Publications

Validating connected and automated vehicles (CAVs), specifically Automated Driving Systems (ADS), remains a challenge, particularly in ensuring safety and reliability across diverse operational scenarios. Before an ADS can be considered safe for deployment, it must be evaluated across a wide range of carefully designed test cases that capture both expected and edge case conditions. As recognized in the UNECE's New Assessment/Test Method for Automated Driving (NATM), testing all such scenarios on a real system is often impractical, making virtual testing an essential complement to physical tests. To enable this, we present WayWiseR, an open-source rapid prototyping platform built on ROS2 that supports researchers in developing and evaluating validation methodologies for CAVs. By integrating modular components, simulation environments such as CARLA, and scaled vehicle hardware, WayWiseR enables reproducible experimentation and flexible orchestration of test scenarios across both virtual and physical platforms. We demonstrate the platform through two representative use cases: autonomous reverse docking in a logistics hub, and human detection and emergency braking in forestry environments. The results demonstrate WayWiseR's ability to bridge simulation-based validation with real-world operational testing, thereby supporting the safer deployment of sufficiently validated CAVs.

This paper details the development and onboard evaluation of an Unmanned Aerial System (UAS) specifically designed for maritime firefighting and rescue operations on roll-on/roll-off (ro-ro) ships. Emphasizing the use of open hardware and software, the study focuses on the operational practicality and legal fesibility of a UAS prototype. The assessment of the UASs performance is multifaceted, incorporating expert surveys and a SWOT analysis. Key findings demonstrate the significant potential of UASs in augmenting maritime safety and emergency response capabilities. The paper provides insights into broader opportunities for integrating UAS technology in maritime operations, highlighting its role in enhancing the efficiency and effectiveness of critical maritime functions.

This paper presents CarFASE, an open-source carla-based fault and attack simulation engine that is used to test and evaluate the behavior of autonomous driving stacks in the presence of faults and attacks. Carla is a highly customizable and adaptable simulator for autonomous driving research. In this paper, we demonstrate the application of CarFASE by running fault injection experiments on OpenPilot, an open-source advanced driver assistance system designed to provide a suite of features such as lane keeping, adaptive cruise control, and forward collision warning to enhance the driving experience. A braking scenario is used to study the behavior of OpenPilot in the presence of brightness and salt&pepper faults. The results demonstrate the usefulness of the tool in evaluating the safety attributes of autonomous driving systems in a safe and controlled environment.

Reasoning about safety, security, and other dependability attributes of autonomous systems is a challenge that needs to be addressed before the adoption of such systems in day-to-day life. Formal methods is a class of methods that mathematically reason about a system's behavior. Thus, a correctness proof is sufficient to conclude the system's dependability. However, these methods are usually applied to abstract models of the system, which might not fully represent the actual system. Fault injection, on the other hand, is a testing method to evaluate the dependability of systems. However, the amount of testing required to evaluate the system is rather large and often a problem. This vision paper introduces formal fault injection, a fusion of these two techniques throughout the development lifecycle to enhance the dependability of autonomous systems. We advocate for a more cohesive approach by identifying five areas of mutual support between formal methods and fault injection. By forging stronger ties between the two fields, we pave the way for developing safe and dependable autonomous systems. This paper delves into the integration's potential and outlines future research avenues, addressing open challenges along the way.

The correctness of autonomous driving software is of utmost importance, as incorrect behavior may have catastrophic consequences. Formal model-based engineering techniques can help guarantee correctness and thereby allow the safe deployment of autonomous vehicles. However, challenges exist for widespread industrial adoption of formal methods. One of these challenges is the model construction problem. Manual construction of formal models is time-consuming, error-prone, and intractable for large systems. Automating model construction would be a big step towards widespread industrial adoption of formal methods for system development, re-engineering, and reverse engineering. This article applies active learning techniques to obtain formal models of an existing (under development) autonomous driving software module implemented in MATLAB. This demonstrates the feasibility of automated learning for automotive industrial use. Additionally, practical challenges in applying automata learning, and possible directions for integrating automata learning into the automotive software development workflow, are discussed.

