gaining confidence in the correctness of robotic and
play

Gaining Confidence in the Correctness of Robotic and Autonomous - PowerPoint PPT Presentation

Jan 20, 2023 •242 likes •898 views

Gaining Confidence in the Correctness of Robotic and Autonomous Systems Kerstin Eder Trustworthy Systems Laboratory Verification and Validation for Safety in Robots, Bristol Robotics Laboratory Designing Trustworthy Systems Create flawless

  1. Gaining Confidence in the Correctness of Robotic and Autonomous Systems Kerstin Eder Trustworthy Systems Laboratory Verification and Validation for Safety in Robots, Bristol Robotics Laboratory

  2. Designing Trustworthy Systems § Create flawless systems. AND § Design these systems in such a way that the flawlessness can be demonstrated. "Waterfall" by M.C. Escher.

  3. Confidence in a system’s trustworthiness can be gained in many different ways, including § by design , systems that are simple are also understandable;

  4. Confidence in a system’s trustworthiness can be gained in many different ways, including § by design , systems that are simple are also understandable; § through transparency , systems that allow us an insight into how they make decisions, why they act in a certain way or how they use resources become understandable; 4 4

  5. Confidence in a system’s trustworthiness can be gained in many different ways, including § by design , systems that are simple are also understandable; § through transparency , systems that allow us an insight into how they make decisions, why they act in a certain way or how they use resources become understandable; and § through verification and validation , rigorous proof complemented by simulation-based testing using intelligent test generation methods can provide convincing evidence of a system’s trustworthiness. 5

  6. Correctness from specification to implementation User Requirements High-level Specification Translate Optimizer Design and Analysis (Simulink) Implement Controller (SW/HW) e.g. C, C++, RTL (VHDL/Verilog) 6

  7. What can be done at the code level? P. Trojanek and K. Eder. Verification and testing of mobile robot navigation algorithms: A case study in SPARK. IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS). pp. 1489 - 1494. Sep 2014. http://dx.doi.org/10.1109/IROS.2014.6942753 7

  8. What can go wrong in robot navigation software? Generic bugs: § Null pointer dereferencing § Accesses to uninitialized data § Array and vector out-of-bounds accesses § Dynamic memory allocation and blocking inter- thread communication (non real-time) Domain-specific bugs: § Integer and floating-point arithmetic errors § Mathematic functions domain errors 8

  9. Design for Verification § SPARK, a verifiable subset of Ada - Originally developed for high integrity software § Three open-source implementations of navigation algorithms translated from C/C++ (2.7 kSLOC) to SPARK (3.5 kSLOC) • VFH+ (Vector Field Histogram) • ND (Nearness Diagram) • SND (Smooth Nearness-Diagram) navigation § Required code modifications: - Pre- and post-conditions, loop (in)variants - Numeric subtypes (e.g. Positive) - Formal data containers 9

  10. Results § Several bugs discovered by run-time checks injected by the Ada compiler - Fixed code proved to be run-time safe • except floating-point over- and underflows • These would require the use of complementary techniques. Up to 97% of the verification conditions discharged § automatically by SMT solvers in less than 10 minutes SPARK code is on average 30% longer than C/C++ § No significant difference wrt the performance of the § SPARK and C/C++ code 10

  11. Moral If you want to make runtime errors an issue of the past, then you must select your tools (programming language and development environment) wisely! 11 https://rclutz.wordpress.com/2016/09/23/hammer-and-nail/

  12. http://github.com/riveras/spark-navigation P. Trojanek and K. Eder. Verification and testing of mobile robot navigation algorithms: A case study in SPARK. IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS). pp. 1489 - 1494. Sep 2014. http://dx.doi.org/10.1109/IROS.2014.6942753 12

  13. Correctness from specification to implementation User Requirements High-level Specification Translate Optimizer Design and Analysis (Simulink) Implement Controller (SW/HW) e.g. C, C++, RTL (VHDL/Verilog) 13

  14. Correctness from specification to implementation User Requirements High-level Specification Translate Optimizer Design and Analysis (Simulink) Implement Controller (SW/HW) e.g. C, C++, RTL (VHDL/Verilog) 14

