From Bounded Reachability Analysis of Linear Hybrid Automata to Verification of Industrial CPS and IoT.

Hybrid Automata are a well-known framework used to model hybrid systems, containing both discrete and continuous dynamic behavior. However, reachability analysis of hybrid automata is difficult. Existing work does not scale well to the size of practical problems. This paper gives a review of how we handle the verification of hybrid systems in a path-oriented way. First, we propose a path-oriented bounded reachability analysis method to control the complexity of verification of linear hybrid automata. As we only check the reachability of one path at a time, the resulted state space for each computation is limited and hence can be solved efficiently. Then, we present an infeasible constraint guided path-pruning method to tailor the search space, a shallow synchronization semantics to handle compositional behavior, and a method based on linear temporal logic (LTL) to extend the bounded model checking (BMC) result to an unbounded state space. Such methods and tools are implemented in a tool, BACH, and have been used as the underlying decision procedure of our verification of cyber-physical systems (CPS) and Internet of Things (IoT).