Publications

We focus on decomposing large multi-agent path planning problems with global temporal logic goals (common to all agents) into smaller sub-problems that can be solved and executed independently. Crucially, the sub-problems' solutions must jointly satisfy the common global mission specification. The agents' missions are given as Capability Temporal Logic (CaTL) formulas, a fragment of Signal Temporal Logic (STL) that can express properties over tasks involving multiple agent capabilities (i.e., different combinations of sensors, effectors, and dynamics) under strict timing constraints. We jointly decompose both the temporal logic specification and the team of agents, using a satisfiability modulo theories (SMT) approach and heuristics for handling temporal operators. The output of the SMT is then distributed to subteams and leads to a significant speed up in planning time compared to planning for the entire team and specification. We include computational results to evaluate the efficiency of our solution, as well as the trade-offs introduced by the conservative nature of the SMT encoding and heuristics.

The processor of a drone runs essential functions of sensing, communications, coordination, and control. This is the conventional view. But in today's cyber environment, the processor must also provide security to assure mission completion. We have been developing a secure processing architecture for mission assurance. A study on state-of-the-art secure processing technologies has revealed that no one-size-fits-all solution can fully meet our requirements. In fact, we have concluded that the provision of a secure processor as a mission assurance foundation must be holistic and should be approached from a systems perspective. We have thus applied a systems analysis approach to create a secure base for the system. This paper describes our journey of adapting and synergizing various secure processing technologies into a baseline asymmetric multicore processing architecture. We will also describe a functional and security co-design environment, created to customize and optimize the architecture in a design space consisting of hardware, software, performance, and assurance.

A receiver autonomous integrity monitoring (RAIM) algorithm is proposed, and used to analyze the integrity monitoring capabilities of potential sole-means (or stand-alone) systems based on integrated use of GPS and GLONASS, GPS supplemented with a geostationary overlay, and enhanced GPS constellations. As in the other RAIM algorithms, the idea is to take advantage of the redundant measurements. Our focus, however, is on the quality of the position estimate, rather than on diagnosing whether the system is working as intended. The proposed approach uses the redundant measurements to generate a position estimate and a measure of its quality. The latter, called integrity level, is defined as an upper bound on the position error. The estimation of the integrity level is the main innovation in the proposed scheme. The RAIM algorithm is tailored to an abundant redundancy of the measurements, and addresses the following issue: Given a snapshot of the pseudo range measurements, one of which may be in error, can we compute a position estimate that can be shown with high confidence to meet the user's accuracy requirement?