File preview
Complex Systems Modeling and Engineering and CPS research
Manfred Broy
Technische Universität München Institut für Informatik D-80290 Munich, Germany
Topics
• • •
Cyber Physical Systems - a slightly more general view
◊ steps of their history ◊ their characteristics - how they are different
Modeling Cyber Physical Systems
◊ Abstraction ◊ Structuring
Engineering CPS
◊ Modeling as a basis of engineering ◊ Requirements engineering
• Functional Requirements • Quality
◊ Architecture
•
The German acatech Project agendaCPS
◊ A holistic view onto CPS
CPS PI Conference, National Harbour August 2011
Manfred Broy
2
Key areas of innovation in ICT ... Convergence of major fields of innovation in IT: • IT infrastructure
◊ Advanced software applications ◊ Devices: PC, laptop, smart phone, …, a sea of sensors
•
Embedded digital hardware & software systems
◊ ◊ ◊ ◊ embedded control - real time adapted automation augmented reality advanced assistance
•
Cyber space: internet and world wide web – the “cloud”
◊ data mining - customized search ◊ social networks – human factors ◊ knowledge engineering
The synergy: cyber-physical systems
CPS PI Conference, National Harbour August 2011 Manfred Broy 3
Evolution: from Embedded zu Cyber-Physical Systems
Cyber-Physical Systems Systems-of-systems Smart and cooperative embedded systems Smart embedded systems Embedded systems
CPS PI Conference, National Harbour August 2011 Manfred Broy 4
4
Smart Embedded Systems
• • •
Analyze environment – situational model control response user assistance HMI
CPS PI Conference, National Harbour August 2011
Manfred Broy
5
Onion ring like structure of CPS
systems
human machine interface software
connection to other systems
electronic hardware sensors and actuators embedded system physical/mechanical system CPS
CPS PI Conference, National Harbour August 2011 Manfred Broy 6
System of systems
CPS PI Conference, National Harbour August 2011
Manfred Broy
7
System of systems of systems
CPS PI Conference, National Harbour August 2011
Manfred Broy
8
Prominent example for CPS: smart grid
•
Embedded control
◊ stable provision of electrical energy ◊ net management ◊ management of energy generation
•
New requirements and conditions
◊ prognosis
• energy production • energy consumption
◊ distributed decentralized generation of energy (wind, sun, water, ...)
• availability depends on weather etc.
◊ consumption oriented pricing
• consumption depends on social and economical events • smart meter
◊ e-mobility
• relationship to traffic • …
CPS PI Conference, National Harbour August 2011
Manfred Broy
9
Cyber-Physical Systems
Interfaces to users, to the physical world and to cyberspace HMI Embedded System Embedded System Embedded System CPS Cyberspace Services & Data
Physical World
CPS PI Conference, National Harbour August 2011
Manfred Broy
10
Modelling CPS: Motivation
•
Why modelling? – A basis for engineering
◊ Abstraction
• complexity reduction • implementation unbiased
◊ Structuring ◊ Automation
• •
• advanced tool support • reuse
Why seamless modelling?
◊ optimized integrated use of models over all phases of development ◊ integrated tool support
Why formal modelling?
