The role of testing in verification and certification Kerstin Eder

Similar documents
Verification and Validation for Safety in Robots Kerstin Eder

University of Bristol - Explore Bristol Research. Peer reviewed version. Link to published version (if available): /

arxiv: v3 [cs.ro] 13 Jul 2016

arxiv: v2 [cs.ro] 25 Jun 2016

Verification and Validation of Robot Assistants

Verifiable Autonomy. Michael Fisher. University of Liverpool, 11th September 2015

Automated Driving Systems with Model-Based Design for ISO 26262:2018 and SOTIF

Stanford Center for AI Safety

Workshop on the Future of Nuclear Robotics Safety Cases

Improved Model Generation of AMS Circuits for Formal Verification

SAFETY CASES: ARGUING THE SAFETY OF AUTONOMOUS SYSTEMS SIMON BURTON DAGSTUHL,

Component Based Mechatronics Modelling Methodology

Model checking in the cloud VIGYAN SINGHAL OSKI TECHNOLOGY

Automated Testing of Autonomous Driving Assistance Systems

TRUST-BASED CONTROL AND MOTION PLANNING FOR MULTI-ROBOT SYSTEMS WITH A HUMAN-IN-THE-LOOP

The IEEE Global Initiative for Ethical Considerations in Artificial Intelligence and Autonomous Systems. Overview June, 2017

Notes S5 breakout session - Hybrid Automata Verification S5 Conference June 2015

Towards Intuitive Industrial Human-Robot Collaboration

Elena Corina Grigore

Swarm Intelligence W7: Application of Machine- Learning Techniques to Automatic Control Design and Optimization

On the use of the Goal-Oriented Paradigm for System Design and Law Compliance Reasoning

The IEEE Global Initiative on Ethics of Autonomous and Intelligent Systems. FairWare2018, 29 May 2018

Autonomous and Autonomic Systems: With Applications to NASA Intelligent Spacecraft Operations and Exploration Systems

Life Isn t Fair, So Use Formal by Roger Sabbagh, Mentor Graphics

EU regulatory system for robots

Robot Task-Level Programming Language and Simulation

Pervasive Services Engineering for SOAs

Cognitive robots and emotional intelligence Cloud robotics Ethical, legal and social issues of robotic Construction robots Human activities in many

Ubiquitous Home Simulation Using Augmented Reality

AN AUTONOMOUS SIMULATION BASED SYSTEM FOR ROBOTIC SERVICES IN PARTIALLY KNOWN ENVIRONMENTS

AOSE Agent-Oriented Software Engineering: A Review and Application Example TNE 2009/2010. António Castro

Autonomous Robotic (Cyber) Weapons?

Design of intelligent surveillance systems: a game theoretic case. Nicola Basilico Department of Computer Science University of Milan

Using Dynamic Capability Evaluation to Organize a Team of Cooperative, Autonomous Robots

Tutorial of Reinforcement: A Special Focus on Q-Learning

An Unreal Based Platform for Developing Intelligent Virtual Agents

Development of an Intelligent Agent based Manufacturing System

Towards Application Driven Sensor Network Control. Nael Abu-Ghazaleh SUNY Binghamton

Robot Autonomy the future of intelligent autonomous systems?

On-demand printable robots

MULTI-AGENT BASED SOFTWARE ENGINEERING MODELS: A REVIEW

A Multi-Agent Based Autonomous Traffic Lights Control System Using Fuzzy Control

Industrial Applications and Challenges for Verifying Reactive Embedded Software. Tom Bienmüller, SC 2 Summer School, MPI Saarbrücken, August 2017

Neural Models for Multi-Sensor Integration in Robotics

Human-Swarm Interaction

Proposers Day Workshop

A Winning Combination

Journal Title ISSN 5. MIS QUARTERLY BRIEFINGS IN BIOINFORMATICS

CPS331 Lecture: Agents and Robots last revised April 27, 2012

Korean Robot Standardization

Overview: Emerging Technologies and Issues

Multi-Platform Soccer Robot Development System

Indiana K-12 Computer Science Standards

A review of Reasoning About Rational Agents by Michael Wooldridge, MIT Press Gordon Beavers and Henry Hexmoor

Requirements Gathering using Object- Oriented Models

Model-Based Systems Engineering Methodologies. J. Bermejo Autonomous Systems Laboratory (ASLab)

CISC 1600 Lecture 3.4 Agent-based programming

SIGVerse - A Simulation Platform for Human-Robot Interaction Jeffrey Too Chuan TAN and Tetsunari INAMURA National Institute of Informatics, Japan The

To the Front Lines of Digital Transformation

To the Front Lines of Digital Transformation

Are we ready for computer assisted living?

