Advertisement

Formal Methods for Mobile Robots

  • Maria Potop-Butucaru
  • Nathalie Sznajder
  • Sébastien TixeuilEmail author
  • Xavier Urbain
Chapter
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11340)

Abstract

Most existing work in the literature typically ensures the correctness of mobile robot protocols via ad hoc handwritten proofs, which are both cumbersome and error-prone.

This paper surveys state-of-the-art results about applying formal methods approaches (namely, model-checking, program synthesis, and proof assistants) to the context of mobile robot networks. Those methods already proved useful for bug-hunting in published literature, designing correct-by-design optimal protocols, and certifying impossibility results and protocols.

Keywords

Formal methods Mobile robots Distributed algorithms Model checking Program synthesis Proof certification Proof assistant 

References

  1. 1.
    Abadi, M., Lamport, L., Wolper, P.: Realizable and unrealizable specifications of reactive systems. In: Ausiello, G., Dezani-Ciancaglini, M., Della Rocca, S.R. (eds.) ICALP 1989. LNCS, vol. 372, pp. 1–17. Springer, Heidelberg (1989).  https://doi.org/10.1007/BFb0035748CrossRefGoogle Scholar
  2. 2.
  3. 3.
  4. 4.
    Bacelar Almeida, J., Barbosa, M., Bangerter, E., Barthe, G., Krenn, S., Zanella Béguelin, S.: Full proof cryptography: verifiable compilation of efficient zero-knowledge protocols. In: Yu, T., Danezis, G., Gligor, V.D. (eds.) ACM Conference on Computer and Communications Security, pp. 488–500. ACM (2012)Google Scholar
  5. 5.
    Aminof, B., Murano, A., Rubin, S., Zuleger, F.: Automatic verification of multi-agent systems in parameterised grid-environments. In: Jonker, C.M., Marsella, S., Thangarajah, J., Tuyls, K. (eds.) Proceedings of the 2016 International Conference on Autonomous Agents & Multiagent Systems, Singapore, 9–13 May 2016, pp. 1190–1199. ACM (2016)Google Scholar
  6. 6.
    Apt, K.R., Kozen, D.: Limits for automatic verification of finite-state concurrent systems. Inf. Process. Lett. 22(6), 307–309 (1986)MathSciNetCrossRefGoogle Scholar
  7. 7.
    Arons, T., Pnueli, A., Ruah, S., Xu, Y., Zuck, L.: Parameterized verification with automatically computed inductive assertions? In: Berry, G., Comon, H., Finkel, A. (eds.) CAV 2001. LNCS, vol. 2102, pp. 221–234. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-44585-4_19CrossRefzbMATHGoogle Scholar
  8. 8.
    Auger, C., Bouzid, Z., Courtieu, P., Tixeuil, S., Urbain, X.: Certified impossibility results for byzantine-tolerant mobile robots. In: Higashino, T., Katayama, Y., Masuzawa, T., Potop-Butucaru, M., Yamashita, M. (eds.) SSS 2013. LNCS, vol. 8255, pp. 178–190. Springer, Cham (2013).  https://doi.org/10.1007/978-3-319-03089-0_13CrossRefGoogle Scholar
  9. 9.
    Baier, C., Katoen, J.-P.: Principles of Model Checking. MIT Press, Cambridge (2008)zbMATHGoogle Scholar
  10. 10.
    Balabonski, T., Courtieu, P., Pelle, R., Rieg, L., Tixeuil, S., Urbain, X.: Brief announcement: continuous vs. discrete asynchronous moves: a certified approach for mobile robots. In: Izumi, T., Kuznetsov, P. (eds.) SSS 2018. LNCS. Springer, Heidelberg (2018).  https://doi.org/10.1007/978-3-030-03232-6_29CrossRefGoogle Scholar
  11. 11.
    Balabonski, T., Courtieu, P., Pelle, R., Rieg, L., Tixeuil, S., Urbain, X.: Continuous vs. discrete asynchronous moves: a certified approach for mobile robots. Research report, Sorbonne Université, CNRS, Laboratoire d’Informatique de Paris 6, LIP6, F-75005 Paris, France (2018)Google Scholar
