MIT 16 412J - Model-based Programming - D2098905

Home> Schools> Massachusetts Institute of Technology> (16) > 16 412J> Model-based Programming

DOC PREVIEW

MIT 16 412J - Model-based Programming

School name Massachusetts Institute of Technology

Course 16 412j- Cognitive Robotics

Pages 21

This preview shows page 1-2-20-21 out of 21 pages.

Save

View full document

Premium Document

Do you want full access? Go Premium and unlock all 21 pages.

Access to all documents

Download any document

Ad free experience

Subscribe for instant access Get instant access

View full document

Premium Document

Do you want full access? Go Premium and unlock all 21 pages.

Access to all documents

Download any document

Ad free experience

Subscribe for instant access Get instant access

View full document

Premium Document

Do you want full access? Go Premium and unlock all 21 pages.

Access to all documents

Download any document

Ad free experience

Subscribe for instant access Get instant access

View full document

Premium Document

Do you want full access? Go Premium and unlock all 21 pages.

Access to all documents

Download any document

Ad free experience

Subscribe for instant access Get instant access

Premium Document

Do you want full access? Go Premium and unlock all 21 pages.

Access to all documents

Download any document

Ad free experience

Subscribe for instant access Get instant access

Unformatted text preview:

Model-based Programming:From Embedded Systems To Robotic Space Explorers Brian C. WilliamsCSAILMassachusetts Institute of TechnologyFailures Highlight The Challenge of Robustness • Clementine• Mars Climate Orbiter• Mars Orbiter• Mars Polar Landercourtesy of JPLComplexity Is In Coordinating SubsystemsLarge collections of devices must work in concert to achieve goals• Devices indirectly observed and controlled.• Must manage large levels of redundancy.• Need quick, robust response to anomalies throughout life.Mars Polar Lander FailureProgrammers are overwhelmedby the bookkeeping of reasoningabout unlikely hidden statesLeading Diagnosis:• Legs deployed during descent.• Noise spike on leg sensors latched by software monitors.• Laser altimeter registers 50ft.• Begins polling leg monitors to determine touch down.• Latched noise spike read as touchdown.• Engine shutdown at ~50ft. Fault Aware Systems:Create embedded languagesThat reason and coordinate on the fly from modelsMission Design Begins With A Storyboardengine to standbyplanetary approachswitch toinertial navrotate to entry-orient& hold attitudeseparatelanderMission Storyboards Specify Evolving StatesDescent engine to “standby”:offheating30-60 secstandbyengine to standbyplanetary approachseparatelanderswitch toinertial navrotate to entry-orient& hold attitudeMission Storyboards Specify Evolving Statesengine to standbySpacecraft approach:• 270 mins delay• relative position wrt Mars not observable• based on ground computations of cruise trajectory planetary approachseparatelanderswitch toinertial navrotate to entry-orient& hold attitudeMission Storyboards Specify Evolving Statesengine to standbyplanetary approachseparatelanderswitch toinertial navrotate to entry-orient& hold attitudeSwitch navigation mode:“Earth-relative” = Star Tracker + IMUSwitch navigation mode:“Inertial” = IMU onlyMission Storyboards Specify Evolving Statesengine to standbyRotate spacecraft:• command ACS to entry orientationplanetary approachseparatelanderswitch toinertial navrotate to entry-orient& hold attitudeMission Storyboards Specify Evolving Statesengine to standbyRotate spacecraft:• once entry orientation achieved, ACS holds attitudeplanetary approachseparatelanderswitch toinertial navrotate to entry-orient& hold attitudeengine to standbySeparate lander from cruise stage:planetary approachseparatelanderswitch toinertial navrotate to entry-orient& hold attitudecruisestagelanderstagepyrolatchesMission Storyboards Specify Evolving StatesMission Storyboards Specify Evolving Statesengine to standbyplanetary