Copyright B. Williams J/6.834J, Fall 02 Lecture 3: Immobile Robots and Space Explorers Prof. Brian Williams Rm Wednesday, September 11 th, 2002
Copyright B. Williams J/6.834J, Fall 02 Course Objective 1 To understand the main types of intelligent embedded systems and their driving requirements: Agile Robots –Hallway robots, Field robots, Underwater explorers, stunt air vehicles “Immobile” Robots –Intelligent spaces –Robust space probes Cooperating Agents –Cooperative Space/Air/Land/Underwater vehicles, distributed traffic networks, smart dust. Accomplished by: Case studies during lectures Supports course final project (Objective 4).
Copyright B. Williams J/6.834J, Fall 02 Readings and Assignment Readings: Remote Agent: to Boldy Go Where No AI System Has Gone Before, N.Muscettola, P. Nayak, B. Pell and B. Williams, Artificial Intelligence 103 (1998) Remote Agent: to Boldy Go Where No AI System Has Gone Before, Immobile Robots: AI in the New Millennium, B. Williams and P. Nayak, AI Magazine, Fall (1996). Immobile Robots: AI in the New Millennium, Problem Set 1: Distributed in Class: Wednesday, September 11th, 2002 Due in Class: Wednesday, September 18th, 2002
Copyright B. Williams J/6.834J, Fall 02 Immobile Robots Responsive Environment Project (circa 1992): Create building environments that anticipate and adapt to user needs. Models self and its occupants Learns physics of building Learns models of user activity (e.g., office occupancy) Acts in order to anticipate and meet needs. Sets energy goals based on user’s anticipated needs. Regulates by distributed auction. Synthesizes distributed, optimal controllers to save energy. Xerox PARC Ubiquitous Computing Project: Shift computation from the desktop, in to the walls and everyday devices.
Copyright B. Williams J/6.834J, Fall 02 Immobile Robots in Space
courtesy NASA The Russian Mir Failure
Copyright B. Williams J/6.834J, Fall 02 courtesy NASA Ames
Copyright B. Williams J/6.834J, Fall 02 MIT Spheres flies in Intl Space station 2003 courtesy Prof. Dave Miller, MIT Space Systems Laboratory
Copyright B. Williams J/6.834J, Fall 02 Autonomous Systems use Models to Anticipate or Detect Subtle Failures NASA Mars Habitat
Robotic Space Explorers: To Boldly Go Where No AI System Has Gone Before A Story of Survival J/6.834J September 19, 2001
Copyright B. Williams J/6.834J, Fall 02 Outline Motivation Model-based autonomous systems Remote Agent Example
Cryobot & Hydrobot courtesy JPL Europa ``Our vision in NASA is to open the Space Frontier... We must establish a virtual presence, in space, on planets, in aircraft and spacecraft.’’ - Daniel S. Goldin, NASA Administrator, May 29, 1996
courtesy JPL Distributed Spacecraft Interferometers search for Earth-like Planets Around Other Stars
Cassini Maps Titan courtesy JPL 7 year cruise ~ ground operators ~ 1 billion $ 7 years to build A Capable Robotic Explorer: Cassini 150 million $ 2 year build 0 ground ops Faster, Better, Cheaper
courtesy JPL Mars Pathfinder and Sojourner
Copyright B. Williams J/6.834J, Fall 02 Four launches in 7 months Mars Climate Orbiter: 12/11/98 Mars Polar Lander: 1/3/99 Stardust: 2/7/99 QuickSCAT: 6/19/98 courtesy of JPL
Copyright B. Williams J/6.834J, Fall 02 Miscommanded: Mars Climate Orbiter Clementine courtesy of JPL Spacecraft should watch out for their own survival.
Copyright B. Williams J/6.834J, Fall 02 Objective: Support programmers with embedded languages that avoid these mistakes, by reasoning about hidden state automatically. Leading Diagnosis: Legs deployed during descent. Noise spike on leg sensors latched by software monitors. Laser altimeter registers 40m. Begins polling leg monitors to determine touch down. Latched noise spike read as touchdown. Engine shutdown at ~40m. Reactive Model-based Programming Language (RMPL) Mars Polar Lander Failure Programmers often make commonsense mistakes when reasoning about hidden state.
