Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
Skip to main content
Springer Nature Link
Log in

Towards Probabilistic Contracts for Intelligent Cyber-Physical Systems

  • Conference paper
  • First Online:
Leveraging Applications of Formal Methods, Verification and Validation. Specification and Verification (ISoLA 2024)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 15221))

Included in the following conference series:

  • 161 Accesses

Abstract

Cyber-physical systems are systems that exhibit both discrete computational and continuous physical behavior. They are often subject to different kinds of uncertainty, ranging from sensor noise over random component failures to inconfidences induced by sample-based statistical learning. Quantitative formal methods have proven to be especially useful for assessing the impact of uncertainty on the system evolution over time. However, they lack compositionality. Existing methods for compositional design and verification, such as contracts, traditionally abstract from or (over-)approximate probability distributions, and resort to purely qualitative safety assessments in worst-case scenarios. This paper proposes a first step towards the integration of probabilistic methods into contract-based verification schemes to enable compositional reasoning over uncertain system behavior. We discuss different sources of uncertainties, as well as the necessity of probabilistic contracts for cyber-physical systems. Our key idea for integrating probabilities into contracts is the identification of safe yet precise approximations for sets of distributions, for which we use subdistributions. With that, we hope to reconcile probabilistic with set-based reasoning.

The research reported herein originates from discussion at the Workshop on Contract Languages held at the Lorentz Center, Leiden, The Netherlands, March 4–8 2024. It has been partially funded by Germany’s Federal Ministry of Education and Research (BMBF) as part of AutoDevSafeOps (01IS22087Q) as well as by the Ministry of Science and Culture (MWK) of the State of Lower Saxony as part of Zukunftslabor Mobilität.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 64.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 79.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    In the qualitative setting, a contract \((A',G')\) is stronger than contract (AG) iff \(A \subseteq A'\) and \(G' \subseteq G\), i.e. if it weakens assumptions and strengthens guarantees. In this case, any component satisfying \((A',G')\) can also safely be used in a context requiring contract (AG).

  2. 2.

    “In terms of input and output variables” is to be understood broadly here. There is no need to express component behaviors directly in terms of the immediate (input and output) port variables of the component, as the mathematical framework applies equally well to images thereof obtained by coordinate transformations and projections or even non-linear images of the state-space spanned by the ports, as long as the semantics \([\![C]\!]\) of a component is well-defined over these images. In the example contract provided in Sect. 5, we will describe the input-output behavior by a one-dimensional (sub-)distribution on the difference \(d = a_{control} - \frac{1}{2} \frac{v^2}{s}\) between physical states and the value of a control output, rather than by a joint distribution on all these variables.

References

  1. Abate, A., et al.: ARCH-COMP23 category report: stochastic models. In: Proceedings of 10th International Workshop on Applied Verification of Continuous and Hybrid Systems. EPiC Series in Computing, vol. 96, pp. 126–150. EasyChair (2023). https://doi.org/10.29007/k7s6

  2. Abate, A., et al.: ARCH-COMP22 category report: stochastic models. In: Proceedings of 9th International Workshop on Applied Verification of Continuous and Hybrid Systems. EPiC Series in Computing, vol. 90, pp. 113–141. EasyChair (2022). https://doi.org/10.29007/lsvc

  3. Abate, A., Katoen, J.P., Mereacre, A.: Quantitative automata model checking of autonomous stochastic hybrid systems. In: Proceedings of the 14th international conference on Hybrid Systems: Computation and Control, pp. 83–92. ACM (2011). https://doi.org/10.1145/1967701.1967715

  4. Adelt, J., Brettschneider, D., Herber, P.: Reusable contracts for safe integration of reinforcement learning in hybrid systems. In: Automation Techniques for Verification and Analysis. Springer (2022). https://doi.org/10.1007/978-3-031-19992-9_4

  5. Adelt, J., Herber, P., Niehage, M., Remke, A.: Towards safe and resilient hybrid systems in the presence of learning and uncertainty. In: 11th International Symposium on Leveraging Applications of Formal Methods, Verification and Validation, pp. 299–319. Springer (2022).https://doi.org/10.1007/978-3-031-19849-6_18

  6. Ahrendt, W., et al.: The KeY platform for verification and analysis of java programs. In: Verified Software: Theories, Tools, and Experiments, pp. 1–17, No. 8471 in LNCS, Springer (2014).https://doi.org/10.1007/978-3-319-12154-3_4

