CN110298100B - Environment modeling-oriented mobile robot runtime verification method - Google Patents
Environment modeling-oriented mobile robot runtime verification method Download PDFInfo
- Publication number
- CN110298100B CN110298100B CN201910542020.4A CN201910542020A CN110298100B CN 110298100 B CN110298100 B CN 110298100B CN 201910542020 A CN201910542020 A CN 201910542020A CN 110298100 B CN110298100 B CN 110298100B
- Authority
- CN
- China
- Prior art keywords
- model
- environment
- rule
- value
- system parameter
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 39
- 238000012795 verification Methods 0.000 title claims abstract description 31
- 230000007613 environmental effect Effects 0.000 claims abstract description 32
- 238000013178 mathematical model Methods 0.000 claims abstract description 17
- 230000008859 change Effects 0.000 claims abstract description 12
- 238000006243 chemical reaction Methods 0.000 claims abstract description 10
- 230000008569 process Effects 0.000 claims abstract description 10
- 238000012544 monitoring process Methods 0.000 claims abstract description 8
- 230000006870 function Effects 0.000 claims description 35
- 238000013461 design Methods 0.000 claims description 7
- 238000004364 calculation method Methods 0.000 claims description 5
- 230000014509 gene expression Effects 0.000 claims description 5
- 238000012821 model calculation Methods 0.000 claims description 5
- 230000009466 transformation Effects 0.000 claims description 5
- 238000010606 normalization Methods 0.000 claims description 4
- 230000001172 regenerating effect Effects 0.000 claims description 2
- 238000002360 preparation method Methods 0.000 abstract description 3
- 238000002474 experimental method Methods 0.000 description 5
- 230000000694 effects Effects 0.000 description 4
- 238000004422 calculation algorithm Methods 0.000 description 2
- 238000005259 measurement Methods 0.000 description 2
- 238000011160 research Methods 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 244000061176 Nicotiana tabacum Species 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000005611 electricity Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000004387 environmental modeling Methods 0.000 description 1
- 238000013401 experimental design Methods 0.000 description 1
- 230000008713 feedback mechanism Effects 0.000 description 1
- 230000004927 fusion Effects 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000003607 modifier Substances 0.000 description 1
- 238000000275 quality assurance Methods 0.000 description 1
- 230000001020 rhythmical effect Effects 0.000 description 1
- 238000002432 robotic surgery Methods 0.000 description 1
- 238000005070 sampling Methods 0.000 description 1
- 239000013589 supplement Substances 0.000 description 1
- 238000001356 surgical procedure Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 238000013519 translation Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F30/00—Computer-aided design [CAD]
- G06F30/20—Design optimisation, verification or simulation
Abstract
The invention discloses a mobile robot runtime verification method facing environment modeling, firstly, formalizing domain knowledge into a mathematical model with only one system parameter and a single environment influence factor according to a designed definition rule; then, designing a combination rule to combine the mathematical model with only one environmental influence factor under the same system parameter into the mathematical model with one or more environmental influence factors under the same system parameter; then, designing a conversion rule to express the environment model into a universal pseudo code form; and finally, designing a combination rule to combine pseudo codes of the environment model into an attribute specification, generating a monitor to execute verification, and adapting to the change of the environment by adjusting dynamic input or parameter range when the environment changes. The method can timely and correctly process the influence of the physical environment on the robot behavior, so that the monitoring model is more accurate and complete; the execution process of the verification in the runtime is not influenced, and the verification is completed before the monitor is generated as the preparation work of the verification model establishment.
Description
Technical Field
The invention relates to an environment modeling-oriented mobile robot running verification method, in particular to an environment modeling method of a mobile robot in a running verification process, and belongs to the technical field of robot safety.
Background
As mobile robots are applied more and more widely, people pay more attention to the safety of the mobile robots while enjoying services and convenience brought by the robots. Since the mobile robot works in a real physical environment, the dynamic change of the environment may affect the execution effect of the robot, and these effects may cause the received sensor data to have a deviation from the normal situation, so as to make a decision that is not in accordance with the current situation, and cause the mobile robot to perform a wrong or dangerous behavior. How to ensure the safety and reliability of the system in a complex environment is the focus of research of many scholars.