  15. What can be done at the design level? D. Araiza Illan, K. Eder, A. Richards. Formal Verification of Control Systems’ Properties with Theorem Proving. International Conference on Control (CONTROL), pp. 244 - 249. IEEE, Jul 2014. http://dx.doi.org/10.1109/CONTROL.2014.6915147 D. Araiza Illan, K. Eder, A. Richards. Verification of Control Systems Implemented in Simulink with Assertion Checks and Theorem Proving: A Case Study . European Control Conference (ECC), pp. 2670 - 2675. Jul 2015. http://arxiv.org/abs/1505.05699 15

  16. Simulink in Control System Design Control systems design level Implementation level Code Important to distinguish design flaws from coding bugs § Analysis techniques from control systems theory (e.g., stability) § Serve as requirements/specification § For (automatic) code generation 16

  17. Verifying Stability Stability Matrix P > 0 (Lyapunov function) Matrix Equivalence P − (A − BK) T P(A − BK) > 0 V(k)-V(k-1) = x(k-1) T [(A − BK) T P(A − BK)-P] x(k-1) (Lyapunov's equation application) (Lyapunov function's difference) Capture control systems requirements Retain in code Add as assertions implementation

  18. Assertion-Based Verification 18

  19. Assertion-Based Verification 19

  20. Combining Verification Techniques Stability Matrix P > 0 (Lyapunov function) Matrix Equivalence P − (A − BK) T P(A − BK) > 0 V(k)-V(k-1) = x(k-1) T [(A − BK) T P(A − BK)-P] x(k-1) (Lyapunov's equation application) (Lyapunov function's difference) Formalize logic theory to capture the Simulink design Axiom: Bu = B * u ... … Automatic Test in simulation theorem proving Goal: vdiff == vdiff_an 20

  21. Moral No single technique is adequate to cover a whole design in practice. Combine techniques and learn from areas where verification is more mature. 21

  22. http://github.com/riveras/simulink D. Araiza Illan, K. Eder, A. Richards. Formal Verification of Control Systems’ Properties with Theorem Proving. International Conference on Control (CONTROL), pp. 244 - 249. IEEE, Jul 2014. http://dx.doi.org/10.1109/CONTROL.2014.6915147 D. Araiza Illan, K. Eder, A. Richards. Verification of Control Systems Implemented in Simulink with Assertion Checks and Theorem Proving: A Case Study . European Control Conference (ECC), pp. 2670 - 2675. Jul 2015. 22 http://arxiv.org/abs/1505.05699

  23. What can be done to increase the productivity of simulation-based testing? D. Araiza-Illan, D. Western, A. Pipe, and K. Eder, “Coverage-Driven Verification: An Approach to Verify Code for Robots that Directly Interact with Humans,” in Haifa Verification Conference, Haifa, Israel, 2015. http://link.springer.com/chapter/10.1007/978-3-319-26287-1_5 D. Araiza-Illan, D. Western, A. G. Pipe, and K. Eder, “Systematic and Realistic Testing in Simulation of Control Code for Robots in Collaborative Human-Robot Interactions,” in Towards Autonomous Robotic Systems (TAROS), Jun. 2016. http://link.springer.com/chapter/10.1007/978-3-319-40379-3_3 D. Araiza-Illan, A. G. Pipe, and K. Eder, “Intelligent Agent-Based Stimulation for Testing Robotic Software in Human-Robot Interactions,” in Third Workshop on Model-Driven Robot Software Engineering (MORSE), Dresden, Germany, 2016. http://arxiv.org/abs/1604.05508 23

  24. Challenges § Complexity – HW – SW Simulator UE4/Carla § High levels of Concurrency § Experiments – Expensive – Unsafe Assertion Database 24 Postgis/postgreSQL

  25. Challenges § Complexity – HW – SW – People – Environment § High levels of Simulator Concurrency UE4/Carla § Experiments – Expensive – Unsafe Assertion Database 25 Postgis/postgreSQL

  26. We are investigating … § Testing in simulation § Techniques well established in microelectronics design verification – Coverage-Driven Verification … to verify code that controls robots ... 26

