scholarly journals An axiomatic approach to existence and liveness for differential equations

2021 ◽  
Author(s):  
Yong Kiam Tan ◽  
André Platzer
Keyword(s):  
Differential Equations ◽  
Blow Up ◽  
Dynamic Logic ◽  
Axiomatic Approach ◽  
Theorem Prover ◽  
Important Special Case ◽  
Target Region ◽  
Invariance Properties ◽  
Liveness Properties ◽  
Verification Techniques

AbstractThis article presents an axiomatic approach for deductive verification of existence and liveness for ordinary differential equations (ODEs) with differential dynamic logic (dL). The approach yields proofs that the solution of a given ODE exists long enough to reach a given target region without leaving a given evolution domain. Numerous subtleties complicate the generalization of discrete liveness verification techniques, such as loop variants, to the continuous setting. For example, ODE solutions may blow up in finite time or their progress towards the goal may converge to zero. These subtleties are handled in dL by successively refining ODE liveness properties using ODE invariance properties which have a complete axiomatization. This approach is widely applicable: several liveness arguments from the literature are surveyed and derived as special instances of axiomatic refinement in dL. These derivations also correct several soundness errors in the surveyed literature, which further highlights the subtlety of ODE liveness reasoning and the utility of an axiomatic approach. An important special case of this approach deduces (global) existence properties of ODEs, which are a fundamental part of every ODE liveness argument. Thus, all generalizations of existence properties and their proofs immediately lead to corresponding generalizations of ODE liveness arguments. Overall, the resulting library of common refinement steps enables both the sound development and justification of new ODE existence and of liveness proof rules from dL axioms. These insights are put into practice through an implementation of ODE liveness proofs in the KeYmaera X theorem prover for hybrid systems.

scholarly journals Real Analysis for Complex Systems

10.29007/ksvj ◽  
2018 ◽  
Author(s):  
Andrè Platzer
Keyword(s):  
Differential Equations ◽  
Hybrid Systems ◽  
Traffic Control ◽  
Theoretical Perspective ◽  
Practical Interest ◽  
Theorem Prover ◽  
Physical Systems ◽  
Systems Model ◽  
Model Complex ◽  
Verification Techniques

Formal verification techniques are used routinely in finite-state digital circuits. Theorem proving is also used successfully for infinite-state discrete systems. But many safety-critical computers are actually embedded in physical systems. Hybrid systems model complex physical systems as dynamical systems with interacting discrete transitions and continuous evolutions along differential equations. They arise frequently in many application domains, including aviation, automotive, railway, and robotics. There is a well-understood theory for proving programs. But what about complex physical systems? How can we prove that a hybrid system works as expected, e.g., an aircraft does not crash into another one?This talk illustrates the complexities and pitfalls of hybrid systems verification. It describes a theoretical and practical foundation for deductive verification of hybrid systems called differential dynamic logic. The proof calculus for this logic is interesting from a theoretical perspective, because it is a complete axiomatization of hybrid systems relative to differential equations. The approach is of considerable practical interest too. Its implementation in the theorem prover KeYmaera has been used successfully to verify collision avoidance properties in the European Train Control System and air traffic control systems. The number of dimensions and nonlinearities in they hybrid dynamics of these systems is surprisingly tricky such that they are still out of scope for other verification tools.

SPECIFICATION AND VERIFICATION OF WORKFLOWS WITH RBAC MECHANISM AND SoD CONSTRAINTS

2007 ◽  
Vol 17 (01) ◽  
pp. 3-32 ◽  
Author(s):  
WEIQIANG KONG ◽  
KAZUHIRO OGATA ◽  
KOKICHI FUTATSUGI
Keyword(s):  
Theorem Prover ◽  
Role Based Access Control ◽  
Workflow Systems ◽  
Liveness Properties ◽  
Separation Of Duty ◽  
Role Based ◽  
Definition Of ◽  
Logical Errors ◽  
Verification Techniques

Security considerations, such as role-based access control (RBAC) mechanism and separation of duty (SoD) constraints, are important and integral to workflow systems. Since the definition of workflows with these security considerations is a complicated and error-prone process, rigorous verification techniques are desirable for uncovering logical errors and assuring correctness. We propose the use of an equation-based method — the OTS/CafeOBJ method to model, specify and verify workflows with such security considerations. Specifically, a workflow with the security considerations, is modeled as an OTS, a kind of transition system; the OTS is then specified in CafeOBJ, an algebraic specification language. We verify that the OTS has desired safety and liveness properties by using the CafeOBJ system as an interactive theorem prover. A case study on a sample workflow that deals with travel expense reimbursement is used to demonstrate our method.

scholarly journals Deductive Stability Proofs for Ordinary Differential Equations

