We present Barrier Certificate-based Simplex (BC-Simplex), a new, provably correct design for runtime assurance of continuous dynamical systems. BC-Simplex is centered around the Simplex Control Architecture, which consists of a high-performance advanced controller which is not guaranteed to maintain safety of the plant, a verified-safe baseline controller, and a decision module that switches control of the plant between the two controllers to ensure safety without sacrificing performance. In BC-Simplex, Barrier certificates are used to prove that the baseline controller ensures safety. Furthermore, BC-Simplex features a new automated method for deriving, from the barrier certificate, the conditions for switching between the controllers. Our method is based on the Taylor expansion of the barrier certificate and yields computationally inexpensive switching conditions. We consider a significant application of BC-Simplex to a microgrid featuring an advanced controller in the form of a neural network trained using reinforcement learning. The microgrid is modeled in RTDS, an industry-standard high-fidelity, real-time power systems simulator. Our results demonstrate that BC-Simplex can automatically derive switching conditions for complex systems, the switching conditions are not overly conservative, and BC-Simplex ensures safety even in the presence of adversarial attacks on the neural controller.
翻译:BC-Semplex(BC-Semplex)是用于连续动态系统运行时保证的一个新的、可证实正确的设计。BC-Semprex(BC-Semplex)以Flaimx控制架构为中心,该架构由高性能高级控制器组成,不能保证维护工厂的安全;一个经过核查的安全基线控制器;一个在两个控制器之间交换对工厂的控制以确保安全而不牺牲性能的决定模块。在BC-Semplex(BC-Semplex)中,障碍证书用于证明基线控制器安全。此外,BC-Semprex(BC-Sempreax)在从屏障证书中衍生出控制器之间转换条件的新的自动化方法。我们的方法是以泰勒(Taylor)扩大屏障证书和按成本计算的低价转换条件为基础的。我们考虑将BC-Sopreax(BC-Sax)大量应用于微电网,以经过训练的神经控制器网络的形式,通过强化学习来保证安全。微电磁电网。微电网在RTDS、工业标准、实时模拟系统上,我们的结果显示BC-Sax(BC-Slax-ststal-stal-stal)可以自动变换动的系统。