  7. Alur, R., Dill, D.L.: A theory of timed automata. Theoret. Comput. Sci. 126, 183–235 (1994). https://doi.org/10.1016/0304-3975(94)90010-8

    Article  MathSciNet  Google Scholar 

  8. Behrmann, G., David, A., Larsen, K.G.: A Tutorial on Uppaal. In: Formal Methods for the Design of Real-Time Systems, LNCS, vol. 3185, pp. 200–236. Springer (2004). https://doi.org/10.1007/978-3-540-30080-9_7

  9. Benveniste, A., et al.: Contracts for system design. Found. Trends Electron. Des. Autom. 12(2–3), 124–400 (2018). https://doi.org/10.1561/1000000053

    Article  Google Scholar 

  10. Benvenuti, L., Bresolin, D., Collins, P., Ferrari, A., Geretti, L., Villa, T.: Assume–guarantee verification of nonlinear hybrid systems with Ariadne. Int. J. Robust Nonlinear Control 24(4), 699–724 (2014). https://doi.org/10.1002/rnc.2914

  11. Bertrand, N., et al.: Stochastic timed automata. Logical Methods Comput. Sci. 10(4) (2014). https://doi.org/10.2168/lmcs-10(4:6)2014

  12. Blom, S., Huisman, M.: The VerCors tool for verification of concurrent programs. In: International Symposium on Formal Methods, pp. 127–131. Springer (2014). https://doi.org/10.1007/978-3-319-06410-9_9

  13. Bogomolov, S., et al.: Assume-guarantee abstraction refinement meets hybrid systems. In: Haifa Verification Conference, pp. 116–131. Springer (2014).https://doi.org/10.1007/978-3-319-13338-6_10

  14. Bujorianu, M.L., Lygeros, J.: Toward a General Theory of Stochastic Hybrid Systems, pp. 3–30. Springer (2006).https://doi.org/10.1007/11587392_1

  15. Cauchi, N., Abate, A.: StocHy: automated verification and synthesis of stochastic processes. In: Tools and Algorithms for the Construction and Analysis of Systems, pp. 247–264. Springer (2019).https://doi.org/10.1145/3302504.3313349

  16. Chen, X., Ábrahám, E., Sankaranarayanan, S.: Flow*: an analyzer for non-linear hybrid systems. In: International Conference on Computer Aided Verification, pp. 258–263. Springer (2013). https://doi.org/10.1007/978-3-642-39799-8_18

  17. Cimatti, A., Dorigatti, M., Tonetta, S.: OCRA: a tool for checking the refinement of temporal contracts. In: 28th IEEE/ACM International Conference on Automated Software Engineering, pp. 702–705. IEEE (2013).https://doi.org/10.1109/ASE.2013.6693137

  18. Dang, T., Nahhal, T.: Coverage-guided test generation for continuous and hybrid systems. Formal Methods Syst. Des. 34(2), 183–213 (2009). https://doi.org/10.1007/s10703-009-0066-0

    Article  Google Scholar 

  19. David, A., Du, D., Kim G. Larsen, A.L., Mikučionis, M., Poulsen, D.B., Sedwards, S.: Statistical model checking for stochastic hybrid systems. In: Electronic Proceedings in Theoretical Computer Science, vol. 92, pp. 122–136 (2012). https://doi.org/10.4204/EPTCS.92.9

  20. David, A., Larsen, K.G., Legay, A., Mikučionis, M., Wang, Z.: Time for statistical model checking of real-time systems. In: Computer Aided Verification, pp. 349–355. Springer (2011). https://doi.org/10.1007/978-3-642-22110-1_27

  21. David, A., Larsen, K.G., Legay, A., Mikučionis, M., Poulsen, D.B.: UPPAAL SMC tutorial. Int. J. Softw. Tools Technol. Transf. 17(4), 397–415 (2015).https://doi.org/10.1007/s10009-014-0361-y

  22. Decker, N., Leucker, M., Thoma, D.: Monitoring modulo theories. Int. J. Softw. Tools Technol. Transfer 18(2), 205–225 (2016). https://doi.org/10.1007/s10009-015-0380-3

    Article  Google Scholar 

  23. Delahaye, B., Caillaud, B., Legay, A.: Probabilistic contracts: a compositional reasoning methodology for the design of stochastic systems. In: 10th International Conference on Application of Concurrency to System Design, pp. 223–232. IEEE Computer Society (2010). https://doi.org/10.1109/ACSD.2010.13

