Formal Synthesis of Stochastic Systems via Control Barrier Certificates

F ORMAL SYNTHESIS OF STOCHASTIC SYSTEMS VIA CONTR OL BARRIER CER TIFICA TES PUSHP AK JAGT AP 1 , SADEGH SOUDJANI 2 , AND MAJID ZAMANI 3 , 4 Abstract. This paper focuses on synthesizing control policies for discrete-time stochastic control systems together with a low er b ound on the probability that the systems satisfy the complex temp oral prop erties. The desired prop erties of the system are expressed as linear temporal logic (L TL) sp eciﬁcations o ver ﬁnite traces. In particular, our approach decomp oses the given sp eciﬁcation into simpler reachabilit y tasks based on its automata representation. W e then prop ose the use of so-called c ontr ol b arrier c ertiﬁc ate to solv e those simpler reac habilit y tasks along with computing the corresp onding controllers and probabilit y bounds. Finally , we combine those con trollers to obtain a hybrid control p olicy solving the considered problem. Under some assumptions, we also provide tw o systematic approaches for uncounta ble and ﬁnite input sets to searc h for control barrier certiﬁcates. W e demonstrate the eﬀectiveness of the prop osed approac h on a ro om temperature control and lane-k eeping of a vehicle modeled as a four-dimensional single-track kinematic model. W e compare our results with the discretization-based methods in the literature. 1. Introduction F ormal synthesis of controllers for complex dynamical systems against complex sp eciﬁcations has gained signiﬁcan t atten tions in the last decade [T ab09, BYG17]. These speciﬁcations are usually expressed using temp oral logic form ulae or automata on (in)ﬁnite strings. The synthesis problem is very challenging for systems that hav e con tinuous state spaces and are aﬀected b y uncertainties. The problem do es not admit closed-form s olutions in general and is hard to b e solved exactly on suc h systems. There hav e b een several results in the literature utilizing approximate ﬁnite mo dels as abstractions of the original sto chastic dynamical systems for the formal p olicy synthesis. Existing results include policy syn- thesis for discrete-time sto c hastic hybrid systems [APLS08, MMS20, HS20], control of switc hed discrete-time sto c hastic systems [LAB15], and symbolic control of incremen tally stable sto c hastic systems [ZMEM + 14]. These approac hes rely on the discretization of the state set together with a formal upp er-bound on the ap- pro ximation error. These approac hes suﬀer severely from the curse of dimensionality ( i.e. , computational complexit y grows exp onen tially with the dimension of the state set). T o alleviate this issue, sequential grid- ding [SA13], discretization-free abstractions [ZT A17, JZ20], and comp ositional abstraction-based tec hniques [SAM15, LSZ18] are proposed under suitable assumptions on the system dynamics ( e.g. , Lipschitz contin uity or incremental input-to-state stability). F or non-sto chastic systems, discretization-free approaches based on barrier certiﬁcates w ere prop osed for v er- iﬁcation and syn thesis to ensure safety [AXGT17, Jan18, NA18, Pra06, W A07]. The authors in [WTL16] generalize the idea of the barrier certiﬁcate b y com bining it with the automata represen tation of L TL sp ec- iﬁcations for the v eriﬁcation of temp oral prop ert y for nonlinear non-sto chastic systems. The work is then extended for the veriﬁcation of