Ying Zhou,Xufang Gong,Jiakai Li,Bixin Li

DOI: https://doi.org/10.1109/icis.2018.8466527

2018-01-01

Abstract:CPS (Cyber-Physical Systems) are physical and engineered systems featuring a tight combination of computation and physical processes by communication networks. CPS are mainly applied in some critical domains, so it is very essential to ensure the correctness of CPS. As a very important method for verifying system correctness, formal verification has been successfully applied in the verification of CPS; however, the high theoretical level of formal modeling techniques in formal verification and the lack of generality of formal models make it difficult to integrate formal verification with enterprise standard system development process. In this paper, we model CPS by HybridUML, an extension of UML which is now the de facto standard modeling language in system development practice, and then transform HybridUML model into the input language of theorem prover KeYmaera-QHP(Quantified Hybrid Program), and finally verify the QHP code with KeYmaera. When transforming a HybridUML model, we define the metamodels of HybridUML and QHP, and then find the association between them based on semantic consisteency, and finally define transformation rules using ATL (ATLAS Transformation Language) and template based code generation method to achieve transformation.

Ying Zhou,Xufang Gong,Bixin Li,Min Zhu

DOI: https://doi.org/10.1109/icis.2018.8466460

2018-01-01

Abstract:With the development of sensor network and embedded system, CPS integrating computation, communication and control is becoming the focus of attention gradually. Obvious problems have emerged when CPS applying to various industries. It is crucial that the designed CPS can work as expect. A growing number of researchers are concerned about the property verification of CPS since verification technique has played a key role in improving the security and reliability of systems. It is a commonly used method that transforming generic model to formal model for verification. A formal method of theorem proving has well applied to verify CPS based on differential dynamic logic which operating model named Hybrid Program proposed by A. Platzer. This paper introduced HybridUML to model CPS, presented a method based on model transformation which mapped from HybridUML to Hybrid Program, and verified a case study with the resulting model finally.

Ying Zhou,Min Zhu,Xufang Gong,Bixin Li

DOI: https://doi.org/10.3233/978-1-61499-796-2-15

2017-01-01

Abstract:With the development of sensor network and embedded system, Cyber-Physical System (CPS) integrating computation, communication and control is becoming the focus of attention gradually. Obvious problems have emerged when CPS applying to various industries. It is crucial that the designed CPS can work as expect. A growing number of researchers are concerned about the property verification of CPS since verification technique has played a key role in improving the security and reliability of systems. It is a commonly used method that transforming generic model to formal model for verification. A formal method of theorem proving has well applied to verify CPS based on Differential Dynamic Logic (DDL) which operating model named Hybrid Program proposed by A. Platzer. This paper introduced HybridUML to model CPS, presented a method to verify CPS using DDL, where model was transformed from HybridUML to Hybrid Program, and verified a case study with the resulting model finally.

Xiaoxiang Zhai,Qiaoqiao Chen,Shunhui Ji,Bixin Li

DOI: https://doi.org/10.1109/qsic.2012.11

2012-01-01

Abstract:In CPS (cyber-physical systems), computation is integrated with physical processes, computer system is used to monitor and interact with the physical world to realize maximization of benefit and usage. The model and verification for cyber physical systems are two important and challenge problems because CPS has not only heterogeneous nature but also very complicated structure and relationships among its components. In this paper, a unified framework is proposed to model and verify CPS, where CPS is modeled in forms of HybridUML models, then these HybridUML models are transformed to different operating models of Differential Dynamic Logic (DL), and finally some CPS properties are specified using DDL equations and verified using DDL reasoning rules.