◊ precision ◊ automation
CPS PI Conference, National Harbour August 2011
Manfred Broy
11
What is seamless modeling
•
Integrated model framework
◊ model theory ◊ description techniques ◊ tool support
•
Seamless usage of models in the development process
◊ requirements engineering
• data models • functional specification model • quality model
◊ architecture design
• component hierarchy • component interfaces
◊ state (machine) views ◊ refinement and tracing
CPS PI Conference, National Harbour August 2011
Manfred Broy
12
Towards a comprehensive theory of system modelling: meta model
Composition Refinement Time Feature model Interface model: components Input and output uses Abstraction Abstraction Abstraction Implementation Hierarchy and architecture Is sub-feature
Composition Refinement Time
Composition Refinement Time Composition Refinement Time
Process transition model: Events, actions and causal relations Implementation uses State transition model: States and state machines uses Data model: Types/sorts and characteristic functions
CPS PI Conference, National Harbour August 2011
Manfred Broy
13
What is a hybrid (discrete and continuous) CP system? A system • has a scope - boundary • a behaviour functional view: an interface and an interface behaviour
◊ ◊ ◊ ◊ input and output via ports, channels, events, messages, signals discrete and continuous time histories – discrete and continuous functional is what we can observe at the interface
•
a structure and distribution: a glass/white box view (including differential equation models)
◊ architecture ◊ state and state transition
•
quality profile
Manfred Broy 14
CPS PI Conference, National Harbour August 2011
Change of paradigm in engineering CPSs
There is a high degree of • innovation in functionality in CPSs but also • increasing costs and complexity in the design of CP systems, which asks for new approaches and paradigms for engineering and development: • Systems Engineering
◊ instead of assembling components - integration of subsystems
requires emphasis on
◊ requirements engineering ◊ architecture and integration ◊ comprehensive quality assurance
•
Function orientation
◊ instead of developing components developing functions ◊ functional view part of architecture
CPS PI Conference, National Harbour August 2011
Manfred Broy
15
Paradigm shift development CPS
... and new development principles:
• •
Front loading ◊ shift in expenditure on early phases ◊ instead of eliminating errors in the integration error prevention Model based development ◊ structuring ◊ automation ◊ seamless use of all models Example: Functional models for testing, diagnostics, maintenance
• •
Artefact orientation - PLM E/E
◊ archiving of all development results in databases
Product lines
◊ modular function construction kit ◊ mastering variability ◊ systematic reuse at all levels
CPS PI Conference, National Harbour August 2011
Manfred Broy
16
Comprehensive architecture - what is it Views onto structure - structuring views of a system • context - domain model
◊ relevant properties of the system environment
•
functional view - system level interface
◊ functionality - function hierarchy ◊ dependencies ◊ non-functional requirements (quality: safety, reliability, performance, ...)
• •
logical sub-system view
◊ architecture of components - component hierarchy ◊ Logic of the signal / message flow between components
technical view
◊ deployment, scheduling
CPS PI Conference, National Harbour August 2011
Manfred Broy
17
Structured architecture views: abstraction levels
User Connected systems
Phys. context
Phys. context
Phys. context
Requirements
R1 R2 Interface assertion ... ... Safety Priority Yes high No medium Component Function
Rn
...
no
low
CPS PI Conference, National Harbour August 2011
Manfred Broy
18
Structuring functionality User Connected systems
Phys. context
Phys. context
Phys. context
CPS PI Conference, National Harbour August 2011
Manfred Broy
19
Structuring functionality User Connected systems
Phys. context
Phys. context
Phys. context
CPS PI Conference, National Harbour August 2011
Manfred Broy
20
Structuring functionality User Connected systems
Phys. context
Phys. context
Phys. context
CPS PI Conference, National Harbour August 2011
Manfred Broy
21
Structuring functionality User
Phys. context
Phys. context
CPS PI Conference, National Harbour August 2011
Manfred Broy
22
Structuring functionality in single functions User
low beam
daylight sensor
CPS PI Conference, National Harbour August 2011 Manfred Broy 23
The role of the conceptional architecture in development
•
Function hierarchy/service taxonomy: The function hierarchy is to be specified in the requirements engineering It comprises (models) all functional requirements Logical architecture The has to be worked out in the design phase It comprises the decomposition of the systems in a hierarchy of sub-systems (logical components) fixing their logical roles
•
CPS PI Conference, National Harbour August 2011
Manfred Broy
24
What is a function? What is a sub-system? Sub-function Sub-system
CPS PI Conference, National Harbour August 2011
Manfred Broy
25
Hierarchy of usage functions („services“)
Overall functionality Subfunctionality
Dependencies relationships
CPS PI Conference, National Harbour August 2011
Manfred Broy
26
A logical component architecture: sub-system hierarchy
CPS PI Conference, National Harbour August 2011
Manfred Broy
27
Key question for system design: modularity and hierarchies
• •
Note: The principle of hierarchical decomposition
◊ A function is a sub-function is a function ◊ A system is a component/sub-system is a system
What does it mean that
◊ a system (component) S offers a function F? ◊ The the projection of the interface behavior of S to the syntactic interface of function F is (a refinement of) the function F!
• •
Can we understand the behaviour of a multi-functional system as the hierarchy of the functions it offers? How can we capture the dependencies between the functions?