hybrid dynamical systems against syn tactically co-safe L TL sp eciﬁcations [BD18] and for the synthesis of an online control strategy for m ulti-agent systems enforcing L TL sp eciﬁca- tions [SCE18]. There are a few recen t results using barrier certiﬁcates on non-sto c hastic systems to satisfy more general sp eciﬁcations. Results include the use of time-v arying control barrier functions to satisfy signal temp oral logic [LD19] and control barrier certiﬁcate to design p olicies for reach and stay sp eciﬁcation for non- sto c hastic switched systems [RS17]. Most of the synthesis results mentioned ab o ve consider prior knowledge 1 2 P . JA GT AP, S. SOUDJANI, AND M. ZAMANI of barrier certiﬁcates to provide online control strategies using quadratic programming. These results ma y not b e suitable while dealing with constrained input sets whic h is the case in almost all real w orld applications. F or sto chastic systems, there are very few works a v ailable in the literature to synthesize controllers against complex sp eciﬁcations using discretization-free approac hes. The results include the syn thesis of con troller for contin uous-time sto chastic systems enforcing syntactically co-safe L TL sp eciﬁcations [HWM14], where the authors use automata represen tation corresp onding to the speciﬁcations to guide a sequence of stochastic opti- mal con trol problems. The pap er [FMPS18] considers synthesis for ensuring a low er b ound on the probability of satisfying a sp eciﬁcation in signal temp oral logic. It enco des the requiremen ts as chance constrain ts and inductiv ely decomposes them into deterministic inequalities using the structure of the sp eciﬁcation. Barrier certiﬁcates are utilized in [HCL + 17, ST12, PJP07] for veriﬁcation of stochastic (h ybrid) systems but only with resp ect to the inv ariance prop ert y . Our recen t results in [JSZ18] present the idea of com bining automata representation of a complex sp eciﬁcation and barrier certiﬁcates, for formal veriﬁc ation of stochastic systems without requiring an y stabilit y assumption on the dynamics of the system. The current man uscript follows a similar direction to solv e the problem of formal synthesis for sto c hastic systems. T o the b est of our knowledge, this pap er is the ﬁrst to utilize the notion of control barrier certiﬁcates for the synthesis of discrete-time sto c hastic cont rol systems against complex temp oral logic sp eciﬁcations. W e consider temp oral properties expressed in a fragment of L TL formulae, namely , L TL on ﬁnite traces, referred to as L TL F [SRK + 14]. W e provide a systematic approach to synthesize an oﬄine control p olicy together with a low er b ound on the probability that the L TL F prop ert y is satisﬁed ov er ﬁnite-time horizon. T o achiev e this, w e utilize the notion of con trol barrier certiﬁcates which in general can only provide an upp er b ound on the reac hability probability . Since we are lo oking for a lower b ound , we ﬁrst tak e the negation of the L TL F sp eciﬁcation and decompose satisfaction of the negation into a sequence of simpler reac habilit y tasks based on the structure of the automaton asso ciated with the negation of the sp eciﬁcation. Then, controllers and corresp onding upper b ounds are obtained for these simpliﬁed reac hability tasks with the help of con trol barrier certiﬁcates. In the ﬁnal step, we combine these controllers and probability