The Tumato Tool
Cars, drones, tractors, mowers, AGVs, … an increasing amount of these systems are shifting towards autonomous systems. Autonomous systems make their own decisions based on their objectives and what they observe in their often complex and dynamic environment. Autonomous systems hold the promise of acting more efficiently, more accurately and safer than their non-autonomous counterparts.
Developing the brain of an autonomous system is a big challenge - this is quickly becoming a complex piece of software. It requires thorough modelling and implementation of planning and decision making based on the system’s goals, the available perception, the actions it can execute, its safety and other requirements. Subsequently it needs to withstand thorough validation and certification procedures.
How to design the brain of your autonomous system, thinking about every possible scenario?
At IVEX, we solve this challenge. We developed a tool that creates the brain of your autonomous system faster and guaranteed bug-free. Due to its formal nature, formal verification of requirements enables certification of the brain for safety-critical applications. This brain is an embeddable runtime component that is linked with the perception information from the sensors as input, and with controller actuators to execute actions.
During the specification phase, we translate the system requirements into a concise formal model of the system. This model consists out of:
- Perceivable system states - what can the system see?
- Actions the system can take
- Constraints and guarantees that must be fulfilled
No need to describe what the system should do in every possible scenario as the AI solver of the tool will generate the decision-making logic later in the process.
Once the specification has been implemented, our AI solver will check whether the specified model is:
- Complete: The brain is able to make a decision in each possible state of the system
- Consistent: The brain has no contradicting requirements
If the specified model is incomplete or inconsistent, the tool will show you the location of the issue and redirect you to the specification phase. Through iterative specification and validation steps, developers are guided to an unambiguous and complete model of the autonomous system.
3 Execution policy
Once the specified model is complete and consistent, the AI solver will generate the decision making logic, forming the brain of the autonomous system. This brain, or execution policy, maps every possible discrete state to a set of actions to execute. The logic is guaranteed to cover every possible discrete scenario and respect all safety constraints.
4 Runtime system Monitor - execution policy - action
The brain, or execution policy, can now be embedded into a runtime system. To integrate the brain, IVEX has designed a (C++) IVEX Runtime Execution Environment (IREE). The IREE communicates with middlewares (e.g. ROS, Orocos), via direct function invocation or via CSV files (for testing with time-series data).
The IREE consist of:
- Monitors as input to read perception information. The monitors continuously convert perception information into discrete states used by the brain.
- Actions as output to invoke controllers. The actions will trigger certain controllers will run certain actuators.