Presentation is loading. Please wait.

Presentation is loading. Please wait.

Contingency Software in Autonomous Systems Stacy Nelson, Nelson Consulting/QSS Robyn Lutz, JPL/Caltech & ISU SAFE Terminate Flight This research was carried.

Published byCecil Morton Modified over 8 years ago

Similar presentations

Presentation on theme: "Contingency Software in Autonomous Systems Stacy Nelson, Nelson Consulting/QSS Robyn Lutz, JPL/Caltech & ISU SAFE Terminate Flight This research was carried."— Presentation transcript:

1 Contingency Software in Autonomous Systems Stacy Nelson, Nelson Consulting/QSS Robyn Lutz, JPL/Caltech & ISU SAFE Terminate Flight This research was carried out at the Jet Propulsion Laboratory, California Institute of Technology, and at NASA Ames Research Center, under a contract with the National Aeronautics and Space Administration. The work was sponsored by the NASA Office of Safety and Mission Assurance under the Software Assurance Research Program led by the NASA Software IV&V Facility. This activity is managed locally at JPL through the Assurance and Technology Program Office OSMA Software Assurance Symposium July 20-July 22, 2004

2 Overview –Goals –Technology Readiness Level –Availability of Data Approach Preliminary Results Work-in-progress Benefits –Potential Applications –Barriers to Research or Application Future Work Topics Contingency Software in Autonomous Systems

3 Video from Camcorder Video from Color Camera Video from tracking camera on trailer Virtual rotorcraft following APEX plan (green bar) Apex plan DART DEMO

4 Adding intelligent diagnostic capabilities by supporting incremental autonomy Responding to anomalous situations currently beyond the scope of the nominal fault protection Contingency planning using the SAFE (Software Adjusts Failed Equipment) approach Unique Research Relevant to NASA Contingency Software in Autonomous Systems

5 Mitigate failures via software contingencies resulting in safer, more reliable autonomous vehicles in space and in FAA national airspace –Enhance diagnostic techniques to identify failures –Provide software contingencies to mitigate failures –Perform tool-based verification of contingency software –Apply results to ARP (Years 1 & 2) and MSL (Years 2 & 3) Status: Year 1 of planned 3-year study (1/04 start) Overview Contingency Software in Autonomous Systems Current Practice SW Contingency Planning Full Autonomy

6 Current technology readiness level = 2+ –2: “Technology concept and/or application formulated” – completed 6/04 –3: “Analytical and experimental critical function and/or characteristic proof-of-concept” – in-progress (12/04 completion) Current penetration factor = 8 –Data passed back to project Contingency Software in Autonomous Systems Technology Readiness Level

7 Contingency Software in Autonomous Systems Availability of Data: High

8 Contingency Software in Autonomous Systems Problem Failure WHAT FAILED? Autonomous vehicles have limited capacity to identify/mitigate failures

9 Contingency Software in Autonomous Systems Enhance diagnostic techniques to identify failures Provide software contingencies to mitigate failures Perform tool-based verification of contingency software and Apply results to ARP (and MSL) to pave the way to more resilient, adaptive unmanned systems Approach SAFE Vehicle (Software Adjusts Failed Equipment) Flight Critical Parameters Failure Diagnosis Failure 1 2 3

10 ARP Functional Requirements: Current Planned Contingency Analysis: SFMECA SFTA Contingency Planning: Available indicators Contingency triggers Contingency responses 2-Level (recover/predict) CONTINGENCY SOFTWARE in AUTONOMOUS SYSTEMS Contingency Process Overview Customized the IEEE/EIA 12207.2 Annex I Evolutionary/Spiral Methodology 1. Brainstorm with UAV team to uncover candidates for software contingencies Review UAV literature and project reports Lead brainstorming sessions with domain experts Work with team to identify and prioritize high-concern candidates Select top priority candidates 2. Model unit of interest (i.e. cameras, communications systems…) Model system including: Architecture & State diagram Verify models with UAV team 3. Contingency requirements verification Perform SFMECA 4. Analyze testability Identify how each contingency can be detected Perform SFTA Experiment with assignment of measure of uncertainty 5. Develop recovery strategy Determine candidate strategies for contingency responses (prevent/respond/safe) Determine availability of data needed to determine/execute appropriate contingency 6. Prototype contingency in progressively higher fidelity testbeds 7. Monitor contingency performance

