National Aeronautics and Space Administration Practices for Improving Robotic Software Reliability in Flight and Research Projects Khaled S. Ali and Issa.

Slides:

Advertisements

Similar presentations

Connected Health Framework

Advertisements

Multimission Ground Systems & Services MOS 2.0: A View of the Next Generation in Mission Operations Systems Duane L. Bindschadler, Carole A. Boyles, Carlos.

CESG, Fall 2011, 5 th November 2011 Stuart Fowell, SciSys Device Virtualisation and Electronic Data Sheets.

TSpaces Services Suite: Automating the Development and Management of Web Services Presenter: Kevin McCurley IBM Almaden Research Center Contact: Marcus.

Ch:8 Design Concepts S.W Design should have following quality attribute: Functionality Usability Reliability Performance Supportability (extensibility,

Technology Drivers Traditional HPC application drivers – OS noise, resource monitoring and management, memory footprint – Complexity of resources to be.

Ch 3 System Development Environment

CLARAty: Towards Standardized Abstractions and Interfaces for Robotics Systems Coupled Layer Architecture for Robotic Autonomy Issa A.D. Nesnas Jet Propulsion.

Towards Target-Level Testing and Debugging Tools For Embedded Software Harry Koehnemann, Arizona State University Dr. Timothy Lindquist, Arizona State.

IV&V of Critical Behavior September, 2012 Shirley Savarino, TASC.

Technical Architectures

R R R CSE870: Advanced Software Engineering (Cheng): Intro to Software Engineering1 Advanced Software Engineering Dr. Cheng Overview of Software Engineering.

DCS Architecture Bob Krzaczek. Key Design Requirement Distilled from the DCS Mission statement and the results of the Conceptual Design Review (June 1999):

Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Sponsored by the U.S. Department of Defense © 1998 by Carnegie Mellon.

Architectural Design Establishing the overall structure of a software system Objectives To introduce architectural design and to discuss its importance.

Software Architecture. Agenda " Why architect? " What is architecture? " What does an architect do? " What principles guide the process of architecting?

David Garlan Ivan Ruchkin Carnegie Mellon University Pittsburgh, PA, USA December 2014.

2004 International Telemetering Conference20 October CCSDS FILE DELIVERY PROTOCOL INTER-IMPLEMENTATION TESTING FINAL REPORT TESTING OF A DTN PROTOCOL.

©Ian Sommerville 2004Software Engineering, 7th edition. Chapter 18 Slide 1 Software Reuse.

Chapter 7: Architecture Design Omar Meqdadi SE 273 Lecture 7 Department of Computer Science and Software Engineering University of Wisconsin-Platteville.

Modularly Adaptable Rover and Integrated Control System Mars Society International Conference 2003 – Eugene, Oregon.

SAS_08_AADL_Exec_Gluch MAC-T IVV Model-Based Software Assurance with the SAE Architecture Analysis & Design Language (AADL) California Institute.

Mars Science Laboratory FY04 Year End Review MSL Focused Technology – Rover Technology TB (incl CLARAty) Issa A.D. Nesnas October 15,

ICOM 5995: Performance Instrumentation and Visualization for High Performance Computer Systems Lecture 7 October 16, 2002 Nayda G. Santiago.

CSE 303 – Software Design and Architecture

DCS Overview MCS/DCS Technical Interchange Meeting August, 2000.

 Applied Architectures and Styles Chapter 11, Part 2 Service-Oriented Architectures and Web Services Architectures from Specific Domains Robotics Wireless.

Task Manager Issa A.D. Nesnas Vision Max Bajracharya (JPL) Alt. Task Manager Tara Estlin JPL - Issa A.D. Nesnas ARC – Anne Wright CMU – Reid Simmons U.

Space-Based Network Centric Operations Research. Secure Autonomous Integrated Controller for Distributed Sensor Webs Objective Develop architectures and.

Architecting Web Services Unit – II – PART - III.

Unified Modeling Language, Version 2.0

Composing Adaptive Software Authors Philip K. McKinley, Seyed Masoud Sadjadi, Eric P. Kasten, Betty H.C. Cheng Presented by Ana Rodriguez June 21, 2006.

