TRƯỜNG ĐẠI HỌC CÔNG NGHỆ THÔNG TIN

KHOA KỸ THUẬT MÁY TÍNH

BỘ MÔN HỆ THỐNG NHÚNG & ROBOT

Cyber Physical Systems

INTRODUCTION

o Cyber-Physical Systems
o Model-based System Design
o Motivating Example of a CPS

1
The fourth industrial revolution

2
Industry 4.0
Industry 4.0 refers to the intelligent networking of machines and
processes for industry with the help of information and
communication technology (Plattform Industrie 4.0)

Industry 4.0 is the

evolution to cyber-
physical systems,
representing the
fourth industrial
revolution on the
road to an end-to-
end value chain
with Industrial IoT
and decentralized
intelligence in
manufacturing

3
Industry 4.0 – Cyber Physical Systems

Cyber-physical systems form the basis of Industry 4.0 (e.g.,

‘smart machines’). They use modern control systems, have
embedded software systems and dispose of an Internet address to
connect and be addressed via IoT (the Internet of Things).

4
Cyber-Physical Systems
E Pluribus Unum: Out of Many, One

Smarter
Machine to
Internet of Planet
Machine
Everything
(M2M)
Internet of
Things The Fog
(IoT) TSensors
Industry 4.0 The (Trillion
Industrial Sensors)
Internet

Cyber-Physical Systems

5
Cyber-Physical Systems

A cyber-physical system (CPS) is an integration of computation

with physical processes whose behavior is defined by both cyber
and physical parts of the system.

Embedded computers and networks monitor and control the

physical processes, usually with feedback loops where physical
processes affect computations and vice versa.

As an intellectual challenge, CPS is about the intersection, not the

union, of the physical and the cyber. It is not sufficient to separately
understand the physical components and the computational
components. We must instead understand their interaction.

6
Cyber-Physical Systems
Characteristics of Cyber-Physical Systems
• Reactive
operates at the speed of the environment

• Real-time
timing of events matters!

• Concurrent
system + environment, at a minimum

• Heterogeneous
hardware/software/networks, physical processes

• (increasingly) Networked
distributed, exposed to attacks

7
Cyber-Physical Systems
Example structure of a cyber-physical system.

8
Cyber-Physical Systems
Full of Contradictory Requirements Biomedical

It’s not just information technology anymore:

• Cyber + Physical
Energy
• Computation + Dynamics
• Security + Safety
Automotive
Avionics

Manufacturing Buildings

Military

9
Cyber-Physical Systems
Full of Contradictory Requirements
Contradictions:
• Adaptability vs. Repeatability
Energy
• High connectivity vs. Security and Privacy
• High performance vs. Low Energy
• Asynchrony vs. Coordination/Cooperation
• Scalability vs. Reliability and Predictability Avionics
• Laws and Regulations vs. Technical Possibilities
• Economies of scale (cloud) vs. Locality (fog)
• Open vs. Proprietary
• Algorithms vs. Dynamics

Innovation:
Cyber-physical systems require new engineering
methods and models to address these contradictions.

10
Internet of Things

The Internet of Things is the network of physical objects that contain

embedded technology to communicate and sense or interact with their
internal states or the external environment (Gartner’s definition)

11
Internet of Things

12
Internet of Things

• Sensors
• Local Processing
• Local Storage
• Network
• Internet
• Cloud
Processing
• Cloud Storage

13
The Hype Around The Internet of Things

Using Internet technology to connect

physical devices (“things”).

Internet of Things

Peak of
Inflated
Expectations

http://www.gartner.com/technology/research/hype-cycles/

14
The Hype Around The Internet of Things

Using Internet technology to connect

physical devices (“things”).

Internet of Things

Trough of
Disillusionment

http://www.gartner.com/technology/research/hype-cycles/

15
Cyber-Physical Systems
IoT is the use of Internet technology for
Cyber-Physical Systems

This Bosch Rexroth

printing press is a
cyber-physical
factory using
Ethernet and TCP/IP
with high-precision
clock synchronization
(IEEE 1588) on an
isolated LAN.

16
Cyber-Physical Systems
Example – Flying Paster

17
Cyber-Physical Systems
Example – Flying Paster

Source: http://offsetpressman.blogspot.com/2011/03/how-flying-paster-works.html
18
Cyber-Physical Systems
Automotive CPS and Societal Challenges
• Safer Transportation
• Reduced Emissions
• Smart Transportation
• Energy Efficiency
• Climate Change
• Human-Robot Collaboration

19
Cyber-Physical Systems
Example: Air-Fuel ratio control to reduce emissions
• Catalytic converters reduce CH4, CO2, and NOx emissions
• Conversion efficiency optimal at stoichiometric value

See: Jin. Kapinski. Deshmukh, Ueda, Butts,

“Powertrain Control Verification Benchmark,” HSCC 2014
20
Cyber-Physical Systems
Air-Fuel ratio control: Gasoline Engine setting

Exhaust manifold
Fuel injectors

Measured
A/F
Software
Measured
Air Flow

AIR Intake manifold

21
Report: McKinsey Global Institute

22
Economic Potential

23
The Emerging IT Scene

Infrastructural
core

The Cloud!

