SlideShare une entreprise Scribd logo

A Simplex Architecture for Intelligent and Safe Unmanned Aerial Vehicles

Heechul Yun
Heechul Yun

Slides for our paper "A Simplex Architecture for Intelligent and Safe Unmanned Aerial Vehicles," published at RTCSA 2016

Ingénierie
1  sur  26
Télécharger pour lire hors ligne
A Simplex Architecture for Intelligent and Safe Unmanned Aerial Vehicles Prasanth Vivekanandan+, Gonzalo Garcia*, Heechul Yun+, Shawn Keshmiri* Electrical Engineering and Computer Science + Aerospace Engineering * University of Kansas 1
Intelligent UAVs • Many applications – Commercial, military, police,… – $10B in 3 years* 2 http://abarry.org/ (*) http://gizmodo.com/some-good-things-drones-can-actually-do-1475717696 Amazon prime airFollow me Search & rescuesurveillance
Intelligent UAVs • Powerful computer hardware – Multicore SoC, GPU • High performance, Low cost, size, weight, and power • Powerful software framework – Linux, middleware, libraries • Productivity, ease of development – Like a PC 3
Safety Challenges UAVs are safety critical systems 4 http://rochester.nydatabases.com/map/domestic-drone-accidents http://petapixel.com/2015/12/23/crashing-camera-dro ne-narrowly-misses-top-skiier/ http://www.nytimes.com/2015/01/28/us/white-h ouse-drone.html
Sources of Failures • Sensors • Airframe • Actuators • Onboard computing platform – Software – Hardware 5
Safety Challenges: Software • Increasing complexity – E.g., Linux: > 15M SLOC • Concurrency – Multithreading is hard • Race condition. Order violation • Timing unpredictability – Shared resource contention affects timing • >21X slowdown on a cache partitioned multicore (*)  Software bugs are hard to weed out 6 https://www.quora.com/How-many-lines-of-code-are-in-the-Linux-kernel (*) Prathap Kumar Valsan, Heechul Yun, Farzad Farshchi. Taming Non-blocking Caches to Improve Isolation in Multicore Real-Time Systems. IEEE Intl. Conf erence on Real-Time and Embedded Technology and Applications Symposium (RTAS), IEEE, 2016.. Best Paper Award
Safety Challenges: Hardware • Hardware bugs – Pentium floating point bug (FDIV bug) – Intel CPU bugs in 2015: http://danluu.com/cpu-bugs/ • “Certain Combinations of AVX Instructions May Cause Unpredictable System Behavior” • “Processor May Experience a Spurious LLC-Related Machine Check During Periods of High Activity” • … • Transient hardware faults (soft errors) – Single event upset (SEU) in SRAM, logic • Due to alpha particle, cosmic radiation – Manifested as software failures • Crashes, wrong output: silent data corruption – Bigger problem in advanced CPU • Increased density, freq  higher soft error 7 http://www.cotsjournalonline.com/articles/view/102279
Safety Challenges: Hardware • SRAM SER vs. technology scaling – Per-bit SER decreases – Per-chip SER increases (due to higher density)  Complex hardware is buggy and less reliable 8 Ibe et al., “Scaling Effects on Neutron-Induced Soft Error in SRAMs Down to 22nm Process” (Hitachi)
How to Improve Safety of a System? • Correct by design – Formal method based software development • Difficult for a complex system – Radiation hardened processors • Expensive and low performance • Deal with failures – Run-time monitoring and redundancy 9
Outline • Motivation • UAV Simplex Architecture • Prototype and Case Study 10
Simplex Architecture (*) • Protect an untrusted complex controller with a trusted backup controller • General architectural principal 11 (*) L. Sha, Using Simplicity to Control Complexity, IEEE Software, 2001 Safety Controller Performance Controller UAV Plant Decision Logic Plant
UAV Simplex Architecture • Idea: use two hardware/software platforms with distinct performance and reliability characteristics to realize Simplex 12 High Performance (HP) Platform High Assurance (HA) Platform Safety controller Performance controller UAV Plant Decision Logic GPS,IMU Radar, Camera HA Platform (Arduino) HP Platform: (Tegra TK1) Rich OS (Linux), Middleware (ROS)
Two Platforms • High Assurance (HA) Platform – Simple hardware and software for verification and reliability – Hardware: low frequency and density to reduce SEUs – Software: certifiable, simple, low SLOC • High Performance (HP) Platform – Complex hardware and software for performance – Hardware: performance oriented multicore, multi-gigahz, gpu – Software: productivity oriented software framework, millions SLOC 13
Outline • Motivation • UAV Simplex Architecture • Prototypes and Case Study 14
Prototype Avionics • AFS: our custom built avionics – Arduino based custom DAQ • Basic sensors: IMU, GPS – Nvidia Tegra TK1 • 4 x ARM cores + 192 GPU cores • Advanced sensors: camera, radar • UAVs with the AFS – Applied to four UAVs in Dr. Keshmiri’s lab in KU Aerospace Engineering – Fixed wing (DG 808, G1XD, G1XB) and a Quadcopter 15
UAVs with AFS 16 DG 808G1XB Quadcopter G1XB G1XD
Performance Controller • Hardware – Nvidia Tegra TK1, 4 x ARM Cortex-A15 @ 2.3GHz, 192 core GPU – 28nm process, > a billion transistors  complex, high potential SEUs • Performance controller – Intelligent adaptive non-linear control using advanced sensor packages (goal) – Use Linux (Ubuntu), Robot Operating System (ROS)  difficult to verify 17 ROS nodesRadar Vision Performance controller
Safety Controller • Hardware – Arduino Due, a single ARM Cortex-M3 @ 80MHz – Low density, low operating freq.  less susceptible for SEUs • Safety controller – Matlab Simulink coder + Arduino sketch, no OS small and easier to verify 18 Safety controller (Simulink model)
Decision Logic • Fault models – HA (safety controller, decision logic) is trusted – HP is not trusted • Decision logic – Detect crash, connect failure, timing violation, invalid outputs (e.g., NaN) – Recovery: reboot the HP platform – Limitation: Currently don’t know “unsafe” states 19 Detectable faults
Execution Flow 20 HA platform (Arduino) HP platform (Tegra TK1)
Case Study: Fault (Crash) Injection • Experiment – Kill the performance controller in the middle flight • Hardware-in-the-loop (HIL) setup 21
Case Study: Fault (Crash) Injection 22
Case Study: Fault (Crash) Injection • Monitored from the ground station software 23
Conclusion and Future Work • Safety challenges of intelligent UAVs – Software: increasing complexity, concurrency and timing non-determinism – Hardware: increasing reliability issues. E.g., transient hardware faults (SEUs) • UAV Simplex architecture – Two platform based realization of Simplex • High assurance (HA) platform: simple, verifiable • High performance (HP) platform: performant, unverifiable 24
Conclusion and Future Work • Prototype development and case study – Nvidia Tegra TK1 + Arduino based – Can survive from performance controller crash • Ongoing and Future work – Radar and vision based sense & avoid – Define and detect unsafe state (not just crash) – Detect and recover intrusion (security) – Handling of sensor faults 25
Thank You Disclaimer: This work is supported by the National Aeronautics and Space Administration's (NASA's) Leading Edge Aeronautics Research for NASA (LEARN) fund under grant number NNX15AN94A and Paul G. Allen Family Foundation (PGAFF) grant number KUAE#40956. More details can be found in the following publication. Prasanth Vivekanandan, Gonzalo Garcia, Heechul Yun, Shawn Keshmiri. “A Simplex Architecture for Intelligent and Safe Unmanned Aerial Vehicles.” IEEE International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA), IEEE, 2016 26

