Fast Decomposition of Temporal Logic Specifications for Heterogeneous Teams
FFast Decomposition of Temporal Logic Specifications for Heterogeneous Teams ∗ Kevin Leahy, Austin Jones, Cristian Ioan Vasile, MIT Lincoln Laboratory, Lexington, MA Lehigh University, Bethlehem, PA
Abstract
In this work, we focus on decomposing large multi-agent pathplanning problems with global temporal logic goals (commonto all agents) into smaller sub-problems that can be solvedand executed independently. Crucially, the sub-problems’ so-lutions must jointly satisfy the common global mission spec-ification. The agents’ missions are given as Capability Tem-poral Logic (CaTL) formulas, a fragment of signal temporallogic, that can express properties over tasks involving multi-ple agent capabilities (sensors, e.g., camera, IR, and effectors,e.g., wheeled, flying, manipulators) under strict timing con-straints. The approach we take is to decompose both the tem-poral logic specification and the team of agents. We jointlyreason about the assignment of agents to subteams and thedecomposition of formulas using a satisfiability modulo the-ories (SMT) approach. The output of the SMT is then dis-tributed to subteams and leads to a significant speed up inplanning time. We include computational results to evaluatethe efficiency of our solution, as well as the trade-offs intro-duced by the conservative nature of the SMT encoding.
The problem of planning for a large team of heterogeneousagents from a high-level specification remains difficult. Anattractive approach for ameliorating the difficulty of suchproblems is to decompose the problem into sub-problemsthat can be solved and executed in parallel. This approachcarries trade-offs. Specifically, there is generally a large up-front computational cost to determine a feasible decomposi-tion of the task and team, in exchange for faster planning andexecution. In this work, we introduce a system for quicklydecomposing temporal logic specifications to allow largeteams of heterogeneous agents to plan in near real-time.Recently there has been strong interest in planning forteams of agents from temporal logic specifications. Works ∗ DISTRIBUTION STATEMENT A. Approved for public re-lease. Distribution is unlimited. This material is based upon worksupported by the Under Secretary of Defense for Research and En-gineering under Air Force Contract No. FA8702-15-D-0001. Anyopinions, findings, conclusions or recommendations expressed inthis material are those of the author(s) and do not necessarily re-flect the views of the Under Secretary of Defense for Research andEngineering.Preprint. Under review. in this area include coordination of very large groups of ho-mogeneous agents as a swarm (Haghighi, Sadraddini, andBelta 2016; Chen, Moarref, and Kress-Gazit 2018) or us-ing sampling (Kantaros and Zavlanos 2020). The currentwork is designed to enable planning for very large groupsof heterogeneous agents. Other works that consider hetero-geneous agents feature agent-specific specifications (Guoand Dimarogonas 2017, 2015), whereas we are concernedstrictly with global specifications. Some related works con-sider teams of heterogeneous agents whose missions featuretime-abstract semantics (Sahin, Nilsson, and Ozay 2019;Schillinger, B¨urger, and Dimarogonas 2018b). Our goal is todesign a system that can work with teams of heterogeneousagents with concrete timing requirements.This work is most directly related to Jones et al. (2019).That work introduced Capability Temporal Logic (CaTL),a fragment of signal temporal logic. CaTL is designed fortasking large teams of heterogeneous agents, each with vary-ing capability to service requests. A centralized mixed inte-ger linear program (MILP) is used to generate a plan forthe entire team simultaneously from a given CaTL speci-fication. Here, we seek to improve the computational timeof the solution in Jones et al. (2019) by decomposing thespecification and team of agents into sub-specifications andsubteams. Such a decomposition generates several smallerMILPs that can be solved in parallel, rather than one largeMILP. The decomposition also helps with decentralized ex-ecution of the specification, potentially reducing communi-cation and computational burden during mission execution.Another closely related work is Chen et al. (2012). In thatapproach, each agent had an associated set of capabilitiesthat it could service. The mission specification was projectedonto a language for each agent that captured the requests itcould service. The product of the language of the entire setof agents was then checked for trace-closedness, to deter-mine if the mission could be decomposed. In our work, weare interested in large teams, so a product language of pro-jections is not computationally tractable. Rather than findthe complete set of solutions, we focus on finding a feasibleagent-to-task pairing quickly. Likewise, Schillinger, B¨urger,and Dimarogonas (2018a) is focused on decomposition oftime-abstract specifications using product a automaton foreach agent and designing a compact team automaton. Suchan approach would not be tractable with the concrete-time a r X i v : . [ c s . A I] S e p pecifications we consider in this work. Other work that isconcerned with decomposition of temporal logic specifica-tions includes Banks et al. (2020). That work uses an cross-entropy optimization approach for task allocation for a teamof homogeneous agents. We are concerned in this work withtask allocation for a heterogeneous team.In this work, we define conditions for parallelizing aCaTL specification. We also provide encodings for solv-ing them as a satisfiability modulo theories (SMT) prob-lem (Barrett and Tinelli 2018). The specification and agentassignment are encoded in an SMT problem, and a setof sub-specifications and subteams is returned. Each sub-specification/subteam pair can then be solved as a MILP us-ing the methods presented in Jones et al. (2019). In this section, we introduce the models for the environmentand agents, and the specification language, Capability Tem-poral Logic (CaTL) (Jones et al. 2019), for describing be-haviors of these systems.
