BACK TO INDEX

 Publications of year 2022
 Thesis
1. Saswata Paul. Formal Verification of Decentralized Coordination in Autonomous Multi-Agent Aerospace Systems. PhD thesis, Rensselaer Polytechnic Institute, 2022. Keyword(s): formal verification, Athena, distributed systems, distributed computing, air traffic management, autonomous systems, runtime verification, cyber physical systems.
Abstract:
 As autonomous vehicular technologies such as self-driving cars and uncrewed aircraft systems (UAS) evolve to become more accessible and cost-efficient, autonomous multi-agent systems, that comprise of such entities, will become ubiquitous in the near future. The close operational proximity between such autonomous agents will warrant the need for multi-agent coordination to ensure safe operations. In this thesis, we adopt a formal methods-based approach to investigate multi-agent coordination for safety-critical autonomous multi-agent systems. We explore algorithms that can be used for decentralized multi-agent coordination among autonomous mobile agents by communicating over asynchronous vehicle-to-vehicle (V2V) networks that can be prone to agent failures. In particular, we study two types of distributed algorithms that are useful for decentralized coordination â€” consensus, which can be used by autonomous agents to agree on a set of compatible operations; and knowledge propagation, which can be used to ensure sufficient situational awareness in autonomous multi-agent systems. We develop the first machine-checked proof of eventual progress for the Synod consensus algorithm, that does not assume a unique leader. To consider agent failures while reasoning about progress, we introduce a novel Failure-Aware Actor Model (FAM). We then propose a formally verified Two-Phase Acknowledge Protocol (TAP) for knowledge propagation that can establish a safe state of knowledge suitable for autonomous vehicular operations. The non-deterministic and dynamic operating conditions of distributed algorithms deployed over asynchronous V2V networks make it challenging to provide appropriate formal guarantees for the algorithms. To address this, we introduce probabilistic correctness properties that can be developed by stochastically modeling the systems. We present a formal proof library that can be used for reasoning about probabilistic properties of distributed algorithms deployed over V2V networks. We also propose a Dynamic Data-Driven Applications Systems (DDDAS)-based approach for the runtime verification of distributed algorithms. This approach uses parameterized proofs, which can be instantiated at runtime, and progress envelopes, which can divide the operational state space into distinct regions where a proof of progress may or may not hold. To motivate our verification of decentralized coordination, we introduce an autonomous air traffic management (ATM) technique for multi-aircraft systems called Decentralized Admission Control (DAC).

@PhdThesis{paul-phd-2022,
author = {Saswata Paul},
title = {Formal Verification of Decentralized Coordination in Autonomous Multi-Agent Aerospace Systems},
school = {Rensselaer Polytechnic Institute},
year = 2022,
keywords = {formal verification, Athena, distributed systems, distributed computing, air traffic management, autonomous systems, runtime verification, cyber physical systems},
abstract = {As autonomous vehicular technologies such as self-driving cars and uncrewed aircraft systems (UAS) evolve to become more accessible and cost-efficient, autonomous multi-agent systems, that comprise of such entities, will become ubiquitous in the near future. The close operational proximity between such autonomous agents will warrant the need for multi-agent coordination to ensure safe operations. In this thesis, we adopt a formal methods-based approach to investigate multi-agent coordination for safety-critical autonomous multi-agent systems. We explore algorithms that can be used for decentralized multi-agent coordination among autonomous mobile agents by communicating over asynchronous vehicle-to-vehicle (V2V) networks that can be prone to agent failures. In particular, we study two types of distributed algorithms that are useful for decentralized coordination â€” consensus, which can be used by autonomous agents to agree on a set of compatible operations; and knowledge propagation, which can be used to ensure sufficient situational awareness in autonomous multi-agent systems. We develop the first machine-checked proof of eventual progress for the Synod consensus algorithm, that does not assume a unique leader. To consider agent failures while reasoning about progress, we introduce a novel Failure-Aware Actor Model (FAM). We then propose a formally verified Two-Phase Acknowledge Protocol (TAP) for knowledge propagation that can establish a safe state of knowledge suitable for autonomous vehicular operations. The non-deterministic and dynamic operating conditions of distributed algorithms deployed over asynchronous V2V networks make it challenging to provide appropriate formal guarantees for the algorithms. To address this, we introduce probabilistic correctness properties that can be developed by stochastically modeling the systems. We present a formal proof library that can be used for reasoning about probabilistic properties of distributed algorithms deployed over V2V networks. We also propose a Dynamic Data-Driven Applications Systems (DDDAS)-based approach for the runtime verification of distributed algorithms. This approach uses parameterized proofs, which can be instantiated at runtime, and progress envelopes, which can divide the operational state space into distinct regions where a proof of progress may or may not hold. To motivate our verification of decentralized coordination, we introduce an autonomous air traffic management (ATM) technique for multi-aircraft systems called Decentralized Admission Control (DAC).}
}


