Priority-Based PlaybookTM Tasking for Unmanned System Teams

We are developing real-time planning and control systems that allow a single human operator to control a team of unmanned aerial vehicles (UAVs). If the operator requests more tasks than can be immediately addressed by the available UAVs, our planning system must choose which goals to try to achieve, and which to postpone for later effort. To make this decision-making easily understandable and controllable, we allow the user to assign strict priorities to goals, ensuring that if a goal is assigned the highest priority, the system will use every resource available to try to build a successful plan to achieve that goal. In this paper we show how unique features of the SHOP2 hierarchical task network planner permit an elegant implementation of this priority queue behavior. Although this paper is primarily about the technique itself, rather than SHOP2’s performance, we assess the scalability of this priority queue approach and discuss potential directions for improvement, as well as more general forms of meta-control within SHOP2 domains. I

Certification Considerations for Adaptive Systems

Advanced capabilities planned for the next generation of aircraft, including those that will operate within the Next Generation Air Transportation System (NextGen), will necessarily include complex new algorithms and non-traditional software elements. These aircraft will likely incorporate adaptive control algorithms that will provide enhanced safety, autonomy, and robustness during adverse conditions. Unmanned aircraft will operate alongside manned aircraft in the National Airspace (NAS), with intelligent software performing the high-level decision-making functions normally performed by human pilots. Even human-piloted aircraft will necessarily include more autonomy. However, there are serious barriers to the deployment of new capabilities, especially for those based upon software including adaptive control (AC) and artificial intelligence (AI) algorithms. Current civil aviation certification processes are based on the idea that the correct behavior of a system must be completely specified and verified prior to operation. This report by Rockwell Collins and SIFT documents our comprehensive study of the state of the art in intelligent and adaptive algorithms for the civil aviation domain, categorizing the approaches used and identifying gaps and challenges associated with certification of each approach

The Challenges of Real-Time AI

The research agendas of two major areas of computer science are converging: Artificial Intelligence (AI) methods are moving towards more realistic domains requiring real-time responses, and real-time systems are moving towards more complex applications requiring intelligent behavior. Together, they meet at the crossroads of interest in "real-time intelligent control," or "real-time AI." This subfield is still being defined by the common interests of researchers from both real-time and AI systems. As a result, the precise goals for various real-time AI systems are still in flux. This paper describes an organizing conceptual structure for current real-time AI research, clarifying the different meanings this term has acquired for various researchers. Having identified the various goals of real-time AI research, we then specify some of the necessary steps towards reaching those goals. This in turn enables us to identify promising areas for future research in both AI and real-time systems techniques. (Also cross-referenced as UMIACS-TR-94-69

Plan Execution in Mission-Critical Domains

... In this paper, I take the position that the best way to address these issues is through the use of an inherently self-validating planning and execution system. That is, a system in which the planner generates plans satisfying certain verifiable properties (e.g., timeliness and correctness), which are then predictably and reliably executed by the executive. In abstract form, this type of system is essentially a high-level automatic programming paradigm: the system designer provides a description of primitive sensing and control actions, a description of the domain and its dynamics, and a description of the system's goals. Then, conceptually at least, the system generates and executes a plan composed of primitives and combination functions (control logic) to reliably achieve the goals. Once the system code itself has been certified, the only further verification /certification requirements apply to the input models of primitives and the domain; each plan (program) is itself verified automatically during generation. The popularity of such classical planner/executor architectures waned during the 1980s as reactive systems dawned, but more recently the community has almost converged on multi-layer architectures incorporating planners with reactive plan execution engines. In the transition, however, many of the advantages of the classical architecture have been lost: some planners now "advise" rather than "program," and execution engines themselves are frequently running complex, handcoded, unbounded skeletal/hierarchical plans. These systems do not provide the advantages of the "automatic programming" paradigm. So, let this position paper act as a call to arms

Balancing Safety against Performance: Tradeoffs in Internet Security

All Internet-accessible computing systems are currently faced with incessant threats ranging from simple scriptkiddies to highly sophisticated criminal enterprises. In response to these threats, sites must perform extensive intrusion monitoring. This intrusion monitoring can have significant costs in terms of bandwidth, computing power, storage space, and licensing fees. Furthermore, when exploits are detected, the victims must take actions that can consume further resources and compromise their objectives (e.g., by reducing e-commerce server throughput). In this paper, we explore techniques for modeling the costs and benefits of various security monitoring and response actions. Given these models and stochastic expectations about the types of attacks that a site is likely to face, our CIRCADIA automatic security control system is able to make real-time tradeoffs between the level of safety and security that is enforced, and the level of system resources/performance that are applied to the main computational objectives (e.g., ecommerce transactions). We show how CIRCADIA is able to dynamically adjust its security activities to account for changing threat profiles and objectives. The result: a continually-optimized balance of security-maintaining activity that reduces risk while still allowing the system to meet its goals

You Sense, I'll Act: Coordinated Preemption in Multi-Agent CIRCA

Abstract We are extending the real-time performance guarantees provided by CIRCA into distributed multi-agent systems. In particular, we are developing methods for teams of CIRCA agents to build coordinated plans that include explicit runtime communications to support distributed real-time reactivity to the environment. These teams will then build plans in which different agents use their unique capabilities in a coordinated fashion to guarantee system safety, enabling the application of CIRCA to mission-critical domains that are too hazardous for competing multi-agent approaches