Robot Risk-Awareness by Formal Risk Reasoning and Planning

Robot Risk-Awareness by Formal Risk Reasoning and Planning

Xuesu Xiao, Jan Dufek, and Robin Murphy Xuesu Xiao, Jan Dufek, and Robin Murphy are with the Department of Computer Science and Engineering, Texas A&M University, College Station, TX 77843 {xiaoxuesu, dufek, robin.r.murphy}

This paper proposes a formal robot motion risk reasoning framework and develops a risk-aware path planner that minimizes the proposed risk. While robots locomoting in unstructured or confined environments face a variety of risk, existing risk only focuses on collision with obstacles. Such risk is currently only addressed in ad hoc manners. Without a formal definition, ill-supported properties, e.g. additive or Markovian, are simply assumed. Relied on an incomplete and inaccurate representation of risk, risk-aware planners use ad hoc risk functions or chance constraints to minimize risk. The former inevitably has low fidelity when modeling risk, while the latter conservatively generates feasible path within a probability bound. Using propositional logic and probability theory, the proposed motion risk reasoning framework is formal. Building upon a universe of risk elements of interest, three major risk categories, i.e. locale-, action-, and traverse-dependent, are introduced. A risk-aware planner is also developed to plan minimum risk path based on the newly proposed risk framework. Results of the risk reasoning and planning are validated in physical experiments in real-world unstructured or confined environments. With the proposed fundamental risk reasoning framework, safety of robot locomotion could be explicitly reasoned, quantified, and compared. The risk-aware planner finds safe path in terms of the newly proposed risk framework and enables more risk-aware robot behavior in unstructured or confined environments.

I Introduction

Robots that locomote in unstructured or confined environments usually face motion risk. Therefore, autonomous planning systems must be capable of deciding how to reduce risk. This intelligent behavior firstly requires a fundamental understanding of risk and then a planning paradigm to find motion plans with minimum risk. The usages of unmanned vehicles in situations such as Urban Search And Rescue (USAR), nuclear operations, disaster robotics [1], etc., are examples where the execution of motion inherently entails taking risk and therefore motivate a formal risk reasoning framework and corresponding risk-aware planner.

Fig. 1 shows an example of borehole entry from Crandall Canyon Mine (Utah) response in 2007 [2]. In region 1, the borehole area, small clearance of the borehole may cause the robot getting jammed. Due to the lack of casing of the borehole, falling rocks, drilling foam, water, and debris may damage the robot. The vertically hanging robot might spin and therefore lose controllability and mobility. In region 2, the transition from the borehole to the mine, the robot may get stuck with the mesh roof during hole exit and reentry. Tether entanglement with mesh roof is another risk. Furthermore, the transition from vertical mobility to operating on mine floor also requires extra effort and induces risk. Region 3, the inside of the mine, has unstable terrain due to running water and mud, causing the robot getting trapped. The robot also has to traverse soft drill tailings and foam, or even equipment, before reaching the mine floor. Also, while locomoting in region 3, robot tether is still being extended or retracted, interacting with the borehole (region 1) and the mesh roof in the transition into the mine (region 2). Risk of tether entanglement still exists. Due to the variety of existing risk sources in borehole entry, the robot failed at Crandall Canyon Mine in all four runs during the response in 2007 (lowering system failure, blockage in borehole, deteriorated sensing, and entangled and finally broken tether).

Fig. 1: Mine Disaster Borehole Entry [2]

Motivated by the question of how the variety of risk sources contribute to the high failure rate, this paper formally defines robot motion risk using propositional logic and probability theory. In contrast to the conventionally assumed additive or Markovian properties, the formal methods used in the derivation reveals contradicting facts: risk’s non-additivity and history dependency. Building upon a comprehensive universe of risk elements (not only obstacles), a variety of adverse effects which exist in unstructured or confined environments are categorized into locale-dependent, action-dependent, and traverse-dependent risk elements. The proposed risk-aware planner is able to take partial history information into account, and plans minimum risk path based on the newly proposed risk reasoning framework (for locale- and action-dependent risk elements). It also provides a paradigm to address risk with deeper history dependency (up to traverse). The risk reasoning and risk-aware planning results are validated through a physical robot flying in a real-world unstructured or confined environment.

The rest of the paper is organized as follows: Sec. II provides related work. Sec. III formally derives the proposed risk reasoning framework. Sec. IV presents the risk-aware planner and points out the tradeoff between computation complexity and history dependency depth. Sec. V presents an integrated demonstration of the risk reasoning and risk-aware planning results on a physical tethered Unmanned Aerial Vehicle (UAV) in a real-world unstructured or confined environment. Sec. VI concludes the paper.

Ii Related Work

This section reviews current approaches to reason about risk and existing risk-aware planners.

Ii-a Risk Reasoning

Although risk has been addressed in the literature, a formal definition of risk is still unclear. Risk was referred to as some numerical measure of the severity/negativity related with certain aspects of motion. Risk associated with locomoting in unstructured of confined environments was explicitly represented as ad hoc risk functions of robot state.

[3] represented risk in the workspace by two layers: hazard data and visibility layer. The risk related with each layer was a function of the particular state. Weighted sum was used to combine the effect from both risk layers. To the author’s best knowledge, this is the only work that considered more than one risk sources. [4] associated UAV flight risk at a certain location with this location’s ground orography. [5, 6] adopted a similar approach and also assumed risk to be a function of location only. Even with data-driven approaches, researchers estimated potential risk of a certain state based on historical record, including ocean Automated Identification System (AIS) [7, 8] and traffic data [9].

Besides the lack of formal definition, all the risk considered in the literature was related with obstacles of various form. However, moving robots are also exposed to other kinds of risk, such as risk from turning, terrain interaction, battery condition, etc. Furthermore, the assumption that the risk a robot faces at a certain state/location is only a function of that state/location is ill-founded. So is the additivity of risk. Existing work assumed the risk a robot faces when executing a path is simply addition of the risk from all states.

Ii-B Risk-aware Planning

In search of a feasible path plan, risk-awareness was mostly modeled as (chance) constraints. [10, 11] proposed chance-constrained rapidly-exploring random tree (CC-RRT) approaches, which used chance constraints to guarantee probabilistic feasibility at each time step and over entire trajectory. Another framework is (PO)MDP. As standard MDP inherently contains reward but not risk, researchers have looked into representing risk as negative reward (penalty) [8] or constraints (C-POMDP) with unit cost for constraint violation [12, 13, 14]. Going beyond unit cost, CC-POMDP was proposed by [15], which was based on a bound on the probability (chance) of some event happening during policy execution. Robust Model Predictive Control (RMPC) is another alternative, with an emphasis on risk allocation, i.e., to allocate more risk for more rewarding actions [16, 17].

Existing constraint violation which models risk took the form of intersection between path and obstacles. A feasible plan was a path with constraint violation probability bounded by a certain manually assigned threshold, not with minimum risk in an absolute sense. Furthermore, the temporal or spatial (multiple obstacles) dependencies of constraint violation probability were either assumed to be independent or relaxed using ellipsoidal relaxation technique or Boole’s inequality [15, 11, 17, 10, 16]. This neglected the important dependencies on the motion history and the rough approximation introduced significant conservatism.

Iii Risk Reasoning Framework

This section formally defines robot motion risk in unstructured or confined environments and derives the reasoning framework using propositional logic and probability theory. It is comprehensive and general for any robots.

Iii-a Formal Definiton and Explicit Representation

This work considers motion risk for mobile robots executing a path. Risk in terms of a sequence of motion (path) is formally defined as the probability of the robot not being able to finish the path.

The robot workspace is defined based on tessellation of the Cartesian space. Each tessellation is either a viable (e.g. free) or unviable (e.g. occupied) state for the robot to locomote. A feasible path plan is defined to be an ordered sequence of viable tessellations, called states and denoted as :

where is the maximum distance between two consecutive states for the path to be feasible. A state on the path is finished by the robot reaching it within an acceptable tolerance and ready to move on to the next state. A state is not finished due to two main reasons: the robot crashes or gets stuck. In order to finish the path of states, the robot faces different risk elements, which will possibly cause not finishing the path. Here, three types of events are defined with propositional logic:

  • – the event where the robot finishes path

  • – the event where the robot finishes state

  • – the event where risk does not cause a failure at state

The reasoning about motion risk is based on three assumptions, which are expressed by propositional logic:

  1. Path is finished only when all states are finished:

  2. A state is finished only when all risk elements do not cause failure:

  3. Finish or fail a state because of one risk element is conditionally independent of finish or fail that state because of any other risk element, given the history leading to the state:

Before reasoning about risk, the probability of the robot being able to finish the path is firstly reasoned:


The first, second, fourth, and fifth equal signs are due to assumption 1, probability chain rule, assumption 2, and assumption 3, respectively. Therefore, the formal risk definition, the probability of not being able to finish the path, is the probabilistic complement:


In terms of risk representation, the risk of path is denoted as and is equal to . means the probability of risk causes failure at state , given the history of finishing to . It is therefore denoted as the th risk robot faces at state given that to were finished: . Writing in risk representation form will yield:


This proposed probabilistic motion risk framework does not require the ill-founded additivity assumption for risk. More importantly, the conditional probability in Eqn. 2 clearly shows the dependency of risk at certain state on the history, not only the state itself. Despite the dependencies in the temporal domain, conditional independence among different risk elements at a certain state given the history is still assumed. Along the direction of the path, risk the robot faces at each individual state is dependent on history (longitudinal dependence), while at each state, risk caused by different risk elements is independent (lateral independence) (Fig. 2). Note that each individual risk values could be determined theoretically or empirically.

Fig. 2: Longitudinal Dependence on History States and Lateral Independence among Risk Elements

Iii-B Risk Categories and Risk Elements

The formal definition and explicit representation reveal the longitudinal dependence of risk at a certain state on the history. Mathematically speaking, the dependency is on the entire history in general. However, in practice, the dependency of different risk elements may have different depth into the history, e.g. crash to a very close obstacle is only dependent on the closeness of this state to obstacle or crash due to an aggressive turn is only dependent on two states back in the history. In this work, risk elements are divided into three categories: locale-dependent, action-dependent, and traverse-dependent risk elements. Fig. 3 shows the universe of all risk elements considered, and the categories they belong to. More importantly, the subset/superset relationship between the three categories are displayed: locale-dependence action-dependence traverse-dependence. This universe of risk elements is not exclusive.

Fig. 3: Universe of All Risk Elements

Iii-B1 Locale-dependent Risk Elements

This is the most special case in history dependence, since its dependency on history could be entirely relaxed. That is:


The word locale connotes the meaning of “location”, “position”, or where the robot is currently at. It has similar connotation as the concept of “state” in (Cartesian) configuration space, but also emphasizes the relationship with the current proximity of the environment. This category of risk elements has been covered in existing literature under the name of “location” or “state” and was assumed to be the only type of risk elements. This type of traditional risk elements could be evaluated on the state alone, not depending on history.

Iii-B2 Action-dependent Risk Elements

This is a special case of risk’s history dependency, between the general traverse-dependence and the most special locale-dependence. The depth of action-dependent risk elements’ history dependency is two states back, such that the finishing of the last two states has impact on the risk the robot is facing at the current state:


This category of risk elements usually focuses on the transitions between states, including the effort necessary to initiate the transition and the difference between two consecutive transitions.

Iii-B3 Traverse-dependent Risk Elements

This is the general form of risk’s history dependency, which encompasses both locale-dependent and action-dependent risk elements:


The general form has a full depth of history dependency and looks back to the whole traverse from start leading to the current state. Finishing of all the history states has impact on the finishing of the current state.

Iv Risk-Aware Planning

This section develops a risk-aware planner that plans with the newly proposed risk reasoning framework. It guarantees optimality for locale- and action-dependent risk elements. Tradeoff between computation complexity and history dependency depth is discussed.

Iv-a Impact of Non-additivity and History-Dependency

The risk-aware planner needs to find minimum risk path between a start and a goal location. Traditional risk-aware planners assumed additive and Markovian properties, therefore their cost function is simply:


Nonetheless, the cost function based on the proposed risk framework is Eqn. 3.

This risk representation has neither additivity nor state-dependency, and therefore does not have substructure optimality. The risk robot faces at state is not well-defined on , but can take different values depending on the traverse taken .

In terms of the impact of those differences on the planner, an intuitive visual example is shown in Fig. (a)a: when traditional approaches expand from vertex to vertex , the risk of the path from start to is simply the sum of the risk of the subpath from start to and the risk at . The risk at is simply well defined on vertex . However, using the proposed risk representation (Eqn. 3), the risk of vertex (state) is not well defined by only looking at alone. The dependency on the history requires the risk at to be evaluated based on the entire traverse (start, …, , ).

