3.1 Hybrid Systems Modeling

Systems industries today make extensive use of mathematical modeling tools to design computer controlled physical systems. This class of tools addresses the modeling of physical systems with models that are simpler than usual scientific computing problems by using only Ordinary Differential Equations (ODE) and Difference Equations but not Partial Differential Equations (PDE). This family of tools first emerged in the 1980's with SystemBuild by MatrixX (now distributed by National Instruments) followed soon by Simulink by Mathworks, with an impressive subsequent development.

In the early 90's control scientists from the University of Lund (Sweden) realized that the above approach did not support component based modeling of physical systems with reuse 1. For instance, it was not easy to draw an electrical or hydraulic circuit by assembling component models of the various devices. The development of the Omola language by Hilding Elmqvist was a first attempt to bridge this gap by supporting some form of Differential Algebraic Equations (DAE) in the models. Modelica quickly emerged from this first attempt and became in the 2000's a major international concerted effort with the Modelica Consortium. A wider set of tools, both industrial and academic, now exists in this segment 2. In the Electronic Design Automation (EDA) sector, VHDL-AMS was developed as a standard 65 and also enables the use of differential algebraic equations. Several domain-specific languages and tools for mechanical systems or electronic circuits also support some restricted classes of differential algebraic equations. Spice is the historic and most striking instance of these domain-specific languages/tools 3. The main difference is that equations are hidden and the fixed structure of the differential algebraic results from the physical domain covered by these languages.

Despite the fact that these tools are now widely used by a number of engineers, they raise a number of technical difficulties. The meaning of some programs, their mathematical semantics, is indeed ambiguous. A main source of difficulty is the correct simulation of continuous-time dynamics, interacting with discrete-time dynamics: How the propagation of mode switchings should be handled? How to avoid artifacts due to the use of a global ODE solver causing unwanted coupling between seemingly non interacting subsystems? Also, the mixed use of an equational style for the continuous dynamics with an imperative style for the mode changes and resets, is a source of difficulty when handling parallel composition. It is therefore not uncommon that tools return complex warnings for programs with many different suggested hints for fixing them. Yet, these “pathological” programs can still be executed, if wanted so, giving surprising results — See for instance the Simulink examples in  30, 23 and  24.

Indeed this area suffers from the same difficulties that led to the development of the theory of synchronous languages as an effort to fix obscure compilation schemes for discrete time equation based languages in the 1980's. Our vision is that hybrid systems modeling tools deserve similar efforts in theory as synchronous languages did for the programming of embedded systems.

3.2 Background on non-standard analysis

Non-Standard analysis plays a central role in our research on hybrid systems modeling 23, 30, 25, 24, 27, 3. The following text provides a brief summary of this theory and gives some hints on its usefulness in the context of hybrid systems modeling. This presentation is based on our paper 2, a chapter of Simon Bliudze's PhD thesis 37, and a recent presentation of non-standard analysis, not axiomatic in style, due to the mathematician Lindström 90.

Non-standard numbers allowed us to reconsider the semantics of hybrid systems and propose a radical alternative to the super-dense time semantics developed by Edward Lee and his team as part of the Ptolemy II project, where cascades of successive instants can occur in zero time by using ${ℝ}_{+}\times \mathbb{N}$ as a time index. In the non-standard semantics, the time index is defined as a set $𝕋=\{n\partial \mid n\in {}^{*}\mathbb{N}\}$, where $\partial$ is an infinitesimal and ${}^{*}\mathbb{N}$ is the set of non-standard integers. Remark that (1) $𝕋$ is dense in ${ℝ}_{+}$, making it “continuous”, and (2) every $t\in 𝕋$ has a predecessor in $𝕋$ and a successor in $𝕋$, making it “discrete”. Although it is not effective from a computability point of view, the non-standard semantics provides a framework that is familiar to the computer scientist and at the same time efficient as a symbolic abstraction. This makes it an excellent candidate for the development of provably correct compilation schemes and type systems for hybrid systems modeling languages.

Non-standard analysis was proposed by Abraham Robinson in the 1960s to allow the explicit manipulation of “infinitesimals” in analysis 84, 56, 52. Robinson's approach is axiomatic; he proposes adding three new axioms to the basic Zermelo-Fraenkel (ZFC) framework. While the need for non-standard analysis (in addition to the usual or standard analysis) has long agitated the mathematical community, it is not our purpose to debate such aspects. The important thing for us is that non-standard analysis allows the use of the non-standard discretization of continuous dynamics “as if” it was operational.

Not surprisingly, such an idea is not novel. Iwasaki et al. 67 first proposed using non-standard analysis to discuss the nature of time in hybrid systems. Bliudze and Krob 36, 37 have also used non-standard analysis as a mathematical support for defining a system theory for hybrid systems. They discuss in detail the notion of “system” and investigate computability issues. The formalization they propose closely follows that of Turing machines, with a memory tape and a control mechanism.

3.3 Structural Analysis of DAE Systems

The Modelica language is based on Differential Algebraic Equations (DAE). The general form of a DAE is given by:

where $F$ is a system of $n_e$ equations $\{f_1,\cdots ,f_{n_e}\}$ and $x$ is a finite list of $n_v$ independent real-valued, smooth enough, functions $\{x_1,\cdots ,x_{n_v}\}$ of the independent variable $t$. We use $x^{\text{'}}$ as a shorthand for the list of first-order time derivatives of $x_j$, $j=1,\cdots ,n_v$. High-order derivatives are recursively defined as usual, and $x^{\left(k\right)}$ denotes the list formed by the $k$-th derivatives of the functions $x_j$. Each $f_i$ depends on the scalar $t$ and some of the functions $x_j$ as well as a finite number of their derivatives.

Let ${\sigma }_{i,j}$ denote the highest differentiation order of variable $x_j$ effectively appearing in equation $f_i$, or $-\infty$ if $x_j$ does not appear in $f_i$. The leading variables of $F$ are the variables in the set

The state variables of $F$ are the variables in the set

A leading variable $x_j^{\left({\sigma }_j\right)}$ is said to be algebraic if ${\sigma }_j=0$ (in which case, neither $x_j$ nor any of its derivatives are state variables). In the sequel, $v$ and $u$ denote the leading and state variables of $F$, respectively.

DAE are a strict generalization of ordinary differential equations (ODE), in the sense that it may not be immediate to rewrite a DAE as an explicit ODE of the form $v=G\left(u\right)$. The reason is that this transformation relies on the Implicit Function Theorem, requiring that the Jacobian matrix $\frac{\partial F}{\partial v}$ to be full rank. This is, in general, not the case for a DAE. Simple examples, like the two-dimensional fixed-length pendulum in Cartesian coordinates 81, exhibit this behaviour.

For a square DAE of dimension $n$ (i.e., we now assume $n_e=n_v=n$) to be solved in the neighborhood of some $(v^{*},u^{*})$, one needs to find a set of non-negative integers $C=\{c_1,\cdots ,c_n\}$ such that system

can locally be made explicit, i.e., the Jacobian matrix of $F^{\left(C\right)}$ with respect to its leading variables, evaluated at $(v^{*},u^{*})$, is nonsingular. The smallest possible value of ${max}_i{c}_i$ for a set $C$ that satisfies this property is the differentiation index 44 of $F$, that is, the minimal number of time differentiations of all or part of the equations $f_i$ required to get an ODE.

In practice, the problem of automatically finding a minimal solution $C$ to this problem quickly becomes intractable. Moreover, the differentiation index may depend on the value of $(v^{*},u^{*})$. This is why, in lieu of numerical nonsingularity, one is interested in the structural nonsingularity of the Jacobian matrix, i.e., its almost certain nonsingularity when its nonzero entries vary over some neighborhood. In this framework, the structural analysis (SA) of a DAE returns, when successful, values of the $c_i$ that are independent from a given value of $(v^{*},u^{*})$.

A renowned method for the SA of DAE is the Pantelides method; however, Pryce's $\Sigma$-method is introduced also in what follows, as it is a crucial tool for our works.

3.4 Contract-Based Design, Interfaces Theories, and Requirements Engineering

System companies such as automotive and aeronautic companies are facing significant difficulties due to the exponentially raising complexity of their products coupled with increasingly tight demands on functionality, correctness, and time-to-market. The cost of being late to market or of imperfections in the products is staggering as witnessed by the recent recalls and delivery delays that many major car and airplane manufacturers had to bear in the recent years. The root causes of these design problems are complex and relate to a number of issues ranging from design processes and relationships with different departments of the same company and with suppliers, to incomplete requirement specification and testing.

We believe the most promising means to address the challenges in systems engineering is to employ formal design methodologies that seamlessly and coherently combine the various viewpoints of the design space (behavior, time, energy, reliability, ...), that provide the appropriate abstractions to manage the inherent complexity, and that can provide correct-by-construction implementations. The following issues must be addressed when developing new approaches to the design of complex systems:

• The overall design flows for heterogeneous systems and the associated use of models across traditional boundaries are not well developed and understood. Relationships between different teams inside a same company, or between different stake-holders in the supplier chain, are not supported by precise mathematical specifications of the components each party is expected to deliver.
• System requirements capture and analysis is in large part a heuristic process, where informal text and natural language-based techniques in use today are facing significant challenges 70. Formal requirements engineering is in its infancy: mathematical models, formal analysis techniques and links to system implementation must be developed.
• Dealing with variability, uncertainty, and life-cycle issues, such as extensibility of a product family, are not well-addressed using available systems engineering methodologies and tools.

The challenge is to address the entire process and not to consider only local solutions of methodology, tools, and models that ease part of the design.

Contract-based design has been proposed as a new approach to the system design problem that is rigorous and effective in dealing with the problems and challenges described before, and that, at the same time, does not require a radical change in the way industrial designers carry out their task as it cuts across design flows of different types. Indeed, contracts can be used almost everywhere and at nearly all stages of system design, from early requirements capture, to embedded computing infrastructure and detailed design involving circuits and other hardware. Intuitively, a contract captures two properties, respectively representing the assumptions on the environment and the guarantees of the system under these assumptions. Hence, a contract can be defined as a pair $C=(A,G)$ of assumptions and guarantees characterizing in a formal way 1) under which context the design is assumed to operate, and 2) what its obligations are. Assume/Guarantee reasoning has been known for a long time, and has been used mostly in software engineering 79. However, contract-based design is not limited to types and values in a piece of software. It can also be used to capture its performances (time, memory consumption, energy) and reliability. This amounts to enrich a component's interface with, on one hand, formal specifications of the behavior of the environment in which the component may be instantiated and, on the other hand, of the expected behavior of the component itself. To leverage contract-based reasoning as a technique of choice for system engineers, we aim to develop:

• mathematical foundations of contracts, that enable the design of formal verification frameworks;
• System engineering methodologies and tools, that focus on requirements modeling, contract specification and verification, at multiple abstraction levels.

A detailed bibliography on contract and interface theories for embedded system design can be found in 5. In a nutshell, contract and interface theories fall into two main categories:

• Assume/guarantee contracts.
  By explicitly relying on the notions of assumptions and guarantees, A/G-contracts are intuitive. This makes them appealing for the engineer. In A/G-contracts, assumptions and guarantees are just properties regarding the behavior of a component and of its environment. The typical case is when these properties are formal languages or sets of traces. This includes the class of safety properties 71, 48, 77, 21, 50. Contract theories were initially developed as specification formalisms able to refuse some inputs from the environment 57. A/G-contracts were advocated in 26 and are is still a very active research topic, with several contributions dealing with the timed 34 and probabilistic 40, 41 viewpoints in system design, and even hybrid systems design 80.
• Automata theoretic interfaces.
  Interfaces combine assumptions and guarantees in a single, automata theoretic specification. Most interface theories are based on Lynch's Input/Output Automata 76, 75. Interface Automata 17, 16, 18, 46 focus primarily on parallel composition and compatibility: two interfaces are compatible if there exists at least one environment where they can work together. The idea is that the resulting composition exposes as an interface the needed information to ensure that incompatible pairs of states cannot be reached. This can be achieved by using the possibility, for an Interface Automaton, to refuse some inputs from the environment in a given state. This amounts to the implicit assumption that the environment will never produce any of the refused inputs, when the interface is in this state. Modal Interfaces 83 inherit from both Interface Automata and the originally unrelated notion of Modal Transition System 73, 20, 38, 72. Modal Interfaces are strictly more expressive than Interface Automata by decoupling the I/O orientation of an event and its deontic modalities (mandatory, allowed or forbidden). Informally, a must transition is offered in every component that realizes the modal interface, while a may transition is optional. Research on interface theories is still very active. For instance, timed 19, 31, 33, 54, 53, 32, probabilistic 40, 55 and energy-aware 47 interface theories have been proposed recently.

Requirements Engineering is one of the major concerns in large systems industries today, particularly so in sectors where certification prevails 85. Most requirements engineering tools offer a poor structuring of the requirements and cannot be considered as formal modeling frameworks today. They are nothing less, but nothing more than an informal structured documentation enriched with hyperlinks.

We see Contract-Based Design and Interfaces Theories as innovative tools in support of Requirements Engineering. The Software Engineering community has extensively covered several aspects of Requirements Engineering, in particular:

• the development and use of large and rich ontologies; and
• the use of Model Driven Engineering technology for the structural aspects of requirements and resulting hyperlinks (to tests, documentation, PLM, architecture, and so on).

Behavioral models and properties, however, are not properly encompassed by the above approaches. This is the cause of a remaining gap between this phase of systems design and later phases where formal model based methods involving behavior have become prevalent. We believe that our work on contract-based design and interface theories is best suited to bridge this gap.

3.5 Efficient Symbolic Computation for Sparse Systems

This project consists in exploiting the parsimony of sparse systems to accelerate their symbolic manipulation (quantifiers elimination 51, differential-algebraic reductions 86 etc.). Let us cite two typical examples as a motivation: Boolean functions ($a\vee b\wedge \neg c$) and polynomial systems with inequalities ($x^2+y\le 1\wedge x+y=0$). We seek precisely to decompose these systems, automatically, in order to be able to manipulate them at an advantageous computational cost (in time and in memory) by attacking the pieces thus obtained rather than considering the system as a single monolithic block.

The current algorithms suffer from a theoretical complexity that is at best exponential (in the size of the input) limiting their use to instances of very modest size. The classic approach to overcome this problem is to develop/use numerical methods (with their limits and intrinsic problems) when possible of course. We aim to explore a different avenue.

In this project, we wish to exploit the structure of sparse systems to push the symbolic approach beyond its theoretical limits. The a priori limited application of our methods for dense systems is compensated by the fact that in practice, the problems are very often structured (in this regard, let us content ourselves with quoting the SAT solvers which successfully tackle industrial instances of a theoretically NP-complete problem).

The idea of exploiting the structure to speed up calculations that are a priori complex is not new. It has notably been developed and successfully used in signal processing via Factor Graphs 74, where one restricts oneself to local propagation of information, guided by an abstract graph which represents the structure of the system overall. Our approach is similar: we basically seek to use expensive algorithms sparingly on only subsystems involving only a small number of variables, thus hoping to reduce the theoretical worst case. One could then legitimately wonder why it is not enough to apply what has already been done on Factor Graphs? The difficulty (and the novelty for that matter) lies in the implementation of this idea for the problems that interest us. Let's start by emphasizing that the propagation of information has a significantly different impact depending on the operator (or quantifier) to be eliminated: a minimization or a summation do not look like a projection at all! This will obviously not prevent us from importing good ideas applicable to our problems and vice versa.

More related to symbolic computation, to our knowledge, at least two recent attempts exist: chordal networks 49 which propose a representation of the ideals of the ring of polynomials (therefore algebraic sets), and triangular block shapes 88, initiated independently and under development in our team and which tackle Boolean functions, or, if you will, the algebraic sets over the field of Booleans. The similarity between the two approaches is striking and suggests that there is a common way of doing things that could be exploited beyond these two examples. It is this unification that interests us in the first place in this project.

We identify three research problems to explore:

• T1.
  Unify several optimization problems on graphs as a single problem parameterized by a cost function, we coin such a problem WAP, for weighted adjacency propagation.
• T2.
  Adapt (and possibly improve) the algorithm of 87 to WAP and consequently to all instances of the single problem detailed in T1.
• T3.
  Propose a unified and modular method consisting of: (1) an elimination algorithm, (2) a data structure and (3) an efficient algorithm to solve the problem (with an adequate cost function).

The work on chordal networks and our work on Boolean functions immediately become special cases. For example, for Boolean functions, one could use Binary Decision Diagrams (BDDs) 39 to represent each piece of the initial system. In fact, the final representation will no longer be a single monolithic BDD as is currently the case, but rather a graph of BDDs. In the same way, an algebraic set will be represented by a graph where each node is a Gröbner basis (or any other data structure used to represent systems of equations).

The structure of the system becomes thus apparent and is exploited to optimize the used representation, opening the way to a better understanding and therefore to a more efficient and better targeted manipulation. Let's remember a simple fact here: symbolic manipulation often solves the problem exactly (without approximation or compromise). Therefore, pushing the limits of applicability of these techniques to scale them can only be appreciated and will undoubtedly have a significant impact on all the areas where they apply and the list is as long as it is varied. (compilation, certification, validation, synthesis, etc.).

4.1 Modelica

Mathematical modeling tools are a considerable business, with major actors such as MathWorks, with Matlab/Simulink, or Wolfram, with Mathematica. However, none of these prominent tools are suitable for the engineering of large systems. The Modelica language has been designed with this objective in mind, making the best of the advantages of DAEs to support a component-based approach. Several industries in the energy sector have adopted Modelica as their main systems engineering language.

Although multimode features have been introduced in version 3.3 of the language 59, proper tool support of multimode models is still lagging behind. The reason is not a lack of interest from tool vendors and academia, but rather that multimode DAE systems poses several fundamental difficulties, such as a proper definition of a concept of solutions for multimode DAEs, how to handle mode switchings that trigger a change of system structure, or how impulsive variables should be handled. Our work on multimode DAEs focuses on these crucial issues 28.

Thanks to our IsamDAE software 43, 42, a larger class of Modelica models are expected to be compiled and simulated correctly. This should enable industrial users to have cleaner and simpler multimode Modelica models, with dynamically changing structure of cyberphysical systems. On the longer term, our ambition is to provide efficient code-generation techniques for the Modelica language, supporting, in full generality, multimode DAE systems, with dynamically changing differentiation index, structure and dimension.

The Hycomes team also focuses on scalability problems related to the compilation and simulation of large Modelica models. Digital twins developed by industrial Modelica users in the energy sector tend to be extremely large models, with up to ${10}^6$ equations. State-of-the-art Modelica compilers can not handle such models and users are forced to partition their model into smaller parts and use complex co-simulation techniques to produce executable digital twins. This puts a heavy burden on digital twin developers, since both the partitioning and the implementation of cosimulation methods are manual, finely tailored to the model, and require a high degree of expertise.

The Hycomes team is working on a new generation of algorithms for the compilation of the Modelica language, that can scale up to large models. The key contributations are modular index-reduction 4 and block-triangular equation sorting algorithms, that can be applied to incomplete (rectangular) DAE systems.

4.2 Dynamical Systems Verification

In addition to well-defined operational semantics for hybrid systems, one often needs to provide formal guarantees about the behavior of some critical components of the system, or at least its main underlying logic. To do so, we are actively developing new techniques to automatically verify whether a hybrid system complies with its specifications, and/or to infer automatically the envelope within which the system behaves safely. The approaches we developed have been already successfully used to formally verify the intricate logic of the ACAS X, a mid-air collision avoidance system that advises the pilot to go upward or downward to avoid a nearby airplane which requires mixing the continuous motion of the aircraft with the discrete decisions to resolve the potential conflict 68. This challenging example is nothing but an instance of the kind of systems we are targeting: autonomous smart systems that are designed to perform sophisticated tasks with an internal tricky logic. What is even more interesting perhaps is that such techniques can be often "reverted" to actually synthesize missing components so that some property holds, effectively helping the design of such complex systems.

7.1 New software

8.1 A Modular Structural Analysis of DAE Systems

Participants: Albert Benveniste, Benoît Caillaud, Mathias Malandain.

In 29, a new modular structural analysis algorithm has been proposed that takes full advantage of the object tree structure of a DAE model. The bedrock of this method is a novel concept of structural analysis-aware interface for components. The essence of a component interface is to capture the necessary information about a Modelica class that needs to be exposed, in order to perform the structural analysis of a component comprising instances of the former class, while hiding away useless information regarding the equations and all protected features it may contain.

In order to compute a component interface, one has to be able to perform the structural analysis of the possibly non-square DAE system that this component encapsulates, and to use the interfaces of the components it aggregates in this analysis. We base our algorithm on Pryce's $\Sigma$-method for index reduction 82, which essentially consists in the successive solving of two dual linear integer programs. The striking difference with Pryce's algorithm is that these problems are solved by parts, in a scalable manner.

Putting all of this together, it is then possible to perform a modular structural analysis, in which structural analysis is performed at the class level, and the results can then be instantiated for each component of the system model, knowing its context. Hence, structural information at the system level is derived from composing the result of component-level analysis. Modular structural analysis yields huge gains in terms of memory usage and computational costs, as the analysis of a single large-scale DAE is replaced with that of multiple smaller subsystems. Moreover, the analysis is performed at the class level, meaning that a single structural analysis is needed for all system components that are instances of the same class.

In 2024, the modular structural analysis algorihtm has been fully implemented (see Section 7.1.2) and tested against several scalability benchmarks from the literature 45, 78. This experimental work confirms that the algorithm has an empirical complexity that is logarithmic in the size of the model, provided the model has a low tree-width, as it is often the case for energy network infrastructures.

8.2 Fault Diagnosability Analysis of Multi-Mode Systems

Participants: Benoît Caillaud, Mathias Malandain.

This work has been conducted in collaboration with the University of Linköping (Sweden) on the topic of system diagnosis, based on multimode DAE systems.

Fault detection and diagnosis are important for the health monitoring of physical systems. Model-based approaches for single-mode, smooth, systems are a well-established field, supported by a large body of literature covering various approaches like structural methods 35, parity space techniques, and observer-based methods 66.

While single-mode systems are often described using differential algebraic equations (DAEs), the modeling of non-smooth physical systems yields switched DAEs, also known as multimode DAEs (mDAEs), which combine continuous behaviors, defined as solutions of a set of DAE systems, with discrete mode changes 89, 28. Direct application of traditional fault diagnosis methods to all possible configurations of multi-mode systems quickly becomes intractable, as the number of modes tends to be exponential in the size of the system. The method proposed by 69 works around this issue by coupling a mode estimation algorithm with a single-mode diagnosis methodology, akin to just-in-time compilation in computer science. This approach unfortunately puts the burden on solving mode estimation problems, which often turn out to be intractable for the same reason.

Structural fault detectability and isolability are a graph-based method to evaluate diagnosability properties on DAEs 62. It is based on the Dulmage-Mendelsohn decomposition (DM), a building block of the structural analysis of equation systems. In 11, we show how its extension to multimode systems, introduced in 4, can be applied in the context of structural fault detectability and isolability of mmDAEs 64. Building upon our previous research studies, the methods presented in this paper represent advancements in diagnostic methodologies for multi-mode systems, providing novel ways to study the diagnosability of multi-mode systems without enumerating their modes.

The case study used throughout this article is a model of a reconfigurable battery system, in which switching strategies enable to produce an AC output without relying on a central inverter 22. This model is parameterized by the number of battery cells, so that both the inherent complexity associated with the diagnostics of such systems and the scalability of our approaches can be addressed.

8.3 Automated Reasoning For The Existence Of Darboux Polynomials

Participants: Maxime Bridoux, Khalil Ghorbal.

Darboux polynomials are particular algebraic invariants that play an important role in the integrability theory of ordinary differential equations (ODEs). Computation of Darboux polynomials is a central problem in the Prelle-Singer procedure for computing elementary first integrals of planar systems of polynomial ODEs [12], which yields a systematic method for computing elementary closed-form solutions (whenever these exist) to an important class of ordinary differential equations. Owing to this important application, algorithms for generating Darboux polynomials have received considerable attention in computer algebra. More recently, Darboux polynomials have found application in the area of formal safety verification of cyber-physical systems, where the problem of their automatic generation is encountered in the broader context of searching for invariant (and positively invariant) sets.

Darboux generation algorithms are semi-decision procedures enumerating all Darboux polynomials up to a certain fixed bound on the total degree. The bound is eventually increased until finding a (not necessarily irreducible) Darboux polynomial or reaching memory and/or time limits. Theoretically, the existence of a bound on the total degree of irreducible Darboux polynomials is, as of today, an open problem when $n\ge 3$. Even when such theoretical bound exists, it is easily seen that it depends non trivially not only on the total degrees of the polynomials defining the ODE but also on their coefficients, making the task of estimating an upper bound even harder.

Given a polynomial ordinary differential equation (ODE), we devise generic polynomial reduction algorithms to automatically investigate the intertwined relationship between the total degree of (nontrivial) Darboux polynomials and the polynomials defining the ODE. By generic we mean that both the coefficients and the multidegree of the involved polynomials are symbolic. We use Newton polytopes as a light-weight abstraction to select optimal weight monomial orders improving the efficiency of the involved computations. The method works by inferring necessary conditions on both the coefficients and the multidegree for the polynomial to be Darboux. These conditions are then used, via constants' propagation, to restrict the shape of the generic candidate, pinpointing which monomials ought to be preserved by removing the superfluous ones. In some relevant cases, we are able to automatically prove the nonexistence of (nontrivial) Darboux polynomials providing a new toolbox to prove and formally certify that some limit cycles are not algebraic. 10

8.4 Solution concepts for linear piecewise affine or switched differential-algebraic equations

Participants: Yahao Chen.

The standard approach for dealing with (continuous) differential-algebraic equations (DAEs) is to solve the algebraic constraints—either manually or with the aid of computer algebra systems—in terms of a subset of the variables. These solutions are then substituted into the remaining differential equations, which results in a lower-dimensional ordinary differential equation (ODE). However, this approach does not account for the response to inconsistent initial conditions. Additionally, the presence of discontinuities complicates the global solution of the algebraic constraints, as different constraints may be active in different regions of the state-space. This leads to locally defined ODEs with different sets of variables, creating ambiguity in how solutions should be “glued” together when their variables differ. As a result, there is currently no theoretical foundation for studying discontinuous DAEs. Without such a foundation, subsequent studies—such as numerical simulations, stability analyses, and controller designs—lack a sound justification.

As a starting point for investigating discontinuous DAEs, we focus on linear piecewise affine systems (PWA-DAEs), described by ${\Delta }_i:E_i\dot{x}=A_{i}x+b_i,x\in {𝒳}_i$, where ${𝒳}_i\subseteq {ℝ}^n$ denotes the region in which mode ${\Delta }_i$ is active. The challenge in defining solutions for PWA-DAEs is twofold. First, there is the issue of handling jumps or inconsistent initializations during mode transitions. The conventional method for defining the re-initialization point in continuous DAEs uses a consistency projector 89. However, the point determined by this projector may conflict with the activation regions of the PWA-DAEs. Second, there is the problem of describing boundary behaviors when trajectories intersect the boundaries of these regions. In our work 9, we introduce the concept of a state-dependent jump path. Unlike the traditional view that treats jumps as discrete-time events, we interpret them as continuous dynamics, parameterized by a virtual time variable. By adapting the hybrid time-domain solution theory for continuous-discrete hybrid systems, we define jump-flow solutions for PWA-DAEs, using Filippov solutions for differential inclusions. Finally, we explore various boundary behaviors of jump-flow solutions to develop a comprehensive solution framework for PWA-DAEs.

8.5 Pacti: Assume-Guarantee Contracts for Efficient Compositional Analysis and Design

Participants: Albert Benveniste, Benoît Caillaud.

Contract-based design is a method to facilitate modular design of systems. While there has been substantial progress in the theory of contracts, there has been less progress on practical algorithms for the algebraic operations in the theory. In this paper, we present (1) principles to implement a contract-based design tool at scale and (2) Pacti, a tool that can efficiently compute these operations. We illustrate the use of Pacti in a variety of case studies. 8

9.1 International initiatives

9.2 European initiatives

9.3 National initiatives

Participants: Benoît Caillaud, Mathias Malandain.

The Hycomes team is currently involved in the development of a digital twin of part of Line B of the Rennes subway. These works are carried out in collaboration with the I4S team (Inria, Rennes and Gustave Eiffel University, Nantes, France).

Focusing on a portion of the viaduct for line B, the considered subsystem consists of the concrete rollways, the electric supply and guiding rails, the defrosting/heating elements embedded in the rollways, and the electric control stations. Its digital twin is designed to predict the heating requirements for defrosting the outdoor subway track and send energy-optimal heating commands to the control stations. It is made of a finite element model of heat balance (diffusion, convection and radiation coupling) in the viaduct, interacting with a 3D environmental model (for drop shadows), measurements (real-time data from thermocouples and weather stations), weather forecasts, and a model of the heating control system. Physical modeling and software architecture are carried out by Benoît Caillaud and Mathias Malandain , as well as Jean Dumoulin and Thibaud Toullier (Gustave Eiffel University), with the involvement of Siemens Mobility (designer and manufacturer) and Keolis (operator).

The purpose of this digital twin, seen as a research artifact, is to be used as a testbed for model-based optimization and health monitoring techniques to be developed jointly between the I4S and Hycomes teams.

10.1 Promoting scientific activities

10.2 Teaching - Supervision - Juries

11.1 Major publications

• 1 articleA.Albert Benveniste, T.Timothy Bourke, B.Benoît Caillaud, J.-L.Jean-Louis Colaço, C.Cédric Pasteur and M.Marc Pouzet. Building a Hybrid Systems Modeler on Synchronous Languages Principles.Proceedings of the IEEE1069September 2018, 1568--1592HALDOI
• 2 articleA.Albert Benveniste, T.Timothy Bourke, B.Benoît Caillaud and M.Marc Pouzet. Non-standard semantics of hybrid systems modelers.Journal of Computer and System Sciences783This work was supported by the SYNCHRONICS large scale initiative of INRIA2012, 877-910HALDOIback to text
• 3 articleA.Albert Benveniste, B.Benoît Caillaud and M.Mathias Malandain. The mathematical foundations of physical systems modeling languages.Annual Reviews in Control502020, 72-118HALDOIback to text
• 4 articleA.Albert Benveniste, B.Benoît Caillaud, M.Mathias Malandain and J.Joan Thibault. Algorithms for the Structural Analysis of Multimode Modelica Models.Electronics1117September 2022, 1-63HALDOIback to textback to text
• 5 articleA.Albert Benveniste, B.Benoît Caillaud, D.Dejan Nickovic, R.Roberto Passerone, J.-B.Jean-Baptiste Raclet, P.Philipp Reinkemeier, A.Albert Sangiovanni-Vincentelli, W.Werner Damm, T.Thomas Henzinger and K. G.Kim G. Larsen. Contracts for System Design.Foundations and Trends in Electronic Design Automation122-32018, 124-400HALDOIback to text
• 6 articleJ.-B.Jean-Baptiste Jeannin, K.Khalil Ghorbal, Y.Yanni Kouskoulas, A.Aurora Schmidt, R.Ryan Gardner, S.Stefan Mitsch and A.André Platzer. A Formally Verified Hybrid System for Safe Advisories in the Next-Generation Airborne Collision Avoidance System.International Journal on Software Tools for Technology Transfer196November 2017, 717-741HALDOI
• 7 articleA.Andrew Sogokon, K.Khalil Ghorbal and T. T.Taylor T Johnson. Operational Models for Piecewise-Smooth Systems.ACM Transactions on Embedded Computing Systems (TECS)165sOctober 2017, 185:1--185:19HALDOI

11.2 Publications of the year

11.3 Cited publications

• 16 inproceedingsL.Luca de Alfaro. Game Models for Open Systems.Verification: Theory and Practice2772Lecture Notes in Computer ScienceSpringer2003, 269-289DOIback to text
• 17 inproceedingsL.Luca de Alfaro and T. A.Thomas A. Henzinger. Interface automata.Proc. of the 9th ACM SIGSOFT International Symposium on Foundations of Software Engineering (FSE'01)ACM Press2001, 109--120DOIback to text
• 18 inproceedingsL.Luca de Alfaro and T. A.Thomas A. Henzinger. Interface-based design.In Engineering Theories of Software Intensive Systems, proceedings of the Marktoberdorf Summer SchoolKluwer2004DOIback to text
• 19 inproceedingsL.Luca de Alfaro, T. A.Thomas A. Henzinger and M.Mariëlle Stoelinga. Timed Interfaces.Proc. of the 2nd International Workshop on Embedded Software (EMSOFT'02)2491Lecture Notes in Computer ScienceSpringer2002, 108--122DOIback to text
• 20 articleA.Adam Antonik, M.Michael Huth, K. G.Kim G. Larsen, U.Ulrik Nyman and A.Andrzej Wasowski. 20 Years of Modal and Mixed Specifications.Bulletin of European Association of Theoretical Computer Science1942008, URL: https://dblp.org/rec/journals/eatcs/AntonikHLNW08.bibback to text
• 21 bookC.Christel Baier and J.-P.Joost-Pieter Katoen. Principles of Model Checking.MIT Press, Cambridge2008, URL: https://mitpress.mit.edu/9780262026499/principles-of-model-checking/back to text
• 22 inproceedingsA.Arvind Balachandran, T.Tomas Jonsson and L.Lars Eriksson. Design and Analysis of Battery-Integrated Modular Multilevel Converters for Automotive Powertrain Applications.2021 23rd European Conference on Power Electronics and Applications (EPE'21 ECCE Europe)IEEE2021, P--1back to text
• 23 articleA.Albert Benveniste, T.Timothy Bourke, B.Benoît Caillaud, J.-L.Jean-Louis Colaço, C.Cédric Pasteur and M.Marc Pouzet. Building a hybrid systems modeler on synchronous languages principles.Proceedings of the IEEE1069September 2018, 1568--1592HALDOIback to textback to text
• 24 miscA.Albert Benveniste, T.Timothy Bourke, B.Benoît Caillaud, B.Bruno Pagano and M.Marc Pouzet. A Type-Based Analysis of Causality Loops In Hybrid Systems Modelers.Deliverable D3.1_1 v 1.0 of the Sys2soft collaborative project ''Physics Aware Software''December 2013HALback to textback to text
• 25 miscA.Albert Benveniste, T.Timothy Bourke, B.Benoît Caillaud and M.Marc Pouzet. Semantics of multi-mode DAE systems.Deliverable D.4.1.1 of the ITEA2 Modrio collaborative projectAugust 2013HALback to text
• 26 inproceedingsA.Albert Benveniste, B.Benoît Caillaud, A.Alberto Ferrari, L.Leonardo Mangeruca, R.Roberto Passerone and C.Christos Sofronis. Multiple viewpoint contract-based specification and design.Proceedings of the Software Technology Concertation on Formal Methods for Components and Objects (FMCO'07)5382Revised Lectures, Lecture Notes in Computer ScienceAmsterdam, The NetherlandsSpringerOctober 2008DOIback to text
• 27 techreportA.Albert Benveniste, B.Benoît Caillaud and M.Mathias Malandain. Structural Analysis of Multimode DAE Systems: summary of results.RR-9387Inria Rennes -- Bretagne AtlantiqueJanuary 2021, 27HALback to text
• 28 articleA.Albert Benveniste, B.Benoît Caillaud and M.Mathias Malandain. The mathematical foundations of physical systems modeling languages.Annual Reviews in Control502020, 72-118HALDOIback to textback to text
• 29 inproceedingsA.Albert Benveniste, B.Benôit Caillaud, M.Mathias Malandain and J.Joan Thibault. Towards the separate compilation of Modelica: modularity and interfaces for the index reduction of incomplete DAE systems.Linköping Electronic Conference Proceedings204Aachen, GermanyOctober 2023, 10HALDOIback to text
• 30 inproceedingsA.Albert Benveniste, B.Benoît Caillaud, B.Bruno Pagano and M.Marc Pouzet. A type-based analysis of causality loops in hybrid modelers.HSCC '14: International Conference on Hybrid Systems: Computation and ControlProceedings of the 17th international conference on Hybrid systems: computation and control (HSCC '14)Berlin, GermanyACM PressApril 2014, 13HALDOIback to textback to text
• 31 inproceedingsN.Nathalie Bertrand, A.Axel Legay, S.Sophie Pinchinat and J.-B.Jean-Baptiste Raclet. A Compositional Approach on Modal Specifications for Timed Systems..11th International Conference on Formal Engineering Methods (ICFEM'09)5885LNCSRio de Janeiro, BrazilSpringerDecember 2009, 679-697HALback to text
• 32 articleN.Nathalie Bertrand, A.Axel Legay, S.Sophie Pinchinat and J.-B.Jean-Baptiste Raclet. Modal event-clock specifications for timed component-based design.Science of Computer Programming772012, 1212-1234HALDOIback to text
• 33 inproceedingsN.Nathalie Bertrand, S.Sophie Pinchinat and J.-B.Jean-Baptiste Raclet. Refinement and Consistency of Timed Modal Specifications..3rd International Conference on Language and Automata Theory and Applications (LATA'09)5457LNCSTarragona, SpainSpringerApril 2009, 152-163HALDOIback to text
• 34 inproceedingsP.Purandar Bhaduri and I.Ingo Stierand. A proposal for real-time interfaces in SPEEDS.Design, Automation and Test in Europe (DATE'10)IEEE2010, 441-446DOIback to text
• 35 inbookM.Mogens Blanke, M.Michel Kinnaert, J.Jan Lunze and M.Marcel Staroswiecki. Diagnosis and Fault-Tolerant Control.Springer Berlin, Heidelberg09 2006, 109-188DOIback to text
• 36 articleS.Simon Bliudze and D.Daniel Krob. Modelling of complex systems: Systems as dataflow machines.Fundamenta Informaticae9122009, 251-274HALDOIback to text
• 37 phdthesisS.S. Bliudze. Un cadre formel pour l'étude des systèmes industriels complexes: un exemple basé sur l'infrastructure de l'UMTS.Ecole Polytechnique2006back to textback to text
• 38 articleG.Gérard Boudol and K. G.Kim G. Larsen. Graphical versus logical specifications.Theoretical Computer Science10611992, 3-20URL: https://www.sciencedirect.com/science/article/pii/030439759290276LDOIback to text
• 39 articleR. E.R. E. Bryant. Graph-Based Algorithms for Boolean Function Manipulation.IEEE Trans. Comput.358August 1986, 677--691URL: http://dx.doi.org/10.1109/TC.1986.1676819DOIback to text
• 40 inproceedingsB.Benoît Caillaud, B.Benoît Delahaye, K. G.Kim G. Larsen, A.Axel Legay, M. L.Mikkel L. Pedersen and A.Andrzej Wasowski. Compositional design methodology with constraint Markov chains.QEST 2010Williamsburg, Virginia, United StatesSeptember 2010, URL: http://hal.inria.fr/inria-00591578/enDOIback to textback to text
• 41 articleB.Benoît Caillaud, B.Benoît Delahaye, K. G.Kim G. Larsen, A.Axel Legay, M. L.Mikkel L. Pedersen and A.Andrzej Wasowski. Constraint Markov Chains.Theoretical Computer Science41234May 2011, 4373-4404URL: http://hal.inria.fr/hal-00654003/enDOIback to text
• 42 miscB.Benoit Caillaud, M.Mathias Malandain and J.Joan Thibault. Demo: IsamDAE, an Implicit Structural Analysis Tool for Multimode DAE Systems.PosterApril 2020, 1HALback to text
• 43 inproceedingsB.Benoît Caillaud, M.Mathias Malandain and J.Joan Thibault. Implicit structural analysis of multimode DAE systems.HSCC 2020 - 23rd ACM International Conference on Hybrid Systems: Computation and ControlSydney New South Wales Australia, FranceACMApril 2020, 1-11HALDOIback to textback to textback to text
• 44 articleS. L.S. L. Campbell and C. W.C. W. Gear. The index of general nonlinear DAEs.Numerische Mathematik722dec 1995, 173--196URL: http://dx.doi.org/10.1007/s002110050165DOIback to text
• 45 inproceedingsF.Francesco Casella and A.Adrien Guironnet. ScalableTestGrids - An Open-Source and Flexible Benchmark Suite to Assess Modelica Tool Performance on Large-Scale Power System Test Cases.Proceedings of the 14th International Modelica ConferenceLinköping Electronic Conference Proceedings181Linköping, SwedenModelica Association and Linköping University Electronic PressSeptember 2021, 351--358DOIback to text
• 46 phdthesisA.Arindam Chakrabarti. A Framework for Compositional Design and Analysis of Systems.EECS Department, University of California, BerkeleyDec 2007, URL: http://www.eecs.berkeley.edu/Pubs/TechRpts/2007/EECS-2007-174.htmlback to text
• 47 inproceedingsA.Arindam Chakrabarti, L.Luca de Alfaro, T. A.Thomas A. Henzinger and M.Mariëlle Stoelinga. Resource Interfaces.Embedded Software, Third International Conference, EMSOFT 2003, Philadelphia, PA, USA, October 13-15, 2003, Proceedings2855Lecture Notes in Computer ScienceSpringer2003, 117-133DOIback to text
• 48 inproceedingsE. Y.Edward Y. Chang, Z.Zohar Manna and A.Amir Pnueli. Characterization of temporal property classes.ICALP623Lecture Notes in Computer ScienceSpringer1992, 474-486DOIback to text
• 49 articleD.Diego Cifuentes and P. A.Pablo A. Parrilo. Chordal Networks of Polynomial Ideals.SIAM J. Appl. Algebra Geom.112017, 73--110URL: https://doi.org/10.1137/16M106995XDOIback to text
• 50 bookE.E. Clarke, O.O. Grumberg and D.D. Peled. Model Checking.MIT Press1999, URL: https://mitpress.mit.edu/9780262038836/model-checking/back to text
• 51 articleG. E.George E. Collins and H.H. Hong. Partial Cylindrical Algebraic Decomposition for Quantifier Elimination.J. Symb. Comput.1231991, 299--328DOIback to text
• 52 bookN. J.N. J. Cutland, eds. Nonstandard Analysis and its Applications.Cambridge Univ. Press1988DOIback to text
• 53 inproceedingsA.Alexandre David, K. G.Kim G. Larsen, A.Axel Legay, U.Ulrik Nyman and A.Andrzej Wasowski. ECDAR: An Environment for Compositional Design and Analysis of Real Time Systems.Automated Technology for Verification and Analysis - 8th International Symposium, ATVA 2010, Singapore, September 21-24, 2010. Proceedings2010, 365-370DOIback to text
• 54 inproceedingsA.Alexandre David, K. G.Kim G. Larsen, A.Axel Legay, U.Ulrik Nyman and A.Andrzej Wasowski. Timed I/O automata: a complete specification theory for real-time systems.Proceedings of the 13th ACM International Conference on Hybrid Systems: Computation and Control, HSCC 2010, Stockholm, Sweden, April 12-15, 20102010, 91-100DOIback to text
• 55 inproceedingsB.Benoît Delahaye, J.-P.Joost-Pieter Katoen, K. G.Kim G. Larsen, A.Axel Legay, M. L.Mikkel L. Pedersen, F.Falak Sher and A.Andrzej Wasowski. Abstract Probabilistic Automata.Verification, Model Checking, and Abstract Interpretation - 12th International Conference, VMCAI 2011, Austin, TX, USA, January 23-25, 2011. Proceedings6538Lecture Notes in Computer Science2011, 324-339DOIback to text
• 56 bookF.F. Diener and G.G. Reeb. Analyse non standard.Hermann1989, URL: https://www.editions-hermann.fr/livre/analyse-non-standard-francine-dienerback to text
• 57 bookD. L.David L. Dill. Trace Theory for Automatic Hierarchical Verification of Speed-Independent Circuits.ACM Distinguished DissertationsMIT Press1989DOIback to text
• 58 articleJ.J. Edmonds and R. M.R. M. Karp. Theoretical improvements in algorithmic efficiency for network flow problems.Journal of the ACM1921972, 248--264URL: http://dx.doi.org/10.1145/321694.321699DOIback to text
• 59 inproceedingsH.H. Elmqvist, S. E.S. E. Mattsson and M.M. Otter. Modelica extensions for Multi-Mode DAE Systems.Proceedings of the 10th International Modelica Conference, March 10-12, 2014, Lund, SwedenLinköping University Electronic Pressmar 2014DOIback to text
• 60 inproceedingsH.Hilding Elmqvist, A.Andrea Neumayr and M.Martin Otter. Modia-dynamic modeling and simulation with julia.Juliacon'18University College London, UKAugust 2018, URL: https://elib.dlr.de/124133/back to text
• 61 inproceedingsH. J.H. J. Ferreau, S.S. Almér, H.H. Peyrl, J. L.J. L. Jerez and A.A. Domahidi. Survey of industrial applications of embedded model predictive control.2016 European Control Conference (ECC)2016, 601-601DOIback to text
• 62 articleE.Erik Frisk, A.Anibal Bregon, J.Jan Aslund, M.Mattias Krysander, B.Belarmino Pulido and G.Gautam Biswas. Diagnosability analysis considering causal interpretations for differential constraints.IEEE Transactions on Systems, Man, and Cybernetics-Part A: Systems and Humans4252012, 1216--1229back to text