Copyright B. Williams J/6.834J, Fall 02 Traditional spacecraft commanding
What Makes this Difficult: Cassini Case Study courtesy JPL
Reasoning through interactions is complex
Copyright B. Williams J/6.834J, Fall 02 Reconfiguring for a Failed Engine Fuel tank Oxidizer tank
Copyright B. Williams J/6.834J, Fall 02 Reconfiguring for a Failed Engine Open four valves Fuel tank Oxidizer tank
Copyright B. Williams J/6.834J, Fall 02 Reconfiguring for a Failed Engine Valve fails stuck closed Open four valves Fuel tank Oxidizer tank
Copyright B. Williams J/6.834J, Fall 02 Reconfiguring for a Failed Engine Fire backup engine Valve fails stuck closed Open four valves Fuel tank Oxidizer tank
Copyright B. Williams J/6.834J, Fall 02 Challenge: Thinking Through Interactions Programmers must reason through system-wide interactions to generate codes for: command confirmationcommand confirmation goal tracking goal tracking detecting anomalies detecting anomalies isolating faults isolating faults diagnosing causes diagnosing causes hardware reconfig hardware reconfig fault recovery fault recovery safing safing fault avoidance fault avoidance control coordination control coordination Equally problematic at mission operations level
Houston, We have a problem... courtesy of NASA Quintuple fault occurs (three shorts, tank-line and pressure jacket burst, panel flies off). Mattingly works in ground simulator to identify new sequence handling severe power limitations. Mattingly identifies novel reconfiguration, exploiting LEM batteries for power. Swaggert & Lovell follow novel procedure to repair Apollo 13 lithium hydroxide unit. Survival can require replanning the complete mission on the fly.
Copyright B. Williams J/6.834J, Fall 02 Outline Motivation Model-based autonomous systems Remote Agent Example
Copyright B. Williams J/6.834J, Fall 02 Course Objective 2 To understand fundamental methods for creating the major components of intelligent embedded systems. Plan Execute Monitor & Diagnosis
Copyright B. Williams J/6.834J, Fall 02 Programmers generate breadth of functions from commonsense models in light of mission goals. Model-based Programming Program by specifying commonsense, compositional declarative models. Model-based Planning, Execution and Monitoring Provide services that reason through each type of system interaction from models. on the fly reasoning requires significant search & deduction within the reactive control loop. Model-based Autonomy
courtesy of NASA Quintuple fault occurs (three shorts, tank-line and pressure jacket burst, panel flies off). Mattingly works in ground simulator to identify new sequence handling severe power limitations. Mattingly identifies novel reconfiguration, exploiting LEM batteries for power. Swaggert & Lovell work on Apollo 13 emergency rig lithium hydroxide unit. Styles of Thinking Through Interactions
Quintuple fault occurs (three shorts, tank-line and pressure jacket burst, panel flies off). Mattingly works in ground simulator to identify new sequence handling severe power limitations. Mattingly identifies novel reconfiguration, exploiting LEM batteries for power. Swaggert & Lovell work on Apollo 13 emergency rig lithium hydroxide unit. Multiple fault diagnosis of unexperienced failures. Mission planning and scheduling Hardware reconfiguration Scripted execution Styles of Thinking Through Interactions
Copyright B. Williams J/6.834J, Fall 02 Example of a Model-based Agent: Goal-directed First time correct projective reactive Commonsense models Heavily deductive Scripts component models Goals Diagnosis & Repair Mission Manager Executive Planner/Scheduler Remote Agent Mission-level actions & resources
Copyright B. Williams J/6.834J, Fall 02 Conventional Wisdom: Reservations about Intelligent Embedded Systems “[For reactive systems] proving theorems is out of the question” [Agre & Chapman 87]
Copyright B. Williams J/6.834J, Fall 02 Many problems aren’t so hard
Copyright B. Williams J/6.834J, Fall 02 Generate Non-conflicting Successor Generate Non-conflicting Successor Candidates with decreasing likelihood or value SAT Generalization of Conflicts Generalization of Conflicts Developed RISC-like, deductive kernel (OPSAT) How can general deduction achieve reactive time scales? Solutions When you have eliminated the impossible, whatever remains, however improbable [costly], must be the truth. - Sherlock Holmes. The Sign of the Four.