(a) Dynamical
(b) Directional
Fig. 4: Dynamical and Directional Risk Evaluation: Path risk needs to be evaluated dynamically and non-optimal substructure requires minimum risk path to be directional.

Due to the dynamically changing state risk dependent on history, the problem loses optimal substructure, therefore scenarios such as the one shown in Fig. (b)b may occur: traditional approaches base on substructure optimality, so if the optimal path to passes through , the subpath to is also guaranteed to be optimal to . However, due to the risk representation in Eqn. 3, this may not be necessarily true. Given the green path is the best path to , the subpath of the green path to is not the best path to . The black path actually is. The optimal path to is from a different direction to as the optimal path to .

Therefore the planning problem at hand has at least two issues, preventing from the usage of traditional search algorithms: the risk being dynamical (dependent on history) and directional (lost optimal substructure). Considering the three categories of risk elements, locale-dependency, action-dependency, and traverse-dependency, a new algorithm is designed to optimally address the first two categories of risk elements, by looking back two states into history during planning, at the cost of more computation. Traverse-dependent risk elements, however, cannot be guaranteed to be optimally addressed, since it is the most general form of risk and the look-back has to be into the entire history to guarantee optimality. Only those risk caused by two steps back into the traverse could be handled.

Iv-B Risk-aware Planner

The tessellated workspace is defined as a graph . Let be the vertex set, and be all the edges connecting the vertices. To accommodate the history dependency of action-dependent risk elements, each vertex is further represented by , where represents the direction from which is reached. They memorize the two-step history information to be used when being expanded in the future. The total number is the connectivity of , as the number of incoming edges reaching . For each direction reaching , is defined as , where is the risk of reaching from direction starting from start vertex , and is the previous direction of reaching the previous vertex, in other words, previous direction of two steps back. All the directions of all vertices compose the superset of all directions and is a variable for different vertices depending on how many directions (edges) are leading to the vertex. The algorithm is shown in Alg. 1. It finds the minimum-risk directional component in the graph (line 5) and expands the vertex which this directional component belongs to (line 6 - line 15). After expanding all the neighbors, this directional component is marked visited (line 16). When all directional components are visited, the final minimum-risk path to each vertex is selected from its minimum-risk directional components (line 18 - 22).

0:  ,
0:  Risk-Aware paths to all vertices other than
1:   set and
2:  For , set in all
3:  Initialize visited set to
4:  while  do
5:     pick vertex with smallest where
6:     for each edge  do
7:        )
10:        , where corresponds to reaching from
11:        if  then
14:        end if
15:     end for
17:  end while
18:  for each  do
19:     pick with the smallest
22:  end for
23:  return  all with
Algorithm 1 Risk-Aware Path Planner

Iv-C Risk Representation and Planning Examples

Taking a tethered robot locomoting in obstacle-occupied (shown as red) 2D space as example, results from the proposed risk-aware planner are shown in Fig. 6. As comparison, results of conventional risk-aware planner based on additive state-dependent risk are presented in Fig. 5. The color of the arrows indicates the risk the robot faces at each state and the color map is displayed on the right. The robot starts from the left of the map and the goal is going to the right. Six risk elements are chosen as examples from the three risk categories: distance to closest obstacle and visibility from locale-dependent risk elements, action length and turn from action-dependent risk elements, and tether length and number of tether contacts [18] from traverse-dependent risk elements. Risk caused by each risk element at each state is determined empirically, e.g. a state which is closer to obstacle, requires a sharper turn, or involves more contact points is assigned a higher risk value.

(a) Path 1 (Planning Result)
(b) Path 2 (for Comparison)
Fig. 5: Conventional Planner with Additive State-Dependent Risk
(a) Path 1 (for Comparison)
(b) Path 2 (Planning Result)
Fig. 6: Proposed Planner with Probabilistic History-Dependent Risk

Fig. (a)a shows the result of conventional risk-aware planner using additive state-dependent risk. Due to the assumption of state-dependency, action length, turn, and tether length, number of contacts cannot be properly addressed by the planner. The only possible risk elements are distance to closest obstacle and visibility, which are evaluated based on state alone. Their risk values at each state are combined using normalization and weighted sum (identical weights for both risk elements in the examples) and summed up along the entire path. Using this approach, the planner will find the path shown in Fig. (a)a, since this is the minimum risk path according to the conventional additive state-dependent risk representation and could be found by traditional search-based algorithms, such as Dijkstra’s or A*. The path shown in Fig. (b)b, however, will be neglected, since it is supposed to have a higher risk according to the additive state-dependent risk representation.

