VeriPhy: Verified controller executables from verified cyber-physical system models
Journal article, 2018

We present VeriPhy, a verified pipeline which automatically transforms verified high-level models of safety-critical cyber-physical systems (CPSs) in differential dynamic logic (dL) to verified controller executables. VeriPhy proves that all safety results are preserved end-to-end as it bridges abstraction gaps, including: i) the gap between mathematical reals in physical models and machine arithmetic in the implementation, ii) the gap between real physics and its differential-equation models, and iii) the gap between nondeterministic controller models and machine code. VeriPhy reduces CPS safety to the faithfulness of the physical environment, which is checked at runtime by synthesized, verified monitors. We use three provers in this effort: KeYmaera X, HOL4, and Isabelle/HOL. To minimize the trusted base, we cross-verify KeYmaeraX in Isabelle/HOL. We evaluate the resulting controller and monitors on commodity robotics hardware. © 2018 ACM.

verified executables

verified compilation

hybrid systems

formal verification

cyber-physical systems

Author

Brandon Bohrer

Carnegie Mellon University (CMU)

Yong Kiam Tan

Carnegie Mellon University (CMU)

Stefan Mitsch

Carnegie Mellon University (CMU)

Magnus Myreen

Software Technology, Group A

André Platzer

Carnegie Mellon University (CMU)

ACM SIGPLAN Notices

1523-2867 (ISSN)

Vol. 53 4 617-630

Subject Categories

Embedded Systems

Control Engineering

Computer Systems

DOI

10.1145/3192366.3192406

More information

Latest update

6/4/2020 1