Sensory
swarm

Mobile
access

24
What this course is about

A principled, scientific approach to designing and

implementing embedded systems

Focus on model-based system design, and

on embedded software

25
Modeling, Design, Analysis

Modeling is the process of

gaining a deeper understanding
of a system through imitation.
Models express what a system
does or should do.

Design is the structured creation of

artifacts. It specifies how a system
does what it does.

Analysis is the process of gaining a

deeper understanding of a system
through dissection. It specifies why a
system does what it does (or fails to
do what a model says it should do).

26
Determinacy
Some of the most valuable models are deterministic

A model is deterministic if, given the initial state and the

inputs, the model defines exactly one behavior.

Deterministic models have proven extremely valuable in

the past. It simplifies design and enables analysis

27
Determinacy
Physicists continue to debate whether the world is
deterministic
Deterministic
model

Determinism is a
property of models,
Deterministic not a property of the
system? systems they model.

28
Schematic
A simple Cyber-Physical System

• What kinds of models should we use?

• Let’s look at the most successful kinds of models

from the cyber and the physical worlds.
29
Software is a Model

Physical System Model

Single-threaded imperative programs

are deterministic models
30
Software is a Model
Software relies on another deterministic model that
abstracts the hardware
Physical System Model

Waterman, et al., The RISC-V Instruction Set Manual,

UCB/EECS-2011-62, 2011

Instruction Set Architectures (ISAs)

are deterministic models.
31
Software is a Model
… which relies on yet another deterministic model

Physical System Model

Synchronous digital logic

is a deterministic model.
32
Cyber-Physical Systems
Deterministic Models for the Physical Side of CPS

Physical System Model

Signal Signal

Image: Wikimedia Commons

Differential Equations
are deterministic models.
33
Cyber-Physical Systems
A major problem for CPS: combinations of
deterministic models are nondeterministic

Not Dependable!

Signal Signal

34
Cyber-Physical Systems
Timing is not part of software and network semantics
Correct execution of a program in all widely used programming
languages, and correct delivery of a network message in all
general-purpose networks has nothing to do with how long it takes
to do anything.

Programmers have to step outside the

programming abstractions to specify timing
behavior.

CPS designers have no map!

35
The Value of Models

In science, the value of a model lies in how well its behavior

matches that of the physical system.

In engineering, the value of the physical system lies in how

well its behavior matches that of the model.

In engineering, model fidelity is a two-way street!

For a model to be useful, it is necessary

(but not sufficient) to be able to be able to
construct a faithful physical realization.

36
A Model

37
A Physical Realization

38
Model Fidelity

To a scientist, the model is flawed.

To an engineer, the realization is flawed.

I’m an engineer…

39
Cyber-Physical Systems
For CPS, we need to change the question

The question is not whether deterministic models can

describe the behavior of cyber-physical systems (with
high fidelity).

The question is whether we can build cyber-physical

systems whose behavior matches that of a deterministic
model (with high probability).

40
Cyber-Physical Systems
Existence proofs that useful deterministic models
for CPS exist
Together, these
Deterministic models for CPS with faithful
technologies give a
implementations exist:
programming model for
distributed and concurrent
PTIDES: distributed real-time software
real-time systems that is
http://chess.eecs.berkeley.edu/ptides
deterministic in the sense
of single-threaded
PRET: time-deterministic architectures
imperative programs, and
http://chess.eecs.berkeley.edu/pret
also deterministic w.r.t. to
timing of external
These two projects ended in 2015.
interactions.