FP7 ICT Call 6: Cognitive Systems and Robotics

Transactions on Information and Communications Technologies vol 6, 1994 WIT Press, ISSN

Electrical and Automation Engineering, Fall 2018 Spring 2019, modules and courses inside modules.

MULTI-LAYERED HYBRID ARCHITECTURE TO SOLVE COMPLEX TASKS OF AN AUTONOMOUS MOBILE ROBOT

Enterprise ISEA of the Future a Technology Vision for Fleet Support

HUMAN-ROBOT COLLABORATION TNO, THE NETHERLANDS. 6 th SAF RA Symposium Sustainable Safety 2030 June 14, 2018 Mr. Johan van Middelaar

Playware Research Methodological Considerations

This list supersedes the one published in the November 2002 issue of CR.

TRB Innovations in Travel Modeling Atlanta, June 25, 2018

Human Autonomous Vehicles Interactions: An Interdisciplinary Approach

Meeting the Challenges of Formal Verification

Obstacle Avoidance in Collective Robotic Search Using Particle Swarm Optimization

The Privacy Case. Matching Privacy-Protection Goals to Human and Organizational Privacy Concerns. Tudor B. Ionescu, Gerhard Engelbrecht SIEMENS AG

A Systematic Testing Approach for Autonomous Mobile Robots Using Domain-Specific Languages

Prototyping Future Smart City Forms

Real-time Adaptive Robot Motion Planning in Unknown and Unpredictable Environments

CSE-571 AI-based Mobile Robotics

A SERVICE-ORIENTED SYSTEM ARCHITECTURE FOR THE HUMAN CENTERED DESIGN OF INTELLIGENT TRANSPORTATION SYSTEMS

AGENT PLATFORM FOR ROBOT CONTROL IN REAL-TIME DYNAMIC ENVIRONMENTS. Nuno Sousa Eugénio Oliveira

FROM AI TO IA AI: Artificial Intelligence IA: Intelligence Amplification Mieke De Ketelaere, SAS NEMEA


Important Tools and Perspectives for the Future of AI

Using Agent-Based Methodologies in Healthcare Information Systems

SECOND YEAR PROJECT SUMMARY

CPS331 Lecture: Agents and Robots last revised November 18, 2016

Physics Based Sensor simulation

Software verification

Introduction to co-simulation. What is HW-SW co-simulation?

GESTURE BASED HUMAN MULTI-ROBOT INTERACTION. Gerard Canal, Cecilio Angulo, and Sergio Escalera

EMPOWERING THE CONNECTED FIELD FORCE WORKER WITH ADVANCED ANALYTICS MATTHEW SHORT ACCENTURE LABS

Towards a Software Engineering Research Framework: Extending Design Science Research

Anca ANDREICA Producția științifică

Issues and Challenges in Coupling Tropos with User-Centred Design

Introducing Functional Qualification

Gameplay as On-Line Mediation Search

Computer Science and Philosophy Information Sheet for entry in 2018

Abstract. Keywords: virtual worlds; robots; robotics; standards; communication and interaction.

Behaviour-Based Control. IAR Lecture 5 Barbara Webb

Chapter 31. Intelligent System Architectures

Transcription:

The role of testing in verification and certification Kerstin Eder Design Automation and Verification, Microelectronics [and Trustworthy Systems Laboratory] Verification and Validation for Safety in Robots, Bristol Robotics Laboratory

M. Webster, D. Western, D. Araiza-Illan, C. Dixon, K. Eder, M. Fisher, A.G. Pipe. An Assurance-based Approach to Verification and Validation of Human-Robot Teams. arxiv:1608.07403

M. Webster, D. Western, D. Araiza-Illan, C. Dixon, K. Eder, M. Fisher, A.G. Pipe. An Assurance-based Approach to Verification and Validation of Human-Robot Teams. arxiv:1608.07403

