specification the biggest bottleneck
play

Specification: The Biggest Bottleneck in Formal Methods and Autonomy - PowerPoint PPT Presentation

Feb 22, 2024 •231 likes •743 views

Successes Origins? Quality? Usage? Organization? Future Challenges Specification: The Biggest Bottleneck in Formal Methods and Autonomy 1 Kristin Yvonne Rozier Iowa State University February 13, 2017 1For expansions on these ideas, see:

  1. Successes Origins? Quality? Usage? Organization? Future Challenges Specification: The Biggest Bottleneck in Formal Methods and Autonomy 1 Kristin Yvonne Rozier Iowa State University February 13, 2017 1For expansions on these ideas, see: K.Y.Rozier. “Specification: The Biggest Bottleneck in Formal Methods and Autonomy.” VSTTE, 2016. Laboratory for Temporal Logic Kristin Yvonne Rozier Specification: The Biggest Bottleneck in FM & Autonomy

  2. Successes Origins? Quality? Usage? Organization? Future Challenges Design-Time Verification! Expected design-time component Recommended in DO-178B/C, D0-254 standards for Successfully applied in many aerospace contexts. . . Laboratory for Temporal Logic Kristin Yvonne Rozier Specification: The Biggest Bottleneck in FM & Autonomy

  3. Successes Origins? Quality? Usage? Organization? Future Challenges Runtime Verification and System Health Management! Required for Autonomy New: Intelligent Interfaces Hot topic: UTM, Mars, NextGen, . . . Laboratory for Temporal Logic Kristin Yvonne Rozier Specification: The Biggest Bottleneck in FM & Autonomy

  4. Successes Origins? Quality? Usage? Organization? Future Challenges A Recent Motivation. . . Crash of ESA’s ExoMars Schiaparelli Lander October 19, 2016 Laboratory for Temporal Logic Kristin Yvonne Rozier Specification: The Biggest Bottleneck in FM & Autonomy

  5. Successes Origins? Quality? Usage? Organization? Future Challenges A Recent Motivation. . . Crash of ESA’s ExoMars Schiaparelli Lander October 19, 2016 parachute deployed at: altitude of 7.5 miles (12 km) speed of 1,1075 mph (1,730 km/h) Laboratory for Temporal Logic Kristin Yvonne Rozier Specification: The Biggest Bottleneck in FM & Autonomy

  6. Successes Origins? Quality? Usage? Organization? Future Challenges A Recent Motivation. . . Crash of ESA’s ExoMars Schiaparelli Lander October 19, 2016 parachute deployed at: altitude of 7.5 miles (12 km) speed of 1,1075 mph (1,730 km/h) heat shield ejected at altitude of 4.85 miles (7.8 km) Laboratory for Temporal Logic Kristin Yvonne Rozier Specification: The Biggest Bottleneck in FM & Autonomy

  7. Successes Origins? Quality? Usage? Organization? Future Challenges A Recent Motivation. . . Crash of ESA’s ExoMars Schiaparelli Lander October 19, 2016 parachute deployed at: altitude of 7.5 miles (12 km) speed of 1,1075 mph (1,730 km/h) heat shield ejected at altitude of 4.85 miles (7.8 km) IMU miscalculated saturation-maximum period (by 1 sec) Laboratory for Temporal Logic Kristin Yvonne Rozier Specification: The Biggest Bottleneck in FM & Autonomy

  8. Successes Origins? Quality? Usage? Organization? Future Challenges A Recent Motivation. . . Crash of ESA’s ExoMars Schiaparelli Lander October 19, 2016 parachute deployed at: altitude of 7.5 miles (12 km) speed of 1,1075 mph (1,730 km/h) heat shield ejected at altitude of 4.85 miles (7.8 km) IMU miscalculated saturation-maximum period (by 1 sec) Navigation system calculated a negative altitude premature release of parachute & backshell firing of braking thrusters activation of on-ground systems at 2 miles (3.7 km) altitude Laboratory for Temporal Logic Kristin Yvonne Rozier Specification: The Biggest Bottleneck in FM & Autonomy

