1 / 35

Model-Based Programming of Intelligent Embedded Systems

Model-Based Programming of Intelligent Embedded Systems. Bill Gaes CSc 299 Masters Seminar Presentation and Discussion 5/20/2005 Based on: Brian C. Williams et al., “Model-Based Programming of Intelligent Embedded Systems and Robotic Space Explorers,”

gautam
Download Presentation

Model-Based Programming of Intelligent Embedded Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Model-Based Programming of Intelligent Embedded Systems Bill Gaes CSc 299 Masters Seminar Presentation and Discussion 5/20/2005 Based on: Brian C. Williams et al., “Model-Based Programming of Intelligent Embedded Systems and Robotic Space Explorers,” Proceedings of the IEEE, vol. 91, no 1, pp.212-237, 2003.

  2. Outline • Model-Based Programming • Overview • Advantages • Example • Motivation • Details • Discussion Model-Based Programming

  3. Model-Based Programming • Program what you want the system to do • Develop models of what the system can do • Rely on executive to: • execute program • reason on-the-fly • track system state • diagnose faults • reconfigure system to achieve desired goals Model-Based Programming

  4. Advantages of Model-Based Programming • Allow engineers to specify high-level control strategies • Encapsulation and separation of concerns • Model composed of components (e.g., engine, camera, etc) • Program - Object-oriented with multiple inheritance • Executive replaceable with different implementation or one with added capabilities Model-Based Programming

  5. Advantages of Model-Based Programming • Powerful Inference Engines • Reusability • Robustness • Verifiability Model-Based Programming

  6. Example Embedded System - Spacecraft • Spacecraft with 2 redundant engines and a camera • Objective: insert spacecraft into orbit • Camera must be off • One of two engines must fire Model-Based Programming

  7. Simple Spacecraft Model Initial State Goal State Fuel Oxidizer Fuel Oxidizer shut valve open valve EngineA EngineB EngineA EngineB Model-Based Programming

  8. Simple Spacecraft Model Initial State Goal State On Off Science Camera Science Camera Model-Based Programming

  9. Control Program - Pseudocode • Orbital Insertion Control Program: • Concurrently • Place both Engines in standby • Shut off Camera • When Engines are in standby And the Camera is off • then Fire EngineA Model-Based Programming

  10. Reactive Embedded Systems • Requires concurrent and synchronous programming languages such as: • Esterel (~1992) • Statecharts (~1987) Model-Based Programming

  11. Embedded Program Cntrl Obs Physical Plant Programming Complex Reactive Embedded Systems • Programming using traditional reactive languages • challenging, time-consuming, and error-prone Model-Based Programming

  12. Challenges of Programming Autonomous Systems • Programmers must reason through system-wide interactions to generate code for: • monitoring • safeing • goal tracking • standby • fault recovery • mode confirmation • detecting anomalies • isolating faults • diagnosing causes • adaptive control • fault avoidance • hardware reconfiguration Model-Based Programming

  13. Esterel Program For a Robot to Follow a Line module ROBOT: input LeftSensor, RightSensor; output LeftWheelSpeed : float, RightWheelSpeed : float; loop await tick; [ present LeftSensor else emit LeftWheelSpeed(1.0f) end present || present RightSensor else emit RightWheelSpeed(1.0f) end present || present [LeftSensor and RightSensor] then abort loop emit RightWheelSpeed(1.0f); emit LeftWheelSpeed(-0.5f) each tick when [not LeftSensor] end present ] end loop end module Pure signals - indicate presence or absence of stimuli Value signals - have arbitrary value of specified type Wheel controller - sets relative angular velocity, a value in [-1, 1], 1.0 is full speed forward. Explicit syntax for execute in parallel Both sensors see line so attempt corrective action to get back on track Continuously emit 2 signals sequentially, but at each tick, so executed at same instant - emit returns immediately Model-Based Programming

  14. Mars Polar Lander Failure • Leading hypothesis for failure: • Landing legs deployed during decent. • Noise spike in Hall effect sensors latched by monitors. • Laser altimeter registered altitude of 40m • At 40m leg monitors polled • Monitors latched - engine shutdown at 40m Model-Based Programming

  15. Problem and a Solution • Problem • Failure space and interactions with hardware and software too large to enumerate • Solution • Provide reactive embedded languages that reason-on-the-flyfrom commonsense models • Model-based Programming Model-Based Programming

  16. Reactive Model-based Programming Language (RMPL) “Titan” - Model-based Executive Control Sequencer Control Program State estimates Configuration goals Plant Model Deductive Controller Physical Plant Commands Observations Model-Based Architecture Model-Based Programming

  17. Simple RMPL Control Program Procedure TakePicture(target)::{ do { Attitude = target, when Attitude = target donext { SnapStore(); SnapStore(); } } watching Picture = Stored } Model-Based Programming

  18. RMPL Control Program • Five design features • Parallel and sequential execution threads • Conditional execution • Iteration • Preemption • Defining feature • ability to reference “hidden” states of physical plant within assertions and conditions Model-Based Programming

  19. RMPL Control Program expression --> assertion | combinator | prgm_invocation combinator --> A maintaining c | do A watching c | if c thennext A | unless c thennext A | A,B | A;B | always A prgm_invocation --> program_name(arglist) Key: c denotes constraint A and B denote well formed RMPL expressions Note: Language provides additional derived combinators, created by combining primitive combinators Model-Based Programming

