skip to main content

Title: Certified Control for Self-Driving Cars.
Certified control is a new architectural pattern for achieving high assurance of safety in autonomous cars. As with a traditional safety controller or interlock, a separate component oversees safety and intervenes to prevent safety violations. This component (along with sensors and actuators) comprises a trusted base that can ensure safety even if the main controller fails. But in certified control, the interlock does not use the sensors directly to determine when to intervene. Instead, the main controller is given the responsibility of presenting the interlock with a certificate that provides evidence that the proposed next action is safe. The interlock checks this certificate, and intervenes only if the check fails. Because generating such a certificate is usually much harder than checking one, the interlock can be smaller and simpler than the main controller, and thus assuring its correctness is more feasible.
; ; ; ; ; ; ;
Award ID(s):
Publication Date:
Journal Name:
DARS 2019: 4th Workshop On The Design And Analysis Of Robust Systems
Sponsoring Org:
National Science Foundation
More Like this
  1. Modern medical devices aim at providing invasive e-health care services to patients with long-term conditions. Typically, these services are implemented as embedded software applications that remotely and automatically control the opera- tions of the devices according to the patient’s condition as mon- itored by the underlying sensors. Such applications are neither safe nor secure mainly because of unreliable sensors, which may provide incorrect input data either due to its malfunctioning or due to some accidental (by privileged user) or intentional (by adversary) interference. Hence, the incorrect sensor data may lead to identification of inaccurate patient condition, which may threaten themore »patient’s life. To ensure safety and security of e- health applications, current approaches employ data analysis techniques to monitor sensor data and alarm when some unusual value is detected and employ access control strategies to ensure that controller decisions are consistent with sensor input data. However, such approaches fail to detect stealthy attacks, e.g. bad data (false data injection) and bad computations because they do not understand what the application or device is trying to do. To this end, we evaluate our existing approach (i.e., ARMET) to assure safety and security of an emerging and critically real-time application domain of e-health. The approach is based on the specification of the application and device, which has a design and a run-time component. Given an application specification, the design component employs logical verification methods to assure that the application design is resilient to some bad data, i.e., there are no sensor input data values with meaningful threshold which are admissible to the specification but are not true. Given the specification, the runtime component monitors application’s execution and assures that the execution is consistent with the specification and alarms whenever it detects a violation, i.e., there is a bad computation. We evaluate the methodology through its application to an example medical e-health application that controls and monitors blood glucose through an insulin pump.« less
  2. Control systems are increasingly targeted by malicious adversaries, who may inject spurious sensor measurements in order to bias the controller behavior and cause suboptimal performance or safety violations. This paper investigates the problem of tracking a reference trajectory while satisfying safety and reachability constraints in the presence of such false data injection attacks. We consider a linear, time-invariant system with additive Gaussian noise in which a subset of sensors can be compromised by an attacker, while the remaining sensors are regarded as secure. We propose a control policy in which two estimates of the system state are maintained, one basedmore »on all sensors and one based on only the secure sensors. The optimal control action based on the secure sensors alone is then computed at each time step, and the chosen control action is constrained to lie within a given distance of this value. We show that this policy can be implemented by solving a quadraticallyconstrained quadratic program at each time step. We develop a barrier function approach to choosing the parameters of our scheme in order to provide provable guarantees on safety and reachability, and derive bounds on the probability that our control policies deviate from the optimal policy when no attacker is present. Our framework is validated through numerical study.« less
  3. The platooning of connected and automated vehicles (CAVs) is expected to have a transformative impact on road transportation, e.g., enhancing highway safety, improving traffic utility, and reducing fuel consumption. Requiring only local information, distributed control schemes are scalable approaches to the coordination of multiple CAVs without using centralized communication and computation. From the perspective of multi-agent consensus control, this paper introduces a decomposition framework to model, analyze, and design the platoon system. In this framework, a platoon is naturally decomposed into four interrelated components, i.e., 1) node dynamics, 2) information flow network, 3) distributed controller, and 4) geometry formation. Themore »classic model of each component is summarized according to the results of the literature survey; four main performance metrics, i.e., internal stability, stability margin, string stability, and coherence behavior, are discussed in the same fashion. Also, the basis of typical distributed control techniques is presented, including linear consensus control, distributed robust control, distributed sliding mode control, and distributed model predictive control.« less
  4. A robustness certificate is the minimum distance of a given input to the decision boundary of the classifier (or its lower bound). For {\it any} input perturbations with a magnitude smaller than the certificate value, the classification output will provably remain unchanged. Exactly computing the robustness certificates for neural networks is difficult since it requires solving a non-convex optimization. In this paper, we provide computationally-efficient robustness certificates for neural networks with differentiable activation functions in two steps. First, we show that if the eigenvalues of the Hessian of the network are bounded, we can compute a robustness certificate in themore »l2 norm efficiently using convex optimization. Second, we derive a computationally-efficient differentiable upper bound on the curvature of a deep network. We also use the curvature bound as a regularization term during the training of the network to boost its certified robustness. Putting these results together leads to our proposed {\bf C}urvature-based {\bf R}obustness {\bf C}ertificate (CRC) and {\bf C}urvature-based {\bf R}obust {\bf T}raining (CRT). Our numerical results show that CRT leads to significantly higher certified robust accuracy compared to interval-bound propagation (IBP) based training. We achieve certified robust accuracy 69.79\%, 57.78\% and 53.19\% while IBP-based methods achieve 44.96\%, 44.74\% and 44.66\% on 2,3 and 4 layer networks respectively on the MNIST-dataset.« less
  5. This paper considers the problem of fast and safe autonomous navigation in partially known environments. Our main contribution is a control policy design based on ellipsoidal trajectory bounds obtained from a quadratic state-dependent distance metric. The ellipsoidal bounds are used to embed directional preference in the control design, leading to system behavior that is adapted to local environment geometry, carefully considering medial obstacles while paying less attention to lateral ones. We use a virtual reference governor system to adaptively follow a desired navigation path, slowing down when system safety may be violated and speeding up otherwise. The resulting controller ismore »able to navigate complex environments faster than common Euclidean-norm and Lyapunov-function-based designs, while retaining stability and collision avoidance guarantees.« less