In a complex environment, there are many physical factors affecting the robot, such as noise, wireless signals, and air vibration. For example, in the field of medical robotics, the operating room is a noisy environment, and noise can affect the performance of the robot during surgery. Wherein, Siu et al found through experiments on Vinci surgical robot that the more difficult the Vinci robot performed the surgical task, the more significant the noise effect. Noise reduces the effectiveness of the robotic surgery, and different types of noise, such as random or rhythmic sounds, affect the surgical task of the robot to different degrees. In addition, in the navigation positioning research of the robot, Park et al find that due to the nature of the antenna and the IC tag, the positioning uncertainty always occurs when the radio frequency identification technology is used for navigation positioning and attitude estimation of the mobile robot.
In order to ensure the security and reliability of the system in these complex physical environments, many methods have been proposed by domestic and foreign scholars. For example, to overcome sensor noise, feedback and verification mechanisms have been proposed by using landmark features as external reference sources for the robot. In order for an autonomous robot to cope with changes in the environment in remote-aware development studies, Tabak et al propose an algorithm to generate or update a 3-D volumetric model of the environment by collecting data at different locations in the environment. In addition, the environmental model can be continuously adjusted by using knowledge of a machine learning method, multi-sensor data fusion, a video feedback mechanism and mechanics, so that the environmental model is adapted to the change of the environment. However, in a complex and changing environment, a system model cannot be established in advance due to unpredictability of environmental change, and therefore, a new method needs to be researched to deal with the situation.
The invention introduces a Runtime Verification (RV) method into a mobile robot system, monitors the behavior of the mobile robot in an uncertain environment, and captures and avoids dangerous problems caused by a physical environment. The runtime verification method is used as a supplement to traditional quality assurance methods such as testing and model detection, a system model is not required to be established in advance, and real-time modeling analysis is performed on the trace generated by the program.
Disclosure of Invention
The invention aims to provide a verification method for a mobile robot running facing to environment modeling, aiming at solving the problem that the traditional system model makes the mobile robot unable to capture and avoid danger under a physical environment changing at any time, as shown in figure 1.
The basic components of a mobile robot are roughly divided into three parts, namely a controller, an actuator and a physical system. These three major parts are required to be in the same local area network. First, the control system sends a control command to the actuator through the network. The actuator then receives the command and selects the appropriate execution command to communicate to the physical system. Finally, the physical system executes the command to generate a physical behavior. Among other things, it is a key point in ensuring system security that the controller ensures that the control program can send the correct decision commands following the attribute specifications. Therefore, runtime verification is deployed on the controller to monitor event information in real time and send warning information or parameter information to the controller when physical system behavior violates an attribute convention. The combined environment modeling method can timely and correctly process the influence of the physical environment on the robot behavior when executing the runtime verification, so that the monitoring model is more accurate and complete, and the safety attribute of the mobile robot can be always satisfied under the condition of dynamic environment change.
The invention relates to a mobile robot runtime verification method facing environment modeling, which designs a model definition, a model merging rule, a model conversion rule and a model combination rule, defines domain knowledge as an environment model and combines the environment model into a monitoring model, and the flow of the environment modeling method is shown in figure 2. First, the domain knowledge is formalized as a mathematical model with only one system parameter and a single environmental impact factor according to the design definition rules. Then, the design merging rule merges the mathematical model with only one environmental impact factor under the same system parameter into the mathematical model with one or more environmental impact factors under the same system parameter. Next, design transformation rules express the environment model as a generic pseudo-code form. And finally, designing a combination rule to combine pseudo codes of the environment model into an attribute specification, generating a monitor to execute verification, and adapting to the change of the environment by adjusting dynamic input or parameter range when the environment changes. The method does not affect the execution process of the runtime verification, and is used as a preparation work for monitoring model establishment and is completed before the monitor is generated. The method comprises the following specific processes:
1. physical environment model definition
The reason why the physical environment affects the behavior of the mobile robot is that some parameters in the system change due to the change of the physical environment, which is specifically embodied as the deviation of the dynamic input of the system, thereby affecting the logical judgment of the control system and affecting the behavior of the mobile robot. To avoid such influence, the relationship between the system parameters and the physical environment needs to be determined first, and the relationship is given by the knowledge in the related field and is finally expressed uniformly according to the designed environment model definition. Before this, a relevant symbolic representation is defined, and the set of system parameters S ═ S 1 ,…,s i ,…,s n The set of environmental parameters E ═ E 1 ,…,e j ,…,e m Where i, n, j, and m are all positive integers, and each element in the set identifies the name and type of the element by a two-tuple (name, type). The following is a relevant definition of the physical environment.
