Towards a well-founded software component model for cyber-physical - - PowerPoint PPT Presentation

Introduction Towards a well-founded software component model for cyber-physical control systems Conclusion

The Second IEEE International Conference on Robotic Computing IRC 2018

Towards a well-founded software component model for cyber-physical control systems

Jacques.Malenfant (at) lip6.fr

Sorbonne Universit´ es, UPMC Univ Paris 06, UMR 7606, LIP6

Jacques.Malenfant (at) lip6.fr IRC 2018, 2018/01/29–02/2

Introduction Towards a well-founded software component model for cyber-physical control systems Conclusion

Introduction

How to allow/ease CPCS and robotics systems specification, implementation, test, verification, validation? Main proposals:

1

Build over strong behavioral models (BM): stochastic hybrid systems & hybrid automata.

2

Implement jointly the software and the simulator, using modular simulation models derived from the BM.

⇒ Component model integrating software, BM and simulation.

Jacques.Malenfant (at) lip6.fr IRC 2018, 2018/01/29–02/2

Introduction Towards a well-founded software component model for cyber-physical control systems Conclusion

Introduction

How to allow/ease CPCS and robotics systems specification, implementation, test, verification, validation? Main proposals:

1

Build over strong behavioral models (BM): stochastic hybrid systems & hybrid automata.

2

Implement jointly the software and the simulator, using modular simulation models derived from the BM.

⇒ Component model integrating software, BM and simulation.

Goals:

1

Test, validation and verification through MIL, SIL and HIL simulations.

2

Allow a progressive approach (unit ⇒ integration ⇒ full system).

3

Provide a strong basis for a (large-scale distributed) CPCS software development process.

4

Develop more reliable CPCS with less resources.

Jacques.Malenfant (at) lip6.fr IRC 2018, 2018/01/29–02/2

Introduction Towards a well-founded software component model for cyber-physical control systems Conclusion

Conceptual framework developed in four steps

1

Well-founded BM with stochastic hybrid systems

2

Modularity and composability with hybrid automata

3

Concrete operational semantics using modular simulation

4

Integration in a software component model with full composability.

Jacques.Malenfant (at) lip6.fr IRC 2018, 2018/01/29–02/2

Introduction Towards a well-founded software component model for cyber-physical control systems Conclusion

Hybrid systems

Mathematical discrete/continuous behavioral (dynamic) models. Hybrid state space: S =

q∈Q Xq ×{q}

Discrete states: Q = {q0,q1,...} (denumerable) with discrete transitions upon events:

value changes of discrete variables conditions (frontiers) met by continuous variables

Each discrete state has a continuous evolution model (e.g., differential equations). Stochastic hybrid systems:

stochastic discrete transitions, stochastic differential equations.

Jacques.Malenfant (at) lip6.fr IRC 2018, 2018/01/29–02/2

Introduction Towards a well-founded software component model for cyber-physical control systems Conclusion

Hybrid system baseline model for the data transfer use case

q(t) = NC

˙

p(t) ← µ(p(t))dt +σ(p(t))dB(t) p(t) ≥ Pinf

˙

b(t) ← −∆Bnc b(t) ≥ B

b(t)≥B ∧p(t)<Pinf /q(t+)←C

• b(t)<B/q(t+)←LB
• q(t) = C

˙

p(t) ← µ(p(t))dt +σ(p(t))dB(t) p(t) ≤ Psup

˙

b(t) ← −∆Bc b(t) ≥ B

b(t)≥B ∧p(t)>Psup/q(t+)←NC

• b(t)<B/q(t+)←LB
• q(t) = LB

˙

p(t) ← µ(p(t))dt +σ(p(t))dB(t)

˙

b(t) ← −∆Bnc 0 ≤ b(t) < B

Jacques.Malenfant (at) lip6.fr IRC 2018, 2018/01/29–02/2

Introduction Towards a well-founded software component model for cyber-physical control systems Conclusion

From monolithic hybrid systems to modular hybrid automata

How to use hybrid systems in practice? Two major lines of work: Henzinger and Lynch. Hybrid automata:

continuous variables and discrete events discrete transitions and continuous trajectories alternating to give the system overall trajectory partition between internal and external variables and events composition by sharing external variables and events

Lynch’s et al. Hybrid Input/Output automata (HIOA):

external events and variables are partitioned between input and

• utput ones

when composing, only one producer (output) for each

Lynch’s et al. Timed Input/Output automata (TIOA):

no external continuous variables i.e., no sharing thereof

Jacques.Malenfant (at) lip6.fr IRC 2018, 2018/01/29–02/2

Introduction Towards a well-founded software component model for cyber-physical control systems Conclusion

