Design By Contract #135
Comments
|
Not that I'm aware of. We've discussed having a "node IDL" where you could define what the topics and their types ought to be separately from the code. This could be used to verify the system you have assembled actually should communicate with one another. But I don't think we have thought to include qualitative things like publish rates. I'm not sure what the reaction to a topic being too fast or slow should be, a warning, an error, a diagnostics notice? |
|
I do not really know about IDLs. Is there an article about the concept somewhere in the wiki or in a website article? Would the "node IDL" address services and actions as well? How could this be used to verify a system in detail? As in usual sw integration testing including qualitative things like publish rates would only allow to make some rough estimate about overall system dynamics and should not be considered as testing I guess. Assuming the verification overhead would have "neglect able" impact on the dynamic overall system behavior it could be helpful during node integration because verification would be faster, easier and more probable than with rostest tests. Assertions for precondition checking, invariant (unwanted side effect) checking and postcondition checking are usually enabled just in debug builds and disabled in release builds (due to the impact on performance). Failing checks are considered as actual bug when they are "internal" to a component or an whole application during development. However if a component is "public" exceptions are usually used instead at the API level because failing checks are considered miss-use then which can potentially be handled by higher level application code. |
IDL is just a generic term (in this case) which means a language used to describe an interface. In this case the interface of Node, which might include things like parameters, topics, actions, services, etc...
It's not specific to ROS or our stuff here, but: https://en.wikipedia.org/wiki/Interface_description_language
If you knew, based on the IDL of two packages A and B, that A published to |
|
I don't think we have any plans to pursue this in the short term. But I'm sure it's a topic others might be interested in discussing. It would be worth talking about it in the context of ROS 1 as well since I don't think there is anything ROS 2 specific about this idea, though we might have a chance to make it easier if we can identify what in ROS 1 is lacking to make it easier to do. Feel free to continue the discussion here, but I'd recommend moving it to https://discourse.ros.org instead. To that end I'll close this for now, but it can be commented on or reopened in the future if needed. |
That means that an IDL would allow static code analysis by means of verifying the "static" behaviour of node interfaces. However "Design By Contract" implementations target at checks during system runtime and addresses "dynamic" behaviour as well.
I would love to have DbC in ROS1 as well 😉. I am sure people which want to implement high reliability, safety and/or real-time behaviour into the overall system will be interested in the topic.
I will move the move/copy the issue to https://discourse.ros.org and reference it here. |
Is it planned to add "Design By Contract" functionality to ROS2?
On the node level the following considerations come into mind (impact of DbC on timing):
The text was updated successfully, but these errors were encountered: