Approximate simulation relations and finite ... - Semantic Scholar

Download PDF
Comment
Report 3 Downloads 75 Views
Approximate simulation relations and finite abstractions of quantized control systems? Paulo Tabuada Electrical Engineering Department University of California at Los Angeles Los Angeles, CA 90095-1594 [email protected], http://www.ee.ucla.edu/∼tabuada

Abstract. In this paper we revisit the construction of quantized models of control systems. Based on an approximate notion of simulation relation and under a stabilizability assumption we show how we can force a lattice structure on the reachable space of a quantized control system for any finite input quantization. When we are only interested in a compact subset of the state space, as is the case in concrete applications, our results immediately provide a finite model for the quantized control system.

Finite abstractions of continuous and hybrid systems are one of the most frequently used techniques to reduce the verification of these systems to the verification of finite-state systems. Recently, finite abstractions have also been used for the synthesis of correct-by-design embedded control software. This is accomplished by reformulating the synthesis of control software as the construction of a supervisory controller acting on the discrete abstraction. This finite-state controller is then refined to an hybrid system model of the control software enforcing the specification. The key enabling step in the whole synthesis process is the construction of the finite abstraction which is also the central theme of this paper. The existing techniques for the construction of finite abstractions can be divided in two different (and dual) approaches: quotients and sub-systems. Techniques based on quotients construct a finite partition of the state space by identifying points having similar reachability properties. Examples include finite models for linear control systems in discrete-time [Tab07,TP06] and multi-affine control systems in continuous-time [KB06]. Finite abstractions based on subsystems are obtained by restricting the behaviors described by a control system to a subset having desirable properties. This restriction is achieved in the setting of quantized control systems [BMP02,BMP06] by selecting a subset of all the admissible input trajectories. Elements of this subset are termed control quanta and its choice can be seen as a quantization of the space of admissible input ?

This research was partially supported by the National Science Foundation CAREER award 0446716.

2

trajectories. For certain classes of control systems, such as drift-free systems in chained form, the reachable space of the quantized system admits the structure of a lattice which can be rendered as fine as desired by properly choosing the control quanta. This structure can then be exploited to obtain efficient motion planning algorithms for these systems [PLPB02]. The work described in this paper is a contribution to the construction of finite abstractions based on the sub-system approach. By resorting to a notion of approximate simulation relation inspired by the work of Girard and Pappas [GP05b] we show how to impose a lattice structure on the reachable set of a quantized control system provided that: the resulting model is related to the original (unquantized) control system not by a simulation relation but by an approximate simulation relation; a certain stabilizability assumption holds. Moreover, this lattice structure is independent of the chosen input quantization which makes our results useful even if the quantized control system admits a lattice structure on the reachable set for some but not for all input quantizations. We also briefly discuss how this abstraction can be computed by resorting to numerical methods. As mentioned before, these finite abstractions are an essential ingredient for the correct-by-design synthesis of embedded control software. For reasons of space we cannot, in this paper, give details on the whole synthesis process and refer the interested reader to [Tab06] where he can also find several examples.

1 1.1

Definitions, control systems and stability notions Definitions

The following definitions and notations will be used throughout the paper. Given a map f : A → B we denote by Γ (f ) the graph of f , that is, the set Γ (f ) = (a, b) ∈ A × B | b = f (a) . If A is a subset of B we denote by ıA : A ,→ B or simply by ı the natural inclusion map taking any a ∈ A to ı(a) = a ∈ B. The identity map on a set A is denoted by 1A . For x ∈ Rn we denote by xi the ith element of the vector x. Let now A ⊆ Rn and µ ∈ R. We will use the notation [A]µ to denote the subset of A defined by allthe vectors whose elements are integer multiples of µ or equivalently [A]µ = a ∈ A | ai = ki µ for some ki ∈ Z and i = 1, . . . , n . The set [A]µ is thus a subset of the lattice [Rn ]µ . When x ∈ Rn , dxe will denote the smallest integer n ∈ N such that x ≤ n. We will say that a ∈ R integrally divides b ∈ R when b/a ∈ Z. The standard Euclidean norm of x ∈ Rn is denoted by kxk while kxkS denotes the usual point to set distance defined by: kxkS = inf kx − sk s∈S

We can thus recover kxk as kxk{0} . The closed ball centered at x ∈ R with radius ε is denoted by Bε (x) or equivalently:  Bε (x) = y ∈ Rn | kx − yk ≤ ε