Fig. (b)b shows the result of the proposed risk-aware planner using probabilistic history-dependent risk. All six risk elements from all three risk categories could be properly addressed by the proposed planner, with the optimality of locale-dependent and action-dependent risk elements guaranteed. The risk at each state is now formulated as the probability of the robot not being able to finish the state, displayed in color. The probability of not being able to finish the path, as risk of the path, is computed using Eqn. 3. The two-step look-back in the proposed risk-aware planner makes sure that history dependencies of risk up to actions could be addressed optimally. The traverse-dependent risk elements, however, are only suboptimal, or in other words, optimal up to two states in the history of the traverse, not the entire history to the start. As shown by Fig. 6, the risk aware-planner is willing to sacrifice distance to closest obstacle and visibility (locale-dependent) for shorter action length, less aggressive turn (action-dependent), and shorter tether length, fewer tether contacts (traverse-dependent).

One example of why the proposed risk-aware planner cannot optimally address traverse-dependent risk elements is shown in Fig. 7. Take wheel traction/slippage as an example of traverse-dependent risk element and assume the robot has two muddy areas to negotiate with in the workspace: the minimum risk path to could be the black path, since is in a clean area and the mud built up on the robot wheels would not cause significant risk at . However, if the robot keeps venturing into , which is another muddy area, the mud built up on the wheels from the first muddy area may cause major risk and the robot has very high probability of getting stuck at . The green path becomes less risky, since the risk associated with the extra length and turns are justified by keeping clean wheels and reliable traction. However, the green path can never been found by the proposed risk-aware planner, since two-step look-back (from looking back to and the state left to ) cannot cover sufficient depth into history to find the green path. Therefore, for traverse-dependent risk element, only risk caused by the last two steps could be properly addressed, in the similar way as how action-dependent risk element is addressed.

Fig. 7: Failure Case due to Traverse-Dependency

Iv-D Tradeoff: Computation Complexity vs. Dependency Depth

Although it is shown above that the proposed risk-aware planner is not optimal with respect to general traverse-dependent risk elements, it is possible that look-back into more steps in the history can direct the planner closer to the true optimal path, but at the cost of computation. Fig. 8 shows the potential extension of the proposed risk-aware planner in order to be able to address more depth in history dependency. The proposed risk-aware planner looks two-step back into the history and therefore augments every original vertex into directional components (as the four partitions in the left state of Fig. 8, assuming ). If three-step look-back is necessary, the original vertex could be augmented into directional components (as the sixteen partitions in the second to left state of Fig. 8, assuming ). By the same token, an arbitrary number -step look-back requires directional components. The deepest possible history dependency is steps, as the longest simple paths have vertices (here, is trivially equivalent to ) and the complexity would be . The complexities of the proposed risk-aware path planner (2-step look-back), potential 3-step look-back planner, general risk-aware planner (-step look-back), and omnipotent risk-aware planner with full history dependency are shown in Fig. 8. The omnipotent risk-aware planner with full history dependency is supposed to guarantee optimality with even traverse-dependent risk elements, but the computation is intractable.

Fig. 8: Potential Extension of the Proposed Risk-Aware Planner: Trading more computation for deeper history dependency (Graphical illustrations assume 4-connectivity as example)

V Integrated Demonstration

This section presents an integrated demonstration using physical robot locomoting in real-world unstructured or confined environment to validate the results of risk reasoning and risk-aware planning.

V-a Robot Mission

A tethered UAV working as an aerial visual assistant for a tele-operated primary ground robot [19] in a confined staircase is used to validate the results. The marsupial robot team locates at the second level of the staircase. The teleoperation task of the primary ground robot is to insert a sensor between stair railings and drop it into a pool of contamination at the bottom for radioactivity strength reading. This resembles a scenario in Fukushima Daiichi nuclear disaster response.