  9. Successes Origins? Quality? Usage? Organization? Future Challenges A Recent Motivation. . . Crash of ESA’s ExoMars Schiaparelli Lander October 19, 2016 parachute deployed at: altitude of 7.5 miles (12 km) speed of 1,1075 mph (1,730 km/h) heat shield ejected at altitude of 4.85 miles (7.8 km) IMU miscalculated saturation-maximum period (by 1 sec) Navigation system calculated a negative altitude premature release of parachute & backshell firing of braking thrusters activation of on-ground systems at 2 miles (3.7 km) altitude Crash at 185 mph (300 km/h) Laboratory for Temporal Logic Kristin Yvonne Rozier Specification: The Biggest Bottleneck in FM & Autonomy

  10. Successes Origins? Quality? Usage? Organization? Future Challenges A Recent Motivation. . . Crash of ESA’s ExoMars Schiaparelli Lander Sanity Checks Relevant to this Mission: The altitude cannot be negative. The rate of change of descent can’t be faster than gravity. The δ altitude must be within nominal parameters; it cannot change from 2 miles to a negative value in one time step. The saturation-maximum has an a priori known temporal bound. These sanity checks could have prevented the crash. Capability of such observations is required for autonomy . Laboratory for Temporal Logic Kristin Yvonne Rozier Specification: The Biggest Bottleneck in FM & Autonomy

  11. Successes Origins? Quality? Usage? Organization? Future Challenges Enabling Autonomy What do the humans do? 1 Pilot/control the system (on-board or remotely) 2 Provide self-awareness 3 Respond to off-nominal conditions 4 Make tough judgment calls Laboratory for Temporal Logic Kristin Yvonne Rozier Specification: The Biggest Bottleneck in FM & Autonomy

  12. Successes Origins? Quality? Usage? Organization? Future Challenges Enabling Autonomy What do the humans do? And how do we automate that? 1 Pilot/control the system (on-board or remotely) Autopilot 2 Provide self-awareness Runtime System Health Management (SHM) 3 Respond to off-nominal conditions Automated replanning and learning 4 Make tough judgment calls Algorithms like TCAS beat humans Ethical decisions are an open problem . . . Analysis from design-time and runtime is required for autonomy. Laboratory for Temporal Logic Kristin Yvonne Rozier Specification: The Biggest Bottleneck in FM & Autonomy

  13. Successes Origins? Quality? Usage? Organization? Future Challenges Specifications: Required for Formal Methods and Autonomy! Formal Methodology 2 1 specification language 2 repertoire of proof methods make early precise decisions about major functionalities remove ambiguities from the description of expected behavior 2Manna & Pnueli. The Temporal Logic of Reactive and Concurrent Systems: Specification . Springer, 1992. Laboratory for Temporal Logic Kristin Yvonne Rozier Specification: The Biggest Bottleneck in FM & Autonomy

  14. Successes Origins? Quality? Usage? Organization? Future Challenges Specifications: Required for Formal Methods and Autonomy! Formal Methodology 2 1 specification language Linear Temporal Logic 2 repertoire of proof methods make early precise decisions about major functionalities remove ambiguities from the description of expected behavior 2Manna & Pnueli. The Temporal Logic of Reactive and Concurrent Systems: Specification . Springer, 1992. Laboratory for Temporal Logic Kristin Yvonne Rozier Specification: The Biggest Bottleneck in FM & Autonomy

  15. Successes Origins? Quality? Usage? Organization? Future Challenges A Goal Aerospace System Design Process 3 Model Model Validation Validation via Specification Model SPEC Checking DEBUGGING M = Formal System Model REVISE System Model NO Build NO Testing and ERROR ERROR ... Design Check Prototype Simulation SPEC DEBUGGING YES USE SPECIFICATIONS Model FOR RUNTIME Verification MONITORING Specification YES 3Zhao & Rozier. “Formal Specification and Verification of a Coordination Protocol for an Automated Air Traffic Control System.” Science of Computer Programming Journal (96:3), pg 337-353, Elsevier, 2014. Laboratory for Temporal Logic Kristin Yvonne Rozier Specification: The Biggest Bottleneck in FM & Autonomy