CPS PI Conference, National Harbour August 2011
Manfred Broy
28
Modes - operating conditions as a missing link
•
The individual functions of a vehicle are not logically / functionally independent
◊ feature interactions ◊ desirable / undesirable
•
Collection and presentation of the modes
◊ modes: logical operational states of a vehicle ◊ example: locking, motor, driving conditions, etc. ◊ allows for inclusion of adaptive elements - MMI
•
Modular modelling of functions
◊ primary in/output of the function ◊ modes as input/output to represent the dependencies ◊ behaviour as
• state machine • interface representation
CPS PI Conference, National Harbour August 2011
Manfred Broy
29
Comprehensive Architecture Views: Levels
The structure of software-intensive systems: • Functionality: usage view
• •
◊ Multi-functional systems: feature hierarchies ◊ Feature interaction
Logical component architecture Software Architecture
◊ Design time software architecture
• Application software • Software platform (OSEK, bus systems)
Conceptional Architecture
◊ Run time software architecture
•
• Tasks • Scheduling
Hardware Architecture
◊ Controllers ◊ Communication devices ◊ Sensor and actuators
•
Deployment
Technical Architecture
CPS PI Conference, National Harbour August 2011 Manfred Broy 30
The comprehensive model
Usage function hierarchy function taxonomy Logical architecture
Technical architecture Software architecture conceptional architecture
Tasks • T1 • T2 • T3 • T4 • ...
Deployment
T1 ...
T2 ...
T3 T4 ...
Hardware architecture CPS PI Conference, National Harbour August 2011 Manfred Broy 31
A screen shot from AutoFocus
CPS PI Conference, National Harbour August 2011
Manfred Broy
32
Informal S requirements
System Specification Validation
x2 : T2 x1 : T1 S x3 : T3 y1 : T’1 y2 : T’2 x4 : T4 y3 : T’3 y4 : T’4 x5 : T5
Sp ec ific ati on
System delivery
x1 : T1
x2 : T2 R
x3 : T3
y1 : T’1 y2 : T’2 x4 : T4
Integration
de sig n
architecture verification S ⇐ C1⊗C2⊗C3
CPS PI Conference, National Harbour August 2011
Verification R1 ⇒ C1
Manfred Broy
In te gr at io n
architecture design
R = R1⊗R2⊗R3 impl eme ntat ion components implementation
R2 ⇒ C2 R3 ⇒ C3
33
deliv ery
C1 C2 System verification R⇒S
C3
y4 : T’4 x5 : T5
y3 : T’3
Hybrid systems: an interface model
Sets of typed channels I = {x1 : T1, x2 : T2, ... } O = {y1 : T’1, y2 : T’2, ... } syntactic interface (I
!
x2 : T2 x1 : T1
x3 : T3
y1 : T’1 y2 : T’2 x4 : T4 y3 : T’3
System
O)
data stream of type T STREAM[T] = {IN ! T*} discrete T – discrete stream STREAM[T] = {IR+ ! T} dense T – continuous stream valuation of channel set C IH[C] = {C ! STREAM[T]} interface behavior for syn. interface (I [I
! !
