View
2
Download
0
Category
Preview:
Citation preview
UniversityofCaliforniaatBerkeley
WelcomeandIntroduction
EdwardA.Lee
iCyPhyMiniWorkshop,Berkeley,Feb.14,2019
Professor of the Graduate School
iCyPhyIndustrialCyber-PhysicalSystemsCenter
Mission:
Tomakeadvancedsoftwareandnetworkingtechnologyusableinsafety-andmission-criticalindustrialapplications.
2 PrabalDutta,EdwardLee,AlbertoSangionvanni-Vincetelli,SanjitSeshia
ActiveProjectPartners
• Avast• Camozzi• Denso• Ford• Siemens• Toyota
3
FocusonModels
4
Amodelisanydescriptionofasystemthatisnotthething-in-itself.(dasDingansichinKantianphilosophy).
Challenges
• Confusingthemapandtheterritory• Choosingamodelingparadigm• Understandingthepurposeofthemodel
5
Solomon Wolf Golomb
Lee,Berkeley 5 Photo by Rusi Mchedlishvili
Youwillneverstrikeoilbydrillingthroughthemap!
Modelsvs.Reality
Inthisexample,themodelinguniverseiscalculusandNewton’slaws.Faithfulnessishowwellthemodelanditstargetmatch
6
Themodel
Thetarget(thethingbeingmodeled).
AModel
7 ImagebyDominiqueToussaint,GNUFreeDocumentationLicense,Version1.2orlater.
APhysicalRealization
8
• Inscience,thevalueofamodelliesinhowwellitsbehaviormatchesthatofthephysicalsystem.
• Inengineering,thevalueofthephysicalsystemliesinhowwellitsbehaviormatchesthatofthemodel.
Ascientistasks,“CanImakeamodelforthisthing?”Anengineerasks,“CanImakeathingforthismodel?”
9
TheValueofModels
ModelFaithfulness
• Toascientist,themodelisflawed.• Toanengineer,therealizationisflawed.
Engineeringismoreaboutmakingthethingmatchthemodelratherthantheotherwayaround.
10
ConsiderChipDesign
Apieceofsiliconthatdoesn’tbehavelikethemodelisjustbeachsand.
11
IntelHaswell,eachwith1.4billiontransistors
ModelsandModelsandThings
12
Models
Things
Science Engineering
Assurance
Hope
Models
Abstraction Refinement
Assurance
UsefulModelsandUsefulThings
“Essentially,allmodelsarewrong,butsomeareuseful.”
Box,G.E.P.andN.R.Draper,1987:EmpiricalModel-BuildingandResponseSurfaces.WileySeriesinProbabilityandStatistics,Wiley.
“Essentially,allsystemimplementations
arewrong,butsomeareuseful.”LeeandSirjani,“Whatgoodaremodels,”FACS2018.
13
ChangingtheQuestion
Isthequestionwhetherourmodelsdescribethethinginitself(faithfully)?OrIsthequestionwhetherwecanbuildathing-in-itselfwherebehaviormatchesthatofourmodels(withhighprobability)?
14
VerificationandValidation
PerBoehm:• AmIbuildingtheproductright?(verification)• AmIbuildingtherightproduct?(validation)
15
VerificationandValidation
16
Model
Thing
Yourdesign
Whatyouwant
Model Requirements
Validation:Isthis
faithful?
Verification:Isthisasoundabstraction?
CyberPhysicalSystems
17
Whatkindsofmodelsshouldweuse?
SoftwareasaModel
18 Lee,Berkeley
PhysicalSystem Model
Single-threadedimperativeprogramsaredeterministicmodels
PhysicsasaModel
PhysicalSystem Model
Signal Signal
DifferentialEquationsaredeterministicmodels
Lee,Berkeley 19
Image:WikimediaCommons
Signal Signal
20 Image:WikimediaCommonsLee,Berkeley
AmajorproblemforCPS:combinationsofdeterministicmodelsarenondeterministic
OurStrategy
Findengineeringmodelsforwhichwecan:• buildfaithfulrealizations,• verifypropertieswecareabout,and• designinterestingandusefulsystems.
21
Recommended