Definition 1 (environmental model): the environment model is represented by a triplet M (s, E ', R) representing the relationship between a system parameter s and a set of environment parameters E' that affect s. Wherein S is the same as S,
R={r 1 ,…,s k ,…,s l is a set of mathematical relationships between s and E', where k and l are both positive integers.
Definition 2 (relationship): a relationship R ∈ R is defined by a triple (F, VC, L). Where F is the declarative portion of the function, including the function name, the function's parameter list, and the return value type. F designates where the system parameter s appears in the overall system code. VC is a binary set (value(s), C (E ')), where C (E ') represents the current environmental condition and is a logical expression containing E '. value(s) represents the value of the system parameter s under the condition C (E'), and may be a numerical value or a calculation formula. L represents the level of influence of the environmental parameter on the system parameter under this condition. The influence level is a series of positive integers, and a larger value represents a smaller influence degree. This level of influence should be given by domain knowledge.
2. Environmental model merge rules
One system parameter may be affected by multiple physical factors, and likewise, one physical factor may affect multiple system parameters. The relationship between them is complex and simple to express in the domain knowledge, but is difficult to operate in the runtime verification because the relationship between different influencing factors of the same system parameter is complete and mutually exclusive. It is therefore desirable to normalize and standardize these independent mathematical models by designing merging rules that provide a logical basis for subsequent conversion of the mathematical models into pseudo-code.
Suppose there are two environment models M 1 (s 1 ,E 1 ',R 1 ) And M 2 (s 2 ,E 2 ',R 2 ) If s is 1 =s 2 Then the two environment models built for the same system parameter can be merged, assuming that the merged result is M (s, E', R), where s is s 1 . Specific merge rules are defined as follows.
The preconditions are as follows: the condition that the system parameters are the same is a precondition for judging whether the two environment models can be combined.
And (3) model calculation rules: set M ═ M 1 ,m 2 ,...,m m N ═ N 1 ,n 2 ,...,n n The result of the combining operation is f (m, n), where every second element is taken "&&"and the obtained results are taken as" | | ", namely { (m) 1 &&n 1 )||(m 1 &&n 2 )||…||(m m &&n n )}. Where subscripts m and n are both positive integers.
First model merging rules: also called internal standard of modelThe composition rule is a combination rule for the relationship. Specifically, the "| operation is performed between elements in the relationship set, and the" | is logical or. Where VC performs the "| |" operation, F and L are unchanged. Such as M 1 In R 1 ={r 11 ,r 12 …r 1n After the rule is executed, R 1 ={r 11 ||r 12 ||…||r 1n }={F 1 ,(VC 11 ||VC 12 ||...||VC 1n ),L 1 },M 2 The same is true.
Second model merging rules: if E is 1 '=E 2 ',F 1 !=F 2 That is, the function positions of the system parameter s in the system code are different, so the environment models are independent of each other and do not need to be combined. To normalize writing, M may be written as (s, { E) 1 ',E 2 '},R 1 ∪R 2 ) And may remain unchanged. For example: m 1 In model R 1 =(F 1 ,VC 1 ,L 1 ),M 2 In model R 2 =(F 2 ,VC 2 ,L 2 ),F 1 !=F 2 R ═ { R of M after normalization 1 ∪R 2 }={(F 1 ,VC 1 ,L 1 )∪(F 2 ,VC 2 ,L 2 )}。
Third model merge rule: also called inter-model normalization rules. If E is 1 '!=E 2 ' and F 1 =F 2 I.e. the physical influencing factors of the system parameter s are different, but the function locations in the system code are the same. The merging rule is E ═ E 1 ',E 2 ' } wherein F is F in R 1 VC implements model calculation rules, L takes L 1 And L 2 Minimum of (d), i.e. L ═ Min { L 1 ,L 2 }. Under the combined condition, the value of the system parameter value(s) takes the value which is most influenced by the environment, namely Worst { value 1 (s),value 2 (s)}。
In the absence of E 1 '=E 2 ' and F 1 =F 2 Because in an environment model M (s, E ', R) there are a number of system parameters s and a particular E', RAnd (4) completeness. And when the environment model does not meet the precondition of the merging rule, executing the first model merging rule and carrying out normalization operation on the environment model. The second model merging rule and the third model merging rule are merging rules among models, wherein whether system parameters are in the same function is the key for determining whether the environmental models can be merged. And when the plurality of models are subjected to normalized combination, executing the combination rules pairwise until the combination preconditions are not met. When a plurality of physical factors affect a plurality of system parameters, the mathematical models with the same system parameters are respectively merged according to the precondition of model merging.
