 |
|
Carnegie Mellon scientists develop method for verifying safety of computer-controlled devices
April 21, 2009PITTSBURGH--Researchers at Carnegie Mellon University's School of Computer Science have developed a new method for systematically identifying bugs in aircraft collision avoidance systems, high-speed train controls and other complex, computer-controlled devices, collectively known as cyber-physical systems (CPS).
The approach, developed by University Professor of Computer Science Edmund M. Clarke and Andre Platzer, assistant professor of computer science, already has detected a flaw in aircraft collision avoidance maneuvers --since corrected -- that could have caused mid-air collisions. It also has verified the soundness of the European Train Control System. Ultimately, the method could be used on other cyber-physical systems, such as robotic surgery devices and nano-level manufacturing equipment.
"Engineers increasingly are relying on computers to improve the safety and precision of physical systems that must interact with the real world, whether they be adaptive cruise controls in automobiles or machines that monitor critically ill patients," Clarke said. "With systems becoming more and more complex, mere trial-and-error testing is unlikely to detect subtle problems in system design that can cause disastrous malfunctions. Our method is the first that can prove these complex cyber-physical systems operate as intended, or else generate counterexamples of how they can fail using computer simulation."
In the case of aircraft collision avoidance systems, for instance, Platzer and Clarke used their method to analyze so-called roundabout maneuvers. When two aircraft are on rapidly converging paths, one technique for avoiding collisions is for the system to order each pilot to turn right and then circle to the left until the aircraft can safely turn right again to resume their original paths. It's as if the aircraft are following a large traffic circle, or rotary, in the sky. But analysis by the Carnegie Mellon researchers identified a counterexample: when aircraft approach each other at certain angles, the roundabout maneuver actually creates a new collision course that, in the few seconds remaining before their paths cross, the pilots might not have time to recognize.
Like Model Checking, a method pioneered by Clarke that today is the most widely used technique for detecting and diagnosing errors in complex hardware and software design, the new method analyzes the logic underlying the system design, much as a mathematician uses a proof to determine that a theorem is correct. Clarke shared the 2007 A.M. Turing Award, generally considered the computer science equivalent of the Nobel Prize, for his role in developing Model Checking.
A crucial difference, however, is that Model Checking can examine every possible state of a discrete finite-state system, such as a new circuit design for a computer chip; that's not possible for a CPS that must interact with the infinitely variable real world. Even if the differential equations that govern these systems can be solved -- and they often can't -- it usually is impossible to use the results to predict the behavior of the system, Platzer said. Instead, he and Clarke have developed algorithms that decompose the systems until they produce differential invariants -- mathematical descriptions of parts of the system that always remain the same. These differential invariants, in turn, can be used to prove the global logic of the CPS.
"When the system design is sound, as we found in the case of the European control system for train traffic or the repaired flight controller, our method can provide conclusive proof," Platzer said. Likewise, when flaws exist, the method reliably generates counterexamples. "Finding the counterexamples is actually the easy part," he added. "Proving that they are fixed is hard."
The demand for methods that can prove a CPS or hybrid system operates as intended will only increase as these systems become more numerous and more crucial for everyday life, Platzer said. "Bugs in complex cyber-physical systems like cars, aircraft, chips or medical devices are expensive to fix and may endanger human life," he explained. "In transportation, the percentage of development cost spent on design and testing new control software is already well above 50 percent and is steadily rising."
The National Science Foundation (NSF) has identified the design and verification of CPS as a key area of research. The increasing use of robotic devices, the growth of sensor networks, the proposed creation of a "smart grid" for delivering electrical power, a greater reliance on automated war fighting and growing use of efficient, "zero-net-energy" buildings are all examples of a growing reliance on computer control systems that are tightly coupled to physical systems. This work was sponsored, in part, by the NSF and the German Research Council.
