Abstraction by Projection and Application to Multi-affine Systems
15
Transcript of Abstraction by Projection and Application to Multi-affine Systems
Abstra tion by proje tion and appli ation to
multi-aÆne systems
Eugene Asarin
1
and Thao Dang
2
1
LIAFA,
Universit�e Paris 7, Case 7014, 2 pla e Jussieu, 75251 Paris 5, Fran e
Eugene.Asarin�liafa.jussieu.fr
2
VERIMAG,
Centre Equation, 2 av de Vignate, 38610 Gi�eres, Fran e
Thao.Dang�imag.fr
Abstra t. In this paper we present an abstra tion method for nonlin-
ear ontinuous systems. The main idea of our method is to proje t out
some ontinuous variables, say z, and treat them in the dynami s of the
remaining variables x as un ertain input. Therefore, the dynami s of x is
then des ribed by a di�erential in lusion. In addition, in order to avoid
ex essively onservative abstra tions, the domains of the proje ted vari-
ables are divided into smaller regions orresponding to di�erent di�eren-
tial in lusions. The �nal result of our abstra tion pro edure is a hybrid
system of lower dimension with some important properties that guaran-
tee onvergen e results. The appli ability of this abstra tion approa h
depends on the ability to deal with di�erential in lusions. We then fo us
on un ertain bilinear systems, a simple yet useful lass of nonlinear dif-
ferential in lusions, and develop a rea hability te hnique using optimal
ontrol. The ombination of the abstra tion method and the rea habil-
ity analysis te hnique for bilinear systems allows to treat multi-aÆne
systems, whi h is illustrated with a biologi al system.
1 Introdu tion
Re ent developments in embedded ontrol systems have motivated mu h re-
sear h on automated veri� ation of ontinuous and hybrid systems. For systems
involving non-trivial ontinuous dynami s (des ribed by di�erential equations),
exa t and approximate rea hability analysis methods have been developed [16,
22, 9, 3, 20, 24℄. Even though these methods have been used to treat interesting
ase studies, the omplexity of rea hability omputations urrently limits the
appli ation to small size systems. In order to s ale to larger systems, abstra -
tion methods have been investigated (see [9, 32, 2, 31, 26℄). Roughly speaking,
abstra tion is a general approa h allowing to dedu e properties of a system by
analyzing a more abstra t and, in general, smaller system (see [10, 8℄ and refer-
en es therein). Some of the abstra tion methods for hybrid systems, inspired by
te hniques from program analysis, aim at extra ting (exa tly or approximately)
a �nite-state model from a ontinuous/hybrid system while the other exploit the
stru ture of the system in order to redu e it into a system of smaller dimen-
sion whi h preserves the properties of interest. In addition, the methods based
on approximating ontinuous systems by hybrid systems with simpler ontinu-
ous dynami s [28, 18, 4℄, that we all `hybridization-based' methods, an also be
viewed as an abstra tion approa h.
In this work, we propose an abstra tion method for dimension redu tion, whi h
is along the lines of the hybridization-based approa h. Our �rst observation is
that in many pra ti al systems, the properties to verify involve only a subset
of variables, and the other variables may not need to be analyzed with great
a ura y. The main idea of our method is to proje t out some ontinuous vari-
ables, say z, and treat them in the dynami s of the remaining variables x as
un ertain input. Therefore, the dynami s of x is then des ribed by a di�erential
in lusion. In addition, in order to avoid ex essively onservative abstra tions,
the domains of the proje ted variables are divided into smaller regions orre-
sponding to di�erent di�erential in lusions. The �nal result of our abstra tion
pro edure is a hybrid system of lower dimension with some important proper-
ties that guarantee onvergen e results. However, this abstra tion method does
not solve the veri� ation problem by itself. The su ess depends on the ability
to deal with di�erential in lusions. We thus fo us on the rea hability problem
for un ertain bilinear systems, a simple yet useful lass of nonlinear di�eren-
tial in lusions. The ombination of the abstra tion method and the rea hability
analysis method for bilinear systems allows to treat multi-aÆne systems, whi h
an be found in numerous appli ations in engineering, biology and e onomi s.
The rest of the paper is organized as follows. In Se tion 2 we present our abstra -
tion method and the onvergen e results. Se tion 3 is devoted to a rea hability
analysis method for un ertain bilinear systems, whi h is motivated by the ap-
pli ation to multi-aÆne systems. This rea hability te hnique uses results from
optimal ontrol. Se tion 4 ontains an example of a biologi al system illustrating
the theoreti al results of the paper.
2 Abstra tion by proje tion
2.1 Basi idea
We onsider a ontinuous system
�
_x = f(x; z)
_z = g(x; z)
(1)
where x 2 X � R
n
, z 2 Z � R
m
. We assume that the state spa e of the system
is ompa t and the fun tions f , g are Lips hitz ontinuous. Given a ve tor x we
use the notation x
i
to denote the i
th
omponent of x.
Suppose that we want to redu e the dimension of the system (1) from n+m to
n by proje ting out the variables z. As in qualitative simulation, the �rst step
of the abstra tion is to partition the domain of z into disjoint regions, and in
ea h region the dynami s of x is approximated by a di�erential in lusion whi h
is obtained from f(x; z) by letting z to take any value in the region. In other
words, the e�e t of z in the dynami s of x is modeled as un ertain external
input. Let us now formalize this idea.
We suppose that the domain of variable z
i
is an interval I
i
= [z
i
; �z
i
℄, and the
domain of z is thus a box B = I
1
�I
2
�: : :�I
m
. We partition ea h interval I
i
into
k disjoint intervals
3
of the form fI
1
i
= [z
1
i
; �z
1
i
); I
2
i
= [z
2
i
; �z
2
i
); : : : ; I
k
i
= [z
k
i
; �z
k
i
℄g
su h that z
1
i
= z
i
, �z
k
i
= �z
i
and for all j 2 f1; : : : ; k�1g �z
j
i
= z
j+1
i
. Therefore, the
box B is partitioned into k
m
boxes, and we denote by B
i
with i 2 N
m
the box
I
i
1
1
� : : :� I
i
m
m
. In the following we shall approximate the (n+m)-dimensional
ontinuous system (1), referred to as the original system, by a hybrid automaton
with n ontinuous variables.