b ounds to provide a h ybrid control p olicy and a low er b ound on the probabilit y of satisfying the original L TL F prop ert y . In general, there is no guarantee that barrier certiﬁcates exist for a given sto c hastic system. Ev en if w e know one exists, there is no complete algorithm for its computation. In this pap er, w e provide t wo systematic approac hes to search for control barrier certiﬁcates under suitable assumptions on the dynamics of the system and the shap e of the p oten tial barrier certiﬁcates. The ﬁrst approach utilizes sum-of-square optimization tec hnique [P ar03] and is suitable for dynamics with contin uous input sets and p olynomial dynamics. The second approach uses the counter-example guided inductive synthesis (CEGIS) scheme which is adapted from [RS15, RS17] and is suitable for systems with ﬁnite input sets. The remainder of this paper is structured as follo ws. In Section 2, w e in tro duce discrete-time stochastic con trol systems and the linear temporal logic ov er ﬁnite traces. Then, we formally deﬁned the problem considered in this pap er. W e discuss in Section 3 the notion of con trol barrier certiﬁcates and results for the computation of upp er b ound on the probability of satisfying reac hability speciﬁcations. Section 4 provides an algorithm to decomp ose L TL F sp eciﬁcation in to sequential reachabilit y using deterministic ﬁnite automaton (DF A) corresp onding to speciﬁcation. In Section 5, we pro vide results on the synthesis of con trol p olicy together with the low er b ound on the probability of satisfaction of L TL F sp eciﬁcations using control barrier certiﬁcates. It also provides systematic approac hes to search for con trol barrier certiﬁcates. Section 6 demonstrates the eﬀectiv eness of the results on tw o case studies: (i) ro om temp erature con trol and (ii) lane k eeping of a vehicle. Finally , Section 7 concludes the paper. FORMAL SYNTHESIS OF STOCHASTIC SYSTEMS VIA CONTROL BARRIER CER TIFICA TES 3 2. Preliminaries 2.1. Notations. W e denote the set of nonnegativ e integers by N 0 := { 0 , 1 , 2 , . . . } and the set of positive in tegers by N := { 1 , 2 , 3 , . . . } . The symbols R , R + , and R + 0 denote the set of real, positive, and nonnegativ e real n umbers, resp ectively . W e use R n × m to denote the space of real matrices with n rows and m columns. F or a ﬁnite set A , w e denote its cardinality by | A | . The logical op erators ‘not’, ‘and’, and ‘or’ are denoted by ¬ , ∧ , and ∨ , respectively . W e consider a probabilit y space with the tuple (Ω , F Ω , P Ω ), where Ω is the sample space, F Ω is a sigma- algebra on Ω comprising the subset of Ω as ev ents, and P Ω is a probabilit y measure that assigns probabilities to even ts. W e assume that random v ariables in tro duced in this article are measurable functions of the form X : (Ω , F Ω ) → ( S X , F X ) mapping measurable space (Ω , F Ω ) to another measurable space ( S X , F X ) and assigns probabilit y measure to ( S X , F X ) according to P r ob { A } = P Ω { X − 1 ( A ) } for an y A ∈ F X . In words, S X is the domain of the random v ariable X and F X is a collection of subsets of S X suc h that X assigns probabilit y to the elements of this collection. W e often directly discuss the probability measure on ( S X , F X ) without explicitly mentioning the underlying probability space and the function X itself. 