Recommandé

MemGuard: Memory Bandwidth Reservation System for Efficient Performance Isola...
MemGuard: Memory Bandwidth Reservation System for Efficient Performance Isola...MemGuard: Memory Bandwidth Reservation System for Efficient Performance Isola...
MemGuard: Memory Bandwidth Reservation System for Efficient Performance Isola...
Heechul Yun
 
Multi-IMA Partition Scheduling for Global I/O Synchronization
Multi-IMA Partition Scheduling for Global I/O SynchronizationMulti-IMA Partition Scheduling for Global I/O Synchronization
Multi-IMA Partition Scheduling for Global I/O Synchronization
rtsljekim
 
Improving Real-Time Performance on Multicore Platforms using MemGuard
Improving Real-Time Performance on Multicore Platforms using MemGuardImproving Real-Time Performance on Multicore Platforms using MemGuard
Improving Real-Time Performance on Multicore Platforms using MemGuard
Heechul Yun
 
SecureCore RTAS2013
SecureCore RTAS2013SecureCore RTAS2013
SecureCore RTAS2013
mkyoon83
 
Taming Non-blocking Caches to Improve Isolation in Multicore Real-Time Systems
Taming Non-blocking Caches to Improve Isolation in Multicore Real-Time SystemsTaming Non-blocking Caches to Improve Isolation in Multicore Real-Time Systems
Taming Non-blocking Caches to Improve Isolation in Multicore Real-Time Systems
Heechul Yun
 