Supervisory control theory provides an approach to synthesize supervisors for cyber-physical systems using a model of the uncontrolled plant and its specifications. These supervisors can help guarantee the correctness of the closed-loop controlled system. However, access to plant models is a bottleneck for many industries, as manually developing these models is an error-prone and time-consuming process. An approach to obtaining a supervisor in the absence of plant models would help industrial adoption of supervisory control techniques. This paper presents, an algorithm to learn a controllable supervisor in the absence of plant models. It does so by actively interacting with a simulation of the plant by means of queries. If the obtained supervisor is blocking, existing synthesis techniques are employed to prune the blocking supervisor and obtain the controllable and non-blocking supervisor. Additionally, this paper presents an approach to interface the with a PLC to learn supervisors in a virtual commissioning setting. This approach is demonstrated by learning a supervisor of the well-known example simulated in Xcelgo Experior and controlled using a PLC. interacts with the PLC and learns a controllable supervisor for the simulated system. Note to Practitioners—Ensuring the correctness of automated systems is crucial. Supervisory control theory proposes techniques to help build control solutions that have certain correctness guarantees. These techniques rely on a model of the system. However, such models are typically unavailable and hard to create. Active learning is a promising technique to learn models by interacting with the system to be learned. This paper aims to integrate active learning and supervisory control such that the manual step of creating models is no longer needed, thus, allowing the use of supervisory control techniques in the absence of models. The proposed approach is implemented in a tool and demonstrated using a case study.

Compositional Optimization (CompOpt) was recently proposed for optimization of discrete-event systems of systems. A modular optimization model allows CompOpt to divide the optimization into separate sub-problems, mitigating the state space explosion problem. This paper presents the Modular Optimization Learner (MOL), a method that interacts with a simulation of a system to automatically learn these modular optimization models. MOL uses a modular learning that takes as input a hypothesis structure of the system and uses the provided structural information to split the acquired learning into a set of modules, and to prune parts of the search space. Experiments show that modular learning reduces the state space by many orders of magnitude compared to a monolithic learning, which enables learning of much larger systems. Furthermore, an integrated greedy search heuristic allows MOL to remove many sub …

Our society's reliance on computer-controlled systems is rapidly growing. Such systems are found in various devices, ranging from simple light switches to safety-critical systems like autonomous vehicles. In the context of safety-critical systems, safety and correctness are of utmost importance. Faults and errors could have catastrophic consequences. Thus, there is a need for rigorous methodologies that help provide guarantees of safety and correctness. Supervisor synthesis, the concept of being able to mathematically _synthesize_ a supervisor that ensures that the closed-loop system behaves in accordance with known requirements, can indeed help. This thesis introduces supervisor learning, an approach to help automate the learning of supervisors in the absence of plant models. Traditionally, supervisor synthesis makes use of plant models and specification models to obtain a supervisor. Industrial adoption of this method is limited due to, among other things, the difficulty in obtaining usable plant models. Manually creating these plant models is an error-prone and time-consuming process. Thus, supervisor learning intends to improve the industrial adoption of supervisory control by automating the process of generating supervisors in the absence of plant models. The idea here is to learn a supervisor for the system under learning (SUL) by active interaction and experimentation. To this end, we present two algorithms, SupL^* , and MSL, that directly learn supervisors when provided with a simulator of the SUL and its corresponding specifications. SupL^* is a language-based learner that learns one supervisor for the entire system. MSL, on the other hand, learns a modular supervisor, that is, several smaller supervisors, one for each specification. Additionally, a third algorithm, MPL, is introduced for learning a modular plant model. The approach is realized in the tool MIDES and has been used to learn supervisors in a virtual manufacturing setting for the Machine Buffer Machine example, as well as learning a model of the Lateral State Manager, a sub-component of a self-driving car. These case studies show the feasibility and applicability of the proposed approach, in addition to helping identify future directions for research.

