Figure - available from: Current Robotics Reports
This content is subject to copyright. Terms and conditions apply.
Source publication
Purpose of Review
The deployment of hardware (e.g., robots, satellites, etc.) to space is a costly and complex endeavor. It is of extreme importance that on-board systems are verified and validated through a variety of verification and validation techniques, especially in the case of autonomous systems. In this paper, we discuss a number of approac...
Similar publications
Embedded on-board-optimization-based guidance is a set of guidance schemes that provide spacecraft the capability to plan and perform trajectories under several constraints autonomously. This autonomy will allow the space vehicle to more efficiently perform more challenging goals while dealing with rapidly changing environments, unmodelled/unforese...
Citations
... Autonomous systems by definition extend beyond just robotics and automation to software development, sensors, control algorithms, and systems development [10,24,25]. According to [25], autonomous systems can make their own decisions and take their own action without real-time human interference. ...
... Autonomous systems by definition extend beyond just robotics and automation to software development, sensors, control algorithms, and systems development [10,24,25]. According to [25], autonomous systems can make their own decisions and take their own action without real-time human interference. These definitions can be considered as the difference between robotics and drone applications that are fully controlled by humans and tasks that are autonomous. ...
... It is important to note that safety in autonomous systems can be viewed from two standpoints. One is the reduction of risk to humans, since the tasks involved are now carried out by autonomous systems, such as is observable in [25,30,31], where RAID equipment are used to perform hazardous tasks in space (on satellites) and at heights to install or repair solar panels. Autonomous robots and drones equipped with sensors and AI algorithms can perform these tasks more efficiently and safely, with minimal risk of injury to human workers. ...
While there is evidence of substantial improvement in efficiency and cost reduction from the integration of Robotics, Artificial Intelligence, and Drones (RAID) in solar installations; it is observed that there is limited oversight by international standards such as the International Electrotechnical Commission (IEC) in terms of the hazards and untapped potentials. This is partly because it is an emerging application and generally burdened with social acceptability issues. Thus, the safety regulations applied are adaptations of device-specific regulations as deemed fit by individual companies. Also, due to the fast-paced technological development of these platforms, there is huge potential for applications that are not currently supported by the device-specific regulations. This creates a multi-faceted demand for the establishment of standardized, industry-wide polices and guidelines on the use of RAID platforms for Solar PV integrations. This work aims to address critical safety concerns by conducting a comprehensive high-level system examination applicable to the monitoring and maintenance of Solar PV systems. Standard safety assurance models and approaches are examined to provide a safe autonomy perspective for Solar PVs. It is considered that, as RAID applications continue to evolve and become more prevalent in the Solar PV industry, standardized protocols or policies would be established to ensure safe and reliable operations.
... Correctness and validation of an ADS are crucial, as any error or malfunction of the system may lead to loss of life, environmental damage, or financial impact on trust and reputation [40]. Challenges on the verification and validation methodologies for these systems are introduced by sub-symbolic AI methods where the decision algorithms are known to introduce non-determinism [2,11,14,29]. ...
... The system of equations (13) represents the road limits of the scenario. The box junction, crosswalk, and stop sign areas are defined by (14), (15), and (16), respectively (see Fig. 7). ...
... A key finding of this work was the establishment of a set of contracts that, when followed by all traffic participants, guarantees that the overall system will not experience collisions. Cardoso et al. [14] also suggest verification by contract as a useful tool to handle complex systems like AVs. ...
The automotive industry is increasingly dependent on computing systems with different critical requirements. The verification and validation methods for these systems are now leveraging complex AI methods, for which the decision algorithms introduce non-determinism, especially in autonomous driving. This paper presents a runtime verification technique agnostic to the target system, which focuses on monitoring spatio-temporal properties that abstract the evolution of objects’ behavior in their spatial and temporal flow. First, a formalization of three known traffic rules (from the Vienna convention on road traffic) is presented, where a spatio-temporal logic fragment is used. Then, these logical expressions are translated to a monitoring model written in first-order logic, where they are processed by a non-linear satisfiability solver. Finally, the translation allows the solver to check the validity of the encoded properties according to an instance of a specific traffic scenario (a trace). The results obtained from our tool, which automatically generates a monitor from a formula, show that our approach is feasible for online monitoring in a real-world environment.
... • Interfaces' design, check, and control between hardware, software, and the human operator [3]. • Verification of the requirements and validation of the architecture [4][5][6][7]. ...
... The rover has a sampling storage set at 1 g, while a sample weighs around 0.2 g. The system can only sample some of the waypoints, trying to maximize its sampling-related reward set as R sampling raw = [8,4,10,9,10,4,6,8,4,4]. The optimal path evaluated with the routing algorithm provides a reference for the optimal navigation actions. ...