  24. Delicaris, J., Schupp, S., Ábrahám, E., Remke, A.: Maximizing reachability probabilities in rectangular automata with random clocks. In: 17th International Symposium on Theoretical Aspects of Software Engineering, LNCS, vol. 13931, pp. 164–182. Springer (2023). https://doi.org/10.1007/978-3-031-35257-7_10

  25. Der Kiureghian, A., Ditlevsen, O.: Aleatory or epistemic? Does it matter? Struct. Saf. 31(2), 105–112 (2009). https://doi.org/10.1016/j.strusafe.2008.06.020

    Article  Google Scholar 

  26. Dreossi, T., Dang, T., Donzé, A., Kapinski, J., Jin, X., Deshmukh, J.V.: Efficient guiding strategies for testing of temporal properties of hybrid systems. In: NASA Formal Methods Symposium, pp. 127–142. Springer (2015). https://doi.org/10.1007/978-3-319-17524-9_10

  27. Eggers, A., Ramdani, N., Nedialkov, N.S., Fränzle, M.: Improving the SAT modulo ODE approach to hybrid systems analysis by combining different enclosure methods. Softw. Syst. Model. 14(1), 121–148 (2015). https://doi.org/10.1007/S10270-012-0295-3

    Article  Google Scholar 

  28. Filliâtre, J.C., Paskevich, A.: Why3 - where programs meet provers. In: European Symposium on Programming, pp. 125–128. Springer (2013). https://doi.org/10.1007/978-3-642-37036-6_8

  29. Foster, S., Huerta y Munive, J.J., Gleirscher, M., Struth, G.: Hybrid systems verification with isabelle/hol: simpler syntax, better models, faster proofs. In: International Symposium on Formal Methods, pp. 367–386. Springer (2021).https://doi.org/10.1007/978-3-030-90870-6_20

  30. Fränzle, M., Chen, M., Kröger, P.: In memory of Oded Maler: automatic reachability analysis of hybrid-state automata. ACM SIGLOG News 6(1), 19–39 (2019). https://doi.org/10.1145/3313909.3313913

    Article  Google Scholar 

  31. Fränzle, M., Kröger, P.: The demon, the gambler, and the engineer – reconciling hybrid-system theory with metrology. In: Symposium on Real-Time and Hybrid Systems. Theoretical Computer Science and General Issues, vol. 11180, pp. 165–185. Springer (2018). https://doi.org/10.1007/978-3-030-01461-2_9

  32. Frehse, G., et al.: SpaceEx: scalable verification of hybrid systems. In: International Conference on Computer Aided Verification, pp. 379–395. Springer (2011).https://doi.org/10.1007/978-3-642-22110-1_30

  33. Fruth, M.: Probabilistic model checking of contention resolution in the IEEE 802.15.4 low-rate wireless personal area network protocol. In: Second International Symposium on Leveraging Applications of Formal Methods, Verification and Validation (ISOLA 2006), pp. 290–297. IEEE (2006).https://doi.org/10.1109/ISoLA.2006.34

  34. Fulton, N., Mitsch, S., Quesel, J.D., Völp, M., Platzer, A.: KeYmaera X: an axiomatic tactical theorem prover for hybrid systems. In: International Conference on Automated Deduction, pp. 527–538, No. 9195 in LNCS, Springer (2015). https://doi.org/10.1007/978-3-319-21401-6_36

  35. Hahn, E., Hartmanns, A., Hermanns, H., Katoen, J.P.: A compositional modelling and analysis framework for stochastic hybrid systems. Formal Methods Syst. Des. 43 (10 2013).https://doi.org/10.1007/s10703-012-0167-z

  36. Hähnle, R., Huisman, M.: Deductive verification: from pen-and-paper proofs to industrial tools. In: Computing and Software Science: State of the Art and Perspectives, LNCS, vol. 10000, pp. 345–373. Springer (2019). https://doi.org/10.1007/978-3-319-91908-9_18

  37. Hartmanns, A., Hermanns, H.: The modest toolset: an integrated environment for quantitative modelling and verification. In: 10th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, LNCS, vol. 8413, pp. 593–598. Springer (2014).https://doi.org/10.1007/978-3-642-54862-8_51

  38. Henzinger, T.A., Kopke, P.W., Puri, A., Varaiya, P.: What’s decidable about hybrid automata? J. Comput. Syst. Sci. 57(1), 94–124 (1998). https://doi.org/10.1006/jcss.1998.1581