2.2. Discrete-time sto c hastic control systems. In this w ork, we consider discrete-time sto c hastic control systems (dt-SCS) that are extensively emplo yed as mo dels of systems under uncertaint y in economics and ﬁnance [EA87] and in man y engineering systems [BS96]. Examples of using dt-SCS include modeling in ven tory- pro duction systems [HLL96], demand resp onse in energy net works [Sou14], and analyzing max-plus linear systems in transp ortation [SAA16]. A dt-SCS is given b y the tuple S = ( X , V w , U, w , f ), where X is the state set, V w is the uncertaint y set, and U is the input set of the system. W e denote b y ( X , B ( X )) the measurable space with B ( X ) being the Borel sigma-algebra on the state space. Notation w denotes a sequence of indep enden t and iden tically distributed (i.i.d.) random v ariables on the set V w as w := { w ( k ) : Ω → V w , k ∈ N 0 } . The map f : X × U × V w → X is a measurable function c haracterizing the state evolution of the system. F or a given initial state x (0) ∈ X , the state evolution can b e written as (2.1) x ( k + 1) = f ( x ( k ) , u ( k ) , w ( k )) , k ∈ N 0 . W e are interested in syn thesizing a con trol p olicy ρ that guarantees a potentially tight lo wer b ound on the probabilit y that the system S satisﬁes a sp eciﬁcation expressed as a temp oral logic prop ert y . The syntax and seman tics of the class of sp eciﬁcations dealt with in this pap er are pro vided in the next subsection. In this w ork, we consider history-dep endent p olicies given b y ρ = ( ρ 0 , ρ 1 , . . . , ρ n , . . . ) with functions ρ n : H n → U , where H n is a set of all n -histories h n deﬁned as h n := ( x (0) , u (0) , x (1) , u (1) , . . . , x ( n − 1) , u ( n − 1) , x ( n )). A sub class of p olicies are called stationary and are deﬁned as ρ = ( u, u, . . . , u, . . . ) with a function u : X → U . In stationary p olicies, the mapping at time n depends only on the current state x n and do es not change ov er time. 2.3. Linear temp oral logic ov er ﬁnite traces. In this subsection, we introduce linear temp oral logic o v er ﬁnite traces, referred to as L TL F [DGV13], which will be used later to express temp oral sp eciﬁcations for our syn thesis problem. Prop erties L TL F use the same syntax of L TL o ver inﬁnite traces given in [BKL08]. The L TL F form ulas o v er a set Π of atomic prop ositions are obtained as follows: ϕ ::= true | p | ¬ ϕ | ϕ 1 ∧ ϕ 2 | ϕ 1 ∨ ϕ 2 |  ϕ | ♦ ϕ |  ϕ | ϕ 1 U ϕ 2 , where p ∈ Π,  is the next op erator, ♦ is even tually ,  is alwa ys, and U is un til. The semantics of L TL F is giv en in terms of ﬁnite tr ac es , i.e. , ﬁnite words σ , denoting a ﬁnite non-empty sequence of consecutiv e steps o ver Π. W e use | σ | to represen t the length of σ and σ i as a prop ositional in terpretation at the i th p osition in the trace, where 0 ≤ i < | σ | . Given a ﬁnite trace σ and an L TL F form ula ϕ , we inductively deﬁne when an L TL F form ula ϕ is true at the i th step (0 ≤ i < | σ | ) and denoted b y σ , i | = ϕ , as follows: • σ, i | = true ; 4 P . JAGT AP, S. SOUDJANI, AND M. ZAMANI • σ, i | = p , for p ∈ Π iﬀ p ∈ σ i ; • σ, i | = ¬ ϕ iﬀ σ, i 6| = ϕ ; • σ, i | = ϕ 1 ∧ ϕ 2 iﬀ σ, i | = ϕ 1 and σ, i | = ϕ 2 ; • σ, i | = ϕ 1 ∨ ϕ 2 iﬀ σ, i | = ϕ 1 or σ, i | = ϕ 2 ; • σ, i | =  ϕ iﬀ i < | σ | − 1 and σ, i + 1 | = ϕ ; • σ, i | = ♦ ϕ iﬀ for some j such that i ≤ j < | σ | , we hav e σ, j | = ϕ ; • σ, i | =  ϕ iﬀ for all j such that i ≤ j < | σ | , we