Ming Fu Tuo,Xing She Zhou,Zheng Xin Guo,Li Jun Shan

DOI: https://doi.org/10.1051/matecconf/20164402092

2016-01-01

MATEC Web of Conferences

Abstract:The safety of Cyber-physical system(CPS) is up to its behavior, and it is a key property for CPS to be applied in critical application fields. A method for CPS behavior modeling and safety verification is put forward in this paper. The behavior model of CPS is described by extended hybrid system description language(EHYSDEL). The formal definition of hybrid program(HP) is given, and the behavior model is transformed to HP based on the definition. The safety of CPS is verified by inputting the HP to KeYmarea. The advantage of the approach is that it models CPS intuitively and verify it’s safety strictly avoiding the state space explosion

Mingfu TUO,Xingshe ZHOU,Jialin LI,Hui LI

DOI: https://doi.org/10.3969/j.issn.1009-3516.2016.03.008

2016-01-01

Abstract:Non?function attribute such as real?time,security,and reliability,etc.is a key factor in cyber?physical systems applied to many areas.On the basis of analyzing CPS modeling and verification,a CPS behavior modeling and attribute verification is proposed in this paper.In this method,three steps are as follows:(1)to model the behavior of CPS based on hybrid automata;(2)to convert this model to HP model;(3)to verify the HP model in KeYmarera.The structure of behavior model language is introduced. Rules of converting hybrid automata model to hybrid program (HP)model are established.The consisten-cy of the conversion is analyzed.The result shows that this method can depict the behavior of CPS simply and intuitively,and can also verify the properties of CPS strictly.By doing so,this avoids state space ex-plosion in formal verification effectively.

Yu Zhang,Fei Xie,Yunwei Dong,Xingshe Zhou,Chunyan Ma

DOI: https://doi.org/10.1109/compsac.2013.88

2013-01-01

Abstract:Cyber-Physical Systems (CPS) tightly integrate cyber and physical components and transcend discrete and continuous domains. It is greatly desired that the physical components being controlled and the software implementation of control algorithms can be verified together. We present an efficient approach to reachability analysis of Hybrid Automata Pushdown System (HAPS) models for cyber/physical co-verification of CPS. We have realized this approach and applied it to real-world control systems. The evaluation has shown that HAPS is an effective model for co-verification of CPS and our approach has major potential in verifying system-level properties of CPS, therefore improving the reliability of CPS.

zhang yu,dong yunwei,feng wenlong,huang mengxing

DOI: https://doi.org/10.13328/j.cnki.jos.005214

2017-01-01

Abstract:Cyber-Physical System(CPS) tightly integrates control software and embedded components, incorporating software with control domains. CPSs are pervasive and often mission-critical, therefore, they must have high level of security. With the extensive use of information technology, embedded control software plays a greater role in such systems. The close interactions between control software and embedded components demand co-verification. In this paper, an automata-theoretic approach is presented to co-verification. Co-verification, which verifies control software and embedded components together, is essential to establish the correctness of a complete system. The foundation of this approach is a unified model for co-verification and reachability analysis of the model. The LTL formula is converted into a Büchi automata, which is interleaved with the execution of the unified model under analysis. An online-capture offline-replay approach is proposed to improve the usefulness for formal verification. Case studies on a suite of realistic examples show that the presented approach has major potential in verifying system level properties, therefore improving the high-assurance of system.

Wenming Zhao,Yixiang Chen,Min Zhang

DOI: https://doi.org/10.3969/j.issn.1001-7119.2015.01.022

2015-01-01

Abstract:In order to describe the requirement of spatial and temporal consistence of cyber-physical systems (CPS), a specification language called STeC was proposed by Chen [1]. It is of vital importance to ensure that the design and implementation of CPS meet the requirement of spatial and temporal consistence. The Spatial Hybrid Automata (SHA), characteristic of the location-triggered, is proposed based on the extended hybrid automata. This paper presents a framework of CPS modeling and verification based on SHA, where CPS are described by STeC and modeled by SHA. The adopted formal method is the differential dynamic logic (DL), whose the operational model is Hybrid Program (HP). The SHA model is transformed to its corresponding HP through DL. Then CPS properties are specified based on the result from HP. Finally, the CPS properties are automatically verified through the theorem-prover named KeYmaera.

