May 14 – 19 , 2017, Dagstuhl Seminar 17201

Formal Synthesis of Cyber-Physical Systems


Calin A. Belta (Boston University – Brookline, US)
Rupak Majumdar (MPI-SWS – Kaiserslautern, DE)
Majid Zamani (TU München, DE)


Matthias Rungger (TU München, DE)

For support, please contact

Dagstuhl Service Team


Dagstuhl Report, Volume 7, Issue 5 Dagstuhl Report
Aims & Scope
List of Participants
Shared Documents


Cyber-Physical Systems (CPS) are complex systems resulting from intricate interaction of discrete computational devices with the continuous physical plants. Within CPS, embedded control software plays a significant role by monitoring and adjusting several physical variables, e.g. temperature, velocity, pressure, density, and so on, through feedback loops where physical processes interact with computational devices. Recent advances in computation, storage, and networking have made tremendous advances in hardware and system platforms for CPS. With this growing trend in computational devices, embedded control software is becoming more and more ubiquitous in many safety-critical applications including automotive, aerospace, transportation systems, critical infrastructure, energy, robotics, healthcare, and many other domains. Unfortunately, the design of embedded control software nowadays is still based on ad-hoc solutions resulting in brittle and error-prone software, and very high verification and validation costs. In order to detect and eliminate design flaws and inevitable software bugs, a large portion of the design budget is consumed with validation and verification efforts, which are often lengthy. On the other hand, by changing the emphasis from verification to synthesis, it is possible to synthesize correct-by-design embedded control software for CPS while providing formal guarantees of correctness and preventing the need for costly post facto verification.

In recent years, there has been a lot of progress in designing automatic and correct-by-construction techniques for controller synthesis for interacting discrete and continuous systems. These new techniques have combined techniques from continuous control theory as well as from computer science. The focus of this seminar was to provide a state-of-the-art of this nascent but important field, and to describe challenges and opportunities for synthesis techniques to transition to the real world. By the nature of the topic, the participation at the seminar was inter-disciplinary, and consisted of computer scientists and control theorists, both from academia and from industry. Instead of a sequence of presentations of individual research results, the seminar was organized as a sequence of open discussions on topics of common interest to the participants, such as techniques for scalable controller synthesis, identification of application domains and recent success stories, compositionality and system design, end-to-end arguments about systems, as well as education and outreach.

This seminar benefitted the control as well as computer science communities by bridging the gap between many complementary concepts studied in each community. A more detailed survey on the topics of the seminar is in preparation.

Outcomes of the seminar

The seminar focused on the challenges in the application of formal synthesis techniques for automatic, correct-by-construction synthesis of CPS. The seminar had a total of 45 participants with a mix of computer scientists and control theorists.


The seminar was organized as a sequence of open discussions led by one or two moderators. Each session had a scribe to note down the discussion. The scribe notes were shared with all participants, who added their comments or filled in more information. The updated notes were used to prepare the session summaries (in the next Section).

The following sessions were organized:

  1. Application domains, success stories, and obstacles to adoption
  2. Fundamental algorithmic and scalability challenges in formal synthesis
  3. Tools and infrastructure
  4. Education and outreach
  5. Data-driven and search-driven approaches to synthesis
  6. Compositionality in synthesis
  7. Optimality and completeness
  8. Synthesis of distributed protocols from scenarios and requirements.
  9. Specification languages
  10. Robustness and resiliency
  11. Explainability and user interaction
  12. End-to-end correctness
  13. Formal synthesis challenges in robotics
  14. Cyber-Security of CPS
  Creative Commons BY 3.0 Unported license
  Calin A. Belta, Rupak Majumdar, Majid Zamani, and Matthias Rungger


  • Artificial Intelligence / Robotics
  • Modelling / Simulation
  • Semantics / Formal Methods


  • Formal Synthesis
  • Reactive Synthesis
  • Correct-By-Construction Synthesis
  • Cyber-Physical Systems
  • Hybrid Systems
  • Control Systems

Book exhibition

Books from the participants of the current Seminar 

Book exhibition in the library, ground floor, during the seminar week.


In the series Dagstuhl Reports each Dagstuhl Seminar and Dagstuhl Perspectives Workshop is documented. The seminar organizers, in cooperation with the collector, prepare a report that includes contributions from the participants' talks together with a summary of the seminar.


Download overview leaflet (PDF).


Furthermore, a comprehensive peer-reviewed collection of research papers can be published in the series Dagstuhl Follow-Ups.

Dagstuhl's Impact

Please inform us when a publication was published as a result from your seminar. These publications are listed in the category Dagstuhl's Impact and are presented on a special shelf on the ground floor of the library.

NSF young researcher support