What can be done to increase the productivity of simulation-based testing? D. Araiza-Illan, D. Western, A. Pipe, and K. Eder, Coverage-Driven Verification: An Approach to Verify Code for Robots that Directly Interact with Humans, in Haifa Verification Conference, Haifa, Israel, 2015. http://link.springer.com/chapter/10.1007/978-3-319-26287-1_5 D. Araiza-Illan, D. Western, A. G. Pipe, and K. Eder, Systematic and Realistic Testing in Simulation of Control Code for Robots in Collaborative Human-Robot Interactions, in Towards Autonomous Robotic Systems (TAROS), Jun. 2016. http://link.springer.com/chapter/10.1007/978-3-319-40379-3_3 D. Araiza-Illan, A. G. Pipe, and K. Eder, Intelligent Agent-Based Stimulation for Testing Robotic Software in Human-Robot Interactions, in Third Workshop on Model-Driven Robot Software Engineering (MORSE), Dresden, Germany, 2016. http://arxiv.org/abs/1604.05508 4

HRI Verification Challenges System complexity HW SW People Concurrency Experiments in labs Expensive Unsafe 5

We are investigating Testing in simulation Techniques well established in microelectronics design verification Coverage-Driven Verification to verify code that controls robots in HRI. 6

Agency for Intelligent Testing Robotic assistants need to be both powerful and smart. AI and learning are increasingly used in robotics We need intelligent testing. No matter how clever your robot, the testing environment needs to reflect the agency your robot will meet in its target environment. 7

CDV to automate simulation-based testing Why and how? Dejanira Araiza-Illan, David Western, Anthony Pipe and Kerstin Eder. Coverage-Driven Verification An Approach to Verify Code for Robots that Directly Interact with Humans. In Hardware and Software: Verification and Testing, pp. 69-84. Lecture Notes in Computer Science 9434. Springer, November 2015. (DOI 10.1007/978-3-319-26287-1_5) Dejanira Araiza-Illan, David Western, Anthony Pipe and Kerstin Eder. Systematic and Realistic Testing in Simulation of Control Code for Robots in Collaborative Human-Robot Interactions. 17th Annual Conference Towards Autonomous Robotic Systems (TAROS 2016), pp. 20-32. Lecture Notes in Artificial Intelligence 9716. Springer, June 2016. (DOI 10.1007/978-3-319-40379-3_3)

Coverage-Driven Verification SUT 9

Robotic Code J. Boren and S. Cousins, The SMACH High-Level Executive IEEE Robotics & Automation Magazine, vol. 17, no. 4, pp. 18 20, 2010. 10

Coverage-Driven Verification Test SUT Response 11

Coverage-Driven Verification Test Generator Test SUT Response 12

Test Generator Effective tests: - legal tests - meaningful events - interesting events - while exploring the system - typical vs extreme values Efficient tests: - minimal set of tests (regression) Strategies: - Pseudorandom (repeatability) 13

Test Generator Effective tests: - legal tests - meaningful events - interesting events - while exploring the system - typical vs extreme values Efficient tests: - minimal set of tests (regression) Strategies: - Pseudorandom (repeatability) - Constrained pseudorandom 14

Test Generator Effective tests: - legal tests - meaningful events - interesting events - while exploring the system - typical vs extreme values Efficient tests: - minimal set of tests (regression) Strategies: - Pseudorandom (repeatability) - Constrained pseudorandom - Model-based to target specific scenarios 15

16

17

Model-based Test Generation 19

Model-based Test Generation 20

Model-based test generation Formal model Traces from model checking Test template Test components: - High-level actions - Parameter instantiation System + environment Environment to drive system 21

Coverage-Driven Verification Checker Test Generator Test SUT Response 22

Checker Requirements as assertion monitors: - if [precondition], check [postcondition] If the robot decides the human is not ready, then the robot never releases an object. - Implemented as automata Continuous monitoring at runtime, self-checking High-level requirements Lower-level requirements depending on the simulation's detail (e.g., path planning, collision avoidance). assert {! (robot_3d_position == human_3d_position)} 23

Coverage-Driven Verification Checker Test Generator Test SUT Response 24

Coverage-Driven Verification Checker Test Generator Test SUT Response Coverage Collector 25

