Guaranteeing Safety in

deadmancrossingraceΤεχνίτη Νοημοσύνη και Ρομποτική

13 Νοε 2013 (πριν από 3 χρόνια και 8 μήνες)

55 εμφανίσεις

Guaranteeing Safety in

Semi
-
autonomous
Robotic Systems:

A
Formal Approach through Hybrid
Systems with Hidden Modes

Domitilla Del Vecchio

University of Michigan, EECS

MIT,
MechE

ICRA 2010, Workshop on Formal Methods

TexPoint fonts used in EMF.

Read the TexPoint manual before you delete this box.:
A
A
A
A
A
A
A
A

1

Some of Today’s Networked Robotic
Systems

Cooperative Active Safety Systems

Imperfect Information:
From
poor/intermittent sensory measurements or
missing communication;


Presence of Humans:
both “in the loop” and
“out of the loop”


Complexity
: from interaction between
continuous dynamics and logic, imperfect
information, large state spaces…



2

Warfare Systems

Despite these challenges, these systems must be

safe

by design!

How do we perform

Formal design with humans

“out of the loop”?

Example: Cooperative Active Safety

Cooperative Active Safety Systems

For details on modeling human decision making through hybrid systems:

Del Vecchio et al. IFAC 2002,
Automatica

2003, Walton et al. ICRA
2004

cruise

run out

brake

Worst
-
case approach: Too Conservative!

Hybrid System with Hidden Modes (HSHM)

S
q
i
S
q
j
¾
=
a
¾
=
b
¾
=
a
S
q
k
¾
=
b
¾
=
a
Safety Control Problem for

Hybrid Systems with Hidden Modes

3

Available Results from the Literature


When
the state is measured
, safety control for hybrid systems has been addressed by
several researchers: within an optimal control approach (Tomlin, Pappas,
Sastry
,
Lygeros
,…) , within a viability approach (
Aubin
,
Quincampoix
,
Gao
,…),…



When
the state is not measured,
these results do not apply.



Further,
Raskin

et al. 2006 showed that for hybrid systems with finite state abstractions,
the safety control problem has
exponential complexity,
while for general classes of
nonlinear and hybrid systems it is prohibitive


Here:

We present a method to tackle safety control for HSHMs




We restrict the class of systems to
order preserving systems

to lighten



the complexity arising from the continuous dynamics



We show how these results apply to the semi
-
autonomous vehicle collision avoidance



system

4

Outline


Solution of the safety control problem for HSHMs




Computational Techniques




Application to semi
-
autonomous cooperative active safety
systems



5

Safety control problem for HSHMs

S
q
i
S
q
j
¾
=
a
¾
=
b
¾
=
a
S
q
k
¾
=
b
¾
=
a
Problem 1:

(1)




(2)
Compute a dynamic feedback
π

map
from the history

to maintain the state outside C



Mode
-
dependent capture set

6

Translation to a perfect information
problem

7

Solution:

One solves Problem 2 and then shows that (equivalence)

^
C
=
C
Prediction
-
correction estimator

Keeping track of a growing history is prohibitive. Hence, the problem is translated to one

with perfect information introducing a state estimate (
LaValle
, 2006)

(For details on equivalence:
Verma and Del Vecchio,
CDC

2009
)

State is measured!

Problem 2:

(1) Compute the Capture set for system


(2) Compute a static feedback map


to maintain the state outside


^
C
^
H
^
C
Algorithmic procedure to compute the mode
-
dependent capture sets


8

Example:

Algorithm 1

In general:

The dynamic control map

B

^
C
^
q
1
^
C
^
q
2
^
C
^
q
3
¹
f
(
x
;
¼
(
x
;
^
q
1
)
;
µ
)
¹
f
(
x
;
¼
(
x
;
^
q
2
)
;
µ
)
Example:

L
^
q
x
T
L
^
q
(
x
)
Contingent

cone

¹
f
9

Outline


Solution of the safety control problem for HSHMs




Computational Techniques




Application to semi
-
autonomous cooperative active safety
systems



10

Computability Results

Thm
:
If every set of fully connected modes in has a
supremum
, Algorithm terminates

(For details:
Verma and Del Vecchio,
CDC

2009
)

When does Algorithm 1 terminate?

When is each step of Algorithm 1 efficiently computable?