Parallelism-Aware Memory Interference Delay Analysis for COTS Multicore Systems
Parallelism-Aware Memory Interference Delay Analysis for COTS Multicore SystemsParallelism-Aware Memory Interference Delay Analysis for COTS Multicore Systems
Parallelism-Aware Memory Interference Delay Analysis for COTS Multicore Systems
Heechul Yun
 
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecks
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecksKernel Recipes 2015: Solving the Linux storage scalability bottlenecks
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecks
Anne Nicolas
 
asap2013-khoa-presentation
asap2013-khoa-presentationasap2013-khoa-presentation
asap2013-khoa-presentation
Abhishek Jain
 

Recommandé

MemGuard: Memory Bandwidth Reservation System for Efficient Performance Isola...
MemGuard: Memory Bandwidth Reservation System for Efficient Performance Isola...MemGuard: Memory Bandwidth Reservation System for Efficient Performance Isola...
MemGuard: Memory Bandwidth Reservation System for Efficient Performance Isola...
Heechul Yun
 
Multi-IMA Partition Scheduling for Global I/O Synchronization
Multi-IMA Partition Scheduling for Global I/O SynchronizationMulti-IMA Partition Scheduling for Global I/O Synchronization
Multi-IMA Partition Scheduling for Global I/O Synchronization
rtsljekim
 
Improving Real-Time Performance on Multicore Platforms using MemGuard
Improving Real-Time Performance on Multicore Platforms using MemGuardImproving Real-Time Performance on Multicore Platforms using MemGuard
Improving Real-Time Performance on Multicore Platforms using MemGuard
Heechul Yun
 
SecureCore RTAS2013
SecureCore RTAS2013SecureCore RTAS2013
SecureCore RTAS2013
mkyoon83
 
Taming Non-blocking Caches to Improve Isolation in Multicore Real-Time Systems
Taming Non-blocking Caches to Improve Isolation in Multicore Real-Time SystemsTaming Non-blocking Caches to Improve Isolation in Multicore Real-Time Systems
Taming Non-blocking Caches to Improve Isolation in Multicore Real-Time Systems
Heechul Yun
 
Parallelism-Aware Memory Interference Delay Analysis for COTS Multicore Systems
Parallelism-Aware Memory Interference Delay Analysis for COTS Multicore SystemsParallelism-Aware Memory Interference Delay Analysis for COTS Multicore Systems
Parallelism-Aware Memory Interference Delay Analysis for COTS Multicore Systems
Heechul Yun
 
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecks
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecksKernel Recipes 2015: Solving the Linux storage scalability bottlenecks
Kernel Recipes 2015: Solving the Linux storage scalability bottlenecks
Anne Nicolas
 
asap2013-khoa-presentation
asap2013-khoa-presentationasap2013-khoa-presentation
asap2013-khoa-presentation
Abhishek Jain
 
High Performance Storage Devices in the Linux Kernel
High Performance Storage Devices in the Linux KernelHigh Performance Storage Devices in the Linux Kernel
High Performance Storage Devices in the Linux Kernel
Kernel TLV
 
Block I/O Layer Tracing: blktrace
Block I/O Layer Tracing: blktraceBlock I/O Layer Tracing: blktrace
Block I/O Layer Tracing: blktrace
Babak Farrokhi
 
Priority Inversion on Mars
Priority Inversion on MarsPriority Inversion on Mars
Priority Inversion on Mars
National Cheng Kung University
 
Memory management in vx works
Memory management in vx worksMemory management in vx works
Memory management in vx works
Dhan V Sagar
 
RTOS on ARM cortex-M platform -draft
RTOS on ARM cortex-M platform -draftRTOS on ARM cortex-M platform -draft
RTOS on ARM cortex-M platform -draft
Jou Neo
 
HKG15-100: What is Linaro working on - core development lightning talks
HKG15-100: What is Linaro working on - core development lightning talksHKG15-100: What is Linaro working on - core development lightning talks
HKG15-100: What is Linaro working on - core development lightning talks
Linaro
 
Memory access control in multiprocessor for real-time system with mixed criti...
Memory access control in multiprocessor for real-time system with mixed criti...Memory access control in multiprocessor for real-time system with mixed criti...
Memory access control in multiprocessor for real-time system with mixed criti...
Heechul Yun
 
Velocity 2015 linux perf tools
Velocity 2015 linux perf toolsVelocity 2015 linux perf tools
Velocity 2015 linux perf tools
Brendan Gregg
 
Linux BPF Superpowers
Linux BPF SuperpowersLinux BPF Superpowers
Linux BPF Superpowers
Brendan Gregg
 
Understand and optimize Linux I/O
Understand and optimize Linux I/OUnderstand and optimize Linux I/O
Understand and optimize Linux I/O
Andrea Righi
 