Ea h box B
i
orresponds to a lo ation lo
i
of the approximating hybrid au-
tomaton where the dynami s of x is approximated by the following di�erential
in lusion: _x 2 F
i
(x) = ff(x; z) j z 2 B
i
g. The transitions of this hybrid au-
tomaton orrespond to the rea hability relation between the boxes B
i
of the
original system (1), whi h an be abstra ted as follows. Note that sin e (1) is
ontinuous, only transitions between adja ent boxes need to be onsidered. For
our further developments, we need to introdu e some additional notations. The
boxes B
i
and B
j
are alled adja ent if jj
i
� i
i
j � 1 for all i and i 6= j. We denote
by d(i; j) = fi j 1 � i � m ^ j
i
6= i
i
jg the set of indi es at whi h the omponents
of i and j di�er. We use �(B
i
;B
j
) to denote the ommon boundary of the boxes.
Given two adja ent boxes B
i
and B
j
, the ondition for the transition from B
i
to
B
j
, denoted by B
i
! B
j
, is:
9z 2 �(B
i
;B
j
) 8i 2 d(i; j) : (j
i
� i
i
)g
i
(x; z) � 0 (2)
where g
i
denotes the i
th
omponent of g. The above ondition says that the
transition from a box to one of its adja ent boxes is possible if there exists at
least one point on the ommon boundary of the two boxes at whi h the derivative
of z points into the arrival box. As an example, for two adja ent boxes B
i
and B
j
su h that j
i
= i
i
+1 and j
j
= i
j
for all other j 6= i, the ondition for the transition
B
i
! B
j
is g
i
(x; �z
i
) � 0. Similarly, the ondition for the transition B
j
! B
i
is
g
i
(x; �z
i
) � 0. Obviously, the ondition (2) is not suÆ ient sin e it only implies
that there exists a traje tory of the original system that goes from one box to
an adja ent box. Hen e, the resulting hybrid system is an over-approximation of
the original ontinuous system. The approximating system where z is s alar is
shown in Figure 1.
2.2 Remedy dis ontinuities
It should be noted that the way we proje t out the variables z introdu es dis-
ontinuities in the derivative of the remaining variables x. For the sake of well-
posedness, as in the sliding mode
4
approa hes, we shall \ onvexify" the dynami s
3
For simpli ity of notation, we hoose the same number of intervals for all z
i
.
4
The literature of sliding mode ontrol is vast, see for example [34, 1℄.
: : :_x 2 F
1
(x)
_x 2 F
2
(x) _x 2 F
k
(x)
g(x; �z
1
) � 0 g(x; �z
2
) � 0 g(x; �z
k�1
) � 0
g(x; �z
k�1
) � 0g(x; �z
2
) � 0g(x; �z
1
) � 0
Fig. 1. Hybrid automaton obtained after proje ting out the variables z.
of the abstra t system in order to guarantee the existen e of solutions [14℄ as
well as an error bound of the approximation of the solution set.
Let B
i
and B
j
be two adja ent boxes. Between the lo ations lo
i
and lo
j
, we
add a lo ation lo
ij
whose ontinuous dynami s is de�ned as: _x 2 F
ij
(x) =
ofF
i
(x); F
j
(x)g where o denotes the losed onvex hull. The resulting system
is illustrated in Figure 2. For brevity, we denote the approximating system of
g(x; �z
i
) = 0
: : :
g(x; �z
i
) � 0
g(x; �z
i
) � 0
: : :_x 2 F
i
(x; y)
_x 2 F
ij
(x; y)
_x 2 F
j
(x; y)
g(x; �z
i
) � 0
g(x; �z
i
) � 0
g(x; �z
j
) � 0
g(x; �z
j
) � 0
Fig. 2. Approximating hybrid system with upper semi- ontinuous dynami s.
Figure 2 by
_x 2 F(x): (3)
The above \ onvexi� ation" provides the system (3) with an important property
stated in the following lemma.
Lemma 1. The multifun tion F in (3) is one-sided Lips hitz and upper semi-
ontinuous.
The on epts of one-sided Lips hitz and upper semi- ontinuity are re alled in
the proof of the lemma, presented in Appendix.
To quantify the error between the original and approximating systems, we �rst
de�ne the size of the dis retization of z. The diameter of the box B
i
is diam(B
i
) =
maxfjz� z
0
j : z 2 B
i
^ z
0
2 B
i
g where j � j is the Eu lidean norm. Then, the size
of the dis retization of z is Æ
z
= max
i
fdiam(B
i
)g.
Lemma 2. Let Æ
z
be the size of the dis retization of z and L
f
be the Lips hitz
onstant of the fun tion f in (1). Let (x(�); z(�)) be a solution of (1). Then, for
all t � 0 d
H
( _x(t);F(x(t)) � L
f
Æ
z
where d
H
is the Haussdorf distan e.
The above lemma gives a bound on the distan e between the derivatives of the
original system and the approximating system. Using the one-sided Lips hitz and
upper semi- ontinuity properties of the approximating system, we an establish
the following onvergen e result.
Theorem 1. Let x(�) and z(�) be absolutely ontinuous fun tions satisfying (1).
Then, there exists a solution ~x(�) of (3) su h that for all t � 0
jx(t)� ~x(t)j � jx(0)� ~x(0)je
Lt
+
�
L
(e
Lt
� 1)
where L is the Lips hitz onstant of F , and � = L
f
Æ
z
is the bound on the
distan e between the derivatives estimated in Lemma 2.