Coverage Collector Coverage models: - Code coverage - Structural coverage - Functional coverage - Requirements coverage 28

HRI Handover Scenario Requirements: Functional and safety (ISO 13482:2014, ISO 10218-1) 29

Requirements based on ISO 13482 and ISO 10218 30

Requirements based on ISO 13482 and ISO 10218 31

Requirements based on ISO 13482 and ISO 10218 32

Coverage Collector Coverage models: - Code coverage - Structural coverage - Functional coverage - Requirements coverage - Cross-product functional coverage - Cartesian product of environment actions, sensor states and robot actions [O Lachish, E Marcus, S Ur and A Ziv. Hole Analysis for Functional Coverage Data. Design Automation Conference (DAC), June 10-14, 2002] 33

Situation Coverage [2015]

Functional Coverage 37

HRI Handover Scenario Coverage models: Code statement (robot high-level control) Requirements in the form of Assertions Cross-product functional coverage 38

Coverage Results

Code Coverage Results Pseudorandom Constrained Model-based Coverage Hole 40

Assertion Coverage Results 100 pseudorandomly generated tests 100 constrained pseudorandomly generated tests 4 model-based tests 41

Functional Coverage Results 100 pseudorandomly generated tests 160 model-based tests 180 model-based constrained tests 440 tests in total

Coverage-Driven Verification Coverage analysis enables feedback to test generation Checker Test Generator Test SUT Response Coverage Collector 43

CDV for Human-Robot Interaction Dejanira Araiza-Illan, David Western, Anthony Pipe and Kerstin Eder. Systematic and Realistic Testing in Simulation of Control Code for Robots in Collaborative Human-Robot Interactions. 17th Annual Conference Towards Autonomous Robotic Systems (TAROS 2016), pp. 20-32. Lecture Notes in Artificial Intelligence 9716. Springer, June 2016.

46

47

Coverage-Directed Verification systematic, goal directed verification method high level of automation capable of exploring systems of realistic detail under a broad range of environment conditions focus on test generation and coverage constraining test generation requires significant engineering skill and SUT knowledge model-based test generation allows targeting requirements and cross-product coverage more effectively than pseudorandom test generation

http://github.com/robosafe/testbench Dejanira Araiza-Illan, David Western, Anthony Pipe and Kerstin Eder. Coverage-Driven Verification An Approach to Verify Code for Robots that Directly Interact with Humans. In Hardware and Software: Verification and Testing, pp. 69-84. Lecture Notes in Computer Science 9434. Springer, November 2015. (DOI: 10.1007/978-3-319-26287-1_5) Dejanira Araiza-Illan, David Western, Anthony Pipe and Kerstin Eder. Systematic and Realistic Testing in Simulation of Control Code for Robots in Collaborative Human-Robot Interactions. 17th Annual Conference Towards Autonomous Robotic Systems (TAROS 2016), pp. 20-32. Lecture Notes in Artificial Intelligence 9716. Springer, June 2016. (DOI: 10.1007/978-3-319-40379-3_3) 49

CDV provides automation What about agency? 50

http://www.thedroneinfo.com/

Belief-Desire-Intention Agents Desires: goals to fulfil Beliefs: knowledge about the world Intentions: chosen plans, according to current beliefs and goals New beliefs New goals Guards for plans From executing plans 52

CDV testbench components BDI Agents Intelligent testing is harnessing the power of BDI models to introduce agency into test environments. 54

Research Questions Are Belief-Desire-Intention agents suitable to model HRI? How can we exploit BDI agent models for test generation? Can machine learning be used to automate test generation in this setting? How do BDI agent models compare to automata-based techniques for model-based test generation? 55

Interacting Agents BDI can model agency in HRI Interactions between agents create realistic action sequences that serve as test patterns Agent for Simulated Human beliefs beliefs Robot s Code Agent Agents for Simulated Sensors beliefs 56

Interacting Agents BDI can model agency in HRI Interactions between agents create realistic action sequences that serve as test patterns Agent for Simulated Human beliefs beliefs Robot s Code Agent Agents for Simulated Sensors beliefs 57

Verification Agents Meta agents can influence beliefs This allows biasing/directing the interactions (Meta Agent) Verification Agent beliefs beliefs Agent for Simulated Human beliefs beliefs beliefs Agents for Simulated Sensors beliefs Robot s Code Agent 58