Broken Linux Performance Tools 2016
Broken Linux Performance Tools 2016Broken Linux Performance Tools 2016
Broken Linux Performance Tools 2016
Brendan Gregg
 
From DTrace to Linux
From DTrace to LinuxFrom DTrace to Linux
From DTrace to Linux
Brendan Gregg
 
YOW2021 Computing Performance
YOW2021 Computing PerformanceYOW2021 Computing Performance
YOW2021 Computing Performance
Brendan Gregg
 
Q4.11: Sched_mc on dual / quad cores
Q4.11: Sched_mc on dual / quad coresQ4.11: Sched_mc on dual / quad cores
Q4.11: Sched_mc on dual / quad cores
Linaro
 
AOS Lab 11: Virtualization
AOS Lab 11: VirtualizationAOS Lab 11: Virtualization
AOS Lab 11: Virtualization
Zubair Nabi
 
Unified Hardware Abstraction Layer with Device Masquerade
Unified Hardware Abstraction Layer with Device MasqueradeUnified Hardware Abstraction Layer with Device Masquerade
Unified Hardware Abstraction Layer with Device Masquerade
Shinagawa Laboratory, The University of Tokyo
 
ACM Applicative System Methodology 2016
ACM Applicative System Methodology 2016ACM Applicative System Methodology 2016
ACM Applicative System Methodology 2016
Brendan Gregg
 
BURA Supercomputer
BURA SupercomputerBURA Supercomputer
BURA Supercomputer
SIMTEC Software and Services
 
Lisa12 methodologies
Lisa12 methodologiesLisa12 methodologies
Lisa12 methodologies
Brendan Gregg
 
Modern Linux Tracing Landscape
Modern Linux Tracing LandscapeModern Linux Tracing Landscape
Modern Linux Tracing Landscape
Kernel TLV
 
HiPEAC Computing Systems Week 2022_Mario Porrmann presentation
HiPEAC Computing Systems Week 2022_Mario Porrmann presentationHiPEAC Computing Systems Week 2022_Mario Porrmann presentation
HiPEAC Computing Systems Week 2022_Mario Porrmann presentation
VEDLIoT Project
 
Embedded systems introduction
Embedded systems introductionEmbedded systems introduction
Embedded systems introduction
Sagar Adroja
 

Contenu connexe

Tendances

Memory management in vx works
Memory management in vx worksMemory management in vx works
Memory management in vx works
Dhan V Sagar
 
HKG15-100: What is Linaro working on - core development lightning talks
HKG15-100: What is Linaro working on - core development lightning talksHKG15-100: What is Linaro working on - core development lightning talks
HKG15-100: What is Linaro working on - core development lightning talks
Linaro
 
Velocity 2015 linux perf tools
Velocity 2015 linux perf toolsVelocity 2015 linux perf tools
Velocity 2015 linux perf tools
Brendan Gregg
 
Linux BPF Superpowers
Linux BPF SuperpowersLinux BPF Superpowers
Linux BPF Superpowers
Brendan Gregg
 
Broken Linux Performance Tools 2016
Broken Linux Performance Tools 2016Broken Linux Performance Tools 2016
Broken Linux Performance Tools 2016
Brendan Gregg
 
From DTrace to Linux
From DTrace to LinuxFrom DTrace to Linux
From DTrace to Linux
Brendan Gregg
 
YOW2021 Computing Performance
YOW2021 Computing PerformanceYOW2021 Computing Performance
YOW2021 Computing Performance
Brendan Gregg
 
AOS Lab 11: Virtualization
AOS Lab 11: VirtualizationAOS Lab 11: Virtualization
AOS Lab 11: Virtualization
Zubair Nabi
 
ACM Applicative System Methodology 2016
ACM Applicative System Methodology 2016ACM Applicative System Methodology 2016
ACM Applicative System Methodology 2016
Brendan Gregg
 
Modern Linux Tracing Landscape
Modern Linux Tracing LandscapeModern Linux Tracing Landscape
Modern Linux Tracing Landscape
Kernel TLV
 

Tendances (20)

High Performance Storage Devices in the Linux Kernel
High Performance Storage Devices in the Linux KernelHigh Performance Storage Devices in the Linux Kernel
High Performance Storage Devices in the Linux Kernel
 
Block I/O Layer Tracing: blktrace
Block I/O Layer Tracing: blktraceBlock I/O Layer Tracing: blktrace
Block I/O Layer Tracing: blktrace
 
Priority Inversion on Mars
Priority Inversion on MarsPriority Inversion on Mars
Priority Inversion on Mars
 