    Article  MathSciNet  Google Scholar 

  39. Herber, P., Fellmuth, J., Glesner, S.: Model Checking SystemC Designs Using Timed Automata. In: International Conference on HW/SW Codesign and System Synthesis, pp. 131–136. ACM (2008). https://doi.org/10.1145/1450135.1450166

  40. Hoare, C.A.R.: Procedures and parameters: an axiomatic approach. In: Symposium on Semantics of Algorithmic Languages, Lecture Notes in Mathematics, vol. 188, pp. 102–116. Springer (1971). https://doi.org/10.1007/BFB0059696

  41. Hoeffding, W.: Probability inequalities for sums of bounded random variables. J. Am. Stat. Assoc. 58(301), 13–30 (1963)

    Article  MathSciNet  Google Scholar 

  42. Hüllermeier, E., Waegeman, W.: Aleatoric and epistemic uncertainty in machine learning: an introduction to concepts and methods. Mach. Learn. 110(3), 457–506 (2021). https://doi.org/10.1007/s10994-021-05946-3

    Article  MathSciNet  Google Scholar 

  43. Incer, I.: The Algebra of Contracts. Ph.D. thesis, University of California, Berkeley, USA (2022), https://www.escholarship.org/uc/item/1ts239xv

  44. Kamali, M., Katoen, J.P.: Probabilistic model checking of AODV. In: Quantitative Evaluation of Systems, LNCS, vol. 12289, pp. 54–73. Springer (2020). https://doi.org/10.1007/978-3-030-59854-9_6

  45. Kong, S., Gao, S., Chen, W., Clarke, E.: dReach: \(\delta \)-reachability analysis for hybrid systems. In: Tools and Algorithms for the Construction and Analysis of Systems, pp. 200–205. Springer (2015).https://doi.org/10.1007/978-3-662-46681-0_15

  46. Kwiatkowska, M., Norman, G., Parker, D.: PRISM 4.0: verification of probabilistic real-time systems. In: Computer Aided Verification, LNCS, vol. 6806, pp. 585–591. Springer (2011).https://doi.org/10.1007/978-3-642-22110-1_47

  47. Kwiatkowska, M., Norman, G., Segala, R., Sproston, J.: Automatic verification of real-time systems with discrete probability distributions. Theoret. Comput. Sci. 282, 101–150 (2002). https://doi.org/10.1016/S0304-3975(01)00046-9

    Article  MathSciNet  Google Scholar 

  48. Legay, A., Delahaye, B., Bensalem, S.: Statistical model checking: an overview. In: 1st International Conference on Runtime Verification, RV 2010, LNCS, vol. 6418, pp. 122–135. Springer (2010). https://doi.org/10.1007/978-3-642-16612-9_11

  49. Li, J., Nuzzo, P., Sangiovanni-Vincentelli, A.L., Xi, Y., Li, D.: Stochastic contracts for cyber-physical system design under probabilistic requirements. In: Proceedings of the 15th ACM-IEEE International Conference on Formal Methods and Models for System Design, pp. 5–14. ACM (2017).https://doi.org/10.1145/3127041.3127045

  50. Liebrenz, T., Herber, P., Glesner, S.: Deductive verification of hybrid control systems modeled in Simulink with KeYmaera X. In: International Conference on Formal Engineering Methods, LNCS, vol. 11232, pp. 89–105. Springer (2018). https://doi.org/10.1007/978-3-030-02450-5_6

  51. Liebrenz, T., Herber, P., Glesner, S.: A service-oriented approach for decomposing and verifying hybrid system models. In: International Conference on Formal Aspects of Component Software (FACS), LNCS, vol. 12018. Springer (2019).https://doi.org/10.1007/978-3-030-40914-2_7

  52. Lygeros, J., Prandini, M.: Stochastic hybrid systems: a powerful framework for complex, large scale applications. Eur. J. Control. 16(6), 583–594 (2010). https://doi.org/10.3166/ejc.16.583-594

    Article  MathSciNet  Google Scholar 

  53. MathWorks: Adaptive Cruise Control System. https://www.mathworks.com/help/reinforcement-learning/examples.html, online

  54. Meyer, B.: Applying ‘design by contract’. Computer 25(10), 40–51 (1992). https://doi.org/10.1109/2.161279

    Article  Google Scholar 

  55. Mitsch, S., Platzer, A.: ModelPlex: verified runtime validation of verified cyber-physical system models. Formal Methods Syst. Des. 49(1), 33–74 (2016). https://doi.org/10.1007/s10703-016-0241-z