3 + A continuous function γ : R+ 0 → R0 , is said to belong to class K∞ if it is strictly increasing, γ(0) = 0 and γ(r) → ∞ as r → ∞. A continuous function + + β : R+ 0 × R0 → R0 is said to belong to class KL if, for each fixed s, the map β(r, s) belongs to class K∞ with respect to r and, for each fixed r, the map β(r, s) is decreasing with respect to s and β(r, s) → 0 as s → ∞. We now review some formal language concepts. Given a set S we denote by S ∗ the set of all finite strings obtained by concatenating elements in S. An element s of S ∗ is therefore given by s = s1 s2 . . . sn with si ∈ S for i = 1, . . . , n. Given a string s belonging to S ∗ we denote by s(i) the ith element of s. The length of a string s ∈ S ∗ is denoted by |s| and a subset of S ∗ is called a language. Given a map f : A → B we shall use the same letter to denote the extension of f to f : A∗ → B ∗ defined by:     f s(1)s(2) . . . s(n) = f s(1) f s(2) . . . f s(n)

1.2

Control Systems

One the main objects of study in this paper are control systems defined as follows: Definition 1. A control system is a quadruple Σ = (Rn , U ⊂ Rm , U, f ) where: – U is a compact subset of Rm containing the origin; – U is a subset of the set of all measurable functions from intervals of the form ]a, b[⊆ R to U with a < 0 and b > 0; – f : Rn × U → Rn is a continuous map satisfying the following Lipschitz assumption: for every compact set K ⊂ Rn , there exists a constant L > 0 such that kf (x, u) − f (y, u)k ≤ Lkx − yk for all x, y ∈ K and all u ∈ U . An absolutely continuous curve x :]a, b[→ Rn is said to be a trajectory of Σ if there exists u ∈ U satisfying: ˙ x(t) = f (x(t), u(t))

(1)

for almost all t ∈]a, b[. Control system Σ is said to be forward complete if every trajectory is defined on an interval of the form ]a, ∞[. Although we have defined trajectories over open domains, we shall refer to trajectories x : [0, τ ] → Rn defined on closed domains [0, τ ], τ ∈ R+ with the understanding of the existence of a trajectory x0 :]a, b[→ Rn such that x = x0 |[0,τ ] . We will also write x(τ, x, u) to denote the point reached at time τ under the input u from initial condition x. This point is uniquely determined since the assumptions on f ensure existence and uniqueness of trajectories. For certain results we will need to assume that Σ is control affine meaning that f (x, u) can be written as: m X f (x, u) = f0 (x) + fi (x)ui i=1

where the fi satisfy the same regularity conditions as f and (u1 , . . . , um ) ∈ U .

4

1.3

Stability notions

The results presented in this paper will assume certain stabilizability assumptions that we now recall. We will say that a set S ⊆ Rn is invariant under a control system Σ if for any trajectory x of Σ, x(0) ∈ S implies x(t) ∈ S for all 0 ≤ t < b. We will also the diagonal set on R2n , denoted by ∆,  need to nrefer to n and defined by ∆ = (x, y) ∈ R × R | x = y . Definition 2. A control system Σ = (Rn , U ⊂ Rm , U, f ) is uniformly globally asymptotically stable with respect to a closed invariant set S if it is forward complete and there exists a class KL function β such that the following estimate holds for all x ∈ Rn , u ∈ U and t ≥ 0: kx(t, x, u)kS ≤ β(kxkS , t)

(2)

Definition 3 (Stabilizability Assumption). A control system Σ = (Rn , U ⊂ Rm , U, f ) is said to satisfy the Stabilizability Assumption (SA) if there exists a function k : Rn × Rn × U → U satisfying: 1. k is continuously differentiable on R2n \∆; 2. k(y, x, u) = u for (x, y) ∈ ∆, and rendering control system (Rn × Rn , U ⊂ Rm , U, f ×k f ) with f ×k f defined by:  (f ×k f )((x, y), u) = f (x, u), f (y, k(y, x, u)) (3) uniformly globally asymptotically stable with respect to ∆, that is, enforcing the following estimate for all x, y ∈ Rn , u ∈ U and t ≥ 0: kx(t, x, u) − y(t, y, k(y, x, u))k ≤ β(kx − yk, t)

(4)

