Institute for Software Integrated SystemsVanderbilt University
CYBER PHYSICAL SYSTEMS (CPS)
Janos SztipanovitsISIS, Vanderbilt University
2
Overview
What are Cyber-Physical Systems? Scientific challenges
Composition and compositionality How to build, compose networked CPS at all scales? How to achieve compositionality in high-confidence, dynamically-configured
systems?
Design and design automation What is the meaning and cost of heterogeneity? How to accommodate changes in products, design process and
design culture
Interaction-based computing What are the new computing paradigms? How to model interactions
3
CPS: Computing Perspective
• Two types of computing systems– Desktops, servers, PCs, and
notebooks– Embedded
• The next frontier– Mainframe computing (60’s-70’s)
• Large computers to execute big data processing applications
– Desktop computing & Internet (80’s-90’s)
• One computer at every desk to do business/personal activities
– Embedded computing (21st Century)
• “Invisible” part of the environment
• Transformation of industry
• Number of microprocessor units per year
– Millions in desktops– Billions in embedded processors
• Applications:– Automotive Systems
• Light and heavy automobiles, trucks, buses
– Aerospace Systems• Airplanes, space systems
– Consumer electronics• Mobile phones, office electronics,
digital appliances– Health/Medical Equipment
• Patient monitoring, MRI, infusion pumps, artificial organs
– Industrial Automation• Supervisory Control and Data
Acquisition (SCADA) systems for chemical and power plants
• Manufacturing systems– Defense
• Source of superiority in all weapon systems
CPS: Systems Perspective
Sectors Opportunities Transportation Aircraft that fly faster and further on
less energy. Air traffic control systems that make more efficient use of airspace. Automobiles that are more capable and safer but use less energy.
Defense More capable defense systems; defense systems that make better use of networked fleets of autonomous vehicles.
Energy and Industrial Automation
New and renewable energy sources. Homes, office, buildings and vehicles that are more energy efficient and cheaper to operate.
CPS Definition
A CPS is a system in which: information processing and physical
processes are so tightly integrated that it is not possible to identify whether behaviors are the result of computations, physical laws, or both working together
where functionality and salient system characteristics are emerging through the interaction of physical and computational objects
6
Transformation of Industries: Automotive
Current picture Largely single-vehicle focus Integrating safety and fuel economy (full
hybrids, regenerative braking, adaptive transmission control, stability control)
Safety and convenience “add-ons” (collision avoidance radar, complex airbag systems, GPS, …)
Cost of recalls, liability; growing safety culture Better future?
Multi-vehicle high-capacity cooperative control roadway technologies
Vehicular networks Energy-absorbing “smart materials” for collision
protection (cooperative crush zones?) Alternative fuel technologies, “smart skin”
integrated photovoltaics and energy scavaging, ….
Integrated operation of drivetrain, smart tires, active aerodynamic surfaces, …
Safety, security, privacy certification; regulatory enforcement
Time-to-market raceImage thanks to Sushil Birla, GMC
7
National Health Information Network, Electronic Patient Record initiative Medical records at any point of service Hospital, OR, ICU, …, EMT?
Home care: monitoring and control Pulse oximeters (oxygen saturation), blood
glucose monitors, infusion pumps (insulin), accelerometers (falling, immobility), wearable networks (gait analysis), …
Operating Room of the Future (Goldman) Closed loop monitoring and control; multiple
treatment stations, plug and play devices; robotic microsurgery (remotely guided?)
