Institute for Software Integrated SystemsVanderbilt University

CYBER PHYSICAL SYSTEMS (CPS)

Janos SztipanovitsISIS, Vanderbilt University

2

Overview

What are Cyber-Physical Systems? Scientific challenges

Composition and compositionality How to build, compose networked CPS at all scales? How to achieve compositionality in high-confidence, dynamically-configured

systems?

Design and design automation What is the meaning and cost of heterogeneity? How to accommodate changes in products, design process and

design culture

Interaction-based computing What are the new computing paradigms? How to model interactions

3

CPS: Computing Perspective

• Two types of computing systems– Desktops, servers, PCs, and

notebooks– Embedded

• The next frontier– Mainframe computing (60’s-70’s)

• Large computers to execute big data processing applications

– Desktop computing & Internet (80’s-90’s)

• One computer at every desk to do business/personal activities

– Embedded computing (21st Century)

• “Invisible” part of the environment

• Transformation of industry

• Number of microprocessor units per year

– Millions in desktops– Billions in embedded processors

• Applications:– Automotive Systems

• Light and heavy automobiles, trucks, buses

– Aerospace Systems• Airplanes, space systems

– Consumer electronics• Mobile phones, office electronics,

digital appliances– Health/Medical Equipment

• Patient monitoring, MRI, infusion pumps, artificial organs

– Industrial Automation• Supervisory Control and Data

Acquisition (SCADA) systems for chemical and power plants

• Manufacturing systems– Defense

• Source of superiority in all weapon systems

CPS: Systems Perspective

Sectors Opportunities Transportation Aircraft that fly faster and further on

less energy. Air traffic control systems that make more efficient use of airspace. Automobiles that are more capable and safer but use less energy.

Defense More capable defense systems; defense systems that make better use of networked fleets of autonomous vehicles.

Energy and Industrial Automation

New and renewable energy sources. Homes, office, buildings and vehicles that are more energy efficient and cheaper to operate.

CPS Definition

A CPS is a system in which: information processing and physical

processes are so tightly integrated that it is not possible to identify whether behaviors are the result of computations, physical laws, or both working together

where functionality and salient system characteristics are emerging through the interaction of physical and computational objects

6

Transformation of Industries: Automotive

Current picture Largely single-vehicle focus Integrating safety and fuel economy (full

hybrids, regenerative braking, adaptive transmission control, stability control)

Safety and convenience “add-ons” (collision avoidance radar, complex airbag systems, GPS, …)

Cost of recalls, liability; growing safety culture Better future?

Multi-vehicle high-capacity cooperative control roadway technologies

Vehicular networks Energy-absorbing “smart materials” for collision

protection (cooperative crush zones?) Alternative fuel technologies, “smart skin”

integrated photovoltaics and energy scavaging, ….

Integrated operation of drivetrain, smart tires, active aerodynamic surfaces, …

Safety, security, privacy certification; regulatory enforcement

Time-to-market raceImage thanks to Sushil Birla, GMC

7

National Health Information Network, Electronic Patient Record initiative Medical records at any point of service Hospital, OR, ICU, …, EMT?

Home care: monitoring and control Pulse oximeters (oxygen saturation), blood

glucose monitors, infusion pumps (insulin), accelerometers (falling, immobility), wearable networks (gait analysis), …

Operating Room of the Future (Goldman) Closed loop monitoring and control; multiple

treatment stations, plug and play devices; robotic microsurgery (remotely guided?)

System coordination challenge Progress in bioinformatics: gene, protein

expression; systems biology; disease dynamics, control mechanisms

Images thanks to Dr. Julian Goldman, Dr. Fred Pearce

Transformation of Industries: Health Care and Medicine

8

Current picture: Equipment protection devices trip

locally, reactively Cascading failure: August

(US/Canada) and October (Europe), 2003

Better future? Real-time cooperative control of

protection devices Or -- self-healing -- (re-)aggregate

islands of stable bulk power (protection, market motives)

Ubiquitous green technologies Issue: standard operational control

concerns exhibit wide-area characteristics (bulk power stability and quality, flow control, fault isolation)

Context: market (timing?) behavior, power routing transactions, regulation

IT Layer

Images thanks to William H. Sanders, Bruce Krogh, and Marija Ilic

Transformation of Industries: Electric Power Grid

9

package org.apache.tomcat.session;

import org.apache.tomcat.core.*;import org.apache.tomcat.util.StringManager;

import java.io.*;import java.net.*;import java.util.*;

import javax.servlet.*;import javax.servlet.http.*;

