SEsCPS '18- Proceedings of the 4th International Workshop on Software Engineering for Smart Cyber-Physical Systems

Full Citation in the ACM Digital Library

SESSION: Keynote

Multi-paradigm modelling of cyber-physical systems: extended abstract

The networking of multi-physics (mechanical, electical, hydraulic, biochemical, ...) with computational systems (control systems, signal processing, logical inferencing, planning, ...) processes, interacting with often uncertain environments, with human actors, in a socio-economic context, leads to so-called Cyber-Physical Systems (CPS).

Cyber-physical systems are reaching a hitherto unseen level of complexity. To date, no unifying theory nor systematic design methods, techniques and tools exist for such systems. Individual (mechanical, electrical, network or software) engineering disciplines only offer partial solutions.

Multi-paradigm Modelling (MPM) proposes to model every part and aspect of such complex systems explicitly, at the most appropriate level(s) of abstraction, using the most appropriate modelling formalism(s). This includes the explicit modelling of the often complex engineering workflows. Modelling language engineering, including model transformation languages, and the study of the semantics of these languages, are used to realize MPM. MPM is seen as an effective answer to the challenges of designing CPS.

This presentation introduces some of the challenges of collaborative development of CPS as well as possible multi-paradigm modelling solutions such as (in-)consistency management and co-simulation.

SESSION: Modeling and validation

Handling system complexity in sCPS: usable design space exploration

With a growing demand for complex features in smart cyber physical systems, the design of such system is getting increasingly complex. These features demand sound and scalable approaches to deal with the increasing design space. Consequently, standards (e.g. like ISO26262) propose methods and techniques for the systematic development of (in this case: automotive) systems. The growing amount of functionality correspondingly require more powerful electronic platforms and thus methods to deal with the integration. In this paper, we describe drivers for complexity and illustrate how formal methods, namely design space exploration techniques, can be applied to deal with this complexity. This approach is based on requirements defined by the given standards and supports the system designer by a (semi-) automatic approach to handle the complexity in system design - already in early design phases.

A semi-automated approach to foster the validation of collaborative networks of cyber-physical systems

Cyber-physical systems form collaborative networks dynamically at runtime. In the collaboration of multiple systems, behavior emerges in the interplay of the collaborating instances. This emergent behavior raises challenges for the validation of cyber-physical systems' software, since interoperability of the single systems as well as functional correctness of the entire network of collaborative cyber-physical systems must be validated for all possible configurations of the network. Such network configurations differ, among others, in the number of participating systems, the number of system types involved, and the communication patterns between the participating systems. To aid the validation of behavior emerging from the collaboration, this paper proposes the automated generation of dedicated review diagrams to investigate the collaborative network's behavior for different network configurations. First evaluations using case examples from industry partners show that the use of such automatically generated instance level review diagrams can support the validation of collaborative cyber-physical systems.

On early statistical requirements validation of cyber-physical space systems

Cyber-physical space systems are becoming increasingly important. Such systems have to satisfy requirements that are heavily affected by the physical space they operate in and by the active entities inhabiting the space, whose dynamic behaviors generate continuous topological changes. Reasoning about requirements in the early design phases is extremely challenging. High-level design can be facilitated by systematic application of separation of concerns throughout modeling, analysis, and early requirements validation. We outline an approach that identifies key recurrent concerns arising in cyber-physical space systems, supports systematic and semi-automatic modeling of separate concerns, and a formally defined composition of the separately developed models. Early requirements validation is then supported by leveraging statistical model checking techniques. We illustrate our approach through an example disaster scenario in a smart city.

SESSION: Planning and trustworthiness

Towards explainable multi-objective probabilistic planning

Use of multi-objective probabilistic planning to synthesize behavior of CPSs can play an important role in engineering systems that must self-optimize for multiple quality objectives and operate under uncertainty. However, the reasoning behind automated planning is opaque to end-users. They may not understand why a particular behavior is generated, and therefore not be able to calibrate their confidence in the systems working properly. To address this problem, we propose a method to automatically generate verbal explanation of multi-objective probabilistic planning, that explains why a particular behavior is generated on the basis of the optimization objectives. Our explanation method involves describing objective values of a generated behavior and explaining any tradeoff made to reconcile competing objectives. We contribute: (i) an explainable planning representation that facilitates explanation generation, and (ii) an algorithm for generating contrastive justification as explanation for why a generated behavior is best with respect to the planning objectives. We demonstrate our approach on a mobile robot case study.

