A Hybrid Bounding Method for Computing an Over-Approximation ...

2352 IEEE TRANSACTIONS ON AUTOMATIC CONTROL, VOL. 54, NO. 10, OCTOBER 2009

A Hybrid Bounding Method for Computing anOver-Approximation for the Reachable Set

of Uncertain Nonlinear SystemsNacim Ramdani, Member, IEEE, Nacim Meslem, and Yves Candau

Abstract—In this paper, we show how to compute an over-ap-proximation for the reachable set of uncertain nonlinear con-tinuous dynamical systems by using guaranteed set integration.We introduce two ways to do so. The first one is a full intervalmethod which handles whole domains for set computation andrelies on state-of-the-art validated numerical integration methods.The second one relies on comparison theorems for differentialinequalities in order to bracket the uncertain dynamics betweentwo dynamical systems where there is no uncertainty. Since thederived bracketing systems are piecewise -differentiable func-tions, validated numerical integration methods cannot be useddirectly. Hence, our contribution resides in the use of hybrid au-tomata to model the bounding systems. We give a rule for buildingthese automata and we show how to run them and address modeswitching in a guaranteed way in order to compute the overapproximation for the reachable set. The computational cost ofour method is also analyzed and shown to be smaller that the oneof classical interval techniques. Sufficient conditions are givenwhich ensure the -practical stability of the enclosures given byour hybrid bounding method. Two examples are also given whichshow that the performance of our method is very promising.

Index Terms—Hybrid systems, interval analysis, reachabilityanalysis, uncertain systems.

I. INTRODUCTION

C OMPUTING reachable sets for hybrid systems is an im-portant step when one addresses verification or synthesis

tasks. A key issue then lays in the calculation of the reachableset for continuous dynamics with nonlinear models, even morewhen uncertainty is present in either parameters, control or dis-turbance inputs.

Consider an uncertain dynamical system described by non-autonomous differential equations with the following form:

(1)

Manuscript received September 09, 2008; revised January 12, 2009, January26, 2009, and February 05, 2009. First published September 22, 2009; currentversion published October 07, 2009. This paper was presented in part at the 11thInternational Workshop, Hybrid Systems: Computation and Control, St. Louis,MO, April 2008. Recommended by Associate Editor H. Ito.

N. Ramdani is with the Constraints Solving, Optimization, Robust IntervalAnalysis (COPRIN) Project, Institut National de Recherche en Informatiqueet en Automatique (INRIA) Sophia-Antipolis, Nice FR-06902, France (e-mail:[email protected]).

N. Meslem was with the CERTES, Université Paris Est, Créteil, France. He isnow with MIG, Mathematics, Computing Science and Genome, INRA, Jouy-en-Josas FR-78350, France (e-mail: [email protected]).

Y. Candau is with the CERTES, Université Paris Est, Créteil FR-94010,France (e-mail: [email protected]).

Color versions of one or more of the figures in this paper are available onlineat http://ieeexplore.ieee.org.

Digital Object Identifier 10.1109/TAC.2009.2028974

where the function is possibly nonlinear,, is the initial domain for state vector at time

and is an uncertainty domain for parameter vector .In this work, because of the methods used we will assume thatthe uncertainty sets are axis-aligned boxes.

Let us denote the set of solutions of (1) at time origi-nating from each initial condition in and for each parametervector in .

The forward reachable set of system (1) over a time intervalis then defined as follows:

(2)

Several methods have been developed recently for the explicitcomputation of the reachable set. Let us classify them in twoclasses as proposed in [1].

The first class of methods compute over-approximations of thereachable sets. When the continuous dynamics are linear theycombine time discretization, numerical integration and computa-tional geometry. They use various representations for the reach-ablesetssuchaspolytopes[2]–[5],zonotopes[6]orellipsoids[7],[8].Numerical toolsarealsoavailablewhichimplement theabovetechniques. Some other methods proceed with hybrid abstrac-tions: the continuous state space is divided into a finite number ofcells defined by linear inequalities and then compute reachableset using discrete reachability tools [9]–[12]. In [13], a methodis given for constructing such hybrid abstractions for polyno-mial hybrid systems. The case of uncertainty in model parame-ters has been addressed recently in [14] where a discrete abstrac-tion is used for the analysis of multi-affine uncertain differentialequations. When the continuous dynamics are modelled with anonlinear differential equation, the computation of the reachableset becomes much harder which forms one of the main obsta-cles in safety verification of hybrid systems [11]. Most computa-tionalmethodsrelythenonahybridizationof thecontinuous-timemodels, i.e. the use of piecewise simpler, possibly affine or poly-nomial conservative approximations of the analysed system oncells defined on the state space [13], [15]. Although these reach-ability computation methods scale polynomially with the contin-uous state dimension, they are quite ineffective when used withtruly nonlinear systems mainly because of the conservatism in-duced by linearization.

The second class of methods compute convergent approxima-tions of the reachable set since they aim at computingascloselyaspossible the truereachableset. In thesemethods,backwardreach-ablesetsarecomputedbyusinglevelsetmethodsandviscosityso-

0018-9286/$26.00 © 2009 IEEE

Authorized licensed use limited to: UR Sophia Antipolis. Downloaded on October 13, 2009 at 05:22 from IEEE Xplore. Restrictions apply.

RAMDANI et al.: HYBRID BOUNDING METHOD 2353

lutionstoHamilton–Jacobi–Isaacs(HJI)partialdifferentialequa-tion[1], [16]. In[17]aminimumtimetoreachfunctionisalsousedin the context of both HJI equations and viability theory. Com-pared to over-approximationsbased methods,HJIbased methodsare very effective since they can represent non-convex reachablesets and can naturally handle uncertain time-varying nonlineardynamics. However they scale exponentially with the continuousstate dimension and hence are practical only for problems withcontinuous state variable of small dimension.

In this paper, we investigate the use of guaranteed numericalset integration for the computation of conservative over-approx-imations for the reachable set of uncertain nonlinear dynamics.Such an approach has been investigated only by few authors. Setintegration via interval Taylor models [18] was used for the veri-fication of hybrid systems, but no parameter uncertainty was con-sidered[19].Itwasalsousedforthesimulationofuncertainhybridsystems where the dimension of the continuous state vector wassmall [20]. Nevertheless, it is well-known that in general the sizeof the reachable set derived with interval Taylor models divergesafter fewcomputationstepswhen thesizeofeither initial statedo-main or parameter uncertainty domain is large. This shortcomingis mainly caused by the wrapping effect, i.e., the overestimationof the solution due to the bracketing of any set by an axis-alignedbox. Hence, the contribution of this paper is to show how one canaddress nonlinear continuous reachability computation in pres-ence of model uncertainty, in a more efficient way by using theclassical Müller’s theorem [21]–[23] allied with interval Taylormodels. We will recall the classical Müller’s existence theoremand we will indicate how it can be used for guaranteed set inte-gration and hence reachability computation.