Environment
We consider a team of agents operating inan environment consisting of a finite set of discrete locations(states) Q and weighted edges E between states, where theweights represent positive integer travel times. The states arelabeled with atomic propositions from a set AP . We denotethe labeling function by L : Q → AP . Agents
Each agent has a set of capabilities it can execute.We denote the finite set of all agent capabilities by
Cap , andthe set of all agents by J . Definition . An Agent j ∈ J is given by a tuple A j =( q ,j , Cap j ) , where q ,j ∈ Q is the initial state of the agentand Cap j ⊆ Cap is its set of capabilities.
Definition . The motion of agent A j in the environmentinduces a trajectory , denoted s j : Z ≥ → Q ∪ E , such that s j (0) = q ,j and s j ( t ) returns the state or edge occupied byagent A j at time t ∈ Z ≥ .We denote the number of agents with capability c ∈ Cap at state q ∈ Q and time t ∈ Z ≥ by n q,c ( t ) = |{ j ∈ J | q = s j ( t ) , c ∈ Cap j }| . A partition { J (cid:96) } (cid:96) ∈J of the agent set J iscalled a team partition . Definition . The synchronous trajectory s J (cid:48) obtained froma set of agent trajectories { s j } j ∈ J (cid:48) with J (cid:48) ⊆ J is given by s J (cid:48) = (cid:83) j ∈ J (cid:48) s j . Capability Temporal Logic
The team of agents is taskedwith a high-level specification given as a CaTL formula.Here, we define the syntax and semantics of CaTL. Theatomic unit of a CaTL formula is a task . Definition . A task is a tuple T = ( d, π, cp ) , where d ∈ Z is a duration of time, π ∈ AP is an atomic proposition, cp : Cap → Z ≥ ∪{−∞} is a counting map specifying howmany agents with each capability should be in each regionlabeled π . A capability c that is not required to perform task T is defined by cp ( c ) = −∞ . We abuse notation, and denotethe set of required capabilities for a task T by cp T (cid:54) = ∅ . CaTL is a fragment of STL (Maler and Nickovic 2004),where the core units are tasks rather than arbitrary predi-cates. Definition . The syntax of CaTL (Jones et al. 2019) is φ ::= T | φ ∧ φ | φ ∨ φ | φ U [ a,b ) φ | ♦ [ a,b ) φ | (cid:3) [ a,b ) φ where φ is a CaTL formula, T is a task, ∧ and ∨ arethe Boolean conjunction and disjunction operators, U [ a,b ) , ♦ [ a,b ) , and (cid:3) [ a,b ) are the time-bounded until, eventually, andalways operators, respectively. Definition . The qualitative semantics of CaTL are definedover synchronous trajectories s J . At time t , ( s J , t ) | = T ⇔ ∀ τ ∈ [ t, t + d ) , ∀ q ∈ L − ( π ) , ∀ c ∈ Capn q,c ( τ ) ≥ cp ( c ) , while the remaining semantics are defined as for STL (Malerand Nickovic 2004). A team trajectory satisfies a CaTL for-mula φ , denoted s J | = φ , if ( s J , | = φ . Definition . The availability robustness of a task is computed as ρ a ( s J , t, T ) = min c ∈ Cap min t (cid:48) ∈ [ t,t + d ) min q ∈ L − ( π ) n q,c ( t (cid:48) ) − cp ( c ) (1)while for the other operators it is computed recursively asfor STL (Maler and Nickovic 2004). Denote by
Synth( J (cid:48) , φ ) a method that returns trajectories s j for all j ∈ J (cid:48) ⊆ J such that the team trajectory s J (cid:48) max-imizes the availability robustness ρ a ( s J (cid:48) , , φ ) with respectto φ . We are now ready to formally state the decompositionproblem. Problem . Given a set of agents { A j } j ∈ J and a CaTLformula φ , find a team partition R , and a set of formulas { φ r } r ∈ R , if the synthesis problem is feasible. Formally, s ∗ J | = φ ⇒ ( s J r | = φ r , ∀ r ∈ R ) ∧ ( s J | = φ ) , (2)where s ∗ J = (cid:83) j ∈ J s ∗ j , { s ∗ j } j ∈ J = Synth( J, φ ) , s J = (cid:83) r ∈ R s J r , and { s j } j ∈ J r = Synth( J r , φ r ) for all r ∈ R .To solve Problem 1, we use syntax trees correspondingto CaTL formulas (Sec. 4). We propose sufficient conditionsto decompose formulas (Sec. 5), and encode these condi-tions as constraints in an SMT problem (Sec. 6). The SMTsolution is an assignment of agents to tasks. This assign-ment is used to decompose the specification into a set ofsub-specifications, each with a corresponding subteam. Theresulting decomposed specifications and teams can each behandled concurrently using Synth . There are many choicesfor the synthesis method
Synth (Kress-Gazit, Lahijanian,and Raman 2018; Belta, Yordanov, and Gol 2017). We em-ploy an MILP approach similar to (Jones et al. 2019). Thedecomposition process is outlined in Algorithm 1. lgorithm 1:
Solution overview.