Memory management in vx works
Memory management in vx worksMemory management in vx works
Memory management in vx works
 
RTOS on ARM cortex-M platform -draft
RTOS on ARM cortex-M platform -draftRTOS on ARM cortex-M platform -draft
RTOS on ARM cortex-M platform -draft
 
HKG15-100: What is Linaro working on - core development lightning talks
HKG15-100: What is Linaro working on - core development lightning talksHKG15-100: What is Linaro working on - core development lightning talks
HKG15-100: What is Linaro working on - core development lightning talks
 
Memory access control in multiprocessor for real-time system with mixed criti...
Memory access control in multiprocessor for real-time system with mixed criti...Memory access control in multiprocessor for real-time system with mixed criti...
Memory access control in multiprocessor for real-time system with mixed criti...
 
Velocity 2015 linux perf tools
Velocity 2015 linux perf toolsVelocity 2015 linux perf tools
Velocity 2015 linux perf tools
 
Linux BPF Superpowers
Linux BPF SuperpowersLinux BPF Superpowers
Linux BPF Superpowers
 
Understand and optimize Linux I/O
Understand and optimize Linux I/OUnderstand and optimize Linux I/O
Understand and optimize Linux I/O
 
Broken Linux Performance Tools 2016
Broken Linux Performance Tools 2016Broken Linux Performance Tools 2016
Broken Linux Performance Tools 2016
 
From DTrace to Linux
From DTrace to LinuxFrom DTrace to Linux
From DTrace to Linux
 
YOW2021 Computing Performance
YOW2021 Computing PerformanceYOW2021 Computing Performance
YOW2021 Computing Performance
 
Q4.11: Sched_mc on dual / quad cores
Q4.11: Sched_mc on dual / quad coresQ4.11: Sched_mc on dual / quad cores
Q4.11: Sched_mc on dual / quad cores
 
AOS Lab 11: Virtualization
AOS Lab 11: VirtualizationAOS Lab 11: Virtualization
AOS Lab 11: Virtualization
 
Unified Hardware Abstraction Layer with Device Masquerade
Unified Hardware Abstraction Layer with Device MasqueradeUnified Hardware Abstraction Layer with Device Masquerade
Unified Hardware Abstraction Layer with Device Masquerade
 
ACM Applicative System Methodology 2016
ACM Applicative System Methodology 2016ACM Applicative System Methodology 2016
ACM Applicative System Methodology 2016
 
BURA Supercomputer
BURA SupercomputerBURA Supercomputer
BURA Supercomputer
 
Lisa12 methodologies
Lisa12 methodologiesLisa12 methodologies
Lisa12 methodologies
 
Modern Linux Tracing Landscape
Modern Linux Tracing LandscapeModern Linux Tracing Landscape
Modern Linux Tracing Landscape
 

Similaire à A Simplex Architecture for Intelligent and Safe Unmanned Aerial Vehicles

Secure IOT Gateway
Secure IOT GatewaySecure IOT Gateway
Secure IOT Gateway
LF Events
 
Claudio Scordino - Handling mixed criticality on embedded multi-core systems
Claudio Scordino - Handling mixed criticality on embedded multi-core systemsClaudio Scordino - Handling mixed criticality on embedded multi-core systems
Claudio Scordino - Handling mixed criticality on embedded multi-core systems
linuxlab_conf
 
Acceleration_and_Security_draft_v2
Acceleration_and_Security_draft_v2Acceleration_and_Security_draft_v2
Acceleration_and_Security_draft_v2
Srinivasa Addepalli
 
"Click here" to build your UAV
"Click here" to build your UAV"Click here" to build your UAV
"Click here" to build your UAV
Dirk Gorissen
 
Blackhat USA 2016 - What's the DFIRence for ICS?
Blackhat USA 2016 - What's the DFIRence for ICS?Blackhat USA 2016 - What's the DFIRence for ICS?
Blackhat USA 2016 - What's the DFIRence for ICS?
Chris Sistrunk
 

Similaire à A Simplex Architecture for Intelligent and Safe Unmanned Aerial Vehicles (20)

HiPEAC Computing Systems Week 2022_Mario Porrmann presentation
HiPEAC Computing Systems Week 2022_Mario Porrmann presentationHiPEAC Computing Systems Week 2022_Mario Porrmann presentation
HiPEAC Computing Systems Week 2022_Mario Porrmann presentation
 
Embedded systems introduction
Embedded systems introductionEmbedded systems introduction
Embedded systems introduction
 
Embedded Systems Introduction
Embedded Systems IntroductionEmbedded Systems Introduction
Embedded Systems Introduction
 
