Presentation is loading. Please wait.

Presentation is loading. Please wait.

Model-Based Programming of Intelligent Embedded Systems Bill Gaes CSc 299 Masters Seminar Presentation and Discussion 5/20/2005 Based on: Brian C. Williams.

Published bySara Matthews Modified over 9 years ago

Similar presentations

Presentation on theme: "Model-Based Programming of Intelligent Embedded Systems Bill Gaes CSc 299 Masters Seminar Presentation and Discussion 5/20/2005 Based on: Brian C. Williams."— Presentation transcript:

1 Model-Based Programming of Intelligent Embedded Systems Bill Gaes CSc 299 Masters Seminar Presentation and Discussion 5/20/2005 Based on: Brian C. Williams et al., “Model-Based Programming of Intelligent Embedded Systems and Robotic Space Explorers,” Proceedings of the IEEE, vol. 91, no 1, pp.212-237, 2003.

2 5/20/2005Model-Based Programming2 Outline zModel-Based Programming yOverview yAdvantages yExample yMotivation yDetails yDiscussion

3 5/20/2005Model-Based Programming3 zProgram what you want the system to do zDevelop models of what the system can do zRely on executive to: yexecute program yreason on-the-fly ytrack system state ydiagnose faults yreconfigure system to achieve desired goals

4 5/20/2005Model-Based Programming4 Advantages of Model-Based Programming zAllow engineers to specify high-level control strategies zEncapsulation and separation of concerns yModel composed of components (e.g., engine, camera, etc) yProgram - Object-oriented with multiple inheritance yExecutive replaceable with different implementation or one with added capabilities

5 5/20/2005Model-Based Programming5 Advantages of Model-Based Programming zPowerful Inference Engines zReusability zRobustness zVerifiability

6 5/20/2005Model-Based Programming6 Example Embedded System - Spacecraft zSpacecraft with 2 redundant engines and a camera zObjective: insert spacecraft into orbit yCamera must be off yOne of two engines must fire

7 5/20/2005Model-Based Programming7 Simple Spacecraft Model FuelOxidizerFuelOxidizer EngineAEngineBEngineAEngineB Initial State Goal State shut valve open valve

8 5/20/2005Model-Based Programming8 Simple Spacecraft Model Initial StateGoal State Science Camera OnOff Science Camera

9 5/20/2005Model-Based Programming9 Control Program - Pseudocode Orbital Insertion Control Program: Concurrently Place both Engines in standby Shut off Camera When Engines are in standby And the Camera is off then Fire EngineA

10 5/20/2005Model-Based Programming10 Reactive Embedded Systems zRequires concurrent and synchronous programming languages such as: yEsterel (~1992) yStatecharts (~1987)

11 5/20/2005Model-Based Programming11 Programming Complex Reactive Embedded Systems zProgramming using traditional reactive languages ychallenging, time-consuming, and error-prone Embedded Program Physical Plant Obs Cntrl

12 5/20/2005Model-Based Programming12 Challenges of Programming Autonomous Systems detecting anomalies isolating faults diagnosing causes adaptive control fault avoidance hardware reconfiguration monitoring safeing goal tracking standby fault recovery mode confirmation zProgrammers must reason through system- wide interactions to generate code for:

13 5/20/2005Model-Based Programming13 Esterel Program For a Robot to Follow a Line module ROBOT: input LeftSensor, RightSensor; output LeftWheelSpeed : float, RightWheelSpeed : float; loop await tick; [ present LeftSensor else emit LeftWheelSpeed(1.0f) end present || present RightSensor else emit RightWheelSpeed(1.0f) end present || present [LeftSensor and RightSensor] then abort loop emit RightWheelSpeed(1.0f); emit LeftWheelSpeed(-0.5f) each tick when [not LeftSensor] end present ] end loop end module Pure signals - indicate presence or absence of stimuli Value signals - have arbitrary value of specified type Wheel controller - sets relative angular velocity, a value in [-1, 1], 1.0 is full speed forward. Explicit syntax for execute in parallel Both sensors see line so attempt corrective action to get back on track Continuously emit 2 signals sequentially, but at each tick, so executed at same instant - emit returns immediately