The map of the environment is given and there exist two good viewpoints to visually assist the sensor insertion task at the point of interest. Based on the proposed risk reasoning framework, the risk-aware planner needs to plan two paths from the UAV initial location to the two good visual assistance viewpoints (Fig. 9).

Fig. 9: Greyscale voxels represent occupied spaces. Magenta circle shows initial UAV location. Yellow star is the Point of Interest, i.e. the insertion point of the manipulator arm between the railings. The two cameras are good viewpoints.

V-B Risk Reasoning and Risk-aware Planning Results

Six different risk elements are considered: distance to closest obstacle (Dist.) and visibility (Vis.) (locale-dependent), action length (A. L.) and turn (action-dependent), tether length (T. L.) and number of tether contacts (Cont. #) (traverse-dependent). The choice of these six risk elements are due to their relevance to this particular robot platform in this particular unstructured or confined scenario, the practicality or availability of necessary risk information, and the representativeness of the three major risk categories. The minimum risk path to the two good viewpoints are planned, shown in Fig. 9 left.

The red path aims at one good viewpoint between the two staircase railings. Since a direct path needs to go through spaces confined by staircase railings and walls, the UAV needs to maneuver through those spaces to remain far away from obstacles and high visibility, but at the cost of a longer path and more turns. The risk associated with the red path is evaluated to be 0.714. The detailed risk representation for each state and each individual risk element on the red path is shown in Tab. I. The last column shows the state risk the robot faces at each state.

Index Dist. Vis. A. L. Turn T. L. Cont. # State
0 0.01 0.02 0 0 0.01 0 0.04
1 0.01 0.02 0.04 0 0.01 0 0.08
2 0.01 0.02 0.04 0 0.01 0 0.08
3 0.01 0.02 0.04 0 0.01 0 0.08
4 0.01 0.01 0.04 0 0.02 0 0.08
5 0.01 0.01 0.04 0 0.02 0 0.08
6 0.01 0.01 0.06 0.05 0.02 0 0.14
7 0.01 0.01 0.05 0.05 0.03 0 0.14
8 0.01 0.01 0.05 0 0.04 0 0.11
9 0.02 0.02 0.04 0.05 0.04 0 0.16
10 0.03 0.04 0.05 0.05 0.04 0 0.19
TABLE I: Detailed Risk Representation for Red Path
Index Dist. Vis. A. L. Turn T. L. Cont. # State
0 0.01 0.02 0 0 0.01 0 0.04
1 0.01 0.02 0.04 0 0.01 0 0.08
2 0.01 0.02 0.04 0 0.01 0 0.08
3 0.01 0.02 0.04 0 0.01 0 0.08
4 0.03 0.01 0.06 0.05 0.02 0 0.16
5 0.04 0.01 0.06 0 0.02 0 0.12
6 0.02 0.01 0.06 0 0.03 0 0.12
7 0.01 0 0.05 0.05 0.03 0 0.13
TABLE II: Detailed Risk Representation for Green Path

The green path aims at the other viewpoint in the wide open space in the middle of the staircase. Going there straight from the initial location needs to closely pass by the top of the railings. The planner chooses to make a slight detour to enlarge the clearance. However, maximizing distance and visibility has longer path and more turns as cost, so the planner chooses a compromise in between, shown as the 45° middle segment on the green path: the UAV does not fully sacrifice path length and twistiness for clearance, so it cuts through the free space with a straighter path and slightly (not completely) avoids the obstacles. The risk associated with the green path is evaluated to be 0.575 (computed from Tab. II). No contact points are formed in either cases.

It is worth to note that using the traditional state-dependent only risk representation, the red path has a lower additive risk, because it maintains a relatively low state-dependent risk at most of the states on the path. The green path, however, would have higher risk, due to the compromise of locale-dependent (distance and visibility) for action-dependent risk elements (action length and turns). Although overall the compromise reduces path risk, it cannot be reflected by the traditional state-dependent risk representation.

V-C Experimental Results and Discussions

Ten experimental trials each are conducted autonomously for the two paths. Path execution is manually terminated when the tethered UAV is unable to finish a state (collision or stuck). Tab. III shows the results of the 20 trials, either success or failure. The reasons of failure are specified.

