research-article

Public Access

Safety Verification of Cyber-Physical Systems with Reinforcement Learning Control

Authors:

Hoang-Dung Tran,

Manzanas Lopez Diego,

Taylor T. Johnson,

Xenofon KoutsoukosAuthors Info & Claims

ACM Transactions on Embedded Computing Systems (TECS), Volume 18, Issue 5s

Article No.: 105, Pages 1 - 22

https://doi.org/10.1145/3358230

Published: 08 October 2019 Publication History

All formats PDF

Abstract

This paper proposes a new forward reachability analysis approach to verify safety of cyber-physical systems (CPS) with reinforcement learning controllers. The foundation of our approach lies on two efficient, exact and over-approximate reachability algorithms for neural network control systems using star sets, which is an efficient representation of polyhedra. Using these algorithms, we determine the initial conditions for which a safety-critical system with a neural network controller is safe by incrementally searching a critical initial condition where the safety of the system cannot be established. Our approach produces tight over-approximation error and it is computationally efficient, which allows the application to practical CPS with learning enable components (LECs). We implement our approach in NNV, a recent verification tool for neural networks and neural network control systems, and evaluate its advantages and applicability by verifying safety of a practical Advanced Emergency Braking System (AEBS) with a reinforcement learning (RL) controller trained using the deep deterministic policy gradient (DDPG) method. The experimental results show that our new reachability algorithms are much less conservative than existing polyhedra-based approaches. We successfully determine the entire region of the initial conditions of the AEBS with the RL controller such that the safety of the system is guaranteed, while a polyhedra-based approach cannot prove the safety properties of the system.

References

[1]

Anayo K. Akametalu, Jaime F. Fisac, Jeremy H. Gillula, Shahab Kaynama, Melanie N. Zeilinger, and Claire J. Tomlin. 2014. Reachability-based safe learning with Gaussian processes. In 53rd IEEE Conference on Decision and Control. IEEE, 1424--1431.

[2]

Matthias Althoff. 2015. An introduction to CORA 2015. In Proc. of the Workshop on Applied Verification for Continuous and Hybrid Systems.

[3]

Matthias Althoff, Olaf Stursberg, and Martin Buss. 2008. Reachability analysis of nonlinear systems with uncertain parameters using conservative linearization. In 2008 47th IEEE Conference on Decision and Control. IEEE, 4042--4048.

[4]

Stanley Bak and Parasara Sridhar Duggirala. 2017. Simulation-equivalent reachability of large linear systems with inputs. In International Conference on Computer Aided Verification. Springer, 401--420.

[5]

Stanley Bak, Hoang-Dung Tran, and Taylor T. Johnson. 2019. Numerical verification of affine systems with up to a billion dimensions. In Proceedings of the 22nd ACM International Conference on Hybrid Systems: Computation and Control. ACM, 23--32.

[6]

Valentina E. Balas and Marius M. Balas. 2006. Driver assisting by inverse time to collision. In 2006 World Automation Congress. IEEE, 1--6.

[7]

Mariusz Bojarski, Davide Del Testa, Daniel Dworakowski, Bernhard Firner, Beat Flepp, Prasoon Goyal, Lawrence D. Jackel, Mathew Monfort, Urs Muller, Jiakai Zhang, et al. 2016. End to end learning for self-driving cars. arXiv preprint arXiv:1604.07316 (2016).

[8]

Xin Chen, Erika Ábrahám, and Sriram Sankaranarayanan. 2013. Flow*: An analyzer for non-linear hybrid systems. In International Conference on Computer Aided Verification. Springer, 258--263.

[9]

Alexey Dosovitskiy, German Ros, Felipe Codevilla, Antonio Lopez, and Vladlen Koltun. 2017. CARLA: An open urban driving simulator. arXiv preprint arXiv:1711.03938 (2017).

[10]

Tommaso Dreossi, Alexandre Donzé, and Sanjit A. Seshia. 2017. Compositional falsification of cyber-physical systems with machine learning components. In NASA Formal Methods Symposium. Springer, 357--372.

[11]

Souradeep Dutta, Susmit Jha, Sriram Sankaranarayanan, and Ashish Tiwari. 2018. Learning and verification of feedback control systems using feedforward neural networks. IFAC-PapersOnLine 51, 16 (2018), 151--156.