This theorem is proved in Appendix. The proof uses the assumption that F(x)
is nonempty and takes losed onvex values.
2.3 Abstra tion with timing information
So far we have used only the sign of the derivative of z to determine the swit hing
onditions of the hybrid system. However, the time for the system to move from
one box to its adja ent boxes is omitted, in other words, in the approximating
system this time an be anything between 0 and +1. To obtain a more pre ise
abstra tion, we an in lude information about the time the system an stay in a
lo ation, whi h we all staying time. In order to see how the information about
staying time an improve the abstra tion pre ision, we noti e that in the original
system a point (x; z) satisfying the ondition for the transition from B
i
to B
j
,
su h as g(x; �z
i
) � 0, does not ne essarily lie on the swit hing surfa e �(B
i
;B
j
)
and thus from there the system an either ontinue with the dynami s of B
i
or
swit h to the dynami s of B
j
. Consequently, for soundness, the transitions in
the approximating hybrid automaton in Figures 1 and 2 are not urgent, and it
is possible to stay at the same lo ation inde�nitely (i.e. no staying ondition is
imposed). It is lear that there may be boxes in whi h the original system an
stay for only a �nite time; hen e, adding onstraints on staying time at ea h
lo ation allows to redu e approximation error.
For a general nonlinear dynami s of z, it is not easy to estimate the staying
time. A method to approximate the smallest time a linear systems with onstant
input an stay inside a onvex polyhedron is developed in [15℄ and extended to
un ertain linear systems in [11℄. However, its generalization to nonlinear systems
requires solving a nonlinear optimization problem. Here, we propose a simple
method to exploit timing information by onsidering not only the sign but also
the values of _z. More on retely, we additionally dis retize the derivative of z
into a �nite number of disjoint boxes, as it is done for z. Ea h lo ation of the
approximating hybrid automaton now orresponds to a box B
i
of z and a box
�
j
of _z, and we label it with lo
ij
. Then, based on the intervals of the derivative
of ea h omponent z
i
, we an estimate the bounds on the staying time and then
embed this information in the transition guards.
To fa ilitate the dis ussion, we introdu e some de�nitions and notations. Lo a-
tion lo
ij
is alled a neighbor of lo ation lo
pq
if either the orresponding boxes
B
i
and B
p
or the boxes �
j
and �
q
are adja ent. Lo ation lo
ij
is alled the left
z
i
-neighbor of lo
pq
if p
i
� i
i
= 1 and the right z
i
-neighbor if i
i
� p
i
= 1. The
left and right _z
i
-neighbors are de�ned similarly.
We �rst spe ify the staying onditions of the approximating hybrid system. The
staying ondition of lo ation lo
ij
is simply _z 2 �
j
, whi h an be rewritten as
G
j
(x)\�
j
6= ; where G
j
(x) = fg(x; z) j z 2 B
i
g. Sin e g(x; z) is ontinuous
5
, only
transitions between neighbor lo ations are possible. However, we do not know
the evolution of the derivative of g, therefore we let the guards of the transitions
between _z-neighbors be true, meaning that the swit hings between _z-neighbors
are only restri ted by the staying onditions of the lo ations. To de�ne the guards
of the transitions between z-neighbors, we shall use the bounds on _z to estimate
the time t
ij
the system an stay within a lo ation lo
ij
. Again, we illustrate
the idea with the ase where z is s alar, i.e. m = 1. Consider lo ation lo
ij
whi h orresponds to intervals [z
i
; �z
i
) of z and [�
j
; �
j
) of _z. We distinghuish the
following 3 ases: (1) If �
j
< 0, then a transition from lo
ij
to its right z-neighbor
is impossible. The staying time is t
ij
2 [(�z
i
� z
i
)=j�
j
j; (�z
i
� z
i
)=j�
j
j) if �
j
6= �1
and t
ij
< (�z
i
� z
i
)=j�
j
j otherwise; (2) If �
j
> 0, then a transition from lo
ij
to
its left z-neighbor is impossible and the bounds on t
ij
are de�ned similarly; (3)
If �
j
� 0 ^ �
j
� 0, then the transitions from lo
ij
to its both left and right
z-neighbors are possible. However, unlike in the two previous ases, the staying
time t
ij
may range from 0 to +1.
2.4 Appli ation to multi-aÆne systems
We have presented an abstra tion method for nonlinear ontinuous systems.
The resulting abstra t system is simpler than the original system in terms of
dimensionality, however it requires the ability to deal with nonlinear di�erential
in lusions. In the remainder of the paper we fo us on the rea hability problem for
a lass of di�erential in lusions whi h are un ertain bilinear ontrol systems. The
study of su h systems is motivated by our interest in applying the abstra tion
approa h to a large lass of biologi al systems whi h are modeled as multi-
aÆne systems [19, 23℄. Indeed, by proje ting out some variables of a multi-aÆne
system, one an obtain an un ertain bilinear system, as illustrated in Se tion 4
where we study a simpli�ed model of a biologi al system.
Before pro eeding with the rea hability problem for bilinear systems, we mention
that besides the interest of bilinear systems for e�e tive appli ations of our
abstra tion approa h, these systems have re eived mu h attention over the past
de ades sin e they ould represent a variety of important physi al pro esses
in engineering. A number of results related to the ontrol of su h systems an
5
In more general ases, the dis ontinuities in g an be modeled expli itly by dis rete
transitions with resets.
be found in [25℄. On the other hand, it should be noted that the problem of
approximating viability kernels of di�erential in lusions, whi h is losely related
to the rea hability problem, was studied in [29℄.
3 Rea hability analysis of bilinear ontrol systems
In this se tion, we present a method for solving the rea hability problem for
un ertain bilinear systems with both multipli ative and additive ontrol input:
_x(t) = f(x(t); u(t)) = Ax(t) +
l
X
j=1
u
j
(t)B
j
x(t) + Cu(t) (4)
where x 2 R
n
is the state variables; u(�) 2 U , the set of admissible inputs
onsisting of pie ewise ontinuous fun tions u of the form u : R
+
! U , U is a
bounded onvex polyhedron in R
l
. The matri es A, B
j
and C are of appropriate
dimension.
