7,442 research outputs found
ViSpec: A graphical tool for elicitation of MTL requirements
One of the main barriers preventing widespread use of formal methods is the
elicitation of formal specifications. Formal specifications facilitate the
testing and verification process for safety critical robotic systems. However,
handling the intricacies of formal languages is difficult and requires a high
level of expertise in formal logics that many system developers do not have. In
this work, we present a graphical tool designed for the development and
visualization of formal specifications by people that do not have training in
formal logic. The tool enables users to develop specifications using a
graphical formalism which is then automatically translated to Metric Temporal
Logic (MTL). In order to evaluate the effectiveness of our tool, we have also
designed and conducted a usability study with cohorts from the academic student
community and industry. Our results indicate that both groups were able to
define formal requirements with high levels of accuracy. Finally, we present
applications of our tool for defining specifications for operation of robotic
surgery and autonomous quadcopter safe operation.Comment: Technical report for the paper to be published in the 2015 IEEE/RSJ
International Conference on Intelligent Robots and Systems held in Hamburg,
Germany. Includes 10 pages and 19 figure
Barrier Functions for Multiagent-POMDPs with DTL Specifications
Multi-agent partially observable Markov decision processes (MPOMDPs) provide a framework to represent heterogeneous autonomous agents subject to uncertainty and partial observation. In this paper, given a nominal policy provided by a human operator or a conventional planning method, we propose a technique based on barrier functions to design a minimally interfering safety-shield ensuring satisfaction of high-level specifications in terms of linear distribution temporal logic (LDTL). To this end, we use sufficient and necessary conditions for the invariance of a given set based on discrete-time barrier functions (DTBFs) and formulate sufficient conditions for finite time DTBF to study finite time convergence to a set. We then show that different LDTL mission/safety specifications can be cast as a set of invariance or finite time reachability problems. We demonstrate that the proposed method for safety-shield synthesis can be implemented online by a sequence of one-step greedy algorithms. We demonstrate the efficacy of the proposed method using experiments involving a team of robots
Specification and Verification of Distributed Embedded Systems: A Traffic Intersection Product Family
Distributed embedded systems (DESs) are no longer the exception; they are the
rule in many application areas such as avionics, the automotive industry,
traffic systems, sensor networks, and medical devices. Formal DES specification
and verification is challenging due to state space explosion and the need to
support real-time features. This paper reports on an extensive industry-based
case study involving a DES product family for a pedestrian and car 4-way
traffic intersection in which autonomous devices communicate by asynchronous
message passing without a centralized controller. All the safety requirements
and a liveness requirement informally specified in the requirements document
have been formally verified using Real-Time Maude and its model checking
features.Comment: In Proceedings RTRTS 2010, arXiv:1009.398
Model Predictive Robustness of Signal Temporal Logic Predicates
The robustness of signal temporal logic not only assesses whether a signal
adheres to a specification but also provides a measure of how much a formula is
fulfilled or violated. The calculation of robustness is based on evaluating the
robustness of underlying predicates. However, the robustness of predicates is
usually defined in a model-free way, i.e., without including the system
dynamics. Moreover, it is often nontrivial to define the robustness of
complicated predicates precisely. To address these issues, we propose a notion
of model predictive robustness, which provides a more systematic way of
evaluating robustness compared to previous approaches by considering
model-based predictions. In particular, we use Gaussian process regression to
learn the robustness based on precomputed predictions so that robustness values
can be efficiently computed online. We evaluate our approach for the use case
of autonomous driving with predicates used in formalized traffic rules on a
recorded dataset, which highlights the advantage of our approach compared to
traditional approaches in terms of expressiveness. By incorporating our
robustness definitions into a trajectory planner, autonomous vehicles obey
traffic rules more robustly than human drivers in the dataset.Comment: 7 pages, 6 figures, conference paper in submissio
Evaluating Two Semantics for Falsification using an Autonomous Driving Example
We consider the falsification of temporal logic properties as a method to test complex systems, such as autonomous systems. Since these systems are often safety-critical, it is important to assess whether they fulfill given specifications or not. An adaptive cruise controller for an autonomous car is considered where the closed-loop model has unknown parameters and an important problem is to find parameter combinations for which given specification are broken. We assume that the closed-loop system can be simulated with the known given parameters, no other information is available to the testing framework. The specification, such as, the ability to avoid collisions, is expressed using Signal Temporal Logic (STL). In general, systems consist of a large number of parameters, and it is not possible or feasible to explicitly enumerate all combinations of the parameters. Thus, an optimization-based approach is used to guide the search for parameters that might falsify the specification. However, a key challenge is how to select the objective function such that the falsification of the specification, if it can be falsified, can be falsified using as few simulations as possible. For falsification using optimization it is required to have a measure representing the distance to the falsification of the specification. The way the measure is defined results in different objective functions used during optimization. Different measures have been proposed in the literature and in this paper the properties of the Max Semantics (MAX) and the Mean Alternative Robustness Value (MARV) semantics are discussed. After evaluating these two semantics on an adaptive cruise control example, we discuss their strengths and weaknesses to better understand the properties of the two semantics
Rational physical agent reasoning beyond logic
The paper addresses the problem of defining a theoretical physical agent framework that satisfies practical requirements of programmability by non-programmer engineers and at the same time permitting fast realtime operation of agents on digital computer networks. The objective of the new framework is to enable the satisfaction of performance requirements on autonomous vehicles and robots in space exploration, deep underwater exploration, defense reconnaissance, automated manufacturing and household automation
- …