The SGSM framework: Enabling the specification and monitor synthesis of safe driving properties through scene graphs

IF 1.5 4区计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING

Science of Computer Programming Pub Date : 2024-12-02 DOI:10.1016/j.scico.2024.103252

Trey Woodlief, Felipe Toledo, Sebastian Elbaum, Matthew B. Dwyer

{"title":"The SGSM framework: Enabling the specification and monitor synthesis of safe driving properties through scene graphs","authors":"Trey Woodlief, Felipe Toledo, Sebastian Elbaum, Matthew B. Dwyer","doi":"10.1016/j.scico.2024.103252","DOIUrl":null,"url":null,"abstract":"<div><div>As autonomous vehicles (AVs) become mainstream, assuring that they operate in accordance with safe driving properties becomes paramount. The ability to specify and monitor driving properties is at the center of such assurance. Yet, the mismatch between the semantic space over which typical driving properties are asserted (e.g., vehicles, pedestrians) and the sensed inputs of AVs (e.g., images, point clouds) poses a significant assurance gap. Related efforts bypass this gap by either assuming that data at the right semantic level is available, or they develop bespoke methods for capturing such data. Our recent Scene Graph Safety Monitoring (SGSM) framework addresses this challenge by extracting scene graphs (SGs) from sensor inputs to capture the entities related to the AV, specifying driving properties using a domain-specific language that enables building propositions over those graphs and composing them through temporal logic, and synthesizing monitors to detect property violations. Through this paper we further explain, formalize, analyze, and extend the SGSM framework, producing SGSM++. This extension is significant in that it incorporates the ability for the framework to encode the semantics of <em>resetting</em> a property violation, enabling the framework to count the quantity and duration of violations.</div><div>We implemented SGSM++ to monitor for violations of 9 properties of 3 AVs from the CARLA Autonomous Driving Leaderboard, confirming the viability of the framework, which found that the AVs violated 71% of properties during at least one test including almost 1400 unique violations over 30 total test executions, with violations lasting up to 9.25 minutes. Artifact available at <span><span>https://github.com/less-lab-uva/ExtendingSGSM</span><svg><path></path></svg></span>.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"242 ","pages":"Article 103252"},"PeriodicalIF":1.5000,"publicationDate":"2024-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Science of Computer Programming","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0167642324001758","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, SOFTWARE ENGINEERING","Score":null,"Total":0}

引用次数: 0

Abstract

As autonomous vehicles (AVs) become mainstream, assuring that they operate in accordance with safe driving properties becomes paramount. The ability to specify and monitor driving properties is at the center of such assurance. Yet, the mismatch between the semantic space over which typical driving properties are asserted (e.g., vehicles, pedestrians) and the sensed inputs of AVs (e.g., images, point clouds) poses a significant assurance gap. Related efforts bypass this gap by either assuming that data at the right semantic level is available, or they develop bespoke methods for capturing such data. Our recent Scene Graph Safety Monitoring (SGSM) framework addresses this challenge by extracting scene graphs (SGs) from sensor inputs to capture the entities related to the AV, specifying driving properties using a domain-specific language that enables building propositions over those graphs and composing them through temporal logic, and synthesizing monitors to detect property violations. Through this paper we further explain, formalize, analyze, and extend the SGSM framework, producing SGSM++. This extension is significant in that it incorporates the ability for the framework to encode the semantics of resetting a property violation, enabling the framework to count the quantity and duration of violations.

We implemented SGSM++ to monitor for violations of 9 properties of 3 AVs from the CARLA Autonomous Driving Leaderboard, confirming the viability of the framework, which found that the AVs violated 71% of properties during at least one test including almost 1400 unique violations over 30 total test executions, with violations lasting up to 9.25 minutes. Artifact available at https://github.com/less-lab-uva/ExtendingSGSM.

查看原文本刊更多论文

SGSM框架：通过场景图实现安全驾驶特性的规范和监控合成

随着自动驾驶汽车（AVs）成为主流，确保它们按照安全驾驶特性运行变得至关重要。指定和监控驱动特性的能力是这种保证的核心。然而，断言典型驾驶属性（例如车辆、行人）的语义空间与自动驾驶汽车的感知输入（例如图像、点云）之间的不匹配造成了重大的保证差距。相关的工作绕过了这一差距，要么假设正确语义级别的数据是可用的，要么开发捕获此类数据的定制方法。我们最近的场景图安全监控（SGSM）框架解决了这一挑战，通过从传感器输入中提取场景图（SGs）来捕获与自动驾驶相关的实体，使用特定于领域的语言指定驾驶属性，该语言可以在这些图上构建命题，并通过时间逻辑组合它们，以及合成监视器来检测属性违规。通过本文，我们进一步解释、形式化、分析和扩展了SGSM框架，生成了sgsm++。这个扩展很重要，因为它包含了框架对重置属性违规的语义进行编码的能力，使框架能够计算违规的数量和持续时间。我们实施了sgsm++来监控3辆自动驾驶汽车在CARLA自动驾驶排行榜上违反9项属性的情况，证实了该框架的可行性。该框架发现，这些自动驾驶汽车在至少一次测试中违反了71%的属性，其中包括30次测试执行中近1400次独特的违规行为，违规时间长达9.25分钟。工件可从https://github.com/less-lab-uva/ExtendingSGSM获得。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Science of Computer Programming 工程技术-计算机：软件工程

CiteScore

3.80

自引率

0.00%

发文量

审稿时长

67 days

期刊介绍： Science of Computer Programming is dedicated to the distribution of research results in the areas of software systems development, use and maintenance, including the software aspects of hardware design. The journal has a wide scope ranging from the many facets of methodological foundations to the details of technical issues andthe aspects of industrial practice. The subjects of interest to SCP cover the entire spectrum of methods for the entire life cycle of software systems, including • Requirements, specification, design, validation, verification, coding, testing, maintenance, metrics and renovation of software; • Design, implementation and evaluation of programming languages; • Programming environments, development tools, visualisation and animation; • Management of the development process; • Human factors in software, software for social interaction, software for social computing; • Cyber physical systems, and software for the interaction between the physical and the machine; • Software aspects of infrastructure services, system administration, and network management.