The rea hability problem for a system with un ertain input an be formulated
as an optimal ontrol. The essential idea of our rea hability method is to use the
Pontryagin Maximum Prin iple to �nd the inputs allowing to derive a onserva-
tive approximation of the rea hable set.
3.1 Approximating the rea hable set using optimal ontrol
Let '(t; x; u(�)) denote the traje tory of (4) starting from x under input u(�). For
a set of initial points X
0
� R
n
and t > 0, the rea hable set at time t is de�ned
as: R(t;X
0
) = f y j 9u(�) 2 U 9x 2 X
0
: y = '(t; x; u(�)) g. Indeed, we an
show that R(t;X
0
) = fx 2 R
n
j V (t; x) � 0g where V (t; x) is the value fun -
tion: V (t; x) = min
u(�)2U
fd
2
(x
0
; X
0
) j x = '(t; x
0
; u(�))g where d(x
0
; X
0
) is the
distan e from x
0
to X
0
. For nonlinear systems, the exa t solution V (t; x) an be
determined by solving a rather ompli ated HJB equation [20, 21℄. Rea hability
methods based on solving the partial di�erential equations have been developed
(see e.g. [33, 24℄). As mentioned earlier, our approa h is to use the results from
optimal ontrol to overapproximate the rea hable set. More on retely, the idea
is to tra k the evolution of the supporting hyperplanes of the initial set under
some (optimal) input. This idea has been explored in [35, 5℄ to ompute polyhe-
dral approximations of the rea hable set of linear ontrol systems.
Let H be a hyperplane with the normal ve tor v that supports the initial set X
0
at point p. Then, for all points x 2 X
0
we have
hv; xi � hv; pi � 0 (5)
where h�; �i is the s alar produ t. The following result is obtained by applying
the Pontryagin Maximum Prin iple (see [27℄).
Theorem 2. Let S(t) be the halfspa e de�ned as S(t) = fx 2 R
n
j �(t; x) � 0g
where �(t; x) = h~q(t); xi � h~q(t); ~x(t)i su h that ~q(t) and ~x(t) are solutions of the
following Hamiltonian system with the maximality ondition:
_
~x = A~x+
l
X
j=1
~u
j
B
j
~x+ C~u (6)
_
~q = �
�H
�x
(~x; ~q; ~u) where H(q; x; u) = hq; Ax +
l
X
j=1
u
j
B
j
x+ Cui (7)
~u(t) 2 argmaxfh~q(t);
l
X
j=1
u
j
B
j
~x(t) + Cui j u 2 Ug (8)
with initial onditions: ~q(0) = v; ~x(0) = p. Then, 8t > 0 : R(t;X
0
) � S(t), and
H(t) = fx 2 R
n
j �(t; x) = 0g is a supporting hyperplane of R(t;X
0
).
The proof of the theorem an be found in Appendix. We note that the Hamil-
tonian H in (7) is aÆne with respe t to u, therefore the input ~u takes its values
in the boundary of the polyhedron U . Furthermore, we assume the optimality
of ~u, and for a bilinear system this assumption an be e�e tively veri�ed using
suÆ ient optimality onditions in [30℄.
Theorem 2 provides a method to overapproximate the rea hable set of (4). In-
deed, by the theorem, for every fa e of the initial polyhedron X
0
there exists an
input su h that tra king the evolution of the fa e under this input is suÆ ient
to derive a polyhedral overapproximation of the rea hable set. However, solving
the optimal ontrol problem (6)-(8) for a bilinear system under a general lass
of input fun tions is diÆ ult, we therefore restri t to pie ewise onstant inputs.
This allows more tra table solutions and, in addition, the error inherent to the
restri tion an be estimated and ontroled, as we shall show in the next se tion.
3.2 Rea hability algorithm for un ertain bilinear ontrol systems
Suppose that the initial polyhedron X
0
an be represented as interse tion of
a �nite number n
f
of halfspa es: X
0
=
T
n
f
�=1
S
�
where S
�
= fx j hv
�
; xi �
hv
�
; p
�
ig, v
�
is the outward normal ve tor and p
�
is a point on the fa e of S
�
.
Let us re all that for tra tability purposes, we shall solve the optimal prob-
lem (6)-(8) in Theorem 2 for a lass of pie ewise onstant inputs. Given the set
of admissible inputs U and a time step h > 0, we de�ne a set U
h
of pie ewise
onstant inputs:
U
h
= fu(�) 2 U j u(�) is onstant on (t
k
; t
k+1
), t
k
= kh, k > 0g: (9)
We onsider the following bilinear equations with � = 1; : : : ; n
f
whi h des ribe
the evolution of the normal ve tors v
�
and supporting points p
�
of the fa es of
the initial set X
0
:
8
>
>
>
<
>
>
>
:
_q
�
(t) = �(A+
P
l
j=1
u
�
j
(t)B
j
)
T
q
�
(t);
_x
�
(t) = Ax
�
(t) +
P
l
j=1
u
�
j
(t)B
j
x
�
(t) + Cu
�
(t);
u
�
(t) 2 arg max fhq
�
(t);
P
l
j=1
u
j
B
j
x
i
(t) + Cui j u 2 Ug;
q
�
(0) = v
�
; x
�
(0) = p
�
(initial ondition).
(10)
The supers ript T denotes the transpose of a matrix. We denote by
^
P(�) the
polyhedron onstru ted from the solution (x
�
(�); q
�
(�); u
�
(�)) of (10) under the
set U of admissible inputs:
^
P(t) =
T
nf
�=1
fx j hq
�
(t); xi � hq
�
(t); x
�
(t)ig. If
the set of admissible inputs is U
h
de�ned in (9), we denote the orresponding
polyhedron by
^
P
h
(t). Note that by Theorem 2, R(t;X
0
) �
^
P(t).