Trial # Red Path Green Path
1 Collision w. railings Collision w. wall
2 Oscillation Success
3 Success Oscillation
4 Collision w. wall Success
5 Oscillation Collision w. railings
6 Oscillation Success
7 Success Collision w. wall
8 Collision w. wall Contacts formed, localization lost
9 Collision w. railings Success
10 Oscillation Contacts formed, localization lost
Fail. Rate 0.8 0.6
TABLE III: Experimental Trials and Success/Failure

For the red path, only two out of the ten experimental trials are successful. The other eight trials fail due to different reasons: trial 1, 4, 8, and 9 fail because collision with railings or wall. Another reason for failure is oscillation. This happens primarily when the UAV is maneuvering to maintain a high obstacle clearance. The turning and long path have the potential of inducing extra turbulence in the confined staircase, therefore the rotorcraft can no longer maintain stability. Oscillation leads to collision or not being able to reach a certain state. The 80% failure rate is close to the 0.714 risk. Green path execution achieves 60% failure rate, which is also close to the 0.575 risk value. While in trial 1, 5, and 7 the UAV collides with the obstacles and it starts oscillate in trial 3, another important failure reason is the accidentally formed tether contact due to the closeness to the railings. But overall speaking, the relatively open space in the center of the staircase and the straightness and shortness contribute to a less risky path. Although the risk value caused by each individual risk element is only an empirical estimation, six and eight failures out of ten trials are sufficiently close to the 0.575 and 0.714 risk value, respectively. The proposed theoretical risk reasoning framework matches closely with the real-world failure rate.

Fig. 10 shows the locations of failure. The numbers on the left correspond to the failure trial numbers in Tab. III. Some failure locations only have one failure trial, while others may have multiple. Most failure locations for both cases are in the top part of the path, due to either complex trajectory shape (longer path and more turns for red path) or closeness to obstacles (collision or tether contact with obstacles for green path). It roughly matches with the state risk values in the last column of Tab. I and Tab. II: the high state risk values are correlated with more failure cases at that particular state in the physical experiments. Inspecting the failure reasons (Tab. III) and failure locations (Fig. 10), it could be seen that for red path most failures are caused by action-dependent risk elements while the effect of locale-dependent risk elements is minimized. But for green path, due to the sacrifice of locale-dependent risk elements for shorter path length and fewer turns (action-dependent risk elements), obstacles near states cause more possibility of failure to finish the path.

(a) Red Path Failure Locations
(b) Green Path Failure Locations
Fig. 10: Failure Locations on Both Paths: The numbers correspond to the trial number in Tab. III, indicating this particular trial is terminated at the state denoted by cyan diamonds.

Vi Conclusion

This paper proposes a robot motion risk reasoning framework using propositional logic and probability theory. Risk is formally defined as the probability of the robot not being able to finish the path. The use of formal methods reveals risk’s non-additivity and history-dependency, which was assumed otherwise in the existing literature. Built upon a comprehensive risk universe, three categories of risk elements are introduced: locale-, action-, and traverse-dependent. Based on the proposed risk reasoning framework, a risk-aware planner is developed to take risk’s newly discovered properties into account. It finds minimum risk path for locale- and action-dependent risk elements. But for traverse-dependency, optimality cannot be guaranteed. The trade-off between computation complexity and history dependency depth is discussed. The results of applying the risk reasoning framework and risk-aware planner to a tethered UAV flying in a real-world unstructured or confined environment is compared with the proposed theory, and the actual motion failure rate could be roughly reflected by the risk value. Future work will focus on developing better models to compute risk values for individual risk elements and more efficient approaches to extend history dependency depth.


This work is supported by NSF 1637955, NRI: A Collaborative Visual Assistant for Robot Operations in Unstructured or Confined Environments.