Thecoreideadevelopedinthesequel is tonolongerperformsetintegration with whole domains but to only compute guaranteedbounds for the reachable sets. To do so, we will first show how theMüller’s theorem makes it possible to derive two dynamical sys-tems which enclose the original uncertain dynamical system andthus bound the flow pipe between a minimal solution, i.e. a flowthat is always lower than the solution flow pipe, and a maximalsolution, i.e., a flow that is always larger. Since the two boundingsystems involve no more uncertainty, interval Taylor models canbe used for the guaranteed computation of the minimal and max-imal solutions. We will show how to build the bracketing systemsby analyzing the sign of partial derivatives of . Since the so-ob-tained bounding systems are in general defined by continuous butonly piecewise -differentiable functions, we will show howto use hybrid automata to model them and how to address modeswitching. In summary, we will show that the computation of thereachable set for an uncertain nonlinear continuous dynamicalsystem boils down to running two (coupled) hybrid dynamicalsystems involving no uncertainty in either model parameters orinitial state.Thederivedhybriddynamical systemsarenonlinear,that is, the guards on discrete transition and the continuous flowsin all modes can be specified using arbitrary nonlinear expres-sions over both the continuous state and parameter variables.

This paper is structured as follows. Section II recalls set inte-gration via interval Taylor models and shows how to use themfor computing over-approximation for reachable sets. Section IIIintroduces the classical Müller’s existence theorem and showshowtouse it for reachabilitycomputation.SectionIVcontains the

main contribution of the paper, i.e. our hybrid bounding methodfor computing over-approximation for reachable sets. Section Vaddresses the stability and complexity issues for our new method.Section VI contains two illustrative examples.

II. COMPUTING REACHABLE SETS USING

INTERVAL TAYLOR MODELS

In this section, we will recall how to compute an over-approx-imation for the reachable set using guaranteed set integration viainterval Taylor models.

A. Interval Analysis

Interval analysis was initially developed to account for thequantification errors introduced by the floating point represen-tation of real numbers with computers and was extended to vali-dated numerics ([24] and the references therein). A real interval

is a connected and closed subset of . We haveand . The midpoint of an interval

is defined by . The set of all real inter-vals of is denoted by . Real arithmetic operations are ex-tended to intervals. Consider an operator and

and two intervals. Then:.

An interval vector is the Cartesian product of n intervals. Theset of n-dimensional real interval vectors is denoted by . Foran n-dimensional real vector and n-dimensional realinterval vectors , we haveand .

Consider ; the range of this function over aninterval vector is given by: . Theinterval function is an inclusion function for

if . An inclusion function forcan be obtained by replacing each occurrence of a real variableby the corresponding interval and each standard function by itsinterval counterpart. The resulting function is called the naturalinclusion function. The performances of this inclusion functiondepend on the formal expression for .

Given a bounded set of complex shape, one usually definesan axis-aligned box or a paving, i.e. a union of non-overlappingboxes, which contains the set : this is known as an outer ap-proximation of it. Likewise, one also defines an inner approx-imation which is contained in the set . Hence, we have thefollowing property .

B. Interval Taylor Models

Consider now the differential equation (1) whereand . Define a

time grid which is not necessarilyequally spaced. The objective is to compute interval vectors

, that are guaranteed to contain the set ofsolutions of (1) at time .

Definition 1 (A Priori Enclosure): A vector intervalwhich satisfies the property

(3)

is an a priori enclosure for the solutions of (1) over the timeinterval .



The computation of the set of solutions can be solvedefficiently by using interval Taylor expansions. These full in-terval methods are usually one-step methods which proceed intwo phases:

1) They first verify existence and uniqueness of the solutionusing the fixed point theorem and the Picard-Lindelöf op-erator, compute an a priori enclosure which satisfies(3) and adapt integration time step size ifnecessary in order to keep the width of and hence theglobal truncation error smaller than a given threshold.A simple method for obtaining the a priori enclosure uses

as initial guess,then the set is widened and/or the time step isreduced until the following inclusion is satisfied [25]:

(4)

There are more efficient techniques which are detailed in[18], [26].

2) Then they compute a tighter enclosure of the set ofsolutions of (1) at , i.e.

(5)

which corresponds to a Taylor expansion of order whereis used to compute the remainder term. The coeffi-

cients are the Taylor coefficients of the solutionwhich can be computed either numerically by automaticdifferentiation or analytically via formal methods.

The enclosures thus obtained are said validated which is incontrast with conventional numerical integration techniqueswhich derive approximations with unknown global error andwhere the accumulation of both truncation and round-offerrors may cause the computed solution to deviate widelyfrom the real one. Unfortunately, the wrapping effect makesthe explicit scheme (5) width-increasing and thus not suitablefor numerical implementation. To solve such a drawback,one can use mean value forms, matrices preconditioning andlinear transforms (see the review in [18]). For instance, apopular method by Lohner uses at each time step a point vector

, a point matrix and an interval vector such that. Then it tunes the algorithm

such that wrapping effect impacts only . In this Lohner’smethod, matrices are obtained via factorization [27].

In [28], [29], a Taylor series expansion with respect to ini-tial state has also been used in order to curb the pessimism in-troduced by wrapping effect. A more general scheme has beendeveloped in [30] where the interval method is founded on theHermite-Obreshkoff expansion series where the sought enclo-sure appears both implicitly and explicitly. In [31], an alterna-tive technique has been introduced where constraint propagationtechniques are used in connection with a guaranteed relaxationof the ODE in order to build a pruning step. Finally, there are

open source softwares available which implement most of theabove techniques.

Remark 1: When the size of the initial domain or the param-eter vector box is too large, guaranteed numerical integrationis often doomed to diverge. In such cases, pessimism might becontrolled by bisection, i.e. performing a partition of the initialstate vector or parameter vector domains. Nevertheless, such aprocedure scales exponentially with the dimension of the stateand parameter vectors and hence increases computation timesvery significantly. Consequently, the method introduced in thispaper investigates the possibility to achieve numerical integra-tion without employing bisection.

C. The Reachable Set

Let us see now how one can compute an over-approximationfor the reachable set. By using interval Taylor models one canobtain guaranteed enclosures for the set of solutions of (1) atgrid points , . It remains to enclose the set ofsolution between two grid points. We will show now how toderive explicit formulas which characterize the boundaries ofthe reachable set for any t.

For and define

(6)

Proposition 1:

(7)Proof: It suffices to write a Taylor series expansion at time

and use for evaluating the remainder term (see [18]).Remark 2: To use (6) in practice, it suffices to choose for

the a priori enclosure of (1) as given by (4).Define as an over-approximation of a reachable set , as

follows:

(8)

Proposition 2:

(9)

and satisfies

(10)Proof: Obvious from (7).

Define .Proposition 3: An over-approximation of the reachable set

(2) is given by

(11)



and satisfies

(12)Proof: Obvious from (7) and proposition (2).

As a conclusion, it is clear that thanks to (6) and (11), onecan derive explicit formulas which characterize the boundariesof the reachable set. In practice however, one can use instead of(11) the over-approximation (12) obtained by using the a priorisolutions only.

III. COMPUTING A REACHABLE SET USING

MÜLLER’S EXISTENCE THEOREM

In this section, we will show how to compute an over-approx-imation for the reachable set via guaranteed set integration byusing the classical Müller existence theorem [21], [22] as re-ported in [23].

A. Müller’s Existence Theorem

Theorem 1 ([22], [23]): Consider the dynamical system (1),where function is continuous over a domain definedby

(13)

where means for all i. Assume that functionsand are continuous over for all and satisfy

the following properties1) and2) the lower Dini derivatives and and the

upper Dini derivatives and of andare such that

(14)

(15)

where is the subset of defined by

(16)

and where is the subset of defined by

(17)

Then for all , , system (1) admitsa solution that stays in the domain

(18)

and takes the value at . If, in addition, for all, function is Lipschitz continuous with re-

spect to over then this solution is unique for any given.

B. The Reachable Set

Using the Müller’s theorem, one obtains an enclosure for thesolution of (1) as follows:

(19)

In addition, it is easy to prove that the a priori enclosuresfor , as defined by (3) can also be obtained asfollows:

(20)

where and are a priori enclosures obtained forand . We will show how to obtain these enclosures later on.Finally, one can use the enclosures obtained via (19) in(6), (11) or (12) in order to compute an over-approximation forthe reachable set. The main difficulty is now to obtain suitablebracketing functions and in the general case. In thispaper, we will show that by analysing the signs of the partialderivatives of it will be possible to build these brack-eting functions.

C. The Bracketing Functions

Define as the set containing all the true solutions of (1)obtained at time , when is taken in and in . Of

course, the set is the sought reachable set. It is not available yet but we will need it to state

the rule for building the bracketing functions. Recall howeverthat one can still obtain a conservative over-approximation forit by using interval Taylor models.

Assume that the sign of the partial derivativesand is constant

when is taken in the reachable set, i.e. ,and . Note that these signs need not be

constant over the whole state space but only over the reachableset space.

Rule 1: [Analysis of the partial derivatives signs] Here weadapt the ideas introduced in [23], [32]. The inequalities beloware meant , and . Define

as follows:

if

if(21)

and . In a similar way, defineas follows:

if

if(22)



and . Now define asfollows:

ifif

if(23)

and . In a similar way, defineas follows:

ifif

if(24)

and . Now the componentsof the differential equations which make it possible to computethe upper and lower solutions are obtained as follows:

(25)

Denote

(26)

(27)

then obviously and are in general, solutions of asystem of coupled differential equations, i.e.,

(28)

which involves no uncertain quantity. Therefore interval Taylormodels such as the one introduced in the previous section canbe used for efficiently solving (28) in a guaranteed way. In-deed when these methods are used for solving differential equa-tions with no uncertainty, they are usually able to curb the pes-simism induced by the wrapping effect, even over long integra-tion time.

Remark 3: According to their definition, the functionsand may lead to different results for different and hencethere might be a non unique choice of which minimizes ormaximizes for all . This fact may lead to enclosures(28) too conservative. This shortcoming will be addressed in afurther work.

Remark 4: Although interval Taylor models can be used forsolving in an efficient way the system (28), there is no guarantythat the size of the enclosure will not diverge. Sec-tion V-B will address this issue and give some ideas about thebehaviour of the enclosures.

In fact, rule 1 can only be used over time intervals where thesigns of the partial derivatives are constant. In the sequel, wewill show how we can address the cases where this condition isnot satisfied by using hybrid automata as bracketing systems.

IV. COMPUTING A REACHABLE SET BY USING HYBRID

AUTOMATA AS BOUNDING SYSTEMS

In this section, we introduce a new approach for enclosingthe reachable set of uncertain dynamical systems, for whichthe signs of the partial derivatives and

are not constant over , . Insuch a case, the Müller’s theorem and rule 1 make it possibleto build system (28) only over each time interval where thesesigns can be ascertained. When the bounding systems areanalysed over the whole time interval , they behave asthe subsystems of a hybrid system, denoted , which switchesfrom one subsystem to another each time a partial derivativechanges sign.

A. Hybrid Bounding

Denote the finite set of modes of over which onesubsystem is active and the set of mode transi-tions. Denote a switching time instant and the collection ofswitching time instants

(29)

where and with, ,

.The switching time instants are not known a priori, which

constitutes an issue for this bounding approach method. We willshow now how to solve this problem and how to build the au-tomaton which governs the dynamics of the bounding systems.

Let us split the experiment time period into a suc-cession of integration time intervals where

and where integration time steps are either chosena priori or adapted on-line as in the preceding sections.

Denote , the set of time intervals over which noswitching occurs, i.e.

(30)

Similarly, define the set of intervals where a switch occurs,i.e.

(31)

Denote , an inner approximation for and, an outer approximation for . We have

(32)

Next proposition shows how to obtain and hence .Proposition 4 (Inner Approximation of ): An inner ap-

proximation is given by

(33)



where (resp. ) is an inclusion function for(resp. ).

Proof: Since the a priori solution of (1) as given by (4)or (20) encloses the whole state trajectory over , we canwrite

(34)

Consequently

(35)

We have similar results for function . This ends the proof.Now, according to proposition 4, we can use rule 1 over each

time interval in order to derive and tobracket all the possible solutions of the uncertain system (1).Denote an a priori enclosure of solution over the timeinterval , we have

(36)

It remains to deal with time intervals , i.e. time inter-vals which contain as defined by (29). Since Rule 1 andhence the bounding method cannot be used, we use instead a fullinterval method. By doing so, we keep the guaranty property forthe enclosures without having to derive the actual time instantwhere the commutation occurs. In addition, if a time interval

contains several , i.e. multiple zero-crossing, we have theguaranty that this time interval will be selected to be in ; thusthe usual problem of detecting multiple zero-crossing does notarise in our method.

The hybrid bounding approach is now illustrated in the fol-lowing example.

Example 1 (Illustrative Example): Let us consider the scalardynamical system with two uncertain parameters and

(37)

Fig. 1 depicts a possible time history for the inclusion functions. There are 4 cases where the signs of both partial

derivatives can be determined with no ambiguity: these timeperiods correspond to time intervals , during whichthe bounding systems are, as time goes forward:

• ;• ;• ;• .To the contrary, there are time intervals where the signs of

the partial derivatives cannot be ascertained. They correspondto time intervals during which we will handle the un-certain system (37) via interval Taylor models, i.e. we will per-form numerical integration with intervals of significant widths.As a conclusion, the hybrid automaton which characterizes thebounding systems will contain 1 4 modes: mode 0 refers to theuse of interval Taylor models, modes 1 to 4 refer to the 4 cases

Fig. 1. Time history for the partial derivative �� of example (37). Here � des-ignates the automaton mode which is used during the time interval �� .

Fig. 2. Automaton used for the guaranteed numerical integration of system(37). Here �� denotes �� . � designates the automatonmode.

where bounding systems can be tuned for (37). The automatonis depicted in Fig. 2 where are given both modes and switchingconditions.

Let us use in the sequel mode 0 to denote the original un-certain dynamical system and modes to denote cou-pled bounding systems. The following propositions will make itpossible to detect on-the-fly the switching between modes, i.e.

and and to instantiate the newmode.

Proposition 5 (Switching ):

(38)



Proof: When mode and one of the inclusion func-tions in (38) contains 0, then a transition occurs and the newmode is necessarily . Note that test (38) is conservative,i.e. if one of the partial derivatives or changes sign at

then its inclusion function contains 0; to the con-trary if the inclusion function of one partial derivative contains 0it does not mean that the partial derivative actually changes sign.This is not an issue, since we just need to detect zero-crossingin a guaranteed way. Indeed in this case, the sign of the par-tial derivative cannot be ascertained for all in , rule1 cannot be used and we have decided to use instead a full in-terval integration method, i.e. . Now, recall that iscomputed via (20). But, since solutions and computedwith the bounding systems derived for mode are valid onlyover , does not contain for .must be re-computed with the original uncertain system.

Proposition 6 (Switching ):

(39)

Proof: When mode and it becomes possible to ascer-tain the sign of all the partial derivatives and for all in

which is done by using the inclusion functions, then atransition occurs and the new mode is necessarily . iscomputed with interval Taylor models and is always valid. Nu-merical integration can then be taken forward from .

Remark 5: When switching from to , ,and hence (for in ), can be recomputed via (20)using the bracketing systems derived for mode . Although thisis obviously not necessary, it may improve the quality of theapproximation.

In summary, the computation of an over-approximation of thereachable set (2) is obtained by running the following hybridautomaton:

(40)

where1) is a finite set of modes. .

Mode reverts to the original uncertain system (1)and is active over time intervals . Denotein this case the active continuous state vector as . Tothe contrary, modes correspond to the use of thebounding systems (28) obtained via rule 1 over time inter-vals . Denote in this case the active contin-uous state vector as .

2) is the set of the transitions. According topropositions 5 and 6, the elements of are either of type

or of type .3) is the collection of switching time in-

stants. According to (32) and proposition 4 we have.

4) is the collection of reset functions.For -type transitions, the discontinuous state jump isgiven by and for -typetransitions, the discontinuous state jump is

and .

5) is the collection of thefield vectors obtained with rule 1.

6) is the state space of (1).7) represents the uncertainty domain for

model parameters for (1).Finally, we can build the Hybrid-Bounding algorithm for

computing the reachable set of (1) by running automaton (1). Itrelies on algorithm Integrate-one-step-ahead which computesthe one-step ahead solution for an uncertain differential equa-tion.

Algorithm Hybrid-Bounding initializes the initial mode, i.e.at time . While integration time is smaller that , the algo-rithm integrates one step ahead from to , then checksif a mode switching occurs during the time interval .This is done by checking if the signs of the partial derivatives

and have changed. If there is a switching, then actionwill depend on the current mode. If the current mode isthen it suffices to switch to the new mode and carry onintegration according to proposition 6. To the contrary, if cur-rent mode is not 0, then algorithm has to re-do computation forcurrent time step with the uncertain model in order to cross theswitching condition in a guaranteed way according to proposi-tion 5.

In algorithm Integrate-one-step-ahead, numerical integra-tion is done via interval Taylor models with the original uncer-tain system when . When , algorithm selects thebounding systems and set bounding solutions and .Then numerical integration is performed over . Inorder to have guaranteed results, we have chosen to use the sameinterval Taylor model method as with mode 0 for solving thecoupled system (28), but with intervals of zero width.

Finally, if for any reason, a given partial derivative keepschanging sign in a continuum of time over time period,then the active mode remains locked on and automaton(40) never jumps to . Next section will propose a simplemethod which addresses this issue and prevent the automatonfrom being locked on mode .

B. Hybrid Bounding Allied With a Partitioning Algorithm

The ability of algorithm Hybrid-Bounding to yield effectiveresults in the general case is driven by the ability to ascertainthe signs of the partial derivatives and . Obviously, whenthe size of the domains taken for initial state vector or param-eter vector are large, one expects the algorithm to get trapped inthe full interval mode, i.e. and thus to never activate themodes which use the bounding systems approach. A simple ideato circumvent such a drawback consists in allowing the domainsto be partitioned in a way that renders easier the determination ofthe signs of the partial derivatives. This idea will be used bothduring the initialization step, i.e. when algorithm initiates andfor dealing with the mode switching. In order to facilitate thepartition of both parameter or state vectors, let us define an ex-tended state vector . Hence .Moreover, in order to deal with the sub-boxes obtained via par-tition, the new algorithms will use lists.

During the initialization step, algorithm Hybrid-Bounding-with-Partition uses a partitioning algorithm, algorithm Parti-tion which splits an interval vector into a left part and



a right part in order to furnish a list of -vector sub-boxesover which the signs of the partial derivatives can be ascertained.The list contains also boxes of width smaller than a prescribedthreshold for which the mode will be used.

Algorithm Hybrid-Bounding-with-Partition differs fromalgorithm Hybrid-Bounding only by the introduction ofthe partitioning algorithm Partition and by the use of listsof couples (mode, solution enclosure): For each , one listgathers the state vectors enclosures at time and another onegathers the a priori solutions which contain the flow pipefor and which can be used for computing anover-approximation of the reachable set according to (12).

Furthermore, a regularization procedure is used which aimsat controlling computation complexity by reducing the size ofthe lists. In this paper, this is done by merging all the list el-ements, i.e. the solution enclosures, when they all belong to asame mode . This is motivated by the fact that -vectorpartition is done only for crossing the switching time instantsand as far as possible, the computation of reachable sets is donevia existence theorems. This algorithm can also be tuned by theuser according to the problem under study.

V. MORE ON THE HYBRID BOUNDING METHOD

A. Complexity Analysis

In this subsection, we will compare the amount of computa-tion needed to produce the reachable set when using our hybridmethod with the case where a full interval method is used.

Before discussing this fact, let us first recall the complexityof set integration via interval Taylor models. When the Taylorcoefficients in (5) are obtained via automatic differentiation [33]and the following recursive relationships:

(41)

the computational cost needed for obtaining them istimes the cost of evaluating function [34]. When integrationtime steps , i.e. in (5), are adapted on-line, thenthe whole computational cost is roughly equal totimes the cost of evaluating function , where is thenumber of integration time steps actually needed to achievenumerical integration over the whole time period, i.e. suchthat . When the reachable set iscomputed using a full interval method as in Section II-C withlarge domains for either initial state vector or parameter uncer-tainty, and if the enclosures do not diverge, then the adaptedintegration time steps are usually small and hence numberquite large.

Now, when the reachable set is computed by using our hy-brid method (Section IV), the computational cost is the sameas the full interval method when active mode is . To thecontrary, when the active mode is , the dimension of thecontinuous state vector is twice the dimension of the originalsystem, hence the computational cost of a single integrationstep. But recall that the twice dimensional handled system in-volves no more uncertain quantity. Consequently, the adaptedintegration time steps can be far larger and hence the whole

number of integration steps should be smaller, i.e. such thatwill satisfy .

In summary, when the size of the initial domains and aresmall, computing the reachable set can be done either via the fullinterval method or the hybrid bounding method. In this case, thewhole computational cost for our method shall be smaller thanthe full interval one. Now when the size of the domains are large,the full interval method cannot be used unless domains are par-titioned. This procedure scales exponentially with the dimen-sion of state and parameter spaces and makes the full intervalmethod not practical. However, our hybrid bounding approachis capable of dealing with sets of large size but may need par-titioning for mode switching. Finally, our hybrid method shallalways cost less than a full interval one.

B. Stability Analysis

In this subsection, we will address the stability issue for thesize of the enclosures as obtained by the hybrid automaton(40). To do so, we will analyze the differential equation whichgoverns the dynamics of the size of . When active mode is

, the enclosure’s size is given by

(42)

and we have

(43)

To the contrary, when active mode is , the compu-tation of is done by using interval Taylor models withthe original uncertain system. In such cases, it is not easy towrite a dynamical equation which describes the behaviourof this size. We will let aside this mode in the further anal-ysis but quantify its impact via a modified jump function.Hence, if the actual switching sequence is for instance

, where, it will become . Fi-

nally, when analyzed over the whole time period, the behaviorof is modelled by a hybrid automaton which uses thecollection of modes of automaton (40) withdiscontinuous state jumps, obtained by putting in cascade an

-type jump with an -type one. Consequently, the dynamicsof are modelled by (43) with and a jump functiongiven by

(44)

and where time is also reset accordingly.Now, analyzing the stability property for can be ad-

dressed by using methods available for the stability analysis ofhybrid systems. In our case, we will use methods published in[35] which give sufficient conditions for -practical stabilityof hybrid systems, i.e. conditions which keep trajectorieswithin given bounds. In the sequel we will recall these resultsand show how to use them to address the issue at hand. Here-after the time interval denotes either or .

Definition 2 (Switching Law Over ): Given a time interval, a switching law over is a mapping: which



specifies a nonZeno switching sequence for any initialstate .

Definition 3 ( -Practical Stability Over ): Assume a timeinterval and a switching law over are given. Given an

, the hybrid system (43) is said to be -practically stable overunder if there exists a such that

whenever .Definition 4 ( -Practical Lyapunov-Like Function): Given

a time interval and a switching law over , a contin-uously differentiable real-valued function satis-fying is a -practical Lyapunov-likefunction over under if there exists a Lebesgue in-tegrable function , positive constants and

, such that for any trajectory generated by thatstarts from and its corresponding switching sequence

, , thefollowing holds

a) , a.e. ;b) at any

switching instant ;c) ,

.Here, denotes the number of switching during the timeinterval .

Note that is not a Lyapunov function in the usual sense,since no definiteness condition is imposed on it or its derivatives.

Theorem 2 ([35]: Given a time interval and a switchinglaw over , hybrid system (43) is -practically stable over

under , if there exists an -practical Lyapunov-like functionover under .

We will now apply the above results to the problem understudy. Since function is -differentiable over , we can findregular matrices and write without loss of generality

(45)

Remark 6: Matrices in (45) can for instance be taken asthe gradient where is the point solution ofsystem (1) when and .

From equations (26), (27), (42) and (45), we can write thedynamics of as follows:

(46)

where

(47)

and where is built from by using Rule 1 accordingto the signs of the partial derivatives of . Note that (46) and (47)now involve the over-approximation of the reachable set.

Proposition 7: Assume that is Lipschitz continuous, thusis also Lipschitz continuous. For all , denote

the Lispchitz constant of w.r.t and its Lispchitz

constant w.r.t , denote andthe maximum eigenvalue of .

System (43) is -practically stable over underif

(48)

which can be satisfied if there exist some , i.e. ifthere exist some modes for which system (43) describing thedynamics of is stable. In addition, the lower bound onsuch that system (43) is -practically stable overunder is given by

(49)

Proof: Let us consider . From (46) and(47) we have

(50)

Now, we can define piecewise continuous functions

and . For any satis-fying , (50) leads to .Let us choose and let quantifiesthe ratio of the values after and prior to the switching whereautomaton (43) uses the compositional jump function (44). Ac-cording to c) of definition 4, system (43) is -practically stableover under if the following inequality holds:

(51)

which, according to the definition of and , leads to

(52)

Let us choose , then we only need to have

(53)



which is equivalent to the requirement (49) which also implies(48).

Remark 7: A connection between the practical stability prop-erties for the enclosure’s size, i.e. system (43) and the dynamicsof the original system (1) can be established if is also themaximum eigenvalue of , which is true if matricesand share the same eigenvalues. If matrices as de-fined in (45) are obtained by linearization according to remark6, then and share the same eigenvalues if matrices

satisfy, possibly after an appropriate change of coordi-nates, one of the two conditions:

i) are Metzler matrices for all in , i.e. matrixelements for all ;

ii) are—upper or lower—triangular matrices.In both cases, it is important to note that rule 1 must be appliedin the new set of coordinates.

VI. EXAMPLES

A. Uncertain Nonlinear System

This example is taken from molecular system biology. Con-sider a non-linear dynamical model which describes Mitogen-Activated Protein Kinase cascades [36]

(54)

Here the parameters are assumed perfectly known ,, , ,

, , , , ,,

and a positive feedback is taken, i.e., . Nom-inal values for initial state vector are as follows ,

, , , . The componentsof the reachable set as given by a full interval method, i.e., in-terval Hermite–Obreschkoff series with variable step control asimplemented in the VNODE software [37] are plotted in Fig. 3for 3% and 4% relative uncertainty on initial state vector. Notethat with relative uncertainty larger than 3%, the full intervalmethod diverges rapidly. In addition, the method diverges alsowhen parametric uncertainty is set, even of very small magni-tude (0.01%).

Consider again the system (54) but this time with fairlylarge uncertainty on parameter and initial state vectors:

, , ,, , ,

, , ,, ,

, , ,,

. Rule 1 is used in order to build the coupleddifferential equations for the minimal and maximal solutions of(54). Interval Hermite Obreschkoff models with variable timestep as implemented in the open source VNODE software [37]

Fig. 3. Time history of the � component of the reachable set of (54) with noparametric uncertainty. The curve labelled 3% corresponds to 3% uncertainty oninitial state vector, whereas the one labelled 4% corresponds to 4% uncertaintyon initial state vector. Both curves are obtained with a full interval method(3%: �� ). Without parametric uncertainty, fullinterval method diverges at soon as the size of the domain for initial state vectoris larger than 3%.

Fig. 4. Time history of the � component of the reachable set of (54)as obtained with the bounding method based on the Müller theoremwith an initial domain for state vector of size 100%. The curve labelled‘no uncertainty’ corresponds to no uncertainty in the parameter vector�� and the one labelled ‘with uncer-tainty’ corresponds to the presence of uncertainty in the parameter vector�� .

are used for solving the new differential system. Fig. 4 plotsthe time history of the component of the reachable set asobtained in both cases where parametric uncertainty is taken ornot taken into account. It is clear that the bounding approachbased on the Müller’s theorem successfully computes the overapproximation for the reachable set.

In fact, the superior performance of our method in this casecan be further analysed. It is easy to see that since all systemvariables are positive data, then by changing orthants and ac-cording to the signs of the partial derivatives w.r.t model pa-rameters, one can obtain decoupled differential equations forupper and lower bounding systems which are also feasible. Thatis to say that the bounding systems are obtained by instanti-ating both state and parameter variables to feasible values. Since



the bounding systems are feasible then the enclosures obtainedusing our method are tight (up to the precision of the guaranteednumerical integration method used).

B. Another Uncertain Nonlinear System From Bio-Reactors:Non Monotone With Inputs

We consider the Haldane model to simulate the biotechnolog-ical process in a stirred reactor. The model is taken from [38]but addresses the existence of one specie on a chemostat with asingle substrate. Consider the following equations:

(55)

where designates the biomass density, the substrate con-centration, the dilution rate of the chemostat, the con-centration of input substrate. The coefficients , , andare positive constants which are defined as follows ,

, and .and . The coefficients and are

assumed uncertain: with relative uncertainty 1%and with relative uncertainty 1.5%. Initial stateis taken uncertain and is defined as follows

.It easy to check that the signs of the partial derivatives needed

to apply rule 1 are as follows:

(56)

and

(57)

Hence, the automaton (40) which must be used with algorithmHybrid-Bounding contains only three modes:

• mode corresponds to the original system (55);• mode is active when , i.e.

and system (28) writes

(58)

• mode is active when and system (28)writes

(59)

Algorithm Interval-Integrate is implemented with the ex-tended mean value algorithm [18] with a constant integrationtime step .

Note that a full interval Taylor models method diverges afterfew computation steps even without parameter uncertainty.

Fig. 5. Time history of the � component of the reachable set of (55) as obtainedwith the hybrid bounding method �� . Thereachable set computed via a full interval method diverges after few steps only.

Fig. 6. Time history of the � component of the reachable set of (55) as obtainedwith the hybrid bounding method �� . Thereachable set computed via a full interval method diverges after few steps only.

Before using our hybrid bounding method let us check if in-equalities (49) and (48) are satisfied, i.e. if proposition 7 holds.For system (55), we use

, for ,, . For , (48) yields

. Hence it exists a set such that the size of the enclosuresgiven by our hybrid bounding method remains bounded.

The components of the reachable set as obtained by algo-rithm Hybrid-Bounding for the integration time interval

are plotted in Figs. 5 and 6. The pessimism in-troduced by the full interval Taylor method when crossing theswitching condition can be further controlled by using algo-rithm Hybrid-Bounding-with-Partition. The computed reach-able sets are plotted in Figs. 7 and 8. Note also the switchinghyperplane defined by depicted in Figs. 6 and 8.



Fig. 7. Time history of the � component of the reachable set of (55), as ob-tained with the hybrid bounding method and with a partition allowed only on� component and a threshold � � � �� .

Fig. 8. Time history of the � component of the reachable set of (55), as ob-tained with the hybrid bounding method and with a partition allowed only on� component and a threshold � � � �� .

Here again, the hybrid bounding method has better perfor-mance than full interval methods since it successfully computesthe over approximation for the reachable set.

VII. CONCLUSION

In this paper we have addressed the issue of computing anover approximation for the reachable set of uncertain nonlinearcontinuous dynamical systems. We have shown that reachablesets can be computed via guaranteed set integration and we haveintroduced two different ways to do so. The first one, the full in-terval one, performs the integration by computing directly withthe sets or boxes which characterize the uncertainty. The secondone relies on comparison theorems for differential inequalitiesin order to bracket the uncertain dynamical system between twodynamical systems where there is no uncertainty in either stateor parameter vectors and thus enclose the flow pipe betweena minimal and a maximal solution. In both methods the nu-merical set integration is performed by using state-of-the-art

validated methods. Our contribution resides then in the use ofnon linear hybrid automata to model the bounding systems; theso-obtained method is denoted as the hybrid bounding method.We give a rule for building the bracketing systems automata andshow how to run them and how to address mode switching ina guaranteed way in order to compute the over approximationfor the reachable set. We have shown that the hybrid boundingmethod introduced in this paper exhibits better performancethan full interval methods since it requires a smaller compu-tational cost and is capable of computing over approximationsfor the reachable set of non-linear systems with fairly large un-certainty in both parameter and state vectors. Finally, we usedthe concept of -practical stability for hybrid systems in order tostudy the stability of the enclosures obtain by our new method.We gave sufficient conditions for the stability of the enclosures’size. Then, we discussed the connection between these con-ditions and the original system for two classes of dynamicalsystems. Used with state-of-the-art hybrid system verificationtools, it should make it easier to solve hybrid reachability issueswhen the continuous dynamical systems are described via non-linear differential equations. Future work will study how to opti-mize the performance of the algorithms introduced when usinga partitioning strategy for crossing switching hyperplanes. Thepotential of constraint propagation may then be investigated.Finally, the reachability analysis of hybrid dynamical systemswith nonlinear continuous dynamics will be addressed by usingthis new method.

ACKNOWLEDGMENT

All algorithms are developed in C++ and use the Profil/BIASC++1 class library for interval computations. Taylor coefficientsare computed using the FADBAB++ package.2 VNODE soft-ware is developed by Ned Nedialkov.3

The authors would like to thank the anonymous reviewers fortheir comments and suggestions which helped improving paperquality.

REFERENCES

[1] C. J. Tomlin, I. M. Mitchell, A. M. Bayen, and M. Oishi, “Computa-tional techniques for the verification of hybrid systems,” Proc. IEEE,vol. 91, no. 7, pp. 986–1001, Jul. 2003.

[2] R. Alur, C. Courcoubetis, N. Halbwachs, T. Henzinger, P.-H. Ho, X.Nicollin, A. Olivero, J. Sifakis, and S. Yovine, “The algorithmic anal-ysis of hybrid systems,” Theor. Comput. Sci., vol. 138, pp. 3–34, 1995.

[3] E. Asarin, O. Maler, and A. Pnueli, “Reachability analysis of dynamicalsystems having piecewise-constant derivatives,” Theor. Comput. Sci.,vol. 138, pp. 35–65, 1995.

[4] E. Asarin, O. Bournez, T. Dang, and O. Maler, “Approximate reach-ability analysis of piecewise-linear dynamical systems,” in Proc.HSCC’00, 2000, pp. 20–31.

[5] A. Chutinan and B. H. Krogh, “Computational techniques for hybridsystems verification,” IEEE Trans. Autom. Control, vol. 48, no. 1, pp.64–75, Jan. 2003.

[6] A. Girard, “Reachability of uncertain linear systems using zonotopes,”in Proc. HSCC, 2005, pp. 291–305.

[7] O. Botchkarev and S. Tripakis, “Verification of hybrid systems withlinear differential inclusions using ellipsoidal approximations,” inProc. HSCC, 2000, pp. 73–88.

1www.ti3.tu-harburg.de/Software/PROFILEnglisch.html.2www2.imm.dtu.dk/~km/FADBAD/.3www.cas.mcmaster.ca/~nedialk/Software/VNODE/VNODE.shtml.



[8] A. B. Kurzhanski and P. Varaiya, “Ellipsoidal techniques for hybriddynamics: The reachability problem,” in New Directions and Applica-tions in Control Theory, Lecture Notes in Control and Information Sci-ences, W. Dayawansa, A. Lindquist, and Y. Zhou, Eds. New York:Springer-Verlag, 2005, vol. 321, pp. 193–205.

[9] H. Guéguen and J. Zaytoon, “On the formal verification of hybrid sys-tems,” Control Eng. Prac., vol. 12, pp. 1253–1267, 2004.

[10] L. Doyen, T. Henzinger, and J. Raskin, “Automatic rectangular re-finement of affine hybrid systems,” in Proc. FORMATS’05, 2005, pp.144–161.

[11] M.-A. Lefebvre and H. Guéguen, “Hybrid abstractions of affine sys-tems,” Nonlin. Anal., vol. 65, no. 6, pp. 1150–1167, 2006.

[12] M. Kloetzer and C. Belta, “Reachability analysis of multi-affine sys-tems,” in Proc. HSCC, 2006, pp. 348–362.

[13] A. Tiwari and G. Khanna, “Series abstractions for hybrid automata,” inProc. HSCC, 2002, pp. 465–478.

[14] G. Batt, C. Belta, and R. Weiss, “Model checking genetic regulatorynetworks with parameter uncertainty,” in Proc. HSCC, 2007, pp. 61–75.

[15] E. Asarin, T. Dang, and A. Girard, “Hybridization methods for the anal-ysis of non-linear systems,” Acta Informatica, vol. 43, pp. 451–476,2007.

[16] I. M. Mitchell, A. M. Bayen, and C. J. Tomlin, “A time-dependanthamilton-jacobi formulation of reachable sets for continuous dynamicsgames,” IEEE Trans. Autom. Control, vol. 50, no. 7, pp. 947–957, Jul.2005.

[17] A. M. Bayen, E. Crück, and C. J. Tomlin, “Guaranteed overapproxi-mations of unsafe sets for continuous and hybrid systems: Solving thehamilton-jacobi equation using viability techniques,” in Proc. HSCC,2002, pp. 90–104.

[18] N. Nedialkov, K. Jackson, and G. Corliss, “Validated solutions of initialvalue problems for ordinary differential equations,” Appl. Math. Com-putat., vol. 105, pp. 21–68, 1999.

[19] T. Henzinger, B. Horowitz, R. Majumdar, and H. Wong-Toi, “BeyondHyTech: Hybrid systems analysis using interval numerical methods,”in Proc. HSCC, 2000, pp. 130–144.

[20] A. Rauh, M. Kletting, H. Aschemann, and E. Hofer, “Interval methodsfor simulation of dynamical systems with state-dependent switchingcharacteristics,” in Proc. IEEE Int. Conf. Control Appl., Munich, Ger-many, 2006, pp. 355–360.

[21] M. Müller, “Uber das fundamentaltheorem in der theorie der gewöhn-lichen differentialgleichungen,” Mathematische Zeitschrift, vol. 26, pp.619–645, 1927.

[22] W. Walter, “Differential inequalities and maximum principles: Theory,new methods and applications,” Nonlin. Anal., Theory, Methods Appl.,vol. 30, no. 8, pp. 4695–4711, 1997.

[23] M. Kieffer, E. Walter, and I. Simeonov, “Guaranteed nonlinear param-eter estimation for continuous-time dynamical models,” in Proc. 14thIFAC Symp. Syst. Ident., Newcastle, Australia, 2006, pp. 843–848.

[24] L. Jaulin, M. Kieffer, O. Didrit, and E. Walter, Applied Interval Anal-ysis: With Examples in Parameter and State Estimation, Robust Controland Robotics. London, U.K.: Springer-Verlag, 2001.

[25] R. Moore, Interval Analysis. Englewood Cliffs, NJ: Prentice-Hall,1966.

[26] N. Nedialkov, K. Jackson, and J. Pryce, “An effective high-order in-terval method for validating existence and uniqueness of the solutionof an ivp for an ode,” Reliable Comput., vol. 7, no. 6, pp. 449–465,2001.

[27] R. J. Lohner, “Enclosing the solutions of ordinary initial and boundaryvalue problems,” in Computer Arithmetic: Scientific Computationand Programming Languages. Stuttgart, Germany: Wiley, 1987, pp.255–286.

[28] M. Berz and K. Makino, “Verified integration of odes and flows usingdifferential algebraic methods on high-order taylor models,” ReliableComput., vol. 4, pp. 361–369, 1998.

[29] J. Hoefkens, M. Berz, and K. Makino, “Controlling the wrapping ef-fect in the solution of odes for asteroids,” Reliable Comput., vol. 8, pp.21–41, 2003.

[30] N. S. Nedialkov and K. R. Jackson, “An interval hermite-obreschkoffmethod for computing rigorous bounds on the solution of an initialvalue problem for an ordinary differential equation,” Reliable Comput.,vol. 5, pp. 289–310, 1999.

[31] M. Janssen, P. Hentenryck, and Y. Deville, “A constraint satisfactionapproach for enclosing solutions to parametric ordinary differentialequations,” SIAM J. Numer. Anal., vol. 40, pp. 1896–1939, 2002.

[32] N. Ramdani, N. Meslem, T. Raïssi, and Y. Candau, “Set-membershipidentification of continuous-time systems,” in Proc. 14th IFAC Symp.System Ident., Newcastle, Australia, 2006, pp. 446–451.

[33] L. Rall and G. F. Corliss, “Introduction to automatic differentiation,”in In Computational Differentiation: Techniques, Applications, andTools. Philadelphia, PA: SIAM, 1996, pp. 1–18.

[34] N. Nedialkov, “Computing Rigorous Bounds on the Solution of an Ini-tial Value Problem for an Ordinary Differential Equation,” Ph.D. dis-sertation, Univ. Toronto, Toronto, ON, Canada, 1999.

[35] X. Xu and G. Zhai, “Practical stability and stabilization of hybrid andswitched systems,” IEEE Trans. Autom. Control, vol. 50, no. 11, pp.1897–1903, Nov. 2005.

[36] E. Sontag, “Molecular systems biology and control,” Eur. J. Control,vol. 11, pp. 396–435, 2005.

[37] N. Nedialkov and K. Jackson, The Design and Implementation of a Val-idated Object-Oriented Solver for ivps for Odes Software Quality Re-search Laboratory, Department of computing and Software, McMasterUniversity, Hamilton, ON, Canada, Tech. Rep. 6, 2002, .

[38] O. Bernard and J.-L. Gouzé, “Closed loop observers bundle foruncertain biotechnological models,” J. Process Control, vol. 14, pp.765–774, 2004.

Nacim Ramdani (M’08) received the Engineer de-gree from Ecole Centrale de Paris, France, in 1990,and the Ph.D. and Habilitation degrees from the Uni-versity of Paris XII, France, in 1994 and 2005, re-spectively.

He joined the French National Research Institutein Computer Science and Control (INRIA, InstitutNational de Recherche en Informatique et en Au-tomatique) in 2007, and is currently a ResearchScientist with the Constraints Solving, Optimization,Robust Interval Analysis (COPRIN) group at INRIA

Sophia-Antipolis, France. From 2005 to 2007, he was on sabbatical at theMontpellier Laboratory of Computer Science, Robotics, and Microelectronics(LIRMM CNRS University of Montpellier 2), France. From 1996 to 2005,he was Maitre de Conférences at the University of Paris Est, France, andmember of the Thermal Sciences Research Laboratory (CERTES, Centred’Etudes et Recherche Thermique et Systèmes). His current research interestsinclude modelling and analysis of continuous and hybrid systems in presenceof uncertainty, and set membership estimation, with applications to roboticsand human movement science.

Nacim Meslem received the M.S. degree in au-tomatic and applied computer science from EcoleCentrale de Nantes, Nantes, France, in 2004 and thePh.D. degree from the University Paris Est, Créteil,France, in 2008.

Since 2008, he has been with Institut National dela Recherche Agronomique (INRA), Jouy-en-Josas,France, where he is presently a Post Doctoral Fellow.His research interests include set-membership stateand parameter estimation, hybrid modelling, stabilityanalysis, and biological systems.

Yves Candau received the M.E. degree and thePh.D. in energetics sciences from Ecole Polytech-nique, Paris, France, in 1980.

He became the Head of the Thermal SciencesResearch Laboratory, Centre d’Etudes et RechercheThermique et Systèmes (CERTES), University ParisEst, Créteil, France. His research interests includesignal processing and inverse methods applied tothermal measurements engineering.


Date post:	12-Jan-2017
Category:	Documents
Upload:	dangdan
View:	212 times
Download:	0 times

A Hybrid Bounding Method for Computing an Over-Approximation ...

Documents