14 5/20/2005Model-Based Programming14 Mars Polar Lander Failure zLeading hypothesis for failure: yLanding legs deployed during decent. yNoise spike in Hall effect sensors latched by monitors. yLaser altimeter registered altitude of 40m yAt 40m leg monitors polled yMonitors latched - engine shutdown at 40m

15 5/20/2005Model-Based Programming15 Problem and a Solution zProblem yFailure space and interactions with hardware and software too large to enumerate zSolution yProvide reactive embedded languages that reason-on-the-fly from commonsense models xModel-based Programming

16 5/20/2005Model-Based Programming16 Model-Based Architecture Control Program Plant Model Control Sequencer Deductive Controller State estimates Configuration goals Physical Plant Commands Observations Reactive Model-based Programming Language (RMPL) “Titan” - Model-based Executive

17 5/20/2005Model-Based Programming17 Simple RMPL Control Program Procedure TakePicture(target)::{ do { Attitude = target, when Attitude = target donext { SnapStore(); } } watching Picture = Stored }

18 5/20/2005Model-Based Programming18 RMPL Control Program zFive design features yParallel and sequential execution threads yConditional execution yIteration yPreemption yDefining feature xability to reference “hidden” states of physical plant within assertions and conditions

19 5/20/2005Model-Based Programming19 RMPL Control Program expression --> assertion | combinator | prgm_invocation combinator --> A maintaining c | do A watching c | if c thennext A | unless c thennext A | A,B | A;B | always A prgm_invocation --> program_name(arglist) Key:c denotes constraint A and B denote well formed RMPL expressions Note: Language provides additional derived combinators, created by combining primitive combinators

20 5/20/2005Model-Based Programming20 RMPL Control Program OrbitInsert()::{ do{ EngineA = Standby, EngineB = Standby, Camera = Off, do{ when EngineA = Standby ^ Camera = Off donext EngineA = Firing } watching Engine A = Failed, when EngineA = Failed ^ Engine B = Standby ^ Camera = Off donext Engine B = Firing }watching Engine A = Firing v Engine B = Firing } assertion achieve constraint execution condition ask constraint

21 5/20/2005Model-Based Programming21 Model-Based Executive zControl Sequencer yExecutes control program yUses likely state estimate to generate configuration goals for Deductive Controller to achieve Control Sequencer Deductive Controller State estimates Configuration goals Physical Plant Commands Observations Control Program Plant Model Model-Based Executive

22 5/20/2005Model-Based Programming22 Plant Model - Concurrent Constraint Automata zBuilt from a set of component models yEach component is represented by xSet of component modes xSet of constraints defining behavior within each nominal mode xSet of probabilistic transitions between modes

23 5/20/2005Model-Based Programming23 Spacecraft Engine Component Model (thrust = zero) AND (power_in = zero) Off Standby Firing Failed Behavior within a mode described by constraints on plant variables: thrust and power_in Component Mode Probabilistic uncommanded transition 0.01 Cmd = stdby Cmd = off Cmd = Stdby Cmd = Fire 0.01 (thrust = zero) AND (power_in = nominal) (thrust = full) AND (power_in = nominal) Note: All nominal transitions are P = 99% No constraint for engine’s behavior in failed mode - constraint suspension

24 5/20/2005Model-Based Programming24 Spacecraft Camera Component Model Note: All nominal transitions are P = 99% (power_in = zero) AND (shutter = closed) Off On Failed 0.01 Cmd = Cam_off Cmd = Cam_on 0.01 (power_in = nominal) AND (shutter = open)

25 5/20/2005Model-Based Programming25 Spacecraft Valve Driver and Valve Component Models on off dcmd in = on dcmd in = off dcmd in = reset dcmd in = off permanent failure resettable failure Valve Driver Model Note: All nominal transitions are P = 99% Failure transitions are P = 1% (not shown) open closed driver = on dcmd in = open stuck-closed Valve Model stuck-open driver = on dcmd in = close dcmd in vcmd in dcmd out = vcmd in interconnection constraint

