Abstraction based verification of stability of polyhedral switched systems

https://doi.org/10.1016/j.nahs.2020.100856Get rights and content

Abstract

This paper presents a novel abstraction technique for analyzing Lyapunov and asymptotic stability of polyhedral switched systems. A polyhedral switched system is a hybrid system in which the continuous dynamics is specified by polyhedral differential inclusions, the invariants and guards are specified by polyhedral sets and the switching between the modes do not involve reset of variables. A finite state weighted graph abstracting the polyhedral switched system is constructed from a finite partition of the state–space, such that the satisfaction of certain graph conditions, such as the absence of cycles with product of weights on the edges greater than (or equal) to 1, implies the stability of the system. However, the graph is in general conservative and hence, the violation of the graph conditions does not imply instability. If the analysis fails to establish stability due to the conservativeness in the approximation, a counterexample (cycle with product of edge weights greater than or equal to 1) indicating a potential reason for the failure is returned. Further, a more precise approximation of the switched system can be constructed by considering a finer partition of the state–space in the construction of the finite weighted graph. We present experimental results on analyzing stability of switched systems using the above method.

Introduction

Stability is a fundamental property in control design. It captures the notion that small perturbations in the initial state or input to the system result in only small variations in the behavior of the system. In this paper, we focus on the problem of automated stability verification of switched systems.

Switched systems [1] are a special class of hybrid systems [2] – systems exhibiting mixed discrete continuous behaviors – in which the continuous state of the system does not change during a mode switch. Switched systems are a natural model in supervisory control, wherein the plant consists of a finite number of operational modes, and the supervisor continuously observes the state of the system and takes decisions regarding the mode switches. Stability has been extensively investigated in the context of switched systems, and several sufficient conditions on the system and the switching behavior which ensure stability have been proposed (see [1], [3] and references therein).

One of the widely used approaches to stability verification of switched system is based on the notions of common and multiple Lyapunov functions [3], [4], [5], [6], [7], [8], wherein either a common function which acts as a Lyapunov function for each mode or a distinct function serving as a Lyapunov function for each mode along with consistency conditions on the switching, is sought. Automated verification of stability based on Lyapunov function can be characterized as deductive verification in the formal methods terminology. It encompasses a search for a Lyapunov function based on a template, such as a polynomial with coefficients as parameters, which serves as a candidate function. The requirements of Lyapunov function are encoded as a sum-of-squares programming problem over the template, which can be efficiently solved using tools such as SOSTOOLS [9], [10], [11].

One of the major limiting factors of the template based search is the ingenuity required in providing the right templates; and automatically learning the templates, with the exception of [12], is a challenge which has not been adequately addressed. Moreover, if a template fails to satisfy the conditions of Lyapunov function, then it does not provide insights into the potential reasons for instability or towards the choice of a better template. To overcome these limitations, we propose an algorithmic approach – graph exploration based algorithm – that consists of constructing a weighted graph whose analysis either determines stability or returns a counterexample indicating a potential reason for failure. Further, the counterexample can provide insights into the choice of subsequent abstractions (refinement); we do not explore here automated refinement techniques based on counterexamples.

In this paper, we focus on the class of polyhedral switched systems (PSS). These are systems in which the invariants for the modes and the guards on the switching are convex polyhedral sets; further, the dynamics in each mode is specified as a polyhedral differential inclusion ẋP, where P is a compact convex polyhedral set. The core contribution is the development of a quantitative predicate abstraction technique over PSS. Various methods include predicate and hybrid abstractions [13], [14], [15], [16] for computing abstract models oriented to safety verification. These standard methods do not suffice for stability analysis, so we introduce a novel predicate abstraction technique for stability preservation.

Our approach consists of constructing a finite weighted graph which represents a conservative approximation of the switched system, and inferring stability by analyzing certain properties of the graph. The algorithm takes as input a PSS H and a finite partition P of the state–space into convex polyhedral sets (so-called elements), and outputs a finite weighted graph G. The vertices of the graph correspond to pairs consisting of a mode of the system and an element of the partition. An edge between two mode-element pairs indicates the existence of an execution starting from the first mode and a point on the first element to the second mode and a point on the second element such that it remains in a single element at all the intermediate time instances. The weight on an edge corresponds to the maximum scaling between the starting and the ending continuous states over all such executions, that is, an upper bound on the ratio of the distance to the equilibrium point at the end of the execution to that at the beginning. Hence, corresponding to every execution of the system, there exists a path in the graph which tracks the scalings associated with various time points in the execution. In particular, the existence of an edge with weight + implies a possibility of a diverging execution. Similarly, existence of a cycle in the graph such that the product of the weights is strictly greater than 1, implies the possibility of a diverging execution obtained by traversing the cycle infinitely many times. Absence of the above entities in the graph implies Lyapunov stability. We provide criteria based on graph analysis, which provide sufficient conditions for Lyapunov and asymptotic stability.

One interesting feature of this analysis is a potential counterexample in the event of a failure to prove stability. For example, a cycle such that the product of the weights on the edges >1 is a potential counterexample for Lyapunov stability. Another interesting feature is the ability to construct a less conservative abstraction, by considering a finer partition. A finer partition can be obtained, for example, by splitting each element in the current partition based on a linear constraint.

Construction of the finite weighted graph involves computing a non-trivial reachability predicate which captures all pairs of states of the system for which there is an execution from the first state to second while remaining within a single element of the partition. Existence of an edge then corresponds to satisfiability of the predicate and the weight corresponds to solving an optimization problem over the predicate. We show that we can construct a formula which is a boolean combination of linear constraints which is equivalent to the reachability predicate and hence compute the weight by solving a finite set of linear programming problems. The construction of the formula is involved owing to the fact that the number of mode switches that can occur during an execution within an element of the partition is unbounded due to the presence of cycles in the underlying switching graph. We reduce the analysis to that of an acyclic graph using the notion of strongly connected components and hence, bound the number of switches for the purpose of analysis.

The algorithm has been implemented in a tool called Averist (Algorithmic VERIfier for STability) [17]. We illustrate the merits of the algorithmic approach on an example using the tool. We employ variations of the example for evaluating the performance of the tool. The tool returns either a stability proof or a counterexample. The counterexample either leads to an instability answer or can be used to construct new constraints in order to refine the partition and obtain a more accurate one.

Currently, the choice of the appropriate predicates is carried out mainly through manual examination of the counterexample. There exists work focused on automating this process through a counterexample guided abstraction refinement approach [18].

Our choice of polyhedral switched systems is motivated by the fact that certain computations involved in our analysis are simple for this class, such as the representation of the reachability predicate. However, several classes of hybrid systems can be efficiently abstracted to this class [19], [20].

A preliminary version of this paper, appeared in [21]. In comparison to the former version, this work contains more detailed explanations, complete proofs and elaborate experiments. In particular, the replacement of executions by piecewise executions in stability definitions is justified in here by stating Proposition 2 and adding its proof. Proposition 3 and its proof appear only as an observation in the previous work. The equivalence in terms of stability between a polyhedral switched system and its normal form is proved in detail. Proofs of Theorem 7, Theorem 8 are included. Also Algorithm 1 for abstraction construction and Algorithm 2 for scaling computation are added, accompanied by details of the functions contained in them. Table 1 with experimental results does not appear in the preliminary version.

Section snippets

Preliminaries

Let R, R0, and N denote the set of reals, non-negative reals and natural numbers, respectively. Given a function F, we use dom(F) to denote the domain of F. Given a set Adom(F), we denote by FA, the restriction of F to the domain A.

Sequences: A sequence domain is a either a finite subset of N of the form {0,1,,n} for some nN or the infinite set N. A sequence over a set A is a function S:DA, where D is a sequence domain. The length of a sequence S, denoted len(S), is the least upper bound

Polyhedral switched systems

A switched system [1] models supervisory control in which the supervisor observes the state of the system and switches between a finite number of operational modes of the system. In each mode, the continuous state evolves according to a pre-assigned continuous dynamics and satisfies certain invariant conditions. Mode switch occurs when certain guards are satisfied, and in particular, the continuous state remains the same during the switch. We focus on the class of switched systems in which the

Stability: Lyapunov and asymptotic

In this section, we define two classical notions of stability in control theory, and state preliminary results about the stability of polyhedral switched systems.

Definition 6

A point xRn is an equilibrium point of an n-dimensional PSS, if every execution σexec(H) with η(0)=x satisfies η(t)=x for all tdom(η).

We will assume without loss of generality that the origin 0̄, is the equilibrium point. In the case of the equilibrium point is not 0̄, we can apply a translation to the equilibrium point and every

Stability verification procedure

In this section, we present an algorithmic approach for verifying stability of PSSs. This is an extension of the algorithms in [25] for piecewise constant derivative systems and in [24] for two dimensional rectangular switched systems. The verification procedure consists of two parts:

  • 1.

    Extracting a finite weighted graph from the PSS using an elementary partition of the state–space.

  • 2.

    Analyzing the graph for deducing stability.

We discuss the two parts in detail in the following. However, we will

Weighted graph construction

Here, we present in detail the weighted graph construction. Algorithm 1 describes the full procedure and Algorithm 2 is the most intricate function in the graph construction. Algorithm 2 determines the existence of edges between vertices and computes the weights associated with them.

Implementation

The stability verification procedure has been implemented in Python and integrated in a tool called Averist (Algorithmic VERIfier for STability) [17], [21], which can be found in http://software.imdea.org/projects/averist/index.html. It uses the Parma Polyhedral Library (PPL) [28] to deal with polyhedral operations, the NetworkX Python package [29] to manage and analyze graphs and the GLPK library [30] for solving optimization problems.

The experiments have been performed on Mac OS X 10.10 with

Conclusions

We investigated an algorithmic approach to stability verification of polyhedral switched systems. Our method relies on constructing a finite weighted graph abstracting the system using a finite partition of the state–space as a parameter. In the event of a failure to infer stability from the graph, our algorithm provides insights into the reasons for the failure in terms of a counterexample. In addition, a qualitatively better approximation of the system can be constructed by feeding a finer

References (33)

  • MasonP. et al.

    Common polynomial Lyapunov functions for linear switched systems

    SIAM J. Control Optim.

    (2006)
  • ParriloP.A.

    Structure Semidefinite Programs and Semialgebraic Geometry Methods in Robustness and Optimization

    (2000)
  • A. Papachristodoulou, S. Prajna, On the construction of Lyapunov functions using the sum of squares decomposition, in:...
  • MöhlmannE. et al.

    Stabhyli: a tool for automatic stability verification of non-linear hybrid systems

  • KapinskiJ. et al.

    Simulation-guided Lyapunov analysis for hybrid dynamical systems

  • H. Dierks, S. Kupferschmid, K. Larsen, Automatic abstraction refinement for timed automata, in: Proceedings of Formal...
  • Cited by (2)

    No author associated with this paper has disclosed any potential or pertinent conflicts which may be perceived to have impending conflict with this work. For full disclosure statements refer to https://doi.org/10.1016/j.nahs.2020.100856.

    1

    This author was partially supported by BES-2013-065076 grant from the Spanish Ministry of Economy and Competitiveness and by S11402-N23 (RiSE/SHiNE) and Z211-N23 (Wittgenstein Award) grants from the Austrian Science Fund (FWF), Austria.

    2

    This author was partially supported by NSF, USA CAREER Award No. 1552668 and ONR, USA YIP Award No. N00014-17-1-257.

    View full text