Validation and Veriﬁcation Issues in a Timeline-based Planning System A. Cesta † and A. Finzi ‡ and S. Fratini † and A. Orlandini * and E. Tronci § † ISTC-CNR, Via S.Martino della Battaglia 44, I-00185 Rome, Italy ‡ DSF “Federico II” University, Via Cinthia, I-80126 Naples, Italy * DIA “Roma TRE” University, Via della Vasca Navale 79, I-00146 Rome, Italy § DI “La Sapienza” University, Via Salaria 198, I-00198 Rome, Italy Abstract One of the key points to take into account to foster ef- fective introduction of AI planning and scheduling sys- tems in real world is to develop end user trust in the related technologies. Automated planning and schedul- ing systems often brings solutions to the users which are neither “obvious” nor immediately acceptable for them. This is due to the ability of these tools to take into account quite an amount of temporal and causal constraints and to employ resolution processes often de- signed to optimize the solution with respect to non triv- ial evaluation functions. To increase technology trust, the study of tools for ver- ifying and validating plans and schedules produced by AI systems might be instrumental. In general, valida- tion and veriﬁcation techniques represent a needed com- plementary technology in developing domain indepen- dent architectures for automated problem solving. This paper presents a preliminary report of the issues con- cerned with the use of two software tools for formal veriﬁcation of ﬁnite state systems to the validation of the solutions produced by MrSPOCK, a recent effort for building a timeline based planning tool in an ESA project. Introduction Designing Artiﬁcial Intelligence (AI) planning and schedul- ing systems suitable for supporting human mission planners in their daily work is a challenging research stream at ESA (the European Space Agency) and in other space agencies. The APSI (Advanced Planning and Scheduling) initiative at ESA-ESOC is an example of research activity aimed at demonstrating the effectiveness of AI in support of inter- nal long term programs. As already known, space applica- tions introduce very challenging problems for Planning and Scheduling (P&S) technologies that compete with a number of reasoning and automated control tools in the aim to chal- lenge their own autonomous features to face such a prob- lems. Frequently, models and solutions proposed are very complex and even engineers, designers and scientists can have difﬁculties in validating and verifying them by sim- ple inspection. Then, automated Validation and Veriﬁcation (V&V) techniques are an important contribution, adding value in such kind of applications. In fact, a failure from an automated decision may have a dramatic impact in terms of loss of either science activities or money or even human life. It is quite commonly acknowledged that integration of V&V capabilities in general purpose P&S architectures may have a signiﬁcant impact on the common use of our refer- ence technology. Validation of planning models has been studied in sev- eral works 1 . For instance, in (Pecheur and Simmons 2001; Khatib, Muscettola, and Havelund 2001) Livingstone and HSTS domain models are validated exploiting model check- ing techniques. In (Smith et al. 2005), formal veriﬁcation is used in order to check the existence of undesirable plans with respect to the domain model. While, VAL (Howey and Long 2003) is a plan validation tool for PDDL that was suc- cessfully used during the International Planning Competi- tion since 2002. Current AI planning literature shows how timeline- based planning can be an effective competitor for classi- cal planning to tackle complex domains which require the use of both temporal reasoning and scheduling features (see (Muscettola 1994; Jonsson et al. 2000; Frank and Jon- sson 2003; Smith, Frank, and Jonsson 2000)). The work described here is connected to timeline planning because of a general effort to build a reusable software framework for modeling space missions problems using timelines (see (Cesta, Fratini, and Pecora 2007)). The timeline-based ap- proach models the P&S problem by identifying a set of relevant features of the planning domain which need to be controlled to obtain a desired temporal behavior. Time- lines model entities whose properties may vary in time and which represent one or more physical (or logical) subsys- tems which are relevant to a given planning context. The planner/scheduler plays the role of the controller for these entities, and reasons in terms of constraints that bound their internal evolutions and the desired properties of the gener- ated behaviors (goals). In our current work we plan to explore different perspec- tives in the integration of V&V with timeline based planning and scheduling techniques. The long term goal is to obtain a software environment in which both technologies are in- tegrated and the application developers may take advantage of the co-existence of the two tools while knowledge en- gineering new application. Indeed, we are currently in an 1 See also a speciﬁc workshop at ICAPS-05.