A Software Tool for the Design of Critical Robot Missions with Performance Guarantees


Deploying a robot as part of a counter-weapons of mass destruction mission demands that the robotic software operates with high assurance. A unique feature of robotic software development is the need to perform predictably in a physical environment that may only be poorly characterized in advance. In this paper, we present an approach to building high assurance software for robot missions carried out in uncertain environments. The software development framework and the verification algorithm, VIPARS, are described in detail. Results are presented for missions including motion and sensing uncertainty, interaction with obstacles, and the use of sensors to guide behavior. 1. Introduction We have developed a novel formal framework for the analysis of probabilistic and behavior-based robotic algorithms intended for use in both single and multi-robot applications [1][2]. The resulting methods and tools provide a basis for establishing performance guarantees of these algorithms in complex real-world environmental situations, which is crucial for the critical real-time real-world needs of search, analysis, and recovery tasks. Specifically considered here are high assurance mission needs for application in the domain of counter-weapons of mass destruction (C-WMD) where the robot moves and navigates in an uncertain environment. The robot software verification problem shares many characteristics with real-time program verification, but is different in that the environment in which the robot operates may vary widely and be only partially known. The issue of interaction with a dynamic and uncertain environment raises many difficulties for generating high assurance software, chief among these being the need to handle noisy sensors and actuators, probabilistic software and environment information, and time-critical operation,. In the next section, we introduce the application domain of robotic software for C-WMD missions, its key characteristics and its points of difficulty for establishing performance guarantees. Section 3 describes how a mission is specified in the MissionLab robot mission specification toolset [3] and how the software is associated with robot, sensor, and environment models for the purpose of providing performance guarantees. The domain-specific verification model using PARS (Process Algebra for Robot Schemas [1]) and algorithm, VIPARS (Verification in

DOI: 10.1016/j.procs.2013.01.093

Extracted Key Phrases