Logics for Hybrid Systems J. M. DAVOREN, MEMBER, IEEE, AND ANIL NERODE, MEMBER, IEEE Invited Paper Hybrid systems are heterogenous dynamical systems charac- terized by interacting continuous and discrete dynamics. Such mathematical models have proved fruitful in a great diversity of engineering applications, including air-traffic control, automated manufacturing, and chemical process control. The high-profile and safety-critical nature of the application areas has fostered a large and growing body of work on formal methods for hybrid systems: mathematical logics, computational models and methods, and computer-aided reasoning tools supporting the formal speci- fication and verification of performance requirements for hybrid systems, and the design and synthesis of control programs for hybrid systems that are provably correct with respect to formal specifications. This paper offers a synthetic overview of, and original contributions to, the use of logics and formal methods in the analysis of hybrid systems. Keywords—Automata, computer-aided analysis, com- puter-aided software engineering, design automation, formal languages, hybrid control systems, logic, software verification, temporal logic. I. INTRODUCTION A basic hybrid dynamical system is one whose state may either evolve continuously for some duration of time according to one set of differential equations or be abruptly reset to a new value from which evolution is governed by another set of differential equations, with the switches typically triggered by the occurrence of some discrete event. The coordinate variables of the state may take their values in the real numbers or in a discrete (usually finite) set. The hybrid phenomena captured by such mathematical models is manifested in a great diversity of complex engineering ap- plications, including air-traffic control, automotive control, robotics, automated manufacturing, and chemical process Manuscript received October 18, 1999; revised March 14, 2000. This work was supported by U.S. ARO under Grant DAA H04-96-1-0341. The work of J. M. Davoren was supported by U.S. ONR under Grant N 00014-98-1-0535. J. M. Davoren is with the Computer Sciences Laboratory, Research School of Information Sciences and Engineering, Australian National University, Canberra, Australia (e-mail: j.m.davoren@anu.edu.au). A. Nerode is with the Department of Mathematics, Cornell University, Ithaca, NY 14853 USA (e-mail: anil@math.cornell.edu). Publisher Item Identifier S 0018-9219(00)06456-2. control, as illustrated in companion papers in this special issue. The last decade has seen considerable research effort in both computer science and control theory directed at the study of mixed discrete and continuous systems [1]–[10]. In particular, the high-confidence and safety-critical nature of the application areas has fostered a large and growing body of work on formal methods for hybrid systems: mathematical logics, computational models and methods, and computer-aided reasoning tools supporting the formal specification and verification of performance requirements for hybrid systems, and the design and synthesis of control structures for hybrid systems that are provably correct with respect to formal specifications. Broadly stated, formal methods are a means to mathematicize, and thence to mech- anize, or render computational, what it means for a system design to “get it right”: to correctly implement or satisfy precisely stated, unambiguous performance specifications. This paper offers a tutorial survey and a fresh perspective on the use of logics and formal methods in the analysis and synthesis of hybrid control systems. A. Overview: Logics and Formal Methods for Hybrid Systems The theory and practice of formal methods in the anal- ysis of computer hardware and software is well established. The field has been active for over 30 years, and has more recently enjoyed some industrial and commercial success; the recent survey paper [11] gives an overview. Hardware systems and software programs are traditionally modeled as purely discrete systems: state variables take their values in discrete (finite or countable) sets, and state transitions are modeled as occurring in a discrete, step-wise fashion. The elementary system model is that of a finite-state automaton, the mathematics of which forms the core theory of computer science. Within the discrete realm, these sequential state ma- chines have been enriched in many and various ways to incor- porate features of reactive, concurrent, and distributed com- puter systems. In the move to real-time and hybrid systems, researchers in the computer science tradition have similarly sought to extend formal methods by enriching their system 0018–9219/00$10.00 © 2000 IEEE PROCEEDINGS OF THE IEEE, VOL. 88, NO. 7, JULY 2000 985