formal verification of small and micro uas
play

Formal verification of small and micro UAS Prof Sandor M Veres - PowerPoint PPT Presentation

Formal verification of small and micro UAS Prof Sandor M Veres University of Sheffield December 2, 2015 Introduction The purpose of my talk What to Verify? What are the models and requirements? Verification of autopilots - APD How to


  1. Formal verification of small and micro UAS Prof Sandor M Veres University of Sheffield December 2, 2015

  2. Introduction The purpose of my talk What to Verify? What are the models and requirements? Verification of autopilots - APD How to verification autopilots ? Legal Airspaces and requirements - LAS How to Define Airspaces ? Verification of environmental perception - PEN Environmental perception of an autonomous UAS Quality of computer vision systems The role of knowledge in perception Quality of dense scene reconstruction Verification of situational awareness - SAE Verification of decision making of AUAS - LTD Redundant and Distributed Computation - DCS Conclusions

  3. The purpose of my talk ◮ Addressing the problem of verifying autonomous operations of UAS engineering systems in various type of environments such as enclosed areas, congested areas, over countryside under 400ft and in national airspace are considered.

  4. The purpose of my talk ◮ Addressing the problem of verifying autonomous operations of UAS engineering systems in various type of environments such as enclosed areas, congested areas, over countryside under 400ft and in national airspace are considered. ◮ What to verify? What are the requirements? How to verify?

  5. The purpose of my talk ◮ Addressing the problem of verifying autonomous operations of UAS engineering systems in various type of environments such as enclosed areas, congested areas, over countryside under 400ft and in national airspace are considered. ◮ What to verify? What are the requirements? How to verify? ◮ Identify models which are general enough to be applicable to most practical autonomous UAS and their subsystems.

  6. What to Verify? ◮ The UAS is assumed to be in operation in various environmental scenarios

  7. What to Verify? ◮ The UAS is assumed to be in operation in various environmental scenarios ◮ What does verification mean for this engineering system?

  8. What to Verify? ◮ The UAS is assumed to be in operation in various environmental scenarios ◮ What does verification mean for this engineering system? ◮ The challenge is to ascertain that it will function in materially and legally acceptable manner with high probability

  9. What to Verify? ◮ The UAS is assumed to be in operation in various environmental scenarios ◮ What does verification mean for this engineering system? ◮ The challenge is to ascertain that it will function in materially and legally acceptable manner with high probability ◮ We need to make the definition of UAS verification more precise

  10. What to Verify? ◮ The UAS is assumed to be in operation in various environmental scenarios ◮ What does verification mean for this engineering system? ◮ The challenge is to ascertain that it will function in materially and legally acceptable manner with high probability ◮ We need to make the definition of UAS verification more precise ◮ What are the methods available to achieve verification and what is missing?

  11. What are the models and requirements? ◮ Joint autopilot and aircraft dynamics in closed loop. (APD)

  12. What are the models and requirements? ◮ Joint autopilot and aircraft dynamics in closed loop. (APD) ◮ Broad set of environmental models for the legal airspace, concerning weather conditions and presence of other aircraft, buildings and variations of terrain on the ground. (LAS)

  13. What are the models and requirements? ◮ Joint autopilot and aircraft dynamics in closed loop. (APD) ◮ Broad set of environmental models for the legal airspace, concerning weather conditions and presence of other aircraft, buildings and variations of terrain on the ground. (LAS) ◮ Effectiveness of perception/sensory systems under all environmental conditions. (PEN)

  14. What are the models and requirements? ◮ Joint autopilot and aircraft dynamics in closed loop. (APD) ◮ Broad set of environmental models for the legal airspace, concerning weather conditions and presence of other aircraft, buildings and variations of terrain on the ground. (LAS) ◮ Effectiveness of perception/sensory systems under all environmental conditions. (PEN) ◮ Situational awareness under all environmental conditions and possible damage to the aircraft itself. (SAE)