During mission design, the concept of operations (ConOps) describes how the system operates during various life cycle phases to meet stakeholder expectations. ConOps is sometimes declined in a simple evaluation of the power consumption or data generation per mode. Different operational timelines are typically developed based on expert knowledge. This approach is robust when designing an automated system or a system with a low level of autonomy. However, when studying highly autonomous systems, designers may be interested in understanding how the system would react in an operational scenario when provided with knowledge about its actions and operational environment. These considerations can help verify and validate the proposed ConOps architecture, highlight shortcomings in both physical and functional design, and help better formulate detailed requirements. Hence, this study aims to provide a framework for the simulation and validation of operational scenarios for autonomous robotic space exploration systems during the preliminary design phases. This study extends current efforts in autonomy technology for planetary systems by focusing on testing their operability and assessing their performances in different scenarios early in the design process. The framework uses Model-Based Systems Engineering (MBSE) as the knowledge base for the studied system and its operations. It then leverages a Markov Decision Process (MDP) to simulate a set of system operations in a relevant scenario. It then outputs a feasible plan with the associated variation of a set of considered resources as step functions. This method was applied to simulate the operations of a small rover exploring an unknown environment to observe and sample a set of targets.
... Primarily through UKRI funded projects on Engineering Autonomous Space Software and Future AI and Robotics for Space (FAIR-SPACE) we have applied our techniques to the Space domain. This work includes utilising BDI agent programming and simulation in space systems [106][107][108], the development and verification of astronaut-rover teamwork [77], verification and validation across space robotics [87,91,109,110], and work (with NASA) towards verification tool-chains supporting assurance [111]. ...
The Autonomy and Verification group11 Part of a wider, international, Autonomy and Verification Network of activity: https://autonomy-and-verification.github.io sits within the Department of Computer Science22 https://www.cs.manchester.ac.uk at the University of Manchester. The group has a long history of research into agents and multi-agent systems (both at Manchester and, previously, at the University of Liverpool) particularly in the areas of formal specification and verification, multi-agent programming, ethical agent reasoning, and swarms, teams and organisations.
... A comprehensive overview of the state-of-the-art verification and validation for autonomous space robotics can be found in (Cardoso et al., 2021). This includes both formal (model checking, theorem proving and runtime verification) and nonformal techniques (testing, simulation). ...
Active debris removal in space has become a necessary activity to maintain and facilitate orbital operations. Current approaches tend to adopt autonomous robotic systems which are often furnished with a robotic arm to safely capture debris by identifying a suitable grasping point. These systems are controlled by mission-critical software, where a software failure can lead to mission failure which is difficult to recover from since the robotic systems are not easily accessible to humans. Therefore, verifying that these autonomous robotic systems function correctly is crucial. Formal verification methods enable us to analyse the software that is controlling these systems and to provide a proof of correctness that the software obeys its requirements. However, robotic systems tend not to be developed with verification in mind from the outset, which can often complicate the verification of the final algorithms and systems. In this paper, we describe the process that we used to verify a pre-existing system for autonomous grasping which is to be used for active debris removal in space. In particular, we formalise the requirements for this system using the Formal Requirements Elicitation Tool (FRET). We formally model specific software components of the system and formally verify that they adhere to their corresponding requirements using the Dafny program verifier. From the original FRET requirements, we synthesise runtime monitors using ROSMonitoring and show how these can provide runtime assurances for the system. We also describe our experimentation and analysis of the testbed and the associated simulation. We provide a detailed discussion of our approach and describe how the modularity of this particular autonomous system simplified the usually complex task of verifying a system post-development.
CAN-verify is an automated tool that aids the development, verification, and analysis of BDI agents written in the Conceptual Agent Notation (Can) language. It does not require users to be familiar with verification techniques. CAN-verify supports syntactic error checking, interpretation of programs (running agents), and exhaustive exploration of all possible executions (agent verification and analysis) to check against both generic agent requirements, such as if a task can be achieved successfully, and user-defined requirements, such as whether a certain belief eventually holds. Simple examples of Unmanned Aerial Vehicles (UAV) and autonomous patrol robots illustrate the tool in action.
The automotive industry is increasingly dependent on computing systems with variable levels of critical requirements. The verification and validation methods for these systems are now leveraging complex AI methods, for which the decision algorithms introduce non-determinism, especially in autonomous driving. This paper presents a runtime verification technique agnostic to the target system, which focuses on monitoring spatio-temporal properties that abstract the evolution of objects’ behavior in their spatial and temporal flow. First, a formalization of three known traffic rules (from the Vienna convention on road traffic) is presented, where a spatio-temporal logic fragment is used. Then, these logical expressions are translated to a monitoring model written in the first-order logic, where they will be processed by a non-linear satisfiability solver. Finally, the translation allows the solver to check the validity of the encoded properties according to an instance of a specific traffic scenario (a trace). The results obtained from our tool that automatically generates a monitor from a formula show that our approach is feasible for online monitoring in a real-world environment.