Yu Zhang,Mengxing Huang,Hao Wang,Wenlong Feng,Jieren Cheng,Hui Zhou

DOI: https://doi.org/10.32604/cmc.2019.03736

2019-01-01

Abstract:Cyber-Physical Systems (CPS) tightly integrate cyber and physical components and transcend traditional control systems and embedded system. Such systems are often mission-critical; therefore, they must be high-assurance. High-assurance CPS require co-verification which takes a comprehensive view of the whole system to verify the correctness of a cyber and physical components together. Lack of strict multiple semantic definition for interaction between the two domains has been considered as an obstacle to the CPS co-verification. A Cyber/Physical interface model for hierarchical a verification of CPS is proposed. First, we studied the interaction mechanism between computation and physical processes. We further classify the interaction mechanism into two levels: logic interaction level and physical interaction level. We define different types of interface model according to combinatorial relationships of the A/D (Analog to Digital) and D/A (Digital to Analog) conversion periodical instants. This interface model has formal semantics, and is efficient for simulation and formal verification. The experiment results show that our approach has major potential in verifying system level properties of complex CPS, therefore improving the high-assurance of CPS.

Longfei Zhu,Qiwen Xu,Jifeng He,Huibiao Zhu

DOI: https://doi.org/10.1007/978-3-319-14806-9_7

2014-01-01

Abstract:A cyber-physical system (CPS) is an interactive system of continuous plants and real-time controller programs. These systems usually feature a tight relationship between the physical and computational components and exhibit strict true-concurrency with respect to time. These communication and concurrency issues have been well investigated in event-based synchronous languages but only for discrete systems. In this paper, we present an imperative-style programming language for CPS and explore an observation-oriented denotational semantics for the language. Furthermore, a set of algebraic laws that could facilitate the transformation of programs are investigated and consistency of the algebraic laws can be ensured with respect to the denotational semantics. The algebraic laws which have been established in the framework of our semantic model could greatly enhance the reliability of algebraic transformation.

Yan Zhang,Jin Shi,Tian Zhang,Xiangwei Liu,Zhuzhong Qian

DOI: https://doi.org/10.1016/j.pmcj.2015.07.008

IF: 3.848

2015-01-01

Pervasive and Mobile Computing

Abstract:Cyber–Physical Systems (CPS) are hybrid, safety-critical systems. For finding safety or security hazard in the design phase, modeling for CPS and checking their properties become very important. We focus on the compatibility, i.e., two systems can work together, and behavioral nonexistent consistency, i.e., forbidden behaviors do not occur in a system. Hybrid interface automata (HIA), which extend from interface automata and is not input-enabled, are introduced to model CPS. The compatibility of HIA is checked under an optimistic approach, which means if there is an environment in which two HIA cannot reach an illegal location, namely, at the location one cannot accept the input send by the other, they are compatible. Based on a scenario that specifies forbidden behaviors, behavioral nonexistent consistency is boundedly checked by transforming it to an unconstrained dynamic programming, and solving the programming by a genetic algorithm. The method can directly apply to nonlinear hybrid model. It relaxes a restriction on the form of the system dynamic in traditional algorithms. An experiment and simulation validate our algorithms.

Kailong Zhang,Jiwei Li,Zhou Lu,Mei Luo,Xiao Wu

DOI: https://doi.org/10.1109/ihmsc.2013.113

2013-01-01

Abstract:Cyber-Physical System(CPS) is now a new evolutional morphology of embedded systems. With features of merging computation and physical processes together, the traditional verification and simulation methods have being challenged recently. After analyzed the state-of-art of related research, a new simulation environment is studied according to the characters of a special autonomous cyber-physical system-Unmanned Aerial Vehicle, and designed to be scene-driven, modeling and reconfigurable. In this environment, a novel CPS-in-loop architecture, which can support simulations under different customized scenes, is studied firstly to ensure its opening and flexibility. And as another foundation, some dynamics models of CPS and atmospheric ones of relative sensors are introduced to simulate the motion of CPS and the change of its posture. On the basis above, the reconfigurable scene-driven mechanisms that are Based on hybrid events are mainly excogitated. Then, different scenes can be configured in terms of special verification requirements, and then each scene will be decomposed into a spatio-temporal event sequence and scheduled by a scene executor. With this environment, not only the posture of CPS, but also the autonomy of its behavior can be verified and observed. It will be meaningful for the design of such autonomous CPS.

