C ASE S TUDY - arm 2 P RODUCTION C ELL arm 1 elevating rotary - - PowerPoint PPT Presentation

dependability engineering & Petri nets Mai 2005 D:\mh\docs\lv\nl\nl_skript\nl10_ex_production_cell.sld.fm 10 - 1 / 32

BrandenburgTechnical University at Cottbus, Computer Science Institute

CASE STUDY - PRODUCTION CELL

MONIKA HEINER PETER DEUSSEN JOCHEN SPRANGER {mh, pd, jsp}@informatik.tu-cottbus.de http://www.informatik.tu-cottbus.de

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 2 / 32

feed belt (belt 1) deposit belt (belt 2) elevating rotary table robot arm 1 arm 2 press travelling crane

PRODUCTION CELL

14 sensors 34 commands

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 3 / 32

INFORMAL SAFETY REQUIREMENTS ( 21)

❑ The press must not be moved downward, if sensor 1 is true, and t must not be moved upward, if sensor 3 is true.

• > Restrictions of machine mobility.

❑ The press may only be closed, when no robot arm is positioned inside it.

• > Avoidance of machine collisions.

❑ The feed belt may only convey a blank through its light barrier, if the table is in loading position.

• > Blanks are not dropped outside safe areas.

❑ Blanks may not be put into the press, if it is already loaded.

• > Insurance of a sufficient distance

between consecutively processed blanks.

additional requirements related to design consistency:

❑ The robot swivel is either stopped or moves in exactly one direction. ❑ ...

Σ

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 4 / 32

cooperation model communication pattern controller refined controller analysis analysis analysis analysis control model analysis analysis instantiating refinement composition composition

1. 2. 3. 4.

BOTTOM-UP DESIGN AND ANALYSIS:

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 5 / 32

COOPERATION MODEL, BASIC DESIGN PRINCIPLES

❑ production cell = pipeline of machines ❑ each machine takes plates from some input places; processes them; puts plates on some output places; ❑ cooperation region between two consecutive machines ❑ mutual exclusive shared resources robot swivel (to rotate both arms) physical regions (intersection of trajectories

• f different machines)

input region

• utput

region machine controller machine1 machine2 cooperation region

mutual exclusion region

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 6 / 32

BOUNDED PROCON PATTERN

CONSUMER PRODUCER

input_area_free input_available

• utput_area_free
• utput_available

belts input_area_free input_available

• utput_area_free
• utput_available

arms/crane input_area_free input_available

• utput_area_free
• utput_available

table/press controller ready_to_consume ready_for_processing

• utput_available
• utput_area_free

processing consume produce processing input_available input_area_free ready_for_processing ready_to_produce

THREE TYPES OF COOPERATION PATTERN

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 7 / 32

(A) INDEPENDENT INPUT/OUTPUT

❑ arms/crane: step-wise synchronization with only one of the adjacent controllers, ❑ pattern property, e.g. ❑

step1 input_available input_area_free

∨

( ) ¬

→

( ) GA

• utput_available

unlock_output_area step3 -> unloading

• utput_area_free

lock_output_area step2 -> transporting input_area_free unlock_input_area input_available step1 -> loading lock_input_area idle

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 8 / 32

(B) DEPENDENT INPUT/OUTPUT

❑ belts: simultaneous control of input and output region ❑ pattern property ❑

step2 input_available input_area_free ∨ ∨

(

¬ →

(

GA

• utput_area_free
• utput_available ))

∨ ∨ input area free unlock output area step3

• utput available

unlock_input_area input_available

• utput_area_free

step2 -> transporting lock_output_area step1 lock_input_area idle

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 9 / 32

(C) MUTUALLY EXCLUSIVE INPUT/OUTPUT

❑ table/press: the controller must always hold a lock on one of its cooperation regions; ❑ pattern property ❑

input_available input_area_free ∨ ( ) ¬

∨

( GA

• utput_available
• utput_area_free

∨ ( )) ¬ input area free unlock input area step3 -> go to load position

• utput area free

lock output area input available

• utput available

step2 -> ready for unloading unlock output area step1 -> go to unload position lock input area idle (and having control

• ver output area)

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 10 / 32

THREE TYPES OF

COOPERATION PATTERN,

SUMMARY

(A) Independent input/output arms/crane: step-wise synchronization with only one of its adjacent controllers, e.g. crane: (B) Dependent input/output belts: simultaneous control of input and output region e.g. feed belt: (C) Mutually exclusive input/output table/press: the controller must always hold a lock on one of its cooperation regions, e.g. table:

ch_DC_free ch_DC_full ∧ ( ) ¬ ch_CF_free ch_CF_full ∧ ( ) ¬ ∨ ( ) GA feed_belt_transporting ch_CF_free ch_CF_full ch_FT_free ch_FT_full ∨ ∨ ∨ ( ) ¬ → ( ) GA ch_FT_full ch_FT_free ∨ ( ) ¬ ch_TA1_full ch_TA1_free ∨ ( ) ¬