Theorem 3. For all t > 0 the Haussdorf distan e between
^
P(t) and
^
P
h
(t) sat-
is�es: d
H
(
^
P(t);
^
P
h
(t)) � Ch
2
, where C is a onstant depending only on jU j and
the norm of the matri es A, B and C of (4).
The above theorem shows that the error due to the restri tion to pie ewise
onstant inputs is quadrati in the dis retization time step h. This bound is
proved by using arguments similar to those in the paper [36℄, whi h investigated
the problem of se ond order time-dis retization of ontrol systems. The proof
(together with a formula des ribing the relation between the onstant C, jU j and
the norm of the matri es) is omitted due to spa e limitation and it an be found
in [11℄. In the remainder of this se tion, we assume that we are provided with a
s heme to solve the bilinear system (4) under a �xed pie ewise onstant input
u(�) 2 U
h
, whi h has the form:
8
<
:
x
�
(t
k+1
) = �
�
(x
�
(t
k
); u(t
k
));
q
�
(t
k+1
) = �
�
(q
�
(t
k
); u(t
k
));
t
k
= kh; � = 1; : : : ; n
f
:
(11)
where u(t
k
) is the value of input u(t) for all t 2 [t
k
; t
k+1
). The development of
su h a s heme is defered to Se tion 3.3.
The pro edure for overapproximating the rea hable set of un ertain ontrol bi-
linear systems is summarized in Algorithm 1. Ea h iteration k produ es a poly-
hedral approximation
^
P
h
(t
k+1
) of the rea hable set at time t
k
= kh. First, for
ea h halfspa e S
�
(t
k
) represented by normal ve tor ~q
�
(t
k
) and supporting point
~x
�
(t
k
), the value ~u
�
(t
k
) of the optimal pie ewise onstant input for the time in-
terval [t
k
; t
k+1
) is omputed using the maximality ondition. Note that this an
be done by solving a linear programming problem. On e ~u
�
(t
k
) is determined,
the new normal ve tor ~q
�
(t
k+1
) and supporting point ~x
�
(t
k+1
) are then om-
puted using (11). Finally, the polyhedron
^
P
h
(t
k+1
) is the interse tion of the new
halfspa es. Algorithm 1 produ es indeed an overapproximation of the rea hable
set of the system (4) with the set U
h
of admissible inputs. Using Theorem 3, we
an enlarge the sets
^
P
h
(t
k+1
) by the error bound to obtain an overapproximation
of the rea hable set of the original system.
Algorithm 1 Rea hability algorithm for un ertain bilinear systems
for all � 2 f1; : : : ; n
f
g ~x
�
(0) = v
�
; ~q
�
(0) = p
�
k = 0 /* (k
max
is the maximal number of iterations) */
while k � k
max
do
t
k+1
= (k + 1)h
for all � 2 f1; : : : ; n
f
g do
~u
�
(t
k
) 2 arg max fh~q
�
(t
k
);
P
l
j=1
u
j
B
j
~x
�
(t
k
) + Cui j u 2 Ug
~x
�
(t
k+1
) = �
�
(~x
�
(t
k
); ~u
�
(t
k
)); ~q
�
(t
k+1
) = �
�
(~q
�
(t
k
); ~u
�
(t
k
))
S
�
(t
k+1
) = fx j h~q
�
(t
k+1
); xi � h~q
�
(t
k+1
); ~x
�
(t
k+1
)ig
end for
^
P
h
(t
k+1
) =
T
nf
�=1
S
�
(t
k+1
); k = k + 1
end while
3.3 Approximate solution of bilinear systems with pie ewise
onstant input
In this se tion, we present a method to solve a bilinear system with pie ewise
onstant input, whi h is used as the s heme (11) in Algorithm 1.
We assume a �xed input u(�) 2 U
h
su h that 8k � 0 8t 2 [t
k
; t
k+1
) u(t) = u
k
2 U
where t
k
= kh. For simpli ity, we denote by x
k
= x(t
k
) the rea hable state at
time t
k
under su h input u(�). The problem now is to determine the rea hable
state x
k+1
from x
k
. In all the formulas that follow, the supers ript k of a term
is used to indi ate that its value depends on the interval k.
Sin e the input remains onstant during [kh; (k+1)h), given x
k
one an ompute
x
k+1
using the ow of aÆne ve tor �eld A
k
x+Cu
k
where A
k
= A+
P
l
j=1
u
k
j
B
j
,
that is, x
k+1
= e
hA
k
(x
k
+
R
h
0
e
��A
k
Cu
k
d�). However, to do so, the transition
matrix needs to be evaluated for ea h time interval sin e A
k
depends on u
k
. We
present in the following an eÆ ient omputation s heme whi h requires matrix
exponential omputation only on e.
