Modeling Cyber-Physical Systems: Challenges and Recent Advances - PowerPoint PPT Presentation

Modeling Cyber-Physical Systems: Challenges and Recent Advances Gabor Karsai Institute for Software-Integrated Systems Vanderbilt University Seminar at U Conn - 3/3/2015

Acknowledgements Personnel  Janos Sztipanovits  Ted Bapty  Sandeep Neema  Larry Howard  Abhishek Dubey  Xenofon Koutsoukos  Zsolt Lattmann  Tihamer Levendovszky  Adam Nagel  Joseph Porter  Gabor Simko  …. and many others at the Institute for Software-Integrated Systems @ Vanderbilt University  Sponsors  DARPA AVM, System F6  NSF CPS Program  AFRL, AFOSR, ARO  NASA  Boeing, BAE Systems, General Motors, Google Lockheed-Martin, Microsoft Research, Siemens, UTRC  … and many others (see http://www.isis.vanderbilt.edu/sponsors) 

Modeling CPS  Definition  Examples  The three aspects of modeling  Modeling the physical system  Models of computation and communication  Modeling the platform  Model integration  Recent results  Research challenges  Conclusions

What is a Cyber-Physical System?  An engineered system that integrates physical and cyber components where relevant functions are realized through the interactions between the physical and cyber parts.  Physical = some tangible, physical device + environment  Cyber = computational + communicational

CPS Examples

CPS Examples

The Good News… Networking and computing delivers unique precision and flexibility in interaction and coordination Integrated CPS Computing/Communication  Rich time models  Elaborate coordination of physical processes  New type of interactions across  highly extended spatial/temporal Hugely increased system size with controllable, stable dimensions behavior  Flexible, dynamic communication  Dynamic, adaptive architectures mechanisms  Adaptive, autonomic systems  Time-variant, nonlinear behavior  Self monitoring, self-healing  Introspection, learning, reasoning system architectures and better safety/security guarantees.

…and the Challenges Fusing networking and computing with physical processes brings new problems Integrated CPS Computing/Communication   Cyber vulnerability Physical behavior of systems can be manipulated  New type of interactions across  Lack of composition theories for highly extended spatial/temporal heterogeneous systems, many dimensions unsolved problems  Flexible, dynamic communication  Vastly increased complexity mechanisms and emergent behaviors   Time-variant, nonlinear behavior Lack of theoretical foundations for CPS dynamics  Introspection, learning, reasoning  Verification, certification, predictability face fundamentally new challenges

Example for a CPS Approach Key Idea: Manage design complexity by creating abstraction layers in the design flow. Abstraction layers define platforms. Physical Platform Abstractions are linked through mapping. Software Platform Abstraction layers allow the verification of different properties . Computation/Communication Platform Claire Tomlin, UC Berkeley

Abstraction layers: SW-RTS In CPS, essential system properties Sifakis at al: “Building Models of Real-Time such as stability, safety, Systems from Application Software,” performance are expressed in Proceedings of the IEEE Vol. 91, No. 1. pp. terms of physical behavior 100-111, January 2003 f • : reactive program. Program execution creates a mapping between logical-time Software models inputs and outputs. [ ] [ ] → → → T Out : 2 f T In correctness: implementation ∀ ρ ∈ Ψ ρ ⊆ Ψ ρ , ( ( )) ( ( )) E f f out R in f • : real-time system. Programs are R packaged into interacting components. Real-time system models Scheduler control access to computational [ ] [ ] → → → and communicational resources according T Out : 2 f T In R R R to time constraints P timing analysis ( P) ∀ ρ ∈ ∀ π ∈ ρ ρ π ∈ , ( ), ( , ) E f P R