  12. 12.
    Balabonski, T., Courtieu, P., Rieg, L., Tixeuil, S., Urbain, X.: Certified gathering of oblivious mobile robots: survey of recent results and open problems. In: Petrucci, L., Seceleanu, C., Cavalcanti, A. (eds.) FMICS/AVoCS -2017. LNCS, vol. 10471, pp. 165–181. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-67113-0_11CrossRefGoogle Scholar
  13. 13.
    Balabonski, T., Delga, A., Rieg, L., Tixeuil, S., Urbain, X.: Synchronous gathering without multiplicity detection: a certified algorithm. ACM Trans. Comput. Syst. (2018).  https://doi.org/10.1007/s00224-017-9828-z
  14. 14.
    Balabonski, T., Pelle, R., Rieg, L., Tixeuil, S.: A foundational framework for certified impossibility results with mobile robots on graphs. In: Proceedings of International Conference on Distributed Computing and Networking, Varanasi, India, January 2018Google Scholar
  15. 15.
    Bérard, B., Lafourcade, P., Millet, L., Potop-Butucaru, M., Thierry-Mieg, Y., Tixeuil, S.: Formal verification of mobile robot protocols. Distrib. Comput. 29(6), 459–487 (2016)MathSciNetCrossRefGoogle Scholar
  16. 16.
    Bezem, M., Bol, R., Groote, J.F.: Formalizing process algebraic verifications in the calculus of constructions. Form. Asp. Comput. 9, 1–48 (1997)CrossRefGoogle Scholar
  17. 17.
    Bjørner, N., et al.: STeP: deductive-algorithmic verification of reactive and real-time systems. In: Alur, R., Henzinger, T.A. (eds.) CAV 1996. LNCS, vol. 1102, pp. 415–418. Springer, Heidelberg (1996).  https://doi.org/10.1007/3-540-61474-5_92CrossRefGoogle Scholar
  18. 18.
    Bonnet, F., Défago, X., Petit, F., Potop-Butucaru, M., Tixeuil, S.: Brief announcement: discovering and assessing fine-grained metrics in robot networks protocols. In: Richa and Scheideler [71], pp. 282–284 (2012)Google Scholar
  19. 19.
    Bonnet, F., Défago, X., Petit, F., Potop-Butucaru, M., Tixeuil, S.: Discovering and assessing fine-grained metrics in robot networks protocols. In: 33rd IEEE International Symposium on Reliable Distributed Systems Workshops, SRDS Workshops 2014, Nara, Japan, 6–9 October 2014, pp. 50–59. IEEE Computer Society (2014)Google Scholar
  20. 20.
    Bouzid, Z., Potop-Butucaru, M.G., Tixeuil, S.: Optimal byzantine-resilient convergence in uni-dimensional robot networks. Theor. Comput. Sci. 411(34–36), 3154–3168 (2010)MathSciNetCrossRefGoogle Scholar
  21. 21.
    Boyer, R.S., Moore, J.S.: A Computational Logic Handbook. Academic Press, Cambridge (1988)zbMATHGoogle Scholar
  22. 22.
    Büchi, J.R., Landweber, L.H.: Solving sequential conditions by finite-state strategies. Trans. Amer. Math. Soc. 138, 295–311 (1969)MathSciNetCrossRefGoogle Scholar
  23. 23.
    Cansell, D., Méry, D.: The event-B modelling method: concepts and case studies. In: Bjørner, D., Henson, M.C. (eds.) Logics of Specification Languages, pp. 47–152. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-74107-7_3CrossRefzbMATHGoogle Scholar
  24. 24.
    Cansell, D., Méry, D., Merz, S.: Diagram refinements for the design of reactive systems. J. Univ. Comp. Sci. 7(2), 159–174 (2001)zbMATHGoogle Scholar
  25. 25.
    Castéran, P., Filou, V., Mosbah, M.: Certifying distributed algorithms by embedding local computation systems in the Coq proof assistant. In: Bouhoula, A., Ida, T. (eds.) Symbolic Computation in Software Science (SCSS 2009) (2009)Google Scholar
  26. 26.
    Charron-Bost, B., Debrat, H., Merz, S.: Formal verification of consensus algorithms tolerating malicious faults. In: Défago, X., Petit, F., Villain, V. (eds.) SSS 2011. LNCS, vol. 6976, pp. 120–134. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-24550-3_11CrossRefGoogle Scholar
  27. 27.
    Chatzigiannakis, I., Michail, O., Spirakis, P.G.: Algorithmic verification of population protocols. In: Dolev, S., Cobb, J., Fischer, M., Yung, M. (eds.) SSS 2010. LNCS, vol. 6366, pp. 221–235. Springer, Heidelberg (2010).  https://doi.org/10.1007/978-3-642-16023-3_19CrossRefGoogle Scholar
  28. 28.
    Chou, C.-T.: Mechanical verification of distributed algorithms in higher-order logic. Comput. J. 38, 158–176 (1995)CrossRefGoogle Scholar
  29. 29.
    Church, A.: Logic, arithmetics, and automata. In: Proceedings of International Congress of Mathematicians, pp. 23–35 (1963)Google Scholar
  30. 30.
    Clarke, E.M., Emerson, E.A.: Design and synthesis of synchronization skeletons using branching time temporal logic. In: Proceedings of IBM Workshop on Logics of Programs (1981)Google Scholar
  31. 31.
    Clarke, E.M., Grumberg, O., Jha, S.: Verifying parameterized networks using abstraction and regular languages. In: Lee, I., Smolka, S.A. (eds.) CONCUR 1995. LNCS, vol. 962, pp. 395–407. Springer, Heidelberg (1995).  https://doi.org/10.1007/3-540-60218-6_30CrossRefGoogle Scholar
  32. 32.
    Clarke, E.M., Grumberg, O., Peled, D.A.: Model Checking. MIT Press, Cambridge (1999)Google Scholar
  33. 33.
    Clément, J., Delporte-Gallet, C., Fauconnier, H., Sighireanu, M.: Guidelines for the verification of population protocols. In: Distributed Computing Systems, pp. 215–224. IEEE (2011)Google Scholar
  34. 34.
    Cohen, R., Peleg, D.: Convergence properties of the gravitational algorithm in asynchronous robot systems. SIAM J. Comput. 34(6), 1516–1528 (2005)MathSciNetCrossRefGoogle Scholar
  35. 35.
  36. 36.
    Coquand, T., Paulin, C.: Inductively defined types. In: Martin-Löf, P., Mints, G. (eds.) COLOG 1988. LNCS, vol. 417, pp. 50–66. Springer, Heidelberg (1990).  https://doi.org/10.1007/3-540-52335-9_47CrossRefGoogle Scholar
  37. 37.
    Courtieu, P., Rieg, L., Tixeuil, S., Urbain, X.: A Certified Universal Gathering Algorithm for Oblivious Mobile Robots. CoRR, abs/1506.01603 (2015)Google Scholar
  38. 38.
    Courtieu, P., Rieg, L., Tixeuil, S., Urbain, X.: Impossibility of gathering, a certification. Inf. Process. Lett. 115, 447–452 (2015)MathSciNetCrossRefGoogle Scholar
  39. 39.
    Courtieu, P., Rieg, L., Tixeuil, S., Urbain, X.: Certified universal gathering in \(\mathbb{R} ^2\) for oblivious mobile robots. In: Gavoille, C., Ilcinkas, D. (eds.) DISC 2016. LNCS, vol. 9888, pp. 187–200. Springer, Heidelberg (2016).  https://doi.org/10.1007/978-3-662-53426-7_14CrossRefGoogle Scholar
  40. 40.
    Cousineau, D., Doligez, D., Lamport, L., Merz, S., Ricketts, D., Vanzetto, H.: TLA\(^{+}\) proofs. In: Giannakopoulou, D., Méry, D. (eds.) FM 2012. LNCS, vol. 7436, pp. 147–154. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32759-9_14CrossRefGoogle Scholar
  41. 41.
    de Alfaro, L., Manna, Z., Sipma, H.B., Uribe, T.E.: Visual verification of reactive systems. In: Brinksma, E. (ed.) TACAS 1997. LNCS, vol. 1217, pp. 334–350. Springer, Heidelberg (1997).  https://doi.org/10.1007/BFb0035398CrossRefGoogle Scholar
  42. 42.
    Deng, Y., Monin, J.-F.: Verifying self-stabilizing population protocols with Coq. In: Chin, W.-N., Qin, S. (eds.) Third IEEE International Symposium on Theoretical Aspects of Software Engineering (TASE 2009), Tianjin, China, pp. 201–208. IEEE Computer Society, July 2009Google Scholar
