear system with a good convergence rate and, additionally, preserving the attractors of the original system. In addition, the resulting approximate systems can be handled by the existing tools for piecewise affine systems (presented earlier in this section). 1.4 Partial verification Exhaustive verification is desirable since, if it succeeds, it guarantees that a model satisfies a property. But exhaustive verification has its limitations as we have seen: state-explosion or even undecidability. In fact, state-explosion is a phenomenon that is also prevalent in the exhaustive verification of much simpler, finite-state models. This phenomenon has so far hindered a wider adoption of exhaustive verification in industrial applications, because the size of the problems tackled there is far too big to treat exhaustively. Instead, practitioners use simulation as their main verification tool. Even though simulation cannot prove that a 9The term “verification” usually denotes simulation-based verification in industrial jargon, whereas “formal verification” is used to denote exhaustive verification. 1.4. PARTIAL VERIFICATION 27 property is satisfied, it can certainly reveal cases where it is not satisfied, that is, potential bugs of the real system, its model, or its specification. An advantage of simulation is that it has some time-scalability properties: running 200 simulations is better (i.e., likely to discover more bugs) than running 100 simulations, and running longer simulations is also better. Moreover, if 100 simulations can be run in one day, say, then in two days we can most likely run 200 simulations. In contrast, most exhaustive verification tools suffer from a “hitting the wall” type of problem. Once they exhaust the main memory of the computer that they run on, they start using disk space, which involves a lot of swapping on the OS side. Disk swapping virtually takes all processing time, leading verification to a halt. This means that the number of new states that are explored per unit of time radically decreases to practically zero, as illustrated in Figure 1.14. Usually this wall is hit after relatively little time, in the order of minutes. Then, running the tool for many hours will not improve the number of states that are explored compared to running it for ten minutes. This is not time-scalable." @default.
• W2182272118 created "2016-06-24" @default.
• W2182272118 creator A5046777407 @default.
• W2182272118 creator A5080042319 @default.
• W2182272118 date "2009-11-24" @default.
• W2182272118 modified "2023-09-24" @default.
• W2182272118 title "Modeling, Verification, and Testing Using Timed and Hybrid Automata" @default.
• W2182272118 cites W120402950 @default.
• W2182272118 cites W142679335 @default.
• W2182272118 cites W1482233117 @default.
• W2182272118 cites W1497013959 @default.
• W2182272118 cites W1498285565 @default.
• W2182272118 cites W1499853177 @default.
• W2182272118 cites W1504317179 @default.
• W2182272118 cites W1505030820 @default.
• W2182272118 cites W1505598781 @default.
• W2182272118 cites W1507741767 @default.
• W2182272118 cites W1507893864 @default.
• W2182272118 cites W1508536183 @default.
• W2182272118 cites W1510782929 @default.
• W2182272118 cites W1511213320 @default.
• W2182272118 cites W1519302343 @default.
• W2182272118 cites W1525512650 @default.
• W2182272118 cites W1525928754 @default.
• W2182272118 cites W1525967073 @default.
• W2182272118 cites W1526031273 @default.
• W2182272118 cites W1529059198 @default.
• W2182272118 cites W1532859487 @default.
• W2182272118 cites W1534714322 @default.
• W2182272118 cites W1538215585 @default.
• W2182272118 cites W1539432158 @default.
• W2182272118 cites W1543918645 @default.
• W2182272118 cites W1546282418 @default.
• W2182272118 cites W1549936229 @default.
• W2182272118 cites W1555222326 @default.
• W2182272118 cites W1569146343 @default.
• W2182272118 cites W1569692898 @default.
• W2182272118 cites W1572777470 @default.
• W2182272118 cites W1574289075 @default.
• W2182272118 cites W1578823551 @default.
• W2182272118 cites W1582811927 @default.
• W2182272118 cites W1582899597 @default.
• W2182272118 cites W1583487553 @default.
• W2182272118 cites W1585526574 @default.
• W2182272118 cites W1591241081 @default.
• W2182272118 cites W1594130515 @default.
• W2182272118 cites W1599105192 @default.
• W2182272118 cites W1601693417 @default.
• W2182272118 cites W1606189410 @default.
• W2182272118 cites W1607353007 @default.
• W2182272118 cites W1676597814 @default.
• W2182272118 cites W1726255445 @default.
• W2182272118 cites W1793594870 @default.
• W2182272118 cites W1796174165 @default.
• W2182272118 cites W1826753560 @default.
• W2182272118 cites W1842453456 @default.
• W2182272118 cites W1846929317 @default.
• W2182272118 cites W1868193499 @default.
• W2182272118 cites W1874725288 @default.
• W2182272118 cites W1877700846 @default.
• W2182272118 cites W1878074184 @default.
• W2182272118 cites W1893209994 @default.
• W2182272118 cites W1971019328 @default.
• W2182272118 cites W1977308797 @default.
• W2182272118 cites W198091129 @default.
• W2182272118 cites W1994348879 @default.
• W2182272118 cites W1995691455 @default.
• W2182272118 cites W1999629321 @default.
• W2182272118 cites W2000947342 @default.
• W2182272118 cites W2004463571 @default.
• W2182272118 cites W2004929506 @default.
• W2182272118 cites W2060095702 @default.
• W2182272118 cites W2068361557 @default.
• W2182272118 cites W2073118212 @default.
• W2182272118 cites W2082784420 @default.
• W2182272118 cites W2085838366 @default.
• W2182272118 cites W2086279077 @default.
• W2182272118 cites W2096449544 @default.
• W2182272118 cites W2099354898 @default.
• W2182272118 cites W2100271265 @default.
• W2182272118 cites W2101508170 @default.
• W2182272118 cites W2103128566 @default.
• W2182272118 cites W2103170330 @default.
• W2182272118 cites W2107193555 @default.
• W2182272118 cites W2107371378 @default.
• W2182272118 cites W2113780769 @default.
• W2182272118 cites W2120916408 @default.
• W2182272118 cites W2123023940 @default.
• W2182272118 cites W2127520982 @default.
• W2182272118 cites W2130773092 @default.
• W2182272118 cites W2133862387 @default.
• W2182272118 cites W2141664020 @default.
• W2182272118 cites W2144186266 @default.
• W2182272118 cites W2145201569 @default.
• W2182272118 cites W2154679417 @default.
• W2182272118 cites W2154897437 @default.
• W2182272118 cites W2155398252 @default.
• W2182272118 cites W2160400510 @default.

• next