  27. We are investigating … § Testing in simulation § Techniques well established in microelectronics design verification – Coverage-Driven Verification … to verify code that controls robots and AVs 27

  28. CDV to automate simulation-based testing Dejanira Araiza-Illan, David Western, Anthony Pipe and Kerstin Eder. Coverage-Driven Verification — An Approach to Verify Code for Robots that Directly Interact with Humans . In Hardware and Software: Verification and Testing, pp. 69-84. Lecture Notes in Computer Science 9434. Springer, November 2015. (DOI 10.1007/978-3-319-26287-1_5) Dejanira Araiza-Illan, David Western, Anthony Pipe and Kerstin Eder. Systematic and Realistic Testing in Simulation of Control Code for Robots in Collaborative Human-Robot Interactions . 17th Annual Conference Towards Autonomous Robotic Systems (TAROS 2016), pp. 20-32. Lecture Notes in Artificial Intelligence 9716. Springer, June 2016. (DOI 10.1007/978-3-319-40379-3_3)

  29. CDV for Human-Robot Interaction Dejanira Araiza-Illan, David Western, Anthony Pipe and Kerstin Eder. Systematic and Realistic Testing in Simulation of Control Code for Robots in Collaborative Human-Robot Interactions . 17th Annual Conference Towards Autonomous Robotic Systems (TAROS 2016), pp. 20-32. Lecture Notes in Computer Science 9716. Springer, June 2016. DOI 10.1007/978-3-319-40379-3_3

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Gaining Confidence in the Correctness of Robotic and Autonomous Systems Kerstin Eder Design

Gaining Confidence in the Correctness of Robotic and Autonomous Systems Kerstin Eder Design

Gaining Confidence in the Correctness of Robotic and Autonomous Systems Kerstin Eder Design Automation and Verification Trustworthy Systems, University of Bristol Verification and Validation for Safety in Robots, Bristol Robotics Laboratory

1.22k views • 78 slides
The strategic impact of shale and renewables and gaining confidence in higher oil prices An

The strategic impact of shale and renewables and gaining confidence in higher oil prices An

The strategic impact of shale and renewables and gaining confidence in higher oil prices An European perspective STRICTLY PRIVATE & CONFIDENTIAL JP Morgan Center for Commodities Jan-Hein Jesse ECT - Origination Denver Business School,

389 views • 37 slides
THE LISTING PRESENTATION A Natural Close! CONFIDENCE CONFIDENCE CONFIDENCE CONFIDENCE Hi

THE LISTING PRESENTATION A Natural Close! CONFIDENCE CONFIDENCE CONFIDENCE CONFIDENCE Hi

THE LISTING PRESENTATION A Natural Close! CONFIDENCE CONFIDENCE CONFIDENCE CONFIDENCE Hi (name??) Im Kerri! We had an appointment at ____ and its _____ time (so, Im actually ahead of the game)! <<pause>> Thank

50 views • 4 slides
Gaining Insights, Gaining Access WHAT WE LEARNED FROM SENIOR FARMERS WITHOUT SUCCESSORS NOVEMBER

Gaining Insights, Gaining Access WHAT WE LEARNED FROM SENIOR FARMERS WITHOUT SUCCESSORS NOVEMBER

Gaining Insights, Gaining Access WHAT WE LEARNED FROM SENIOR FARMERS WITHOUT SUCCESSORS NOVEMBER 24, 2015 Gaining Insights Research Project A seven-state (New York and New England) project done in collaboration with and a 10-member Advisory

389 views • 25 slides
Proving Program Correctness The Axiomatic Approach What is Correctness? Correctness:

Proving Program Correctness The Axiomatic Approach What is Correctness? Correctness:

3/10/10 Proving Program Correctness The Axiomatic Approach What is Correctness? Correctness: partial correctness + termination Partial correctness: Program implements its specification 1 3/10/10 Proving Partial Correctness

420 views • 13 slides
CS70: Jean Walrand: Lecture 29. Confidence? Confidence? Confidence is essential is many

CS70: Jean Walrand: Lecture 29. Confidence? Confidence? Confidence is essential is many