This paper proposes an approach to synthesize a modular discrete-event supervisor to control a plant, the behavior model of which is unknown, so as to satisfy given specifications.To this end, the Modular Supervisor Learner (MSL) is presented that based on the known specifications and the structure of the system defines the configuration of the supervisors to learn. Then, by actively querying the simulation and interacting with the specification it explores the state-space of the system to learn a set of maximally permissive controllable supervisors.

Model-based techniques are these days being embraced by the industry in their development frameworks. While model-based approaches allow for offline verification and validation of the system, and have other advantages over existing methods, they do have their own challenges. One of the challenges is to obtain a model describing the behavior of the system. In this paper we present the Modular Plant Learner (MPL), an algorithm that explores the state-space and constructs a discrete model of a system. The MPL takes as input a hypothesis structure of the system -- called the PSH -- and using this information, interacts with a simulation of the system to construct a modular discrete-event model. Using an example we show how the algorithm uses the structural information provided -- the PSH -- to search the state-space in a smart manner, mitigating the state-space explosion problem.

The correctness of autonomous driving software is of utmost importance as incorrect behaviour may have catastrophic consequences. Though formal model-based engineering techniques can help guarantee correctness, challenges exist in widespread industrial adoption. One among them is the model construction problem. Manual construction of formal models is expensive, error-prone, and intractable for large systems. Automating model construction would be a great enabler for the use of formal methods to guarantee software correctness and thereby for safe deployment of autonomous vehicles. Such automated techniques can be beneficial in software design, re-engineering, and reverse engineering. In this industrial case study, we apply active learning techniques to obtain formal models from an existing autonomous driving software (in development) implemented in MATLAB. We demonstrate the feasibility of active automata learning algorithms for automotive industrial use. Furthermore, we discuss the practical challenges in applying automata learning and possible directions for integrating automata learning into automotive software development workflow.

This paper proposes an approach to synthesize a discrete-event supervisor to control a plant, the behavior model of which is unknown, so as to satisfy a given specification. To this end, the L* algorithm is modified so that it can actively query a plant simulation and the specification to hypothesize a supervisor. The resulting hypothesis is the maximally permissive controllable supervisor from which the maximally permissive controllable and non-blocking supervisor can be extracted. The practicality of this method is demonstrated by an example.

The technological advancements of recent years have increased the complexity of manufacturing systems, and the ongoing transformation to Industry 4.0 will further aggravate the situation. This is leading to a point where existing systems on the factory floor get outdated, increasing the gap between existing technologies and state-of-the-art systems, making them incompatible. This paper presents an event-based data pipeline architecture, that can be applied to legacy systems as well as new state-of-the-art systems, to collect data from the factory floor. In the presented architecture, actions executed by the resources are converted to event streams, which are then transformed into an abstraction called operations. These operations correspond to the tasks performed in the manufacturing station. A sequence of these operations recount the task performed by the station. We demonstrate the usability of the collected data by using conformance analysis to detect when the manufacturing system has deviated from its defined model. The described architecture is developed in Sequence Planner – a tool for modelling and analysing production systems – and is currently implemented at an automotive company as a pilot project.

The manufacturing industry is undergoing a digital revolution, often referred to as Industry 4.0. The aim of this revolution is to transform the factories into, so called, smart factories. These smart factories will be modular, decentralized, and interconnected, to achieve higher level automation and flexibility. Additionally, a smart factory will have a digital twin, a virtual replica that allows testing, monitoring, and visualization of the factory behavior. As these factories are aimed to be completely automated, ensuring correctness and safety of the control logic in each sub-system of the factory is of utmost importance. The need for having digitalized tools that support operators and engineers was identified in a survey that was conducted to understand the problems faced during maintenance of manufacturing systems. To this end, this thesis provides an architecture that can be applied on old legacy systems as well as new state-of-the-art systems to collect data from the factory floor. The data obtained can be visualized in the form of Gantt charts to help operators keep track of the execution of the station. Furthermore, a model that captures the behavior of the system can be created by applying Process Mining algorithms to the collected data. Model-based techniques have shown to be beneficial in developing control logic for highly automated and flexible manufacturing systems, as these techniques offer tools to test and formally verify the control logic to guarantee its correctness. These formal tools operate on such a model of the behavior of the system. However, manually constructing a model on which these tools can be applied is a tedious and error prone task, seldom deemed to be worth the effort. Thus, supporting engineers to build models will improve the adoption of formal tools within the manufacturing industry. In order to obtain a formal model during the early development phase of the manufacturing system, this thesis studies the possibility ...

