Resilience to intermittent assumption violations in reactive synthesis

Ehlers, Rüdiger; Topcu, Ufuk

doi:10.1145/2562059.2562128

Cited by 42 publications

(42 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…These added assumptions may be interpreted as restricting the mobility of the uncontrolled agents and are relaxed, when possible, by identifying when they may be violated, if only on a temporary basis. In this regard, our approach is inspired by works on error resilience (Ehlers and Topcu 2014) and recovery (Wong et al 2014) in reactive synthesis.…”

Section: Specification Revisionsmentioning

confidence: 99%

Reactive mission and motion planning with deadlock resolution avoiding dynamic obstacles

Alonso–Mora

DeCastro

Raman³

et al. 2017

Auton Robot

View full text Add to dashboard Cite

In the near future mobile robots, such as personal robots or mobile manipulators, will share the workspace with other robots and humans. We present a method for mission and motion planning that applies to small teams of robots performing a task in an environment with moving obstacles, such as humans. Given a mission specification written in linear temporal logic, such as patrolling a set of rooms, we synthesize an automaton from which the robots can extract valid strategies. This centralized automaton is executed by the robots in the team at runtime, and in conjunction with a distributed motion planner that guarantees avoidance of moving obstacles. Our contribution is a correctby-construction synthesis approach to multi-robot mission planning that guarantees collision avoidance with respect to moving obstacles, guarantees satisfaction of the mission specification and resolves encountered deadlocks, where a moving obstacle blocks the robot temporally. Our method provides conditions under which deadlock will be avoided by identifying environment behaviors that, when encountered at runtime, may prevent the robot team from achieving its goals. In particular, (1) it identifies deadlock conditions; (2) it is able to check whether they can be resolved; and (3) the robots implement the deadlock resolution policy locally in a distributed manner. The approach is capable of synthesizing and executing plans even with a high density of dynamic obstacles. In contrast to many existing approaches to mission and motion planning, it is scalable with the number of moving obstacles. We demonstrate the approach in physical experiments with walking humanoids moving in 2D environments and in simulation with aerial vehicles (quadrotors) navigating in 2D and 3D environments.

show abstract

Section: Specification Revisionsmentioning

confidence: 99%

Reactive mission and motion planning with deadlock resolution avoiding dynamic obstacles

Alonso–Mora

DeCastro

Raman³

et al. 2017

Auton Robot

View full text Add to dashboard Cite

show abstract

“…Some works have addressed the challenge of synthesizing controllers which are more robust to assumption violations, e.g., Ehlers and Topcu [6] suggested an approach where the synthesized controller allows violations of safety assumptions up to some constant number of times.…”

Section: Running Synthesized Controllers On the Forkliftmentioning

confidence: 99%

Synthesizing a Lego Forklift Controller in GR(1): A Case Study

Maoz

Ringert

2016

Electron. Proc. Theor. Comput. Sci.

View full text Add to dashboard Cite

Reactive synthesis is an automated procedure to obtain a correct-by-construction reactive system from a given specification. GR(1) is a well-known fragment of linear temporal logic (LTL) where synthesis is possible using a polynomial symbolic algorithm. We conducted a case study to learn about the challenges that software engineers may face when using GR(1) synthesis for the development of a reactive robotic system. In the case study we developed two variants of a forklift controller, deployed on a Lego robot. The case study employs LTL specification patterns as an extension of the GR(1) specification language, an examination of two specification variants for execution scheduling, traceability from the synthesized controller to constraints in the specification, and generated counter strategies to support understanding reasons for unrealizability. We present the specifications we developed, our observations, and challenges faced during the case study.

show abstract

“…It then visits mailroom to pick up a package if it is notified that a package is ready for pickup by the packageReady sensor (line 6, 9-10). With the package in hand, the robot must deliver it to office (line [7][8]11). In addition, the robot cannot enter the atrium when the sensor betweenClasses is true, and it cannot enter the kitchen if cooking is true (line [4][5].…”

Section: Examplementioning

confidence: 99%

“…In our work, we ensure that no system guarantees is ever violated. [8] describes an approach to synthesize a controller that can tolerate short sequences of up to k environment assumption violations for some k. The approach comes at a high computational cost, and does not include an additional best-effort approach to tolerate more assumption violations whenever possible, as our recovery approach does. However, the technique is orthogonal to ours in the sense that they can be combined to yield both benefits.…”

Section: Introductionmentioning

confidence: 99%

Correct High-level Robot Behavior in Environments with Unexpected Events

Wong

Ehlers

Kress-Gazit

2014

Robotics: Science and Systems X

Self Cite

View full text Add to dashboard Cite

Abstract-Synthesis of correct-by-construction robot controllers from high-level specifications has the advantage of providing guaranteed robot behavior under different environments. Typically, when such controllers are synthesized, assumptions that the user makes about the behavior of the environment, if any, are incorporated into the resulting controller. In practice, however, the environment assumptions may be unknown to the user, thus preventing the application of synthesis. Even if environment assumptions are available, they may not hold during the robot's execution due to modeling errors or unforeseen anomalous operating conditions.In this paper, we address both of these problems. We present an approach for synthesizing controllers that include built-in recovery transitions, enabling the robot to make progress towards its goals in the event of environment assumption violation, whenever possible. Furthermore, we present a process for automatically augmenting a specification with environment assumptions that are computed from the robot's observations at runtime. We start with a set of candidate assumptions that is updated whenever violated at runtime.

show abstract

Resilience to intermittent assumption violations in reactive synthesis

Cited by 42 publications

References 16 publications

Reactive mission and motion planning with deadlock resolution avoiding dynamic obstacles

Reactive mission and motion planning with deadlock resolution avoiding dynamic obstacles

Synthesizing a Lego Forklift Controller in GR(1): A Case Study

Correct High-level Robot Behavior in Environments with Unexpected Events

Contact Info

Product

Resources

About