Stochastic Formal Methods for Hybrid Systems

We provide a framework to bound the probability that accumulated errors were never above a given threshold on hybrid systems. Such systems are used for example to model an aircraft or a nuclear power plant on one side and its software on the other side. This report contains a simple formula based on Lévy’s and Markov’s inequalities and it continues a formal theory of random variables with a special focus on producing concrete results. About a fourth of the bits of all the results of our archetype application remain continuously significant with a probability of failure of one against almost a billion, where worst case analysis considers that no significant bit remains. We are using PVS as such formal tools force explicit statement of all hypotheses and prevent incorrect uses of theorems. As our theorem contains hypotheses on the individual errors, we introduce Hoeffding’s inequality and Kolmogorov-Smirnov’s test to check that the hypotheses are almost certainly satisfied. The test can also be used to outline sources of errors that need to be analyzed in more details.