The possible lack of regularity of k on ∆ does not pose a problem with respect to existence and uniqueness of trajectories. On the open set R2n \∆ existence and uniqueness of trajectories is guaranteed by the regularity assumptions on k and f . On the set ∆, the requirement k(y, x, u) = u ensures that ∆ is an invariant set since f ×k f degenerates into (f (x, u), f (x, u)) which guarantees existence and uniqueness of trajectories. A control system satisfying the SA is able to track its own trajectories since for any trajectory x defined by an input curve u, the feedback controller k will guarantee that the trajectory y starting at any initial condition and defined by the input curve k(y, x, u) will asymptotically converge to x. A sufficient condition for the stabilizability assumption introduced in Definition 3 can be obtained through the concept of control Lyapunov function. Following the ideas initially presented in [Art83] and later extended by many authors, the existence of a control Lyapunov function allows one to recover the controller k. To simplify the presentation let us consider new coordinates given by: z =x−y w =x+y (5)

5

Proposition Σ = (Rn × Rn , U ⊂ Rm , U, f ) be a control affine system  1. Let m with U = u ∈ R | u21 + u22 + . . . + u2m ≤ 1 and assume the existence of a continuously differentiable function V : Rn × Rn → R+ 0 and class K∞ functions α, α, α for which the following inequalities hold: 1. ∀z, w ∈ Rn α(kzk) ≤ V (z, w) ≤ α(kzk); ∂V 2. ∀z ∈ R ∀u ∈ U ∃v ∈ U ∀w ∈ Rn ∂V ∂z f ((z, w), u)+ ∂w f ((z, w), v) ≤ −α(kzk). Then, control system Σ satisfies the SA. Proof. The result follows, for example, from the formulas given in [LS95]. In this reference only asymptotic stability towards a compact closed set is considered. However, condition (2) guarantees that the resulting controller is a function of z and u alone thus guaranteeing global uniform asymptotic stability. This is not the case when instead of (2) we use the usual condition ∂V inf v∈V ∂V ∂z f ((z, w), u) + ∂w f ((z, w), v) ≤ −α(kzk) which corresponds to (note the change in the quantification order): ∀z ∈ R ∀w ∈ Rn ∀u ∈ U ∃v ∈ U

∂V ∂V f ((z, w), u)+ f ((z, w), v) ≤ −α(kzk) ∂z ∂w

The previous result provides a more efficient way to determine if the SA is satisfied by searching for a single scalar function V instead of having to search for a controller k.

2

Approximate simulations

In this section we introduce the notion of approximate simulation upon which all the results in this paper rely. Approximate simulations relate transition systems that will be used in this paper as abstract models for control systems. Definition 4. A transition system T is a quintuple (Q, L, sisting of: – – – – –

- , O, H) con-

A set of states Q; A set of labels L; - ⊆ Q × L × Q; A transition relation An output set O; An output function H : Q → O.

- , O, H) in which A metric transition system is a transition system (Q, L, the output set O is equipped with a metric d : O × O → R+ . 0 - by We will follow standard practice and denote an element (p, l, q) ∈ l l p q. We will also use the notation p q when l = l1 l2 . . . ln ∈ L∗ is a l string of elements in L. In this case p - q denotes the existence of a sequence l1 l2 l3 ln of transitions p - p1 - p2 - . . . - q. We shall say that a transition system T is finite when Q is finite. Transition systems capture dynamics through

6 l the transition relation. For any states p, q ∈ Q, p - q simply means that it is possible to evolve or jump from state p to state q under the action labeled by l. - as a function since, in general, there may be Note that we cannot model l l several states q1 , q2 ∈ Q such that p - q1 and p - q2 . We will use transition systems as an abstract representation of control systems. There are several different ways in which we can transform control systems into transition systems. We now describe one of these which has the property of capturing all the information contained in a control system Σ:

Definition 5. Let Σ = (Rn , U, U, f ) be a control system. The transition system - , O, H) associated with Σ is defined by: T (Σ) = (Q, L, – Q = Rn ; – E = U; u – p - q if there exists a trajectory x : [0, τ ] → Rn of Σ satisfying x(τ, p, u) = q for some τ ∈ R+ ; – O = Rn ; – H = 1Rn . Note that T (Σ) is a metric transition system when we regard O = Rn as being equipped with the metric d(p, q) = kp − qk. Definition 6. A run of a transition system T = (Q, L,

- , O, H) is a string - r(i + 1) for i = r ∈ Q for which there exists l ∈ L satisfying r(i) 1, . . . , |r| − 1. A string s ∈ O∗ is said to be an output run of T if there exists a run r of T such that H(r) = s. The language of T , denoted by L(T ), is the set of all output runs of T . ∗



l(i)