 Articles in journal, book chapters
1. Elkin Cruz-Camacho, Ahmad Amer, Fotis Kopsaftopoulos, and Carlos A. Varela. Formal Safety Envelopes for Provably Accurate State Classification by Data-Driven Flight Models. Journal of Aerospace Information Systems, 2022. Keyword(s): Formal verification, Agda, Safety envelopes, Runtime verification, dddas.
Abstract:
 We present a novel approach to formally verify data-driven models for state classification in the domain of aerospace. Dynamic data-driven application systems (DDDAS) extend first-principles models with dynamically sensed data enabling the diagnosis and healing of aircrafts during flight. The intrinsic complexity of these systems makes them prone to spurious errors caused by unseen conditions. Formal (software) verification is a technique that goes beyond unit testing or statistical model checking, which can only guarantee system correctness over a fraction of the system's input space. {\em Safety envelopes} bound regions of the system's input space where a formal proof of correctness of state classification holds. We focus on two questions for defining safety envelope boundaries: ({\em i}) does the data follow the model? and ({\em ii}) what is the most likely state of the system given the data? We evaluate safety envelopes with data derived from a wind tunnel experiment tackling the problem of stall detection given piezo-electric sensor measurements over a wing's skin. We define tailored metrics to show the quality of different data-driven models. We encode safety envelopes in the proof assistant Agda, and illustrate their applicability across a variety of input dimensions and Gaussian Process Regression Model (GPRM)-generated data.

@article{cruz-jais-2022,
author = {Elkin Cruz-Camacho and Ahmad Amer and Fotis Kopsaftopoulos and Carlos A. Varela},
title = {Formal Safety Envelopes for Provably Accurate State Classification by Data-Driven Flight Models},
journal={Journal of Aerospace Information Systems},
year={2022},
publisher={American Institute of Aeronautics and Astronautics},
doi="https://doi.org/10.2514/1.I011073" pdf="http://wcl.cs.rpi.edu/papers/cruz-jais-2022.pdf",
keywords = {Formal verification, Agda, Safety envelopes, Runtime verification, dddas},
abstract = {We present a novel approach to formally verify data-driven models for state classification in the domain of aerospace. Dynamic data-driven application systems (DDDAS) extend first-principles models with dynamically sensed data enabling the diagnosis and healing of aircrafts during flight. The intrinsic complexity of these systems makes them prone to spurious errors caused by unseen conditions. Formal (software) verification is a technique that goes beyond unit testing or statistical model checking, which can only guarantee system correctness over a fraction of the system's input space. {\em Safety envelopes} bound regions of the system's input space where a formal proof of correctness of state classification holds. We focus on two questions for defining safety envelope boundaries: ({\em i}) does the data follow the model? and ({\em ii}) what is the most likely state of the system given the data? We evaluate safety envelopes with data derived from a wind tunnel experiment tackling the problem of stall detection given piezo-electric sensor measurements over a wing's skin. We define tailored metrics to show the quality of different data-driven models. We encode safety envelopes in the proof assistant Agda, and illustrate their applicability across a variety of input dimensions and Gaussian Process Regression Model (GPRM)-generated data.}
}


2. Saswata Paul, Gul A. Agha, Stacy Patterson, and Carlos A. Varela. Eventual Consensus in Synod: Verification using a Failure-Aware Actor Model. Innovations in Systems and Software Engineering - A NASA Journal, 2022. Keyword(s): formal verification, Athena, distributed systems, distributed computing, air traffic management, consensus, actor model.
Abstract:
 Successfully attaining consensus in the absence of a centralized coordinator is a fundamental problem in distributed multi-agent systems. We analyze progress in the Synod consensus protocol â€” which does not assume a unique leader â€” under the assumptions of asynchronous communication and potential agent failures. We identify a set of sufficient conditions under which it is possible to guarantee that a set of agents will eventually attain consensus using Synod. First, a subset of the agents must not permanently fail or exhibit Byzantine failure until consensus is reached, and second, at least one proposal must be eventually uninterrupted by higher-numbered proposals. To formally reason about agent failures, we introduce a failure-aware actor model (FAM). Using FAM, we model the identified conditions and provide a formal proof of eventual progress in Synod. Our proof has been mechanically verified using the Athena proof assistant and, to the best of our knowledge, it is the first machine-checked proof of eventual progress in Synod.