  43. 43.
    Devismes, S., Lamani, A., Petit, F., Raymond, P., Tixeuil, S.: Optimal grid exploration by asynchronous oblivious robots. In: Richa and Scheideler [71], pp. 64–76 (2012)Google Scholar
  44. 44.
    Doan, H.T.T., Bonnet, F., Ogata, K.: Model checking of a mobile robots perpetual exploration algorithm. In: Liu, S., Duan, Z., Tian, C., Nagoya, F. (eds.) SOFL+MSVL 2016. LNCS, vol. 10189, pp. 201–219. Springer, Cham (2017).  https://doi.org/10.1007/978-3-319-57708-1_12CrossRefGoogle Scholar
  45. 45.
    Doan, H.T.T., Bonnet, F., Ogata, K.: Model checking of robot gathering. In: Aspnes, J., Bessani, A., Felber, P., Leitão, J. (eds.) 21st International Conference on Principles of Distributed Systems, OPODIS 2017, Lisbon, Portugal, 18–20 December 2017, volume 95 of LIPIcs, pp. 12:1–12:16. Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik (2017)Google Scholar
  46. 46.
    Esparza, J., Finkel, A., Mayr, R.: On the verification of broadcast protocols. In: 14th Annual Symposium on Logic in Computer Science, pp. 352–359. IEEE (1999)Google Scholar
  47. 47.
    Flocchini, P., Prencipe, G., Santoro, N.: Distributed Computing by Oblivious Mobile Robots. Morgan & Claypool Publishers, San Rafael (2012)CrossRefGoogle Scholar
  48. 48.
    Fokkink, W.: Modelling Distributed Systems. EATCS Texts in Theoretical Computer Science. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-73938-8CrossRefGoogle Scholar
  49. 49.
    Gascard, E., Pierre, L.: Formal proof of applications distributed in symmetric interconnexion networks. Parallel Process. Lett. 13(1), 3–18 (2003)MathSciNetCrossRefGoogle Scholar
  50. 50.
    Gonthier, G.: Formal proof—the four-color theorem. In: Notices of the AMS, vol. 55, p. 1370, December 2008Google Scholar
  51. 51.
    Gonthier, G.: Engineering mathematics: the odd order theorem proof. In: Giacobazzi, R., Cousot, R. (eds.) POPL, pp. 1–2. ACM (2013)Google Scholar
  52. 52.
    Grädel, E., Thomas, W., Wilke, T. (eds.): Automata Logics, and Infinite Games. LNCS, vol. 2500. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-36387-4CrossRefzbMATHGoogle Scholar
  53. 53.
    Guerraoui, R., Henzinger, T.A., Singh, V.: Model checking transactional memories. Distrib. Comput., 129–145 (2010)CrossRefGoogle Scholar
  54. 54.
    Halbwachs, N., Caspi, P., Raymond, P., Pilaud, D.: The synchronous dataflow programming language lustre. Proc. IEEE 79(9), 1305–1320 (1991)CrossRefGoogle Scholar
  55. 55.
    Klein, G., et al.: seL4: formal verification of an operating system kernel. Commun. ACM 53(6), 107–115 (2010)CrossRefGoogle Scholar
  56. 56.
    Küfner, P., Nestmann, U., Rickmann, C.: Formal verification of distributed algorithms. In: Baeten, J.C.M., Ball, T., de Boer, F.S. (eds.) TCS 2012. LNCS, vol. 7604, pp. 209–224. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-33475-7_15CrossRefGoogle Scholar
  57. 57.
    Kulkarni, S.S., Bonakdarpour, B., Ebnenasir, A.: Mechanical verification of automatic synthesis of fault-tolerant programs. In: Etalle, S. (ed.) LOPSTR 2004. LNCS, vol. 3573, pp. 36–52. Springer, Heidelberg (2005).  https://doi.org/10.1007/11506676_3CrossRefzbMATHGoogle Scholar
  58. 58.
    Lamport, L.: Byzantizing paxos by refinement. In: Peleg, D. (ed.) DISC 2011. LNCS, vol. 6950, pp. 211–224. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-24100-0_22CrossRefGoogle Scholar
  59. 59.