Simulation and bisimulation relations are standard mechanisms to relate the properties of transition systems [CGP99]. Intuitively, a simulation relation from a transition system T1 to a transition system T2 is a relation between the corresponding state sets explaining how a run r of T1 can be transformed into a run s of T2 . While typical simulation relations require that runs r and s are observationally indistinguishable, that is, H1 (r) = H2 (s), we shall relax this by requiring H1 (r) to simply be close to H2 (s) where closeness is measured with respect to the metric on the output set: Definition 7. Let T1 = (Q1 , L1 ,

- , O, H1 ) and T2 = (Q2 , L2 ,

1

- , O, H2 )

2

be metric transition systems with the same output space and let ε, δ ∈ R+ . A relation R ⊆ Q1 × Q2 is said to be a (ε, δ)-approximate simulation relation from T1 to T2 if: 1. (q1 , q2 ) ∈ R implies d(H(q1 ), H(q2 )) ≤ ε; 2. d(H(q1 ), H(q2 )) ≤ δ implies (q1 , q2 ) ∈ R; l1 - q10 imply the existence of q2 ∈ Q2 such that 3. (q1 , q2 ) ∈ R and q1 1

q2

l2

- q20 with (q10 , q20 ) ∈ R.

2

7

A different notion of approximate simulation appeared1 in the work of Girard and Pappas [GP05a] where it was termed δ-approximate simulation relation. Such a notion is essentially the same as a (ε, δ)-approximate simulation relation except for requirement (2) which is not present in [GP05a]. The need for this requirement and for two parameters, namely ε and δ, will become apparent in Section 3 where we provide a characterization in terms of the stabilizability concepts reviewed in Section 1. While the existence of a simulation relation between two transition systems implies language containment, the existence of an approximate simulation only implies a weaker version of this containment: Proposition 2. If there exists a (ε, δ)-approximate simulation relation from T1  to T2 satisfying R(Q1 ) = Q2 , then L(T1 ) ⊆ Bε L(T2 ) where Bε L(T2 ) denotes the language:  s ∈ O∗ | d(s(i), r(i)) ≤ ε for some r ∈ L(T2 ) with |s| = |r| and i = 1, . . . , |s| Proof. For any s ∈ L(T1 ) there exist strings r ∈ Q∗ and l ∈ L∗ such that: r(1)

l(1)

- r(2)

l(2)

- ...

l(|s|−1)

- r(|s|)

and H(r) = s. Let now q2 ∈ Q2 satisfy (r(1), q2 ) ∈ R and note that q2 exists since R(Q1 ) = Q2 . By the definition of approximate simulation relation we have m(1) u(1) = q2 - u(2) for some m(1) ∈ L2 and (r(2), u(2)) ∈ R. Invoking (1) in the definition of approximate simulation we conclude that d(r(2), u(2)) ≤ ε. Extending this argument by induction on the length of s we conclude the existence of u ∈ Q∗2 , m ∈ L∗2 with |u| = |r|, (r(i), u(i)) ∈ R and thus d(H(r(i)), H(u(i))) ≤ ε for i = 1, . . . , |s| or H(r) ∈ Bε (L(T2 )). u t The notion of sub-transition system formalizes the idea of constructing a new transition system by isolating certain states and certain transitions of an existing transition system: - , O, H1 ) is said to be a Definition 8. Transition system T1 = (Q1 , L1 , 1 - , O, H2 ) if Q1 ⊆ Q2 , H1 = H2 |Q , sub-transition system of T2 = (Q2 , L2 , 1 2

and the graph Γ (ı) of the natural inclusion ı : Q1 ,→ Q2 is a relation satisfying requirement (3) in Definition 7. In the remaining paper we will work with sub-transition systems of T (Σ) obtained by selecting those transitions from T (Σ) describing trajectories of duration τ for some chosen τ ∈ R+ . This can be seen as a time discretization or sampling process. Definition 9. Let Σ be a control system and T (Σ) its associated transition - , O, H) system. For any τ ∈ R+ , the sub-transition system Tτ (Σ) = (Q, L, of T (Σ) is defined by: 1

The authors of [GP05b] only discuss approximate bisimulations but one can easily derive the corresponding notion of approximate simulation.

8

1. Q = Rn ; 2. L = u ∈ U | the domain of u is [0, τ ] ; u 3. p - q if there exists a trajectory x of Σ satisfying x(τ, p, u) = q; 4. O = Rn ; 5. H = 1Rn .

