What Does It Take to Get Guarantees? Systematizing Assumptions in Cyber-Physical Systems

TL;DR

This paper systematically surveys assumptions and guarantees in cyber-physical systems literature, highlighting prevalent trends, gaps, and the need for better reporting and testing of assumptions to ensure system reliability.

Contribution

It provides the first comprehensive analysis of assumptions in CPS, extracting and categorizing 423 assumptions from 104 papers over a decade.

Findings

Assumptions related to initialization, sensing, perception, neural components, and uncertainty are prevalent.

Significant gaps exist in reporting and testing CPS assumptions.

The study offers a call to action for improved assumption documentation in CPS research.

Abstract

Formal guarantees for cyber-physical systems (CPS) rely on diverse assumptions. If satisfied, these assumptions enable the transfer of abstract guarantees into real-world assurances about the deployed CPS. Although assumptions are central to assured CPS, there is little systematic knowledge about what assumptions are made, what guarantees they support, and what it would take to specify them precisely. To fill this gap, we present a survey of assumptions and guarantees in the control, verification, and runtime assurance areas of CPS literature. From 104 papers over a 10-year span (2014-2024), we extracted 423 assumptions and 321 guarantees using grounded-theory coding. We also annotated the assumptions with 21 tags indicating elementary language features needed for specifications. Our analysis highlighted prevalent trends and gaps in CPS assumptions, particularly related to initialization, sensing, perception, neural components, and uncertainty. Our observations culminated in a call to action on reporting and testing CPS assumptions.