System coordination challenge Progress in bioinformatics: gene, protein
expression; systems biology; disease dynamics, control mechanisms
Images thanks to Dr. Julian Goldman, Dr. Fred Pearce
Transformation of Industries: Health Care and Medicine
8
Current picture: Equipment protection devices trip
locally, reactively Cascading failure: August
(US/Canada) and October (Europe), 2003
Better future? Real-time cooperative control of
protection devices Or -- self-healing -- (re-)aggregate
islands of stable bulk power (protection, market motives)
Ubiquitous green technologies Issue: standard operational control
concerns exhibit wide-area characteristics (bulk power stability and quality, flow control, fault isolation)
Context: market (timing?) behavior, power routing transactions, regulation
IT Layer
Images thanks to William H. Sanders, Bruce Krogh, and Marija Ilic
Transformation of Industries: Electric Power Grid
9
package org.apache.tomcat.session;
import org.apache.tomcat.core.*;import org.apache.tomcat.util.StringManager;
import java.io.*;import java.net.*;import java.util.*;
import javax.servlet.*;import javax.servlet.http.*;
/** * Core implementation of a server session
* * @author James Duncan Davidson [[email protected]]
* @author James Todd [[email protected]] */
public class ServerSession {
private StringManager sm = StringManager.getManager("org.apache.tomcat.session");
private Hashtable values = new Hashtable(); private Hashtable appSessions = new Hashtable();
private String id; private long creationTime = System.currentTimeMillis();;
private long thisAccessTime = creationTime; private long lastAccessed = creationTime;
private int inactiveInterval = -1;
ServerSession(String id) { this.id = id;
}
public String getId() { return id;
}
public long getCreationTime() { return creationTime;
}
public long getLastAccessedTime() { return lastAccessed;
}
public ApplicationSession getApplicationSession(Context context, boolean create) {
ApplicationSession appSession = (ApplicationSession)appSessions.get(context);
if (appSession == null && create) {
// XXX // sync to ensure valid?
appSession = new ApplicationSession(id, this, context);
appSessions.put(context, appSession); }
// XXX // make sure that we haven't gone over the end of our // inactive interval -- if so, invalidate and create
// a new appSession
return appSession; }
void removeApplicationSession(Context context) { appSessions.remove(context);
}
/** * Called by context when request comes in so that accesses and
* inactivities can be dealt with accordingly. */
void accessed() { // set last accessed to thisAccessTime as it will be left over
// from the previous access
lastAccessed = thisAccessTime; thisAccessTime = System.currentTimeMillis();
}
void validate()
Software Control
Crosses Interdisciplinary Boundaries
Why is CPS Hard?
• Disciplinary boundaries need to be realigned• New fundamentals need to be created• New technologies and tools need to be developed• Education need to be restructured
Long-Term Goal
Transform how we interact with the physical world just like the internet transformed how we interact with one another. Transcend space Control the physical environment remotely
Building CPSs that integrate computational and physical objects requires new systems science foundations. Fusion of physical and computational sciences
Produce significant impact on society and national competitiveness.
11
Overview
What are Cyber-Physical Systems? Scientific challenges
Composition and compositionality How to build, compose networked CPS at all scales? How to achieve compositionality in high-confidence, dynamically-
configured systems?
Design and design automation What is the meaning and cost of heterogeneity? How to accommodate changes in products, design process and
design culture
Interaction-based computing What are the new computing paradigms? How to model interactions
Example:
CPS Composition Theories 1/3
R/r is the pole of the transfer functionv(z)/e(z) => the step response may becomeunstable.
v(t) = R * i(t)
v(t) = R * i(t - t)
Source: Roitman and Diniz, ICDS’95, 1995
Discretization of components using trapezodial rule for integration.
Composition task: Not realizable implementation..
Source: Bilbao and Smith III, 2005
Example:
CPS Composition Theories 2/3
Wave Digital FiltersAlfred Fettweis in the early 1970s, was an attempt at translating analog filters into the digital realm with a pointed emphasis on preserving as much of the underlying physics as possible.Properties:
– if the reference filter is passive, the WDF implementation is also passive– guaranteed stability– reduced accuracy requirements for coefficients and good dynamic range– free of zero input limit-cycle oscillation, …
Resonator-Bank Filters Peceli and others, 1980’s. Similar properties, different implementation strategy.
Need for investigating composition theories for CPS
Example:
CPS Composition Theories 3/3
15
Overview
What are Cyber-Physical Systems? Economic context Scientific challenges
Composition and compositionality How to build, compose networked CPS at all scales? How to achieve compositionality in high-confidence, dynamically-configured
systems?
