Symbolic Robustness Analysis

A key feature of control systems is robustness, the property that small perturbations in the system inputs cause only small changes in its outputs. Robustness is key to designing systems that work under uncertain or imprecise environments. While continuous control design algorithms can explicitly incorporate robustness as a design goal, it is not clear if robustness is maintained at the software implementation level of the controller: two ``close´´ inputs can execute very different code paths which may potentially produce vastly different outputs. We present an algorithm and a tool to characterize the robustness of a control software implementation. Our algorithm is based on symbolic execution and non-linear optimization, and computes the maximum difference in program outputs over all program paths when a program input is perturbed. As a by-product, our algorithm generates a set of test vectors which demonstrate the worst-case deviations in outputs for small deviations in inputs. We have implemented our approach on top of the Splat test generation tool and we describe an evaluation of our implementation on two examples of automotive control code.