TY - GEN
T1 - Understanding bounding functions in safety-critical UAV software
AU - Liang, Xiaozhou
AU - Burns, John Henry
AU - Sanchez, Joseph
AU - Dantu, Karthik
AU - Ziarek, Lukasz
AU - Liu, Yu David
N1 - Publisher Copyright:
© 2021 IEEE.
PY - 2021/11/5
Y1 - 2021/11/5
N2 - Unmanned Aerial Vehicles (UAVs) are an emerging computation platform known for their safety-critical need. In this paper, we conduct an empirical study on a widely used open-source UAV software framework, Paparazzi, with the goal of understanding the safety-critical concerns of UAV software from a bottom-up developer-in-the-field perspective. We set our focus on the use of Bounding Functions (BFs), the runtime checks injected by Paparazzi developers on the range of variables. Through an in-depth analysis on BFs in the Paparazzi autopilot software, we found a large number of them (109 instances) are used to bound safety-critical variables essential to the cyber-physical nature of the UAV, such as its thrust, its speed, and its sensor values. The novel contributions of this study are two fold. First, we take a static approach to classify all BF instances, presenting a novel datatype-based 5-category taxonomy with fine-grained insight on the role of BFs in ensuring the safety of UAV systems. Second, we dynamically evaluate the impact of the BF uses through a differential approach, establishing the UAV behavioral difference with and without BFs. The two-pronged static and dynamic approach together illuminates a rarely studied design space of safety-critical UAV software systems.
AB - Unmanned Aerial Vehicles (UAVs) are an emerging computation platform known for their safety-critical need. In this paper, we conduct an empirical study on a widely used open-source UAV software framework, Paparazzi, with the goal of understanding the safety-critical concerns of UAV software from a bottom-up developer-in-the-field perspective. We set our focus on the use of Bounding Functions (BFs), the runtime checks injected by Paparazzi developers on the range of variables. Through an in-depth analysis on BFs in the Paparazzi autopilot software, we found a large number of them (109 instances) are used to bound safety-critical variables essential to the cyber-physical nature of the UAV, such as its thrust, its speed, and its sensor values. The novel contributions of this study are two fold. First, we take a static approach to classify all BF instances, presenting a novel datatype-based 5-category taxonomy with fine-grained insight on the role of BFs in ensuring the safety of UAV systems. Second, we dynamically evaluate the impact of the BF uses through a differential approach, establishing the UAV behavioral difference with and without BFs. The two-pronged static and dynamic approach together illuminates a rarely studied design space of safety-critical UAV software systems.
KW - Bounding functions
KW - Safety
KW - Unmanned aerial vehicles
UR - https://www.scopus.com/pages/publications/85115692903
U2 - 10.1109/ICSE43902.2021.00119
DO - 10.1109/ICSE43902.2021.00119
M3 - Conference contribution
AN - SCOPUS:85115692903
T3 - Proceedings - International Conference on Software Engineering
SP - 1311
EP - 1322
BT - Proceedings - 2021 IEEE/ACM 43rd International Conference on Software Engineering, ICSE 2021
PB - IEEE Computer Society
T2 - 43rd IEEE/ACM International Conference on Software Engineering, ICSE 2021
Y2 - 22 May 2021 through 30 May 2021
ER -