hav e σ, j | = ϕ ; • σ, i | = ϕ 1 U ϕ 2 iﬀ for some j such that i ≤ j < | σ | , w e ha ve σ, j | = ϕ 2 , and for all k s.t. i ≤ k < j , we ha ve σ, k | = ϕ 1 . The formula ϕ is true on σ , denoted b y σ | = ϕ , if and only if σ, 0 | = ϕ . The set of all traces that satisfy the formula ϕ is called the language of formula ϕ and is denoted by L ( ϕ ). Notice that we also hav e the usual b oolean equiv alences such as ϕ 1 ∨ ϕ 2 ≡ ¬ ( ¬ ϕ 1 ∧ ¬ ϕ 2 ), ϕ 1 = ⇒ ϕ 2 ≡ ¬ ϕ 1 ∨ ϕ 2 , ♦ ϕ ≡ true U ϕ , and  ϕ ≡ ¬ ♦ ¬ ϕ . Next, w e deﬁne deterministic ﬁnite automata which later serve as equiv alent represen tations of L TL F form ulae. Deﬁnition 2.1. A deterministic ﬁnite automaton ( DF A ) is a tuple A = ( Q, Q 0 , Σ , δ, F ) , wher e Q is a ﬁnite set of states, Q 0 ⊆ Q is a set of initial states, Σ is a ﬁnite set ( a.k.a. alphab et ) , δ : Q × Σ → Q is a tr ansition function, and F ⊆ Q is a set of ac c epting states. W e use notation q σ − → q 0 to denote transition ( q , σ, q 0 ) ∈ δ . A ﬁnite word σ = ( σ 0 , σ 1 , . . . , σ n − 1 ) ∈ Σ n is accepted by DF A A if there exists a ﬁnite state run q = ( q 0 , q 1 , . . . , q n ) ∈ Q n +1 suc h that q 0 ∈ Q 0 , q i σ i − → q i +1 for all 0 ≤ i < n and q n ∈ F . The set of w ords accepted b y A is called the accepting language of A and is denoted by L ( A ). W e denote the set of successor states of a state q ∈ Q b y ∆( q ). The next result shows that ev ery L TL F form ula can b e accepted by a DF A. Theorem 2.2 ([ZPV19, DGV15]) . Every L TL F formula ϕ c an b e tr anslate d to a DF A A ϕ that ac c epts the same language as ϕ , i.e., L ( ϕ ) = L ( A ϕ ) . Suc h A ϕ in Theorem 2.2 can b e constructed explicitly or sym b olically using existing tools, suc h as SPOT [DLLF + 16] and MONA [HJJ + 95]. Remark 2.3. F or a given L TL F formula ϕ over atomic pr op ositions Π , the asso ciate d DF A A ϕ is usual ly c onstructe d over the alphab et Σ = 2 Π . Solution pr o c ess of a system S is also c onne cte d to the set of wor ds by a lab eling function L fr om the state set to the alphab et Σ . Without loss of gener ality, we work with the set of atomic pr op ositions dir e ctly as the alphab et r ather than its p ower set. 2.4. Prop ert y satisfaction b y sto c hastic con trol systems. F or a given dt-SCS S = ( X , V w , U, w , f ) with dynamics (2.1), the system S is connected to L TL F form ulas with the help of a measurable lab eling function L : X → Π, where Π is the set of atomic prop ositions. Deﬁnition 2.4. Consider a ﬁnite state se quenc e x N = ( x (0) , x (1) , . . . , x ( N − 1)) ∈ X N , N ∈ N , and lab eling function L : X → Π . Then, the c orr esp onding tr ac e is given by L ( x N ) := ( σ 0 , σ 1 , . . . , σ N − 1 ) ∈ Π N if we have σ k = L ( x ( k )) for al l k ∈ { 0 , 1 , . . . , N − 1 } . Note that w e abuse the notation b y using map L ( · ) ov er the domain X N , i.e. L ( x (0) , x (1) , . . . , x ( N − 1)) ≡ ( L ( x (0)) , L ( x (1)) , . . . , L ( x ( N − 1))). Their distinction is clear from the con text. Next, w e deﬁne the probabilit y that a dt-SCS S satisﬁes L TL F form ula ϕ ov er traces of length N . Deﬁnition 2.5. Consider a dt-SCS S = ( X , V w , U, w , f ) and a L TL F formula ϕ over Π . We denote by P x 0 ρ { L ( x N ) | = ϕ } the pr ob ability that ϕ is satisﬁe d by the state evolution of the system S over a ﬁnite-time horizon [0 , N ) ⊂ N starting fr om initial state x (0) = x 0 ∈ X under c ontr ol p olicy