    Lamport, L., Merz, S.: Specifying and verifying fault-tolerant systems. In: Langmaack, H., de Roever, W.-P., Vytopil, J. (eds.) FTRTFT 1994. LNCS, vol. 863, pp. 41–76. Springer, Heidelberg (1994).  https://doi.org/10.1007/3-540-58468-4_159CrossRefGoogle Scholar
  60. 60.
    Lamport, L., Shostak, R., Pease, M.: The Byzantine generals problem. ACM Trans. Program. Lang. Syst. 4(3), 382–401 (1982)CrossRefGoogle Scholar
  61. 61.
    Leroy, X.: A formally verified compiler back-end. J. Autom. Reason. 43(4), 363–446 (2009)MathSciNetCrossRefGoogle Scholar
  62. 62.
  63. 63.
    Lu, T., Merz, S., Weidenbach, C.: Towards verification of the pastry protocol using TLA\(^{+}\). In: Bruni, R., Dingel, J. (eds.) FMOODS/FORTE -2011. LNCS, vol. 6722, pp. 244–258. Springer, Heidelberg (2011).  https://doi.org/10.1007/978-3-642-21461-5_16CrossRefGoogle Scholar
  64. 64.
    Manna, Z., Pnueli, A.: Temporal verification diagrams. In: Hagiya, M., Mitchell, J.C. (eds.) TACS 1994. LNCS, vol. 789, pp. 726–765. Springer, Heidelberg (1994).  https://doi.org/10.1007/3-540-57887-0_123CrossRefGoogle Scholar
  65. 65.
    Manna, Z., Wolper, P.: Synthesis of communicating processes from temporal logic specifications. ACM Trans. Program. Lang. Syst. 6(1), 68–93 (1984)CrossRefGoogle Scholar
  66. 66.
    Millet, L., Potop-Butucaru, M., Sznajder, N., Tixeuil, S.: On the synthesis of mobile robots algorithms: the case of ring gathering. In: Felber, P., Garg, V. (eds.) SSS 2014. LNCS, vol. 8756, pp. 237–251. Springer, Cham (2014).  https://doi.org/10.1007/978-3-319-11764-5_17CrossRefGoogle Scholar
  67. 67.
  68. 68.
    Nipkow, T., Wenzel, M., Paulson, L.C. (eds.): Isabelle/HOL. LNCS, vol. 2283. Springer, Heidelberg (2002).  https://doi.org/10.1007/3-540-45949-9CrossRefzbMATHGoogle Scholar
  69. 69.
    Pnueli, A., Rosner, R.: On the synthesis of a reactive module. In: Proceedings of POPL 1989, pp. 179–190. ACM (1989)Google Scholar
  70. 70.
  71. 71.
    Richa, A.W., Scheideler, C. (eds.): SSS 2012. LNCS, vol. 7596. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-33536-5CrossRefzbMATHGoogle Scholar
  72. 72.
    Sangnier, A., Sznajder, N., Potop-Butucaru, M., Tixeuil, S.: Parameterized verification of algorithms for oblivious robots on a ring. In: Stewart, D., Weissenbacher, G. (eds.) 2017 Formal Methods in Computer Aided Design, FMCAD 2017, Vienna, Austria, 2–6 October 2017, pp. 212–219. IEEE (2017)Google Scholar
  73. 73.
    Suzuki, I., Yamashita, M.: Distributed anonymous mobile robots: formation of geometric patterns. SIAM J. Comput. 28(4), 1347–1363 (1999)MathSciNetCrossRefGoogle Scholar
  74. 74.
    Flyspeck Development Team. The Flyspeck Project. https://code.google.com/p/flyspeck/
  75. 75.
    Théry, L., Hanrot, G.: Primality proving with elliptic curves. In: Schneider, K., Brandt, J. (eds.) TPHOLs 2007. LNCS, vol. 4732, pp. 319–333. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-74591-4_24CrossRefzbMATHGoogle Scholar
  76. 76.
    Tsuchiya, T., Schiper, A.: Verification of consensus algorithms using satisfiability solving. Distrib. Comput. 23, 341–358 (2011)CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  • Maria Potop-Butucaru
    • 1
  • Nathalie Sznajder
    • 1
  • Sébastien Tixeuil
    • 1
    Email author
  • Xavier Urbain
    • 2
  1. 1.Sorbonne Université, CNRS, Laboratoire d’Informatique de Paris 6, LIP6ParisFrance
  2. 2.Université Claude Bernard Lyon-1, LIRIS CNRS UMR 5205, Université de LyonLyonFrance

Personalised recommendations