Input:
Agents { A j } j ∈ J , CaTL formula φ Output:
Team partition { J r } r ∈ R , Formulas { φ r } r ∈ R SM T ← EncodeSMT( { A j } j ∈ J , φ ) Assignment α ← Solve(
SM T ) { φ r } r ∈ R , { J r } r ∈ R ← DecomposeTree( φ, α ) return { J r } r ∈ R , { φ r } r ∈ R ∧ { A , A , A , A , . . . , A } ∨ { A , A , A } T { A , A , A } T { A , A } U [ a,b ) { A , . . . , A } T { A } ∧ { A , . . . , A } T { A , A } T { A , A } (a) ∧ (cid:2) (cid:3) ∨ (cid:2) (cid:3) T (cid:2) (cid:3) T (cid:2) (cid:3) U [ a,b ) (cid:2) (cid:3) T (cid:2) (cid:3) ∧ (cid:2) (cid:3) T (cid:2) (cid:3) T (cid:2) (cid:3) (b) Figure 1: Abstract syntax tree for (3) with assignment (1a)and capability excess (1b)
We use syntax trees to reason about CaTL specifications,their decomposition, and the assignment of agents to tasks.
Definition . A CaTL syntax tree a CaTL formula φ is a tuple T φ = ( V, v , P ar ) , where V = {∧ , ∨ , U [ a,b ) , ♦ [ a,b ) , (cid:3) [ a,b ) , T = ( d, π, cp ) } is the set ofnodes associated the operators and tasks of φ , v is a rootnode, P ar : V → ( V \ { v } ) ∪ { (cid:46)(cid:47) } is the bijective par-ent map that defines the tree structure, and P ar ( v ) = (cid:46)(cid:47) denotes that the root has no parent.Let Ch ( v ) denote the set of all children of a node v ∈ V , φ ( v ) the subformula of φ associated with node v , and Λ theset of leaf nodes, i.e., nodes without children Ch ( v ) = ∅ .The leaf nodes correspond to the tasks of CaTL formulas. Example . The syntax tree for the formula ψ = ( T ∨ T ) ∧ (( T ) U [ a,b ) ( T ∧ T ))) (3)is given in Fig. 1a Agent c c A A A A A c c A A A A A cp ( c ) cp ( c ) T −∞ T T −∞ T T Figure 2: Numbers and requirements of capabilities for (3).
Definition . An assignment of agents { A j } j ∈ J in a CaTLsyntax tree T φ is a mapping α : V → J .An assignment α keeps track of agents assigned to a tasksand subformulas. Assignments are consistent with the for-mula structure, such that agents assigned to an intermediatenode v must be assigned to some child node of v . Thus, α iscompletely determined by the assignment over the leaves Λ α ( v ) = (cid:91) v (cid:48) ∈ Ch ( v ) α ( v (cid:48) ) . (4)We further define the notion of capability excess to aid inevaluating the assignment of agents to tasks. Definition . The capability excess of an assignment α toa node v ∈ V is defined recursively as ce ( α, v ) = [ na c − cp ( c )] c ∈ Cap v = Tce ( α, β ( Ch ( v ))) v = ∨ [ min v (cid:48) ∈ Ch ( v ) ce ( α, v (cid:48) ) c ] c ∈ Cap otherwise (5)where na c i = |{ j ∈ α ( v ) | c ∈ Cap j }| is the number ofagents with capability c i assigned to node v , and β : 2 V → V is a deterministic selection map between the children ofdisjunction nodes.In Sec. 6, a specific instantiation of β is denoted as Choose . Example . Consider tasks involving two capabilities
Cap = { c , c } . The capabilities assigned to each agent,and the ones required by each task are listed in Fig. 2. Anassignment of agents to tasks and the resulting capabilityexcess are illustrated in Fig. 1a and 1b, respectively. Definition . An assignment α is eligible for the CaTL syn-tax tree T φ , denoted α | = e T φ , if min c ∈ Cap ce ( α, v ) c ≥ (6) Proposition . For a given team trajectory s J , let α [ s J ] de-note the induced assignment such that A j ∈ α ( λ ) if A j par-ticipates in task λ ∈ Λ . It holds that s J | = φ ⇒ α [ s J ] | = e T φ (7)That is, eligibility is a necessary condition for satisfiability. Proof.
