Nachweislich sichere Bewegungsplanung für autonome Fahrzeuge durch Echtzeitverifikation

This thesis introduces fail-safe motion planning as the first approach to guarantee legal safety of autonomous vehicles in arbitrary traffic situations. The proposed safety layer verifies whether intended trajectories comply with legal safety and provides fail-safe trajectories when intended trajectories result in safety-critical situations. The presented results indicate that the use of fail-safe motion planning can drastically reduce the number of traffic accidents.Die vorliegende Arbeit führt ein neuartiges Verifikationsverfahren ein, mit dessen Hilfe zum ersten Mal die verkehrsregelkonforme Sicherheit von autonomen Fahrzeugen gewährleistet werden kann. Das Verifikationsverfahren überprüft, ob geplante Trajektorien sicher sind und generiert Rückfalltrajektorien falls diese zu einer unsicheren Situation führen. Die Ergebnisse zeigen, dass die Verwendung des Verfahrens zu einer deutlichen Reduktion von Verkehrsunfällen führt

Fusion of Data from Heterogeneous Sensors with Distributed Fields of View and Situation Evaluation for Advanced Driver Assistance Systems

In order to develop a driver assistance system for pedestrian protection, pedestrians in the environment of a truck are detected by radars and a camera and are tracked across distributed fields of view using a Joint Integrated Probabilistic Data Association filter. A robust approach for prediction of the system vehicles trajectory is presented. It serves the computation of a probabilistic collision risk based on reachable sets where different sources of uncertainty are taken into account

Game-Theoretic Safety Assurance for Human-Centered Robotic Systems

In order for autonomous systems like robots, drones, and self-driving cars to be reliably introduced into our society, they must have the ability to actively account for safety during their operation. While safety analysis has traditionally been conducted offline for controlled environments like cages on factory floors, the much higher complexity of open, human-populated spaces like our homes, cities, and roads makes it unviable to rely on common design-time assumptions, since these may be violated once the system is deployed. Instead, the next generation of robotic technologies will need to reason about safety online, constructing high-confidence assurances informed by ongoing observations of the environment and other agents, in spite of models of them being necessarily fallible.This dissertation aims to lay down the necessary foundations to enable autonomous systems to ensure their own safety in complex, changing, and uncertain environments, by explicitly reasoning about the gap between their models and the real world. It first introduces a suite of novel robust optimal control formulations and algorithmic tools that permit tractable safety analysis in time-varying, multi-agent systems, as well as safe real-time robotic navigation in partially unknown environments; these approaches are demonstrated on large-scale unmanned air traffic simulation and physical quadrotor platforms. After this, it draws on Bayesian machine learning methods to translate model-based guarantees into high-confidence assurances, monitoring the reliability of predictive models in light of changing evidence about the physical system and surrounding agents. This principle is first applied to a general safety framework allowing the use of learning-based control (e.g. reinforcement learning) for safety-critical robotic systems such as drones, and then combined with insights from cognitive science and dynamic game theory to enable safe human-centered navigation and interaction; these techniques are showcased on physical quadrotors—flying in unmodeled wind and among human pedestrians—and simulated highway driving. The dissertation ends with a discussion of challenges and opportunities ahead, including the bridging of safety analysis and reinforcement learning and the need to ``close the loop'' around learning and adaptation in order to deploy increasingly advanced autonomous systems with confidence

