Compositional and Contract-Based Verification for Autonomous Driving on Road Networks

Liebenwein, Lucas; Schwarting, Wilko; Vasile, Cristian-Ioan; DeCastro, Jonathan A.; Alonso–Mora, Javier; Karaman, Sertaç; Rus, Daniela

doi:10.1007/978-3-030-28619-4_18

Cited by 13 publications

(11 citation statements)

References 31 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Our self-safety and responsibility rules utilize this structure to provide sufficient conditions for global safety. In comparison, existing compositional frameworks, such as [5,9,14,17,19,22,23,25], that give sufficient conditions for global safety allow agents' dynamics to be coupled but do not allow for triggering actions. • We note that our approach can be extended to guarantee safety for settings in which individual systems may have communication delays or sensor noise by leveraging recent advances in invariant set computation [10,12,15,29] for systems with these imperfections.…”

Section: Discussionmentioning

confidence: 99%

See 1 more Smart Citation

Compositional safety rules for inter-triggering hybrid automata

Rutledge

Chou

Özay

2021

Proceedings of the 24th International Conference on Hybrid Systems: Computation and Control

View full text Add to dashboard Cite

In this paper, we present a compositional condition for ensuring safety of a collection of interacting systems modeled by intertriggering hybrid automata (ITHA). ITHA is a modeling formalism for representing multi-agent systems in which each agent is governed by individual dynamics but can also interact with other agents through triggering actions. These triggering actions result in a jump/reset in the state of other agents according to a global resolution function. A sufficient condition for safety of the collection, inspired by responsibility-sensitive safety, is developed in two parts: self-safety relating to the individual dynamics, and responsibility relating to the triggering actions. The condition relies on having an over-approximation method for the resolution function. We further show how such over-approximations can be obtained and improved via communication. We use two examples, a job scheduling task on parallel processors and a highway driving example, throughout the paper to illustrate the concepts. Finally, we provide a comprehensive evaluation on how the proposed condition can be leveraged for several multi-agent control and supervision examples.

show abstract

Section: Discussionmentioning

confidence: 99%

“…On the other extreme, one can analyze agents individually, assuming all of the remaining agents act adversarially, in which case safety is hard to attain, if at all possible. Several frameworks have been developed between these two extremes to capture various notions of coordination, collaboration, or contracts [5,6,9,14,17,23,25,28].…”

Section: Introductionmentioning

confidence: 99%

Compositional safety rules for inter-triggering hybrid automata

Rutledge

Chou

Özay

2021

Proceedings of the 24th International Conference on Hybrid Systems: Computation and Control

View full text Add to dashboard Cite

show abstract

“…As such, an autonomous vehicle needs to consider vehicles coming in the opposite direction. Road conventions are also required while overtaking other vehicles or allowing overtaking by other vehicles [61], [62].…”

Section: G Abiding Road Conventionmentioning

confidence: 99%

Autonomous Convoying: A Survey on Current Research and Development

et al. 2022

View full text Add to dashboard Cite

Convoying or platooning with a fleet of autonomous vehicles, which is denoted as autonomous convoying in this paper, has attracted increasing attention from the research communities, governments, and private sectors in recent years. Autonomous convoying offers immense opportunities due to its potential in enhancing logistical efficiency as well as reducing road incidents/accidents by eliminating human errors due to stress and fatigue. While humans can make complex decisions, involving humans in decision-making processes often causes delays as compared with those of automated machines. Indeed, human errors cause approximately 90% of road accidents and fatalities. Efficient platooning techniques can also reduce fuel consumption and carbon footprints. This paper presents a concise survey on current research and development initiatives in autonomous convoying while critically discussing the underlying techniques and technologies developed in this domain. Implications of autonomous convoying toward different industries are also analyzed and discussed.

show abstract

“…Form of Reachability Analysis Type of Guarantee [87], [88] maxFRS + minBRS guarantees collision if no solution for "anticipated reachable set" is found [89] FRS of controlled dynamics predicts unavoidable collision within control policy [90] overapproximated maxFRS, maxFRT all possible forward motions are included [81] inaccuracy around trajectory-planned vehicle checks probability of collision within the inaccuracy model bounds [91] minBRT guarantees collision free in horizon [72] maxBRS for partially-controlled & uncontrolled vehicle conservative collision-free guarantee for non-extreme driving [92] overapproximated maxFRI guarantee "not-at-fault" safety by checking potential collision in time intervals leading to end of time horizon [93] maxBRT guarantees safe interoperability: possibly safe human takeover from autonomous driving system [94] maxFRS of uncontrolled dynamics guarantees collision free in horizon [95] funnel (a variant of FRT for controlled vehicle) guarantees collision-free if a funnel can be found to stay clear of obstacles at all times [96], [97], [98] maxFRS implemented by Flow* [99] guarantees safety of deep neural network (DNN) controlled close-loop system [100] maxFRS of (possibly) occluded vehicle guarantees collision-free with possibly occluded vehicle(s) [101] maxFRS of each agent communicated through a decentralized network real-time collision-free guarantee for a group of autonomous agents [102] maxFRS + collision state pruning + maxBRS guarantees collision-free and successful reach of target state if "controller contract" (state constraint tubes) are honored [86] maxFRT + pedestrian intent prediction guarantees safety within a high probability bound of pedestrian motion collision frequency [53], a vital quantity in determining automotive safety integritity level (ASIL) in ISO26262 [48]. If the vehicle is indeed in such a state, an impact preparation should be executed (usually with extensive use of braking to slow down [104], or by following not-at-fault trajectories [92].)…”

Section: Referencementioning

confidence: 99%

Formal Certification Methods for Automated Vehicle Safety Assessment

Zhao,

Yurtsever,

Paulson

et al. 2022

Preprint

View full text Add to dashboard Cite

Challenges related to automated driving are no longer focused on just the construction of such automated vehicles (AVs), but in assuring the safety of their operation. Recent advances in Level 3 and Level 4 autonomous driving have motivated more extensive study in safety guarantees of complicated AV maneuvers, which aligns with the goal of ISO 21448 (Safety of the Intended Functions, or SOTIF), i.e. minimizing unsafe scenarios both known and unknown, as well as Vision Zero -eliminating highway fatalities by 2050. A majority of approaches used in providing safety guarantees for AV motion control originate from formal methods, especially reachability analysis (RA), which relies on mathematical models for the dynamic evolution of the system to provide guarantees. However, to the best of the authors' knowledge, there have been no review papers dedicated to describing and interpreting state-of-the-art of formal methods in the context of AVs. In this work, we provide both an overview of the safety verification, validation and certification process, as well as review formal safety techniques that are best suited to AV applications. We also propose a unified scenario coverage framework that can provide either a formal or sample-based estimate of safety verification for full AVs. Finally, remaining challenges and future opportunities beyond the scope of current published research for assured AV safety are presented.

show abstract

Compositional and Contract-Based Verification for Autonomous Driving on Road Networks

Cited by 13 publications

References 31 publications

Compositional safety rules for inter-triggering hybrid automata

Compositional safety rules for inter-triggering hybrid automata

Autonomous Convoying: A Survey on Current Research and Development

Formal Certification Methods for Automated Vehicle Safety Assessment

Contact Info

Product

Resources

About