Risk and Mitigation of Nondeterminism in Distributed Cyber-Physical Systems
Author(s): Bateni, Soroush and Lohstroh, Marten and Wong, Hou Seng and Kim, Hokeun and Lin, Shaokai and Menard, Christian and Lee, Edward A.
Citation
Bateni, Soroush and Lohstroh, Marten and Wong, Hou Seng and Kim, Hokeun and Lin, Shaokai and Menard, Christian and Lee, Edward A.. "Risk and Mitigation of Nondeterminism in Distributed Cyber-Physical Systems". 21st ACM/IEEE International Symposium on Formal Methods and Models for System Design (MEMOCODE), Hamburg, Germany, September 21-22 2023.
Abstract
Asynchronous frameworks for distributed embedded systems, like ROS and MQTT, are increasingly used in safety-critical applications such as autonomous driving, where the cost of unintended behavior is high. The loose coordination between the components in these frameworks gives rise to nondeterminism, where factors such as communication timing can lead to arbitrary ordering in the handling of messages. In this paper, we show that this problem compromises safety and complicates system design in Autoware.Auto 1.0, a popular open-source autonomous driving framework based on ROS 2. We extend the Lingua Franca coordination language to support distributed execution, port Autoware.Auto to Lingua Franca, and show that our solution avoids the identified problems. We assess the performance of our federated runtime implementation and show that it is competitive for this application. We also compare our achievable throughput to ROS 2 and MQTT using microbenchmarks and find that we can match or exceed the throughput of those frameworks while preserving determinism.
Citation Formats
-
HTML
Bateni, Soroush and Lohstroh, Marten and Wong, Hou Seng and Kim, Hokeun and Lin, Shaokai and Menard, Christian and Lee, Edward A.. "<a href="https://www.icyphy.org/publications/2023_BateniEtAl_Federated/">Risk and Mitigation of Nondeterminism in Distributed Cyber-Physical Systems</a>". <i>21st ACM/IEEE International Symposium on Formal Methods and Models for System Design (MEMOCODE), Hamburg, Germany</i>, September 21-22 2023. -
Plain Text
Bateni, Soroush and Lohstroh, Marten and Wong, Hou Seng and Kim, Hokeun and Lin, Shaokai and Menard, Christian and Lee, Edward A.. "Risk and Mitigation of Nondeterminism in Distributed Cyber-Physical Systems". 21st ACM/IEEE International Symposium on Formal Methods and Models for System Design (MEMOCODE), Hamburg, Germany, September 21-22 2023. -
BibTeX
@inproceedings{BateniEtAl:23:Federated, author = {Bateni, Soroush and Lohstroh, Marten and Wong, Hou Seng and Kim, Hokeun and Lin, Shaokai and Menard, Christian and Lee, Edward A.}, title = {Risk and Mitigation of Nondeterminism in Distributed Cyber-Physical Systems},
booktitle = {21st ACM/IEEE International Symposium on Formal Methods and Models for System Design (MEMOCODE), Hamburg, Germany},
month = {September 21-22},
year = {2023},
doi = {10.1145/3610579.3613219},
abstract = {Asynchronous frameworks for distributed embedded systems, like ROS and MQTT, are increasingly used in safety-critical applications such as autonomous driving, where the cost of unintended behavior is high. The loose coordination between the components in these frameworks gives rise to nondeterminism, where factors such as communication timing can lead to arbitrary ordering in the handling of messages. In this paper, we show that this problem compromises safety and complicates system design in Autoware.Auto 1.0, a popular open-source autonomous driving framework based on ROS 2. We extend the Lingua Franca coordination language to support distributed execution, port Autoware.Auto to Lingua Franca, and show that our solution avoids the identified problems. We assess the performance of our federated runtime implementation and show that it is competitive for this application. We also compare our achievable throughput to ROS 2 and MQTT using microbenchmarks and find that we can match or exceed the throughput of those frameworks while preserving determinism.}, URL = {https://www.icyphy.org/publications/2023_BateniEtAl_Federated/} }