[12]

Javier Garcıa and Fernando Fernández. 2015. A comprehensive survey on safe reinforcement learning. Journal of Machine Learning Research 16, 1 (2015), 1437--1480.

Digital Library

[13]

Clement Gehring and Doina Precup. 2013. Smart exploration in reinforcement learning using absolute temporal difference errors. In Proceedings of the 2013 International Conference on Autonomous Agents and Multi-Agent Systems. International Foundation for Autonomous Agents and Multiagent Systems, 1037--1044.

Digital Library

[14]

Peter Geibel and Fritz Wysotzki. 2005. Risk-sensitive reinforcement learning applied to control under constraints. Journal of Artificial Intelligence Research 24 (2005), 81--108.

[15]

Alborz Geramifard, Joshua Redding, Nicholas Roy, and Jonathan P. How. 2011. UAV cooperative control with stochastic risk models. In Proceedings of the 2011 American Control Conference. IEEE, 3393--3398.

[16]

Antoine Girard. 2005. Reachability of uncertain linear systems using zonotopes. In Hybrid Systems: Computation and Control. Springer, 291--305.

[17]

Alexander Hans, Daniel Schneegaß, Anton Maximilian Schäfer, and Steffen Udluft. 2008. Safe exploration for reinforcement learning. In ESANN. 143--148.

[18]

John Hertz, Anders Krogh, and Richard G. Palmer. 1991. Introduction to the Theory of Neural Computation. Addison-Wesley/Addison Wesley Longman.

Digital Library

[19]

Radoslav Ivanov, James Weimer, Rajeev Alur, George J. Pappas, and Insup Lee. 2019. Verisig: Verifying safety properties of hybrid systems with neural network controllers. In Hybrid Systems: Computation and Control (HSCC).

[20]

Kyle D. Julian, Mykel J. Kochenderfer, and Michael P. Owen. 2018. Deep neural network compression for aircraft collision avoidance systems. arXiv preprint arXiv:1810.04240 (2018).

[21]

Torsten Koller, Felix Berkenkamp, Matteo Turchetta, and Andreas Krause. 2018. Learning-based model predictive control for safe exploration. In 2018 IEEE Conference on Decision and Control (CDC). IEEE, 6059--6066.

Digital Library

[22]

Kristofer D. Kusano and Hampton Gabler. 2011. Method for estimating time to collision at braking in real-world, lead vehicle stopped rear-end crashes for use in pre-crash system design. SAE International Journal of Passenger Cars-Mechanical Systems 4, 2011-01-0576 (2011), 435--443.

[23]

David N. Lee. 1976. A theory of visual control of braking based on information about time-to-collision. Perception 5, 4 (1976), 437--459.

[24]

Timothy P. Lillicrap, Jonathan J. Hunt, Alexander Pritzel, Nicolas Heess, Tom Erez, Yuval Tassa, David Silver, and Daan Wierstra. 2015. Continuous control with deep reinforcement learning. arXiv preprint arXiv:1509.02971 (2015).

[25]

Teodor Mihai Moldovan and Pieter Abbeel. 2012. Safe exploration in Markov decision processes. arXiv preprint arXiv:1205.4810 (2012).

[26]

Seyed-Mohsen Moosavi-Dezfooli, Alhussein Fawzi, and Pascal Frossard. 2016. Deepfool: A simple and accurate method to fool deep neural networks. In Proceedings of the IEEE Conference on Computer Vision and Pattern Recognition. 2574--2582.

[27]

Sriram Sankaranarayanan, Souradeep Dutta, and Xin Chen. 2019. Reachability analysis for neural feedback systems using regressive polynomial rule inference. In Hybrid Systems: Computation and Control (HSCC).

[28]

Xiaowu Sun, Haitham Khedr, and Yasser Shoukry. 2019. Formal verification of neural network controlled autonomous systems. In Hybrid Systems: Computation and Control (HSCC).

[29]

Hoang-Dung Tran, Patrick Musau, Diego Manzanas Lopez, Xiaodong Yang, Luan Viet Nguyen, Weiming Xiang, and Taylor T. Johnson. 2019. Parallelizable reachability analysis algorithms for feed-forward neural networks. In 7th International Conference on Formal Methods in Software Engineering (FormaliSE2019), Montreal, Canada.