Portfolio
PortfolioPortfolio
Portfolio
 
QNX Sales Engineering Presentation
QNX Sales Engineering PresentationQNX Sales Engineering Presentation
QNX Sales Engineering Presentation
 
CNIT 123: Ch 9: Embedded Operating Systems: The Hidden Threat
CNIT 123: Ch 9: Embedded Operating Systems: The Hidden ThreatCNIT 123: Ch 9: Embedded Operating Systems: The Hidden Threat
CNIT 123: Ch 9: Embedded Operating Systems: The Hidden Threat
 
Secure IOT Gateway
Secure IOT GatewaySecure IOT Gateway
Secure IOT Gateway
 
Claudio Scordino - Handling mixed criticality on embedded multi-core systems
Claudio Scordino - Handling mixed criticality on embedded multi-core systemsClaudio Scordino - Handling mixed criticality on embedded multi-core systems
Claudio Scordino - Handling mixed criticality on embedded multi-core systems
 
Security and functional safety
Security and functional safetySecurity and functional safety
Security and functional safety
 
Faults inside System Software
Faults inside System SoftwareFaults inside System Software
Faults inside System Software
 
Building the Internet of Things with Thingsquare and Contiki - day 2 part 1
Building the Internet of Things with Thingsquare and Contiki - day 2 part 1Building the Internet of Things with Thingsquare and Contiki - day 2 part 1
Building the Internet of Things with Thingsquare and Contiki - day 2 part 1
 
Affordable trustworthy-systems
Affordable trustworthy-systemsAffordable trustworthy-systems
Affordable trustworthy-systems
 
Acceleration_and_Security_draft_v2
Acceleration_and_Security_draft_v2Acceleration_and_Security_draft_v2
Acceleration_and_Security_draft_v2
 
Esd module1
Esd module1Esd module1
Esd module1
 
Industrial Pioneers Days - Machine Learning
Industrial Pioneers Days - Machine LearningIndustrial Pioneers Days - Machine Learning
Industrial Pioneers Days - Machine Learning
 
"Click here" to build your UAV
"Click here" to build your UAV"Click here" to build your UAV
"Click here" to build your UAV
 
SS-CPSIoT 2023_Kevin Mika and Piotr Zierhoffer presentation
SS-CPSIoT 2023_Kevin Mika and Piotr Zierhoffer presentationSS-CPSIoT 2023_Kevin Mika and Piotr Zierhoffer presentation
SS-CPSIoT 2023_Kevin Mika and Piotr Zierhoffer presentation
 
Embedded Intro India05
Embedded Intro India05Embedded Intro India05
Embedded Intro India05
 
Blackhat USA 2016 - What's the DFIRence for ICS?
Blackhat USA 2016 - What's the DFIRence for ICS?Blackhat USA 2016 - What's the DFIRence for ICS?
Blackhat USA 2016 - What's the DFIRence for ICS?
 
1. An Introduction to Embed Systems_DRKG.pptx
1. An Introduction to Embed Systems_DRKG.pptx1. An Introduction to Embed Systems_DRKG.pptx
1. An Introduction to Embed Systems_DRKG.pptx
 

Dernier

result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college project
Tonystark477637
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
ranjana rawat
 
Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...
Christo Ananth
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Christo Ananth
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
Kamal Acharya
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Christo Ananth
 
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
Call Girls in Nagpur High Profile Call Girls
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
roncy bisnoi
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
Asst.prof M.Gokilavani
 
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Call Girls in Nagpur High Profile
 

Dernier (20)

result management system report for college project
result management system report for college projectresult management system report for college project
result management system report for college project
 
UNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its PerformanceUNIT - IV - Air Compressors and its Performance
UNIT - IV - Air Compressors and its Performance
 
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
The Most Attractive Pune Call Girls Budhwar Peth 8250192130 Will You Miss Thi...
 
Vivazz, Mieres Social Housing Design Spain
Vivazz, Mieres Social Housing Design SpainVivazz, Mieres Social Housing Design Spain
Vivazz, Mieres Social Housing Design Spain
 
Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...Call for Papers - International Journal of Intelligent Systems and Applicatio...
Call for Papers - International Journal of Intelligent Systems and Applicatio...
 
UNIT-IFLUID PROPERTIES & FLOW CHARACTERISTICS
UNIT-IFLUID PROPERTIES & FLOW CHARACTERISTICSUNIT-IFLUID PROPERTIES & FLOW CHARACTERISTICS
UNIT-IFLUID PROPERTIES & FLOW CHARACTERISTICS
 
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdfONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
ONLINE FOOD ORDER SYSTEM PROJECT REPORT.pdf
 
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
Call for Papers - Educational Administration: Theory and Practice, E-ISSN: 21...
 