∨

( ) GA

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 11 / 32

THREE TYPES OF

COOPERATION PATTERN, SUMMARY

arms / crane

(independent input / output)

feed / deposit belt

(dependent input / output)

input area free put output belt empty

• utput available

unlock input area input available

• utput area free

transporting lock output area belt occupied take input idle

• utput available

go in unloading

• utput area free

move arm to ungrasp pos storing input area free go in input available loading move arm to grasp pos store free

table / press

(mutually exclusive input / output)

input area free stop turning left

• utput area free

go pos1 input available

• utput available

ready for unloading stop turning right go pos2 ready for loading (and having control

• ver output area)

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 12 / 32

ARM VERSION2

lock output area having swivel having swivel unlock input area

• utput_available

swivel unlock swivel having swivel unlock output area unloading

• utput_area_free

swivel swivel swivel lock swivel storing input_area_free unlock swivel input_available loading lock input area having swivel lock swivel store free

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 13 / 32

ARM VERSION3

lock swivel waiting for swivel having swivel unlock input area

• utput_available

swivel unlock swivel having swivel unlock output area unloading

• utput_area_free

swivel swivel swivel lock output area storing input_area_free unlock swivel input_available loading lock swivel waiting for swivel lock input area store free

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 14 / 32

THREE ARM VERSIONS, SUMMARY

lock swivel waiting for swivel having swivel unlock input area

• utput available

swivel unlock swivel having swivel unlock output area unloading

• utput area free

swivel swivel swivel lock output area storing input area free unlock swivel input available loading lock swivel waiting for swivel lock input area store free lock output area having swivel having swivel unlock input area

• utput available

swivel unlock swivel having swivel unlock output area unloading

• utput area free

swivel swivel swivel lock swivel storing input area free unlock swivel input available loading lock input area having swivel lock swivel store free

• utput available

swivel go in ready to unload

• utput area free

swivel retracted swivel move arm to ungrasp pos storing input area free go in input available ready to load move arm to grasp pos store free

version1 version2 version3

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 15 / 32

SOURCE TEXT EXAMPLES [CASAIS 94A,B]

arm: procedure to take a plate Take /* version2 */ acquire locks on shared resources (swivel) acquire lock on input area move_arm_to_grasppos do_grasp go_in release lock on input area release locks on shared resources (swivel) Take /* version3 */ acquire lock on input area acquire locks on shared resources (swivel) move_arm_to_grasppos do_grasp go_in release lock on input area release locks on shared resources (swivel) belt: procedure to transport a plate Transport acquire lock on input area acquire lock on output area transport release lock on input area release lock on output area

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 16 / 32

CONTROLLER ANALYSIS

ready to produce ready for processing input_area_free input_available processing produce consume processing

• utput_area_free

ready for processing ready to consume PRODUCER CONSUMER controller

• utput_available

ORD HOM NBM PUR CSV SCF CON SC Ft0 tF0 Fp0 pF0 MG SM FC EFC ES Y Y Y Y N Y Y Y N N N N Y N Y Y Y DTP SMC SMD SMA CPI CTI B SB REV DSt BSt DTr DCF L LV L&S Y Y Y Y Y Y Y Y Y N N N Y Y Y Y ORD HOM NBM PUR CSV SCF CON SC Ft0 tF0 Fp0 pF0 MG SM FC EFC ES Y Y Y Y N N Y Y N N N N N N N N Y DTP SMC SMD SMA CPI CTI B SB REV DSt BSt DTr DCF L LV L&S Y Y Y N Y Y Y Y Y N N N Y Y Y Y

ARMS ELSE

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 17 / 32

STEP-WISE COMPOSITION

E.G. SUBSYSTEM: ARM1 - PRESS - ARM2

(ARMS: VERSION2)

ORD HOM NBM PUR CSV SCF CON SC Ft0 tF0 Fp0 pF0 MG SM FC EFC ES Y Y Y Y N N Y Y N N N N N N N N Y DTP SMC SMD SMA CPI CTI B SB REV DSt BSt DTr DCF L LV L&S N Y Y N Y Y Y Y N Y N N ? N N N input_available input_area_free producer consumer swivel ch_PA2_full ch_PA2_free

• utput_area_free
• utput_available

ch_A1P_free ch_A1P_full arm1 arm2 press

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 18 / 32

STEP-WISE COMPOSITION

E.G. SUBSYSTEM: ARM1 - PRESS - ARM2

(ARMS: VERSION3):

input_available input_area_free producer consumer swivel ch_PA2_full ch_PA2_free

• utput_area_free
• utput_available

ch_A1P_free ch_A1P_full arm1 arm2 press ORD HOM NBM PUR CSV SCF CON SC Ft0 tF0 Fp0 pF0 MG SM FC EFC ES Y Y Y Y N N Y Y N N N N N N N N Y DTP SMC SMD SMA CPI CTI B SB REV DSt BSt DTr DCF L LV L&S Y Y Y N Y Y Y Y Y N N N N Y Y Y

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 19 / 32

OPEN SYSTEM,

COARSE STRUCTURE

ORD HOM NBM PUR CSV SCF CON SC Ft0 tF0 Fp0 pF0 MG SM FC EFC ES Y Y Y Y N N Y Y N N N N N N N N Y DTP SMC SMD SMA CPI CTI B SB REV DSt BSt DTr DCF L LV L&S Y Y Y N Y Y Y Y Y N N N N Y Y Y producer consumer swivel ch_PA2_full ch_PA2_free ch_FT_full ch_FT_free ch_A2D_free ch_A2D_full ch_TA1_free ch_TA1_full ch_A1P_free ch_A1P_full ch_CF_full ch_CF_free ch_DC_free ch_DC_full arm1 arm2 feed_belt deposit_belt table press

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 20 / 32

CLOSED SYSTEM,

COARSE STRUCTURE

ORD HOM NBM PUR CSV SCF CON SC Ft0 tF0 Fp0 pF0 MG SM FC EFC ES Y Y Y Y N N Y Y N N N N N N N N Y DTP SMC SMD SMA CPI CTI B SB REV DSt BSt DTr DCF L LV L&S Y Y Y N Y Y Y Y Y N N N N Y Y Y swivel ch_PA2_full ch_PA2_free ch_FT_full ch_FT_free ch_A2D_free ch_A2D_full ch_TA1_free ch_TA1_full ch_A1P_free ch_A1P_full ch_CF_full ch_CF_free ch_DC_free ch_DC_full crane arm1 arm2 feed_belt deposit_belt table press

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 21 / 32

ANALYSIS EFFORTS,

COOPERATION MODEL

places/ transitions DTP Rstub R table / press with init part without init part 13 / 9 12 / 8 (N) 28 12 8 28 24 crane 12 / 8 31 11 48 arms version 1 version 2 version 3 13 / 8 17 / 12 17 / 12 38 109 88 11 15 15 48 112 96 belts 12 / 8 26 8 36 subsystem with arm version 1 arm version 2 arm version 3 25 / 16 33 / 24 33 / 24 175 3.851 (N) 725 47 75 140 640 1.984 1.800

• pen system

51 / 36 1.145 299 77.760 closed system with 1 plate with 2 plates with 3 plates with 4 plates with 5 plates 51 / 36 1.140 36 7 2 94 98 121 864 4.776 12.102 16.362 12.144

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 22 / 32

ANALYSIS EFFORTS

BY SMV (BDD), COOPERATION MODEL

Machine: Hypersparc, 32 MB (britten) Times: user time + system time Model checking of the formula &t AG EF en(t) (lifeness condition)

• Comp. of variable reordering perfomed without model checking, smv options: -f -r inc

subsystem without reordering computation

• f reordering

with reordering time BDD nodes time BDD nodes time BDD nodes controllers belt 0.10” 3962 0.12” 2762 0.04” 3723 table/press 0.09” 2902 0.14” 2149 0.12” 2656 crane 0.12” 4075 0.16” 2643 0.11” 3555 arm version 1 version 2 version 3 0.13” 0.22” 0.23” 4270 10017 9735 0.18” 0.29” 0.35” 2837 5073 5015 0.12” 0.18” 0.21” 3720 9806 8816 composed systems robot (arm version 3) 21.93” 41685 1.00” 7671 6.76” 11829 robot/press with arm version 1 arm version 2 arm version 3 1.88” 11.02” 13.38” 10292 11231 15618 3.14” 9.59” 10.14” 5799 6378 7012 1.08” 8.93” 6.10” 10093 10680 10365