Evaluation of manufacturing systems requires large amounts of accurate data from the factory floor. This data is then processed to calculate Key Performance Indicators (KPIs), evaluation metrics used within the manufacturing industry by engineers and managers in order to make data-driven decisions. Mechanisms to capture large scales of usable data, which is both reliable and scalable is, more often than not, scarce. In this paper, we provide an approach to capture data from robot actions, which can be applied to both legacy and current state-of-the-art manufacturing systems. By exploiting the robot code structure, robot actions are converted to event streams that are transformed into a higher usable abstraction of data. Applicability of this data is demonstrated, primarily, by visualizations. The described approach is developed in Sequence Planner - a tool for modeling and analyzing production systems - and is currently implemented at an automotive company as a pilot project to visualize and examine what goes on on the factory floor.

Model-based techniques are, these days, being embraced by the manufacturing industry in their development frameworks. While model-based approaches allow for offline verification and validation before physical commissioning, and have other advantages over existing methods, they do have their own challenges. Firstly, models are typically created manually and hence are prone to errors. Secondly, once a model is created, tested, and put into use on the factory floor, there is an added effort required to maintain and update it. This paper is a preliminary study of the feasibility of automatically obtaining formal models from virtual simulations. We apply the foundational algorithm from the active automata learning community to study the requirements and enhancements needed to be able to derive discrete event models from virtual simulations. An abstract model in the form of operations is learned by applying this algorithm on a simulation model composed of discrete operations. While a major bottleneck to be solved is the generation of counterexamples, the results seem promising to apply model learning in practice.

The need for tools to help guide decision making is growing within the manufacturing industry. The analysis performed by these tools will help operators and engineers to understand the behaviour of the manufacturing stations better and thereby take data-driven decisions to improve them. The tools use techniques borrowed from fields such as Data Analytics, BigData, Predictive Modelling, and Machine Learning. However, to be able to use these tools efficiently, data from the factory floor is required as input. This data needs to be extracted from two sources, the PLCs, and the robots. In practice, methods to extract usable data from robots are rather scarce. The present work describes an approach to capture data from robots, which can be applied to both legacy and current state-of-the-art manufacturing systems. The described approach is developed using Sequence Planner – a tool for modelling and analysing production systems – and is currently implemented at an automotive company as a pilot project to visualize and examine the ongoing process. By exploiting the robot code structure, robot actions are converted to event streams that are abstracted into operations. We then demonstrate the applicability of the resulting operations, by visualizing the ongoing process in real-time as Gantt charts, that support the operators performing maintenance. And, the data is also analyzed off-line using process mining techniques to create a general model that describes the underlying behaviour existing in the manufacturing station. Such models are used to derive insights about relationships between different operations, and also between resources.

Fault tolerant systems, commonly found in literature, are implemented in various computer applications. Some of these methods have been studied and developed to aid manufacturing systems; however, they have rarely been integrated into the manufacturing process. Broadly, the problem seems to be integration of error handling procedures towards the end of physically building the manufacturing line, lack of a defined workflow, untested program logic and inadequately equipped personnel to name a few. To this end, a survey was conducted within the Swedish automotive industry to get an understanding of current error handling procedures and its shortcomings, and are presented here. Based on this data, and looking at the trends within the manufacturing industry, this paper also identifies research topics aimed towards defining methods to create next generation fault tolerant manufacturing systems.