NFPA 5000 2024 standard .
NFPA 5000 2024 standard .NFPA 5000 2024 standard .
NFPA 5000 2024 standard .
 
University management System project report..pdf
University management System project report..pdfUniversity management System project report..pdf
University management System project report..pdf
 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
 
Intze Overhead Water Tank Design by Working Stress - IS Method.pdf
Intze Overhead Water Tank Design by Working Stress - IS Method.pdfIntze Overhead Water Tank Design by Working Stress - IS Method.pdf
Intze Overhead Water Tank Design by Working Stress - IS Method.pdf
 
Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024Water Industry Process Automation & Control Monthly - April 2024
Water Industry Process Automation & Control Monthly - April 2024
 
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
(INDIRA) Call Girl Aurangabad Call Now 8617697112 Aurangabad Escorts 24x7
 
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
Call Girls Pimpri Chinchwad Call Me 7737669865 Budget Friendly No Advance Boo...
 
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptxBSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
BSides Seattle 2024 - Stopping Ethan Hunt From Taking Your Data.pptx
 
chapter 5.pptx: drainage and irrigation engineering
chapter 5.pptx: drainage and irrigation engineeringchapter 5.pptx: drainage and irrigation engineering
chapter 5.pptx: drainage and irrigation engineering
 
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete RecordCCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
CCS335 _ Neural Networks and Deep Learning Laboratory_Lab Complete Record
 
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
Booking open Available Pune Call Girls Pargaon 6297143586 Call Hot Indian Gi...
 
Thermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.pptThermal Engineering -unit - III & IV.ppt
Thermal Engineering -unit - III & IV.ppt
 