Architectural Blueprints The “4+1” View Model of Software Architecture

Crystal-25 April The Rising Power of the Web Browser: Douglas du Boulay, Clinton Chee, Romain Quilici, Peter Turner, Mathew Wyatt. Part of a.

Middleware for FIs Apeego House 4B, Tardeo Rd. Mumbai Tel: Fax:

1 Geospatial and Business Intelligence Jean-Sébastien Turcotte Executive VP San Francisco - April 2007 Streamlining web mapping applications.

BY OKAY ASLAN CMPE 516 FAULT TOLERANT COMPUTING A Formal Object-Oriented Analysis for Software Reliability: Design for Verification.

Ames Research CenterDivision 1 Information Power Grid (IPG) Overview Anthony Lisotta Computer Sciences Corporation NASA Ames May 2,

Dale Roberts Object Oriented Programming using Java - Introduction Dale Roberts, Lecturer Computer Science, IUPUI Department.

March 2004 At A Glance NASA’s GSFC GMSEC architecture provides a scalable, extensible ground and flight system approach for future missions. Benefits Simplifies.

Unified Robotic Software Development using CLARAty Issa A.D. Nesnas Mobility and Robotic Systems Section Autonomous Systems Division July 20, 2005

Accelerated Long Range Traverse (ALERT) Paul Springer Michael Mossey.

12 Chapter 12: Advanced Topics in Object-Oriented Design Systems Analysis and Design in a Changing World, 3 rd Edition.

Mike Graves Summer 2005 University of Texas at Dallas Implicit Invocation: The Task Control Architecture Mike Graves CS6362 Term Paper Dr. Lawrence Chung.

Architecture View Models A model is a complete, simplified description of a system from a particular perspective or viewpoint. There is no single view.

New Products from NASA’s Software Architecture Review Board

August 2003 At A Glance The IRC is a platform independent, extensible, and adaptive framework that provides robust, interactive, and distributed control.

June 28, 2000 Architecture Review 1 Examples: Implementing Common Solutions within CLARAty.

SAS_05_Contingency_Lutz_Tal1 Contingency Software in Autonomous Systems Robyn Lutz, JPL/Caltech & ISU Doron Tal, USRA at NASA Ames Ann Patterson-Hine,

From the customer’s perspective the SRS is: How smart people are going to solve the problem that was stated in the System Spec. A “contract”, more or less.

Mars Exploration Rover Machine Using Java Technology Presented by k.Pranusha k.Ishwarya.

1 SAS ‘04 Reducing Software Security Risk through an Integrated Approach David P. Gilliam and John D. Powell.

March 2004 At A Glance The AutoFDS provides a web- based interface to acquire, generate, and distribute products, using the GMSEC Reference Architecture.

A Programmatic View of CLARAty Richard Volpe JPL Space Exploration Technology Program Office NASA Mars Technology Program 2009 Mars Science Laboratory.

MIT Lincoln Laboratory Dynamic Declarative Networking Exploiting Declarative Knowledge To Enable Energy Efficient Collaborative Sensing Daniel J. Van Hook.

Basic Characteristics of Object-Oriented Systems

Autonomy: Executive and Instruments Life in the Atacama 2004 Science & Technology Workshop Nicola Muscettola NASA Ames Reid Simmons Carnegie Mellon.

Astrobiology Science and Technology for Exploring Planets (ASTEP) Mid-Year Review August 4, 2004 Robust Autonomous Instrument Placement for Rovers (JPL:

National Aeronautics and Space Administration Jet Propulsion Laboratory March 17, 2009 Workflow Orchestration: Conducting Science Efficiently on the Grid.

ARTEMIS SRA 2016 Trust, Security, Robustness, and Dependability Dr. Daniel Watzenig ARTEMIS Spring Event, Vienna April 13, 2016.

National Aeronautics and Space Administration 1 CCSDS Information Architecture Working Group Daniel J. Crichton NASA/JPL 24 March 2005.

JSTAR Independent Test Capability (ITC) Core Flight System (CFS) Utilization October 26, 2015 Justin R Morris NASA IV&V Program.

Reference Architecture for NASA’s Earth Science Data Systems Richard Ullman ES-DSWG-SPG Chair NASA/GSFC Code 586.

CS 325: Software Engineering

Architecting Web Services

Self Healing and Dynamic Construction Framework:

Introduction to Design Patterns

Architecting Web Services

CAE-SCRUB for Incorporating Static Analysis into Peer Reviews

Hardware-less Testing for RAS Software

Presentation transcript:

National Aeronautics and Space Administration Practices for Improving Robotic Software Reliability in Flight and Research Projects Khaled S. Ali and Issa A.D. Nesnas Jet Propulsion Laboratory, California Institute of Technology The Sixth IARP-IEEE/RAS-EURON Joint Workshop on Technical Challenges for Dependable Robots in Human Environments, Pasadena, California, May 17-18, 2008

National Aeronautics and Space Administration May 17-18, 2008 Workshop on Robot Dependability 2 Presentation Overview The Need for Dependability in Robots for Space Applications The Flight Side: Mars Exploration Rovers –MER FSW Architecture Design Decisions for Reliability –MER FSW Development Procedures for Reliability The Research Side: CLARAty –What is CLARAty? –Techniques used by CLARAty to Improve Software Reliability

National Aeronautics and Space Administration The Need for Dependability in Space Applications If a robot fails after leaving Earth, repair may be difficult or impossible If a robot fails during a critical time, such as descent and landing, the results can be disastrous Research efforts need to consider dependability to address scalability and facilitate integration into flight applications May 17-18, 2008 Workshop on Robot Dependability 3

National Aeronautics and Space Administration The Flight Side: Mars Exploration Rovers (MER)

National Aeronautics and Space Administration MER Flight Software Design Decisions Overview Software Decomposition –Object Oriented –Hierarchical state machines Runtime Model –Multiple tasks –Asynchronous message passing –Multi-layered fault protection –Automation of critical behaviors Software Implementation Principles –Coding standards –Static memory allocation –Design patterns May 17-18, 2008 Workshop on Robot Dependability 5

National Aeronautics and Space Administration MER Flight Software Decomposition Object-oriented style design, with emphasis placed on interfaces, encapsulation, and modularity Objects implemented as hierarchical state machines May 17-18, 2008 Workshop on Robot Dependability 6

National Aeronautics and Space Administration MER Flight Software Runtime Model (Part 1) Multiple tasks on a RTOS, with task priorities reflecting criticality and required response time Asynchronous message passing as the principle means of communication between objects, and the messages drive the heierarchical state machines Multi-layered fault protection –Hardware –Software handling Minor faults handled locally Major faults handled by separate Health and Fault Protection tasks –Command sequences May 17-18, 2008 Workshop on Robot Dependability 7

National Aeronautics and Space Administration MER Flight Software Runtime Model (Part 2) Critical mission behaviors are automated –Entry, Descent, and Landing –Communication –Fault Handling –Attitude Acquisition –Wakeup and Shutdown Allows faster handling than ground-in-the-loop and richer handling than either hardware or command sequences May 17-18, 2008 Workshop on Robot Dependability 8

National Aeronautics and Space Administration MER Flight Software Implementation Principles Dynamic memory allocation is severely limited to prevent heap fragmentation and allow memory problems to be discovered during development Coding conventions, rules, and guidelines. Design patterns (message passing, command handling, hardware device objects) Reference: –Glenn E. Reeves & Joseph F. Snyder "A Overview of the Mars Exploration Rovers' Flight Software" 2005 IEEE International Conference on Systems, Man and Cybernetics Waikoloa, Hawaii, October 10-12, 2005 May 17-18, 2008 Workshop on Robot Dependability 9

National Aeronautics and Space Administration May 17-18, 2008 Workshop on Robot Dependability 10 Flight Software Development Procedures Use only mission-proven or thoroughly tested technologies Formal design reviews –Inheritance reviews –Design reviews –Implementation reviews Code reviews –Independent developer reviews code –Static code analyzers used