Constraint-based navigation for safe, shared control of ground vehicles

Thesis (Ph. D.)--Massachusetts Institute of Technology, Dept. of Mechanical Engineering, 2013.Cataloged from PDF version of thesis.Includes bibliographical references (p. 138-147).Human error in machine operation is common and costly. This thesis introduces, develops, and experimentally demonstrates a new paradigm for shared-adaptive control of human-machine systems that mitigates the effects of human error without removing humans from the control loop. Motivated by observed human proclivity toward navigation in fields of safe travel rather than along specific trajectories, the planning and control framework developed in this thesis is rooted in the design and enforcement of constraints rather than the more traditional use of reference paths. Two constraint-planning methods are introduced. The first uses a constrained Delaunay triangulation of the environment to identify, cumulatively evaluate, and succinctly circumscribe the paths belonging to a particular homotopy with a set of semi autonomously enforceable constraints on the vehicle's position. The second identifies a desired homotopy by planning - and then laterally expanding - the optimal path that traverses it. Simulated results show both of these constraint-planning methods capable of improving the performance of one or multiple agents traversing an environment with obstacles. A method for predicting the threat posed to the vehicle given the current driver action, present state of the environment, and modeled vehicle dynamics is also presented. This threat assessment method, and the shared control approach it facilitates, are shown in simulation to prevent constraint violation or vehicular loss of control with minimal control intervention. Visual and haptic driver feedback mechanisms facilitated by this constraint-based control and threat-based intervention are also introduced. Finally, a large-scale, repeated measures study is presented to evaluate this control framework's effect on the performance, confidence, and cognitive workload of 20 drivers teleoperating an unmanned ground vehicle through an outdoor obstacle course. In 1,200 trials, the constraint-based framework developed in this thesis is shown to increase vehicle velocity by 26% while reducing the occurrence of collisions by 78%, improving driver reaction time to a secondary task by 8.7%, and increasing overall user confidence and sense of control by 44% and 12%, respectively. These performance improvements were realized with the autonomous controller usurping less than 43% of available vehicle control authority, on average.by Sterling J. Anderson.Ph.D

A Study of Potential Security and Safety Vulnerabilities in Cyber-Physical Systems

The work in this dissertation focuses on two examples of Cyber-Physical Systems (CPS), integrations of communication and monitoring capabilities to control a physical system, that operate in adversarial environments. That is to say, it is possible for individuals with malicious intent to gain access to various components of the CPS, disrupt normal operation, and induce harmful impacts. Such a deliberate action will be referred to as an attack. Therefore, some possible attacks against two CPSs will be studied in this dissertation and, when possible, solutions to handle such attacks will also be suggested. The first CPS of interest is vehicular platoons wherein it is possible for a number of partially-automated vehicles to drive autonomously towards a certain destination with as little human driver involvement as possible. Such technology will ultimately allow passengers to focus on other tasks, such as reading or watching a movie, rather than on driving. In this dissertation three possible attacks against such platoons are studied. The first is called ”the disbanding attack” wherein the attacker is capable of disrupting one platoon and also inducing collisions in another intact (non-attacked) platoon vehicles. To handle such an attack, two solutions are suggested: The first solution is formulated using Model Predictive Control (MPC) optimal technique, while the other uses a heuristic approach. The second attack is False-Data Injection (FDI) against the platooning vehicular sensors is analyzed using the reachability analysis. This analysis allows us to validate whether or not it is possible for FDI attacks to drive a platoon towards accidents. Finally, mitigation strategies are suggested to prevent an attacker-controlled vehicle, one which operates inside a platoon and drives unpredictably, from causing collisions. These strategies are based on sliding mode control technique and once engaged in the intact vehicles, collisions are reduced and eventual control of those vehicles will be switched from auto to human to further reduce the impacts of the attacker-controlled vehicle. The second CPS of interest in this dissertation is Heating, Ventilating, and Air Conditioning (HVAC) systems used in smart automated buildings to provide an acceptable indoor environment in terms of thermal comfort and air quality for the occupants For these systems, an MPC technique based controller is formulated in order to track a desired temperature in each zone of the building. Some previous studies indicate the possibility of an attacker to manipulate the measurements of temperature sensors, which are installed at different sections of the building, and thereby cause them to read below or above the real measured temperature. Given enough time, an attacker could monitor the system, understand how it works, and decide which sensor(s) to target. Eventually, the attacker may be able to deceive the controller, which uses the targeted sensor(s) readings and raises the temperature of one or multiple zones to undesirable levels, thereby causing discomfort for occupants in the building. In order to counter such attacks, Moving Target Defense (MTD) technique is utilized in order to constantly change the sensors sets used by the MPC controllers and, as a consequence, reduce the impacts of sensor attacks