    Article  Google Scholar 

  56. Mitsch, S., Platzer, A.: The KeYmaera X proof IDE: concepts on usability in hybrid systems theorem proving. In: Workshop on Formal Integrated Development Environment. Theoretical Computer Science, vol. 240, pp. 67–81 (2017). https://doi.org/10.48550/arXiv.1701.08469

  57. Müller, P., Schwerhoff, M., Summers, A.J.: Viper: a verification infrastructure for permission-based reasoning. In: 17th International Conference on Verification, Model Checking, and Abstract Interpretation, pp. 41–62. Springer (2016). https://doi.org/10.1007/978-3-662-49122-5_2

  58. Pilch, C., Edenfeld, F., Remke, A.: Hypeg: statistical model checking for hybrid petri nets: Tool paper. In: Proceedings of the 11th EAI International Conference on Performance Evaluation Methodologies and Tools, pp. 186–191 (2017).https://doi.org/10.1145/3150928.3150956

  59. Platzer, A.: Differential dynamic logic for hybrid systems. J. Autom. Reason. 41(2), 143–189 (2008). https://doi.org/10.1007/s10817-008-9103-8

    Article  MathSciNet  Google Scholar 

  60. Sánchez, C., et al.: A survey of challenges for runtime verification from advanced application domains (Beyond Software). Formal Methods Syst. Des. 54, 279–335 (2019). https://doi.org/10.1007/s10703-019-00337-w

  61. Schupp, S., et al.: Current challenges in the verification of hybrid systems. In: Cyber Physical Systems. Design, Modeling, and Evaluation: International Workshop, pp. 8–24. Springer (2015). https://doi.org/10.1007/978-3-319-25141-7_2

  62. da Silva, C., Schupp, S., Remke, A.: Optimizing reachability probabilities for a restricted class of stochastic hybrid automata via flowpipe-construction. Trans. Model. Comput. Simul. (2023). https://doi.org/10.1145/3607197

    Article  Google Scholar 

  63. Strubbe, S.N., Julius, A.A., van der Schaft, A.J.: Communicating piecewise deterministic Markov processes. In: IFAC Proceedings Volumes (2003). https://doi.org/10.1016/S1474-6670(17)36449-2

  64. Willemsen, L., Remke, A., Ábrahám, E.: Comparing two approaches to include stochasticity in hybrid automata. In: Proceedings of the 20th International Conference on Quantitative Evaluation of Systems, LNCS, vol. 14287, pp. 238–254. Springer (2023). https://doi.org/10.1007/978-3-031-43835-6_17

  65. Xu, D.N., Gößler, G., Girault, A.: Probabilistic contracts for component-based design. In: Proceedings of the 8th International Symposium on Automated Technology for Verification and Analysis, LNCS, vol. 6252, pp. 325–340. Springer (2010).https://doi.org/10.1007/978-3-642-15643-4_24

  66. Zhang, J., Zhao, J., Huang, Z., Cao, Z.: Model checking interval probabilistic timed automata. In: 2009 First International Conference on Information Science and Engineering, pp. 4936–4940. IEEE (2009).https://doi.org/10.1109/ICISE.2009.749

Download references

Author information

Authors and Affiliations

  1. University of Münster, Münster, Germany

    Pauline Blohm, Paula Herber & Anne Remke

  2. Carl von Ossietzky Universität Oldenburg, Oldenburg, Germany

    Martin Fränzle & Paul Kröger

Authors
  1. Pauline Blohm
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Martin Fränzle
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Paula Herber
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Paul Kröger
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Anne Remke
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Paul Kröger .

Editor information

Editors and Affiliations

  1. University of Limerick, CSIS and Lero, Limerick, Ireland

    Tiziana Margaria

  2. TU Dortmund University, Dortmund, Germany

    Bernhard Steffen

Rights and permissions

Reprints and permissions

Copyright information

© 2025 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Blohm, P., Fränzle, M., Herber, P., Kröger, P., Remke, A. (2025). Towards Probabilistic Contracts for Intelligent Cyber-Physical Systems. In: Margaria, T., Steffen, B. (eds) Leveraging Applications of Formal Methods, Verification and Validation. Specification and Verification. ISoLA 2024. Lecture Notes in Computer Science, vol 15221. Springer, Cham. https://doi.org/10.1007/978-3-031-75380-0_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-75380-0_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-75379-4

  • Online ISBN: 978-3-031-75380-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation