A theory of robust software synthesis

A key property for systems subject to uncertainty in their operating environment is robustness, ensuring that unmodelled, but bounded, disturbances have only a proportionally bounded effect upon the behaviours of the system. Inspired by ideas from robust control and dissipative systems theory, we present a formal definition of robustness and algorithmic tools for the design of optimally robust controllers for omega-regular properties on discrete transition systems. Formally, we define metric automata - automata equipped with a metric on states - and strategies on metric automata which guarantee robustness for omega-regular properties. We present fixed point algorithms to construct optimally robust strategies in polynomial time. In contrast to strategies computed by classical graph theoretic approaches, the strategies computed by our algorithm ensure that the behaviours of the controlled system gracefully degrade under the action of disturbances; the degree of degradation is parameterized by the magnitude of the disturbance. We show an application of our theory to the design of controllers that tolerate infinitely many transient errors provided they occur infrequently enough.

💡 Research Summary

The paper introduces a rigorous theory of robustness for discrete‑time control systems modeled as automata, drawing inspiration from robust control and dissipative systems theory. The authors define metric automata, which are ordinary transition systems equipped with a metric d on the state space Q. In addition to the usual input alphabet Σ, a set X of disturbance indices (including a special “no‑disturbance” symbol ⊥) is added. The transition function δ: Q × Σ × X → Q specifies the next state given a current state, a system input, and a disturbance choice. A function γ: Q → ℝ₊ bounds the effect of any disturbance: for any transition (q, a, ⊥) that would lead to the nominal state q′, any disturbed transition (q, a, x) must land within distance γ(q′) of q′. This abstract model captures a wide range of concrete scenarios, from single‑bit flips in digital circuits (Hamming distance) to bounded‑norm noise in continuous‑time control systems (Euclidean norm).

The central problem is to synthesize strategies (controllers) that guarantee an ω‑regular specification (reachability, Büchi, or parity) despite the presence of bounded disturbances. The authors formalize robustness as a quantitative relationship between the magnitude of the disturbance γ and the deviation of the system’s behavior from the nominal specification. For a given disturbance bound γ, a strategy is said to be σ‑robust if, whenever the environment perturbs the system by at most γ, the resulting execution satisfies a relaxed specification in which the target set has been inflated by a factor σ·γ. The scalar σ thus measures how gracefully the system degrades under disturbance: smaller σ means higher robustness.

To compute σ‑optimal strategies, the paper presents fixed‑point algorithms that run in polynomial time with respect to the size of the automaton. For reachability objectives, the algorithm constructs a rank function assigning to each state the minimal number of steps needed to reach the target under nominal dynamics. The strategy then selects actions that guarantee the rank decreases by at least one, even when a disturbance of size γ occurs; this yields a bound σ = 1 (optimal) for constant γ. For Büchi and parity objectives, the authors extend classic progress‑measure techniques used in solving parity games. They define a vector‑valued measure for each state and show how to update it in the presence of bounded disturbances so that the measure still makes progress toward satisfying the acceptance condition. The fixed‑point computation simultaneously determines the minimal σ and the corresponding strategy.

A notable contribution is the treatment of infinitely many transient faults. The authors prove that if disturbances occur infrequently enough—i.e., the time between two disturbances exceeds a computable threshold—then a σ‑robust strategy can tolerate an unbounded number of faults while still guaranteeing the ω‑regular specification. This result provides a formal time‑space trade‑off for fault‑tolerant controller synthesis, which is difficult to achieve with traditional game‑theoretic approaches that require explicit modeling of each fault pattern.

The paper situates its work relative to prior literature. Classical synthesis treats the environment as an adversarial player, leading to PSPACE‑hard game solving and often overly conservative results when robustness is required. By abstracting disturbances solely through a metric bound, the authors obtain polynomial‑time algorithms while still delivering quantitative guarantees. They also compare to recent notions of k‑robustness (ratio of system errors to environment errors) and show that their σ‑robustness subsumes these ideas for constant disturbance bounds, albeit with a simpler adversarial model.

In summary, the authors provide a unified framework that (1) equips automata with a notion of distance, (2) defines robustness of ω‑regular specifications in terms of metric‑bounded disturbances, (3) offers efficient fixed‑point constructions for optimal σ‑robust strategies, and (4) demonstrates applicability to scenarios with arbitrarily many but sparsely occurring transient faults. This bridges a gap between continuous‑time robust control theory and discrete‑time formal synthesis, opening avenues for designing controllers for safety‑critical cyber‑physical systems, embedded software, and other domains where bounded uncertainty must be tolerated without sacrificing formal guarantees.