10 research outputs found
Formal Verification of Astronaut-Rover Teams for Planetary Surface Operations
This paper describes an approach to assuring the reliability of autonomous systems for Astronaut-Rover (ASRO) teams using the formal verification of models in the Brahms multi-agent modelling language. Planetary surface rovers have proven essential to several manned and unmanned missions to the moon and Mars. The first rovers were tele- or manuallyoperated, but autonomous systems are increasingly being used to increase the effectiveness and range of rover operations on missions such as the NASA Mars Science Laboratory. It is anticipated that future manned missions to the moon and Mars will use autonomous rovers to assist astronauts during extravehicular activity (EVA), including science, technical and construction operations. These ASRO teams have the potential to significantly increase the safety and efficiency of surface operations. We describe a new Brahms model in which an autonomous rover may perform several different activities including assisting an astronaut during EVA. These activities compete for the autonomous rovers “attention’ and therefore the rover must decide which activity is currently the most important and engage in that activity. The Brahms model also includes an astronaut agent, which models an astronauts predicted behaviour during an EVA. The rover must also respond to the astronauts activities. We show how this Brahms model can be simulated using the Brahms integrated development environment. The model can then also be formally verified with respect to system requirements using the SPIN model checker, through automatic translation from Brahms to PROMELA (the input language for SPIN). We show that such formal verification can be used to determine that mission- and safety critical operations are conducted correctly, and therefore increase the reliability of autonomous systems for planetary rovers in ASRO teams
Continuous Planning and Execution with Timelines
Planning systems need to be endowed with some additional features to cope effectively with execution: e.g., the ability to keep the plan database updated with respect to the actual feedbacks provided by the controlled system, to mention but one. In this paper, we identify a set of noteworthy planning and execution open issues relatively to the timeline-based planning approach. We address those issues presenting a domain independent deliberative system, implemented on top of the APSI-TRF, the A PSI Timeline-based Representation Framework, extended with timeline dispatching and execution-supervision capabilities so as to allow continuous planning and closed-loop re-planning activities. Some ongoing research directions are also briefly introduced
Developing a distributed electronic health-record store for India
The DIGHT project is addressing the problem of building a scalable and highly available information store for the Electronic Health Records (EHRs) of the over one billion citizens of India
Swarm Communication in Space - Evaluating Ad-Hoc Routing Protocols for In-Situ Space Exploration Networks
Upcoming space exploration missions targeted on visiting extraterrestrial worlds like the surface of other planets and moons in our solar system demand new technologies due to more complex mission designs. The utilization of multiple robotic units during such missions enables the investigation of a broad surface area. By establishing communication channels between all the robotic units, a swarm of agents is created capable of jointly executing scientific tasks. These will include the collection of sensor data which is distributed within the swarm agents and sensor measurements, time synchronization, and localization information will be exchanged between the agents. The German Aerospace Center (DLR) has designed a wireless communication system that is suitable for space exploration missions of this type where autonomous robots jointly explore unknown terrain on extraterrestrial worlds. The system enables data transmission as well as localization of the swarm agents by implementing a Physical Layer (PHY) and Medium Access Control (MAC) for unit-to-unit communication in the context of an ad-hoc network during in-situ space exploration missions. To allow the communication of swarm agents which are not in direct communication range, routing protocols are needed to relay packets of other agents. This work presents a network simulation environment focused on in-situ space exploration missions for the evaluation of existing ad-hoc routing protocols. The simulation utilizes a wireless MAC using a Time Division Multiple Access (TDMA) channel access function implemented in this work resembling the DLR MAC on the network’s nodes. Elevation data of the Moon’s surface is taken into account for radio-propagation modeling in the simulation. Within this simulation environment 11 different experiment designs are implemented to evaluate the performance differences of the Dynamic MANET On-demand (DYMO), Destination-Sequenced Distance-Vector (DSDV), and Greedy Perimeter Stateless Routing (GPSR) protocols in operation on the TDMA MAC and a standard IEEE 802.11g MAC.
Performance metrics are defined to compare the routing protocols utilizing the different MACs. The evaluation reveals observations like less stable operation of all routing protocols on the TDMA MAC and a bias introduced to the route establishment of the protocols by the builtin ordering. Further, the differences observed in operation of the individual routing protocols is discussed in details, such as DSDV always being capable of establishing the shortest route to its destination whereas the other routing protocols chose longer routes. Especially DYMO preferred staying on longer routes if the shortest route was not initially available. It is concluded that the DLR MAC will benefit from applications and routing protocols being aware of the TDMA scheme and incorporating the TDMA cycles into their operation to avoid additional waiting times or biases
A Formal Methodology for Engineering Heterogeneous Railway Signalling Systems
Ph. D. Thesis.Over the last few decades, the safety assurance of cyber-physical systems has become one of the
biggest challenges in the field of model-based system engineering. The challenge arises from an
immense complexity of cyber-physical systems which have deeply intertwined physical, software
and network system aspects.
With significant improvements in a wireless communication and microprocessor technologies,
the railway domain has become one of the frontiers for deploying cyber-physical signalling
systems. However, because of the safety-critical nature of railway signalling systems, the
highest level of safety assurance is essential. This study attempts to address the challenge of
guaranteeing the safety of cyber-physical railway signalling systems by proposing a development
methodology based on formal methods. In particular, this study is concerned with the safety
assurance of heterogeneous cyber-physical railway signalling systems, which have emerged by
gradually replacing outdated signalling systems and integrating mainline with urban signalling
systems. The main contribution of this work is a formal development methodology of railway
signalling systems. The methodology is based on the Event-B modelling language, which
provides an expressive modelling language, a stepwise model development and a proof-based
model verification. At the core of the methodology is a generic communication-based railway
signalling Event-B model, which can be further refined to capture specific heterogeneous or
homogeneous railway signalling configurations. In order to make signalling modelling more
systematic we developed communication and hybrid railway signalling modelling patterns.
The proposed methodology and modelling patterns have been evaluated on two case studies.
The evaluation shows that the methodology does provide a system-level railway signalling
modelling and verification method. This is crucial for verifying the safety of cyber-physical
systems, as safety is dependent on interactions between different subsystems. However, the study
has also shown that automatic formal verification of hybrid systems is still a major challenge and
must be addressed in the future work in order to make this methodology more practical.(EPSRC and Siemens
Rail Automation