The main idea is to onsider the bilinear term in (4) during ea h time interval
[kh; (k+1)h) as independent input, in other words, the bilinear system is treated
as a time invariant linear system with input
P
l
j=1
u
j
(t)B
j
x(t) + C u(t). For
brevity, we denote W
k
=
P
l
j=1
u
k
j
B
j
. Then,
x
k+1
= e
Ah
x
k
+
Z
h
0
e
A(h��)
W
k
x(�) d� +
Z
h
0
e
A(h��)
Cu
k
d�: (12)
The se ond integral has a losed form. As for the �rst integral, we shall approx-
imate it by repla ing the exa t solution x(�) for � 2 [0; h) with a polynomial
�
k
(�) = p
k
3
�
3
+ p
k
2
�
2
+ p
k
1
� + p
k
0
where p
k
i
2 R
n
satisfying the following Hermite
interpolation onditions: �
k
(0) = x
k
; _�
k
(0) = _x(t
k
); �
k
(h) = x
k+1
; _�
k
(h) =
_x(t
k+1
). It is well-known that the oeÆ ients of Hermite interpolating polyno-
mials are uniquely determined [17℄. After some straightforward al ulations, the
oeÆ ient p
k
i
an be written in the following form:
p
k
i
= (M
i
u
k
+N
i
)x
k
+ (P
i
u
k
+Q
i
)x
k+1
+ r
k
i
; i 2 f0; 1; 2; 3g: (13)
Then, developing the �rst integral with x(�) repla ed by �(�) gives:
x
k+1
= e
Ah
x
k
+
3
X
i=0
�
i
W
k
p
k
i
+ �
0
C u
k
: (14)
where �
i
=
R
h
0
e
A(h��)
�
i
d� , whi h an also be written in a losed form. Com-
bining (13) and (14), we obtain an aÆne relation between x
k
and x
k+1
of the
form:
R
k
x
k+1
= D
k
x
k
+ d
k
; (15)
One an see from (14) and (13) that all the terms dependent of u
k
(i.e. W
k
and p
k
i
) do not involve matrix exponentials. Therefore, using (15) to ompute
rea hable states x
k+1
, we only need to ompute the matrix exponential e
Ah
.
Lemma 3. Let x(�) be a solution of (4) under a �xed input u(�) 2 U
h
and �x
k
be
the approximate solution obtained by the s heme (15) with the same input u(�)
su h that x(0) = �x
0
. If the derivative x
(4)
(t) is bounded by M, then for all k > 0
jx
k
� �x
k
j � Mh
4
=(4!).
The proof of the lemma uses standard results on the remainder term of Hermite
interpolating polynomials [17℄, and it is omitted here. The lemma shows that
the error of the s heme (15) is of order O(h
4
). As shown earlier, the error due to
the restri tion to pie ewise onstant inputs is quadrati ; hen e, this additional
error does not hange the order of the method.
4 Appli ation to a biologi al system
In this se tion, we illustrate our approa h with a multi-aÆne system, used to
model the gene trans ription ontrol in the Vibrio �s heri ba teria. The results
are obtained using an experimental implementation of the abstra tion method
and the rea hability te hnique for bilinear systems presented in the previous se -
tions. This bioregulatory network problem has been studied in [7℄. The following
brief des ription of the model is borrowed from [7℄. The di�erential equations
des ribing the dynami s of a mode of the system are as follows:
8
<
:
_x
1
= k
2
x
2
� k
1
x
1
x
3
+ u
1
_x
2
= k
1
x
1
x
3
� k
2
x
2
_x
3
= k
2
x
2
� k
1
x
1
x
3
� nx
3
+ nu
2
(16)
The state variables x
1
, x
2
, x
3
represent ellular on entration of di�erent spe ies,
and the parameters k
1
, k
2
, n are binding, disso iation and di�usion onstants.
The variables u
1
and u
2
are ontrol variables (plasmid and external sour e of
autoindu er). We abstra t away the variable x
1
by dis retizing its range and
onstru t a hybrid automaton using the abstra tion method of Se tion 2. The
in uen e of x
1
in the dynami s of the variables x
2
and x
3
is modeled as an
un ertain input u
x
, and the resulting system is a hybrid system with un ertain
bilinear dynami s. As an example, the dynami s of x
2
and x
3
of the lo ation
orresponding to the interval I
i
of the values of x
1
are:
8
<
:
_x
2
= k
1
u
x
x
3
� k
2
x
2
_x
3
= k
2
x
2
� k
1
u
x
x
3
� nx
3
+ nu
2
u
x
2 I
i
(17)
The rea hability analysis results for this system are shown in Figure 3. The left
�gure is the rea hable set of the approximate hybrid system when the ontrol in
una tivated (u = 0). The initial set is the re tangle X
0
where x
2
2 [1:05; 1:55℄
and x
3
2 [1:25; 1:95℄. We an see that the un ontrolled system an exit the
re tangle R = [1; 2℄� [1; 2℄ via the fa e x
3
= 1 while the ontrol obje tive is to
steer the system through the fa e x
2
= 2. In [7℄ the following feedba k ontrol
law for this obje tive is designed: u
2
= 6 and u
1
is a multi-aÆne fun tion of
the state variables x. The rea hability omputation result for the system under
this ontrol law from the same initial set X
0
is shown in Figure 3 where on the
left we an see the rea hable set of the lo ation orresponding to the interval
x
1
2 [1:0; 1:5℄ and on the right the rea hable set of the lo ation orresponding
to x
1
2 [1:5; 2℄. This result shows that indeed the ontrolled system is driven to
the fa e x
2
= 2, as desired.
Fig. 3. Left: Rea hable set of the un ontrolled system, i.e. when u = 0. Middle and
right: Rea hable set of the ontrolled system: lo ation u
x
2 [1:0; 1:5℄ (middle); lo ation
u
x
2 [1:5; 2:0℄ (right), the input u
x
represents the variable x
1
that is proje ted out.
5 Con luding remarks
In this paper, we proposed a framework for abstra tion of ontinuous nonlinear
systems by means of hybridization. We also developed a rea hability algorithm
for un ertain bilinear systems, ne essary for an e�e tive appli ation of the ap-
proa h to multi-aÆne systems. Experimental results are en ouraging and various
interesting resear h dire tions need to be explored. One important issue is the
hoi e of variables to proje t out whi h still allows to prove the properties of
interest. In addition, the assume-guarantee ideas from model- he king ould be
useful in this framework. Indeed, one an assume a rea hable set for some vari-
ables z whi h is used as a set of input values in the omputation for the remaining
variables x. The rea hable set of x is in turn used as the set of input values for
the omputation on z, whi h allows to verify the initial assumption. On the other
hand, we intend to apply our approa h to more problems in biologi al systems.