  20. RMPL Control Program OrbitInsert()::{ do{ EngineA = Standby, EngineB = Standby, Camera = Off, do{ when EngineA = Standby ^ Camera = Off donext EngineA = Firing } watching Engine A = Failed, whenEngineA = Failed ^ Engine B = Standby ^ Camera = Off donext Engine B = Firing }watching Engine A = Firing v Engine B = Firing } assertion achieve constraint execution condition ask constraint Model-Based Programming

  21. Model-Based Executive Control Sequencer Control Program State estimates Configuration goals Deductive Controller Plant Model Physical Plant Commands Observations Model-Based Executive • Control Sequencer • Executes control program • Uses likely state estimate to generate configuration goals for Deductive Controller to achieve Model-Based Programming

  22. Plant Model - Concurrent Constraint Automata • Built from a set of component models • Each component is represented by • Set of component modes • Set of constraints defining behavior within each nominal mode • Set of probabilistic transitions between modes Model-Based Programming

  23. Spacecraft Engine Component Model Behavior within a mode described by constraints on plant variables: thrust and power_in Probabilistic uncommanded transition (thrust = zero) AND (power_in = zero) Off 0.01 Failed Cmd = stdby Cmd = off (thrust = zero) AND (power_in = nominal) Standby 0.01 Cmd = Stdby Cmd = Fire No constraint for engine’s behavior in failed mode - constraint suspension Component Mode 0.01 (thrust = full) AND (power_in = nominal) Firing Note: All nominal transitions are P = 99% Model-Based Programming

  24. (power_in = zero) AND (shutter = closed) Off 0.01 Failed Cmd = Cam_off Cmd = Cam_on On 0.01 (power_in = nominal) AND (shutter = open) Spacecraft Camera Component Model Note: All nominal transitions are P = 99% Model-Based Programming

  25. Spacecraft Valve Driver and Valve Component Models dcmdout = vcmdin vcmdin dcmdin Valve Driver Model Valve Model interconnection constraint stuck-open dcmdin = reset on open resettable failure dcmdin = on driver = on dcmdin = open driver = on dcmdin = close dcmdin = off dcmdin = off permanent failure stuck-closed closed off Note: All nominal transitions are P = 99% Failure transitions are P = 1% (not shown) Model-Based Programming

  26. Model-Based Executive Titan Model-based Executive Control Sequencer Control Program Finds least-cost reachable goal state State estimates Configuration goals Plant Model Mode Estimation Mode Reconfiguration Deductive Controller Estimates most likely transitions Physical Plant Commands Observations Model-Based Programming

  27. Deductive Controller Mode Estimation Mode Reconfiguration Selects valve configuration; plans actions to open six valves Deduces engines in standby Deduces valve failed - stuck closed Selects valves on backup engine needed to achieve thrust, and plans needed actions Mode Reconfiguration Mode Estimation Model-Based Programming

  28. Space of Possible State Trajectories for Plant Model Trellis Diagram S(0) S(1) S(N) S(N-1) Discrete time step ... S T • Plant state • assigns value to each state variable, e.g., 3000 • consistent with all state constraints, e.g., 12,000 • Set of concurrent transitions • one per automata, e.g., 80 Examples from Plant Model for Deep Space One Model-Based Programming

  29. Deductive ControllerMode Estimation (ME) • Incrementally tracks sets of component mode transitions • Consistent with observations, initial state, and plant CCA • Number of transitions is nm where • n is the size of the domain of the mode variables • m is number of mode variables • Deep Space One Probe (DS-1) nm = 380 Model-Based Programming

  30. Deductive ControllerMode Estimation (ME) • Frame as Optimal Constraint Satisfaction Problem (OCSP) • Conflict-directed A* • Uses propositional logic to find conflicts • Conflicts used to prune implausible consistent transitions • Mode transitions reduced to less than a dozen from 380 Model-Based Programming

  31. ... Mode Estimation ^ ^ ^ ^ S(0) S(1) S(t) S(t-1) prob(si) most likely state - sj state with highest probability prob(sj) Tracks most likely states consistent with plant model, observations, and control actions Model-Based Programming

  32. Deductive ControllerMode Reconfiguration (MR) • Series of commands that progresses plant toward a maximum-reward state that achieves the configuration goal • Goal Interpreter • find goal state that achieves configuration goal while maximizing reward. • Reactive Planner • generates command sequence to move plant to goal state. Model-Based Programming

  33. Mode Reconfiguration ^ ^ ^ ^ S(t) S(t+1) S(t+n) S(t+n-1) Maximum reward goal state ... Given goal and most likely current state find commands that transitions through plant state space toward maximum-reward goal state that achieve the configuration goal Model-Based Programming

  34. Model-based ProgrammingReal-world Uses • Deep-Space One - 2001 • Autonomous control of engine firing • MIT Sphere Spacecraft - 2004 • docking maneuvers with International Space Station • Simulation system for rapid prototyping • autonomous mars exploration testbed • Toyota • Fault management and failure recovery for high-end vehicles • NASA Mars Technology Program • Proposing incorporation into Mars 2009 Smart Lander • John Hopkins Applied Physics Lab • Proposing applying to Messenger Mission to Mercury Model-Based Programming

  35. Discussion • Does this paradigm appear to provide the claimed advantages? • What are potential limitations or pitfalls? • Based on its technical merit is MB-P an advancement? • Does it have enough successes and interest to sustain itself? Model-Based Programming

More Related