3

Existence of approximate simulations

The adequacy of the notion of approximate simulation relation introduced in the previous section will be justified in this paper with two arguments: its characterization in terms of known stabilizability concepts and its essential role in the existence and computation of finite abstractions. In this section we provide the first argument by relating existence of approximate simulation relations with the SA: Theorem 1. Let Σ be a control system satisfying the SA. Then, for any ε ∈ R+ there exists a δ ∈ R+ such that for all τ ∈ R+ there exists a (ε, δ)-approximate simulation relation from Tτ (Σ) to T (Σ). The proof of this result can be found in [Tab06] where a converse result is also presented under an assumption weaker than the SA. In concrete applications we shall not work with Tτ (Σ) but with a finite sub-transition system of Tτ (Σ). In this case we can still guarantee existence of a (ε, δ)-approximate simulation relation: Corollary 1. Let Σ be a control system satisfying the SA and consider a finite - , O, H) of Tτ (Σ). Then, there exists a sub-transition system T = (Q, L, n contractible compact set S ⊂ R containing Q and a (ε, δ)-approximate simulation relation R from T to Tτ (Σ) satisfying R(Q) = S. Existence of approximate simulations from arbitrary sub-transition systems of Tτ (Σ) to Tτ (Σ) is thus guaranteed by the SA which, according to Proposition 1, can be checked by resorting to a control Lyapunov function. The correctby-design methodology that is being introduced in this paper thus leverages on the extensive work that has been done by the control community on stability, stabilization and its Lyapunov characterizations.

4

Computation of finite sub-transition systems

We consider the computation of finite sub-transition systems in the framework of quantized control systems [BMP02,PLPB02,BMP06] where one restricts attention to a denumerable subset of U whose elements are termed control quanta. In this paper, control quanta are defined by constant input curves assuming values in a finite set U ⊂ U . Although this restriction on the class of input curves may appear to be quite drastic, there are several reasons to consider

9

it. In many man-made systems, input signals are physically implemented as piece-wise constant signals. Our assumptions are then in consonance with real physical constraints. Moreover, input quantization can be seen as a very powerful complexity reduction mechanism simplifying several control synthesis problems [BMP02,PLPB02,BMP06]. From Corollary 1 we know that under the SA we can construct a (ε, δ)approximate simulation relation from any finite sub-transition system T of Tτ (Σ) to Tτ (Σ). The question we address in this section is: How do we compute such finite sub-transition systems? We assume that parameters τ and ε, describing the desired sampling time and state accuracy, respectively, are given along with a finite set U ⊂ U of inputs and compact subset S ⊂ Rn of the state space. The finite set U describes the input quantization while the set S represents the working region that is of interest and which will be compact (at least bounded) in concrete applications. The naive approach to obtain a sub-transition system based on the given data would be to construct the transition relation by rounds. The first round would compute u - q with u ∈ U, p ∈ [S]η , (where η ∈ R+ is chosen so all the transitions p that any x ∈ S belongs to Bε (p0 ) for some p0 ∈ [S]η ) and for which there exists a trajectory x : [0, τ ] → Rn of Σ satisfying x(τ, p, u) = q. The second round would repeat the same construction, enlarging the transition relation with transitions starting at the states q obtained in the first round. The sub-transition system T could then be seen as the limit of this process. One immediate difficulty with this naive approach is to determine at which round to terminate the construction of T since this process is not guaranteed to terminate. But there are also other difficulties that we now illustrate with the following linear control system:        x˙ 1 0 1 x1 0 + (6) = x˙ 2 −1 2 x2 u with states (x1 , x2 ) ∈ [−5, 5] × [−5, 5] = S and input u ∈ {−1, 0, 1} = U. The outcome of the naive approach to the construction of a finite sub-transition system of T0.5 (Σ) is displayed in Figure 1. The first observation is that terminating the process after some predetermined number n of rounds may lead to a subtransition system that is only guaranteed to be nonblocking during the first n steps. Since many control tasks require the system to run for an arbitrarily long sequence of steps this is a serious drawback of the naive approach. Moreover, the states of the constructed sub-transition system are not evenly distributed across the state space thus implying that we have a better description of the dynamics in some areas than in others. These difficulties can be avoided when a (ε, δ)-approximate sub-transition system can be found: Definition 10. Let Σ be a control system and let τ, ε ∈ R+ and a finite U ⊂ U be given. A transition system T is said to be a (ε, δ)-approximate sub-transition system if: 1. there exists a (ε, δ)-approximate simulation relation from T to Tτ (Σ); 2. Q ⊆ [Rn ]χ for some χ ∈ R+ ;