Abstraction layers: PHY-SW-RTS Re-defined Goals: Physical models • Compositional verification of [ ] [ ] [ ] [ ] essential dynamic properties → → → ; → → → T Out T Out : 2 p T In : 2 f T In R R R R R R − stability − safety implementation • Derive dynamics - offering robustness against implementation changes and Software models uncertainties caused by faults [ ] [ ] → → → T Out : 2 f T In and cyber attacks − fault/intrusion induced correctness: implementation reconfiguration of SW/HW ∀ ρ ∈ Ψ ρ ⊆ Ψ ρ , ( ( )) ( ( )) E f f − network uncertainties out R in (packet drops, delays) • Decrease verification Real-time system models [ ] [ ] → → → complexity T Out : 2 f T In R R R timing analysis ( P) ∀ ρ ∈ ∀ π ∈ ρ ρ π ∈ , ( ), ( , ) E f P R

Why is CPS Hard? Software Control Systems package org.apache.tomcat.session; import org.apache.tomcat.core.*; import org.apache.tomcat.util.StringManager; import java.io.*; import java.net.*; import java.util.*; import javax.servlet.*; import javax.servlet.http.*; /** * Core implementation of a server session * * @author James Duncan Davidson [duncan@eng.sun.com] * @author James Todd [gonzo@eng.sun.com] */ public class ServerSession { private StringManager sm = StringManager.getManager("org.apache.tomcat.session"); private Hashtable values = new Hashtable(); private Hashtable appSessions = new Hasht able(); private String id; private long creationTime = System.currentTimeMillis();; private long thisAccessTime = creationTime; private long lastAccessed = creationTime; private int inact iveInterval = - 1; ServerSession(String id) { this.id = id; } public String getId() { return id; } public long getCreationTime() { return creationTime; } public long getLastAccessedTime() { return lastAccessed; } public ApplicationSession getApplicationSession(Context context, boolean create) { ApplicationSession appSession = (ApplicationSession)appSessions.get(context); if (appSession == null && create) { // XXX // sync to ensure valid? appSession = new ApplicationSession(id, this, context); appSessions.put(context, appSession); } // XXX // make sure that we haven't gone over the end of our // inactive interval -- if so, invalidate and create // a new appSession return appSession; } void removeApplicationSession(Context context) { appSessions.remove(context); } /** * Called by context when request comes in so that accesses and * inactivities can be dealt with accordingly. */ void accessed() { // set last accessed to thisAccessTime as it will be left over // from the previous access lastAccessed = thisAccessTime; thisAccessTime = System.currentTimeMillis(); } void validate() Crosses Interdisciplinary Boundaries • Disciplinary boundaries need to be realigned • New fundamentals need to be created • New technologies and tools need to be developed • Education and training need to be restructured

CPS Layers and Interactions Computational Computational Computational Object Object Object Computational Computational Object Object Implementation Implementation Computational Computational Communication Platform Refinement/Compilation Platform Platform Platform Layer Abstraction Physical Physical Physical Object Object Cyber-Physical Object Object Computational Interaction Cyber-Physical Object Physical Layer Physical Interaction

CPS and Model-based Design Design of CPS layers via MDE  Software models  Platform models  Physical models Challenge: How to integrate the models so that cross-domain interactions can be understood and managed?

Model Integration for CPS  Issues  Cyber models are insufficient, physical models are insufficient  Many modeling paradigms for physical systems (consider engineering or physics!)  Many interaction pathways: P2P , P2C, C2C, P2C2P , C2P2P2C  Universal modeling language with precisely defined semantics?  All models are abstractions of reality from a specific point of view for a specific purposes. Universality is not pragmatic.  Universal modeling language with no/sparse semantics?  [SysML] Enabler but not a complete solution – needs content semantics

Model Integration for CPS  Objective: To support the model- ‘Cyber’ based design of CPS Computation Communication  Represent the design : both physical and cyber, and the interfaces  Allow analysis of the design Information  Simulation-based evaluation and V&V  Discovering unintended interactions Sensor/s Actuator/s  Formal verification  Drive the implementation of the design Physical Physical Power quantity quantity  Compile to code, drive the fab Key : understanding cross-domain Physical interfaces and interactions Physical Environment

Tools for CPS Design  A Cyber-Physical Systems Design Project: AVM  Goals  Basic concepts: Vehicle Forge  Basic concepts: OpenMETA  Information Architecture Challenge  OpenMETA Design Flow Integration Challenge  Semantic Integration Challenge  Structural Semantics  Behavioral Semantics