• pen system

343.19” 103319 205.03” 31506 99.80” 44732 closed system with 1 plate with 2 plates with 3 plates with 4 plates with 5 plates 36.29” 77.14” 144.89” 182.46” 275.53” 48984 59467 94818 108414 180507 22.39” 57.40” 69.00” 75.38” 49.90” 8357 12041 16847 20292 14906 13.58” 23.48” 37.10” 54.06” 30.41” 11163 17662 27101 40188 12144

case study: production cell Mai 2005 mh@informatik.tu-cottbus.de 12 - 23 / 32

NET HIERARCHY

Top A2U (arm2 unloading) 5.1 A2L (arm2 loading) 5.2 feed_belt_transporting 4.1 deposit_belt_transporting 3.1 table_go_load_pos 2.1 table_go_unload_pos 2.2 press_go_unload_pos (PU) 1.1 press_go_load_pos (PL) 1.2 A2U_ext 5.1.2.1 A2U_ret 5.1.2.2 5.1.1.1 5.1.1.2 5.1.1.3 A2L_ext 5.2.2.1 A2L_ret 5.2.2.2 5.2.1.1 5.2.1.2 5.2.1.3 lower 1.2.1 lower 1.1.1 forge 1.1.2 lift 2.2.1 rotate 2.2.2 rotate 2.1.1 lower 2.1.2 trans 3.1.1 deliver 3.1.2 trans 4.1.1 deliver 4.1.2 A2L_rotate 5.2.1 A2L_grasp 5.2.2 A2U_rotate 5.1.1 A2U_ungrasp 5.1.2 press 1 table 2 deposit_belt 3 feed_belt 4 arm2 5 crane_unloading 7.1 crane_loading 7.2 A1L (arm1 loaded) 6.1 A1U (arm1 unloading) 6.2 A1L_ext 6.1.2.1 A1L_ret 6.1.2.2 6.1.1.1 6.1.1.2 6.1.1.3 A1U_ext 6.2.2.1 A1U_ret 6.2.2.2 6.2.1.1 6.2.1.2 6.2.1.3 A1U_rotate 6.2.1 A1U_ungrasp 6.2.2 A1L_rotate 6.1.1 A1L_grasp 6.1.2 lower 7.2.1 transport 7.2.2 lift 7.2.3 lift 7.1.1 transport 7.1.2 lower 7.1.3 arm1 6 crane 7 dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 24 / 32

BASIC MOTION STEP,

MACRO NET

basic in

• ut

start_con stop_con start_command stop_command press_forge press_lift press_at_middle_pos press_upward press_stop press_at_upper_pos press_at_lower_pos press_up press_stop press_at_middle_pos

actual parameters, e.g.:

motion step formal parameters

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 25 / 32

BASIC MOTION STEP + ENVIRONMENT

css - change sensor state css stop_ wait_ start_ stop_ start_ stop_con start_con

• ut

ready_ running in command command fusion nodes: interface actuator states sensor states command command stop_con to_stop

dependability engineering & Petri nets June 1997 mh@informatik.tu-cottbus.de 12 - 26 / 32

MAIN ANALYSIS RESULTS

cooperation model control model size # pages 51 P, 36 T 8 pages 231 P, 202 T 65 pages general analysis covered by P-Invariants → BOUNDED DTP & ES → LIVE size (RGstub)5: 121 → Deadlock-free size (prefix)5: 252 B, 159 E size (RG)5: 12.144 not ES size (RGstub)5: 585 → Deadlock-free size (prefix)5: 1619 B, 768 E → LIVE size (RG)5: 1.657.242 special analysis PROD/CTL: rich, but too slowly AG ( ): acceptable AG ( ): slowly PROD/LTL PEP/CTL0 * lack of quantification on pathes * lack of AF, AU ϕ ¬ ϕ AFχ →

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 27 / 32

ANALYSIS EFFORTS (CONTROL MODEL)

subsystem P / E PEP PROD C / E R time Rstuba)

a) deletion algorithm

time Rstubb)

b) incremental algorithm

time controllers crane 45/34 154/71 256 0.78” 51 0.16” 38 0.08” feed belt 22/16 69/34 69 0.20” 31 0.10” 16 0.07” table 32/24 82/37 88 0.38” 36 0.15” 24 0.09” arm (version 3) 66/60 138/65 365” 1.19” 62 0.23” 51 0.09” press 28/20 166/81 140 0.42” 48 0.10” 20 0.09” deposit belt 22/16 69/34 69 0.20” 31 0.11” 16 0.07” composed systems robot 124/120 3514/1752 63,232 11.26’ 992 5.99” 205 0.21” robot/press 140/132 1280/624 18,344 3.10” 557 3.46” 305 0.35”

• pen

system 198/176 2773/1348 2,776,936 ? 798 5.90” 507 0.62” closed system with 1 plate with 2 plates with 3 plates with 4 plates with 5 plates 231/202 690/316 1670/792 2009/960 2164/1035 1619/768 30,952 543,480 > 1,7 Mio > 3.1 Mio 1,657,242 7.54’

• ca. 3.3 h

> 20 h > 42 h

• ca. 14 h

162 406 523 471 585 0.68” 2.53” 4.51” 4.02” 5.05” 163 456 635 678 608 0.32” 0.72” 0.95” 1.06” 0.98”

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 28 / 32

TEMPORAL LOGICS,

EXAMPLES OF ANALYZED PROPERTIES

General analysis

❑ liveness AG(EF en( t )) for each transition t (PEP).

