CMU-CS-20-129 Computer Science Department School of Computer Science, Carnegie Mellon University
Identification of Software Failures in Deborah Stephanie Surden Katz Ph.D. Thesis September 2020
Autonomous and robotics systems(ARSs)–systems that are designed to react independently and without human supervision to environmental stimuli – are complex and difficult to supervise but are an increasingly large portion of the systems currently being developed and in use. Quality assurance for these systems is complex, and the software for these systems contains many faults. My key insight is that typical program behavior is a basis for determining whether a program is operating within its normal parameters. To leverage this, I record summaries of program execution behavior using low-level monitoring to characterize each execution. By aggregating low-level execution data over many executions, I create a picture of typical program behavior; different behavior may indicate unintended behavior. My techniques use the data as input to machine learning algorithms which build models of expected behavior. These models analyze individual program executions to predict whether the given execution represents typical behavior. My core thesis is: Low-level execution signals, recorded over multiple executions of a robotics program or portion thereof, can be used to create machine learning models that, in turn, can be used to predict whether signals from previously-unseen executions represent usual or unusual behavior. The combination of low-level instrumentation and models can provide predictions with reasonable trade-offs between prediction accuracy, instrumentation intrusiveness, and calculation efficiency. n To support this thesis I demonstrate the efficacy of these techniques to detect software failures on small programs and in simulation on the ARDUPILOT autonomous vehicle and on other ARSs based on the Robot Operating System (ROS). I observe that ARSs are well-suited to low-level monitoring because they are cyber-physical. Although in other situations such monitoring may create intolerable overhead, these distributed systems that interact with the real world have time or cycles that would otherwise be spent waiting for real world events. As such, ARSs are well-situated to absorb overhead that monitoring generates. However, ARSs often do have timing-sensitive components, for example, deadlines and timeouts that, if missed, cause the system to abort. To this end, I measure the extent to which ARSs can absorb artificially-inserted timing delays.
87 pages
Thesis Committee:
Srinivasan Seshan, Head, Computer Science Department
| |
Return to:
SCS Technical Report Collection This page maintained by [email protected] |