26 5/20/2005Model-Based Programming26 Model-Based Executive Control Sequencer State estimates Configuration goals Physical Plant Commands Observations Titan Model-based Executive Mode Estimation Mode Reconfiguration Estimates most likely transitions Finds least-cost reachable goal state Deductive Controller Control Program Plant Model

27 5/20/2005Model-Based Programming27 Deductive Controller Selects valve configuration; plans actions to open six valves Mode Estimation Deduces engines in standby Mode Reconfiguration Deduces valve failed - stuck closed Mode Estimation Selects valves on backup engine needed to achieve thrust, and plans needed actions Mode Reconfiguration

28 5/20/2005Model-Based Programming28 Space of Possible State Trajectories for Plant Model Trellis Diagram... S (0) S (1) S (N-1) S (N) S T Plant state assigns value to each state variable, e.g., 3000 consistent with all state constraints, e.g., 12,000 Discrete time step Set of concurrent transitions one per automata, e.g., 80 Examples from Plant Model for Deep Space One

29 5/20/2005Model-Based Programming29 Deductive Controller Mode Estimation (ME) zIncrementally tracks sets of component mode transitions yConsistent with observations, initial state, and plant CCA yNumber of transitions is n m where xn is the size of the domain of the mode variables xm is number of mode variables yDeep Space One Probe (DS-1) n m = 3 80

30 5/20/2005Model-Based Programming30 Deductive Controller Mode Estimation (ME) zFrame as Optimal Constraint Satisfaction Problem (OCSP) yConflict-directed A* xUses propositional logic to find conflicts xConflicts used to prune implausible consistent transitions yMode transitions reduced to less than a dozen from 3 80

31 5/20/2005Model-Based Programming31 Mode Estimation... S (0) S (1) S (t-1) S (t) prob(s j ) prob(s i ) most likely state - s j state with highest probability ^^ ^^ Tracks most likely states consistent with plant model, observations, and control actions

32 5/20/2005Model-Based Programming32 Deductive Controller Mode Reconfiguration (MR) zSeries of commands that progresses plant toward a maximum-reward state that achieves the configuration goal yGoal Interpreter xfind goal state that achieves configuration goal while maximizing reward. yReactive Planner xgenerates command sequence to move plant to goal state.

33 5/20/2005Model-Based Programming33 Mode Reconfiguration... S (t) S (t+1) S (t+n-1) S (t+n) Maximum reward goal state ^ ^ ^^ Given goal and most likely current state find commands that transitions through plant state space toward maximum-reward goal state that achieve the configuration goal

34 5/20/2005Model-Based Programming34 Model-based Programming Real-world Uses xDeep-Space One - 2001 Autonomous control of engine firing xMIT Sphere Spacecraft - 2004 docking maneuvers with International Space Station xSimulation system for rapid prototyping autonomous mars exploration testbed xToyota Fault management and failure recovery for high-end vehicles xNASA Mars Technology Program Proposing incorporation into Mars 2009 Smart Lander xJohn Hopkins Applied Physics Lab Proposing applying to Messenger Mission to Mercury

35 5/20/2005Model-Based Programming35 Discussion zDoes this paradigm appear to provide the claimed advantages? zWhat are potential limitations or pitfalls? zBased on its technical merit is MB-P an advancement? zDoes it have enough successes and interest to sustain itself?

Download ppt "Model-Based Programming of Intelligent Embedded Systems Bill Gaes CSc 299 Masters Seminar Presentation and Discussion 5/20/2005 Based on: Brian C. Williams."

Similar presentations

Lecture 8: Three-Level Architectures CS 344R: Robotics Benjamin Kuipers.

Lecture 8: Three-Level Architectures CS 344R: Robotics Benjamin Kuipers.
Dynamic Domain Architectures for Model Based Autonomy MoBIES Embedded Software Working Group Meeting April 10-11 2001 B. Williams, B. Laddaga, H. Shrobe,

Dynamic Domain Architectures for Model Based Autonomy MoBIES Embedded Software Working Group Meeting April B. Williams, B. Laddaga, H. Shrobe,
MBD in real-world system… Self-Configuring Systems Meir Kalech Partially based on slides of Brian Williams.

