Trace-Checking CPS Properties: Bridging the Cyber-Physical Gap

TL;DR

This paper introduces HLS, a new logic language for specifying complex CPS requirements, and ThEodorE, an SMT-based trace-checking tool, demonstrating improved expressiveness and performance on an industrial satellite case study.

Contribution

The paper presents HLS, a highly expressive logic for CPS requirements, and ThEodorE, an efficient SMT-based trace-checker, bridging the gap between physical and software components in CPS verification.

Findings

HLS expressed all 212 requirements in the case study.

ThEodorE verified 74.5% of trace-requirement pairs.

Approach outperforms existing tools in expressiveness and efficiency.

Abstract

Cyber-physical systems combine software and physical components. Specification-driven trace-checking tools for CPS usually provide users with a specification language to express the requirements of interest, and an automatic procedure to check whether these requirements hold on the execution traces of a CPS. Although there exist several specification languages for CPS, they are often not sufficiently expressive to allow the specification of complex CPS properties related to the software and the physical components and their interactions. In this paper, we propose (i) the Hybrid Logic of Signals (HLS), a logic-based language that allows the specification of complex CPS requirements, and (ii) ThEodorE, an efficient SMT-based trace-checking procedure. This procedure reduces the problem of checking a CPS requirement over an execution trace, to checking the satisfiability of an SMT formula. We evaluated our contributions by using a representative industrial case study in the satellite domain. We assessed the expressiveness of HLS by considering 212 requirements of our case study. HLS could express all the 212 requirements. We also assessed the applicability of ThEodorE by running the trace-checking procedure for 747 trace-requirement combinations. ThEodorE was able to produce a verdict in 74.5% of the cases. Finally, we compared HLS and ThEodorE with other specification languages and trace-checking tools from the literature. Our results show that, from a practical standpoint, our approach offers a better trade-off between expressiveness and performance.