11 Design of Hybrid Mobile Communication Networks for Planetary Exploration Richard Alena, John Ossenfort, Charles Lee, Edward Walker, Thom Stone CONTINGENCY SOFTWARE in AUTONOMOUS SYSTEMS Related WLAN Work RF signal strength measurements can be normalized to theoretical values and used to predict range ( Good correlation and repeatability of signal strength measurements using different antenna configurations and test distances) Network throughput is reasonably predictable for single hop links at short distances (WLAN link runs under nominal conditions with no packet loss) However, network throughput is not predictable for complex WLANs consisting of multiple repeater hops or long distances. WLAN links run under conditions of varying packet loss. Packet loss significantly reduces data pipelining by introducing highly variable packet transfer latencies due to packet re-transmission RF signal strength measurements can be normalized to theoretical values and used to predict range ( Good correlation and repeatability of signal strength measurements using different antenna configurations and test distances) Network throughput is reasonably predictable for single hop links at short distances (WLAN link runs under nominal conditions with no packet loss) However, network throughput is not predictable for complex WLANs consisting of multiple repeater hops or long distances. WLAN links run under conditions of varying packet loss. Packet loss significantly reduces data pipelining by introducing highly variable packet transfer latencies due to packet re-transmission Packet loss due to multi-path, low signal strength, interference significantly disrupt the timing of packet transfers due to packet re-transmission. MAC layer uses packets for many purposes such as node authentication, data flow management and data transfer. Packet loss can affect any of these functions resulting in a wide variety of failures.

12 CONTINGENCY SOFTWARE in AUTONOMOUS SYSTEMS Perception (Cameras) Perception is a critical function in systems requiring obstacle avoidance, threat detection, science missions and “opportunistic” discovery. Optical flow systems use contrasts in the surrounding imagery to determine position. If a vehicle using optical flow flies, for instance, over a very regular terrain such as a grassy field or an empty parking lot, it may crash.

13 Rotorcraft Control Center (“Trailer”) Rotorcraft Comm. Range (varies) Not to Scale CONTINGENCY SOFTWARE in AUTONOMOUS SYSTEMS Radio Modem 802.11b PCMCIA card Onboard Antenna GPS Autonomous flight (Nominal Case) (RC pilot standing by in case of emergency) Equipment New: Critical communications over radio modem and other communications via WiFi. Reason: Security and bandwidth

14 CLAW Flight Control Laws DOMS Distributed Messaging System GPS APEX Reactive Planner Telemetry CONTINGENCY SOFTWARE in AUTONOMOUS SYSTEMS Partial Onboard Architecture *domsD – DOMS transport daemon * Yamaha System

15 CONTINGENCY SOFTWARE in AUTONOMOUS SYSTEMS Perception (Cameras) Perception is a critical function in systems requiring obstacle avoidance, threat detection, science missions and “opportunistic” discovery. Optical flow systems use contrasts in the surrounding imagery to determine position. If a vehicle using optical flow flies, for instance, over a very regular terrain such as a grassy field or an empty parking lot, it may crash.

16 CONTINGENCY SOFTWARE in AUTONOMOUS SYSTEMS Cameras Onboard Rotorcraft Gray scale wing tip (stereo vision) Color Camcorder Color Camera for situational awareness Firewire Hub Image Processing System Firewire Left Wing Right Wing

17 CONTINGENCY SOFTWARE in AUTONOMOUS SYSTEMS Other Perception Components Onboard Rotorcraft SIC (K) – Fast & accurate scanning laser Laser range finder – returns single point used for precision autonomous landing if GPS signal is lost Sonar (or Ultrasonic) range finder to determine distance to ground Sonar Range Finder Laser Range Finder (coming soon) GPS Scanning Laser Range Finder (SICK) (coming soon) Cameras

18 Cases in which the cameras are a critical system: 1.Cameras assigned responsibility during nominal ops No line of sight -> Camera provides position info 2.Cameras are backup when other subsystems fail Failed/degraded GPS -> Camera provides position info Failed/degraded ARP -> Camera provides landing-site data 3.Images as mission objective (surveillance) Failure of cameras can jeopardize success CONTINGENCY SOFTWARE in AUTONOMOUS SYSTEMS Camera Criticality