y4 : T’4
x5 : T5
O)
O] = {IH[I] ! "(IH[O])} ! IB
interface specification p: I# O
represented by an interface assertion S a logical formula with channel names as variables for streams
CPS PI Conference, National Harbour August 2011 Manfred Broy 34
Result: function based structuring/architecture of systems
Modeling: • Function hierarchy
◊ Structured list of all functions
• user functions • system functions
Seamless usage: • Analysis
◊ feature interactions ◊ completeness of specification
◊ Mode view ◊ Modular specification of each function
•
• dependencies by modes
Logical components (subsystems)
◊ Tracing: understanding which of the sub-systems and which of their properties contribute to which function
• • • • • •
Validation Simulation Generation of system test cases Configuration planning
◊ when is which function available
•
Technical level
◊ Automatic generation of code
• Parameterized by technical architecture
Impact analysis Generation of integration test cases
CPS PI Conference, National Harbour August 2011
Manfred Broy
35
Seamless modelling: model flow
System Specification Validation
x2 : T2 x1 : T1 S x3 : T3 y1 : T’1 y2 : T’2 x4 : T4 y3 : T’3 y4 : T’4 x5 : T5
System delivery
x1 : T1
x2 : T2 R
x3 : T3
y1 : T’1 y2 : T’2 x4 : T4
System verification R⇒S Integration
y3 : T’3 y4 : T’4 x5 : T5
architecture design
R = R1⊗R2⊗R3
components implementation
architecture verification S ⇐ C1⊗C2⊗C3
CPS PI Conference, National Harbour August 2011
Verification R1 ⇒ C1
Manfred Broy
R2 ⇒ C2 R3 ⇒ C3
36
CPS - a new engineering paradigm
CPS PI Conference, National Harbour August 2011
Manfred Broy
37
Not software - systems in the first place – an integrated view
•
What is a CP system
◊ a unit of
• software • electronic hardware • mechanical parts
•
we need a more integrated holistic view onto systems: a theory of CP system modeling: hybrid system theory
◊ interfaces ◊ architectures
• composition of CP systems
◊ states
•
The theory of programming
◊ specification and verification, interfaces, composition, modularity and compatibility, refinement, state, architecture
is a perfect starting point for such a theory of systems
CPS PI Conference, National Harbour August 2011 Manfred Broy 38
An algebraic view onto modeling cyber-electromechanical systems
HW: electronic programmable hardware including sensors, actuators, HMI devices software hardware and software integrated (example CPU) communication devices – bus systems mechanical systems
⊗ composition ⊗: SW × SW → SW ⊗: HW × HW → HW ... ⊗: HW × SW → ITS ⊗: ITS × ... × ITS × CN → ITS ⊗: ITS × MD → CPS ...
SW: ITS: CN: MD:
CPS: cyber physical systems
Laws: [md1 ⊗ md2] ⊗ [hw1 ⊗ hw2] ⊗ [sw1 ⊗ sw2] =?= [md1 ⊗ hw1 ⊗ sw1] ⊗ [md2 ⊗ hw2 ⊗ sw2]
CPS PI Conference, National Harbour August 2011
Manfred Broy
39
Re-thinking the role of time
•
Ed Lee’s structure of an CPS is essentially an embedded system
◊ Observation: a C program sw does not say anything about timing – we need the platform to understand the timing
Observation timing[sw] ≠ timing[hw ⊗ sw]
CPS PI Conference, National Harbour August 2011
Manfred Broy
40
Re-thinking the notion of “functional requirements”
•
Time should be part of behavior – but there is a difference
◊ specification and implementation
• timing as requirement – hard real time • timing as property of execution
◊ between hard and soft real time
•
What is functional is in the eye of the beholder:
◊ wide range of observations (temperature, weight, speed, …) ◊ time – discrete and continuous ◊ today is tomorrow: timing as a build in property of models of programs and systems
•
What is called “functional” is what is modeled by the functional view by the interface behavior including
◊ qualitative views: classical concepts of correctness including time ◊ quantitative views: probability, performance, safety, ...
•
What is “non-functional” is what cannot be seen in the functional view – modeled by the interface behavior of a CPS
Manfred Broy 41
CPS PI Conference, National Harbour August 2011
CPS PI Conference, National Harbour August 2011
Manfred Broy
42
CPS PI Conference, National Harbour August 2011
Manfred Broy
43
The acatech Project agenda CPS
•
Organisation
◊ Based on German Road Map Embedded Systems ◊ Sponsored by German BMBF, Intel, BMW, Bosch, … ◊ In cooperation with Siemens, EADS, ESG
•
Goals
◊ ◊ ◊ ◊ Future scenarios of CPSs Needed capabilities Core technologies Research agenda
•
Schedule
◊ Deliver results in autumn/winter 2011
CPS PI Conference, National Harbour August 2011
Manfred Broy
44
Aspects beyond technology … CPS as drivers of change … • Law • Politics • The human factor
◊ HMI ◊ Social networks and CPS ◊ User acceptance issues
• privacy • complexity • …
CPS PI Conference, National Harbour August 2011
Manfred Broy
45
Concluding remarks: the bottom line ...
