Robert C. Kohout, James A. Hendler, David J. Musliner
"Mission-critical" systems, which include such diverse applications as nuclear power plant controllers, "fly-by-wire" airplanes, medical care and monitoring systems, and autonomous mobile vehicles, are characterized by the fact that system failure is potentially catastrophic. The high cost of failure justifies the expenditure of considerable effort at design-time in order to guarantee the correctness of system behavior. This paper examines the problem of guaranteeing safety in a well studied class of robot motion problems known as the "asteroid avoidance problem." We establish necessary and sufficient conditions for ensuring safety in the simple version of this problem which occurs most frequently in the literature, as well as sufficient conditions for a more general and realistic case. In doing so, we establish functional relationships between the number, size and speed of obstacles, the robot' s maximum speed and the conditions which must be maintained in order to ensure safety.