The robustness ρ a would reach its theoretical max-imum if all agents were able to simultaneously ser-vice all tasks. Denote the team trajectory resulting fromthese conditions as s ,J . We now prove by induction that ce ( α [ s ,J ] , v ) ≥ ρ a ( s ,J , t, φ ( v )) . Base Case. As ρ a ( s ,J , t, T ) is defined as a minimumover capabilities and over regions, it would reach its max-imum if all of the agents with required capabilities cp T werequally divided among the required regions at the appropri-ate time. This maximum value is given by ce ( α [ s ,J ] , T ) ,i.e., ce ( α [ s ,J ] , T ) ≥ ρ a ( s ,J , t, T ) , ∀ t . Recursion.
For ∧ and ∨ , we apply the same recursive re-lationships to ce as we do to ρ a . Thus, if ce ( α [ s ,J ] , v (cid:48) ) , v (cid:48) ∈ Ch ( v ) , are upper bounds, then ce ( α [ s ,J ] , v ) ≥ ρ a ( s ,J , t, φ ( v ) = (cid:78) v (cid:48) ∈ Ch ( v ) φ ( v (cid:48) )) , ∀ t, (cid:78) ∈ {∧ , ∨} .For the temporal operators, since s ,J considers the casewhen agents are not motion or time-constrained, we canignore the maximization and minimization with respectto temporal arguments in the recursive semantics. Thisyields the form of the recursive relations in (5). There-fore, if ce ( α [ s ,J ] , v (cid:48) ) , v (cid:48) ∈ Ch ( v ) , are upper bounds,then ce ( α [ s ,J ] , v ) > ρ a ( s ,J , t, φ ( v )) ∀ t , where φ ( v ) is φ U [ a,b ) φ , ♦ [ a,b ) φ , or (cid:3) [ a,b ) φ .Thus, ce ( α [ s ,J ] , v ) ≥ ρ a ( s ,J , , φ ( v )) , ∀ φ ∈ CaT L .Further, s J | = φ ⇒ ρ a ( s J , , φ ) ≥ ⇒ ce ( α [ s ,J ] , φ ) ≥ ,thus proving the proposition. In this section, we list some results on syntax trees and as-signments that can be applied to find a distribution of for-mulas and team partition whose parallel satisfaction impliessatisfaction of the original formula.
Graph operators for decomposition
We begin by defining decomposition operators for CaTLsyntax trees. We focus on three types of operations: prun-ing , or removing a section of the syntax tree; substitution of a portion of the tree with a new set of nodes; and paral-lelization , or splitting the tree into multiple trees that can beexecuted in parallel. Satisfaction of the CaTL formula of themodified tree will imply satisfaction of the original CaTLformula.
Definition
12 (Transformation) . Let τ be a subtree of T . Atransformation rule τ (cid:32) { τ (cid:48) , . . . , τ (cid:48) N } produces N copiesof the tree T with the subtree τ replaced by τ (cid:48) k , respec-tively. Transformations can not introduce new tasks, i.e., Λ (cid:48) k ⊆ Λ , where Λ and Λ (cid:48) k are the leaves of T and the trans-formed trees T (cid:48) k , respectively. An assignment α on T in-duces assignments α (cid:48) k on the transformed trees T (cid:48) k such that α (cid:48) k ( λ ) = α ( λ ) for all λ ∈ Λ (cid:48) k .In the following, we denote by (cid:104) v | τ , . . . , τ N (cid:105) a syntaxtree with root v and subtrees τ , . . . , τ N . Given a node v ofa tree T , we denote the subtree rooted at v as T [ v ] .Let T be a syntax tree, v a node of T , and τ a subtree. Wedefine three transformations:1. pruning of siblings: v r −→ v (cid:48) creates a tree with all siblingsof v (cid:48) ∈ Ch ( v ) removed, i.e., (cid:104) v | T [ c ] , c ∈ Ch ( v ) (cid:105) (cid:32) {(cid:104) v | τ v (cid:48) (cid:105)} ;2. substitution: τ s −→ τ (cid:48) creates a tree with τ replaced by τ (cid:48) on the same tasks, i.e., τ (cid:32) { τ (cid:48) } ;3. parallelization: (cid:104) v | τ , . . . , τ N (cid:105) (cid:32) { τ , . . . , τ N } creates N trees where the subtree rooted at v is replaced by itssubtrees τ , . . . , τ N .We now proceed to determining a set of sufficient condi-tions for pruning, substitution and parallelization. Conditions for Pruning
