Numerically-aided Deductive Safety Proof for a Powertrain Control System

The use of deductive techniques, such as theorem provers, has several advantages in safety verification of hybrid systems. There is often a gap, however, between the type of assistance that a theorem prover requires to make progress on a proof task and the assistance that a system designer is able to provide. To address this deficiency we present an extension to the deductive verification framework of differential dynamic logic that allows the theorem prover KeYmaera to locally reason about behaviors by leveraging forward invariant sets provided by external methods, such as numerical techniques and designer insights. Our key contribution is a new inference rule, the forward invariant cut rule, introduced into the proof calculus of KeYmaera. We demonstrate the cut rule in action on an example involving an automotive powertrain control systems, in which we make use of a simulation-driven numerical technique to compute a local barrier function.