Yu Zhang,Mengxing Huang,Wenlong Feng

DOI: https://doi.org/10.1007/978-3-030-32216-8_16

2019-01-01

Abstract:Cyber-Physical Systems (CPS) are often mission-critical, therefore, they must be high-assurance. High-assurance CPS require extensive formal verification. Formal verification techniques can discover subtle design errors where simulation fails. However, due to the state explosion problem, formal techniques usually cannot handle large designs. This paper introduces a semi-formal verification methodology in which formal co-verification and co-simulation are tightly coupled. We propose an online-capture offline-replay approach to improve the usefulness for formal verification. We analyze these simulation traces, find some critical states and assisted with formal verification under these circumstances. The experiment results show that our approach has major potential in verifying system level properties of complex CPS, therefore improving the high-assurance of CPS.

Thomas Baar,Sergey Staroletov,Thomas Baar,Sergey Staroletov

DOI: https://doi.org/10.18255/1818-1015-2018-5-465-480

2018-10-28

Modeling and Analysis of Information Systems

Abstract:KeYmaera is an interactive theorem prover and is used to verify safety properties of cyber-physical systems (CPSs). It implements a Dynamic Logic for Hybrid Programs (HPs), while a HP models a CPS very precisely. Verifying properties of a given system in KeYmaera can become a challenge for a user since the proof is authored in a classical sequent calculus framework and a successful proof requires from the user intimate knowledge of the available calculus rules. Another barrier for widespread application of KeYmaera is the purely textual representation of current proof goals, what requires from the user very good training, experience, and patience. In this paper, we present an alternative verification approach based on KeYmaera, which drastically improves usability and minimizes user interaction. The main idea is to let the user annotate invariants and contracts to states of the hybrid automaton. Thus, the user can employ the graphical representation of the modelled system and is not bound to the purely textual form of hybrid programs as in KeYmaera. Based on the user-provided contracts, one can generate proof obligations, which are much simpler than the original proof goal in KeYmaera. The article is published in the authors’ wording.

Lei Bu,Tian Zhang,Xin Chen,Linzhang Wang,Jianhua Zhao,Xuandong Li

DOI: https://doi.org/10.1145/3229783.3229793

2018-01-01

Abstract:By combining communication, computation, and control (3C), Cyber-Physical Systems (CPS)0tightly couple the physical world with the cyber-world, to enable more applications, enhance performance, increase dependability and etc. Among these goals, as CPS are widely used in the safety-critical area, guaranteeing the basic dependability/safety is after all the prerequisite and often the top concern. However, the behavior of CPS is extremely complex. First of all, due to the existence of both discrete control modes transition and continuous real-time behavior in CPS, the behavior of CPS is a complex hybrid state space, which is difficult to understand and handle. Secondly, most CPS applications are working in the open environment and acquiring real-time data from the environment intensively to adjust their own behavior. The dynamic environment makes the behavior space more complex to reason. When a system is too complex to analyze directly, building an abstract model of the system and then conducting analysis on the model to answer questions about the original system is an important and widely-used method. Meanwhile, a reasonable model also plays important roles in the phase of specification, design, development, testing, monitoring and so on. Therefore, it is an important topic of investigating how model-based methods can be applied in the context of CPS to increase the quality and dependability of the system. During the past decade, our research group at Nanjing University has devoted a lot of efforts into this mission. We conducted comprehensive research in a wide spectrum of CPS including model-driven design, verification, control, monitoring, and testing. In this paper, we will make a general review of the progress we made on these directions recently.