ρ . FORMAL SYNTHESIS OF STOCHASTIC SYSTEMS VIA CONTROL BARRIER CER TIFICA TES 5 Remark 2.6. The set of atomic pr op ositions Π = { p 0 , p 1 , . . . , p M } and the lab eling function L : X → Π pr ovide a me asur able p artition of the state set X = ∪ M i =1 X i as X i := L − 1 ( p i ) . We assume that X i 6 = ∅ for any i . This assumption is without loss of gener ality sinc e al l the atomic pr op ositions p i with L − 1 ( p i ) = ∅ c an b e r eplac e d by ( ¬ true ) without aﬀe cting the pr ob ability of satisfaction. 2.5. Problem form ulation. Problem 2.7. Given a dt-SCS S = ( X, V w , U, w , f ) with dynamics (2.1) , a L TL F sp e ciﬁc ation ϕ of length N over a set of atomic pr op ositions Π = { p 0 , p 1 , . . . , p M } , a lab eling function L : X → Π , and r e al value ϑ ∈ (0 , 1) , c ompute a c ontr ol p olicy ρ (if existing) such that P x 0 ρ { L ( x N ) | = ϕ } ≥ ϑ for al l x 0 ∈ L − 1 ( p i ) and some i ∈ { 1 , 2 , . . . , M } . Finding a solution to Problem 2.7 (if existing) is diﬃcult in general. In this pap er, we giv e a computational metho d that is sound in solving the problem. Our approach is to compute a policy ρ together with a low er b ound ϑ . W e try to ﬁnd the largest low er b ound, whic h then can b e compared with ϑ and gives ρ as a solution for Problem 2.7 if ϑ ≥ ϑ . T o solv e this problem, we utilize the notion of control barrier certiﬁcates (discussed in Section 3). In general, this notion is useful for providing an upp er b ound on the reachabilit y probability . The negation of L TL F prop erties can then be equiv alen tly represented as a sequence of reachabilit y problems using a DF A. Therefore, instead of computing a con trol p olicy that guaran tees a low er b ound ϑ on the probabilit y satisfaction of the L TL F sp eciﬁcation, w e compute a p olicy that guaran tees an upp er bound on the probabilit y satisfaction of its negation, i.e. , P x 0 ρ { L ( x N ) | = ¬ ϕ } ≤ ϑ for any x 0 ∈ L − 1 ( p i ) and some i ∈ { 0 , 1 , . . . , M } . Then for the same control p olicy the low er b ound can b e easily obtained as ϑ = 1 − ϑ . This is done by constructing a DF A A ¬ ϕ = ( Q, Q 0 , Π , δ, F ) that accepts all ﬁnite words ov er Π satisfying ¬ ϕ . F or the sak e of illustrating the results b etter, we pro vide the following running example throughout the pap er. Example 1. Consider a tw o-dimensional dt-SCS S = ( X , V w , U, w , f ) with X = V w = R 2 , U = R and dynamics x 1 ( k + 1) = x 1 ( k ) − 0 . 01 x 2 2 ( k ) + 0 . 5 w 1 ( k ) , x 2 ( k + 1) = − 0 . 01 x 1 ( k ) x 2 ( k ) + u ( k ) + 0 . 5 w 2 ( k ) , (2.2) where u ( · ) is a control input and w 1 ( k ), w 2 ( k ) are standard normal random v ariables that are indep enden t from each other and for any k ∈ N 0 . The set of atomic prop ositions is given by Π = { p 0 , p 1 , p 2 , p 3 } , with -5 0 5 x 1 -8 -6 -4 -2 0 2 4 6 8 x 2 X 3 X 1 X 2 X 0 (a) q 2 q 0 q 1 q 3 q 4 p 0 p 2 : p 2 p 1 p 1 p 2 : p 1 p 1 _ p 3 p 2 p 0 _ p 3 (b) Figure 1. (a) State set and regions of interest for Example 1, (b) DF A A ¬ ϕ that accepts all traces satisfying ¬ ϕ where ϕ is given in (2.3). 6 P . JAGT AP, S. SOUDJANI, AND M. ZAMANI lab eling function L ( x ) = p i for any x ∈ X i , i ∈ { 0 , 1 , 2 , 3 } . The sets X i are deﬁned as X 0 = { ( x 1 , x 2 ) ∈ X | ( x 1 + 5) 2 + x 2 2 ≤ 2 . 