Design and design automation What is the impact and cost of heterogeneity? How to accommodate changes in products, design process
and design culture
Interaction-based computing What are the new computing paradigms? How to model interactions
Heterogeneity and Modeling Languages
ComputingSystemCompositionDomain
PhysicalSystem CompositionDomain
Physicalinstantiation
Logical specification(source code)
Physical systemcharacteristics
• Physical Models• Modeling Languages
– Structure– Behaviors
• Physical Laws– Physical variables– Physical Units
• “Cyber” Models• Modeling Languages
– Structure– Behaviors
• Mathematical Domains– traces/state variables– no reference semantics or “semantic units”
Challenges in DSML Semantics
DSML
• Usually, specification stops at the level of abstract syntax metamodels (“static semantics”)• Specification of behavioral semantics (if done)
– involve major effort due to overly complex modeling languages, – use a wide range of formalisms and
• Impact is far-reaching– tool chains are closed and built around loosely defined “conventions” and proprietary interpretations of semantics instead of standards – potential semantic mismatches create unacceptable risk for safety critical applications
Major roadblock that slows down acceptance ofmodel-based design technology.
SemanticDomain
?
Need for developing theories and tools for compositionalspecification of DSML semantics
ModelingControllerSynthesis
System Analysis
CodeSynthesis
ValidationVerification
TargetAnalysis
Platform
SimulinkStateflowECSL/GMEPtolemy
MatlabSimulatorCheckmateSALTejaUP ReachCharon
R-TWorkshopECSL/GMEKestrelPtolemy
CheckmateCharon
WindViewAIRES
CheckmateAIRES
MPC555/OSEKPENTIUM/QNX
Platform Models
Plant Model Integrated Model
Design Feedback
Valid Model Code/Model
Test Vectors
Valid Code/Model
Design Feedback
Download
Valid Model
BACKPLANE Open Tool Integration Framework
Metamodeling
MetamodelComposition &Validation
Metagenerators
UML/OCLGME/Meta
GME/Meta
MIC/GENKestrel
Comp/PlatfModeling
ComponentImplement.
System Modeling
ComponentIntegration
ValidationVerification
TargetAnalysis Platform
UML/RoseESML/GME
ManualESML/GMEHoneywellCMU
ESML/GMEHoneywellTimeWeaver
AIRESSWRI/ASCTimeWiz
AIRESSWRI/ASCESML/GME
PENTIUM/TAO/BOLD-STROKE
Platform Models
Partial Model System Model
Design Feedback
Component Code
Interaction/Fault mgmt/… Models
Valid Code/Model
Design Feedback
DownloadIntegrated CodeModelComponent Model
Design Feedback
• Integrated Physical/Computational Modeling and Analysis • Generative Programming• Hybrid System Analysis• Customizable (metaprogrammable) modeling tools and generators• Open tool integration framework; configurable design flow and composable design environments
Automotive Design Flow Avionics Design Flow
Goal: Heterogeneous and Composable Design Flows
19
Overview
What are Cyber-Physical Systems? Economic context Scientific challenges
Composition and compositionality How to build, compose networked CPS at all scales? How to achieve compositionality in high-confidence, dynamically-configured
systems?
Design and design automation What is the meaning and cost of heterogeneity? How to accommodate changes in products, design process and
design culture?
Interaction-based computing What are the new computing paradigms? How to model interactions?
Change in Computing Platforms
Future Computers on Silicon
• 1 Power Processor Element (PPE)• 8 Synergistic Processor Element (SPE)• Interconnection (EIB) consists of 4 x 16 byte rings run at half the CPU clock speed and can allow up to 3 simultaneous transfers. Theoretical peak of the EIB is 204.8 Gigabytes per second. • Programming challenge – coordinating the execution of jobs….• Programming models: - job queue, - multitasking, - stream processing, - …
• Challenge: understanding task interaction and utilizing concurrency
Change in CPS Applications: Networked
Systems
COP
Distributed DatabaseInformation LayerInteroperableexport
WIN-T
UE/HQESO
Standards-BasedOpen Software
Architecture
L COP L COP L COP L COP
Common OperatingPicture