/** * Core implementation of a server session

* * @author James Duncan Davidson [duncan@eng.sun.com]

* @author James Todd [gonzo@eng.sun.com] */

public class ServerSession {

private StringManager sm = StringManager.getManager("org.apache.tomcat.session");

private Hashtable values = new Hashtable(); private Hashtable appSessions = new Hashtable();

private String id; private long creationTime = System.currentTimeMillis();;

private long thisAccessTime = creationTime; private long lastAccessed = creationTime;

private int inactiveInterval = -1;

ServerSession(String id) { this.id = id;

}

public String getId() { return id;

}

public long getCreationTime() { return creationTime;

}

public long getLastAccessedTime() { return lastAccessed;

}

public ApplicationSession getApplicationSession(Context context, boolean create) {

ApplicationSession appSession = (ApplicationSession)appSessions.get(context);

if (appSession == null && create) {

// XXX // sync to ensure valid?

appSession = new ApplicationSession(id, this, context);

appSessions.put(context, appSession); }

// XXX // make sure that we haven't gone over the end of our // inactive interval -- if so, invalidate and create

// a new appSession

return appSession; }

void removeApplicationSession(Context context) { appSessions.remove(context);

}

/** * Called by context when request comes in so that accesses and

* inactivities can be dealt with accordingly. */

void accessed() { // set last accessed to thisAccessTime as it will be left over

// from the previous access

lastAccessed = thisAccessTime; thisAccessTime = System.currentTimeMillis();

}

void validate()

Software Control

Crosses Interdisciplinary Boundaries

Why is CPS Hard?

• Disciplinary boundaries need to be realigned• New fundamentals need to be created• New technologies and tools need to be developed• Education need to be restructured

Long-Term Goal

Transform how we interact with the physical world just like the internet transformed how we interact with one another. Transcend space Control the physical environment remotely

Building CPSs that integrate computational and physical objects requires new systems science foundations. Fusion of physical and computational sciences

Produce significant impact on society and national competitiveness.

11

Overview

What are Cyber-Physical Systems? Scientific challenges

Composition and compositionality How to build, compose networked CPS at all scales? How to achieve compositionality in high-confidence, dynamically-

configured systems?

Design and design automation What is the meaning and cost of heterogeneity? How to accommodate changes in products, design process and

design culture

Interaction-based computing What are the new computing paradigms? How to model interactions

Example:

CPS Composition Theories 1/3

R/r is the pole of the transfer functionv(z)/e(z) => the step response may becomeunstable.

v(t) = R * i(t)

v(t) = R * i(t - t)

Source: Roitman and Diniz, ICDS’95, 1995

Discretization of components using trapezodial rule for integration.

Composition task: Not realizable implementation..

Source: Bilbao and Smith III, 2005

Example:

CPS Composition Theories 2/3

Wave Digital FiltersAlfred Fettweis in the early 1970s, was an attempt at translating analog filters into the digital realm with a pointed emphasis on preserving as much of the underlying physics as possible.Properties:

– if the reference filter is passive, the WDF implementation is also passive– guaranteed stability– reduced accuracy requirements for coefficients and good dynamic range– free of zero input limit-cycle oscillation, …

Resonator-Bank Filters Peceli and others, 1980’s. Similar properties, different implementation strategy.

Need for investigating composition theories for CPS

Example:

CPS Composition Theories 3/3

15

Overview

What are Cyber-Physical Systems? Economic context Scientific challenges

Composition and compositionality How to build, compose networked CPS at all scales? How to achieve compositionality in high-confidence, dynamically-configured

systems?

