Table of Contents
Fetching ...

Data-Driven Falsification of Cyber-Physical Systems

Atanu Kundu, Sauvik Gon, Rajarshi Ray

TL;DR

This work tackles falsification of safety properties in Cyber-Physical Systems by proposing FlexiFal, a data-driven framework that builds surrogate models of the CPS either as a deep neural network or a decision tree. The CPS-to-surrogate mapping enables the use of DNN falsification tools and, alternatively, a decision-tree guided approach that leverages explanations to efficiently generate counterexamples. Empirical results on CPS benchmarks (including ARCH-COMP 2024) show that the decision-tree grounded method (DTFal) often finds multiple hard-to-find counterexamples more efficiently, while the DNN-based route (NNFal) plus verification offers complementary capabilities. The framework provides practical value by rapidly identifying unsafe trajectories, sparing detailed full CPS verification, and by releasing datasets and surrogate models to the community for further research.

Abstract

Cyber-Physical Systems (CPS) are abundant in safety-critical domains such as healthcare, avionics, and autonomous vehicles. Formal verification of their operational safety is, therefore, of utmost importance. In this paper, we address the falsification problem, where the focus is on searching for an unsafe execution in the system instead of proving their absence. The contribution of this paper is a framework that (a) connects the falsification of CPS with the falsification of deep neural networks (DNNs) and (b) leverages the inherent interpretability of Decision Trees for faster falsification of CPS. This is achieved by: (1) building a surrogate model of the CPS under test, either as a DNN model or a Decision Tree, (2) application of various DNN falsification tools to falsify CPS, and (3) a novel falsification algorithm guided by the explanations of safety violations of the CPS model extracted from its Decision Tree surrogate. The proposed framework has the potential to exploit a repertoire of \emph{adversarial attack} algorithms designed to falsify robustness properties of DNNs, as well as state-of-the-art falsification algorithms for DNNs. Although the presented methodology is applicable to systems that can be executed/simulated in general, we demonstrate its effectiveness, particularly in CPS. We show that our framework, implemented as a tool \textsc{FlexiFal}, can detect hard-to-find counterexamples in CPS that have linear and non-linear dynamics. Decision tree-guided falsification shows promising results in efficiently finding multiple counterexamples in the ARCH-COMP 2024 falsification benchmarks~\cite{khandait2024arch}.

Data-Driven Falsification of Cyber-Physical Systems

TL;DR

This work tackles falsification of safety properties in Cyber-Physical Systems by proposing FlexiFal, a data-driven framework that builds surrogate models of the CPS either as a deep neural network or a decision tree. The CPS-to-surrogate mapping enables the use of DNN falsification tools and, alternatively, a decision-tree guided approach that leverages explanations to efficiently generate counterexamples. Empirical results on CPS benchmarks (including ARCH-COMP 2024) show that the decision-tree grounded method (DTFal) often finds multiple hard-to-find counterexamples more efficiently, while the DNN-based route (NNFal) plus verification offers complementary capabilities. The framework provides practical value by rapidly identifying unsafe trajectories, sparing detailed full CPS verification, and by releasing datasets and surrogate models to the community for further research.

Abstract

Cyber-Physical Systems (CPS) are abundant in safety-critical domains such as healthcare, avionics, and autonomous vehicles. Formal verification of their operational safety is, therefore, of utmost importance. In this paper, we address the falsification problem, where the focus is on searching for an unsafe execution in the system instead of proving their absence. The contribution of this paper is a framework that (a) connects the falsification of CPS with the falsification of deep neural networks (DNNs) and (b) leverages the inherent interpretability of Decision Trees for faster falsification of CPS. This is achieved by: (1) building a surrogate model of the CPS under test, either as a DNN model or a Decision Tree, (2) application of various DNN falsification tools to falsify CPS, and (3) a novel falsification algorithm guided by the explanations of safety violations of the CPS model extracted from its Decision Tree surrogate. The proposed framework has the potential to exploit a repertoire of \emph{adversarial attack} algorithms designed to falsify robustness properties of DNNs, as well as state-of-the-art falsification algorithms for DNNs. Although the presented methodology is applicable to systems that can be executed/simulated in general, we demonstrate its effectiveness, particularly in CPS. We show that our framework, implemented as a tool \textsc{FlexiFal}, can detect hard-to-find counterexamples in CPS that have linear and non-linear dynamics. Decision tree-guided falsification shows promising results in efficiently finding multiple counterexamples in the ARCH-COMP 2024 falsification benchmarks~\cite{khandait2024arch}.
Paper Structure (27 sections, 9 equations, 5 figures, 6 tables, 4 algorithms)

This paper contains 27 sections, 9 equations, 5 figures, 6 tables, 4 algorithms.

Figures (5)

  • Figure 1: The flowchart of the falsification framework FlexiFal. The framework incorporates two distinct falsification strategies, DTFal (left) and NNFal (right).
  • Figure 2: Demonstrating the explanation generation process for a safety property $\square_{[0, 15]} (x > 0)$. a) This figure shows the explanation generation process when a falsifying leaf node is present in the decision tree. The explanation is derived from the path that traces backwards from the falsifying node depicted in Red to the root node. b) When no falsifying leaf node is present in a decision tree, the nearest falsifying leaf node, highlighted in Red is considered to generate the explanation.
  • Figure 3: Counterexamples generated by FlexiFal using NNFal algorithm.
  • Figure 6: #Simulations to find one vs multiple counterexamples nearly overlap. The time difference between finding one counterexample vs many is small in most of the instances.
  • Figure 7: Top: Time for finding 1 vs more than 50 counterexamples. Bottom: #simulations to find 1 vs more than 50 counterexamples across the Simulink instances.

Theorems & Definitions (7)

  • Definition 1: Falsification of Reachability Specification
  • Definition 2: Local Robustness Specification
  • Definition 3
  • Definition 4: STL Semantics maler2004monitoring
  • Definition 5: Falsifying leaf node
  • Definition 6: Nearest falsifying leaf node
  • Definition 7: explanation