  16. Successes Origins? Quality? Usage? Organization? Future Challenges A Goal Aerospace System Design Process 3 Model Model Validation Validation via Specification Model SPEC Checking DEBUGGING M = Formal System Model REVISE System Model NO Build NO Testing and ERROR ERROR ... Design Check Prototype Simulation SPEC DEBUGGING YES USE SPECIFICATIONS Model FOR RUNTIME Verification MONITORING Specification ... Garbage in, garbage out! YES 3Zhao & Rozier. “Formal Specification and Verification of a Coordination Protocol for an Automated Air Traffic Control System.” Science of Computer Programming Journal (96:3), pg 337-353, Elsevier, 2014. Laboratory for Temporal Logic Kristin Yvonne Rozier Specification: The Biggest Bottleneck in FM & Autonomy

  17. Successes Origins? Quality? Usage? Organization? Future Challenges The Bottom Line ... Bottom Line: M = Formal System INPUTS Model to formal analysis System Model ERROR ... are the Design Check ... BIGGEST Model challenge Verification Specification Laboratory for Temporal Logic Kristin Yvonne Rozier Specification: The Biggest Bottleneck in FM & Autonomy

  18. Successes Origins? Quality? Usage? Organization? Future Challenges Synthesis! Model checking: check M | = φ Problems: 4 Designing M is hard and expensive Re-designing M when M � φ is hard and expensive Synthesis: start from φ , design M such that M | = φ Simplifies verification No re-design For algorithmic derivations: no design! 4 M.Y.Vardi. “From Verification to Synthesis.” VSTTE 2008. Laboratory for Temporal Logic Kristin Yvonne Rozier Specification: The Biggest Bottleneck in FM & Autonomy

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Specification: The Biggest Bottleneck in Aerospace V&V and Autonomy Kristin Yvonne Rozier

Specification: The Biggest Bottleneck in Aerospace V&V and Autonomy Kristin Yvonne Rozier

Successes Challenges Future Challenges Specification: The Biggest Bottleneck in Aerospace V&V and Autonomy Kristin Yvonne Rozier University of Cincinnati May 6, 2016 Laboratory for Kristin Yvonne Rozier Specification: The Biggest

630 views • 16 slides
FREEING UP MELBOURNE'S BIGGEST BOTTLENECK PRESENTATION TO THE TOURISM INDUSTRY 29 AUGUST 2017

FREEING UP MELBOURNE'S BIGGEST BOTTLENECK PRESENTATION TO THE TOURISM INDUSTRY 29 AUGUST 2017

FREEING UP MELBOURNE'S BIGGEST BOTTLENECK PRESENTATION TO THE TOURISM INDUSTRY 29 AUGUST 2017 Evan Tattersall, CEO, Melbourne Metro Rail Authority MELBOURNES CHALLENGES POPULATION GROWTH NORTHERN +450,000 WESTERN EASTERN +420,000

1.33k views • 95 slides
von Neumann's bottleneck von Neumann machine One control unit that connects memory and

von Neumann's bottleneck von Neumann machine One control unit that connects memory and

von Neumann's bottleneck von Neumann machine One control unit that connects memory and processor Lecture 2: The connection between processor and memory is a bottleneck Performance Limitations Memory Bottleneck &

559 views • 34 slides
1 Good Requirements Graphical Languages? Specification Qualities Examples: Complete -

1 Good Requirements Graphical Languages? Specification Qualities Examples: Complete -

REQUIREMENT SPECIFICATION The Basic Waterfall Model Today: Requirements Specification Requirements Requirements tell us what the system should do - specification not how it should do it. Analysis & Requirements are

363 views • 3 slides
Wardrop Equilibria and Price of Stability in Bottleneck Games With Splittable Traffic Vladimir

Wardrop Equilibria and Price of Stability in Bottleneck Games With Splittable Traffic Vladimir

Bottleneck Games Properties of WE M/M/1 Latency Functions Conclusion Wardrop Equilibria and Price of Stability in Bottleneck Games With Splittable Traffic Vladimir Mazalov 1 Burkhard Monien 2 Florian Schoppmann 2 Karsten Tiemann 2 1 Karelian