• 63 inproceedingsA. V.A. V. Goldberg and R. E.R. E. Tarjan. A new approach to the maximum flow problem.Proceedings of the eighteenth annual ACM symposium on Theory of computing (STOC'86)1986, URL: http://dx.doi.org/10.1145/12130.12144DOIback to text
• 64 inproceedingsF.Fatemeh Hashemniya, E.Erik Frisk and M.Mattias Krysander. Hierarchical Diagnosis Algorithm for Component-Based Multi-Mode Systems.22nd IFAC World CongressIFAC2023back to text
• 65 miscIEEE Standard VHDL Analog and Mixed-Signal Extensions, Std 1076.1-1999.1999, URL: http://dx.doi.org/10.1109/IEEESTD.1999.90578DOIback to text
• 66 bookR.R. Isermann. Fault-Diagnosis Systems: An Introduction from Fault Detection to Fault Tolerance.Springer Berlin Heidelberg2006back to text
• 67 inproceedingsY.Y. Iwasaki, A.A. Farquhar, V.V.A. Saraswat, D.D.G. Bobrow and V.V. Gupta. Modeling time in hybrid Systems: How fast is ``instantaneous''?IJCAI1995, 1773--1781URL: https://www.ijcai.org/Proceedings/95-2/Papers/097.pdfback to text
• 68 inproceedingsJ.-B.Jean-Baptiste Jeannin, K.Khalil Ghorbal, Y.Yanni Kouskoulas, R.Ryan Gardner, A.Aurora Schmidt, E.Erik Zawadzki and A.André Platzer. Formal verification of ACAS X, an industrial airborne collision avoidance system.2015 International Conference on Embedded Software, EMSOFT 2015, Amsterdam, Netherlands, October 4-9, 2015Amsterdam, NetherlandsIEEE2015, 127--136HALDOIback to text
• 69 articleH.Hamed Khorasgani and G.Gautam Biswas. Structural fault detection and isolation in hybrid systems.IEEE Transactions on Automation Science and Engineering1542017, 1585--1599back to text
• 70 phdthesisA.Aurélien Lamercerie. Principe de transduction sémantique pour l'application de théories d'interfaces sur des documents de spécification.Université Rennes 1 ; Rennes 1April 2021HALback to text
• 71 articleL.Leslie Lamport. Proving the correctness of multiprocess programs.IEEE Trans. Software Eng.321977, 125--143DOIback to text
• 72 inproceedingsK. G.Kim G. Larsen, U.Ulrik Nyman and A.Andrzej Wasowski. On Modal Refinement and Consistency.Proc. of the 18th International Conference on Concurrency Theory (CONCUR'07)Springer2007, 105--119DOIback to text
• 73 inproceedingsK. G.Kim G. Larsen and B.Bent Thomsen. A Modal Process Logic.Proceedings of the Third Annual Symposium on Logic in Computer Science (LICS'88)IEEE1988, 203-210DOIback to text
• 74 articleH.-A.Hans-Andrea Loeliger. An introduction to factor graphs.IEEE Signal Processing Magazine2112004, 28-41DOIback to text
• 75 inproceedingsN. A.Nancy A. Lynch. Input/Output Automata: Basic, Timed, Hybrid, Probabilistic and Dynamic.CONCUR 2003 - Concurrency Theory, 14th International Conference, Marseille, France, September 3-5, 2003, Proceedings2761Lecture Notes in Computer ScienceSpringer2003, 187-188DOIback to text
• 76 articleN. A.Nancy A. Lynch and E. W.Eugene W. Stark. A Proof of the Kahn Principle for Input/Output Automata.Inf. Comput.8211989, 81-92DOIback to text
• 77 bookZ.Zohar Manna and A.Amir Pnueli. Temporal verification of reactive systems: Safety.Springer1995DOIback to text
• 78 inproceedingsM.Michael Mans, T.Tobias Blacha, P.Peter Remmen and D.Dirk Müller. Automated model generation and simplification for district heating and cooling networks.Proceedings of the 13th International Modelica ConferenceLinköping Electronic Conference Proceedings157Regensburg, GermanyModelica Association and Linköping University Electronic PressMarch 2019, 179--186DOIback to text
• 79 articleB.Bertrand Meyer. Applying ``Design by Contract''.Computer2510October 1992, 40--51URL: http://dx.doi.org/10.1109/2.161279DOIback to text
• 80 articleP.P. Nuzzo, A. L.Alberto L. Sangiovanni-Vincentelli, X.X. Sun and A.A. Puggelli. Methodology for the Design of Analog Integrated Interfaces Using Contracts.IEEE Sensors Journal1212Dec. 2012, 3329--3345DOIback to text
• 81 articleC.C. Pantelides. The consistent initialization of differential-algebraic systems.SIAM J. Sci. Stat. Comput.921988, 213--231DOIback to textback to text
• 82 articleJ. D.J. D. Pryce. A Simple Structural Analysis Method for DAEs.BIT Numerical Mathematics412March 2001, 364--394URL: http://dx.doi.org/10.1023/a:1021998624799DOIback to textback to textback to text
• 83 articleJ.-B.Jean-Baptiste Raclet, E.Eric Badouel, A.Albert Benveniste, B.Benoît Caillaud, A.Axel Legay and R.Roberto Passerone. A Modal Interface Theory for Component-based Design.Fundamenta Informaticae1081-22011, 119-149URL: http://hal.inria.fr/inria-00554283/enDOIback to text
• 84 bookA.A. Robinson. Non-Standard Analysis.Princeton Landmarks in Mathematics1996, URL: https://press.princeton.edu/books/paperback/9780691044903/non-standard-analysisback to text
• 85 articleE.Ernst Sikora, B.Bastian Tenbergen and K.Klaus Pohl. Industry needs and research directions in requirements engineering for embedded systems.Requirements Engineering172012, 57--78URL: http://link.springer.com/article/10.1007/s00766-011-0144-xDOIback to text
• 86 inproceedingsW. Y.William Y. Sit. The Ritt–Kolchin theory for differential polynomials.Differential Algebra and Related Topics2002, 1-70DOIback to text
• 87 articleH.Hisao Tamaki. Positive-instance driven dynamic programming for treewidth.J. Comb. Optim.3742019, 1283--1311DOIback to text
• 88 articleJ.Joan Thibault and K.Khalil Ghorbal. Leveraging Structural Analysis for Quantified Boolean Formulae.Summer School on Modelling and Verification of Parallel Processes, Grenoble, France6http://khalilghorbal.info/assets/pdf/papers/RBTF_movep.pdf2020back to text
• 89 inbookS.Stephan Trenn. Switched Differential Algebraic Equations.Dynamics and Control of Switched Electronic Systems: Advanced Perspectives for Modeling, Simulation and Control of Power ConvertersF.Francesco Vasca and L.Luigi Iannelli, eds. LondonSpringer London2012, 189--216DOIback to textback to text
• 90 incollectionT. L.T. Lindstr\o m. An invitation to nonstandard analysis.Nonstandard Analysis and its ApplicationsCambridge Univ. Press1988, 1--105DOIback to text