Disjunction ∨ Note that the capability excess at a node inthe syntax tree corresponding to disjunction is non-negativeif and only if at least one if its children has a non-negative ca-pability excess. In other words, satisfaction of the exclusivedisjunction ˙ ∨ is sufficient for the satisfaction of disjunction ∨ . This is encapsulated in the following proposition. Proposition . Let v = ∨ be a disjunction node in a syn-tax tree T , v (cid:48) ∈ Ch ( v ) , and α an assignment such that ce ( α, v (cid:48) ) ≥ . For any assignment α , α (cid:48) | = e T (cid:48) ⇒ α | = e T ,where T (cid:48) is obtained by applying the pruning rule v r −→ v (cid:48) ,and α (cid:48) is the induced assignment from α . Proof. If α (cid:48) | = e T (cid:48) , then at least one child of v has non-negative capability excess and, thus, v has non-negative ca-pability excess. Further, since the rest of T is identical to T (cid:48) ,non-negative excess of v and eligibility of α (cid:48) implies eligi-bility of α . Conditions for Substitution
Until U [ a,b ) The formula φ U [ a,b ) φ is in general difficultto parallelize. However, we can substitute the until operatorwith the more conservative formula (cid:3) [0 ,b ) φ ∧ ♦ [ a,b ) φ thatis amenable to parallelization. Proposition . Let v = U [ a,b ) be an until node in a syntaxtree T . If we apply the substitution (cid:104)U [ a,b ) | φ , φ (cid:105) s −→ (cid:104)∧ | (cid:104) (cid:3) [0 ,b ) | φ (cid:105) , (cid:104)♦ [ a,b ) | φ (cid:105)(cid:105) , (8)then α (cid:48) | = e T (cid:48) ⇒ α | = e T , where T (cid:48) is obtained from T by applying the substitution rule, and α (cid:48) is the inducedassignment from α . Proof. If α (cid:48) | = e T (cid:48) , then both ce ( α, φ ) ≥ and ce ( α, φ ) ≥ , according to the recursive relationship in (5).Therefore, since the capability excess of U [ a,b ) is the min-imum of the capability excess of its children ( φ and φ ),the capability excess of the original formula is non-negative.This implies α | = e T . Conjunction ∧ with upstream temporal operators Temporal operators followed by a conjunction may be paral-lelized if the assignments of children in the conjunction aredisjoint.
Proposition . Let v = ∧ be a node in a syntax tree T , and let v . . . v n be the path such that v n = P ar ( v ) , v k − = P ar ( v k ) , ∀ k = 2 . . . n , and v k ∈ { (cid:3) [ a,b ) , ♦ [ a,b ) } .With slight abuse of notation, if we make the substitution (cid:104) v . . . v n v | T [ c ] , c ∈ Ch ( v ) (cid:105) s −→ (cid:104) v | (cid:104) v (cid:48) . . . v (cid:48) n | T [ c ] (cid:105) , c ∈ Ch ( v ) (cid:105) (9)where v (cid:48) k corresponds to (cid:3) with the same time bounds as v k , then α (cid:48) | = e T (cid:48) ⇒ α | = e T . Again, T (cid:48) is obtained from T by applying the substitution rule, and α (cid:48) is the inducedassignment from α . roof. If α (cid:48) | = e T (cid:48) , then ce ( α (cid:48) , v ) ≥ . Further, ce ( α (cid:48) , v ) =min c ∈ Ch ( v ) ce ( α (cid:48) , c ) . Therefore, min c ∈ Ch ( v ) ce ( α (cid:48) , c ) ≥ .Since temporal operators v , . . . , v N do not modify ca-pability excess according to (5), we have ce ( α, v ) =min c ∈ Ch ( v ) ce ( α, c ) ≥ . This implies α | = e T . Conditions for Parallelization
Conjunction ∧ at the root Conjunctions at the root of asyntax tree can be parallelized if the assignments of theirchildren do not overlap.
Proposition . Let v be the root in a syntax tree such that v = ∧ . Let α ( v (cid:48) ) ∩ α ( v (cid:48)(cid:48) ) = ∅ for all v (cid:48) , v (cid:48)(cid:48) ∈ Ch ( v ) . Ifwe parallelize (cid:104) v | τ , . . . , τ N (cid:105) (cid:32) { τ , . . . , τ N } (10)then ( (cid:86) Ni =1 α i | = e τ i ) ⇒ α | = e T , where α i is the inducedassignment on subtree τ i from α . Proof.
For each subtree τ i , α i | = e τ i implies that capabil-ity excess is non-negative (i.e., ce ( α i , τ i ) ≥ ). Since thecapability excess of conjunction is simply the minimum ofits children, then ce ( α, v ) = min i ce ( α i , τ i ) . For all i , thiscapability excess is non-negative. Therefore, ce ( α, v ) ≥ ,implying α | = e T . Example . Fig. 3 demonstrates the application of Proposi-tions 2-5.