843 views • 37 slides
Formal Specification and Verification Formal specification (2) 6.12.2016 Viorica

Formal Specification and Verification Formal specification (2) 6.12.2016 Viorica

Formal Specification and Verification Formal specification (2) 6.12.2016 Viorica Sofronie-Stokkermans e-mail: sofronie@uni-koblenz.de 1 Until now Logic Formal specification (generalities) Algebraic specification Transition systems 2

798 views • 62 slides
REQUIREMENT Requirement specification SPECIFICATION motivation and basics Today:

REQUIREMENT Requirement specification SPECIFICATION motivation and basics Today:

REQUIREMENT Requirement specification SPECIFICATION motivation and basics Today: Requirements Specification Requirement specification is generally a crucial phase of an Jyrki Nummenmaa University of Tampere, CS Department Jyrki

244 views • 3 slides
Formal Specification and Verification Formal specification Temporal logic 12.06.2012

Formal Specification and Verification Formal specification Temporal logic 12.06.2012

Formal Specification and Verification Formal specification Temporal logic 12.06.2012 Viorica Sofronie-Stokkermans e-mail: sofronie@uni-koblenz.de 1 Formal specification Specification for program/system Specification for

443 views • 21 slides
specification free monitoring CS 119 can we avoid writing specs? specification and programming

specification free monitoring CS 119 can we avoid writing specs? specification and programming

specification free monitoring CS 119 can we avoid writing specs? specification and programming specification runtime verification program input output 2 properties can be hard to write To quote quite excellent NASA software engineer

987 views • 65 slides
Formal Specification and Verification Formal specification (2) 29.11.2016 Viorica

Formal Specification and Verification Formal specification (2) 29.11.2016 Viorica

Formal Specification and Verification Formal specification (2) 29.11.2016 Viorica Sofronie-Stokkermans e-mail: sofronie@uni-koblenz.de 1 Until now Logic Formal specification (generalities) Algebraic specification 2 Formal

627 views • 19 slides
CONTENTS The bottleneck in Drug Discovery 3

CONTENTS The bottleneck in Drug Discovery 3

CONTENTS The bottleneck in Drug Discovery 3 Syncrosomes Preclinical Offer 4 5 In short 6 Drug Efficacy services

160 views • 12 slides
Software specification in CASL - The Common Algebraic Specification Language Till Mossakowski,

Software specification in CASL - The Common Algebraic Specification Language Till Mossakowski,

Software specification in CASL - The Common Algebraic Specification Language Till Mossakowski, Lutz Schr oder October 2006 2 Overview Why formal specification? Waterfall Model Example: sorting CASL the Common Algebraic

542 views • 43 slides
More demanding workload Design Goals ____ More demanding workload Bottleneck: Network stack in

More demanding workload Design Goals ____ More demanding workload Bottleneck: Network stack in

More demanding workload Design Goals ____ More demanding workload Bottleneck: Network stack in OS (~300 Kops per core) Bottleneck: Network stack in OS (~300 Kops per core) e.g. DPDK, mtcp, libvma, two-sided RDMA Bottlenecks: CPU random

652 views • 51 slides
Formal Specification Techniques Knowledge of typical approaches to formal software specification

Formal Specification Techniques Knowledge of typical approaches to formal software specification

Goals Understanding of the motivation of mathematical approaches to software specification Formal Specification Techniques Knowledge of typical approaches to formal software specification CAS 707 and verification McMaster University, Winter

106 views • 6 slides
HALAX HEALTH BIGGEST TOILET TECHNOLOGY INNOVATIONS SINCE 1917 HALAX OY FINLAND THE BIGGEST

HALAX HEALTH BIGGEST TOILET TECHNOLOGY INNOVATIONS SINCE 1917 HALAX OY FINLAND THE BIGGEST

INVESTMENT OPPORTUNITY HALAX HEALTH BIGGEST TOILET TECHNOLOGY INNOVATIONS SINCE 1917 HALAX OY FINLAND THE BIGGEST HEALTH SOLUTIONS FOR BATHROOMS. Halax Oy Finland is a limited company founded in 2014. The company is a solution seller,

835 views • 23 slides
Looking Ahead Developing New Products and Specification Updates Specification Review Project

Looking Ahead Developing New Products and Specification Updates Specification Review Project

Looking Ahead Developing New Products and Specification Updates Specification Review Project Establish a timeline for annual research/new product development Seek versatile, high volume products that could be offered to both schools

430 views • 17 slides
Smoking Cessation Health overview and scrutiny 25 November 2019 www.worcestershire.gov.uk HOSC

Smoking Cessation Health overview and scrutiny 25 November 2019 www.worcestershire.gov.uk HOSC

Smoking Cessation Health overview and scrutiny 25 November 2019 www.worcestershire.gov.uk HOSC 25th November 2019 2 Smoking in the UK Smoking is one of the most important causes of preventable ill health and premature mortality in the

310 views • 27 slides
Laudato Si JANEZ POTONIK Co-chair UNEP International Resource Panel (IRP) Partner

Laudato Si JANEZ POTONIK Co-chair UNEP International Resource Panel (IRP) Partner

How to live the Laudato Si JANEZ POTONIK Co-chair UNEP International Resource Panel (IRP) Partner SYSTEMIQ 6 th June 2019 Who are we? The International Resource Panel Climate Change IRP was launched in 2007 with the idea of

822 views • 48 slides
American Physical Society Meeting - Salt Lake City, UT - 17 April 2016 Abstract: J7.00003 11:57

American Physical Society Meeting - Salt Lake City, UT - 17 April 2016 Abstract: J7.00003 11:57

American Physical Society Meeting - Salt Lake City, UT - 17 April 2016 Abstract: J7.00003 11:57 AM12:33 PM -- Leo Szilard Lectureship Award: How can physicists help the public make better decisions about science and technology? Joel R. Primack

416 views • 23 slides
Mark Hulbert ways of responding to lesson #1 BREAK/INTERMISSION The dos and donts of

Mark Hulbert ways of responding to lesson #1 BREAK/INTERMISSION The dos and donts of

2017-04-15 Lessons learned from four Outline of my presentation decades of tracking advisers Overall lesson #1: It is extremely returns difficult to beat the market Overall lesson #2: There are rational Mark Hulbert ways of

375 views • 11 slides
Optimal Solitaire Yahtzee Strategies Equipment 5 Dice : values 1 through 6 equiprobable

Optimal Solitaire Yahtzee Strategies Equipment 5 Dice : values 1 through 6 equiprobable

Optimal Solitaire Yahtzee Strategies Equipment 5 Dice : values 1 through 6 equiprobable 1 Score Card : Tom Verhoeff Category Score Eindhoven University of Technology Aces . . . S Faculty of Math. & Computing Science Twos

315 views • 18 slides
The world we have made as a result of the level of thinking we have done thus far creates

The world we have made as a result of the level of thinking we have done thus far creates

The world we have made as a result of the level of thinking we have done thus far creates problems we cannot solve at the same level of thinking at which we created them. - Albert Einstein University of Michigan Health Management Research

837 views • 36 slides
Beyond the Standard Model: Where do we go from here? Marie-Helene Genest, Howard E. Haber, and

Beyond the Standard Model: Where do we go from here? Marie-Helene Genest, Howard E. Haber, and

Beyond the Standard Model: Where do we go from here? Marie-Helene Genest, Howard E. Haber, and James Olsen 30 August 2018

489 views • 22 slides
FAME Final Presentation Days Noordwjik, 22-05-14 A. Guiotto (TAS-I) M. Bozzano (FBK) R. De

FAME Final Presentation Days Noordwjik, 22-05-14 A. Guiotto (TAS-I) M. Bozzano (FBK) R. De

FAME Final Presentation Days Noordwjik, 22-05-14 A. Guiotto (TAS-I) M. Bozzano (FBK) R. De Ferluc (TAS-F) 83230352-DOC-TAS-EN-001 23/05/2014 Ref.: Agenda 2 Study framework FAME Process FAME Proposed solution Demo of FAME Environment

616 views • 50 slides

More recommend