Copyright B. Williams J/6.834J, Fall 02 Transition Systems + Constraints + Probabilities Closed Valve Open Stuckopen Stuckclosed OpenClose inflow = outflow = 0 Can model-based agents perform many different types of reasoning from a common model?
Copyright B. Williams J/6.834J, Fall 02 Outline Motivation Model-based autonomous systems Remote Agent Example
Copyright B. Williams J/6.834J, Fall 02 Real-Time Execution Flight H/W Fault Monitors Planning Experts (incl. Navigation) Remote Agent Architecture Ground System RAX Manager Diagnosis & Repair Mission Manager Executive Planner/Scheduler Remote Agent RAX_START
Copyright B. Williams J/6.834J, Fall 02 Real-Time Execution Flight H/W Fault Monitors Planning Experts (incl. Navigation) Ground System RAX Manager Diagnosis & Repair Mission Manager Executive Planner/Scheduler Remote Agent RAX_START Executive requests plan
Copyright B. Williams J/6.834J, Fall 02 Real-Time Execution Flight H/W Fault Monitors Planning Experts (incl. Navigation) Ground System RAX Manager Diagnosis & Repair Mission Manager Executive Planner/Scheduler Remote Agent RAX_START Remote Agent Architecture
Copyright B. Williams J/6.834J, Fall 02 Real-Time Execution Flight H/W Fault Monitors Planning Experts (incl. Navigation) Ground System RAX Manager Diagnosis & Repair Mission Manager Executive Planner/Scheduler Remote Agent RAX_START Mission manager establishes goals, planner generates plan
Copyright B. Williams J/6.834J, Fall 02 Real-Time Execution Flight H/W Fault Monitors Planning Experts (incl. Navigation) Ground System RAX Manager Diagnosis & Repair Mission Manager Executive Planner/Scheduler Remote Agent RAX_START Executive executes plan
Copyright B. Williams J/6.834J, Fall 02 Real-Time Execution Flight H/W Fault Monitors Planning Experts (incl. Navigation) Ground System RAX Manager Diagnosis & Repair Mission Manager Executive Planner/Scheduler Remote Agent RAX_START Diagnosis system monitors and repairs
courtesy JPL Walk Through of Cassini Saturn Orbital Insertion
Copyright B. Williams J/6.834J, Fall 02 Real-Time Execution Flight H/W Fault Monitors Planning Experts (incl. Navigation) Ground System RAX Manager Diagnosis & Repair Mission Manager Executive Planner/Scheduler Remote Agent RAX_START Plan for Next Time Horizon
Copyright B. Williams J/6.834J, Fall 02 Thrust Goals Attitude Engine Power
Copyright B. Williams J/6.834J, Fall 02 Thrust Goals Attitude Point(a) Engine Off Delta_V(direction=b, magnitude=200) Power Mission Manager Sets Goals over Horizon
Copyright B. Williams J/6.834J, Fall 02 Planner Repeatedly Applies Library of Operational Constraints Thrust Goals Engine Thrust (b, 200) Delta_V(direction=b, magnitude=200) contains
Copyright B. Williams J/6.834J, Fall 02 Thrust Goals Attitude Point(b) Engine Thrust (b, 200) Off Delta_V(direction=b, magnitude=200) Power Warm Up meets met_by contained_by equals Planner Repeatedly Applies Library of Operational Constraints
Copyright B. Williams J/6.834J, Fall 02 Thrust Goals Attitude Point(a) Engine Off Delta_V(direction=b, magnitude=200) Power Planner Starts
Copyright B. Williams J/6.834J, Fall 02 Thrust Goals Attitude Point(a) Engine Thrust (b, 200) Off Delta_V(direction=b, magnitude=200) Power
Copyright B. Williams J/6.834J, Fall 02 Thrust Goals Attitude Point(a) Engine Delta_V(direction=b, magnitude=200) Power Thrust (b, 200) Off
Copyright B. Williams J/6.834J, Fall 02 Thrust Goals Attitude Point(a) Engine Delta_V(direction=b, magnitude=200) Power Thrust (b, 200) Off
Copyright B. Williams J/6.834J, Fall 02 Thrust Goals Attitude Point(a) Engine Delta_V(direction=b, magnitude=200) Power Off Thrust (b, 200)