3. Environmental model transformation rules
The final purpose of establishing the environment model is to combine the model into a runtime attribute specification, so that the online monitoring process can adapt to the change of the environment, and the influence of a complex environment on a physical system (CPS) is processed in time, so that the security attribute is always satisfied in the complex physical environment. Before combination, in order to be able to express and implement the environment model in a simple and clear manner, pseudo code is proposed herein as intermediate translation code. Pseudo code (Pseudo code) is an algorithm description language which is clear in structure, simple in code, good in readability, and similar to natural language. For any environment model, M ═ (s, E ', R), the relationship is R ═ F (value(s), c (E')), L, the transformation rule is divided into the following steps:
(1) and generating a corresponding function according to the information of the F in the relation.
(2) And (3) variable statement: in the function, if s is not a local parameter of the function, an s variable is generated and initialized.
(3) And generating a condition judgment statement according to (value(s), C (E ')), wherein C (E') is a judgment condition, and value(s) is the value of s under the current condition. Where the special symbol "|" represents "else if" in the program.
(4) And (4) regenerating a new function when the union symbol 'U' appears, and executing the steps (1) to (3).
The key of the conversion of the environment model into the pseudo code is the logical conversion of (value(s), C (E')) pair, and the relationship of the environment to the system parameters is converted into a program logic language, so that the model pseudo code can be conveniently combined into the attribute specification later. The variable declaration in step (2) is a syntactic requirement in pseudo code, and in the monitoring model, s is captured by an event definition program in the specification.
4. Rules of model composition
The purpose of the combination rule is to combine the pseudo code into an event operation part of an attribute specification after the pseudo code is implemented as a program of a specific programming language, and the specific combination rule comprises the following steps:
(1) and traversing event definitions in all attribute specifications, and selecting events in which the functions of event entry points are the same as the functions F in the environment model code and system parameters s participate in calculation in event operation.
(2) Selecting a code block: the start of the code block is a statement of the first system parameter s to the right of the assignment equal sign, and the end mark of the code block is a statement of the last system parameter s to the right of the assignment equal sign.
(3) And replacing the code block as a whole for the execution statement controlled by the if condition in the pseudo code corresponding to the environment model. If a code block corresponds to a plurality of model codes, namely the system parameters s in the model codes appear in the same expression, the original code block is replaced by the new model code after the if conditions in all the model codes are subjected to mathematical combination operation.
(4) And s on the right side of the assignment number is replaced by a new value of s in the same judgment condition execution statement in the pseudo code corresponding to the environment model.
(5) And inserting the finally formed function code into the current event to replace the code block.
The connection point in the attribute specification event definition is the place where the section is inserted into the application program, and can be the operations of calling and executing the instance and static methods, calling and setting values in the instance domain and the static domain, calling and executing the constructor and the like. The role of the entry point is to filter these connection points and match eligible connection points to activate the event. Here, the function of the event entry point refers to a function specifying a matching condition in < AspectJ address > in the event definition, and the essential condition for judging that the function is "the same" is a return value, and the permission modifier and the parameter list of the function are the same. In the combination rule, the division of the code block is key, and the modification target is locked on the statement of the system parameter participating in the model calculation so as to add the environmental condition.
The invention relates to an environment modeling-oriented mobile robot runtime verification method, which has the advantages and effects that: the method can timely and correctly process the influence of the physical environment on the robot behavior, so that the monitoring model is more accurate and complete, and the safety attribute of the mobile robot can be always met under the condition of dynamic change of the environment. The method does not influence the execution process of the verification in runtime, and is used as the preparation work of the verification model establishment and completed before the monitor is generated.
Drawings
FIG. 1 schematic diagram of mobile robot-oriented runtime verification
FIG. 2 is a flow chart of the environmental modeling method of the present invention
Detailed Description
The technical solution of the present invention is further described below with reference to the accompanying drawings and examples.
The hardware devices and data acquisition results on which the embodiments of the present invention are based are described below.