Design and design automation What is the impact and cost of heterogeneity? How to accommodate changes in products, design process

and design culture

Interaction-based computing What are the new computing paradigms? How to model interactions

Heterogeneity and Modeling Languages

ComputingSystemCompositionDomain

PhysicalSystem CompositionDomain

Physicalinstantiation

Logical specification(source code)

Physical systemcharacteristics

• Physical Models• Modeling Languages

– Structure– Behaviors

• Physical Laws– Physical variables– Physical Units

• “Cyber” Models• Modeling Languages

– Structure– Behaviors

• Mathematical Domains– traces/state variables– no reference semantics or “semantic units”

Challenges in DSML Semantics

DSML

• Usually, specification stops at the level of abstract syntax metamodels (“static semantics”)• Specification of behavioral semantics (if done)

– involve major effort due to overly complex modeling languages, – use a wide range of formalisms and

• Impact is far-reaching– tool chains are closed and built around loosely defined “conventions” and proprietary interpretations of semantics instead of standards – potential semantic mismatches create unacceptable risk for safety critical applications

Major roadblock that slows down acceptance ofmodel-based design technology.

SemanticDomain

?

Need for developing theories and tools for compositionalspecification of DSML semantics

ModelingControllerSynthesis

System Analysis

CodeSynthesis

ValidationVerification

TargetAnalysis

Platform

SimulinkStateflowECSL/GMEPtolemy

MatlabSimulatorCheckmateSALTejaUP ReachCharon

R-TWorkshopECSL/GMEKestrelPtolemy

CheckmateCharon

WindViewAIRES

CheckmateAIRES

MPC555/OSEKPENTIUM/QNX

Platform Models

Plant Model Integrated Model

Design Feedback

Valid Model Code/Model

Test Vectors

Valid Code/Model

Design Feedback

Download

Valid Model

BACKPLANE Open Tool Integration Framework

Metamodeling

MetamodelComposition &Validation

Metagenerators

UML/OCLGME/Meta

GME/Meta

MIC/GENKestrel

Comp/PlatfModeling

ComponentImplement.

System Modeling

ComponentIntegration

ValidationVerification

TargetAnalysis Platform

UML/RoseESML/GME

ManualESML/GMEHoneywellCMU

ESML/GMEHoneywellTimeWeaver

AIRESSWRI/ASCTimeWiz

AIRESSWRI/ASCESML/GME

PENTIUM/TAO/BOLD-STROKE

Platform Models

Partial Model System Model

Design Feedback

Component Code

Interaction/Fault mgmt/… Models

Valid Code/Model

Design Feedback

DownloadIntegrated CodeModelComponent Model

Design Feedback

• Integrated Physical/Computational Modeling and Analysis • Generative Programming• Hybrid System Analysis• Customizable (metaprogrammable) modeling tools and generators• Open tool integration framework; configurable design flow and composable design environments

Automotive Design Flow Avionics Design Flow

Goal: Heterogeneous and Composable Design Flows

19

Overview

What are Cyber-Physical Systems? Economic context Scientific challenges

Composition and compositionality How to build, compose networked CPS at all scales? How to achieve compositionality in high-confidence, dynamically-configured

systems?

Design and design automation What is the meaning and cost of heterogeneity? How to accommodate changes in products, design process and

design culture?

Interaction-based computing What are the new computing paradigms? How to model interactions?

Change in Computing Platforms

Future Computers on Silicon

• 1 Power Processor Element (PPE)• 8 Synergistic Processor Element (SPE)• Interconnection (EIB) consists of 4 x 16 byte rings run at half the CPU clock speed and can allow up to 3 simultaneous transfers.  Theoretical peak of the EIB is 204.8 Gigabytes per second. • Programming challenge – coordinating the execution of jobs….• Programming models: - job queue, - multitasking, - stream processing, - …

• Challenge: understanding task interaction and utilizing concurrency

Change in CPS Applications: Networked

Systems

COP

Distributed DatabaseInformation LayerInteroperableexport

WIN-T

UE/HQESO

Standards-BasedOpen Software

Architecture

L COP L COP L COP L COP

Common OperatingPicture

HQ

ESO

EPLRSSINCGARSVHF

Link 4ALink 11Link 16WIN T

Hierarchical Ad-Hoc Network

DataImagesVoiceVideo

Mis

sion

Pla

nnin

g &

Pre

p

Situ

atio

n U

nder

stan

ding

Bat

tle M

gmt

& E

xecu

tion

Sen

sor

Fus

ion

Tar

get

Rec

ogni

tion

Inte

grat

ed S

usta

inm

ent

Em

bedd

ed T

rain

ing

Common Services

Information Management

Computing and Networking

Warfighter Interface

Vetronics

Common VehicleSubsystems

HQ

BattleCommand

EO/IR EO/IRSAR/MTI

UGS

WNW

Reachback

HHQ

WNW

Joint CommonDatabase

XX

stubnet

DB Synchronization

Information ManagementInformation Management

PlatformPlatformNetworked CommandNetworked Command

InteroperabilityInteroperabilityFIOP

Foundation Infrastructure – (e.g, Network with: COMSEC Crypto Services, Mobility Enhancements, IP Network Appliqué's, )