Factorising the baseline model into HIOA

PC controller

U = {p,b}, O = {q} q(t) = NC p(t) ≥ Pinf b(t) ≥ B

b(t)≥B ∧p(t)<Pinf /q(t+)←C

• b(t)<B/q(t+)←LB

q(t) = C p(t) ≤ Psup b(t) ≥ B

b(t)≥B ∧p(t)>Psup/q(t+)←NC

• b(t)<B/q(t+)←LB
• q(t) = LB

0 ≤ b(t) < B

PC

Y = {b}, I = {q} q(t) = NC

˙

b(t) ← −∆Bnc b(t) ≥ B

q(t)=C q(t)=LB

• q(t) = C

˙

b(t) ← −∆Bc b(t) ≥ B

q(t)=NC

• q(t)=LB
• q(t) = LB

˙

b(t) ← −∆Bnc 0 ≤ b(t) < B

Environment

Y = {p}

˙

p(t) ← µ(p(t))dt +σ(p(t))dB(t)

Server controller

U = {p,b}, O = {qs} qs(t) = NC p(t) ≥ Pinf b(t) ≥ B

b(t)≥B ∧p(t)<Pinf /qs(t+)←C

• b(t)<B/qs(t+)←LB
• qs(t) = C

p(t) ≤ Psup b(t) ≥ B

b(t)≥B ∧p(t)>Psup/qs(t+)←NC

• b(t)<B/qs(t+)←LB
• qs(t) = LB

0 ≤ b(t) < B qs(t) = NC

qs(t)=C qs(t)=LB

• qs(t) = C

qs(t)=NC

• qs(t)=LB
• qs(t) = LB

Server (I = {q})

(continuous variables: U = imported, Y = exported, X = internal; discrete variables: I = imported, O = exported, H = internal) Jacques.Malenfant (at) lip6.fr IRC 2018, 2018/01/29–02/2

Introduction Towards a well-founded software component model for cyber-physical control systems Conclusion

From modular hybrid automata to modular simulations

What usage for BM?

test, validation, verification, ...

Hybrid systems/automata = declarative semantics. Simulation models = operational semantics. Translate BM into simulation models Discrete EVent Systems (DEVS): de facto “standard” for modular discrete event simulation modeling and simulators.

Atomic models/simulators: core simulation engines, input and

• utpout of events.

Coupled models/simulators: composition and coordination (simulation clock). Large variety of core simulation engines and distributed simulation implementations (e.g., simulated versus real-time clock).

Embed simulation models into software components.

Jacques.Malenfant (at) lip6.fr IRC 2018, 2018/01/29–02/2

Introduction Towards a well-founded software component model for cyber-physical control systems Conclusion

Components, their embedded simulation engine and the exchanged events

Network Server Environment Server Controller

b p

PC Controller PC

¯

b

ˆ

b q

ˆ

p

ˆ

b

ˆ

p

ˆ

p

ˆ

b qs qs

¯

p

¯

b

Network

¯

p q

Jacques.Malenfant (at) lip6.fr IRC 2018, 2018/01/29–02/2

Introduction Towards a well-founded software component model for cyber-physical control systems Conclusion

Summary of the conceptual contributions

A software component model with

stochastic hybrid systems BM, modular modelling with HIOA/TIOA and embedded DEVS-like simulation models, and with composability at all levels

that provide capabilities for:

1

use cases and behavioral specification,

2

model-in-the-loop simulation and validation,

3

algorithms development and tuning,

4

unit and integration testing through software-in-the-loop simulation,

5

software verification and validation, deployment time system identification, control law synthesis and hardware-in-the-loop simulation for system validation and verification,

6

run time verification,

7

run time system self-adaptation.

Jacques.Malenfant (at) lip6.fr IRC 2018, 2018/01/29–02/2

Introduction Towards a well-founded software component model for cyber-physical control systems Conclusion

Questions

Questions?

Jacques.Malenfant (at) lip6.fr IRC 2018, 2018/01/29–02/2

Introduction Towards a well-founded software component model for cyber-physical control systems Conclusion

Related work

Some related work about co-simulation But few with SIL or HIL And none aligning and integrating the software architecture with the simulation models. Two particularly interesting that adopt a software engineering point of view:

1

Zoahib Iqbal et al.: systematic software testing with simulations, but only discrete.

2

De Roo et al.: unit software testing with continuous simulations.

Jacques.Malenfant (at) lip6.fr IRC 2018, 2018/01/29–02/2

Introduction Towards a well-founded software component model for cyber-physical control systems Conclusion

Perspectives

Implementation in a Java distributed component model Integrate decision models for control law synthesis (e.g., optimal stochastic control) Towards large-scale systems.

Jacques.Malenfant (at) lip6.fr IRC 2018, 2018/01/29–02/2