3 research outputs found

    Cohorts and Groups for Safe and Efficient Autonomous Driving on Highways

    Get PDF
    International audienceWe introduce constructs aimed at reconciling safety and efficiency for ad hoc highway-centric clusters of autonomous vehicles. The cohort construct is an ad hoc variant of the platoon construct. We show how to enforce safe inter-vehicle spacing in cohorts despite inaccurate vehicle space-time coordinates and failing telemetry capabilities, via neighbor-to-neighbor beaconing based on short range unidirectional communications. Worst-case analytical results are established for safe spacing bounds. A classical spacing algorithm is revisited, and proofs of usability in a discrete time beaconing model are given. Along with the group construct, which is based on prefixing usage of sensing-based solutions with omnidirectional inter-vehicular communications, we present a categorization of safety-critical scenarios. We discuss the benefits resulting from prefixing vehicle maneuvers with vehicle role assignments in safety-critical scenarios

    Spécification et validation d’un réseau de communication de type Ethernet Commuté pour systèmes avioniques militaires de nouvelles générations

    Get PDF
    La complexité et l'hétérogénéité des réseaux avioniques militaires actuels sont des freins au besoin d'accroissemnt de connectivité des fonctions embarquées dans les aéronefs de nouvelle génération. Ces facteurs rendent difficile la détermination des délais de communication et la vérification des contraintes temps réel. Cette thèse est une proposition de remplacement de ces réseaux par une architecture homogène basée sur la technologie de l'Ethernet commuté full duplex. Les contributions principales résident dans la conception et la validation de deux nouvelles architectures avioniques. La première est à contrôle décentralisé, basée sur un schéma de communication asynchrone; tandis que la deuxième est à contrôle centralisé , basée sur un schéma de communication synchrone. Nous avons détaillé le principe de fonctionnement et les caractéristiques de chacune d'elles. Puis, nous avons évalué analytiquement les garanties déterministes offertes par chaque architecture avionique proposée. ABSTRACT : The current military interconnection system in no longer effective in meeting the emerging needs of next generation military applications. In fact, the complexity and heterogeneity of this network limit system modularity and make the real time constraints guarantees difficult to prove. In this thesis, Full Duplex Switched Ethernet is put forward as a future interconnection technology to replace the current military avionic architecture. Our main contributions lie in the design and validation of two new avionics architectures.The first is based on decentralized control with an asynchronous communication pattern; while the second is based on a centralized control with a synchronous communication scheme. First, we detailed the characteristics of each one. Then, delay bound analysis are conducted to evaluate the deterministic guarantees offered by each proposed architecture. Theoretical analysis are then investigated in the case of a realistic military aircarft network

    Evaluating the performance of distributed agreement algorithms:tools, methodology and case studies

    Get PDF
    Nowadays, networked computers are present in most aspects of everyday life. Moreover, essential parts of society come to depend on distributed systems formed of networked computers, thus making such systems secure and fault tolerant is a top priority. If the particular fault tolerance requirement is high availability, replication of components is a natural choice. Replication is a difficult problem as the state of the replicas must be kept consistent even if some replicas fail, and because in distributed systems, relying on centralized control or a certain timing behavior is often not feasible. Replication in distributed systems is often implemented using group communication. Group communication is concerned with providing high-level multipoint communication primitives and the associated tools. Most often, an emphasis is put on tolerating crash failures of processes. At the heart of most communication primitives lies an agreement problem: the members of a group must agree on things like the set of messages to be delivered to the application, the delivery order of messages, or the set of processes that crashed. A lot of algorithms to solve agreement problems have been proposed and their correctness proven. However, performance aspects of agreement algorithms have been somewhat neglected, for a variety of reasons: the lack of theoretical and practical tools to help performance evaluation, and the lack of well-defined benchmarks for agreement algorithms. Also, most performance studies focus on analyzing failure free runs only. In our view, the limited understanding of performance aspects, in both failure free scenarios and scenarios with failure handling, is an obstacle for adopting agreement protocols in practice, and is part of the explanation why such protocols are not in widespread use in the industry today. The main goal of this thesis is to advance the state of the art in this field. The thesis has major contributions in three domains: new tools, methodology and performance studies. As for new tools, a simulation and prototyping framework offers a practical tool, and some new complexity metrics a theoretical tool for the performance evaluation of agreement algorithms. As for methodology, the thesis proposes a set of well-defined benchmarks for atomic broadcast algorithms (such algorithms are important as they provide the basis for a number of replication techniques). Finally, three studies are presented that investigate important performance issues with agreement algorithms. The prototyping and simulation framework simplifies the tedious task of developing algorithms based on message passing, the communication model that most agreement algorithms are written for. In this framework, the same implementation can be reused for simulations and performance measurements on a real network. This characteristic greatly eases the task of validating simulation results with measurements (or vice versa). As for theoretical tools, we introduce two complexity metrics that predict performance with more accuracy than the traditional time and message complexity metrics. The key point is that our metrics take account for resource contention, both on the network and the hosts; resource contention is widely recognized as having a major impact on the performance of distributed algorithms. Extensive validation studies have been conducted. Currently, no widely accepted benchmarks exist for agreement algorithms or group communication toolkits, which makes comparing performance results from different sources difficult. In an attempt to consolidate the situation, we define a number of benchmarks for atomic broadcast. Our benchmarks include well-defined metrics, workloads and failure scenarios (faultloads). The use of the benchmarks is illustrated in two detailed case studies. Two widespread mechanisms for handling failures are unreliable failure detectors which provide inconsistent information about failures, and a group membership service which provides consistent information about failures, respectively. We analyze the performance tradeoffs of these two techniques, by comparing the performance of two atomic broadcast algorithms designed for an asynchronous system. Based on our results, we advocate a combined use of the two approaches to failure handling. In another case study, we compare two consensus algorithms designed for an asynchronous system. The two algorithms differ in how they coordinate the decision process: the one uses a centralized and the other a decentralized communication schema. Our results show that the performance tradeoffs are highly affected by a number of characteristics of the environment, like the availability of multicast and the amount of contention on the hosts versus the amount of contention on the network. Famous theoretical results state that a lot of important agreement problems are not solvable in the asynchronous system model. In our third case study, we investigate how these results are relevant for implementations of a replicated service, by conducting an experiment in a local area network. We exposed a replicated server to extremely high loads and required that the underlying failure detection service detects crashes very fast; the latter is important as the theoretical results are based on the impossibility of reliable failure detection. We found that our replicated server continued working even with the most extreme settings. We discuss the reasons for the robustness of our replicated server
    corecore