  15. What are the models and requirements? ◮ Joint autopilot and aircraft dynamics in closed loop. (APD) ◮ Broad set of environmental models for the legal airspace, concerning weather conditions and presence of other aircraft, buildings and variations of terrain on the ground. (LAS) ◮ Effectiveness of perception/sensory systems under all environmental conditions. (PEN) ◮ Situational awareness under all environmental conditions and possible damage to the aircraft itself. (SAE) ◮ Legally transparent decision making system onboard, including planning and path planning . (LTD)

  16. What are the models and requirements? ◮ Joint autopilot and aircraft dynamics in closed loop. (APD) ◮ Broad set of environmental models for the legal airspace, concerning weather conditions and presence of other aircraft, buildings and variations of terrain on the ground. (LAS) ◮ Effectiveness of perception/sensory systems under all environmental conditions. (PEN) ◮ Situational awareness under all environmental conditions and possible damage to the aircraft itself. (SAE) ◮ Legally transparent decision making system onboard, including planning and path planning . (LTD) ◮ Redundant and distributed computation and sensor/actuator systems to safeguard against most likely hardware failures. (DCS)

  17. Outline of the UAS Verification Process Airframe & Dynamical verification Control s/f by control theory Autopilot Legal REDUNDANCY airspace SW/HW definition SW verification ENVIRONMENTAL is pervasive for EVENTS all modules Perception SW & Functional System verification Path Situational SW & Functional planning awareness verification Decision SW & Functional making verification SW & Functional verification Figure: Sub-problems of functional verification of UAS

  18. Requirement for Autopilot & Dynamics ◮ The most studied problem for safety of aircraft is the safety of its control systems to make it fly under varied weather conditions.

  19. Requirement for Autopilot & Dynamics ◮ The most studied problem for safety of aircraft is the safety of its control systems to make it fly under varied weather conditions. ◮ This has been the focus of manned aircraft design for the last six decades.

  20. Requirement for Autopilot & Dynamics ◮ The most studied problem for safety of aircraft is the safety of its control systems to make it fly under varied weather conditions. ◮ This has been the focus of manned aircraft design for the last six decades. ◮ Research and methods of manned aviation to secure safety should not be ignored for UAS

  21. Requirement for Autopilot & Dynamics ◮ The most studied problem for safety of aircraft is the safety of its control systems to make it fly under varied weather conditions. ◮ This has been the focus of manned aircraft design for the last six decades. ◮ Research and methods of manned aviation to secure safety should not be ignored for UAS ◮ Often more threat to the environment than to the vehicle if it is inexpensive.

  22. Requirement for Autopilot & Dynamics ◮ The most studied problem for safety of aircraft is the safety of its control systems to make it fly under varied weather conditions. ◮ This has been the focus of manned aircraft design for the last six decades. ◮ Research and methods of manned aviation to secure safety should not be ignored for UAS ◮ Often more threat to the environment than to the vehicle if it is inexpensive. ◮ Need for suitable legal frameworks, potentially a global one, for UAS aviation rules.

  23. System models for Autopilot & Dynamics Software verification [1]: checking whether the mathematical model is executed Agent software System: Autopilot realtime code D/A A/D Actuators model: Sensors model: dynamics is known dynamics is known with uncertainty with uncertainty Model of Aircraft Dynamics under various environmental and weather conditions Figure: Verification of UAS models and the environment with uncertainty.

  24. System models for Autopilot & Dynamics Autopilot realtime code A/D D/A Actuators Sensors Dynamics Dynamics Real Aircraft dynamics under various environmental and weather conditions System Identification of real aircraft dynamics under various operating conditions Model Formal verification using theory of control systems with bounded operator uncertainty (Fig. 1) Figure: System Identification (SysId) of real aircraft dynamics under various operating conditions to support formal verification.

  25. Legal Definitions of Airspaces - LAS ◮ Each type of UAS is subject to different regulation with regard to where it is permitted to fly, dependent on its weight, payload and prevailing weather conditions.

  26. Legal Definitions of Airspaces - LAS ◮ Each type of UAS is subject to different regulation with regard to where it is permitted to fly, dependent on its weight, payload and prevailing weather conditions. ◮ Legal airspaces may be defined in a number of ways such as geographic regions (e.g. Aerodrome Traffic Zones) or relative boundaries (e.g. proximity to people) and may impose restrictions on the operation.

Recommend


More recommend