@article{paul-isse-2022,
author = {Saswata Paul and Gul A. Agha and Stacy Patterson and Carlos A. Varela},
title = {Eventual Consensus in Synod: Verification using a Failure-Aware Actor Model},
journal="Innovations in Systems and Software Engineering - A NASA Journal",
year="2022",
publisher="Springer Nature",
pdf="http://wcl.cs.rpi.edu/papers/paul-ISSE-2022.pdf",
doi="https://doi.org/10.1007/s11334-022-00463-5",
keywords = {formal verification, Athena, distributed systems, distributed computing, air traffic management, consensus, actor model},
abstract = {Successfully attaining consensus in the absence of a centralized coordinator is a fundamental problem in distributed multi-agent systems. We analyze progress in the Synod consensus protocol â€” which does not assume a unique leader â€” under the assumptions of asynchronous communication and potential agent failures. We identify a set of sufficient conditions under which it is possible to guarantee that a set of agents will eventually attain consensus using Synod. First, a subset of the agents must not permanently fail or exhibit Byzantine failure until consensus is reached, and second, at least one proposal must be eventually uninterrupted by higher-numbered proposals. To formally reason about agent failures, we introduce a failure-aware actor model (FAM). Using FAM, we model the identified conditions and provide a formal proof of eventual progress in Synod. Our proof has been mechanically verified using the Athena proof assistant and, to the best of our knowledge, it is the first machine-checked proof of eventual progress in Synod.}
}


 Conference articles
1. Lorson Blair, Carlos A. Varela, and Stacy Patterson. A Continuum Approach for Collaborative Task Processing in UAV MEC Networks. In 2022 IEEE 15th International Conference on Cloud Computing (CLOUD), pages 247-256, 2022. Keyword(s): Edge Computing, Cloud Computing, Distributed Computing, Cyber Physical Systems.
Abstract:
 Unmanned aerial vehicles (UAVs) are becoming a viable platform for sensing and estimation in a wide variety of applications including disaster response, search and rescue, and security monitoring. These sensing UAVs have limited battery and computational capabilities, and thus must offload their data so it can be processed to provide actionable intelligence. We consider a compute platform consisting of a limited number of highly-resourced UAVs that act as mobile edge computing (MEC) servers to process the workload on premises. We propose a novel distributed solution to the collaborative processing problem that adaptively positions the MEC UAVs in response to the changing workload that arises both from the sensing UAVsâ€™ mobility and the task generation. Our solution consists of two key building blocks: (1) an efficient workload estimation process by which the UAVs estimate the task fieldâ€”a continuous approximation of the number of tasks to be processed at each location in the airspace, and (2) a distributed optimization method by which the UAVs partition the task field so as to maximize the system throughput. We evaluate our proposed solution using realistic models of surveillance UAV mobility and show that our method achieves up to 28% improvement in throughput over a non-adaptive baseline approach.

@INPROCEEDINGS{9861025,
author={Blair, Lorson and Varela, Carlos A. and Patterson, Stacy},
booktitle={2022 IEEE 15th International Conference on Cloud Computing (CLOUD)},
title={A Continuum Approach for Collaborative Task Processing in UAV MEC Networks},
year={2022},
keywords={Edge Computing, Cloud Computing, Distributed Computing, Cyber Physical Systems},
pdf="http://wcl.cs.rpi.edu/papers/IEEE_CLOUD_2022.pdf",
volume={},
number={},
pages={247-256},
doi={10.1109/CLOUD55607.2022.00046},
abstract={Unmanned aerial vehicles (UAVs) are becoming a viable platform for sensing and estimation in a wide variety of applications including disaster response, search and rescue, and security monitoring. These sensing UAVs have limited battery and computational capabilities, and thus must offload their data so it can be processed to provide actionable intelligence. We consider a compute platform consisting of a limited number of highly-resourced UAVs that act as mobile edge computing (MEC) servers to process the workload on premises. We propose a novel distributed solution to the collaborative processing problem that adaptively positions the MEC UAVs in response to the changing workload that arises both from the sensing UAVsâ€™ mobility and the task generation. Our solution consists of two key building blocks: (1) an efficient workload estimation process by which the UAVs estimate the task fieldâ€”a continuous approximation of the number of tasks to be processed at each location in the airspace, and (2) a distributed optimization method by which the UAVs partition the task field so as to maximize the system throughput. We evaluate our proposed solution using realistic models of surveillance UAV mobility and show that our method achieves up to 28% improvement in throughput over a non-adaptive baseline approach.}
}


BACK TO INDEX

Disclaimer:

This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All person copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.

Les documents contenus dans ces répertoires sont rendus disponibles par les auteurs qui y ont contribué en vue d'assurer la diffusion à temps de travaux savants et techniques sur une base non-commerciale. Les droits de copie et autres droits sont gardés par les auteurs et par les détenteurs du copyright, en dépit du fait qu'ils présentent ici leurs travaux sous forme électronique. Les personnes copiant ces informations doivent adhérer aux termes et contraintes couverts par le copyright de chaque auteur. Ces travaux ne peuvent pas être rendus disponibles ailleurs sans la permission explicite du détenteur du copyright.