On the feasibility of automatically detecting and recovering from SEUs in cyber-physical space systems

The past decade has seen explosive growth in the use of small satellites. As these small, typically short-lived and risk-tolerant platforms are increasingly adopted for spaceflight missions, there has been a growing trend to place more responsibility on the flight software (versus hardware) and an increasing adoption of consumer-grade microprocessors to satisfy this desire for increased processing capability while still minimizing size, weight, and power parameters. These consumer-grade processors, however, are more susceptible to cosmic radiation and the occurrence of single event upsets (SEUs). In this paper, we present an initial exploration into the feasibility of implementing automated detection and recovery mechanisms to mitigate SEUs within these cyber-physical spaceflight systems.

On using blockchains for safety-critical systems

Today's industries in various domains are becoming more and more driven by software as innovator. They range from web applications powering our increasingly digitalized daily lives to deeply embedded systems driving complex and safety-critical cyber-physical systems (CPS) as in, for example, self-driving vehicles. Companies need to continuously rejuvenate their product portfolio for adopting new ideas to remain competitive. A recent idea that is permeating from its original application domain of financial use cases are blockchains, where researchers and companies try to apply key ideas behind them to other domains.

SESSION: Reference problems

Enabling cyber-physical systems for 5G networking: a case study on the automotive vertical domain

5G is the next generation networking infrastructure with a strong focus on requirements of various vertical domains. 5G brings improvements on networking performance but also introduces new services for deploying software involving networking aspects in an end-to-end manner from the edge to the cloud, affecting the way we will deploy software. One of the most promising verticals is the Automotive Vertical, where 5G will bring characteristics such as low delays and high bandwidth, enabling complex V2X scenarios. This paper reports experiments made using a popular 5G technology, called NFV Management and Orchestration platform, the Open Source MANO (OSM), by remotely placing Virtual Network Functions to Vehicles containing a smart Edge Device for: i) remotely monitoring through the OBD-II interface and ii) video streaming between V2V for assisted overtaking. The described process can be applied to other types of systems containing a smart Edge Device, enabling them as networking resources of future 5G network deployments, demonstrating how future CPSs could be engineered and benefit from emerging 5G services*

A building automation case study setup and challenges

Smart buildings will play a fundamental role in ensuring comfort while reducing the energy required. However, due to the lack of knowledge about the operation of the smart controllers, the occupants can unintentionally increase the energy spent. Nevertheless, there is evidence that the informed and motivated user will actually cooperate with the system.

Some of the issues associated with researching control systems in the context of building automation are difficult to address, because of the chronic lack of effective laboratory settings for experimentation. In this paper, we describe a system representative of the usual complexity found in cyber-physical systems, whose purpose is to address the needs for experimenting with building automation, with a focus on control systems and gamification. Designed with pragmatic concerns, this system presents a unique set of challenges and opportunities to research a new generation of software control systems, and supporting interfaces, that leverage the occupants' behaviour.

A curated corpus of simulink models for model-based empirical studies

Recent years have seen many empirical studies of model-based cyber-physical systems and commercial CPS development tool chains such as Matlab/Simulink. To benefit such research, this paper presents the by-far largest corpus of freely available Simulink models to date, containing over 1,000 models.

Surprising findings based on this corpus include that (a) tool support for metric collection is not adequate and (b) users do not reuse model components as they would in object-oriented programs. The paper both confirms and contradicts earlier findings that are based on significantly fewer models, suggesting the utility of the corpus for future research. While others have not yet leveraged this model corpus, we hope that our freely available corpus and infrastructure will benefit future model-based empirical research and tool development efforts, by reducing the model-collection overhead and thus easing evaluation.

Shipboard power system reconfiguration: a self-adaptation exemplar

The Shipboard Power System (SPS) is the component responsible for granting energy to navigation, communication, and operational systems. The SPS Reconfiguration is the ability to react to electrical failure and to restore critical operations for granting vessel survivability. This work illustrate why SPS Reconfiguration software system may be implemented as a self-adaptive system.

To illustrate this relation we exploit a systematic classification of SPS reconfiguration methods, by highlighting terms and attributes related to self-adaptive systems. In particular, the research method considers four types of self-adaptation systems with different degrees of autonomy and proactivity. The corresponding data analysis highlights a strong correlation between SPS Reconfiguration and Self-Adaptive systems, revealing most of the SPS reconfiguration techniques found in literature often belong to three of the four types of adaptation.

The outcome of the paper is proposing SPS as an interesting benchmark for comparing self-adaptive approaches, also highlighting scenarios, tasks, norms goals and quality aspects with the support of the IEEE specifications.