Communication protocols for a fault-tolerant automated highway system

We present the design and verification of inter-vehicle communication protocols for the operation of an automated highway system in the presence of faults. The protocols form part of a fault-tolerant control hierarchy proposed in earlier work. Our goal here is to implement discrete-event supervisory controllers to stop the faulty vehicle or take it out of the highway in a safe manner. Because these actions require cooperation among vehicles in the neighborhood of the faulty vehicle, the supervisory controllers are implemented by means of intervehicle communication protocols. The logical correctness of the proposed protocols is verified using automatic verification tools. We discuss the safety of the proposed design in terms of the possibility of collisions and highlight the problems associated with carrying out a complete safety analysis.