Model-bounded monitoring of hybrid systems

TL;DR

The paper tackles the challenge of inferring continuous-time hybrid-system behaviors from infrequently sampled logs by introducing model-bounded monitoring, which uses Linear Hybrid Automata (LHAs) as bounding models to constrain interpolation. It defines a novel monitored language $\mathcal{L}_{\mathrm{mon}}$ and reduces monitoring to a membership problem within this language, proposing two partial, sound algorithms: one via reduction to LHA reachability (using PHAVerLite) and one based on direct polyhedra computation. The approach is validated through extensive experiments on automotive platooning, navigation, and gas-burner benchmarks, showing practical scalability and robustness, albeit with undecidability caveats and potential false alarms when the bounding model is imprecise. The work offers a principled, automata-based framework for monitoring CPS under sampling uncertainties, with clear pathways to extensions toward temporal properties, partial observations, and quantitative guarantees, highlighting its utility for real-world, safety-critical systems. Overall, model-bounded monitoring provides a scalable and sound mechanism to reason about safety under interpolation, leveraging convex polyhedra and LHA-based analysis to bound the gap between discrete logs and continuous-time behaviors.

Abstract

Monitoring of hybrid systems attracts both scientific and practical attention. However, monitoring algorithms suffer from the methodological difficulty of only observing sampled discrete-time signals, while real behaviors are continuous-time signals. To mitigate this problem of sampling uncertainties, we introduce a model-bounded monitoring scheme, where we use prior knowledge about the target system to prune interpolation candidates. Technically, we express such prior knowledge by linear hybrid automata (LHAs) -- the LHAs are called bounding models. We introduce a novel notion of monitored language of LHAs, and we reduce the monitoring problem to the membership problem of the monitored language. We present two partial algorithms -- one is via reduction to reachability in LHAs and the other is a direct one using polyhedra -- and show that these methods, and thus the proposed model-bounded monitoring scheme, are efficient and practically relevant.

Figures (17)

• Figure 1: Hybrid system monitoring and sampling uncertainties
• Figure 2: $\textcolor{colorok}{w}$ and $\sigma$
• Figure 3: A leading example: automotive platooning
• Figure 4: Model-bounded monitoring of hybrid systems
• Figure 5: Model-bounded monitoring of the log $w$ in \ref{['figure:automotivePlatooningLog']}. The bounding model $\mathcal{M}$ in \ref{['figure:LHAsystemmodelExample']} confines interpolation to the hatched area. Thus no collision in $t\in [0,10]$; potential collision in $t\in [10, 20]$.

Theorems & Definitions (26)

• Example 1: automotive platooning
• Example 2
• Definition 3: linear hybrid automata (LHA) HPR94
• Example 4
• Example 5
• Definition 6: concrete semantics of an LHA
• Definition 7: (accepting) run
• Example 8
• Definition 9: timed quantitative words
• Definition 10: monitored language $\mathcal{L}_{\mathrm{mon}}(\mathcal{M})$