[30]

Hoang-Dung Tran, Patrick Musau, Diego Manzanas Lopez, Xiaodong Yang, Luan Viet Nguyen, Weiming Xiang, and Taylor T. Johnson. 2019. Star-based reachability analsysis for deep neural networks. In 23rd International Symposisum on Formal Methods (FM’19). Springer International Publishing.

[31]

Hoang-Dung Tran, Luan Viet Nguyen, Nathaniel Hamilton, Weiming Xiang, and Taylor T. Johnson. 2019. Reachability analysis for high-index linear differential algebraic equations (DAEs). In 17th International Conference on Formal Modeling and Analysis of Timed Systems (FORMATS’19). Springer International Publishing.

[32]

Hoang-Dung Tran, Luan Viet Nguyen, Patrick Musau, Weiming Xiang, and Taylor T. Johnson. 2019. Decentralized real-time safety verification for distributed cyber-physical systems. In Formal Techniques for Distributed Objects, Components, and Systems (FORTE’19), Jorge A. Pérez and Nobuko Yoshida (Eds.). Springer International Publishing, Cham, 261--277.

[33]

Cumhur Erkan Tuncali, Georgios Fainekos, Hisahiro Ito, and James Kapinski. 2018. Simulation-based adversarial test generation for autonomous vehicles with machine learning components. arXiv preprint arXiv:1804.06760 (2018).

[34]

Weiming Xiang, Diego Manzanas Lopez, Patrick Musau, and Taylor T. Johnson. 2019. Reachable set estimation and verification for neural network models of nonlinear dynamic systems. In Safe, Autonomous and Intelligent Vehicles. Springer, 123--144.

[35]

Weiming Xiang, Hoang-Dung Tran, and Taylor T. Johnson. 2017. Reachable set computation and safety verification for neural networks with ReLU activations. arXiv preprint arXiv:1712.08163 (2017).

[36]

Weiming Xiang, Hoang-Dung Tran, Joel A. Rosenfeld, and Taylor T. Johnson. 2018. Reachable set estimation and safety verification for piecewise linear systems with neural network controllers. arXiv preprint arXiv:1802.06981 (2018).

Cited By

Lyu DZhang ZArcaini PIshikawa FLaurent TZhao JLi XHandl J(2024)Search-Based Repair of DNN Controllers of AI-Enabled Cyber-Physical Systems Guided by System-Level SpecificationsProceedings of the Genetic and Evolutionary Computation Conference10.1145/3638529.3654078(1435-1444)Online publication date: 14-Jul-2024
https://dl.acm.org/doi/10.1145/3638529.3654078
Gohil VPatnaik SGuo HKalathil DRajendran J(2024)DETERRENT: Detecting Trojans Using Reinforcement LearningIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems10.1109/TCAD.2023.330973143:1(57-70)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1109/TCAD.2023.3309731
Provan G(2024)Formal Methods for Autonomous VehiclesIT Professional10.1109/MITP.2024.335615826:1(50-56)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1109/MITP.2024.3356158
Show More Cited By

Index Terms

Recommendations

Verifying safety properties of a nonlinear control by interactive theorem proving with the Prototype Verification System

Interactive, or computer-assisted, theorem proving is the verification of statements in a formal system, where the proof is developed by a logician who chooses the appropriate inference steps, in turn executed by an automatic theorem prover. In this ...
Safety verification for linear systems
EMSOFT '13: Proceedings of the Eleventh ACM International Conference on Embedded Software

An embedded software controller is safe if the composition of the controller and the plant does not reach any unsafe state starting from legal initial states (in an unbounded time horizon). Linear systems -- specified using linear ordinary differential ...
Using symbolic execution for verifying safety-critical systems

Safety critical systems require to be highly reliable and thus special care is taken when verifying them in order to increase the confidence in their behavior. This paper addresses the problem of formal verification of safety critical systems by ...

