VeriPhy: Verified controller executables from verified cyber-physical system models
Journal article, 2018
We present VeriPhy, a verified pipeline which automatically transforms verified high-level models of safety-critical cyber-physical systems (CPSs) in differential dynamic logic (dL) to verified controller executables. VeriPhy proves that all safety results are preserved end-to-end as it bridges abstraction gaps, including: i) the gap between mathematical reals in physical models and machine arithmetic in the implementation, ii) the gap between real physics and its differential-equation models, and iii) the gap between nondeterministic controller models and machine code. VeriPhy reduces CPS safety to the faithfulness of the physical environment, which is checked at runtime by synthesized, verified monitors. We use three provers in this effort: KeYmaera X, HOL4, and Isabelle/HOL. To minimize the trusted base, we cross-verify KeYmaeraX in Isabelle/HOL. We evaluate the resulting controller and monitors on commodity robotics hardware. © 2018 ACM.
verified compilation
hybrid systems
formal verification
verified executables
cyber-physical systems
Author
Brandon Bohrer
Carnegie Mellon University (CMU)
Yong Kiam Tan
Carnegie Mellon University (CMU)
Stefan Mitsch
Carnegie Mellon University (CMU)
Magnus Myreen
Software Technology, Group A
André Platzer
Carnegie Mellon University (CMU)
ACM SIGPLAN Notices
1523-2867 (ISSN)
Vol. 53 4 617-630Pålitlig mjukvara via programmering och kompilering i logik
Swedish Foundation for Strategic Research (SSF) (FFL15-0191), 2017-01-01 -- 2021-12-31.
Subject Categories (SSIF 2011)
Embedded Systems
Control Engineering
Computer Systems
DOI
10.1145/3192366.3192406