CS70: Jean Walrand: Lecture 29. Confidence? Confidence? Confidence is essential is many applications: You flip a coin once and get H . How effective is a medication? Do think that Pr [ H ] = 1? Confidence Intervals Are we sure of the

301 views • 3 slides
Under the Robotic Knife: A Verifiable Controller for use of Multiple Robotic Arms in Surgery

Under the Robotic Knife: A Verifiable Controller for use of Multiple Robotic Arms in Surgery

Zachary Barnes CS 15-424: CPS Grand Prix Under the Robotic Knife: A Verifiable Controller for use of Multiple Robotic Arms in Surgery Multi-Arm Surgical Robotics Conclusion Problem Models

651 views • 15 slides
K. M. ABRAHAM SEBI Confidence through collaboration Crisis of confidence Fear

K. M. ABRAHAM SEBI Confidence through collaboration Crisis of confidence Fear

Enhancing Regional Financial Cooperation in South Asia A Regulators Perspective K. M. ABRAHAM SEBI Confidence through collaboration Crisis of confidence Fear uncertainty Looking for scapegoats Confidence building

247 views • 22 slides
08Program Verification II CS 5209: Foundation in Logic and AI Martin Henz and Aquinas Hobor

08Program Verification II CS 5209: Foundation in Logic and AI Martin Henz and Aquinas Hobor

Review Hoare Triples; Partial and Total Correctness Practical Aspects of Correctness Proofs Correctness of the Factorial Function Proof Calculus for Total Correctness 08Program Verification II CS 5209: Foundation in Logic and AI Martin

778 views • 39 slides
Program Correctness Assert formal correctness statements about

Program Correctness Assert formal correctness statements about

Program Correctness Assert formal correctness statements about cri4cal parts of a program and reason effec4vely A program is intended to carry out a

1.01k views • 57 slides
Dunk Island Work Experience work! We joined the rest of the staff in June 1 - 7, 2008 the

Dunk Island Work Experience work! We joined the rest of the staff in June 1 - 7, 2008 the

Issue 08, June 20, 2008 quickly gaining THOUGHT FOR THE DAY confidence with the There is no limit to what can be accomplished if it doesn't routines and the matter who gets the credit - Ralph Waldo Emerson guests. What a beautiful

995 views • 4 slides
In 2000, the first application of robotic surgery in a case of prostate cancer in the

In 2000, the first application of robotic surgery in a case of prostate cancer in the

Vassilis Poulakis MD, PhD, FEBU Professor of Urology University of Frankfurt am Main, Germany Head of Urological Clinic and Robotic Urological Centre Metropolitan Hospital Athens, Greece In 2000, the first application of robotic surgery in a

792 views • 9 slides
Kronnika Presentation August, 2020 2 2 What is Robotic Process Automation ? Robotic

Kronnika Presentation August, 2020 2 2 What is Robotic Process Automation ? Robotic

1 1 Kronnika Presentation August, 2020 2 2 What is Robotic Process Automation ? Robotic Process Automation (RPA) - is automation software with artificial intelligence and machine learning capabilities that simulates humans

752 views • 30 slides
Demonstration of Methodology 1. Determine Confidence of Hydrographic Holdings. Measuring

Demonstration of Methodology 1. Determine Confidence of Hydrographic Holdings. Measuring

Demonstration of Methodology 1. Determine Confidence of Hydrographic Holdings. Measuring Equipment Used High Confidence Age of Data Med. Confidence Surveying Low Confidence Technique Unassessed Other CAN and USA used Electronic

194 views • 6 slides
Lecture 25/Chapter 21 Estimating Means with Confidence Example: Meaning of Confidence Interval

Lecture 25/Chapter 21 Estimating Means with Confidence Example: Meaning of Confidence Interval

Lecture 25/Chapter 21 Estimating Means with Confidence Example: Meaning of Confidence Interval Reviewing Conditions and Rules Constructing a Confidence Interval for a Mean Matched Pairs & Two-Sample Studies Inference for

330 views • 28 slides
Robotic Navigation Unit Team 42 Robotic Navigation Unit Dr. Crassidis Faculty Mentor