HQ
ESO
EPLRSSINCGARSVHF
Link 4ALink 11Link 16WIN T
Hierarchical Ad-Hoc Network
DataImagesVoiceVideo
Mis
sion
Pla
nnin
g &
Pre
p
Situ
atio
n U
nder
stan
ding
Bat
tle M
gmt
& E
xecu
tion
Sen
sor
Fus
ion
Tar
get
Rec
ogni
tion
Inte
grat
ed S
usta
inm
ent
Em
bedd
ed T
rain
ing
Common Services
Information Management
Computing and Networking
Warfighter Interface
Vetronics
Common VehicleSubsystems
HQ
BattleCommand
EO/IR EO/IRSAR/MTI
UGS
WNW
Reachback
HHQ
WNW
Joint CommonDatabase
XX
stubnet
DB Synchronization
Information ManagementInformation Management
PlatformPlatformNetworked CommandNetworked Command
InteroperabilityInteroperabilityFIOP
Foundation Infrastructure – (e.g, Network with: COMSEC Crypto Services, Mobility Enhancements, IP Network Appliqué's, )
Operating System
Operating System Abstraction Services
Network Infrastructure Services
SOS Framework ServicesCOTS
NDI
SOS Operations Services
Information Assurance (IA) Network Mgt (NM) Information Dissemination Mgt (IDM)
Application Program Interfaces – Common Services
Vehicle Applications Mission Applications Business Applications Administration Applications
Human Machine Interface /Machine-Machine Interface
COTSNDI
Mis
sion
Pla
nnin
g &
Pre
p
Situ
atio
n U
nder
stan
ding
Bat
tle C
omm
and
Inte
grat
ed
Sust
ainm
ent
Targ
et R
ecog
nitio
n
Sens
or F
usio
n
Embe
dded
Mis
sion
Tra
inin
g
Nav
igat
ion
Con
trol
s
Prop
ulsi
on
Hyd
raul
ic
Elec
tric
al
Fuel
Sys
Hea
lth M
anag
emen
t
Engi
neer
ing
Proc
urem
ent
Faci
litie
s
Logi
stic
s
Pers
onne
l
Tran
spor
tatio
n
Dis
posa
l
Syst
em M
anag
emen
t
Rem
ote
Serv
er M
gt
Softw
are
Dis
trib
utio
n
Use
r Man
agem
ent
Softw
are
Upg
rade
Softw
are
Inst
all
Rem
ote
Trou
bles
hoot
Foundation Infrastructure – (e.g, Network with: COMSEC Crypto Services, Mobility Enhancements, IP Network Appliqué's, )
Operating System
Operating System Abstraction Services
Network Infrastructure Services
SOS Framework ServicesCOTS
NDI
SOS Operations Services
Information Assurance (IA) Network Mgt (NM) Information Dissemination Mgt (IDM)
SOS Operations Services
Information Assurance (IA) Network Mgt (NM) Information Dissemination Mgt (IDM)
Application Program Interfaces – Common Services
Vehicle Applications Mission Applications Business Applications Administration Applications
Human Machine Interface /Machine-Machine Interface
COTSNDI
Mis
sion
Pla
nnin
g &
Pre
p
Situ
atio
n U
nder
stan
ding
Bat
tle C
omm
and
Inte
grat
ed
Sust
ainm
ent
Targ
et R
ecog
nitio
n
Sens
or F
usio
n
Embe
dded
Mis
sion
Tra
inin
g
Nav
igat
ion
Con
trol
s
Prop
ulsi
on
Hyd
raul
ic
Elec
tric
al
Fuel
Sys
Hea
lth M
anag
emen
t
Engi
neer
ing
Proc
urem
ent
Faci
litie
s
Logi
stic
s
Pers
onne
l
Tran
spor
tatio
n
Dis
posa
l
Syst
em M
anag
emen
t
Rem
ote
Serv
er M
gt
Softw
are
Dis
trib
utio
n
Use
r Man
agem
ent
Softw
are
Upg
rade
Softw
are
Inst
all
Rem
ote
Trou
bles
hoot
JTRS
Future Systems in the Field
• Heterogeneous CPS • Open Dynamic Architecture - heterogeneous networking - heterogeneous components
• Very high level concurrency with complex interactions
• Challenge: understanding system interactions and analyzing (bounding) behavior
Interaction and Coordination
Rich time models instead of sequencing
Behavioral invariants instead of end results
Functionality through interactions of ongoing behaviors instead of sequence of actions
Component architectures instead of procedural abstraction
Concurrency models with partially ordered instead of linearly ordered event sets
Precise interaction and coordination protocols
Hugely increased system size with controllable, stable behavior
Dynamic system architectures (nature and extent of interaction can be modified)
Adaptive, autonomic behavior
Self-descriptive, self monitoring system architecture for safety guarantees.
Changes in Cyber Changes in Physical
Summary
CPS-s represent the coming new age in systems design
The required technology changes are fundamental – go way beyond “multidisciplinary” design
The impact on competitiveness is huge: CPS-s are the foundation for the systems industry