Many cyber-physical systems (CPS) are safety-critical, so it is important to formally verify them, e.g. in formal logics that show a model's correctness specification always holds. Constructive Differential Game Logic (CdGL) is such a logic for (constructive) hybrid games, including hybrid systems. To overcome undecidability, the user first writes a proof, for which we present a proof-checking tool. We introduce Kaisar, the first language and tool for CdGL proofs, which until now could only be written by hand with a low-level proof calculus. Kaisar's structured proofs simplify challenging CPS proof tasks, especially by using programming language principles and high-level stateful reasoning. Kaisar exploits CdGL's constructivity and refinement relations to build proofs around models of game strategies. The evaluation reproduces and extends existing case studies on 1D and 2D driving. Proof metrics are compared and reported experiences are discussed for the original studies and their reproductions.
翻译:许多网络物理系统(CPS)是安全的,因此,必须正式核实它们,例如,在显示模型正确性规格的正式逻辑中。建设性差异游戏逻辑(CdGL)是混合游戏(包括混合系统)的逻辑。为了克服不可降解性,用户首先写一个证据,我们为此提出一个校对工具。我们介绍了凯撒,即CdGL证据的第一语言和工具,到目前为止,只能用低度校准手写。Kaisar的结构化证据简化了挑战CPS检验任务的方法,特别是使用编程语言原则和高层次的州划推理方法。Kaisar利用CdGL的构建性和完善关系来围绕游戏战略模型建立证据。评价复制并扩展了关于1D和2D驾驶的现有案例研究。对证据进行了比较,并讨论了原始研究及其复制的经验。