Dependable execution control for autonomous robots

This paper presents a new approach to integrate real-time execution control in autonomous systems and how such an approach integrates in their software architecture. The use of decisional autonomy is becoming more widely accepted as a solution to the increasing need to deploy complex systems (robots, satellites, etc.) able to perform nontrivial tasks in various environments. We present an overview of the organization of such systems. Then we explain why the increasing complexity of functional components as well as the presence of autonomy components becomes an obstacle to system safety and dependability. To address this issue, we propose the integration of an execution control component in the software architecture. This component is synthesized from a model of the acceptable and dangerous state using model-checking techniques. The execution controller has a generic representation of system behavior and, according to some specified system constraints, acts as a "safety bag" allowing acceptable states and avoiding forbidden ones. The controller uses an OBDD like data structure which offers a bounded execution time, and which can be formally validated offline to check temporal properties. Real experimentations have been made on our autonomous mobile robots, and have confirmed it can catch in real-time design errors from the decisional components which would have lead to disastrous consequences.