  • [1] R. R. Murphy, Disaster robotics.   MIT press, 2014.
  • [2] R. R. Murphy, J. Kravitz, S. L. Stover, and R. Shoureshi, “Mobile robots in mine rescue and recovery,” IEEE Robotics & Automation Magazine, vol. 16, no. 2, pp. 91–103, 2009.
  • [3] A. Soltani and T. Fernando, “A fuzzy based multi-objective path planning of construction sites,” Automation in construction, vol. 13, no. 6, pp. 717–734, 2004.
  • [4] L. De Filippis, G. Guglieri, and F. Quagliotti, “A minimum risk approach for path planning of uavs,” Journal of Intelligent & Robotic Systems, vol. 61, no. 1-4, pp. 203–219, 2011.
  • [5] M. Zabarankin, S. Uryasev, and P. Pardalos, “Optimal risk path algorithms,” in Cooperative control and optimization.   Springer, 2002, pp. 273–298.
  • [6] D.-W. Gu, I. Postlethwaite, and Y. Kim, “A comprehensive study on flight path selection algorithms,” in Target Tracking: Algorithms and Applications, 2006. The IEE Seminar on (Ref. No. 2006/11359).   IET, 2006, pp. 77–90.
  • [7] A. A. Pereira, J. Binney, B. H. Jones, M. Ragan, and G. S. Sukhatme, “Toward risk aware mission planning for autonomous underwater vehicles,” in Intelligent Robots and Systems (IROS), 2011 IEEE/RSJ International Conference on.   IEEE, 2011, pp. 3147–3153.
  • [8] A. A. Pereira, J. Binney, G. A. Hollinger, and G. S. Sukhatme, “Risk-aware path planning for autonomous underwater vehicles using predictive ocean models,” Journal of Field Robotics, vol. 30, no. 5, pp. 741–762, 2013.
  • [9] J. Krumm and E. Horvitz, “Risk-aware planning: Methods and case study for safer driving routes.” in AAAI, 2017, pp. 4708–4714.
  • [10] B. Luders, M. Kothari, and J. How, “Chance constrained rrt for probabilistic robustness to environmental uncertainty,” in AIAA guidance, navigation, and control conference, 2010, p. 8160.
  • [11] B. D. Luders, S. Karaman, and J. P. How, “Robust sampling-based motion planning with asymptotic optimality guarantees,” in AIAA Guidance, Navigation, and Control (GNC) Conference, 2013, p. 5097.
  • [12] A. Undurti and J. P. How, “An online algorithm for constrained pomdps,” in Robotics and Automation (ICRA), 2010 IEEE International Conference on.   IEEE, 2010, pp. 3966–3973.
  • [13] A. Undurti, A. Geramifard, and J. P. How, “Function approximation for continuous constrained mdps.”
  • [14] A. Undurti and J. P. How, “A decentralized approach to multi-agent planning in the presence of constraints and uncertainty,” in Robotics and Automation (ICRA), 2011 IEEE International Conference on.   IEEE, 2011, pp. 2534–2539.
  • [15] P. Santana, S. Thiébaux, and B. Williams, “Rao*: an algorithm for chance constrained pomdps,” in Proc. AAAI Conference on Artificial Intelligence, 2016.
  • [16] M. Ono and B. C. Williams, “An efficient motion planning algorithm for stochastic dynamic systems with constraints on probability of failure.” in AAAI, 2008, pp. 1376–1382.
  • [17] M. P. Vitus and C. J. Tomlin, “On feedback design and risk allocation in chance constrained control,” in Decision and Control and European Control Conference (CDC-ECC), 2011 50th IEEE Conference on.   IEEE, 2011, pp. 734–739.
  • [18] X. Xiao, J. Dufek, M. Suhail, and R. Murphy, “Motion planning for a uav with a straight or kinked tether,” in 2018 IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS).   IEEE, 2018, pp. 8486–8492.
  • [19] X. Xiao, J. Dufek, and R. R. Murphy, “Autonomous visual assistance for robot operations using a tethered uav,” in Field and Service Robotics.   Springer, 2019.
Comments 0
Request Comment
You are adding the first comment!
How to quickly get a good reply:
  • Give credit where it’s due by listing out the positive aspects of a paper before getting into which changes should be made.
  • Be specific in your critique, and provide supporting evidence with appropriate references to substantiate general statements.
  • Your comment should inspire ideas to flow and help the author improves the paper.

The better we are at sharing our knowledge with each other, the faster we move forward.
The feedback must be of minimum 40 characters and the title a minimum of 5 characters
Add comment
Loading ...
This is a comment super asjknd jkasnjk adsnkj
The feedback must be of minumum 40 characters
The feedback must be of minumum 40 characters

You are asking your first question!
How to quickly get a good answer:
  • Keep your question short and to the point
  • Check for grammar or spelling errors.
  • Phrase it like a question
Test description