National Aeronautics and Space Administration Rigorous Flight Software Testing Unit Testing: –Extensive testing of each module in isolation by the developer Regression Testing: –Integrated module testing by a dedicated test team after new modules are integrated System Testing: –Project wide rehearsals of expected mission scenarios –Can last several days where several different activities would be tested in the manner they would be used in the mission –All communication is done during communication passes May 17-18, 2008 Workshop on Robot Dependability 11

National Aeronautics and Space Administration The Research Side: CLARAty Coupled Layer Architecture for Robotic Autonomy

National Aeronautics and Space Administration May 17-18, 2008 Workshop on Robot Dependability 13 What is CLARAty? CLARAty is a unified and reusable software that provides robotic functionality and simplifies the integration of new technologies on robotic platforms A research tool for technology development and maturation

National Aeronautics and Space Administration May 17-18, 2008 Workshop on Robot Dependability 14 Problem and Approach Problem: –Difficult to share software/algorithms across systems –Different hardware/software infrastructure –No standard protocols and APIs –No flexible code base of robotic capabilities Objectives –Improve software reliability by enabling and encouraging reuse –Provide mature and dependable robotic infrastructure Simplifies creation of robotic applications Simplified integration of new technologies Enables research efforts to concentrate on the algorithm being investigated –Mature software used on heterogeneous robots, enabling more reuse Same interfaces to high-level components

National Aeronautics and Space Administration Interoperability: Software & Hardware May 17-18, 2008 Workshop on Robot Dependability 15 Rover Acquire Image Goto Target 1 Swappable Algorithm or Robot Adaptation ATRV Jr. Rocky 7 ROAMS Functional Layer Decision Layer Declarative Activity Functional Abstraction Rocky 8 Explore Site Goto Target 3 Deploy Instrument Acquire & Analyze Navigator Morphin Locomotor R8_Model Motor R8_Motor Pose Estimator SAPP Pt Cloud IMU ISIS Target Tracker Falcon Camera 1394 Cam Stereovision JPLV

National Aeronautics and Space Administration May 17-18, 2008 Workshop on Robot Dependability 16 Technology Tasks Technology Development, Integration and Validation CLARAty Jet Propulsion Lab CMU NASA ARC U. Minnesota R&TD, MDS, DRDF Competed Mars Technology Program Other NASA Programs Rover Simulation ROAMS Rover Hardware JPL Internal Programs Flight Focused Technology Programs Science Instruments Simulation Operator Interface Legacy Algorithms Flight Algorithms NASA Centers and Universities Technology Tasks NASA Centers and Universities Technology Tasks NASA Centers and Universities Technology Tasks NASA Centers and Universities Technology Tasks Technology Validation Tasks Technology Tasks Technology Tasks

National Aeronautics and Space Administration Techniques We Use in CLARAty Some of the techniques that we have explored to improving software reliability are: –Improved processes and procedures for software development –Unified coding conventions –Static code analysis and validation tools –Increased software reliability through reuse –Formal technology validation –Automated nightly regression testing (to a limited extent) –Fault-tolerant software May 17-18, 2008 Workshop on Robot Dependability 17

National Aeronautics and Space Administration Back-up Slides

National Aeronautics and Space Administration May 17-18, 2008 Workshop on Robot Dependability 19 Acknowledgements CLARAty Team (multi-center) Jet Propulsion Laboratory Ames Research Center Carnegie Mellon University University of Minnesota

National Aeronautics and Space Administration May 17-18, 2008 Workshop on Robot Dependability 20 Current CLARAty Core Team NASA Ames Research Center –Lorenzo Flueckiger –Hans Utz Carnegie Mellon University –Reid Simmons –David Apelfaum –Nick Melchior University of Minnesota –Stergios Roumeliotis –Nikolas Trawny –Anastasios I. Mourikis Jet Propulsion Laboratory –Issa A.D. Nesnas –Hari Das Nayar –Tara Estlin –Richard Petras –Daniel Gaines –Robert Steele –Daniel Clouse –Michael McHenry –Khaled S. Ali –Mihail Pivtoraiko –Kelly Breed Affiliates –Jeffrey Edlund Full Credits for all Developers and Contributors at: