Computer Science and Engineering, Department of

 

First Advisor

Justin Bradley

Second Advisor

Sebastian Elbaum

Date of this Version

Fall 11-30-2018

Document Type

Article

Citation

Balaji Balasubramaniam (2018). Controller Evolution and Divergence: A Software Perspective (master's thesis). University of Nebraska-Lincoln, USA.

Comments

A THESIS Presented to the Faculty of The Graduate College at the University of Nebraska In Partial Fulfilment of Requirements For the Degree of Master of Science, Major: Computer Science, Under the Supervision of Professor Justin Bradley and Professor Sebastian Elbaum. Lincoln, Nebraska: November, 2018

Copyright (c) 2018 Balaji Balasubramaniam

Abstract

Successful controllers evolve as they are refined, extended, and adapted to new systems and contexts. This evolution occurs in the controller design and also in its software implementation. Model-based design and controller synthesis can help to synchronize this evolution of design and software, but such synchronization is rarely complete as software tends to also evolve in response to elements rarely present in a control model, leading to mismatches between the control design and the software.

In this thesis, we perform a first-of-its-kind study on the evolution of two popular open-source safety-critical autopilot control software -- ArduPilot, and Paparazzi, to better understand how controllers evolve and the space of potential mismatches between control design and their software implementation. We then use that understanding to prototype a technique, called mutation tool, that can generate mutated versions of code to mimic evolution to assess its impact on a controller's behavior.

We report on three major findings. First, control software evolves quickly and controllers are rewritten in their entirety, many times over through the controller's lifetime, which implies that the design, synthesis, and implementation of controllers must support not just the initial baseline system but also their incremental evolution. Second, many software changes stem from an inherent mismatch between the continuous time/space physical model and its corresponding discrete software implementation, but also from the mishandling of exceptional conditions, and limitations and distinct data representation of the underlying computing architecture. Third, using our mutation tool that we developed, we show that small code changes can have a dramatic effect in a controller's behavior, which implies that further support is needed to bridge these mismatches as carefully verified model properties may not necessarily translate to its software implementation.

Advisers: Justin Bradley and Sebastian Elbaum

Share

COinS