5 } , X 1 = { ( x 1 , x 2 ) ∈ X | ( x 1 − 5) 2 + ( x 2 − 5) 2 ≤ 3 } , X 2 = { ( x 1 , x 2 ) ∈ X | ( x 1 − 4) 2 + ( x 2 + 3) 2 ≤ 2 } , and X 3 = X \ ( X 0 ∪ X 1 ∪ X 2 ) . These sets are shown in Figure 1(a). W e are interested in computing a control p olicy ρ that pro vides a low er b ound on the probability that the tra jectories of S of length N satisﬁes the following sp eciﬁcation: • If it starts in X 0 , it will alwa ys sta y aw ay from X 1 or alwa ys sta y aw ay from X 2 . If it starts in X 2 , it will alwa ys sta y aw ay from X 1 . This prop erty can be expressed b y the L TL F form ula (2.3) ϕ = ( p 0 ∧ (  ¬ p 1 ∨  ¬ p 2 )) ∨ ( p 2 ∧  ¬ p 1 ) . The DF A corresp onding to the negation of ϕ in (2.3) is sho wn in Figure 1(b). 3. Control Barrier Cer tifica tes In this section, w e in tro duce the notion of control barrier certiﬁcate whic h will later serv e as the core elemen t for solving Problem 2.7. Intuitiv ely , control barrier certiﬁcates are relaxed versions of sup ermartingales that are decreasing in exp ectation along the tra jectories of the system up to a constant. Once a barrier certiﬁcate is found while satisfying some conditions, it can give upp er b ounds on the reachabilit y probability of system tra jectories. Deﬁnition 3.1. A function B : X → R + 0 is a c ontr ol b arrier c ertiﬁc ate for a dt-SCS S = ( X , V w , U, w , f ) if for any state x ∈ X , ther e exists an input u ∈ U such that E [ B ( f ( x, u, w )) | x, u ] ≤ B ( x ) + c, (3.1) for some c onstant c ≥ 0 . If the set of con trol inputs U is ﬁnite, one can rewrite Deﬁnition 3.1 as follows. Deﬁnition 3.2. A function B : X → R + 0 is a c ontr ol b arrier c ertiﬁc ate for a dt-SCS S = ( X , V w , U, w , f ) with U = { u 1 , u 2 , . . . , u l } , l ∈ N , if min u ∈ U E [ B ( f ( x, u, w )) | x, u ] ≤ B ( x ) + c ∀ x ∈ X , (3.2) for some c onstant c ≥ 0 . Remark 3.3. Note that c onditions (3.1) - (3.2) ar e r elaxe d versions of so-c al le d sup ermartingale c ondition. This is due to the p ositive c onstant c on the right-hand side. When c = 0 , the function B ( · ) b e c omes sup ermartingale for S . Remark 3.4. The ab ove deﬁnitions asso ciate a stationary p olicy u : X → U to a c ontr ol b arrier c ertiﬁc ate. Deﬁnition 3.1 gives such a p olicy ac c or ding to the existential quantiﬁer on the input for any state x ∈ X . Deﬁnition 3.2 gives the p olicy as the ar g min of the left-hand side of ine quality (3.2) . In c ase of discr ete inputs, u ( x ) c an b e sele cte d as an element of { u ∈ U | E [ B ( f ( x, u, w )) | x, u ] ≤ B ( x ) + c } . In other wor ds, Deﬁnition 3.2 pr ovides r e gions of state-set in which the p articular c ontr ol input is valid and is given as X i := { x ∈ X | E [ B ( f ( x, u i , w )) | x, u i ] ≤ B ( x ) + c } for al l i ∈ { 1 , 2 , . . . , l } and S i X i = X . W e provide the following lemma and use it in the sequel. This lemma is a direct consequence of [Kus67, Theorem 3] and is also utilized in [ST12, Theorem I I.1]. FORMAL SYNTHESIS OF STOCHASTIC SYSTEMS VIA CONTROL BARRIER CER TIFICA TES 7 Lemma 3.5. Consider a dt-SCS S = ( X , V w , U, w , f ) and let B : X → R + 0 b e a c ontr ol b arrier c ertiﬁc ate as given in Deﬁnition 3.1 (or Deﬁnition 3.2) with c onstant c and stationary p olicy u : X → U as discusse d in R emark 3.4. Then for any c onstant λ > 0 and any initial state x 0 ∈ X , P x 0 u { sup 0 ≤ k

Original Paper

Loading high-quality paper...

Comments & Academic Discussion

Loading comments...

Original Paper

Related Papers

Comments & Academic Discussion

Leave a Comment