•
CPSs are more than embedded systems
◊ integrated cyber-mechanical systems consisting of mechanics/hardware/software
•
Connecting cyber-mechanical systems to the internet and www brings in a new dimension of
◊ Research questions
• interoperability
◊ Innovative application opportunities
CPS PI Conference, National Harbour August 2011
Manfred Broy
46
Manfred Broy
Technische Universität München Institut für Informatik D-80290 Munich, Germany
Topics
• • •
Cyber Physical Systems - a slightly more general view
◊ steps of their history ◊ their characteristics - how they are different
Modeling Cyber Physical Systems
◊ Abstraction ◊ Structuring
Engineering CPS
◊ Modeling as a basis of engineering ◊ Requirements engineering
• Functional Requirements • Quality
◊ Architecture
•
The German acatech Project agendaCPS
◊ A holistic view onto CPS
CPS PI Conference, National Harbour August 2011
Manfred Broy
2
Key areas of innovation in ICT ... Convergence of major fields of innovation in IT: • IT infrastructure
◊ Advanced software applications ◊ Devices: PC, laptop, smart phone, …, a sea of sensors
•
Embedded digital hardware & software systems
◊ ◊ ◊ ◊ embedded control - real time adapted automation augmented reality advanced assistance
•
Cyber space: internet and world wide web – the “cloud”
◊ data mining - customized search ◊ social networks – human factors ◊ knowledge engineering
The synergy: cyber-physical systems
CPS PI Conference, National Harbour August 2011 Manfred Broy 3
Evolution: from Embedded zu Cyber-Physical Systems
Cyber-Physical Systems Systems-of-systems Smart and cooperative embedded systems Smart embedded systems Embedded systems
CPS PI Conference, National Harbour August 2011 Manfred Broy 4
4
Smart Embedded Systems
• • •
Analyze environment – situational model control response user assistance HMI
CPS PI Conference, National Harbour August 2011
Manfred Broy
5
Onion ring like structure of CPS
systems
human machine interface software
connection to other systems
electronic hardware sensors and actuators embedded system physical/mechanical system CPS
CPS PI Conference, National Harbour August 2011 Manfred Broy 6
System of systems
CPS PI Conference, National Harbour August 2011
Manfred Broy
7
System of systems of systems
CPS PI Conference, National Harbour August 2011
Manfred Broy
8
Prominent example for CPS: smart grid
•
Embedded control
◊ stable provision of electrical energy ◊ net management ◊ management of energy generation
•
New requirements and conditions
◊ prognosis
• energy production • energy consumption
◊ distributed decentralized generation of energy (wind, sun, water, ...)
• availability depends on weather etc.
◊ consumption oriented pricing
• consumption depends on social and economical events • smart meter
◊ e-mobility
• relationship to traffic • …
CPS PI Conference, National Harbour August 2011
Manfred Broy
9
Cyber-Physical Systems
Interfaces to users, to the physical world and to cyberspace HMI Embedded System Embedded System Embedded System CPS Cyberspace Services & Data
Physical World
CPS PI Conference, National Harbour August 2011
Manfred Broy
10
Modelling CPS: Motivation
•
Why modelling? – A basis for engineering
◊ Abstraction
• complexity reduction • implementation unbiased
◊ Structuring ◊ Automation
• •
• advanced tool support • reuse
Why seamless modelling?
◊ optimized integrated use of models over all phases of development ◊ integrated tool support
Why formal modelling?