Hardware device
The experiment platform provided by the embodiment of the invention adopts an EV3 robot, and can be used for loading various sensors, such as an ultrasonic sensor, a touch sensor, a gyroscope and the like. The embodiment of the invention is mainly applied to an ultrasonic sensor, a touch sensor and two large motors (built-in angle sensors).
Besides, the EV3 is compatible with a leJOS third-party library to support Java language programming, and the leJOS EV3 can run downloaded single Java programs and can interact with a remote control end through Bluetooth, wireless or USB to receive remote control. The method has the experimental design scene that the mobile robot runs at a constant speed to execute an obstacle avoidance task, the single execution time at least needs ten minutes, the sampling frequency of the sensor is set to be 1s, meanwhile, the measurement precision of the known ultrasonic sensor is 1cm, and the measurement distance is 3-250 cm.
(II) data acquisition
It was found in experiments that when the robot is travelling at a constant speed setS (m/s), the actual travelling speed will be affected by the battery level. To investigate the specific influence relationship, two thousand more experiments were performed on EV3 under the current experimental conditions, from 0.42(m/s) to 0.78 (m/s).
As can be seen from the experiment, the following mathematical relationship exists between the set speed setS and the electric quantity battery.
S 1 : when the set speed setS is less than or equal to 0.48, setS is not affected by electric quantity.
S 2 When setS epsilon (0.48, 0.66)]And satisfies bettery<When (setS +0.1347) ÷ 0.1024, there is an influence relationship: speed-0.1024 × battary-0.1347.
S 3 : when setS ∈ (0.48, 0.66)]And satisfies bettery>(setS +0.1347) ÷ 0.1024, setS will not be affected by the amount of electricity.
S 4 : when the speed setS>At 0.66, the speed is 0.0876 × basic-0.0056.
When the speed value is set to be smaller, the traveling speed of the robot is less influenced by the electric quantity, and the traveling at the set speed is easier to maintain. On the contrary, when the set value of the speed is larger, the influence of the electric quantity change is larger, and the actual running speed deviates, even the set value is difficult to reach.
Examples
1. Establishing an environmental mathematical model
When the mobile robot travels at a constant Speed setS (m/s), the actual travel Speed (m/s) is affected by Battery power level battary, where Speed is a system parameter, battary is a factor affecting the system parameter, where Speed is (Speed, double), and battary is (double). And establishing a mathematical model according to four scenes in the data acquisition result.
The embodiment relates to the relation between a system parameter Speed and a physical factor Battery. The assumed relationship is R 0 Then the mathematical model corresponding to this embodiment should be M 0 =(Speed,{Battery},R 0 ). For ease of writing, aliases are defined for complex expressions as follows.
c 1 :=(setS≤0.48)
c 2 :=(0.48<setS&&setS<0.66&&battery<=(setS+0.1347)÷0.1024)
v 2 :=(speed=0.1024×battery-0.1347)
c 3 :=(0.48<setS&&setS<0.66&&battery>(setS+0.1347)÷0.1024)
c 4 :=(setS≥0.66)
v 4 :=(speed=0.0876×battery-0.0056)
The influence degree of the environmental factors on the system parameters is obtained from the domain knowledge, and from 1, the larger value represents the smaller influence degree. In this embodiment, since there is only one environmental factor battery, assuming that the influence level of the battery power on the speed is 1, the variable speed exists in the function handle. From S in data acquisition 1 To S 4 These four cases, relationship R 0 ={r 01 ,r 02 ,r 03 ,r 04 It is as follows:
r 01 =(handle,(speed,c 1 ),1)
r 02 =(handle,(v 2 ,c 2 ),1)
r 03 =(handle,(speed,c 3 ),1)
r 04 =(handle,(v 4 ,c 4 ),1)
2. merging environmental models
In model M 0 (Speed,{Battery},R 0 ) In the relationship of R 0 ={r 01 ,r 02 ,r 03 ,r 04 }. Because only one model is provided, only the model needs to be normalized, and after the first model merging rule is executed, R 0 =(handle,((speed,c 1 )||(v 2 ,c 2 )||(speed,c 3 )||(v 4 ,c 4 ) 1), expansion (2) is as follows:
3. converting an environmental model into pseudo code
For model M 0 (Speed,{Battery},R 0 ) Standardized to obtain the relation R 0 =(handle,((speed,c 1 )||(v 2 ,c 2 )||(speed,c 3 )||(v 4 ,c 4 )),1). Then M is determined by performing the following steps 0 Converted into pseudo code.