Carnegie Mellon University
In the case of aircraft collision avoidance systems, for instance, Platzer and Clarke used their method to analyze so-called roundabout maneuvers. When two aircraft are on rapidly converging paths, one technique for avoiding collisions is for the system to order each pilot to turn right and then circle to the left until the aircraft can safely turn right again to resume their original paths. It's as if the aircraft are following a large traffic circle, or rotary, in the sky. But analysis by the Carnegie Mellon researchers identified a counterexample: when aircraft approach each other at certain angles, the roundabout maneuver actually creates a new collision course that, in the few seconds remaining before their paths cross, the pilots might not have time to recognize.
Like Model Checking, a method pioneered by Clarke that today is the most widely used technique for detecting and diagnosing errors in complex hardware and software design, the new method analyzes the logic underlying the system design, much as a mathematician uses a proof to determine that a theorem is correct. Clarke shared the 2007 A.M. Turing Award, generally considered the computer science equivalent of the Nobel Prize, for his role in developing Model Checking.
A crucial difference, however, is that Model Checking can examine every possible state of a discrete finite-state system, such as a new circuit design for a computer chip; that's not possible for a CPS that must interact with the infinitely variable real world. Even if the differential equations that govern these systems can be solved -- and they often can't -- it usually is impossible to use the results to predict the behavior of the system, Platzer said. Instead, he and Clarke have developed algorithms that decompose the systems until they produce differential invariants -- mathematical descriptions of parts of the system that always remain the same. These differential invariants, in turn, can be used to prove the global logic of the CPS.
"When the system design is sound, as we found in the case of the European control system for train traffic or the repaired flight controller, our method can provide conclusive proof," Platzer said. Likewise, when flaws exist, the method reliably generates counterexamples. "Finding the counterexamples is actually the easy part," he added. "Proving that they are fixed is hard."
The demand for methods that can prove a CPS or hybrid system operates as intended will only increase as these systems become more numerous and more crucial for everyday life, Platzer said. "Bugs in complex cyber-physical systems like cars, aircraft, chips or medical devices are expensive to fix and may endanger human life," he explained. "In transportation, the percentage of development cost spent on design and testing new control software is already well above 50 percent and is steadily rising."
The National Science Foundation (NSF) has identified the design and verification of CPS as a key area of research. The increasing use of robotic devices, the growth of sensor networks, the proposed creation of a "smart grid" for delivering electrical power, a greater reliance on automated war fighting and growing use of efficient, "zero-net-energy" buildings are all examples of a growing reliance on computer control systems that are tightly coupled to physical systems. This work was sponsored, in part, by the NSF and the German Research Council.
Carnegie Mellon University
More Computer-controlled Devices Current Events and Computer-controlled Devices News Articles
 |
2 Port Computer Sharing Device by ATEN TECHNOLOGIES The CS231 is a powerful, microprocessor-controlled computer-sharing device. It is a multi-user, single-tasking device that enables two users to share the use of a single computer - each from their own consoles (monitor, keyboard, and mouse). The CS231 supports USB consoles and both PS/2 and USB computers. |
|
The simulation of computers and computer-controlled devices by Michael E Valdez (Author) | |
 |
Adapter for Connecting 230V Electrical Device with North American Plug to AU (Australian) Outlet by Draganfly Innovations Inc This pin adapter allows you to plug electrical devices with North America plugs in to AU (Australian) style outlets, making it great for travel purposes! However, this is a pin converter only and does not convert voltage, so proper care should be taken to verify your device is capable of running on this higher voltage to prevent damage. * Plug electronics with North American style plugs into Australian outlets * Does not convert voltage. Be sure your device can support the 230V the Australian outlet will provide! |