Which beliefs are effective? belief subsets Manual belief selection (Meta Agent) Verification Agent beliefs beliefs Agent for Simulated Human beliefs beliefs beliefs Agents for Simulated Sensors beliefs Robot s Code Agent 59

Which beliefs are effective? belief subsets Manual belief selection Random belief selection (Meta Agent) Verification Agent beliefs beliefs Agent for Simulated Human beliefs beliefs beliefs Agents for Simulated Sensors beliefs Robot s Code Agent 60

Which beliefs are effective? belief subsets Optimal belief sets determined through RL (Meta Agent) Verification Agent beliefs beliefs Agent for Simulated Human beliefs plan coverage beliefs beliefs Agents for Simulated Sensors beliefs Robot s Code Agent 61

Code coverdge (%) AccuPulDted code coverdge (%) 100 90 80 70 60 50 40 100 90 80 70 60 50 40 PseudorDndoP 0odel checking 7A %DI Dgents 20 40 60 80 100 120 140 160 7est nupber Results How effective are BDI agents for test generation? How do they compare to model checking timed automata? D. Araiza-Illan, A.G. Pipe, K. Eder. Intelligent Agent-Based Stimulation for Testing Robotic Software in Human-Robot Interactions. (Proceedings of MORSE 2016, ACM, July 2016) (arxiv:1604.05508) D. Araiza-Illan, A.G. Pipe, K. Eder Model-based Test Generation for Robotic Software: Automata versus Belief-Desire- Intention Agents. (under review, preprint available at arxiv:1609.08439)

The cost of learning belief sets Convergence in <300 iterations, < 3 hours The cost of learning a good belief set needs to be considered when assessing the different BDI-based test generation approaches. 64

Code Coverage Results 65

BDI-agents vs timed automata AccuPulDted code coverdge (%) Code coverdge (%) 100 90 80 70 60 50 40 100 90 80 70 60 50 40 PseudorDndoP 0odel checking 7A %DI Dgents 20 40 60 80 100 120 140 160 7est nupber Code coverdge (%) AccuPulDted code coverdge (%) 100 90 80 70 60 50 40 30 20 100 90 80 70 60 50 40 30 20 3seudorDndoP 0odel checking 7A %DI Dgents 10 20 30 40 50 7est nupber Effectiveness: high-coverage tests are generated quickly 67

BDI-agents vs timed automata 68

Back to our Research Questions Belief-Desire-Intention agents are suitable to model HRI Traces of interactions between BDI agent models provide test templates Machine learning (RL) can be used to automate the selection of belief sets so that test generation can be biased towards maximizing coverage Compared to traditional model-based test generation (model checking timed automata), BDI models are: more intuitive to write, they naturally express agency, smaller in terms of model size, more predictable to explore and equal if not better wrt coverage. 69

http://github.com/robosafe D. Araiza Illan, D. Western, A. Pipe, K. Eder. Coverage-Driven Verification - An approach to verify code for robots that directly interact with humans. (Proceedings of HVC 2015, Springer, November 2015) D. Araiza Illan, D. Western, A. Pipe, K. Eder. Systematic and Realistic Testing in Simulation of Control Code for Robots in Collaborative Human-Robot Interactions. (Proceedings of TAROS 2016, Springer, June 2016) D. Araiza-Illan, A.G. Pipe, K. Eder. Intelligent Agent-Based Stimulation for Testing Robotic Software in Human-Robot Interactions. (Proceedings of MORSE 2016, ACM, July 2016) (arxiv:1604.05508) D. Araiza-Illan, A.G. Pipe, K. Eder Model-based Test Generation for Robotic Software: Automata versus Belief-Desire- Intention Agents. (under review, preprint available at arxiv:1609.08439) 70

Thank you Kerstin.Eder@bristol.ac.uk Special thanks to Dejanira Araiza Illan, Jeremy Morse, David Western, Arthur Richards, Jonathan Lawry, Trevor Martin, Piotr Trojanek, Yoav Hollander, Yaron Kashai, Mike Bartley, Tony Pipe and Chris Melhuish for their collaboration, contributions, inspiration and the many productive discussions we have had.

2024 © hobbydocbox.com Privacy Policy | Terms of Service | Feedback