(1) According to R 0 F in (3) generates a handle function.
(2) The speed variable is declared and assigned a value of 0. When implemented using a programming language, step 2 may be omitted if the variable is already present in the parameter list of the function.
(3) And establishing an if logic part according to the VC relation in the relation.
Final M 0 The pseudo-code is shown in table 1 below.
TABLE 1
After the mathematical model is converted into the pseudo code, the pseudo code is realized as a program of a specific programming language through the following combination rules and is combined into an attribute specification, and finally, a runtime verification tool is utilized to perform security verification on the attributes described in the model.
4. Combining pseudo-code with attribute conventions
Generating M 0 After the pseudo code is generated, a function is written by using Java language to realize logic in the pseudo code, and the logic is inserted into an attribute specification according to a combination rule, and the steps are as follows:
(1) and traversing the event definitions of all the attribute specifications, and selecting the event with the same function as the handle. For example, among the three events of setParameter, forward and turn notification in turn attribute specification, only the setParameter event meets the requirement, and the system parameter speed participates in the assignment calculation of the danger distance danger variable.
(2) And selecting a sentence of the first speed on the right of the assignment equal sign as the beginning of the code block, and selecting a sentence of the last speed on the right of the assignment equal sign as the end of the code block to define the code block area. The method comprises the following specific steps:
as shown in the code of line 9 above, the code block contains one sentence with danger ═ 0.3 × speed +0.01+ 0.146.
(3) The code block as a whole replaces the execution statements of the if conditional control in the model code.
(4) And replacing the speed to the right of the assignment number with a new value of the speed in the same judgment condition execution statement in the environment model code.
Finally, the results obtained are as follows:
the invention designs a model definition language to model the domain knowledge into an environment model. The initially established environmental model describes a mathematical relationship between one system parameter and a single environmental impact factor. Then, a combination rule is designed to combine the environment models with only one environmental impact factor under the same system parameters into the environment models with one or more environmental impact factors under the same system parameters. Next, transformation rules are designed to express the environment model as a generic pseudo-code form. Finally, the design combination rule combines the pseudo code into an attribute specification to perform verification. The method can correctly and timely process the influence of the complex environment on the mobile robot by adjusting the dynamic input or parameter range when the environment changes.
Claims (4)
1. A runtime verification method for a mobile robot for environment modeling is characterized in that: the method designs model definition, model merging rules, model conversion rules and model combination rules, defines domain knowledge as an environment model and combines the environment model into a monitoring model: firstly, according to a designed definition rule, the domain knowledge is formalized into a mathematical model with only one system parameter and a single environmental influence factor; then, designing a combination rule to combine the mathematical model with only one environmental influence factor under the same system parameter into the mathematical model with one or more environmental influence factors under the same system parameter; then, designing a conversion rule to express the environment model into a universal pseudo code form; finally, designing a combination rule to combine the pseudo code of the environment model into an attribute specification, generating a monitor to execute verification, and adapting to the change of the environment by adjusting dynamic input or parameter range when the environment changes;
the model definition is defined as a physical environment model, and specifically comprises the following steps:
the associated symbolic representation is defined first, and the set of system parameters S ═ S 1 ,...,s i ,...,s n }, set of environmental parameters
E={e 1 ,...,e j ,...,e m H, where i, n, j, and m are all positive integers, and each element in the set identifies the name and type of the element by a binary (name, type); the following is a related definition of the physical environment:
definition 1: an environment model: the environment model M (s, E ', R) represents the relationship between a system parameter s and a set of environment parameters E' influencing s; wherein S is the same as S,
R={r 1 ,...,r k ,...,r l is a set of mathematical relationships between s and E', where k and l are both positive integers;
definition 2: the relationship is as follows: a relation R ∈ R is defined by a triple (F, VC, L); wherein F is a declaration part of the function, including a function name, a parameter list of the function, and a return value type; f designates the position of the system parameter s appearing in the whole system code; VC is a binary set (value(s), C (E ')), wherein C (E ') represents the current environmental condition and is a logical expression comprising E '; value(s) represents the value of the system parameter s under condition C (E'), either a numerical value or a calculation formula; l represents the level of influence of the environmental parameter on the system parameter under this condition; the influence level is a series of positive integers, and a larger value represents a smaller influence degree.
