Dala Robot is composed of three layers:
- Functional layer includes all the basic built-in robot actions and perception capacities (image processing, motion control, etc.)
- Decisional layer produces the task plan and supervises its execution.
- Execution control layer is an interface between the decisional and functional layers that controls the execution of services in the functional layer according to some safety constraints.
We have used BIP to model the execution control layer and functional layer of the robot Dala. The functional layer consists of a set of modules. A module has a set of services, a set of execution tasks and a set of posters where the produced data is stored. A service has a controller and an activity. An execution task is composed of a timer, a scheduler and an activity. We proposed the following grammar which allows building the functional level starting from basic components:
|Execution task||::=||(Timer).(Scheduler activity)|
where + (plus) means the presence of one or more subcomponent and . (dot) means the composition of different components.
We have used BIP to model eight modules in the functional level of Dala Robot and D-Finder to check deadlock-freedom of these module. One of the most complex module is NDD, which is responsible for the navigation of the robot, that is to reach a goal while avoiding obstacles. It has totally 27 components, 144 control locations, 117 connectors between components, 16 boolean variables and 11 integer variables. It consists of the following control elements:
- InterfaceServer is the interface of the module with the decisional layer. It checks the mailbox which is a shared memory and if there is any message, it will read the content and then sends requests to the corresponding service.
- ExecutionControl keeps information about the number of services running in the module. If a service is triggered, it increases the number by 1, if a service finishes, it decreases the number by 1.
- ExecutionTask runs periodically to synchronize the executions of different services, that is different services can be executed within a period but a service can not be executed more than one time within a period.
and the following services:
- PermanentTask computes the speed of the robot and it is executed periodically during the execution of the robot.
- Init service initializes the module.
- SetParams service sets the necessary parameters of the module.
- SetSpeed service sets the moving speed of the robot which is computed by PermanentTask.
- GoTo service allows the robot moving to a given destination.
- Stop service allows stopping the robot at any time.
NDD also has a set of components called Poster (SpeedPoster, ParamPoster, DiagramPoster, AspectPoster, RefPoster, GoalPoster, AgePoster, MasterPoster) where data produced by the services of the module is stored and exchanged between different services of NDD or with services of other modules.
A service basically has two components (Figure 6.15): a Controller and an Activity. The Controller receives requests (trigger transition), checks parameters and execution conditions (control transition) and if everything is fine, the Controller will trigger the Activity (start transition) to perform the request. The Controller can cancel the request if there is an error (error transition) or conflict (abort transition). The Controller updates the status of the Activity by finish, inter and fail transitions. And finally, it sends a report (send_final_report transition) to the ExecutionControl component.
The Activity is triggered by the Controller (start transition) and then it executes its functions to perform the requested task (exec, internal_exec transitions). The execution may finish normally (finish transition), may fail (fail transition) or may be interrupted (inter transition). In any case, the Activity informs the result to the Controller.