Now, we consider the problem of finding an assignment α for a given CaTL formula φ such that applying Proposi-tions 2-4 will result in a set of subformulas and subteamsthat can be decomposed. We consider the problems of de-termining eligibility, pruning, substituting, and parallelizing.Eligibility variables capture whether an assignment is eligi-ble according to Definition 11. Independence variables keeptrack of any overlap between assignments of agents to tasks,thereby helping determine the feasibility of substitution andparallelization. In the definitions below, these Boolean vari-ables are indicated by the terms Elg and
Ind , respectively.
CaTL Formula Encoding
Task Assignment Encoding
We first examine how an as-signment α determines elgibility and independence of tasksat the leaves of the tree. Consider a set of agents { A j } j ∈ J with corresponding classes of capabilities g j and tasks T m =( d m , π m , cp m ) . • For each task, the assignment is eligible if the capabilityexcess is non-negative, i.e.,
Elg ( α, v ) := ce ( α, v ) ≥ . • Because tasks are leaves of the syntax tree, they do notinherently require coordination with other tasks. Thus weset independence to be true, i.e.,
Ind ( α, v ) := True .Now, we ascend from the leaves of the tree to the root. Wedescribe what to do once we encounter each operator. ∧ { A , A , A , A , . . . , A } T { A , A , A } U [ a,b ) { A , . . . , A } T { A } ∧ { A , . . . , A } T { A , A } T { A , A } (a) Application of Proposition 2. ∧ { A , A , A , A , . . . , A } T { A , A , A } (cid:3) [0 ,b ) { A } T { A } ♦ [ a,b ) { A , . . . , A } ∧ { A , . . . , A } T { A , A } T { A , A } (b) Application of Proposition 3. ∧ { A , A , A , A , . . . , A } T { A , A , A } (cid:3) [0 ,b ) { A } T { A } (cid:3) [ a,b ) { A , A } T { A , A } (cid:3) [ a,b ) { A , A } T { A , A } (c) Application of Proposition 4. T { A , A , A } (cid:3) [0 ,b ) { A } T { A } (cid:3) [ a,b ) { A , A } T { A , A } (cid:3) [ a,b ) { A , A } T { A , A } (d) Application of Proposition 5. Figure 3: Decomposition of abstract syntax tree and assign-ments by applying Propositions 2-5. isjunction ∨ As previously noted, an assignment for dis-junction is eligible if at least one of its children has an eligi-ble assignment. We let the solver select which child is cho-sen and track the eligibility and independence for that child. • The eligibility of a disjunction node is inheritedfrom the chosen child node, i.e.,
Elg ( α, v ) := Elg ( α, Choose ( α, v )) , where Choose ( α, v ) is a functionthat selects a child of v with positive eligibility. It playsthe role of β as defined in Sec. 4. • Independence is inherited from the chosen child node, i.e.,
Ind ( α, v ) := Ind ( α, Choose ( α, v )) . Temporal operators ♦ [ t ,t ) or (cid:3) [ t ,t ) Because thesetemporal operators have only a single child, their encodingis straightforward. • Eligibility is inherited from the child node, i.e.,
Elg ( α, v ) := Elg ( α, Ch ( v )) . • Independence of tasks is inherited from the child node,i.e.,
Ind ( α, v ) := Ind ( α, Ch ( v )) . Until U [ t ,t ) or Conjunction ∧ For until and conjunction,we must track eligibility of the children of each node andwhether its children are independent. • Eligibility is determined by the conjunction of the chil-dren of v , i.e., Elg ( α, v ) := (cid:86) v (cid:48) ∈ Ch ( v ) Elg ( α, v (cid:48) ) . • Independence is determined based on the intersectionof assignments of child nodes, i.e.,
Ind ( α, v ) := (cid:84) v (cid:48) ∈ Ch ( v ) α ( v (cid:48) ) = ∅ . • For conjunction at the root, we allow non-binary conjunc-tion. Therefore, we need to consider a slightly differentencoding of
Ind . With slight abuse of notation, we checkfor pairwise independence between subtrees at the root,i.e.,
Ind ( α, v , v (cid:48) , v (cid:48)(cid:48) ) := ( α ( v (cid:48) ) ∩ α ( v (cid:48)(cid:48) ) = ∅ ) pairwisefor all v (cid:48) , v (cid:48)(cid:48) ∈ Ch ( v ) , v (cid:48) (cid:54) = v (cid:48)(cid:48) . Top level encoding
We encode the total formula as (cid:88) v ∈T Cost ( Ind ( α, v ))) s.t. Elg ( α, v ) (11)where Cost ( · ) is a cost function that is negative for any val-ues of Ind that are true, and increases in magnitude towardsthe top of the tree. Checking for root eligibility ensures aneligible assignment in all downstream nodes. Finally, mini-mizing the independence costs searches for a maximally par-allelizable assignment.