If in every mode the dynamics are given by the parallel composition

of
order preserving systems
and B is a box, then




“Pre” can be computed with a linear complexity algorithm

^
q
(For details:
Hafner and Del Vecchio,
CDC

2009; Del Vecchio et al, ACC 2009
)

^
C
^
q
=
P
r
e
(
R
(
^
q
)
;
B
)
,
R
(
^
q
)
=
r
e
a
c
h
a
b
l
e
s
e
t
o
f
m
o
d
e
s
f
r
o
m
^
q
S
=
(
X
;
U
;
D
;
f
)
(
X
;

)
U
=
[
u
L
;
u
H
]
Piecewise

Continuous

_
x
=
f
(
x
;
u
)
f
1
>
0
D
=
[
d
L
;
d
H
]
(
X
;

)

)

(
X
;

)
input

input

input

input



)
order preserving systems

11

Computing “
Pre”

B

P
r
e
(
^
q
;
B
)
L
P
r
e
(
^
q
;
B
)
H
Easily computed as the input is fixed!

12

If for each mode :

S
=
S
1
k
S
2
w
i
t
h
S
i
O
r
d
e
r
P
r
e
s
e
r
v
i
n
g
B
=
f
(
x
1
;
x
2
)
j
(
x
1
1
;
x
2
1
)
2
[
L
1
;
U
1
]
£
[
L
2
;
U
2
]
g
^
q
Thm
:

Computing the control map

B

P
r
e
(
^
q
;
B
)
L
P
r
e
(
^
q
;
B
)
H
13

^
¼
(
x
;
^
q
)
=
8
<
:
(
u
L
;
u
H
)
i
f
(
x
2
P
r
e
(
^
q
;
B
)
L
)
^
(
x
2
@
P
r
e
(
^
q
;
B
)
H
)
(
u
H
;
u
L
)
i
f
(
x
2
P
r
e
(
^
q
;
B
)
H
)
^
(
x
2
@
P
r
e
(
^
q
;
B
)
L
)
U
o
t
h
e
r
w
i
s
e
:
x
All inputs

are allowed

Must be applied

to avoid entering


(
u
L
;
u
H
)
C
H
Outline


Solution of the safety control problem for HSHMs




Computational Techniques




Application to semi
-
autonomous cooperative active safety
systems



14

Application: A semi
-
autonomous
collision avoidance system

15

Braking

Accel

b
a
®
2
=
¯
q
+
d
;
d
2
¢
=
[
¡
¹
d
;
¹
d
]
®
1
=
k
1
u
¡
k
2
v
2
1
¡
k
3
B
=
f
(
p
1
;
v
1
;
p
2
;
v
2
)
j
(
p
1
;
p
2
)
2
[
L
1
;
U
1
]
£
[
L
2
;
U
2
]
g
This system is order preserving!

16

Application (cont.)

Mode estimator

^
q
=
^
q
1
=
f
a
;
b
g
^
q
=
^
q
2
=
f
a
g
slice of

slice of

Application: Experimental result

Human control station

C1

Human Driven

Autonomous

Learning of modes: data from 5 different subjects

Braking mode

Accel

mode

17

18

Thanks to: Matt McCullough, UG CSE
Umich

C1

Human Driven

Autonomous

Application: Experimental result

Conclusions

We proposed formal safety control design for

semi
-
autonomous systems through HSHMs



B

^
C
^
q
1
^
C
^
q
2
^
C
^
q
3
¹
f
(
x
;
¼
(
x
;
^
q
1
)
;
µ
)
¹
f
(
x
;
¼
(
x
;
^
q
2
)
;
µ
)
When the mode is unknown, an equivalent control problem

with *perfect information* was solved to obtain the feedback

map

The techniques were applied to a semi
-
autonomous cooperative

active safety system application

19

cruise

run out

brake

When the dynamics are order preserving,

computation burden is dramatically reduced



C1

Human Driven

Autonomous

Current/Future Work

20

Software system development
for

Implementation and final testing on

TOYOTA full scale vehicles and test
-
track

(with
Caveney

and Caminiti
at TTC, Ann Arbor)



Extension to complex road configurations and multiple
-
agent conflict points

leveraging discrete
-
event system theory and solution
modules

based on

partial order structures

Extension of the theory of hybrid automata with imperfect mode information to

incorporate discrete control inputs: useful for modeling the monitoring/warning/control

phases of cooperative active safety systems with
human
-
in
-
the
-
loop

Open questions: communication delays, stochastic models of human behavior…

Acknowledgements

Rajeev Verma

PhD Student in the Systems


Lab at University of Michigan

Mike Hafner

PhD Student in the Systems

Lab at University of Michigan

Matt McCullough


Jeffrey
Duperrett


Chao Wang


Daniel Clark


Undergraduate students at

University of Michigan


Funding: NSF Career Award # CNS
-
0642719






NSF
Goali

Award # CMMI
-
0854907






TOYOTA

21