verification of robotic code and autonomous systems
play

Verification of Robotic Code and Autonomous Systems Kerstin Eder - PowerPoint PPT Presentation

Mar 05, 2024 •323 likes •840 views

Verification of Robotic Code and Autonomous Systems Kerstin Eder University of Bristol and Bristol Robotics Laboratory Verification and Validation for Safety in Robots To develop techniques and methodologies that can be used to design

  1. Verification of Robotic Code and Autonomous Systems Kerstin Eder University of Bristol and Bristol Robotics Laboratory

  2. Verification and Validation for Safety in Robots To develop techniques and methodologies that can be used to design autonomous intelligent systems that are verifiably trustworthy. 2

  3. Correctness from specification to implementation User Requirements High-level Specification Translate Optimizer Design and Analysis (Simulink) Implement Controller (SW/HW) e.g. C, C++, RTL (VHDL/Verilog) 3

  4. What can be done at the code level? P. Trojanek and K. Eder. Verification and testing of mobile robot navigation algorithms: A case study in SPARK. IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS). pp. 1489-1494. Sep 2014. http://dx.doi.org/10.1109/IROS.2014.6942753 4

  5. What can go wrong in robot navigation software? Generic bugs: § Array and vector out-of-bounds accesses § Null pointer dereferencing § Accesses to uninitialized data Domain-specific bugs: § Integer and floating-point arithmetic errors § Mathematic functions domain errors § Dynamic memory allocation and blocking inter- thread communication (non real-time) 5

  6. Verification Approach State of the art verification approaches: § Model checking: infeasible § Static analysis of C++: not possible § Static analysis of C: requires verbose and difficult to maintain annotations Our “Design for Verification” approach: § SPARK, a verifiable subset of Ada § No Memory allocation, pointers, concurrency § Required code modifications: § Pre- and post-conditions, loop (in)variants § Numeric subtypes (e.g. Positive) § Formal data containers 6

  7. Results § Three open-source implementations of navigation algorithms translated from C/C++ (2.7 kSLOC) to SPARK (3.5 kSLOC) • VFH+ (Vector Field Histogram) • ND (Nearness Diagram) • SND (Smooth Nearness-Diagram) navigation - Explicit annotations are less than 5% of the code - SPARK code is on average 30% longer than C/C++ § Several bugs discovered by run-time checks injected by the Ada compiler - Fixed code proved to be run-time safe - except floating-point over- and underflows - These require the use of complementary techniques, e.g. abstract interpretation. § Up to 97% of the verification conditions discharged automatically by SMT solvers in less than 10 minutes § Performance of the SPARK and C/C++ code similar 7

  8. http://github.com/riveras/spark-navigation P. Trojanek and K. Eder. Verification and testing of mobile robot navigation algorithms: A case study in SPARK. IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS). pp. 1489-1494. Sep 2014. http://dx.doi.org/10.1109/IROS.2014.6942753 8

  9. Correctness from Specification to Implementation User Requirements Verification (OL) High-level Specification Translate Verification Optimizer (IL) Design and Analysis (Simulink) Implement Controller (SW/HW) e.g. C, C++, RTL (VHDL/Verilog) 9

  10. What can be done at the design level? D. Araiza Illan, K. Eder, A. Richards. Formal Verification of Control Systems’ Properties with Theorem Proving. International Conference on Control (CONTROL), pp. 244 – 249. IEEE, Jul 2014. http://dx.doi.org/10.1109/CONTROL.2014.6915147 D. Araiza Illan, K. Eder, A. Richards. Verification of Control Systems Implemented in Simulink with Assertion Checks and Theorem Proving: A Case Study . European Control Conference (ECC), pp. tbc. Jul 2015. http://arxiv.org/abs/1505.05699 10

  11. Simulink Diagrams in Control Systems Control systems design level Implementation level Code § Simulating the control systems § Analysis techniques from control systems theory (e.g., stability) § Serve as requirements/specification § For (automatic) code generation 11

  12. Verifying Stability Stability Matrix P > 0 (Lyapunov function) Matrix Equivalence P − (A − BK) T P(A − BK) > 0 V(k)-V(k-1) = x(k-1) T [(A − BK) T P(A − BK)-P] x(k-1) (Lyapunov's equation application) (Lyapunov function's difference) Capture control systems requirements Retain in code Add as assertions implementation