Implications of Motion Planning: Optimality and k-survivability

We study motion planning problems, finding trajectories that connect two configurations of a system, from two different perspectives: optimality and survivability. For the problem of finding optimal trajectories, we provide a model in which the existence of optimal trajectories is guaranteed, and design an algorithm to find approximately optimal trajectories for a kinematic planar robot within this model. We also design an algorithm to build data structures to represent the configuration space, supporting optimal trajectory queries for any given pair of configurations in an obstructed environment. We are also interested in planning paths for expendable robots moving in a threat environment. Since robots are expendable, our goal is to ensure a certain number of robots reaching the goal. We consider a new motion planning problem, maximum k-survivability: given two points in a stochastic threat environment, find n paths connecting two given points while maximizing the probability that at least k paths reach the goal. Intuitively, a good solution should be diverse to avoid several paths being blocked simultaneously, and paths should be short so that robots can quickly pass through dangerous areas. Finding sets of paths with maximum k-survivability is NP-hard. We design two algorithms: an algorithm that is guaranteed to find an optimal list of paths, and a set of heuristic methods that finds paths with high k-survivability

Employing Severity of Injury to Contextualize Complex Risk Mitigation Scenarios

International audienceRisk mitigation is an important element to consider in risk evaluation. Safety features have helped to decrease the death ratio over the years. However, to date, each driver assistance system works on a single domain of operation. The problem remains in how to use perception to contextualize the scene to fully minimize the collision severity in a complex emergency scenario. Up to now, works on cost maps have consider simple contextualized object in mitigation scenarios. For instance, the use of binary allowed/forbidden zones or, a fixed weight to each type of object in the scene. Our work employs the risk of injury issued by accidentology to each class of object present in the scene. Each class of object presents an injury probability with respect to the impact speed and ethical/economical/political factors. The method generates a cost map containing a collision probability along with to the risk of injury. It dynamically contextualizes the objects, since the risk of injury depends on the characteristics of the scene. Simulation and dataset results validate that changing the referred parameters alters the context and evaluation of the scene. Then, the proposed method allows a better assessment of the surroundings by creating a dynamic navigation cost map for complex scenarios

Machine Learning Based Methods for Virtual Validation of Autonomous Driving

During the last decade, automotive manufacturers have introduced increasingly capable driving automation functions in consumer vehicles. As the functionality becomes more advanced, the task of driving moves from the human to the car. Hence, making sure that autonomous driving (AD) functions are reliable and safe is of high importance. Often, increased levels of automation result in more complex safety validation procedures, that may be both expensive, time consuming, and dangerous to perform. One way to address these problems is to move parts of the validation to the virtual domain. In this thesis, we investigate methods for validating AD functionality in virtual simulation environments, using methods from machine learning and statistics. The main focus is on how to make virtual simulations resemble real-world conditions as closely as possible. We tackle this with an approach based on sensor error modeling. Specifically, we develop a statistical sensor error model that can be used to make ideal object measurements from simulations resemble measurements obtained from the perception system of a real-world vehicle. The model, which is based on autoregressive recurrent mixture density networks, was trained on sensor error data collected on European roads. The second part considers system falsification using reinforcement learning (RL); a flexible framework for validation of system safety, which naturally allows for the integration of, e.g., sensor error models. We compare results of system falsification using RL to an exact approach based on reachability analysis.With this thesis, we take steps towards more realistic statistical sensor error models for virtual simulation environments. We also demonstrate that approximate methods based on reinforcement learning may serve as an alternative to reachability analysis for validation of high-dimensional systems. Finally, we connect the RL falsification application to sensor error modeling as a possible direction for future research

Characterisation of an urban bridge portfolio and multi-risk prioritisation accounting for deterioration and seismic vulnerability

This contribution proposes a procedure to prioritise retrofit interventions on stocks of bridges according to their seismic vulnerability. The procedure also combines a previously presented approach to evaluate deterioration effects on bridges at a territorial scale. Thereby, the combi-nation of the two approaches provides a multi-risk classification method for bridge stocks. This method also allows refined prioritisation within each class, based on the proposed quantitative indices and on multicriteria decision-making methods. The method was applied to the bridge stock managed by the municipality of Padova, in North-East Italy. First, an extensive charac-terisation of the analysed stock is provided, according to typological, geometric, and structural parameters. Then, the application of the combined approach is presented, highlighting which bridge types resulted more vulnerable to either seismic actions or deterioration effects