A Robustness-Based Confidence Measure for Hybrid System Falsification

Verification of hybrid systems is very challenging, if not impossible, due to their continuous dynamics that leads to infinite state space. As a countermeasure, falsification is usually applied to show that a specification does not hold, by searching for a falsifying input as a counterexample that r...

Celý popis

Uloženo v:
Podrobná bibliografie
Vydáno v:IEEE transactions on computer-aided design of integrated circuits and systems Ročník 42; číslo 5; s. 1718 - 1731
Hlavní autoři: Takisaka, Toru, Zhang, Zhenya, Arcaini, Paolo, Hasuo, Ichiro
Médium: Journal Article
Jazyk:angličtina
Vydáno: New York IEEE 01.05.2023
The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
Témata:
Algorithms
Confidence
Confidence measure
Extraterrestrial measurements
falsification
Heuristic algorithms
Hybrid systems
Robustness
Robustness (mathematics)
Semantics
signal temporal logic
Space exploration
Specifications
Testing
Vehicle dynamics
ISSN:0278-0070, 1937-4151
On-line přístup:Získat plný text
Tagy: Přidat tag
Žádné tagy, Buďte první, kdo vytvoří štítek k tomuto záznamu!
Popis
Shrnutí:Verification of hybrid systems is very challenging, if not impossible, due to their continuous dynamics that leads to infinite state space. As a countermeasure, falsification is usually applied to show that a specification does not hold, by searching for a falsifying input as a counterexample that refutes the specification. A falsification algorithm exploits the quantitative robust semantics of temporal specifications, which provides a numerical robustness that tells how robustly a specification holds or not, and uses it as a guide to explore the input space toward the direction of robustness descent-once negative robustness is observed, it indicates that a falsifying input is found. However, if a falsification algorithm does not return any falsifying input, a user is not sure whether the specification does indeed hold, or there exist counterexamples that the algorithm did not manage to reach. In this case, a measurement on how likely there indeed exists no counterexample in the input space is necessary for better understanding the safety of the system and deciding whether more budget should be allocated for the falsification. To this end, we propose a confidence measure that assesses the likelihood that the system is not falsifiable, i.e., how confident a user should be that a specification holds, given the fact that an algorithm has sampled a set of inputs but did not find any falsifying one. The confidence measure is defined in terms of a coverage criterion of the input space that assesses to which extent the whole input space is explored and a local area is exploited where low robustness is observed. Experiments on commonly used falsification benchmarks show that our proposed confidence measure is reasonable and can distinguish different specifications.
Bibliografie:ObjectType-Article-1
SourceType-Scholarly Journals-1
ObjectType-Feature-2
content type line 14
ISSN:0278-0070
1937-4151
DOI:10.1109/TCAD.2022.3201157