Testing of autonomous system software
Software architectures for autonomous systems such as robots are typically structured in layers. Upper layers operate at high levels of abstraction and real-time granularity to carry out, for example, long-term planning of activities to reach user-specified goals. The lowest layer, usually called the functional layer, is typically required to carry out multiple hard real-time control activities in parallel. These activities are launched by asynchronous calls from clients situated at the upper layers, so there is a need for the functional layer to provide built-in protection to ensure that it is robust with respect to requests that are issued at instants that are incompatible with its current state and could therefore cause the system to fail. We have developed a hybrid black-box testing approach to assess the robustness provided by such protection mechanisms [PACIK12]. Test cases are generated by random mutation of a valid sequence of requests. Test verdicts are obtained by a set of property-based robustness oracles applied to a logged trace of requests and responses. The approach has been applied successfully in the context of the Dala experimental planetary explorer robot.
Robustness testing of Dala rover functional layer
[PACIK12] D. Powell, J. Arlat, H. N. Chu, F. Ingrand, and M. Killijian: Testing the Input Timing Robustness of Real-time Control Software for Autonomous Systems, in 9th European Dependable Computing Conference (EDCC 2012), 2012, pp. 73-83.