Copyright B. Williams J/6.834J, Fall 02 Point(b) Thrust Goals Attitude Point(a) EngineOff Delta_V(direction=b, magnitude=200) Power Thrust (b, 200) Off
Copyright B. Williams J/6.834J, Fall 02 Thrust Goals Attitude Point(a) Point(b) Engine Thrust (b, 200) Off Delta_V(direction=b, magnitude=200) Power Off
Copyright B. Williams J/6.834J, Fall 02 Thrust Goals Attitude Point(a) Point(b) Engine Thrust (b, 200) Warm Up Off Delta_V(direction=b, magnitude=200) Power
Copyright B. Williams J/6.834J, Fall 02 Thrust Goals Attitude Point(a)Point(b)Turn(b,a) Engine Thrust (b, 200) Warm Up Off Delta_V(direction=b, magnitude=200) Power
Copyright B. Williams J/6.834J, Fall 02 Thrust Goals Attitude Point(a)Point(b) Turn(b,a) Engine Thrust (b, 200) Warm Up Off Delta_V(direction=b, magnitude=200) Power
Copyright B. Williams J/6.834J, Fall 02 Thrust Goals Attitude Turn(a,b) Point(a) Point(b)Turn(b,a) Engine Thrust (b, 200) Off Delta_V(direction=b, magnitude=200) Power Warm Up
Copyright B. Williams J/6.834J, Fall 02 Thrust Goals Attitude Turn(a,b) Point(a)Point(b)Turn(b,a) Engine Thrust (b, 200) Off Delta_V(direction=b, magnitude=200) Power Warm Up
Copyright B. Williams J/6.834J, Fall 02 Thrust Goals Attitude Turn(a,b) Point(a)Point(b)Turn(b,a) Engine Thrust (b, 200) Off Delta_V(direction=b, magnitude=200) Power Warm Up Plan Completed!
Copyright B. Williams J/6.834J, Fall 02 Plans Allow Temporal Flexibility Through Least Committment
Copyright B. Williams J/6.834J, Fall 02 Real-Time Execution Flight H/W Fault Monitors Planning Experts (incl. Navigation) Ground System RAX Manager Diagnosis & Repair Mission Manager ScriptedExecutive Planner/Scheduler Remote Agent RAX_START The executive dynamically schedules and dispatches tasks
Copyright B. Williams J/6.834J, Fall 02 Executing Temporal Plans [130,170]] [0, 300] Propagate temporal constraints Select enabled events Terminate preceding activities Run next activities
Copyright B. Williams J/6.834J, Fall 02 Propagating Timing Constraints Can Be Costly EXECUTIVE CONTROLLED SYSTEM
Copyright B. Williams J/6.834J, Fall 02 EXECUTIVE CONTROLLED SYSTEM Propagating Timing Constraints Can Be Costly
Copyright B. Williams J/6.834J, Fall 02 EXECUTIVE CONTROLLED SYSTEM Propagating Timing Constraints Can Be Costly
Copyright B. Williams J/6.834J, Fall 02 EXECUTIVE CONTROLLED SYSTEM Propagating Timing Constraints Can Be Costly
Copyright B. Williams J/6.834J, Fall 02 EXECUTIVE CONTROLLED SYSTEM Propagating Timing Constraints Can Be Costly
Copyright B. Williams J/6.834J, Fall 02 EXECUTIVE CONTROLLED SYSTEM Propagating Timing Constraints Can Be Costly
Copyright B. Williams J/6.834J, Fall 02 EXECUTIVE CONTROLLED SYSTEM Solution: Compile Temporal Constraints to an Efficient Network
Copyright B. Williams J/6.834J, Fall 02 EXECUTIVE CONTROLLED SYSTEM Solution: Compile Temporal Constraints to an Efficient Network
Copyright B. Williams J/6.834J, Fall 02 EXECUTIVE CONTROLLED SYSTEM Solution: Compile Temporal Constraints to an Efficient Network
Copyright B. Williams J/6.834J, Fall 02 Real-Time Execution Flight H/W Fault Monitors Planning Experts (incl. Navigation) Ground System RAX Manager Diagnosis & Repair Mission Manager Scripted Executive Planner/Scheduler Remote Agent RAX_START Execution and Fault Recovery involves monitoring and commanding hidden states