approachseparatelanderswitch toinertial navrotate to entry-orient& hold attitudeSeparate lander from cruise stage:• when entry orientation achieved, fire primary pyro latchcruisestagelanderstagepyrolatchesMission Storyboards Specify Evolving Statesengine to standbyplanetary approachseparatelanderswitch toinertial navrotate to entry-orient& hold attitudeSeparate lander from cruise stage:• when entry orientation achieved, fire primary pyro latchlanderstageengine to standbyplanetary approachseparatelanderswitch toinertial navrotate to entry-orient& hold attitudeSeparate lander from cruise stage:• in case of failure of primary latch,fire backup pyro latchcruisestagelanderstageStoryboards Elaborated With Failure Scenariosengine to standbyplanetary approachseparatelanderswitch toinertial navrotate to entry-orient& hold attitudeSeparate lander from cruise stage:• in case of failure of primary latch,fire backup pyro latchcruisestagelanderstageStoryboards Elaborated With Failure ScenariosLike Storyboards, Model-based ProgramsSpecify The Evolution of Abstract States Embedded programs evolve actions by interacting with plant sensors and actuators:• Read sensors • Set actuatorsEmbedded ProgramSPlantObsCntrlModel-based programs evolve abstract states through direct interaction:• Read abstract state• Write abstract stateModel-basedEmbedded ProgramSPlantModel-based executive maps between state and sensors/actuators.S’Model-based ExecutiveObs CntrlDescent ExampleEngineA EngineBScience CameraTurn camera off and engine onEngineA EngineBScience CameraModel-based ProgramsControl program specifies state trajectories:• fires one of two engines• sets both engines to ‘standby’• prior to firing engine, camera must be turned off to avoid plume contamination• in case of primary engine failure, fire backup engine insteadOrbitInsert():: (do-watching ((EngineA = Thrusting) OR(EngineB = Thrusting))(parallel(EngineA = Standby)(EngineB = Standby)(Camera = Off)(do-watching (EngineA = Failed)(when-donext ( (EngineA = Standby) AND (Camera = Off) )(EngineA = Thrusting)))(when-donext ( (EngineA = Failed) AND (EngineB = Standby) AND (Camera = Off) )(EngineB = Thrusting))))Plant Model describes behavior of each component:– Nominal and Off nominal– qualitative constraints– likelihoods and costsPlant ModelStandbyStandbyEngine ModelEngine ModelOffOffFailedFailedFiringFiringcomponent modes…(thrust = full) AND(power_in = nominal)(thrust = zero) AND(power_in = zero)(thrust = zero) AND(power_in = nominal)described by finite domain constraints on variables…deterministic and probabilistic transitionsoffoff--cmdcmdstandbystandby--cmdcmd0.010.010.010.01standbystandby--cmdcmdfirefire--cmdcmdcost/reward0 v0 v2 kv2 kvone per component … operating concurrentlyOnOnCamera ModelCamera ModelOffOffturnoffturnoff--cmdcmdturnonturnon--cmdcmd(power_in = zero) AND(shutter = closed)(power_in = nominal) AND(shutter = open)0 v20 v0.010.010.010.010 vState-based Execution: The model-based program sets the state to thrusting, and the deductive controller . . . . Determines that valveson the backup enginewill achieve thrust, andplans needed actions.Deduces that a valve failed - stuck closedPlans actionsto opensix valvesFuel tankFuel tankOxidizer tankOxidizer tankDeduces thatthrust is off, andthe engine is healthyControl SequencerDeductive ControllerSystem ModelCommandsObservationsControl ProgramPlantTitan Model-based ExecutiveRMPL Model-based ProgramState goalsState estimatesGenerates target goal statesconditioned on state estimatesModeEstimationModeReconfigurationTrackslikely plant statesTracks least cost goal statesz Executes concurrentlyz Preemptsz Queries (hidden) statesz Asserts (hidden) stateClosedClosedValveValveOpenOpenStuckStuckopenopenStuckStuckclosedclosedOpenOpenCloseClose0. 010. 010. 010. 010.010.010.010.01inflow

View Full Document


School:
Email:
New Password:
Confirm Password:

This preview shows page 1-2-20-21 out of 21 pages.

MIT 16 412J - Model-based Programming

Sign up for free to view:

Please select your school