Real-Time Reachability for Verified Simplex Design

2014 IEEE Real-Time Systems Symposium Pub Date : 2014-12-01 DOI:10.1145/2723871

Taylor T. Johnson, Stanley Bak, M. Caccamo, L. Sha

{"title":"Real-Time Reachability for Verified Simplex Design","authors":"Taylor T. Johnson, Stanley Bak, M. Caccamo, L. Sha","doi":"10.1145/2723871","DOIUrl":null,"url":null,"abstract":"The Simplex Architecture ensures the safe use of an unverifiable complex controller by using a verified safety controller and verified switching logic. This architecture enables the safe use of high-performance, untrusted, and complex control algorithms without requiring them to be formally verified. Simplex incorporates a supervisory controller and safety controller that will take over control if the unverified logic misbehaves. The supervisory controller should (1) guarantee the system never enters and unsafe state (safety), but (2) use the complex controller as much as possible (minimize conservatism). The problem of precisely and correctly defining this switching logic has previously been considered either using a control-theoretic optimization approach, or through an offline hybrid systems reach ability computation. In this work, we prove that a combined online/offline approach, which uses aspects of the two earlier methods along with a real-time reach ability computation, also maintains safety, but with significantly less conservatism. We demonstrate the advantages of this unified approach on a saturated inverted pendulum system, where the usable region of attraction is 227% larger than the earlier approach.","PeriodicalId":353167,"journal":{"name":"2014 IEEE Real-Time Systems Symposium","volume":"32 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2014-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"94","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2014 IEEE Real-Time Systems Symposium","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2723871","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 94

Abstract

The Simplex Architecture ensures the safe use of an unverifiable complex controller by using a verified safety controller and verified switching logic. This architecture enables the safe use of high-performance, untrusted, and complex control algorithms without requiring them to be formally verified. Simplex incorporates a supervisory controller and safety controller that will take over control if the unverified logic misbehaves. The supervisory controller should (1) guarantee the system never enters and unsafe state (safety), but (2) use the complex controller as much as possible (minimize conservatism). The problem of precisely and correctly defining this switching logic has previously been considered either using a control-theoretic optimization approach, or through an offline hybrid systems reach ability computation. In this work, we prove that a combined online/offline approach, which uses aspects of the two earlier methods along with a real-time reach ability computation, also maintains safety, but with significantly less conservatism. We demonstrate the advantages of this unified approach on a saturated inverted pendulum system, where the usable region of attraction is 227% larger than the earlier approach.

查看原文本刊更多论文

验证单纯形设计的实时可达性

单纯形结构通过使用经过验证的安全控制器和经过验证的开关逻辑来确保不可验证的复杂控制器的安全使用。这种体系结构允许安全使用高性能、不可信和复杂的控制算法，而不需要对它们进行正式验证。Simplex包含一个监督控制器和安全控制器，如果未经验证的逻辑行为不当，将接管控制。监控控制器应该(1)保证系统永远不进入不安全状态(安全)，但(2)尽可能使用复杂控制器(最小化保守性)。精确和正确地定义这种切换逻辑的问题，以前要么使用控制理论优化方法，要么通过离线混合系统到达能力计算来考虑。在这项工作中，我们证明了一种结合在线/离线方法，它使用了前两种方法的一些方面以及实时到达能力计算，也保持了安全性，但保守性明显降低。我们在饱和倒立摆系统上证明了这种统一方法的优点，在饱和倒立摆系统上，引力可用区域比以前的方法大227%。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2014 IEEE Real-Time Systems Symposium

自引率

0.00%

发文量