2. The environment modeling-oriented mobile robot runtime verification method of claim 1, wherein: the model merging rule is an environment model merging rule, and specifically comprises the following steps:
with two environment models M 1 (s 1 ,E 1 ',R 1 ) And M 2 (s 2 ,E 2 ',R 2 ) If s is 1 =s 2 Then the two environment models built for the same system parameter are merged, and the merging result is assumed to be M (s, E', R), where s is s 1 (ii) a The specific merge rule is defined as follows;
the preconditions are as follows: the condition that the two environment models can be combined is a precondition for judging whether the two environment models are the same;
and (3) model calculation rules: set M ═ M 1 ,m 2 ,...,m m N ═ N 1 ,n 2 ,...,n n The result of the combining operation is f (m, n), where every two elements are taken "&&", the obtained result is taken as" | ",
i.e., { (m) 1 &&n 1 )||(m 1 &&n 2 )||...||(m m &&n n ) }; wherein subscripts m and n are both positive integers;
first model merging rules: also called as an in-model standardization rule, which is a combination rule aiming at the relationship; specifically, an "|" operation is performed between elements in the relationship set, and "| |" is logical or "; wherein VC performs "|" operation, F and L are unchanged; m is a group of 1 In R 1 ={r 11 ,r 12 …r 1L After the rule is executed
R 1 ={r 11 ||r 12 ||...||r 1L }={F 1 ,(VC 11 ||VC 12 ||...||VC 1L ),L 1 },M 2 The same process is carried out;
second model merging rules: if E is 1 '=E 2 ',F 1 !=F 2 Namely, the function positions of the system parameters s in the system codes are different, so that the environment models are independent from each other and do not need to be combined; for normalized writing, M or
(s,{E 1 ',E 2 '},R 1 ∪R 2 ) Or remain unchanged;
third model merge rule: also called inter-model standardization rules; if E is 1 '!=E 2 ' and F 1 =F 2 That is, the physical influence factors of the system parameter s are different, but the function positions in the system code are the same; the merging rule is E ═ E 1 ',E 2 ' } wherein F is F in R 1 VC implements model calculation rules, L takes L 1 And L 2 Minimum of (d), i.e. L ═ Min { L ═ Min } 1 ,L 2 }; under the combined condition, the value of the system parameter value(s) takes the value which is most influenced by the environment, namely Worst { value 1 (s),value 2 (s)};
When the environment model does not meet the precondition of the merging rule, executing a first model merging rule, and carrying out normalization operation on the environment model; the second model merging rule and the third model merging rule are merging rules among models, wherein whether system parameters are in the same function is a key for determining whether the environmental models can be merged; when the plurality of models are subjected to normalized combination, executing combination rules pairwise until the combination preconditions are not met; when a plurality of physical factors affect a plurality of system parameters, the mathematical models with the same system parameters are respectively merged according to the precondition of model merging.
3. The environment modeling-oriented mobile robot runtime verification method of claim 2, wherein: the model conversion rule is an environment model conversion rule, and specifically comprises the following steps:
firstly, a pseudo code is used as an intermediate conversion code; for any environment model M (s, E ', R), the relationship is R ═ (F, (value(s), c (E')), L), the transformation rule is divided into the following steps:
(1) generating a corresponding function according to the information of the F in the relation;
(2) variable declaration: in the function, if s is not a local parameter of the function, generating an s variable and initializing;
(3) generating a condition judgment statement according to (value(s), C (E ')), wherein C (E') is a judgment condition, and value(s) is a value of s under the current condition; wherein the special symbol "|" represents "elseif" in the program;
(4) and (4) regenerating a new function when the union symbol 'U' appears, and executing the steps (1) to (3).