  13. Assertion-Based Verification 13

  14. Combining Verification Techniques Stability Matrix P > 0 (Lyapunov function) Matrix Equivalence P − (A − BK) T P(A − BK) > 0 V(k)-V(k-1) = x(k-1) T [(A − BK) T P(A − BK)-P] x(k-1) (Lyapunov's equation application) (Lyapunov function's difference) First order logic theory of the Simulink diagram Axiom: Bu = B * u ... … Automatic Test in simulation theorem proving Goal: vdiff == vdiff_an 14

  15. http://github.com/riveras/simulink D. Araiza Illan, K. Eder, A. Richards. Formal Verification of Control Systems’ Properties with Theorem Proving. International Conference on Control (CONTROL), pp. 244 – 249. IEEE, Jul 2014. http://dx.doi.org/10.1109/CONTROL.2014.6915147 D. Araiza Illan, K. Eder, A. Richards. Verification of Control Systems Implemented in Simulink with Assertion Checks and Theorem Proving: A Case Study . European Control Conference (ECC), pp. tbc. Jul 2015. 15 http://arxiv.org/abs/1505.05699

  16. Simulation-based testing Why and how? D. Araiza Illan, D. Western, A. Pipe, K. Eder. Coverage-Driven Verification - An approach to verify code for robots that directly interact with humans. (In Proceedings of HVC 2015, November 2015) D. Araiza Illan, D. Western, A. Pipe, K. Eder. Model-Based, Coverage-Driven Verification and Validation of Code for Robots in Human-Robot Interactions. (under review for publication at ICRA 2016) 16

  17. Coverage-Driven Verification SUT 17

  18. Robotic Code J. Boren and S. Cousins, “The SMACH High-Level Executive,” 18 IEEE Robotics & Automation Magazine, vol. 17, no. 4, pp. 18–20, 2010.

  19. Coverage-Driven Verification Response Test SUT 19

  20. Coverage-Driven Verification Response Test Test SUT Generator 20

  21. Test Generator § Effective tests: - legal tests - meaningful events - interesting events - while exploring the system - typical vs extreme values § Efficient tests: - minimal set of tests (regression) § Strategies: - Pseudorandom (repeatability) - Constrained pseudorandom - Model-based to target specific scenarios 21

  22. Test Generator § Effective tests: - legal tests - meaningful events - interesting events - while exploring the system - typical vs extreme values § Efficient tests: - minimal set of tests (regression) § Strategies: - Pseudorandom (repeatability) - Constrained pseudorandom - Model-based to target specific scenarios 22

  23. Model-based Test Generation 23

  24. Model-based Test Generation 24

  25. Coverage-Driven Verification Checker Response Test Test SUT Generator 25

  26. Checker § Requirements as assertions monitors: - if [precondition], check [postcondition] � “If the robot decides the human is not ready, then the robot never releases an object”. - Implemented as automata § Continuous monitoring at runtime, self-checking – High-level requirements – Lower-level requirements depending on the simulation's detail (e.g., path planning, collision avoidance). assert {! (robot_3D_space == human_3D_space)} � 26

  27. Coverage-Driven Verification Checker Response Test Test SUT Generator 27

  28. Coverage-Driven Verification Checker Response Test Test SUT Generator Coverage Collector 28

  29. Coverage Collector § Coverage models: - Code coverage, from statement to MC/DC - Functional coverage - Requirements coverage - Cross-product functional coverage Cartesian product of environment actions, sensor states and robot actions - Coverage analysis enables feedback to test generation 29

  30. HRI Handover Scenario Requirements: § Functional and safety (ISO 13482:2014, ISO 10218-1) 30

  31. Requirements based on ISO 13482 and ISO 10218 31

  32. Requirements based on ISO 13482 and ISO 10218 32

  33. Requirements based on ISO 13482 and ISO 10218 33

  34. HRI Handover Scenario Coverage models: Code statement (robot high-level control) § Requirements in the form of Assertions § Cross-product functional coverage § 34

  35. Situation Coverage

  36. Functional Coverage 36

  37. Coverage Results

  38. Code Coverage Results Constrained Model-based Pseudorandom Coverage Hole 38

  39. Assertion Coverage Results § 100 pseudorandomly generated tests § 100 constrained pseudorandomly generated tests § 4 model-based tests 39

  40. Functional Coverage Results § 100 pseudorandomly generated tests § 160 model-based tests § 180 model-based constrained tests § 440 tests in total 40

  41. Coverage-Driven Verification Coverage analysis enables feedback to test generation Checker Response Test Test SUT Generator Coverage Collector 41

  42. Coverage-Driven Verification Coverage analysis enables feedback to test generation Checker Response Test Test SUT Generator Coverage Collector 42

  43. Stimulating the SUT Driver Checker Response Test Test SUT Generator Coverage Collector 43

  44. Stimulating the SUT Driver Checker Response Test Stimulus Test SUT Generator Coverage Collector 44

  45. Driver § Environmental components (models) interacting with the system's control software § Examples: humans, actuators (Gazebo), communication signals, sensors 45

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Gaining Confidence in the Correctness of Robotic and Autonomous Systems Kerstin Eder Design

Gaining Confidence in the Correctness of Robotic and Autonomous Systems Kerstin Eder Design

Gaining Confidence in the Correctness of Robotic and Autonomous Systems Kerstin Eder Design Automation and Verification Trustworthy Systems, University of Bristol Verification and Validation for Safety in Robots, Bristol Robotics Laboratory

1.22k views • 78 slides
Gaining Confidence in the Correctness of Robotic and Autonomous Systems Kerstin Eder Trustworthy

Gaining Confidence in the Correctness of Robotic and Autonomous Systems Kerstin Eder Trustworthy

Gaining Confidence in the Correctness of Robotic and Autonomous Systems Kerstin Eder Trustworthy Systems Laboratory Verification and Validation for Safety in Robots, Bristol Robotics Laboratory Designing Trustworthy Systems Create flawless

898 views • 65 slides
Autonomous Robotic Projects at Cyber Physical Systems Group Ol Olive iver Hftberger, Vi

Autonomous Robotic Projects at Cyber Physical Systems Group Ol Olive iver Hftberger, Vi

Autonomous Robotic Projects at Cyber Physical Systems Group Ol Olive iver Hftberger, Vi Vienn nna U Uni nive versit ity of Techno nology ( (Au Austria) 04/12/2013 Outline Autonomous Systems Robotic Equipment Projects and

678 views • 22 slides
Software Verification for Space Applications Part 2. Autonomous Systems G. Brat USRA/RIACS Main

Software Verification for Space Applications Part 2. Autonomous Systems G. Brat USRA/RIACS Main

Software Verification for Space Applications Part 2. Autonomous Systems G. Brat USRA/RIACS Main Objectives Implement a sustained and affordable human and robotic program to explore the solar system and beyond; Extend human presence

745 views • 37 slides
AUT 2019 - Robotic and Autonomous Systems + AI CDRE Chris Smith , CSM, RAN DG Littoral CMDR Paul

AUT 2019 - Robotic and Autonomous Systems + AI CDRE Chris Smith , CSM, RAN DG Littoral CMDR Paul

AUT 2019 - Robotic and Autonomous Systems + AI CDRE Chris Smith , CSM, RAN DG Littoral CMDR Paul Hornsby , RAN Navy Lead Autonomous Warfare Systems Welcome to Outcomes of AW18, Focus Groups Trends (and Threats) Future Strategy

290 views • 14 slides
Autonomous Robotic Vehicle Project University of Alberta Static Judging Presentation - RoboSub

Autonomous Robotic Vehicle Project University of Alberta Static Judging Presentation - RoboSub

Autonomous Robotic Vehicle Project University of Alberta Static Judging Presentation - RoboSub 2017 Mission Statement To promote, develop and apply the use of robotic systems to current and future generations Mechanical Systems Curtis Stewart

583 views • 34 slides
Verification of Robotics and Autonomous Deep Learning Verification Systems Safety Definition

Verification of Robotics and Autonomous Deep Learning Verification Systems Safety Definition

Verification of Robotics and Autonomous Systems Xiaowei Huang Challenges Verification of Robotics and Autonomous Deep Learning Verification Systems Safety Definition Challenges Approaches Experimental Results Verification in Xiaowei

1.21k views • 99 slides
A safety-oriented engineering process for autonomous robotic systems Fabio Federici, Giulio Mos

A safety-oriented engineering process for autonomous robotic systems Fabio Federici, Giulio Mos

Italian Workshop on Embedded Systems Siena, Italy, September 13-14 2018 A safety-oriented engineering process for autonomous robotic systems Fabio Federici, Giulio Mos Mancuso Created at UTRC-ALES UTC PROPRIETARY - This document contains no

795 views • 15 slides
The Serial Peripheral Interface (SPI) Corrado Santoro ARSLAB - Autonomous and Robotic Systems

The Serial Peripheral Interface (SPI) Corrado Santoro ARSLAB - Autonomous and Robotic Systems

The Serial Peripheral Interface (SPI) Corrado Santoro ARSLAB - Autonomous and Robotic Systems Laboratory Dipartimento di Matematica e Informatica - Universit` a di Catania, Italy santoro@dmi.unict.it L.S.M. 1 Course Corrado Santoro The

379 views • 15 slides
The Timers of the STM32 Microcontrollers Corrado Santoro ARSLAB - Autonomous and Robotic Systems

The Timers of the STM32 Microcontrollers Corrado Santoro ARSLAB - Autonomous and Robotic Systems

The Timers of the STM32 Microcontrollers Corrado Santoro ARSLAB - Autonomous and Robotic Systems Laboratory Dipartimento di Matematica e Informatica - Universit` a di Catania, Italy santoro@dmi.unict.it L.S.M. Course Corrado Santoro The

235 views • 19 slides
The I 2 C BUS Interface Corrado Santoro ARSLAB - Autonomous and Robotic Systems Laboratory

The I 2 C BUS Interface Corrado Santoro ARSLAB - Autonomous and Robotic Systems Laboratory

The I 2 C BUS Interface Corrado Santoro ARSLAB - Autonomous and Robotic Systems Laboratory Dipartimento di Matematica e Informatica - Universit` a di Catania, Italy santoro@dmi.unict.it L.S.M. 1 Course Corrado Santoro The I2C BUS Interface

974 views • 20 slides
Logic Programming with PROFETA Corrado Santoro ARSLAB - Autonomous and Robotic Systems Laboratory

Logic Programming with PROFETA Corrado Santoro ARSLAB - Autonomous and Robotic Systems Laboratory

Logic Programming with PROFETA Corrado Santoro ARSLAB - Autonomous and Robotic Systems Laboratory Dipartimento di Matematica e Informatica - Universit` a di Catania, Italy santoro@dmi.unict.it Programmazione Sistemi Robotici Corrado Santoro

475 views • 31 slides
How to drive a DC Motor Corrado Santoro ARSLAB - Autonomous and Robotic Systems Laboratory

How to drive a DC Motor Corrado Santoro ARSLAB - Autonomous and Robotic Systems Laboratory

How to drive a DC Motor Corrado Santoro ARSLAB - Autonomous and Robotic Systems Laboratory Dipartimento di Matematica e Informatica - Universit` a di Catania, Italy santoro@dmi.unict.it L. S. M. Course Corrado Santoro DC Motor Driving

413 views • 18 slides
The Analog to Digital Converter (ADC) Corrado Santoro ARSLAB - Autonomous and Robotic Systems

The Analog to Digital Converter (ADC) Corrado Santoro ARSLAB - Autonomous and Robotic Systems

The Analog to Digital Converter (ADC) Corrado Santoro ARSLAB - Autonomous and Robotic Systems Laboratory Dipartimento di Matematica e Informatica - Universit` a di Catania, Italy santoro@dmi.unict.it L.S.M. Course Corrado Santoro The Analog

1.27k views • 18 slides
Formal Verification of V2I aided Autonomous Driving Ishan Pardesi Dhruv Mahajan A hybrid

Formal Verification of V2I aided Autonomous Driving Ishan Pardesi Dhruv Mahajan A hybrid

Formal Verification of V2I aided Autonomous Driving Ishan Pardesi Dhruv Mahajan A hybrid systems approach 1 The problem Safety of Autonomous cars is paramount! It is important to invest in developing formal verification techniques to

819 views • 34 slides
The Clock of STM32F4 Corrado Santoro ARSLAB - Autonomous and Robotic Systems Laboratory

The Clock of STM32F4 Corrado Santoro ARSLAB - Autonomous and Robotic Systems Laboratory

The Clock of STM32F4 Corrado Santoro ARSLAB - Autonomous and Robotic Systems Laboratory Dipartimento di Matematica e Informatica - Universit` a di Catania, Italy santoro@dmi.unict.it L.S.M. Course Corrado Santoro The Clock of STM32F4 STM32

269 views • 12 slides
DUNE on Blue Gene / P Markus Blatt (Markus.Blatt@iwr.uni-heidelberg.de) joint work with: Olaf

DUNE on Blue Gene / P Markus Blatt (Markus.Blatt@iwr.uni-heidelberg.de) joint work with: Olaf

DUNE on Blue Gene / P Markus Blatt (Markus.Blatt@iwr.uni-heidelberg.de) joint work with: Olaf Ippisch and Felix Heimann Interdisziplin ares Zentrum f ur wissenschaftliches Rechnen Universit at Heidelberg SciComp 15, Barcelona, May 21,

747 views • 26 slides
A Domain Decomposition Method for Quasilinear Elliptic PDEs Using Mortar Finite Elements

A Domain Decomposition Method for Quasilinear Elliptic PDEs Using Mortar Finite Elements

W I S S E N T E C H N I K L E I D E N S C H A F T A Domain Decomposition Method for Quasilinear Elliptic PDEs Using Mortar Finite Elements Matthias Gsell and Olaf Steinbach Institute of Computational Mathematics DD23,

1.06k views • 42 slides
Density Functional Theory meets Bayesian Neural Networks: A New Paradigm in the Study of

Density Functional Theory meets Bayesian Neural Networks: A New Paradigm in the Study of

Density Functional Theory meets Bayesian Neural Networks: A New Paradigm in the Study of Neutron Stars Jorge Piekarewicz - Florida State University Highlights of 2015 Welcome to JPhysG's 2015 highlights! Before you get to the articles,

502 views • 18 slides
6 th Grad ade Math th & Scie ience nce Progra gram Inform ormati tion onal al Meeting

6 th Grad ade Math th & Scie ience nce Progra gram Inform ormati tion onal al Meeting

2019- 2020 6 th Grad ade Math th & Scie ience nce Progra gram Inform ormati tion onal al Meeting ting October 23, 2019 Mr. Michael Richards Dr. Christopher Herte Principal, LMS Mathematics/Science Supervisor 5-8 Mrs. Georgianna

621 views • 30 slides
Black Holes, Big and Small Impact on Galaxy Formation Luis C. Ho ( ) Kavli Institute

Black Holes, Big and Small Impact on Galaxy Formation Luis C. Ho ( ) Kavli Institute

Black Holes, Big and Small Impact on Galaxy Formation Luis C. Ho ( ) Kavli Institute for Astronomy and Astrophysics (KIAA) Peking University Wednesday, February 26, 14 Wednesday, February 26, 14 Wednesday, February 26, 14 Wednesday,

1.23k views • 93 slides
On computable fields of reals and some applications Victor Selivanov 1 A.P. Ershov IIS SB RAS

On computable fields of reals and some applications Victor Selivanov 1 A.P. Ershov IIS SB RAS

On computable fields of reals and some applications Victor Selivanov 1 A.P. Ershov IIS SB RAS (Novosibirsk) A joint work with Svetlana Selivanova (KAIST) WDCM-Conference, Novosibirsk, 24.07.2020 Victor Selivanov On computable fields of reals

758 views • 30 slides
Background Regarding The Incompleteness Theorems Modern logic began in the mid 19th century with

Background Regarding The Incompleteness Theorems Modern logic began in the mid 19th century with

Background Regarding The Incompleteness Theorems Modern logic began in the mid 19th century with the work of Boole, DeMorgan, and Jevons. Their goal was to develop a mathematics of logic, rather than thinking of logic as conceptually

397 views • 23 slides
Analytic Functions and Small Complexity Classes Akitoshi Kawamura, Florian Steinberg, Holger Thies

Analytic Functions and Small Complexity Classes Akitoshi Kawamura, Florian Steinberg, Holger Thies

Analytic Functions and Small Complexity Classes Akitoshi Kawamura, Florian Steinberg, Holger Thies Workshop on Mathematical Logic and its Applications Kyoto University, Kyoto, Japan September 16, 2016 1 TTE: Computable Real Numbers Computable

1.4k views • 93 slides

More recommend