Xiong Xu,Shuling Wang,Bohua Zhan,Xiangyu Jin,Naijun Zhan,Jean-Pierre Talpin

DOI: https://doi.org/10.1145/3631483.3631487

2023-10-30

ACM SIGAda Ada Letters

Abstract:The design of safety-critical cyber-physical systems (CPSs) involve several dimensions, including physics, hardware rchitecture and software functionality. It is desirable to design CPSs by taking these issues into account uniformly and yet, few existing design workflows support this aim. For instance, AADL is an architecturecentric modelling formalism for CPSs, which focuses on modelling architecture and prototyping real-time hardware platforms, but it delegates physical and software behavioral models to so-called annexes. By contrast, Simulink/Stateflow (S/S) focuses on modelling interacting physical and software behaviors, but does not render the non-functional characteristics of their hardware platforms. To address this issue, in [1], we proposed the combination of AADL and S/S, called AADL S/S, to comodel CPSs and presented a method to uniformly analyse and verify them. AADL S/S provides a unified graphical co-modelling environment for CPS design and supports simulation through C code generation. Also, [1] presented a formal semantics of AADL S/S by translation to Hybrid Communicating Sequential Processes (HCSP), yielding a deductive verification framework of the combined models using Hybrid Hoare Logic (HHL). Additionally, [1] proved the correctness of the translation of AADL S/S to HCSP.

Yu Zhang,Yunwei Dong,Wenlong Feng,Mengxing Huang

DOI: https://doi.org/10.1109/ICESS.2016.37

2016-01-01

Abstract:Cyber-Physical Systems (CPS) tightly integrate software and plant components and transcend software and control domains. It is greatly desired that the close interactions between software and plant components of CPS are clearly explored even before the complete system is put together. Lack of strict definition for interaction between the two domains has been considered as an obstacle to the development of high-assurance CPS. We present an approach to formalizing HW/SW interface. We advocate the use of Cyber/Physical interface as a step towards bridging this gap. Such interface models should have formal semantics, be ecient for co-simulation, and cover all Cyber/Physical behaviors described by Cyber/Physical interface. Case studies on a realistic example have shown that the approach has major potential in verifying system level properties of CPS, therefore improving the high-confidence of CPS.

Mingfu Tuo,Xingshe Zhou,Gang Yang,Ning Fu

DOI: https://doi.org/10.1109/ithings-greencom-cpscom-smartdata.2016.140

2016-01-01

Abstract:The Cyber-Physical System has been characterized by deep integration of computing process and physical process, heterogeneous composition, etc. So it is difficult to model Cyber-Physical System and to analyze its properties. An approach to model Cyber-Physical System and to analyze its safety based on multiple modeling languages transformation is put forward. We model the Cyber-Physical System by Hybrid System Description Language, and analyze its safety by Hybrid Program Language. The meta model of Hybrid Program is established. The rules that automatically transform Hybrid System Description Language meta model to Hybrid Program meta model is provided. Result shows that this method can model Cyber-Physical System intuitively, meanwhile analyze its safety avoiding state space explosion in formal validation.

Huixing Fang,Jifeng He,Qiwen Xu,Huibiao Zhu,Longfei Zhu

2015-01-01

Abstract:Hybrid systems arise in real-time and embedded control systems with the interactions emerged between continuous physical environment and discrete digital controllers. In this paper, we propose an approach for the verification of hybrid systems which are constructed by a hybrid parallel modelling language, where the interaction between the controller and the environment is synchronized by signals. The proof rules with respect to the modelling language are illustrated in the style of Hoare triples. For an application of our approach, a water tank model is produced as a sequential hybrid model, then we verify the model with the satisfiability according to a design requirement. Moreover, for parallel hybrid model, a case of subway control system involving overlapping metro lines is presented and verified with respect to the collision avoidance requirement.