2021 ◽  
pp. 181-199
Author(s):  
Yong Kiam Tan ◽  
André Platzer
Keyword(s):  
Differential Equations ◽  
Ordinary Differential Equations ◽  
Real World ◽  
Formal Analysis ◽  
Dynamic Logic ◽  
Logical Structure ◽  
Theorem Prover ◽  
Continuous Systems ◽  
Stability Properties ◽  
Controlled Systems

AbstractStability is required for real world controlled systems as it ensures that those systems can tolerate small, real world perturbations around their desired operating states. This paper shows how stability for continuous systems modeled by ordinary differential equations (ODEs) can be formally verified in differential dynamic logic (). The key insight is to specify ODE stability by suitably nesting the dynamic modalities of with first-order logic quantifiers. Elucidating the logical structure of stability properties in this way has three key benefits: i) it provides a flexible means of formally specifying various stability properties of interest, ii) it yields rigorous proofs of those stability properties from ’s axioms with ’s ODE safety and liveness proof principles, and iii) it enables formal analysis of the relationships between various stability properties which, in turn, inform proofs of those properties. These benefits are put into practice through an implementation of stability proofs for several examples in KeYmaera X, a hybrid systems theorem prover based on .

scholarly journals The dynamics of trait variance in multi-species communities

2020 ◽  
Vol 7 (8) ◽  
pp. 200321
Author(s):  
Jan Martin Nordbotten ◽  
Folmer Bokma ◽  
Jo Skeie Hermansen ◽  
Nils Chr. Stenseth
Keyword(s):  
Differential Equations ◽  
Blow Up ◽  
Adaptive Dynamics ◽  
Population Level ◽  
Species Level ◽  
Density Distributions ◽  
Formal Stability ◽  
Speciation Event ◽  
Trait Variance ◽  
Level Model

In this paper, we establish the explicit connection between deterministic trait-based population-level models (in the form of partial differential equations) and species-level models (in the form of ordinary differential equations), in the context of eco-evolutionary systems. In particular, by starting from a population-level model of density distributions in trait space, we derive what amounts to an extension of the typical models at the species level known from adaptive dynamics literature, to account not only for abundance and mean trait values, but also explicitly for trait variances. Thus, we arrive at an explicitly polymorphic model at the species level. The derivations make precise the relationship between the parameters in the two classes of models and allow us to distinguish between notions of fitness on the population and species levels. Through a formal stability analysis, we see that exponential growth of an eigenvalue in the trait covariance matrix corresponds to a breakdown of the underlying assumptions of the species-level model. In biological terms, this may be interpreted as a speciation event: that is, we obtain an explicit notion of the blow-up of the variance of (possibly a linear combination of) traits as a precursor to speciation. Moreover, since evolutionary volatility of the mean trait value is proportional to trait variance, this provides a notion that species at the cusp of speciation are also the most adaptive. We illustrate these concepts and considerations using a numerical simulation.

scholarly journals A concurrent constraint programming interpretation of access permissions

2018 ◽  
Vol 18 (2) ◽  
pp. 252-295
Author(s):  
CARLOS OLARTE ◽  
ELAINE PIMENTEL ◽  
CAMILO RUEDA
Keyword(s):  
Programming Languages ◽  
Linear Logic ◽  
Object Oriented Programming ◽  
Theorem Prover ◽  
Deadlock Detection ◽  
Program Correctness ◽  
Detection Program ◽  
Mutable State ◽  
Verification Techniques ◽  
Access Permissions

AbstractA recent trend in object-oriented programming languages is the use of access permissions (APs) as an abstraction for controlling concurrent executions of programs. The use of AP source code annotations defines a protocol specifying how object references can access the mutable state of objects. Although the use of APs simplifies the task of writing concurrent code, an unsystematic use of them can lead to subtle problems. This paper presents a declarative interpretation of APs as linear concurrent constraint programs (lcc). We represent APs as constraints (i.e., formulas in logic) in an underlying constraint system whose entailment relation models the transformation rules of APs. Moreover, we use processes inlccto model the dependencies imposed by APs, thus allowing the faithful representation of their flow in the program. We verify relevant properties about AP programs by taking advantage of the interpretation oflccprocesses as formulas in Girard's intuitionistic linear logic (ILL). Properties include deadlock detection, program correctness (whether programs adhere to their AP specifications or not), and the ability of methods to run concurrently. By relying on a focusing discipline for ILL, we provide a complexity measure for proofs of the above-mentioned properties. The effectiveness of our verification techniques is demonstrated by implementing the Alcove tool that includes an animator and a verifier. The former executes thelccmodel, observing the flow of APs, and quickly finding inconsistencies of the APs vis-à-vis the implementation. The latter is an automatic theorem prover based on ILL.

Sign in / Sign up

Export Citation Format

Share Document