19 Collaborating with Autonomous Rotorcraft Project to experimentally apply approach Project provides feedback on our models, guidance on future plans –Feasibility check –Reviewed ARP architecture including communications & perception –Proposed initial SW contingencies for communication and perception failures ARP team including us in team meetings PM has agreed to try contingencies appearing viable Finalized SW contingencies for communications & perception with ARP team –ARP team considers further investigation & simulation high priority for 4 identified SW Contingencies CONTINGENCY SOFTWARE in AUTONOMOUS SYSTEMS Preliminary Results

20 Loss of Communication: Detect loss of communication revise mission plan: –Reroute –Fly to rally point Interference with Communication: WiFi Security Throttle back communication CONTINGENCY SOFTWARE in AUTONOMOUS SYSTEMS Preliminary Results Loss of Perception: Detect camera failure and reconfigure to use another camera –If color camera used for situational awareness fails, then switch to one of the gray scale cameras. –If left wing camera fails then reconfigure to use left wing color camera for stereo vision. Degradation of Perception: Change image-acquisition configuration or parameters –If need to lower resource usage, reduce image size Change image-transmission configuration or parameters –If need to lower bandwidth, drop color, drop frame rate, compress image more (trade off with CPU cycles)

21 Paves the way to more resilient, adaptive unmanned systems Supports spectrum of project adoption of autonomy –Flexible: p roject determines how much autonomy –Incremental requirements (evolutionary process model) Considers contingencies beyond failures: –Environmental changes that threaten mission (e.g., surveillance) –Changes in resource needs vs. availability that impact mission success (e.g., will need high-bandwidth) –Mobility capabilities that create tradeoffs with communication, imaging optimizations NASA Experience: Will demonstrate on NASA projects Anticipated cost savings for projects with evolving autonomy needs Equips us with a methodology to continue to move toward autonomy CONTINGENCY SOFTWARE in AUTONOMOUS SYSTEMS Benefits

22 CONTINGENCY SOFTWARE in AUTONOMOUS SYSTEMS Towards MSL Risk Assessment for SW Contingencies Example Using DDP tool (fault tree Approach) to assess risk of SW Contingency Plans (collaboration between CSAS & Dr. Martin Feather) Note: example risk numbers relative not absolute – more work required

23 Autonomous Rotorcraft Project (ARC) Mars Science Laboratory (JPL) Other autonomous vehicles Other mobile imaging systems CONTINGENCY SOFTWARE in AUTONOMOUS SYSTEMS Potential Applications

24 Challenge 1: ARP is moving target (rapid evolution) Approach: Track planned & unplanned changes via weekly telecons Challenge 2: Planning for MSL application Approach: Demo benefits on ARP first; select ARP functionalities also important to MSL (communication, perception) Challenge 3: Tech transfer will depend on ease of reuse Approach: Provide results both in terms of (1) improved verification techniques for contingencies and (2) reusable designs for common contingency applications CONTINGENCY SOFTWARE in AUTONOMOUS SYSTEMS Barriers to Research or Application

25 Tool-based verification on NASA project Advance NASA’s information about communications and perception systems for autonomous vehicles CONTINGENCY SOFTWARE in AUTONOMOUS SYSTEMS Future Work

Download ppt "Contingency Software in Autonomous Systems Stacy Nelson, Nelson Consulting/QSS Robyn Lutz, JPL/Caltech & ISU SAFE Terminate Flight This research was carried."

Similar presentations

The U.S. Department of Transportation 9-1-1 and the Next Generation Jenny Hansen, Contractor – NG9-1-1 Project Coordinator USDOT/NHTSA.

The U.S. Department of Transportation and the Next Generation Jenny Hansen, Contractor – NG9-1-1 Project Coordinator USDOT/NHTSA.
4.1.5 System Management Background What is in System Management Resource control and scheduling Booting, reconfiguration, defining limits for resource.

4.1.5 System Management Background What is in System Management Resource control and scheduling Booting, reconfiguration, defining limits for resource.
Net-Centric Software and Systems I/UCRC Copyright © 2011 NSF Net-Centric I/UCRC. All Rights Reserved. High-Confidence SLA Assurance for Cloud Computing.

Net-Centric Software and Systems I/UCRC Copyright © 2011 NSF Net-Centric I/UCRC. All Rights Reserved. High-Confidence SLA Assurance for Cloud Computing.
A Cloud-Assisted Design for Autonomous Driving Swarun Kumar Shyamnath Gollakota and Dina Katabi.