 |
Antec 92MM SMARTCOOL Thermally Controlled 92mm Case Fan by Antec 92mm SmartCool Up to 80% quieter Thermally controlled case fan Built-in temperature sensor keeps your system quiet when cool, speeds fan up when system heat increases Main FeaturesManufacturer: Antec, IncManufacturer Part Number: 92MMSMARTCOOLManufacturer Website Address: www.antec.com/us/Product Type: Case - Cooling FanFan Diameter: 3.62"Fan Speed: 2070 rpmAir Flow: 40 CFMNoise Levels: 31.23 dB(A)Connectors: 3-pin , 4-pin Dimensions: 3.62" x 3.62" x 1"Weight: 3.07 oz Additional Information: Current: 0.105 amp Pressure: 0.102 inch/Aq Special Features: Thermal sensor keeps fan quiet at low temperatures, speeds it up as temperature rises 3-pin connector with fan speed monitoring, 4-pin adapter with pass through - saves power connector Double ball bearing design for extended... |
 |
Optical Tracking Devices - SmartNav4 AT Hands-Free Cursor Control by Ergoguys The SmartNav 4:AT package is the total hands-free mouse alternative for people with ALS, spinal cord injuries such as quadriplegia, muscular dystrophy, and other special needs.With Assistive Technology prices exceptionally high and exploitive, the SmartNav 4:AT provides a tool for communication and activities otherwise impossible to achieve. SmartNav 4 will be available in February 2008. The SmartNav 4 includes improved light filtering and tracking, longer range (up to 6 feet from the unit), three times the resolution of SmartNav 3, a new aluminum case, improved mounting options (including 1/4-20 thread mounts for standard tripods), detachable USB cable, and much more.The SmartNavAT comes with everything you need to control your computer using only your head motion. This hands free mouse... |
 |
Design of Higher-Performance CMOS Voltage Controlled Oscillators (The Springer International Series in Engineering and Computer Science) by Liang Dai (Author), Ramesh Harjani (Author) Voltage-controlled oscillators (VCOs) with low phase noise are the most critical building block in high performance phase-locked loops (PLL). Design of High-Performance CMOS Voltage-Controlled Oscillators presents a phase noise modeling framework for CMOS ring oscillators. The analysis considers both linear and nonlinear operation. It indicates that fast rail-to-rail switching has to be achieved to minimize phase noise. Additionally, in conventional design the flicker noise in the bias circuit can potentially dominate the phase noise at low offset frequencies. Therefore, for narrow bandwidth PLLs, noise up conversion for the bias circuits should be minimized. We define the effective Q factor (Qeff) for ring oscillators and predict its increase for CMOS processes with smaller... |
 |
ISY-99i/IR Home Automation Controller by Universal Devices The ISY-99i IR is an affordable and flexible standalone home automation solution for any INSTEON / X10 installation. Whether you are a DIYer, an electrician, or a home automation integrator you will enjoy the ease with which programming and discovering of INSTEON devices is accomplished. The ISY-99i IR supports up to 256 devices and scenes and a maximum of 300 programs. The ISY-99i IR can receive standard IR commands sent from a universal remote to control all of your INSTEON and X10 devices and scenes. The ISY controller is able to configure and program INSTEON devices using INSTEON native protocols and specifications allow it to directly write to INSTEON devices internally instead of just in the controller, creating a more robust network. You can set up timer events and custom event... |
 |
Adapter for Connecting 230V Electrical Device with North American Plug to EU ... by Dekcell This pin adapter allows you to plug electrical devices with North America plugs in to EU (Europe) style outlets, making it great for travel purposes! However, this is a pin converter only and does not convert voltage, so proper care should be taken to verify your device is capable of running on this higher voltage to prevent damage. * Plug electronics with North American style plugs into European outlets * Does not convert voltage. Be sure your device can support the 230V the European outlet will provide! |
|
Memory factors in computer-controlled maintenance training (Naval Training Device Center. Technical Report: NAVTRADEVCEN 68-C-0071-1) by Duncan N Hansen (Author) | |
|
Precise computer controlled positioning of robot end effectors using force sensors semi-annual status report (SuDoc NAS 1.26:180925) by L.-S. Shieh (Author) |
| © 2009 BrightSurf.com |