Formal Verification of Complex Robotic Systems on Resource-Constrained Platforms

Software constitutes a major part of the development of robotic and autonomous systems and is critical to their successful deployment in our everyday life. Robotic software must thus run and perform as specified. Since most of these systems are used in a hard real-time context, the schedulability of their tasks is a crucial property. In this work, we propose to use formal methods to check whether the tasks of a robotic application are schedulable with respect to a given hardware platform. For this, we automatically translate functional components specified in GenoM into FIACRE, a formal language for timed systems. The generated models integrate realistic real-time schedulers based on the FCFS and the SJF cooperative policies. We use then the model-checker TINA to assert schedulability properties. We carry out experiments on a real robotic system, namely a quadcopter flight controller. We demonstrate that, on its actual hardware, schedulability properties can be formally expressed and verified. We give examples on how we can check other important behavioral and timed properties on the same synthesized models.

[1]  Mamoun Filali,et al.  Fiacre: an Intermediate Language for Model Verification in the Topcased Environment , 2008 .

[2]  Silvano Dal-Zilio,et al.  Model Checking Real-Time Properties on the Functional Layer of Autonomous Robots , 2016, ICFEM.

[3]  Steve Goddard,et al.  A performance and schedulability analysis of an autonomous mobile robot , 2005, 17th Euromicro Conference on Real-Time Systems (ECRTS'05).

[4]  Hadas Kress-Gazit,et al.  Need-based coordination for decentralized high-level robot control , 2016, 2016 IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS).

[5]  A. W. Roscoe Understanding Concurrent Systems , 2010, Texts in Computer Science.

[6]  Reid G. Simmons,et al.  Towards automatic verification of autonomous systems , 2000, Proceedings. 2000 IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS 2000) (Cat. No.00CH37113).

[7]  Wei Li,et al.  Automatic property checking of robotic applications , 2017, 2017 IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS).

[8]  Morgan Quigley,et al.  ROS: an open-source Robot Operating System , 2009, ICRA 2009.

[9]  P. Merlin,et al.  Recoverability of Communication Protocols - Implications of a Theoretical Study , 1976, IEEE Transactions on Communications.

[10]  Yi Zhang,et al.  ROSRV: Runtime Verification for Robots , 2014, RV.

[11]  Uwe Schwiegelshohn,et al.  Analysis of first-come-first-serve parallel job scheduling , 1998, SODA '98.

[12]  Ali Movaghar-Rahimabadi,et al.  Non-preemptive earliest-deadline-first scheduling policy: a performance study , 2005, 13th IEEE International Symposium on Modeling, Analysis, and Simulation of Computer and Telecommunication Systems.

[13]  Frédéric Boussinot,et al.  The ESTEREL language , 1991, Proc. IEEE.

[14]  Steve Goddard,et al.  A real-time model for the robotic highway safety marker system , 2004, Proceedings. RTAS 2004. 10th IEEE Real-Time and Embedded Technology and Applications Symposium, 2004..

[15]  Bernard Berthomieu,et al.  Model-Checking Real-Time Properties of an Auto Flight Control System Function , 2014, 2014 IEEE International Symposium on Software Reliability Engineering Workshops.

[16]  Kyo Chul Kang,et al.  Formal Construction and Verification of Home Service Robots: A Case Study , 2005, ATVA.

[17]  Mohammed Foughali,et al.  Toward a Correct-and-Scalable Verification of Concurrent Robotic Systems: Insights on Formalisms and Tools , 2017, 2017 17th International Conference on Application of Concurrency to System Design (ACSD).

[18]  Piergiorgio Bertoli,et al.  Conformant planning via symbolic model checking and heuristic search , 2004, Artif. Intell..

[19]  Charles Lesire,et al.  Measurement-based real-time analysis of robotic software architectures , 2016, 2016 IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS).

[20]  Rajeev Alur,et al.  A Theory of Timed Automata , 1994, Theor. Comput. Sci..

[21]  Wang Yi,et al.  Uppaal in a nutshell , 1997, International Journal on Software Tools for Technology Transfer.

[22]  Rachid Alami,et al.  An Architecture for Autonomy , 1998, Int. J. Robotics Res..

[23]  José Proença,et al.  Formal Verification of ROS-Based Robotic Applications Using Timed-Automata , 2017, 2017 IEEE/ACM 5th International FME Workshop on Formal Methods in Software Engineering (FormaliSE).

[24]  Bernard Espiau,et al.  Formal Veriication in Robotics: Why and How? , 1995 .

[25]  Ali Khalili,et al.  Engineering Approaches and Methods to Verify Software in Autonomous Systems , 2014, IAS.

[26]  S. Lupetti,et al.  Data popularity and shortest-job-first scheduling of network transfers , 2006, International Conference on Digital Telecommunications (ICDT'06).

[27]  Arcot Sowmya,et al.  Design of a Mobile Robot Controller Using Esterel Tools , 2002, SLAP@ETAPS.

[28]  Matthieu Herrb,et al.  GenoM3: Building middleware-independent robotic components , 2010, 2010 IEEE International Conference on Robotics and Automation.

[29]  Bernard Berthomieu,et al.  An Enumerative Approach for Analyzing Time Petri Nets , 1983, IFIP Congress.

[30]  Silvano Dal-Zilio,et al.  Real-Time Specification Patterns and Tools , 2012, FMICS.

[31]  Gerald Steinbauer,et al.  An integrated model-based diagnosis and repair architecture for ROS-based robot systems , 2013, 2013 IEEE International Conference on Robotics and Automation.

[32]  F. Vernadat,et al.  The tool TINA – Construction of abstract state spaces for petri nets and time petri nets , 2004 .

[33]  Lavindra de Silva,et al.  Rigorous design of robot software: A formal component-based approach , 2012, Robotics Auton. Syst..

[34]  Huan Li,et al.  Scalability and schedulability in large, coordinated, distributed robot systems , 2003, 2003 IEEE International Conference on Robotics and Automation (Cat. No.03CH37422).