Referen es
1. J.C. Alexander and T.I. Seidman. Sliding modes in interse ting swit hing surfa es,
Houston J. Math., 24:545-569, 1994.
2. R. Alur, T. Dang, and F. Ivan i . Rea hability Analysis Via Predi ate Abstra tion.
In HSCC, LNCS 2289, Springer, 2002.
3. E. Asarin, O. Bournez, T. Dang, and O. Maler. Approximate Rea hability Analysis
of Pie ewise-Linear Dynami al Systems. In HSCC, LNCS 1790, Springer, 2000.
4. E. Asarin, T. Dang, and A. Girard. Rea hability Analysis of Nonlinear Systems
Using Conservative Approximation. In HSCC, LNCS 2623, Springer, 2003.
5. E. Asarin, T. Dang, and O. Maler. d/dt: A tool for Veri� ation of Hybrid Systems.
Computer Aided Veri� ation, Springer, LNCS, 2002.
6. J.P. Aubin and A. Cellina. Di�erential In lusions: Set-valued Maps and Viability
Theory, Springer, 1984.
7. C. Belta, L. C. G. J. M. Habets, and V. Kumar. Control of multi-aÆne systems on
re tangles with an appli ation to gene trans ription ontrol. Pro . of CDC, 2003.
8. S. Bensalem, Y. Lakhne h,and S. Owre. Computing Abstra tions of In�nite State
Systems Compositionally and Automati ally. In Computer Aided Veri� ation, LNCS
1427, Springer, 1998.
9. A. Chutinan and B.H. Krogh. Veri� ation of Polyhedral Invariant Hybrid Automata
Using Polygonal F low Pipe Approximations. In HSCC, LNCS 1569, Springer, 1999.
10. P. Cousot and R. Cousot. Abstra t Interpretation and Appli ation to Logi Pro-
grams. Journal of Logi Programming, 103-179, 1992.
11. T. Dang. Rea hability Analysis of Bilinear Systems. Te h. report IMAG, 2003.
12. K. Deimling. Multivalued Di�erential Equations. De Gruyter, 1992.
13. T. Don hev and E. Farkhi. Stability and Euler approximation of one-sided Lips-
hitz di�erential in lusions. SIAM Journal of Control and Optimization, 36(2):780-
796, 2000.
14. A.F. Filippov. Di�. Equations with Dis ontinuous Righthand Sides. Kluwer, 1988.
15. A. Girard. Dete tion of Event O uren e in Pie ewise Linear Hybrid Systems,
Pro . RASC'02, De ember 2002, Nottingham, UK.
16. M.R. Greenstreet and I. Mit hell. Rea hability Analysis Using Polygonal Proje -
tions. In HSCC, LNCS 1569 Springer, 1999.
17. G. H�ammerlin and K. Ho�mann. Numeri al Mathemati s, Springer, 1991.
18. T.A. Henzinger, P.-H. Ho, and H.Wong-Toi. Analysis of Nonlinear Hybrid Systems.
IEEE Transa tions on Automati Control 43, 540-554, 1998.
19. D. Kirs hner, S. Lenhart, and S. Serbin. Optimal ontrol of the hemotherapy of
HIV. Journal of Mathematival Biology, 35:775-792, 1997.
20. A. Kurzhanski and P. Varaiya. Ellipsoidal Te hniques for Rea hability Analysis.
In HSCC, LNCS 1790, Springer, 2000.
21. A. Kurzhanski and P. Varaiya. Dynami optimization for rea hability problems.
JOTA, 108(2):227-251, 2001.
22. G. La�erriere, G. Pappas, and S. Yovine. Rea hability omputation for linear
systems. Pro . of the 14th IFAC World Congress, 7-12 E, 1999.
23. U. Ledzewi z and H. S h�attler. Optimal ontrol for 3- ompartment model for an-
er hemotherapy with quadrati obje tive. Pro . of the 4th Int Conf on Dynami al
Systems and Di�erential Equations, Wilmington, NC, 2002.
24. I. Mit hell and C. Tomlin. Level Set Method for Computation in Hybrid Systems.
In HSCC, LNCS 1790, Spinger-Verlag, 2000.
25. R.R. Mohler. Nonlinear Systems, 2, Prenti e-Hall, In ., Englewood Cli�s, 1991.
26. George J. Pappas. Bisimilar linear systems, in Automati a, 2003.
27. L. S. Pontryagin, V. G. Boltyanskii, R. V. Gamkrelidze, and E. F. Mis henko. The
Mathemati al Theory of Optimal Pro esses. Pergamon Press, Oxford, 1964.
28. A. Puri and P. Varaiya. Veri� ation of Hybrid Systems using Abstra tion. In
Hybrid Systems II, LNCS 999, Springer, 1995.
29. P. Saint-Pierre. Approximation of Viability Kernels and Capture Basin for Hybrid
Systems. Pro . of European Control Conf. ECC'01, 2776-2783, 2001.
30. A. Sary hev. Time-optimality of bang-bang ontrols for hained systems. Pro . of
2nd IFAC Workshop on Lagrangian and Hamiltonian Methods for Nonlinear Con-
trol, 2003.
31. P. Tabuada and G. Pappas, Model-Che king LTL over ontrollable linear systems
is de idable. In HSCC, LNCS 2623, Springer, 2003.
32. A. Tiwari and G. Khanna. Series of Abstra tions for Hybrid Automata. In HSCC,
LNCS 2289, Springer, 2002.
33. C. Tomlin, J. Lygeros, and S. Sastry. A Game-Theoreti Approa h to Controller
Design for Hybrid Systems. Pro . of the IEEE, 88:940-970, 2000.
34. V.I. Utkin. Sliding Modes and their Appli ation in Variable Stru ture Systems.
Mir, Mos ow, 1978.
35. P. Varaiya. Rea h Set Computation using Optimal Control. Pro . KIT Workshop,
Grenoble, 1998.