10

-4

4

4

4

4

2

2

2

2

-2

2

4

-4

-2

2

4

-4

-2

2

4

-4

-2

2

-2

-2

-2

-2

-4

-4

-4

-4

4

Fig. 1. Finite sub-transition system of the linear system (6) obtained through the naive method. States are represented by red dots while black dots represent states for which there exists a self transition. Transitions are represented by blue arrows. From left to right we have the result of the first, third, fifth and tenth simulation rounds.

3. for every p ∈ Q and l ∈ U there exists a q ∈ Q such that p

l

- q in T .

Transition system T is equipped with a (ε, δ)-approximate simulation relation to Tτ (Σ) and solves the difficulties illustrated by the previous example by guaranteeing that its state set is a subset of a lattice. When working on a compact subset of the state space, usually the case in most applications, T is in fact finite and the construction of T is guaranteed to terminate. Furthermore, T is nontrivial in the sense that for every state p of T all the transitions labeled by inputs in U are captured in T and lead to states of T . Note that when one restricts attention to a compact subset S of the state space, some states may fail to have transitions defined for every element of U. However, this is the case only when these transitions would lead to states outside S. Existence of (ε, δ)-approximate sub-transition systems is guaranteed by the SA: Theorem 2. For any control system Σ satisfying the SA, for any ε ∈ R+ , for any finite U ⊂ U and for any τ ∈ R+ such that β(ε, τ ) < ε there exists a (ε, δ)approximate sub-transition system T of Tτ (Σ). Furthermore, χ can be chosen to √ be any positive real number integrally dividing 2ε/ n and satisfying:  2 0 < χ ≤ √ ε − β(ε, τ ) , n

(7)

and the (ε, δ)-approximate simulation relation R from T to Tτ (Σ) satisfies R(Q) = Rn where Q is the state set of T . Note that the condition β(ε, τ ) < ε can always be satisfied by choosing a sufficiently large τ since β is a decreasing function of τ . √ Proof. We start by constructing T . Let ξ = 2ε/ n, assume that χ integrally n divides ξ and that it satisfies inequality (7). Let now F : Rn → 2[R ]χ be the function defined by q ∈ F (p) if p ∈ Bε−β(ε,τ ) (q). The set Q of states of T is the smallest set satisfying: 1. [Rn ]ξ ⊆ Q;

11

 2. p ∈ Q, u ∈ U and q ∈ F x(τ, p, u) for some trajectory x : [0, τ ] → Rn of Σ with u(t) = u for 0 ≤ t ≤ τ imply q ∈ Q. u The transition relation is defined by p - q if p, q ∈ Q, u ∈ U and there exists a trajectory x : [0, τ ] → Rn of Σ satisfying q ∈ F x(τ, p, u) with u(t) = u for 0 ≤ t ≤ τ . Transition system T is thus defined by T = (Q, U, - , Rn , ı : Q ,→ Rn ). The approximate simulation relation is given by (q, x) ∈ R iff kq − xk ≤ ε. Note that requirements (1) and (2) in Definition 7 are satisfied by construction if we take δ = ε. By noting that any point x ∈ Rn belongs to Bε (q) for some q ∈ [Rn ]ξ we conclude that R(Q) = Rn . We now show that R also satisfies requirement (3) u - q with u(t) = u ∈ U in Definition 7. Let (p, y) ∈ R and assume that p for 0 ≤ t ≤ τ . This implies the existence of a trajectory x of Σ satisfying q ∈ F x(τ, p, u) or equivalently kq − x(τ, p, u)k ≤ ε − β(ε, τ ). Since (p, y) ∈ R implies kp − yk ≤ ε we have, by the SA, kx(τ, p, u) − y(τ, y, k(y, x, u))k ≤ β(kp − yk, τ ) = β(ε, τ ). It then follows:

kq − y(τ, y, k(y, x, u))k ≤ kq − x(τ, p, u) + x(τ, p, u) − y(τ, y, k(y, x, u))k ≤ kq − x(τ, p, u)k + kx(τ, p, u) − y(τ, y, k(y, x, u))k ≤ ε − β(ε, τ ) + β(ε, τ ) = ε k(y,x,u) - y(τ, y, k(y, x, u)) in Tτ (Σ) with (q, y(τ, y, k(y, x, u))) ∈ thus showing y R which concludes the proof. t u