A Cloud-Assisted Design for Autonomous Driving Swarun Kumar Shyamnath Gollakota and Dina Katabi.
Chapter 19: Network Management Business Data Communications, 4e.

Chapter 19: Network Management Business Data Communications, 4e.
Introduction to the State-Level Mitigation 20/20 TM Software for Management of State-Level Hazard Mitigation Planning and Programming A software program.

Introduction to the State-Level Mitigation 20/20 TM Software for Management of State-Level Hazard Mitigation Planning and Programming A software program.
Improving Collaboration in Unmanned Aerial Vehicle Operations March 27, 2007 Stacey D. Scott Humans & Automation Lab MIT Aeronautics and Astronautics

Improving Collaboration in Unmanned Aerial Vehicle Operations March 27, 2007 Stacey D. Scott Humans & Automation Lab MIT Aeronautics and Astronautics
OCIN Workshop Wrapup Bill Dally. Thanks To Funding –NSF - Timothy Pinkston, Federica Darema, Mike Foster –UC Discovery Program Organization –Jane Klickman,

OCIN Workshop Wrapup Bill Dally. Thanks To Funding –NSF - Timothy Pinkston, Federica Darema, Mike Foster –UC Discovery Program Organization –Jane Klickman,
1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.
Sense & Avoid for UAV Systems

Sense & Avoid for UAV Systems
Image Processing of Video on Unmanned Aircraft Video processing on-board Unmanned Aircraft Aims to develop image acquisition, processing and transmission.

Image Processing of Video on Unmanned Aircraft Video processing on-board Unmanned Aircraft Aims to develop image acquisition, processing and transmission.
Real-time Video Streaming from Mobile Underwater Sensors 1 Seongwon Han (UCLA) Roy Chen (UCLA) Youngtae Noh (Cisco Systems Inc.) Mario Gerla (UCLA)

Real-time Video Streaming from Mobile Underwater Sensors 1 Seongwon Han (UCLA) Roy Chen (UCLA) Youngtae Noh (Cisco Systems Inc.) Mario Gerla (UCLA)
Software causes many failures - significant mission risk Hard to quantify effects on system risk of: software defects software development practices software.

Software causes many failures - significant mission risk Hard to quantify effects on system risk of: software defects software development practices software.
National Aeronautics and Space Administration SAS08_Classify_Defects_Nikora1 Software Reliability Techniques Applied to Constellation Allen P. Nikora,

National Aeronautics and Space Administration SAS08_Classify_Defects_Nikora1 Software Reliability Techniques Applied to Constellation Allen P. Nikora,
Reducing the cost of sustained operations through technology infusion April 2004 Darin Skelly NASA Kennedy Space Center Transformational Spaceport & Range.

Reducing the cost of sustained operations through technology infusion April 2004 Darin Skelly NASA Kennedy Space Center Transformational Spaceport & Range.
A Recipe for Success in Implementing CBTC on an Operating Transit System Presented by: Dr. Alan F. Rumsey, P.Eng, FIRSE March 12, 2014 Communications-Based.

A Recipe for Success in Implementing CBTC on an Operating Transit System Presented by: Dr. Alan F. Rumsey, P.Eng, FIRSE March 12, 2014 Communications-Based.
Chapter 10 Contemporary Project Management Kloppenborg

Chapter 10 Contemporary Project Management Kloppenborg
November 20061 TETRA Data Today and Tomorrow Mark Edwards Principal Staff Engineer Motorola European System Design Centre.

November TETRA Data Today and Tomorrow Mark Edwards Principal Staff Engineer Motorola European System Design Centre.
. Traffic Flow Management System Benefits Flexibility for Future Growth: TFMS provides a modern software architecture to meet future growth and support.

. Traffic Flow Management System Benefits Flexibility for Future Growth: TFMS provides a modern software architecture to meet future growth and support.
Protecting the Public, Astronauts and Pilots, the NASA Workforce, and High-Value Equipment and Property Mission Success Starts With Safety Believe it or.

Protecting the Public, Astronauts and Pilots, the NASA Workforce, and High-Value Equipment and Property Mission Success Starts With Safety Believe it or.

Similar presentations

Ads by Google