Robotic Navigation Unit Team 42 Robotic Navigation Unit Dr. Crassidis Faculty Mentor

Robotic Navigation Unit Team 42 Robotic Navigation Unit Dr. Crassidis Faculty Mentor Antonija Soldo Team Leader/EE Aneta Rozwadowska - EE Andrew Fishbaugh - ME Ian Kunsch - ME Michael Oswald - ME Stephen

392 views • 16 slides
Decision making in Multiagent settings DEC- POMDP December 7 Mohammad Ali Asgharpour Setyani

Decision making in Multiagent settings DEC- POMDP December 7 Mohammad Ali Asgharpour Setyani

Decision making in Multiagent settings DEC- POMDP December 7 Mohammad Ali Asgharpour Setyani Motivation Models Algorithms Outline Starcraft Project Conclusion Motivation Application Domains : Multi-robot

376 views • 26 slides
Choosing T omcat Connectors Jean-Frederic Clere What I will cover Who I am. Connectors

Choosing T omcat Connectors Jean-Frederic Clere What I will cover Who I am. Connectors

Choosing T omcat Connectors Jean-Frederic Clere What I will cover Who I am. Connectors JIO, NIO, NIO2, APR AJP/HTTP Proxy AJP/HTTP Performances tests With ab or customized client load generator. Questions?

1.52k views • 47 slides
Processes Chi Zhang czhang@cs.fiu.edu Outline Processes and Threads Clients Servers Code

Processes Chi Zhang czhang@cs.fiu.edu Outline Processes and Threads Clients Servers Code

COP 6611 Advanced Operating System Processes Chi Zhang czhang@cs.fiu.edu Outline Processes and Threads Clients Servers Code Migration Software Agents 2 1 Introduction to Threads A process is a program in execution Program counter,

391 views • 13 slides
1 OLEMAS - OLEMAS - Agent Architecture Learning algorithm (I) Use of prototypical

1 OLEMAS - OLEMAS - Agent Architecture Learning algorithm (I) Use of prototypical

4.4. Evolutionary learning of Evolutionary Algorithms: cooperative behavior: OLEMAS (I) Genetic Algorithms Denzinger and Fuchs (1996) Basic Idea: Use the biological model of evolution to improve solutions of problems OLEMAS: OffLine

172 views • 5 slides
1 Agillas System Architecture Agillas Computational Model Node @ (2,1) Node @ (1,1)

1 Agillas System Architecture Agillas Computational Model Node @ (2,1) Node @ (1,1)

Wireless Sensor Networks (WSNs) Middleware for Sensor Networks: Integration of entire system into a tiny Agilla, Agimone and Servilla package (CPU, RAM, wireless NIC, sensors) Battery Powered Weak radio (IEEE 802.15.4) Chien

820 views • 13 slides
or, Learning and Planning with Markov Decision Processes 295 Seminar, Winter 2018 Rina Dechter

or, Learning and Planning with Markov Decision Processes 295 Seminar, Winter 2018 Rina Dechter

Reinforcement Learning or, Learning and Planning with Markov Decision Processes 295 Seminar, Winter 2018 Rina Dechter Slides will follow David Silvers, and Suttons book Goals: To learn together the basics of RL. Some lectures and classic

1.56k views • 127 slides
The Session Initiation Protocol (SIP) Henning Schulzrinne Dept. of Computer Science Columbia

The Session Initiation Protocol (SIP) Henning Schulzrinne Dept. of Computer Science Columbia

hgs/SIP Tutorial 1 The Session Initiation Protocol (SIP) Henning Schulzrinne Dept. of Computer Science Columbia University New York, New York (sip:)schulzrinne@cs.columbia.edu May 2001 hgs/SIP Tutorial 2 Overview protocol

1.86k views • 137 slides
Who We Are Our mission at CFED is to make it possible for

Who We Are Our mission at CFED is to make it possible for

Who We Are Our mission at CFED is to make it possible for millions of people to achieve financial security and contribute to an opportunity economy. How do we do it We push to expand innovative

952 views • 70 slides

More recommend