A hybrid approach to cyber-physical systems verification

DAC Design Automation Conference 2012 Pub Date : 2012-06-03 DOI:10.1145/2228360.2228484

Pratyush Kumar, Dip Goswami, S. Chakraborty, A. Annaswamy, Kai Lampka, L. Thiele

{"title":"A hybrid approach to cyber-physical systems verification","authors":"Pratyush Kumar, Dip Goswami, S. Chakraborty, A. Annaswamy, Kai Lampka, L. Thiele","doi":"10.1145/2228360.2228484","DOIUrl":null,"url":null,"abstract":"We propose a performance verification technique for cyber-physical systems that consist of multiple control loops implemented on a distributed architecture. The architectures we consider are fairly generic and arise in domains such as automotive and industrial automation; they are multiple processors or electronic control units (ECUs) communicating over buses like FlexRay and CAN. Current practice involves analyzing the architecture to estimate worst-case end-to-end message delays and using these delays to design the control applications. This involves a significant amount of pessimism since the worst-case delays often occur very rarely. We show how to combine functional analysis techniques with model checking in order to derive a delay-frequency interface that quantifies the interleavings between messages with worst-case delays and those with smaller delays. In other words, we bound the frequency with which control messages might suffer the worst-case delay. We show that such a delay-frequency interface enables us to verify much tigher control performance properties compared to what would be possible with only worst-case delay bounds.","PeriodicalId":263599,"journal":{"name":"DAC Design Automation Conference 2012","volume":"7 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-06-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"71","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"DAC Design Automation Conference 2012","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2228360.2228484","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 71

Abstract

We propose a performance verification technique for cyber-physical systems that consist of multiple control loops implemented on a distributed architecture. The architectures we consider are fairly generic and arise in domains such as automotive and industrial automation; they are multiple processors or electronic control units (ECUs) communicating over buses like FlexRay and CAN. Current practice involves analyzing the architecture to estimate worst-case end-to-end message delays and using these delays to design the control applications. This involves a significant amount of pessimism since the worst-case delays often occur very rarely. We show how to combine functional analysis techniques with model checking in order to derive a delay-frequency interface that quantifies the interleavings between messages with worst-case delays and those with smaller delays. In other words, we bound the frequency with which control messages might suffer the worst-case delay. We show that such a delay-frequency interface enables us to verify much tigher control performance properties compared to what would be possible with only worst-case delay bounds.

查看原文本刊更多论文

网络物理系统验证的混合方法

我们提出了一种性能验证技术，用于由分布式架构上实现的多个控制回路组成的网络物理系统。我们考虑的架构是相当通用的，出现在汽车和工业自动化等领域;它们是通过FlexRay和CAN等总线进行通信的多个处理器或电子控制单元(ecu)。当前的实践包括分析体系结构以估计最坏情况下的端到端消息延迟，并使用这些延迟来设计控制应用程序。由于最糟糕的延迟通常很少发生，因此这涉及到大量的悲观情绪。我们展示了如何将功能分析技术与模型检查相结合，以导出延迟频率接口，该接口可以量化具有最坏延迟的消息和具有较小延迟的消息之间的交错。换句话说，我们限定了控制消息可能遭受最坏情况延迟的频率。我们表明，与只有最坏情况的延迟边界相比，这样的延迟频率接口使我们能够验证更严格的控制性能。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

DAC Design Automation Conference 2012

自引率

0.00%

发文量