MBD in real-world system… Self-Configuring Systems Meir Kalech Partially based on slides of Brian Williams.
Approved for Public Release, Distribution Unlimited Pervasive Self-Regeneration through Concurrent Model-Based Execution Brian Williams (PI) Paul Robertson.

Approved for Public Release, Distribution Unlimited Pervasive Self-Regeneration through Concurrent Model-Based Execution Brian Williams (PI) Paul Robertson.
ECE 720T5 Fall 2012 Cyber-Physical Systems Rodolfo Pellizzoni.

ECE 720T5 Fall 2012 Cyber-Physical Systems Rodolfo Pellizzoni.
© 2006 ITT Educational Services Inc. SE350 System Analysis for Software Engineers: Unit 9 Slide 1 Appendix 3 Object-Oriented Analysis and Design.

© 2006 ITT Educational Services Inc. SE350 System Analysis for Software Engineers: Unit 9 Slide 1 Appendix 3 Object-Oriented Analysis and Design.
CS 795 – Spring 2010.  “Software Systems are increasingly Situated in dynamic, mission critical settings ◦ Operational profile is dynamic, and depends.

CS 795 – Spring  “Software Systems are increasingly Situated in dynamic, mission critical settings ◦ Operational profile is dynamic, and depends.
Detailed Design Kenneth M. Anderson Lecture 21

Detailed Design Kenneth M. Anderson Lecture 21
Esterel Overview Roberto Passerone ee249 discussion section.

Esterel Overview Roberto Passerone ee249 discussion section.
Brent Dingle Marco A. Morales Texas A&M University, Spring 2002

Brent Dingle Marco A. Morales Texas A&M University, Spring 2002
Modeling and Planning with Robust Hybrid Automata Cooperative Control of Distributed Autonomous Vehicles in Adversarial Environments 2001 MURI: UCLA, CalTech,

Modeling and Planning with Robust Hybrid Automata Cooperative Control of Distributed Autonomous Vehicles in Adversarial Environments 2001 MURI: UCLA, CalTech,
Why Behavioral Wait statement Signal Timing Examples of Behavioral Descriptions –ROM.

Why Behavioral Wait statement Signal Timing Examples of Behavioral Descriptions –ROM.
Integrating POMDP and RL for a Two Layer Simulated Robot Architecture Presented by Alp Sardağ.

Integrating POMDP and RL for a Two Layer Simulated Robot Architecture Presented by Alp Sardağ.
State Machines Timing Computer Bus Computer Performance Instruction Set Architectures RISC / CISC Machines.

State Machines Timing Computer Bus Computer Performance Instruction Set Architectures RISC / CISC Machines.
Executing Reactive, Model-based Programs through Graph-based Temporal Planning Phil Kim and Brian C. Williams, Artificial Intelligence and Space Systems.

Executing Reactive, Model-based Programs through Graph-based Temporal Planning Phil Kim and Brian C. Williams, Artificial Intelligence and Space Systems.
Optimizing Symbolic Model Checking for Constraint-Rich Systems Randal E. Bryant Bwolen Yang, Reid Simmons, David R. O’Hallaron Carnegie Mellon University.

Optimizing Symbolic Model Checking for Constraint-Rich Systems Randal E. Bryant Bwolen Yang, Reid Simmons, David R. O’Hallaron Carnegie Mellon University.
Sheila McIlraith, Knowledge Systems Lab, Stanford University DX’00, 06/2000 Diagnosing Hybrid Systems: A Bayesian Model Selection Approach Sheila McIlraith.

Sheila McIlraith, Knowledge Systems Lab, Stanford University DX’00, 06/2000 Diagnosing Hybrid Systems: A Bayesian Model Selection Approach Sheila McIlraith.
IV&V Facility Model-based Design Verification IVV Annual Workshop September, 2009 Tom Hempler.

IV&V Facility Model-based Design Verification IVV Annual Workshop September, 2009 Tom Hempler.
1 Software Testing Techniques CIS 375 Bruce R. Maxim UM-Dearborn.

1 Software Testing Techniques CIS 375 Bruce R. Maxim UM-Dearborn.
Unit 3a Industrial Control Systems

Unit 3a Industrial Control Systems

Similar presentations

Ads by Google