Operating System

Operating System Abstraction Services

Network Infrastructure Services

SOS Framework ServicesCOTS

NDI

SOS Operations Services

Information Assurance (IA) Network Mgt (NM) Information Dissemination Mgt (IDM)

Application Program Interfaces – Common Services

Vehicle Applications Mission Applications Business Applications Administration Applications

Human Machine Interface /Machine-Machine Interface

COTSNDI

Mis

sion

Pla

nnin

g &

Pre

p

Situ

atio

n U

nder

stan

ding

Bat

tle C

omm

and

Inte

grat

ed

Sust

ainm

ent

Targ

et R

ecog

nitio

n

Sens

or F

usio

n

Embe

dded

Mis

sion

Tra

inin

g

Nav

igat

ion

Con

trol

s

Prop

ulsi

on

Hyd

raul

ic

Elec

tric

al

Fuel

Sys

Hea

lth M

anag

emen

t

Engi

neer

ing

Proc

urem

ent

Faci

litie

s

Logi

stic

s

Pers

onne

l

Tran

spor

tatio

n

Dis

posa

l

Syst

em M

anag

emen

t

Rem

ote

Serv

er M

gt

Softw

are

Dis

trib

utio

n

Use

r Man

agem

ent

Softw

are

Upg

rade

Softw

are

Inst

all

Rem

ote

Trou

bles

hoot

Foundation Infrastructure – (e.g, Network with: COMSEC Crypto Services, Mobility Enhancements, IP Network Appliqué's, )

Operating System

Operating System Abstraction Services

Network Infrastructure Services

SOS Framework ServicesCOTS

NDI

SOS Operations Services

Information Assurance (IA) Network Mgt (NM) Information Dissemination Mgt (IDM)

SOS Operations Services

Information Assurance (IA) Network Mgt (NM) Information Dissemination Mgt (IDM)

Application Program Interfaces – Common Services

Vehicle Applications Mission Applications Business Applications Administration Applications

Human Machine Interface /Machine-Machine Interface

COTSNDI

Mis

sion

Pla

nnin

g &

Pre

p

Situ

atio

n U

nder

stan

ding

Bat

tle C

omm

and

Inte

grat

ed

Sust

ainm

ent

Targ

et R

ecog

nitio

n

Sens

or F

usio

n

Embe

dded

Mis

sion

Tra

inin

g

Nav

igat

ion

Con

trol

s

Prop

ulsi

on

Hyd

raul

ic

Elec

tric

al

Fuel

Sys

Hea

lth M

anag

emen

t

Engi

neer

ing

Proc

urem

ent

Faci

litie

s

Logi

stic

s

Pers

onne

l

Tran

spor

tatio

n

Dis

posa

l

Syst

em M

anag

emen

t

Rem

ote

Serv

er M

gt

Softw

are

Dis

trib

utio

n

Use

r Man

agem

ent

Softw

are

Upg

rade

Softw

are

Inst

all

Rem

ote

Trou

bles

hoot

JTRS

Future Systems in the Field

• Heterogeneous CPS • Open Dynamic Architecture - heterogeneous networking - heterogeneous components

• Very high level concurrency with complex interactions

• Challenge: understanding system interactions and analyzing (bounding) behavior

Interaction and Coordination

Rich time models instead of sequencing

Behavioral invariants instead of end results

Functionality through interactions of ongoing behaviors instead of sequence of actions

Component architectures instead of procedural abstraction

Concurrency models with partially ordered instead of linearly ordered event sets

Precise interaction and coordination protocols

Hugely increased system size with controllable, stable behavior

Dynamic system architectures (nature and extent of interaction can be modified)

Adaptive, autonomic behavior

Self-descriptive, self monitoring system architecture for safety guarantees.

Changes in Cyber Changes in Physical

Summary

CPS-s represent the coming new age in systems design

The required technology changes are fundamental – go way beyond “multidisciplinary” design

The impact on competitiveness is huge: CPS-s are the foundation for the systems industry