◊ precision ◊ automation
CPS PI Conference, National Harbour August 2011
Manfred Broy
11
What is seamless modeling
•
Integrated model framework
◊ model theory ◊ description techniques ◊ tool support
•
Seamless usage of models in the development process
◊ requirements engineering
• data models • functional specification model • quality model
◊ architecture design
• component hierarchy • component interfaces
◊ state (machine) views ◊ refinement and tracing
CPS PI Conference, National Harbour August 2011
Manfred Broy
12
Towards a comprehensive theory of system modelling: meta model
Composition Refinement Time Feature model Interface model: components Input and output uses Abstraction Abstraction Abstraction Implementation Hierarchy and architecture Is sub-feature
Composition Refinement Time
Composition Refinement Time Composition Refinement Time
Process transition model: Events, actions and causal relations Implementation uses State transition model: States and state machines uses Data model: Types/sorts and characteristic functions
CPS PI Conference, National Harbour August 2011
Manfred Broy
13
What is a hybrid (discrete and continuous) CP system? A system • has a scope - boundary • a behaviour functional view: an interface and an interface behaviour
◊ ◊ ◊ ◊ input and output via ports, channels, events, messages, signals discrete and continuous time histories – discrete and continuous functional is what we can observe at the interface
•
a structure and distribution: a glass/white box view (including differential equation models)
◊ architecture ◊ state and state transition
•
quality profile
Manfred Broy 14
CPS PI Conference, National Harbour August 2011
Change of paradigm in engineering CPSs
There is a high degree of • innovation in functionality in CPSs but also • increasing costs and complexity in the design of CP systems, which asks for new approaches and paradigms for engineering and development: • Systems Engineering
◊ instead of assembling components - integration of subsystems
requires emphasis on
◊ requirements engineering ◊ architecture and integration ◊ comprehensive quality assurance
•
Function orientation
◊ instead of developing components developing functions ◊ functional view part of architecture
CPS PI Conference, National Harbour August 2011
Manfred Broy
15
Paradigm shift development CPS
... and new development principles:
• •
Front loading ◊ shift in expenditure on early phases ◊ instead of eliminating errors in the integration error prevention Model based development ◊ structuring ◊ automation ◊ seamless use of all models Example: Functional models for testing, diagnostics, maintenance
• •
Artefact orientation - PLM E/E
◊ archiving of all development results in databases
Product lines
◊ modular function construction kit ◊ mastering variability ◊ systematic reuse at all levels
CPS PI Conference, National Harbour August 2011
Manfred Broy
16
Comprehensive architecture - what is it Views onto structure - structuring views of a system • context - domain model
◊ relevant properties of the system environment
•
functional view - system level interface
◊ functionality - function hierarchy ◊ dependencies ◊ non-functional requirements (quality: safety, reliability, performance, ...)
• •
logical sub-system view
◊ architecture of components - component hierarchy ◊ Logic of the signal / message flow between components
technical view
◊ deployment, scheduling
CPS PI Conference, National Harbour August 2011
Manfred Broy
17
Structured architecture views: abstraction levels
User Connected systems
Phys. context
Phys. context
Phys. context
Requirements
R1 R2 Interface assertion ... ... Safety Priority Yes high No medium Component Function
Rn
...
no
low
CPS PI Conference, National Harbour August 2011
Manfred Broy
18
Structuring functionality User Connected systems
Phys. context
Phys. context
Phys. context
CPS PI Conference, National Harbour August 2011
Manfred Broy
19
Structuring functionality User Connected systems
Phys. context
Phys. context
Phys. context
CPS PI Conference, National Harbour August 2011
Manfred Broy
20
Structuring functionality User Connected systems
Phys. context
Phys. context
Phys. context
CPS PI Conference, National Harbour August 2011
Manfred Broy
21
Structuring functionality User
Phys. context
Phys. context
CPS PI Conference, National Harbour August 2011
Manfred Broy
22
Structuring functionality in single functions User
low beam
daylight sensor
CPS PI Conference, National Harbour August 2011 Manfred Broy 23
The role of the conceptional architecture in development
•
Function hierarchy/service taxonomy: The function hierarchy is to be specified in the requirements engineering It comprises (models) all functional requirements Logical architecture The has to be worked out in the design phase It comprises the decomposition of the systems in a hierarchy of sub-systems (logical components) fixing their logical roles
•
CPS PI Conference, National Harbour August 2011
Manfred Broy
24
What is a function? What is a sub-system? Sub-function Sub-system
CPS PI Conference, National Harbour August 2011
Manfred Broy
25
Hierarchy of usage functions („services“)
Overall functionality Subfunctionality
Dependencies relationships
CPS PI Conference, National Harbour August 2011
Manfred Broy
26
A logical component architecture: sub-system hierarchy
CPS PI Conference, National Harbour August 2011
Manfred Broy
27
Key question for system design: modularity and hierarchies
• •
Note: The principle of hierarchical decomposition
◊ A function is a sub-function is a function ◊ A system is a component/sub-system is a system
What does it mean that
◊ a system (component) S offers a function F? ◊ The the projection of the interface behavior of S to the syntactic interface of function F is (a refinement of) the function F!
• •
Can we understand the behaviour of a multi-functional system as the hierarchy of the functions it offers? How can we capture the dependencies between the functions?