Decomposing Specification using Assignment andSMT
Given an assignment from the preceding SMT problem, wewish to decompose the tree as much as possible, returning aset of subformulas and subteams. Here we describe how toobtain these formulas and teams from the SMT solution. The process is outline in Algorithm 2. Briefly, the syntaxtree and assignment from the SMT are provided as input.The tree is pruned at nodes labeled ∨ for any children not se-lected in the SMT (lines 1-2). Then, subtrees are substitutedat nodes labeled U [ a,b ) or ∧ if the assignments to their chil-dren are disjoint (lines 3-5). Finally, the tree is parallelizedaccording to the independence of children at the root node(lines 6-7). The resulting formulas and their correspondingteam assignments are extracted and returned. These outputformulas and teams can then each by solved by a MILP asin Jones et al. (2019). Remark . We note that the tree does not necessarily need tobe pruned at ∨ nodes. The assignment to downstream nodesfrom ∨ will be empty. It may be the case that agents assignedto the eligible branch can accomplish tasks in the ineligiblebranch. Thus, the MILP has a greater chance at finding so-lutions at the cost of computation over a larger formula. Algorithm 2:
Decomposition using assignment α fromSMT Input:
Assignment α from the SMT Problem,Syntax Tree T φ Output:
Set of formulas { φ i } i ∈ ,...,N ,Corresponding team partition { J i } i ∈ ,...,N for v ∈ V | v = ∨ do prune subtree rooted at v ; for v ∈ V | v ∈ {U [ a,b ) , ∧} and v (cid:54) = v do if Ind ( α, v ) = True then substitute according to (8) or (9); if ∃ v (cid:48) , v (cid:48)(cid:48) ∈ Ch ( v ) | Ind ( α, v , v (cid:48) , v (cid:48)(cid:48) ) = True then T (cid:32) { τ , . . . , τ N } according to (10); for τ i ∈ { τ , . . . , τ N } do extract formula φ i from subtree τ i ; extract subteam J i from α i ; return { φ i } i ∈ ,...,N , { J i } i ∈ ,...,N Remark . If the assignment is eligible and feasible but nosatisfying parallel execution exists, we must furthermore addthat information to the SMT problem so that the solver doesnot continue to investigate similar solutions that are unlikelyto work. This can be accomplished using the irreducibleinconsistent set (IIS). The IIS is computed by most mod-ern solvers, and provides constraints that can be used in theSMT. There are several technical issues that need to be ad-dressed in this process, and we leave it as future work.
Simulation and Results
To validate our proposed methodology and evaluate its com-putational performance, we performed computational exper-iments. The SMT problem was coded in Z3 (De Moura andBjørner 2008). Synthesis was performed using the Gurobisolver (Gurobi Optimization 2020). Experiments were runin Python 2.7 on Ubuntu 16.04 with a 2.5 GHz Intel i7 pro-cessor and 16 GB of RAM.To evaluate our methodology, we tested the system in anenvironment with 25 states for varying numbers of agents. R un T i m e ( s ) FeasibleRobustDecomp FeasibleDecomp Robust
Figure 4: Run time with and without decomposition forvarying problem sizes. Simulations performed for first fea-sible solution and maximally robust solution. 100 randomtrials were run for each case. Timeout was set at 120s.Table 1: Run time for obtaining the first feasible solution.Results are presented as mean / max.No Decomposition DecompositionAgents Time (s) Time (s)10 1.60 / 1.97 0.96 / 1.9920 3.51 / 6.50 3.38 / 5.9430 5.30 / 11.46 2.56 / 4.4240 6.56 / 12.14 7.43 / 19.7250 20.65 / 51.25 11.78 / 28.13The specification in (3) was used for all experiments, andthe number of agents required per task are given in Fig. 2.Agents were randomly assigned capabilities from the set { ( c , ( c , ( c , c } . We evaluated the performance for 10,20, 30, 40, and 50 agents. The environment was a fully-connected × grid, with edge weight of and randomlyassigned region labels. In general, increasing the number ofagents decreases the time to find a solution. Therefore as thenumber of agents increased, the number of regions to be ser-viced was also increased, to maintain the same approximatedifficulty of finding a solution. We calculated the time tofind the first feasible solution, as well as the time to find themaximally robust solution. One hundred simulations wererun for each condition, and we set timeout to be s .Run time results are shown in Fig. 4 and Tables 1 and 2.For the time to first feasible solution, and the time to ro-bust solution, the decomposed system executes faster thanthe centralized system. The run times displayed include bothdecomposition time and MILP solution time. However, wenote that the assignment via SMT does not take robustnessinto account. Therefore, the robust centralized solution con-sistently returns a more robust solution than the decomposedsolver, which often returns a robustness of . For the decom-posed solution, robustness was computed as the minimum ofall subformula robustness, meaning the worst-case robust-ness could be , even if some subteams performed better.In Fig. 5, we show the proportion of the run time that is Table 2: Run time and robustness for obtaining the optimallyrobust solution. Results are presented as mean / max. Time-out was set to 120 s.No Decomposition DecompositionAgents Time (s) ρ Time (s) ρ
10 7.81 / 25.32 0.88 / 2 1.02 / 2.54 0 / 020 120 / 120 0.79 / 1 5.42 / 107.49 0 / 030 120 / 120 0.87 / 1 22.58 / 120 0.01 / 140 120 / 120 0.89 / 1 120 / 120 0 / 050 120 / 120 0.88 / 1 120 / 120 0.33 / 1
10 20 30 40 50Number of Agents051015202530 C o m p u t a t i o n T i m e ( s ) Feasible MILPFeasible DecompRobust MILPRobust Decomp
Figure 5: Overall run time broken into decomposition timeand MILP time. Results are shown for the feasible and robustMILP solution.used for decomposition versus solving the MILP. For eachdata point, the run time is dominated by the MILP solver andnot the decomposition. This suggests that the decompositionprocess is efficient. When coupled with the results in Fig. 4,it suggests that the cost of decomposition is low, while thebenefit of decompostion is high.