Special analysis

❑ design demanded properties, e.g. (PROD/LTL) ❑ functional properties, e.g. (PEP) ❑ safety properties, e.g. If a robot arm is loaded, its magnet is not deactivated until the robot is in its unloading position (PROD/LTL) , where G robot_stop robot_left robot_right . ∨ . ∨

     

EF arm1_mag_on arm2_mag_on ∧ ( ) G ϕ χUψ ¬ → ( ) ϕ arm1_mag_on arm1_pickup_angle arm1_pickup_ext χ ∧ ∧ arm1_mag_off ψ arm1_release_angle arm1_release_ext ∧ = = =

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 29 / 32

MAIN LESSONS

LEARNT

❑ management of medium-sized Petri nets

• > hierarchical structure + fusion nodes;

❑ the whole model is composed of a few patterns

• > bounded producer/consumer pattern
• > communication patterns for procon pipeline
• independent input/output
• dependent input/output
• mutually exclusive input/output
• > mutex pattern
• > basic motion step pattern
• sequence
• alternative

❑ new editor feature: parameter substitution

• > library of reusable Petri net components;

❑ interleaving rule of communication&mutex synchronisation

• > lock a mutex resource always as late as possible

❑ pattern properties

• > model consistency criteria
• > to be generated for each instance

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 30 / 32

CONCLUSIONS

❑ catalogue of concurrency patterns ❑ step-wise system development + step-wise specification of system properties ❑ properties taxonomy taxonomy I general properties boundedness liveness special properties safety properties progress properties model consistency properties taxonomy II “must” properties

• >

fatal errors “maybe” properties -> warnings “fun” properties

• >

insights required -> granted

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 31 / 32

PROPERTY TAXONOMY II

❑

FATAL ERRORS

e.g. safety properties If a robot arm is loaded, its magnet is not deactivated until the robot is in its unloading position. , where ❑

WARNINGS

e.g. liveness AG( EF en( t ) ) for each transition t ❑

INSIGHTS

Is it possible, that both robot arms carry a plate at the same time? G ϕ χUψ ¬ → ( ) ϕ arm1_mag_on arm1_pickup_angle arm1_pickup_ext χ ∧ ∧ arm1_mag_off ψ arm1_release_angle arm1_release_ext ∧ = = = EF arm1_mag_on arm2_mag_on ∧ ( )

dependability engineering & Petri nets Mai 2005 monika.heiner@informatik.tu-cottbus.de 10 - 32 / 32

REFERENCES

[Casais 94a] Casais, E.: Eiffel; A Reusable Framework for Production Cells Developed with an Object-oriented Programming Language; in: Lewerentz, C.; Lindner, T. (eds.): Case Study “Production Cell” A Comparative Study in Formal Software Development, FZI-Publication 1/94, Forschungszentrum Informatik, Karlsruhe 1994, pp. 241-256. [Casais 94b] Casais, E.: An Experiment in Framework Development; in: Lewerentz, C.; Lindner, T. (eds.): Case Study “Production Cell” A Comparative Study in Formal Software Development, FZI-Publication 1/ 94, Forschungszentrum Informatik, Karlsruhe 1994, pp. 95-124. [Heiner 95] Heiner, M.; Deussen, P.: Petri Net Based Qualitative Analysis - A Case Study;

• Techn. Report BTU Cottbus, I-08/1995, Dec. 1995.

[Heiner 98] Heiner, M.; Deussen, P.; Spranger, J.: A Case Study in Developing Control Software of Manufacturing Systems with Hierarchical Petri Nets; Journal paper [Lewerentz 95] Lewerentz, C.; Lindner, T.: Formal Development of Reactive Systems - Case Study Production Cell; LNCS 891, 1995. [Michaelis 93] Michaelis, M.: Objektorientierte Modellierung einer Fertigungszelle mit Eiffel (in German); Diplomarbeit Univ. Karlsruhe, Fakultät für Informatik, June 1993.