CPS PI Conference, National Harbour August 2011
Manfred Broy
28
Modes - operating conditions as a missing link
•
The individual functions of a vehicle are not logically / functionally independent
◊ feature interactions ◊ desirable / undesirable
•
Collection and presentation of the modes
◊ modes: logical operational states of a vehicle ◊ example: locking, motor, driving conditions, etc. ◊ allows for inclusion of adaptive elements - MMI
•
Modular modelling of functions
◊ primary in/output of the function ◊ modes as input/output to represent the dependencies ◊ behaviour as
• state machine • interface representation
CPS PI Conference, National Harbour August 2011
Manfred Broy
29
Comprehensive Architecture Views: Levels
The structure of software-intensive systems: • Functionality: usage view
• •
◊ Multi-functional systems: feature hierarchies ◊ Feature interaction
Logical component architecture Software Architecture
◊ Design time software architecture
• Application software • Software platform (OSEK, bus systems)
Conceptional Architecture
◊ Run time software architecture
•
• Tasks • Scheduling
Hardware Architecture
◊ Controllers ◊ Communication devices ◊ Sensor and actuators
•
Deployment
Technical Architecture
CPS PI Conference, National Harbour August 2011 Manfred Broy 30
The comprehensive model
Usage function hierarchy function taxonomy Logical architecture
Technical architecture Software architecture conceptional architecture
Tasks • T1 • T2 • T3 • T4 • ...
Deployment
T1 ...
T2 ...
T3 T4 ...
Hardware architecture CPS PI Conference, National Harbour August 2011 Manfred Broy 31
A screen shot from AutoFocus
CPS PI Conference, National Harbour August 2011
Manfred Broy
32
Informal S requirements
System Specification Validation
x2 : T2 x1 : T1 S x3 : T3 y1 : T’1 y2 : T’2 x4 : T4 y3 : T’3 y4 : T’4 x5 : T5
Sp ec ific ati on
System delivery
x1 : T1
x2 : T2 R
x3 : T3
y1 : T’1 y2 : T’2 x4 : T4
Integration
de sig n
architecture verification S ⇐ C1⊗C2⊗C3
CPS PI Conference, National Harbour August 2011
Verification R1 ⇒ C1
Manfred Broy
In te gr at io n
architecture design
R = R1⊗R2⊗R3 impl eme ntat ion components implementation
R2 ⇒ C2 R3 ⇒ C3
33
deliv ery
C1 C2 System verification R⇒S
C3
y4 : T’4 x5 : T5
y3 : T’3
Hybrid systems: an interface model
Sets of typed channels I = {x1 : T1, x2 : T2, ... } O = {y1 : T’1, y2 : T’2, ... } syntactic interface (I
!
x2 : T2 x1 : T1
x3 : T3
y1 : T’1 y2 : T’2 x4 : T4 y3 : T’3
System
O)
data stream of type T STREAM[T] = {IN ! T*} discrete T – discrete stream STREAM[T] = {IR+ ! T} dense T – continuous stream valuation of channel set C IH[C] = {C ! STREAM[T]} interface behavior for syn. interface (I [I
! !