The proof of Theorem 2 is constructive since it defines how to construct the (ε, δ)-approximate sub-transition system T and the (ε, δ)-approximate simulation relation. Intuitively, the construction of T proceeds as follows. We use [Rn ] √2ε as the initial state set Q of T . This state set has the property that for n

every x ∈ Rn there exists a q ∈ Q such that x ∈ Bε (q). Starting from this iniu - p with q ∈ Q and u ∈ U. tial state set we construct all the transitions q u - p to be a transition in T we declare that However, instead of declaring q u 0 all the transitions q p , with p0 ∈ [Rn ]χ and p ∈ B √n (p0 ), are transitions χ

2

of T . It thus follows by construction that Q ⊂ [Rn ]χ since χ integrally divides χ. Moreover, when working on a compact subset S of Rn , there are only finitely many points of the lattice [Rn ]χ which are contained in S and this guarantees termination of the construction of T in a finite number of steps. Note also that the resulting transition system T is nondeterministic since for every p there exist, in general, several p0 satisfying the conditions p0 ∈ [Rn ]χ and p ∈ Bχ √n (p0 ). 2 We thus see that the construction of T consists in approximating p by several points p0 ∈ [Rn ]χ . This is only possible since we only ask for the existence of a (ε, δ)-approximate simulation relation from T to Tτ (Σ) and since we can use the feedback controller k to correct for the introduced errors when replacing p with p0 . It can also be seen from the construction of T that if S is of the form S = [−s/2, s/2]n for some s ∈ R then T will have at most ds/χen states and ds/χen |U| transitions. This exponential dependence on n is unavoidable if

12

we want to keep the resolution ε constant when n increases. We shall further comment on this fact in Section 5. The (ε, δ)-approximate simulation relation R from T to Tτ (Σ) is simply given by (q, x) ∈ R if kq − xk ≤ ε for any state q ∈ Q of T and x ∈ Rn of Tτ (Σ). Note that in this case we have δ = ε. We now return to the linear example to illustrate Theorem 2. One possible stabilizing controller for (6) is given by u = Kx = −80x1 − 20x2 which places the eigenvalues of the closed loop system at −9 and −9, respectively (the open loop eigenvalues are 1 and 1). Since the dynamics of x − y is given by: x˙ − y˙ = Ax − Ay + Bu − Bv = A(x − y) + B(u − v) we see that the controller v = u − K(x − y) can be used to enforce the SA. In order to obtain a (ε, δ)-approximate sub-transition system for ε = 1 we solve for the flow of the closed loop system and obtain kx(0.5) − y(0.5)k ≤ 0.46 for all initial conditions satisfying kx − yk ≤ 1. Using 0.46 as our estimate for β(1, 0.5) we pick χ = √22 0.5. The resulting (ε, δ)-approximate sub-transition system is displayed in Figure 2. It has 439 states while the naive approach produced a transition system with 4437 states after ten rounds. 6

6 4

-4

-2

4

-2

-6

-4

-2

2 -2 -4

-4 -6

2

2

2

2

4

4

4 2

4

6

-6

-4

-2

2 -2

-4

4

6

-4

-2

2

4

-2

-4

-6

Fig. 2. (ε, δ)-approximate sub-transition system associated with the linear system (6) √ for ε = 1 and χ = 0.5(2/ 2). From left to right we have: the (ε, δ)-approximate sub-transition system; the states of the sub-transition system belonging to [S]1 √2 rep2

resented in blue and enclosed in a circle of radius 1 while the remaining states are represented in √ red; all the states of the sub-transition system, enclosed in a circle of radius 0.5 = χ 22 ; all the states of the sub-transition system. The sates belonging to [S]χ which are not displayed are states whose transitions lead to points outside S and which have no incoming transitions.