Conclusion
In this work, we have proposed a method for the automaticdecomposition of a team of agents and a formal specificationinto a set of subteams and sub-specifications. Our methodemploys SMT to find a feasible decomposition that we thensolve in a distributed manner using a set of MILPs. Thismethod significantly reduces the run time over a centralizedapproach. It represents a promising first step towards speed-ing up planning for large heterogeneous teams.There are several avenues of future work. First, the ro-bustness of the decomposed solutions is significantly lowerthan for the centralized solution. By using capability excessas part of our cost function, we may be able to find a de-composition that is more robust. It may also be possible thatan assignment meets our criteria but has no feasible solutionvia the MILP (i.e., agents cannot service their required tasksaccording to their timed deadlines). One possible solution tothat problem is to use the IIS (see Remark 2) in feedbackwith the SMT problem to remove any infeasible conditions.We may also be able to incorporate properties of the envi-ronment or agent locations into the assignment problem. eferences
Banks, C.; Wilson, S.; Coogan, S.; and Egerstedt, M. 2020.Multi-Agent Task Allocation using Cross-Entropy Tempo-ral Logic Optimization. In
International Conference onRobotics and Automation .Barrett, C.; and Tinelli, C. 2018. Satisfiability modulo theo-ries. In
Handbook of Model Checking , 305–343. Springer.Belta, C.; Yordanov, B.; and Gol, E. A. 2017.
Formalmethods for discrete-time dynamical systems , volume 89.Springer.Chen, J.; Moarref, S.; and Kress-Gazit, H. 2018. Verifiablecontrol of robotic swarm from high-level specifications. In
Proceedings of the 17th International Conference on Au-tonomous Agents and MultiAgent Systems , 568–576.Chen, Y.; Ding, X. C.; Stefanescu, A.; and Belta, C. 2012.Formal approach to the deployment of distributed roboticteams.
IEEE Transactions on Robotics
International conference on Tools and Algo-rithms for the Construction and Analysis of Systems , 337–340. Springer.Guo, M.; and Dimarogonas, D. V. 2015. Multi-agent planreconfiguration under local LTL specifications.
The Interna-tional Journal of Robotics Research
IEEE Transactions on Au-tomation Science and Engineering
Con-ference on Decision and Control (CDC) , 5708–5713. IEEE.Jones, A.; Leahy, K.; Vasile, C.; Sadraddini, S.; Serlin, Z.;Tron, R.; and Belta, C. 2019. ScRATCHS: Scalable andRobust Algorithms for Task-based Coordination from High-level Specifications. In
International Symposium of RoboticsResearch .Kantaros, Y.; and Zavlanos, M. M. 2020. STyLuS*: A Tem-poral Logic Optimal Control Synthesis Algorithm for Large-Scale Multi-Robot Systems.
The International Journal ofRobotics Research
Annual Review of Control, Robotics, and AutonomousSystems .Maler, O.; and Nickovic, D. 2004. Monitoring temporalproperties of continuous signals. In
Formal Techniques,Modelling and Analysis of Timed and Fault-Tolerant Sys-tems , 152–166. Springer.Sahin, Y. E.; Nilsson, P.; and Ozay, N. 2019. Multirobotcoordination with counting temporal logics.
IEEE Transac-tions on Robotics . Schillinger, P.; B¨urger, M.; and Dimarogonas, D. V. 2018a.Decomposition of finite LTL specifications for efficientmulti-agent planning. In
Distributed Autonomous RoboticSystems , 253–267. Springer.Schillinger, P.; B¨urger, M.; and Dimarogonas, D. V. 2018b.Simultaneous task allocation and planning for temporallogic goals in heterogeneous multi-robot systems.