36. V. Veliov. On the time-dis retization of ontrol systems. SIAM journal on Control
and Optimization, 35(5):1470-1468, 1997.
Appendix
Proof of Lemma 1 We �rst re all some basi de�nitions and notations (see [6,
13℄ for more details). We denote by B the open unit ball entered at the ori-
gin. Let F : R
n
! X be a multifun tion where X is the set of all nonempty
ompa t subsets of R
n
. F is alled upper semi- ontinuous (respe tively lower
semi- ontinuous) at x 2 R
n
if for every " > 0 there exists Æ > 0 su h that
8x
0
2 x+ ÆB F(x
0
) � F(x) + "B (respe tively F(x) � F(x
0
) + "B). F is alled
one-sided Lips hitz (OSL) with a onstant L if and only if for all x; x
0
2 R
n
,
f 2 F(x) there exists f
0
2 F(x
0
) su h that hx� x
0
; f � f
0
i � Ljx � x
0
j
2
.
We pro eed to prove Lemma 1. The ondition that F is one-sided Lips hitz is
easy to verify. To prove that F is upper semi- ontinuous, it suÆ es to prove that
it is upper semi- ontinuous at the swit hing surfa es. Let x be a point on the
swit hing surfa e S
ij
, hen e F(x) = F
ij
(x). For a point x
0
2 (x+ÆB)nS
ij
(in the
Æ-neighborhood of x but not on the swit hing surfa e), either F(x
0
) = F
i
(x
0
)
or F(x
0
) = F
j
(x
0
). Sin e all F
i
are Lips hitz ontinuous, there exists " > 0
F
i
(x
0
) � F
i
(x) + "B. Therefore, F(x
0
) � F(x) + "B. Obviously, this also holds
for a point x
0
2 (x+ ÆB) \ S
ij
; hen e, F is upper semi- ontinuous at x. ut
Proof of Theorem 1. To prove the theorem we suppose that the multifun tion
F in (3) is one-sided Lips hitz with a onstant L and bounded on bounded sets.
We also assume that F is upper semi- ontinuous and takes losed onvex values.
By Lemma 2, x(�) is absolutely ontinuous and satis�es d
H
( _x(t);F(x(t))) �
� for all t > 0. We shall prove that there exists a solution ~x(�) of
d~x(t)
dt
2
F(~x(t)); ~x(0) = ~x
0
su h that for all t > 0
j~x(t)� x(t)j � j~x(0)� x(0)je
Lt
+
�
L
(e
Lt
� 1): (18)
To do so, we onsider the di�erential in lusion
~x(t)
dt
2 G(~x(t)); ~x(0) = ~x
0
(19)
where G(~x) = fv 2 F(~x) j hx(t)� ~x; _x(t)� vi � Ljx(t)� ~xj
2
+�jx(t)� ~xjg. We
shall use a well-known existen e theorem for upper semi- ontinuous di�erential
in lusions from [12℄ to prove that (19) has a solution that satis�es (18). To do
so, we need to verify that G(~x) is nonempty, onvex, losed-valued and satis�es
the ondition of boundedness of the solution set. We �rst prove that G(~x) is
nonempty for ea h ~x. Let w 2 F(x) be su h that j _x(t)�wj = d
H
( _x(t);F(x(t))) �
�. By the OSL ondition, given ~x, we an hoose v 2 F(~x) su h that hx(t) �
~x;w � vi � Ljx(t) � ~xj
2
. Hen e,
hx(t) � ~x; _x(t)� vi = hx(t) � ~x; _x(t)� wi+ hx(t) � ~x;w � vi
� jx(t) � ~xj�+ Ljx(t) � ~xj
2
(20)
The above implies that v 2 G(~x). It is not hard to see that G(~x) is onvex,
losed-valued and satis�es the ondition of boundedness of the solution set sin e
F does. From Theorem 5.2 of [12℄ we on lude that there exists a solution ~x(�)
of (19). Denoting �(t) = jx(t) � ~x(t)j, � is an absolutely ontinuous fun tion.
Furthermore, if _�(t) exists, then �(t) _�(t) =
1
2
d
dt
�
2
(t) = hx(t)�~x(t); _x(t)�
_
~x(t)i �
L�
2
(t)+��(t); by (20). From this, it an be shown that _�(t) � L�(t)+� for all
t > 0, and ombining with �(0) = jx(0)� ~x(0)j we obtain the inequality (18). ut
Proof of Theorem 2. The equation (7) an be rewritten as
_
~q = �
�H
�x
(~q; ~x; ~u) =
�(A+
P
l
j=1
~u
j
B
j
)
T
~q. For brevity, we use x(t) to denote a traje tory '(t; x
0
; u(�))
of (4) starting from some point x
0
2 X
0
under an arbitrary admissible input u(�).
Then,
dh~q(t);x(t)i
dt
= h
_
~q(t); x(t)i + h~q(t); _x(t)i = h~q(t);�(A +
P
l
j=1
~u
j
B
j
)x(t)i +
h~q; Ax(t)+
P
l
j=1
u
j
B
j
x(t)+Cu(t)i = h~q(t);�
P
l
j=1
~u
j
B
j
x(t)+
P
l
j=1
u
j
B
j
x(t)+
Cu(t)i. By the maximality ondition (8), for all admissible inputs u(�) and all
t > 0, h~q(t);
P
l
j=1
u
j
(t)B
j
~x(t) + Cu(t)i � h~q(t);
P
l
j=1
~u
j
(t)B
j
~x(t) + C~u(t)i.
Therefore,
dh~q(t);x(t)i
dt
�
dh~q(t);~x(t)i
dt
. In addition, from the initial ondition and (5),
h~q(0); x(0)i � h~q(0); ~x(0)i. Thus, we have 8t > 0 h~q(t); x(t)i � h~q(t); ~x(t)i. It
then follows that every point x rea hable by (4) from X
0
at time t > 0 satis�es
�(t; x) � 0. ut