5

Discussion

1. Instead of working with the Euclidean norm we could have constructed T and defined the (ε, δ)-simulation relation by directly using the level sets of the Lyapunov function whose existence is implied by the SA. Since given an equation of the form V˙ ≤ −α(V ) we can always transform V into another Lyapunov function U satisfying U˙ ≤ −U , we can sidestep the need

13

to estimate β. However, working directly with level sets of U increases the complexity of the computations since U is a general nonlinear function. 2. The global nature of the SA upon which Theorem 2 relies was assumed for simplicity of presentation and can be relaxed. Since we have a (ε, δ)approximate simulation relation from T to Tτ (Σ), states x ∈ Rn of T (Σ) related to states q ∈ Q of T will necessarily satisfy kq − xk ≤ ε. We can thus relax the SA by requiring that it holds only for initial conditions (x, y) ∈ Rn × Rn satisfying kx − yk ≤ ε. 3. The SA was defined in terms of the existence of a single controller k. In many situations, however, we have not only one but several controllers {ki }i∈I , each designed to track a familly of trajectories. It is clear that the conclusions of Theorem 2 still hold in this case provided that we use for β a KL function satisfying βi (r, s) ≤ β(r, s) for all i ∈ I and where βi is the KL function associated with controller ki . 4. Although for linear systems we can explicitly compute the flow for each of the inputs in U the same is no longer true in the nonlinear case. We are thus forced to resort to numerical simulation methods in order to construct T . Theorem 2 is still of value in this case since given a bound η > 0 on the ˜ (τ )k ≤ η where x ˜ is the simulated value, simulation error, that is, kx(τ ) − x the conclusions of Theorem 2 still hold provided that we choose τ such that β(ε, τ ) < ε + η. Note that such τ always exists since β(r, s) is a decreasing function of √ s. In this case, χ can be any positive real number integrally dividing 2ε/ n and satisfying:  2 0 < χ ≤ √ ε + η − β(ε, τ ) n 5. The proposed methodology enforces a constant accuracy ε on the state set of a (ε, δ)-approximate sub-transition system T by guaranteeing that it is a subset of a lattice [Rn ]χ . Although this guarantees a spatially uniform description of the dynamics of Σ, it also forces the size of T to grow exponentially with n. Since the specification may not require a spatially uniform resolution, we can instead construct specification dependent multi-resolution finite abstractions. This kind of finite abstractions is currently being investigated by the author as a lower complexity alternative to the (ε, δ)-approximate sub-transition systems introduced in this paper.

References [Art83]

Z. Artstein. Stabilization with relaxed controls. Nonlinear Analysis, Theory, Methods, and Applications, 7:1163–1173, 1983. [BMP02] A. Bicchi, A. Marigo, and B. Piccoli. On the reachability of quantized control systems. IEEE Transaction on Automatic Control, 47(4):546–563, April 2002. [BMP06] A. Bicchi, A. Marigo, and B. Piccoli. Feedback encoding for efficient symbolic control of dynamical systems. IEEE Transaction on Automatic Control, 51(6):987– 1002, June 2006.

14 [CGP99] E. M. Clarke, O. Grumberg, and D. Peled. Model Checking. MIT Press, 1999. [GP05a] A. Girard and G. Pappas. Approximate bisimulations for constrained linear systems. In Proceedings of the 44th IEEE Conference on Decision and Control, Seville, Spain, 2005. [GP05b] A. Girard and G. J. Pappas. Approximate bisimulations for nonlinear dynamical systems. In Proceedings of the 44th IEEE Conference on Decision and Control, Seville, Spain, 2005. [KB06] Marius Kloetzer and Calin Belta. Reachability analysis of multi-affine systems. In Joao P. Hespanha and Ashish Tiwari, editors, Hybrid Systems: Computation and Control 2006, volume 3927 of Lecture Notes in Computer Science, pages 348–362. Springer-Verlag, Santa Barbara, CA, USA, 2006. [LS95] Y. Lin and E.D. Sontag. Control-Lyapunov universal formulae for restricted inputs. Control: Theory and Advanced Technology, 10:1981–2004, 1995. [PLPB02] Stefania Pancanti, Laura Leonardi, Lucia Pallottino, and Antonio Bicchi. Optimal control of quantized linear systems. In Claire Tomlin and Mark R. Greenstreet, editors, Hybrid Systems: Computation and Control, Lecture Notes in Computer Sience, pages 351–363. Springer-Verlag, 2002. [Tab06] P. Tabuada. An approximate simulation approach to symbolic control. 2006. Submitted for publication. Available at http://www.ee.ucla.edu/∼tabuada. [Tab07] Paulo Tabuada. Symbolic models for control systems. Acta Informatica, 2007. Accepted for publication. Available at http://www.ee.ucla.edu/∼tabuada. [TP06] P. Tabuada and G. J. Pappas. Linear Time Logic control of discrete-time linear systems. IEEE Transactions on Automatic Control, 51(12):1862–1877, 2006.

Recommend Documents