Comments

Information & Contributors

Information

Published In

cover image ACM Transactions on Embedded Computing Systems

ACM Transactions on Embedded Computing Systems Volume 18, Issue 5s

Special Issue ESWEEK 2019, CASES 2019, CODES+ISSS 2019 and EMSOFT 2019

October 2019

1423 pages

ISSN:1539-9087

EISSN:1558-3465

DOI:10.1145/3365919

Editor:
Sandeep K. Shukla
Indian Institute of Technology, India

Issue’s Table of Contents

Copyright © 2019 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Journal Family

ACM Journals for the Design of Smart and Connected Systems

Publication History

Published: 08 October 2019

Accepted: 01 July 2019

Revised: 01 June 2019

Received: 01 April 2019

Published in TECS Volume 18, Issue 5s

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Funding Sources

National Science Foundation
Defense Advanced Research Projects Agency
Air Force Office of Scientific Research

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

68
Total Citations
View Citations
2,450
Total Downloads

Downloads (Last 12 months)479
Downloads (Last 6 weeks)53

Reflects downloads up to 12 Sep 2024

Other Metrics

View Author Metrics

Citations

Cited By

Lyu DZhang ZArcaini PIshikawa FLaurent TZhao JLi XHandl J(2024)Search-Based Repair of DNN Controllers of AI-Enabled Cyber-Physical Systems Guided by System-Level SpecificationsProceedings of the Genetic and Evolutionary Computation Conference10.1145/3638529.3654078(1435-1444)Online publication date: 14-Jul-2024
https://dl.acm.org/doi/10.1145/3638529.3654078
Gohil VPatnaik SGuo HKalathil DRajendran J(2024)DETERRENT: Detecting Trojans Using Reinforcement LearningIEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems10.1109/TCAD.2023.330973143:1(57-70)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1109/TCAD.2023.3309731
Provan G(2024)Formal Methods for Autonomous VehiclesIT Professional10.1109/MITP.2024.335615826:1(50-56)Online publication date: 1-Jan-2024
https://dl.acm.org/doi/10.1109/MITP.2024.3356158
Johnson TLopez DTran H(2024)Tutorial: Safe, Secure, and Trustworthy Artificial Intelligence (AI) via Formal Verification of Neural Networks and Autonomous Cyber-Physical Systems (CPS) with NNV2024 54th Annual IEEE/IFIP International Conference on Dependable Systems and Networks - Supplemental Volume (DSN-S)10.1109/DSN-S60304.2024.00027(65-66)Online publication date: 24-Jun-2024
https://doi.org/10.1109/DSN-S60304.2024.00027
Liang ZRen DXue BWang JYang WLiu W(2024)Verifying safety of neural networks from topological perspectivesScience of Computer Programming10.1016/j.scico.2024.103121236:COnline publication date: 1-Sep-2024
https://dl.acm.org/doi/10.1016/j.scico.2024.103121
Abate ABogomolov SEdwards APotomkin KSoudjani SZuliani P(2024)Safe Reach Set Computation via Neural Barrier CertificatesIFAC-PapersOnLine10.1016/j.ifacol.2024.07.43358:11(107-114)Online publication date: 2024
https://doi.org/10.1016/j.ifacol.2024.07.433
Araya IReyes V(2024)A revised monotonicity-based method for computing tight image enclosures of functionsJournal of Global Optimization10.1007/s10898-024-01405-0Online publication date: 16-May-2024
https://doi.org/10.1007/s10898-024-01405-0
Amir GMaayan OZelazny TKatz GSchapira M(2024)Verifying the Generalization of Deep Learning to Out-of-Distribution DomainsJournal of Automated Reasoning10.1007/s10817-024-09704-768:3Online publication date: 3-Aug-2024
https://doi.org/10.1007/s10817-024-09704-7
Bak SDohmen TSubramani KTrivedi AVelasquez AWojciechowski P(2024)The hexatope and octatope abstract domains for neural network verificationFormal Methods in System Design10.1007/s10703-024-00457-yOnline publication date: 17-Jun-2024
https://doi.org/10.1007/s10703-024-00457-y
Vu FDunkelau JLeuschel M(2024)Validation of Reinforcement Learning Agents and Safety Shields with ProBNASA Formal Methods10.1007/978-3-031-60698-4_16(279-297)Online publication date: 4-Jun-2024
https://dl.acm.org/doi/10.1007/978-3-031-60698-4_16
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Media

Figures

Other

Tables

View Issue’s Table of Contents