y4 : T’4
x5 : T5
O)
O] = {IH[I] ! "(IH[O])} ! IB
interface specification p: I# O
represented by an interface assertion S a logical formula with channel names as variables for streams
CPS PI Conference, National Harbour August 2011 Manfred Broy 34
Result: function based structuring/architecture of systems
Modeling: • Function hierarchy
◊ Structured list of all functions
• user functions • system functions
Seamless usage: • Analysis
◊ feature interactions ◊ completeness of specification
◊ Mode view ◊ Modular specification of each function
•
• dependencies by modes
Logical components (subsystems)
◊ Tracing: understanding which of the sub-systems and which of their properties contribute to which function
• • • • • •
Validation Simulation Generation of system test cases Configuration planning
◊ when is which function available
•
Technical level
◊ Automatic generation of code
• Parameterized by technical architecture
Impact analysis Generation of integration test cases
CPS PI Conference, National Harbour August 2011
Manfred Broy
35
Seamless modelling: model flow
System Specification Validation
x2 : T2 x1 : T1 S x3 : T3 y1 : T’1 y2 : T’2 x4 : T4 y3 : T’3 y4 : T’4 x5 : T5
System delivery
x1 : T1
x2 : T2 R
x3 : T3
y1 : T’1 y2 : T’2 x4 : T4
System verification R⇒S Integration
y3 : T’3 y4 : T’4 x5 : T5
architecture design
R = R1⊗R2⊗R3
components implementation
architecture verification S ⇐ C1⊗C2⊗C3
CPS PI Conference, National Harbour August 2011
Verification R1 ⇒ C1
Manfred Broy
R2 ⇒ C2 R3 ⇒ C3
36
CPS - a new engineering paradigm
CPS PI Conference, National Harbour August 2011
Manfred Broy
37
Not software - systems in the first place – an integrated view
•
What is a CP system
◊ a unit of
• software • electronic hardware • mechanical parts
•
we need a more integrated holistic view onto systems: a theory of CP system modeling: hybrid system theory
◊ interfaces ◊ architectures
• composition of CP systems
◊ states
•
The theory of programming
◊ specification and verification, interfaces, composition, modularity and compatibility, refinement, state, architecture
is a perfect starting point for such a theory of systems
CPS PI Conference, National Harbour August 2011 Manfred Broy 38
An algebraic view onto modeling cyber-electromechanical systems
HW: electronic programmable hardware including sensors, actuators, HMI devices software hardware and software integrated (example CPU) communication devices – bus systems mechanical systems
⊗ composition ⊗: SW × SW → SW ⊗: HW × HW → HW ... ⊗: HW × SW → ITS ⊗: ITS × ... × ITS × CN → ITS ⊗: ITS × MD → CPS ...
SW: ITS: CN: MD:
CPS: cyber physical systems
Laws: [md1 ⊗ md2] ⊗ [hw1 ⊗ hw2] ⊗ [sw1 ⊗ sw2] =?= [md1 ⊗ hw1 ⊗ sw1] ⊗ [md2 ⊗ hw2 ⊗ sw2]
CPS PI Conference, National Harbour August 2011
Manfred Broy
39
Re-thinking the role of time
•
Ed Lee’s structure of an CPS is essentially an embedded system
◊ Observation: a C program sw does not say anything about timing – we need the platform to understand the timing
Observation timing[sw] ≠ timing[hw ⊗ sw]
CPS PI Conference, National Harbour August 2011
Manfred Broy
40
Re-thinking the notion of “functional requirements”
•
Time should be part of behavior – but there is a difference
◊ specification and implementation
• timing as requirement – hard real time • timing as property of execution
◊ between hard and soft real time
•
What is functional is in the eye of the beholder:
◊ wide range of observations (temperature, weight, speed, …) ◊ time – discrete and continuous ◊ today is tomorrow: timing as a build in property of models of programs and systems
•
What is called “functional” is what is modeled by the functional view by the interface behavior including
◊ qualitative views: classical concepts of correctness including time ◊ quantitative views: probability, performance, safety, ...
•
What is “non-functional” is what cannot be seen in the functional view – modeled by the interface behavior of a CPS
Manfred Broy 41
CPS PI Conference, National Harbour August 2011
CPS PI Conference, National Harbour August 2011
Manfred Broy
42
CPS PI Conference, National Harbour August 2011
Manfred Broy
43
The acatech Project agenda CPS
•
Organisation
◊ Based on German Road Map Embedded Systems ◊ Sponsored by German BMBF, Intel, BMW, Bosch, … ◊ In cooperation with Siemens, EADS, ESG
•
Goals
◊ ◊ ◊ ◊ Future scenarios of CPSs Needed capabilities Core technologies Research agenda
•
Schedule
◊ Deliver results in autumn/winter 2011
CPS PI Conference, National Harbour August 2011
Manfred Broy
44
Aspects beyond technology … CPS as drivers of change … • Law • Politics • The human factor
◊ HMI ◊ Social networks and CPS ◊ User acceptance issues
• privacy • complexity • …
CPS PI Conference, National Harbour August 2011
Manfred Broy
45
Concluding remarks: the bottom line ...
•
CPSs are more than embedded systems
◊ integrated cyber-mechanical systems consisting of mechanics/hardware/software
•
Connecting cyber-mechanical systems to the internet and www brings in a new dimension of
◊ Research questions
• interoperability
◊ Innovative application opportunities
CPS PI Conference, National Harbour August 2011
Manfred Broy
46