A Simplex Architecture for Intelligent and Safe Unmanned Aerial Vehicles

  • 1. A Simplex Architecture for Intelligent and Safe Unmanned Aerial Vehicles Prasanth Vivekanandan+, Gonzalo Garcia*, Heechul Yun+, Shawn Keshmiri* Electrical Engineering and Computer Science + Aerospace Engineering * University of Kansas 1
  • 2. Intelligent UAVs • Many applications – Commercial, military, police,… – $10B in 3 years* 2 http://abarry.org/ (*) http://gizmodo.com/some-good-things-drones-can-actually-do-1475717696 Amazon prime airFollow me Search & rescuesurveillance
  • 3. Intelligent UAVs • Powerful computer hardware – Multicore SoC, GPU • High performance, Low cost, size, weight, and power • Powerful software framework – Linux, middleware, libraries • Productivity, ease of development – Like a PC 3
  • 4. Safety Challenges UAVs are safety critical systems 4 http://rochester.nydatabases.com/map/domestic-drone-accidents http://petapixel.com/2015/12/23/crashing-camera-dro ne-narrowly-misses-top-skiier/ http://www.nytimes.com/2015/01/28/us/white-h ouse-drone.html
  • 5. Sources of Failures • Sensors • Airframe • Actuators • Onboard computing platform – Software – Hardware 5
  • 6. Safety Challenges: Software • Increasing complexity – E.g., Linux: > 15M SLOC • Concurrency – Multithreading is hard • Race condition. Order violation • Timing unpredictability – Shared resource contention affects timing • >21X slowdown on a cache partitioned multicore (*)  Software bugs are hard to weed out 6 https://www.quora.com/How-many-lines-of-code-are-in-the-Linux-kernel (*) Prathap Kumar Valsan, Heechul Yun, Farzad Farshchi. Taming Non-blocking Caches to Improve Isolation in Multicore Real-Time Systems. IEEE Intl. Conf erence on Real-Time and Embedded Technology and Applications Symposium (RTAS), IEEE, 2016.. Best Paper Award
  • 7. Safety Challenges: Hardware • Hardware bugs – Pentium floating point bug (FDIV bug) – Intel CPU bugs in 2015: http://danluu.com/cpu-bugs/ • “Certain Combinations of AVX Instructions May Cause Unpredictable System Behavior” • “Processor May Experience a Spurious LLC-Related Machine Check During Periods of High Activity” • … • Transient hardware faults (soft errors) – Single event upset (SEU) in SRAM, logic • Due to alpha particle, cosmic radiation – Manifested as software failures • Crashes, wrong output: silent data corruption – Bigger problem in advanced CPU • Increased density, freq  higher soft error 7 http://www.cotsjournalonline.com/articles/view/102279
  • 8. Safety Challenges: Hardware • SRAM SER vs. technology scaling – Per-bit SER decreases – Per-chip SER increases (due to higher density)  Complex hardware is buggy and less reliable 8 Ibe et al., “Scaling Effects on Neutron-Induced Soft Error in SRAMs Down to 22nm Process” (Hitachi)
  • 9. How to Improve Safety of a System? • Correct by design – Formal method based software development • Difficult for a complex system – Radiation hardened processors • Expensive and low performance • Deal with failures – Run-time monitoring and redundancy 9
  • 10. Outline • Motivation • UAV Simplex Architecture • Prototype and Case Study 10
  • 11. Simplex Architecture (*) • Protect an untrusted complex controller with a trusted backup controller • General architectural principal 11 (*) L. Sha, Using Simplicity to Control Complexity, IEEE Software, 2001 Safety Controller Performance Controller UAV Plant Decision Logic Plant
  • 12. UAV Simplex Architecture • Idea: use two hardware/software platforms with distinct performance and reliability characteristics to realize Simplex 12 High Performance (HP) Platform High Assurance (HA) Platform Safety controller Performance controller UAV Plant Decision Logic GPS,IMU Radar, Camera HA Platform (Arduino) HP Platform: (Tegra TK1) Rich OS (Linux), Middleware (ROS)
  • 13. Two Platforms • High Assurance (HA) Platform – Simple hardware and software for verification and reliability – Hardware: low frequency and density to reduce SEUs – Software: certifiable, simple, low SLOC • High Performance (HP) Platform – Complex hardware and software for performance – Hardware: performance oriented multicore, multi-gigahz, gpu – Software: productivity oriented software framework, millions SLOC 13
  • 14. Outline • Motivation • UAV Simplex Architecture • Prototypes and Case Study 14
  • 15. Prototype Avionics • AFS: our custom built avionics – Arduino based custom DAQ • Basic sensors: IMU, GPS – Nvidia Tegra TK1 • 4 x ARM cores + 192 GPU cores • Advanced sensors: camera, radar • UAVs with the AFS – Applied to four UAVs in Dr. Keshmiri’s lab in KU Aerospace Engineering – Fixed wing (DG 808, G1XD, G1XB) and a Quadcopter 15
  • 16. UAVs with AFS 16 DG 808G1XB Quadcopter G1XB G1XD
  • 17. Performance Controller • Hardware – Nvidia Tegra TK1, 4 x ARM Cortex-A15 @ 2.3GHz, 192 core GPU – 28nm process, > a billion transistors  complex, high potential SEUs • Performance controller – Intelligent adaptive non-linear control using advanced sensor packages (goal) – Use Linux (Ubuntu), Robot Operating System (ROS)  difficult to verify 17 ROS nodesRadar Vision Performance controller
  • 18. Safety Controller • Hardware – Arduino Due, a single ARM Cortex-M3 @ 80MHz – Low density, low operating freq.  less susceptible for SEUs • Safety controller – Matlab Simulink coder + Arduino sketch, no OS small and easier to verify 18 Safety controller (Simulink model)
  • 19. Decision Logic • Fault models – HA (safety controller, decision logic) is trusted – HP is not trusted • Decision logic – Detect crash, connect failure, timing violation, invalid outputs (e.g., NaN) – Recovery: reboot the HP platform – Limitation: Currently don’t know “unsafe” states 19 Detectable faults
  • 21. Case Study: Fault (Crash) Injection • Experiment – Kill the performance controller in the middle flight • Hardware-in-the-loop (HIL) setup 21
  • 22. Case Study: Fault (Crash) Injection 22
  • 23. Case Study: Fault (Crash) Injection • Monitored from the ground station software 23
  • 24. Conclusion and Future Work • Safety challenges of intelligent UAVs – Software: increasing complexity, concurrency and timing non-determinism – Hardware: increasing reliability issues. E.g., transient hardware faults (SEUs) • UAV Simplex architecture – Two platform based realization of Simplex • High assurance (HA) platform: simple, verifiable • High performance (HP) platform: performant, unverifiable 24
  • 25. Conclusion and Future Work • Prototype development and case study – Nvidia Tegra TK1 + Arduino based – Can survive from performance controller crash • Ongoing and Future work – Radar and vision based sense & avoid – Define and detect unsafe state (not just crash) – Detect and recover intrusion (security) – Handling of sensor faults 25
  • 26. Thank You Disclaimer: This work is supported by the National Aeronautics and Space Administration's (NASA's) Leading Edge Aeronautics Research for NASA (LEARN) fund under grant number NNX15AN94A and Paul G. Allen Family Foundation (PGAFF) grant number KUAE#40956. More details can be found in the following publication. Prasanth Vivekanandan, Gonzalo Garcia, Heechul Yun, Shawn Keshmiri. “A Simplex Architecture for Intelligent and Safe Unmanned Aerial Vehicles.” IEEE International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA), IEEE, 2016 26