4. The environment modeling-oriented mobile robot runtime verification method of claim 1, wherein: the specific combination rule of the model combination rule comprises the following steps:
(1) traversing event definitions in all the attribute specifications, selecting events which have the same functions of event entry points as the functions F in the environment model codes and contain system parameters s to participate in calculation in event operation;
(2) selecting a code block: the start of the code block is a statement of a first system parameter s on the right of an assignment equal sign, and the end mark of the code block is a statement of a last system parameter s on the right of the assignment equal sign;
(3) replacing an if conditional control execution statement in the pseudo code corresponding to the environment model by taking the code block as a whole; if a code block corresponds to a plurality of model codes, namely a system parameter s in the model codes appears in the same expression, replacing the original code block with a new model code after the if conditions in all the model codes are subjected to mathematical combination operation;
(4) s on the right of the assignment number is replaced by a new value of s in the same judgment condition execution statement in the pseudo code corresponding to the environment model;
(5) and inserting the finally formed function code into the current event to replace the code block.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910542020.4A CN110298100B (en) | 2019-06-21 | 2019-06-21 | Environment modeling-oriented mobile robot runtime verification method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910542020.4A CN110298100B (en) | 2019-06-21 | 2019-06-21 | Environment modeling-oriented mobile robot runtime verification method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110298100A CN110298100A (en) | 2019-10-01 |
| CN110298100B true CN110298100B (en) | 2022-09-02 |
Family
ID=68028455
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910542020.4A Active CN110298100B (en) | 2019-06-21 | 2019-06-21 | Environment modeling-oriented mobile robot runtime verification method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110298100B (en) |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103699743A (en) * | 2013-12-25 | 2014-04-02 | 西北工业大学 | CPS (cyber physical system) modeling and verifying method based on conversion from CPS-ADL (architecture description language) model into hybrid program |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20130318486A1 (en) * | 2012-05-23 | 2013-11-28 | Lawrence SASAKI | Method and system for generating verification environments |
-
2019
- 2019-06-21 CN CN201910542020.4A patent/CN110298100B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103699743A (en) * | 2013-12-25 | 2014-04-02 | 西北工业大学 | CPS (cyber physical system) modeling and verifying method based on conversion from CPS-ADL (architecture description language) model into hybrid program |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110298100A (en) | 2019-10-01 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Košecká et al. | Discrete event systems for autonomous mobile agents | |
| Yasuda | Behavior-based autonomous cooperative control of intelligent mobile robot systems with embedded Petri nets | |
| Belle et al. | PREGO: an action language for belief-based cognitive robotics in continuous domains | |
| CN110298100B (en) | Environment modeling-oriented mobile robot runtime verification method | |
| Lahijanian et al. | A probabilistic approach for control of a stochastic system from LTL specifications | |
| Astorga et al. | Perception Contracts for Safety of ML-Enabled Systems | |
| Yang et al. | Extending behavior trees for representing and planning robot adjoint actions in partially observable environments | |
| Jaensch et al. | Virtual Commissioning Simulation as OpenAI Gym-A Reinforcement Learning Environment for Control Systems | |
| Luo et al. | Runtime verification of robots collision avoidance case study | |
| Yamaguchi et al. | RTAMT–Runtime Robustness Monitors with Application to CPS and Robotics | |
| Sanz et al. | Self-X: The control within | |
| Liu et al. | Safe model-based control from signal temporal logic specifications using recurrent neural networks | |
| Cubuktepe et al. | Shared control with human trust and workload models | |
| De Momi et al. | EuRoSurge Workflow: From ontology to surgical task execution | |
| CN113220664A (en) | Satellite telemetering intelligent interpretation system and method for quickly generating Lua script rule | |
| DeCastro et al. | Dynamics-based reactive synthesis and automated revisions for high-level robot control | |
| Xin et al. | Adaptive Model Verification for Modularized Industry 4.0 Applications | |
| Shamsi et al. | Probabilistic programming languages for modeling autonomous systems | |
| Wu | Investigation of different observation and action spaces for reinforcement learning on reaching tasks | |
| Freire et al. | Mobile robot navigation based on the fusion of control signals from different controllers | |
| Palomeras et al. | Towards a mission control language for auvs | |
| Wintermute | An overview of spatial processing in soar/svs | |
| Farooqui et al. | Towards automatic learning of discrete-event models from simulations | |
| Jin et al. | Online motion pattern recognition of finger gesture by inertial sensor | |
| Abdelhady et al. | Reuse-oriented SLAM Framework using Software Product Lines |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20240222 Address after: Room 101, 1st Floor, Building 3, No. 7 Yong'an Road, Shilong Industrial Zone, Mentougou District, Beijing, 102308 Patentee after: Beijing Xice Testing Technology Co.,Ltd. Country or region after: China Address before: No.56, Xisanhuan North Road, Haidian District, Beijing 100048 Patentee before: Capital Normal University Country or region before: China |
|
| TR01 | Transfer of patent right |