Copyright B. Williams J/6.834J, Fall 02 Programmers and operators must reason through system-wide interactions to generate codes for: Reconfiguring ModesEstimating Modes monitoring monitoring tracking goals tracking goals confirming commands confirming commands detecting anomalies detecting anomalies diagnosing faults diagnosing faults reconfiguring hardwarereconfiguring hardware coordinating control policies coordinating control policies recovering from faults recovering from faults avoiding failures avoiding failures Model-based Execution of Activities
Copyright B. Williams J/6.834J, Fall 02 Model-based Execution as Stochastic Optimal Control Controller Plant mode Estimation mode reconfiguration s’(t) (t) f f s (t) g g o(t) Model Livingstone Goals
Copyright B. Williams J/6.834J, Fall 02 Closed Open Stuck open Stuck closed Open Close Cost 5 Prob.9 Models modes engage physical processes encoded as finite domain constraints probabilistic automata for dynamics Concurrency to model multiple processes Vlv = closed => Outflow = 0; vlv=open => Outflow = M z + (inflow); vlv=stuck open => Outflow = M z + (inflow); vlv=stuck closed=> Outflow = 0;
Copyright B. Williams J/6.834J, Fall 02 Possible Behaviors Visualized by a Trellis Diagram Assigns a value to each variable. Consistent with all state constraints. A set of concurrent transitions, one per automata. Previous & Next states consistent with source & target of transitions
Copyright B. Williams J/6.834J, Fall 02 Model-based Execution as Stochastic Optimal Control Controller Plant mode Estimation mode reconfiguration s’(t) (t) f f s (t) g g o(t) Model Livingstone Goals Fire backup engine Valve fails stuck closed least cost reachable goal state First Action Current Belief State
Control Sequencer Deductive Controller System Model Commands Observations Control Program Plant Titan Model-based ExecutiveRMPL Model-based Program State goalsState estimates Control Sequencer: Generates goal states conditioned on state estimates Mode Estimation: Tracks likely States Mode Reconfiguration: Tracks least-cost state goals Executes concurrently Preempts Asserts and queries states Chooses based on reward Fire backup engine Valve fails stuck closed least cost reachable goal state First Action Current Belief State
Copyright B. Williams J/6.834J, Fall 02 Mode Estimation and Diagnosis Observe “no thrust” Find most likely reachable states consistent with observations.
Copyright B. Williams J/6.834J, Fall 02 Mode Reconfiguration and Repair Goal: Achieve Thrust
Copyright B. Williams J/6.834J, Fall 02 Goal: Achieve Thrust Mode Reconfiguration and Repair
Copyright B. Williams J/6.834J, Fall 02 Goal: Achieve Thrust Mode Reconfiguration and Repair
courtesy JPL Ames-JPL NewMaap Demonstration: New Millennium Advanced Autonomy Prototype July - November, 1995
Copyright B. Williams J/6.834J, Fall 02 Remote Agent on Deep Space 1 Started: January 1996 Launch: Fall 1998
Copyright B. Williams J/6.834J, Fall 02 Remote Agent Experiment May 17-18th experiment Generate plan for course correction and thrust Diagnose camera as stuck on –Power constraints violated, abort current plan and replan Perform optical navigation Perform ion propulsion thrust May 21th experiment. Diagnose faulty device and –Repair by issuing reset. Diagnose switch sensor failure. –Determine harmless, and continue plan. Diagnose thruster stuck closed and –Repair by switching to alternate method of thrusting. Back to back planning See rax.arc.nasa.gov
Copyright B. Williams J/6.834J, Fall 02 Beyond: Cooperative Exploration Distributed Planning Group, JPL Model-based Embedded and Robotic Systems Group, MIT
“With autonomy we declare that no sphere is off limits. We will send our spacecraft to search beyond the horizon, accepting that we cannot directly control them, and relying on them to tell the tale.” Bob Rasmussen Architect JPL Mission Data System