41
Model-Based Design
1. Create a mathematical model of all the parts of the
cyber-physical system
o Physical processes
o Controllers: software, hardware, etc.
o Software environment
o Hardware platform
o Network
o Sensors and actuators

2. Construct the implementation from the model

42
Modeling Techniques (1)

o Differential Equations à Physical processes

o Actor Models
o Time-domain modeling
o Feedback control

43
 Modeling Techniques (2)
o Finite-State Machines à for Modal Behavior, as in a
controller, software
o Determinism, Receptiveness
o Trace – modeling the input/output behavior of an FSM
o Composition and Hierarchy

Synchronous/Asynchronous composition,StateCharts

44
Modeling Techniques (3)

o Timed/Hybrid Automata à for Modal Behavior +

continuous dynamics
o Jumps and flows

45
Modeling & Design: Sensors and Actuators

q How Sensors and Actuators Work: Basics

q Interfacing to Sensors
q Modeling Sensors and Actuators

46
Design: Memory Architectures
q Types of Memory
q Memory Maps and Organization
q Memory Model for C programs
q Memory Hierarchy and Protection

47
Concurrent Programming with Interrupts
q I/O Mechanisms in Software: Polling vs. Interrupts
q Setting up Interrupts
q Reasoning about Interrupt-Driven Programs
volatile uint timer_count = 0;
void ISR(void) {
if(timer_count != 0) {
timer_count--;
}
}
int main(void) {
// initialization code
SysTickIntRegister(&ISR);
... // other init
timer_count = 2000;
while(timer_count != 0) {
... code to run for 2 seconds
}
}

48
Concurrency: Modeling and Design

o Threads

o Processes

o Multi-Tasking and Priorities

o Synchronous/Reactive Languages

o Dataflow

49
Real-Time: Design and Analysis

o Scheduling
• Pre-emptive and non-preemptive
• RMS vs EDF
• Priority inversion, protocols: PIP, PCP
• Anomalies in multiprocessor scheduling

o Execution Time Analysis

• Blending measurements, platform modeling, and static
analysis of code

50
Modeling & Analysis:

Specification & Temporal Logic

q The Need for Formal Specification
q Linear Temporal Logic

51
Analysis and Verification

o Reachability Analysis
• Compute the set of all states of the system reachable from any
initial state

o Model Checking
• Does the (closed-loop) system satisfy a temporal logic property?

o Equivalence and Refinement

• When are two state machines equivalent?
• When does one model refine another?

52
Fault Tolerance and Security

o Tolerating faults in sensors, computation, actuators

• Self-checking, N-modular redundancy, interval readings for
sensors, etc.

o Security & Privacy

• Integrity, Confidentiality, Availability under attacks
• Besides traditional issues, need to worry about physical
properties and constraints (e.g. power)
• Privacy properties and enforcement

53
Distributed Systems and Networking

o Proprietary protocols: CAN and FlexRay

o Clock synchronization (IEEE 1588)

o Wireless protocols: BLE, ZigBee, OpenWSN, …

o Time-Triggered Ethernet, …

54
Other Relevant Topics

o Architecture for embedded systems

• E.g. low power, predictable timing, etc.

o Programming languages and compilers

o Testing and debugging
o Controller synthesis
o Simulation strategies
o Hybrid systems (more than timed automata)
o …

55
Future of CPS Design

Rising trend: combine model-based design with data-driven

methods (learning from data)

This course discussed how design is done today, but you

can be sure that the technology will change!

Our goal has been to give you what you need to think
critically about the technology.

56
Motivating Example of a CPS
STARMAC quadrotor aircraft (Tomlin, et al.)

• Introductory Video: http://www.youtube.com/watch?v=rJ9r2orcaYo

• Back-Flip Manuever: http://www.youtube.com/watch?v=iD3QgGpzzIM
57
Motivating Example of a CPS

Modeling:
• Flight dynamics (ch2)
• Modes of operation (ch3)
• Transitions between modes (ch4)
• Composition of behaviors (ch5) Design:
• Multi-vehicle interaction (ch6) • Sensors and Actuators (ch7)
• Processors (ch8)
• Memory system (ch9)
• Sensor interfacing (ch10)
• Concurrent software (ch11)
• Real-time scheduling (ch12)
Analysis
• Specifying safe behavior (ch13)
• Achieving safe behavior (ch14)
• Verifying safe behavior (ch15)
• Guaranteeing timeliness (ch16)
• Security and privacy (ch17)

58
 STARMAC Design Block Diagram
LIDAR RS232
URG-04LX 115 kbps
10 Hz ranges PC/104 WiFi
USB 2
Stereo Cam Pentium M
480 Mbps
802.11g+
Firewire 1GB RAM, 1.8GHz ≤ 54 Mbps
Videre STOC
30 fps 320x240 480 Mbps RS232 Est. & control

GPS UART
Superstar II 19.2 kbps Stargate 1.0 WiFi
10 Hz CF
UART
Intel PXA255 802.11b
64MB RAM, 400MHz 100 Mbps ≤ 5 Mbps
IMU 115 Kbps UART
3DMG-X1 UART Supervisor, GPS
Robostix
76 or 100 Hz 115 kbps
Atmega128
Low level control
Ranger I2C PPM
SRF08 400 kbps 100 Hz
13 Hz Altitude Analog

Ranger Beacon
Mini-AE
ESC & Motors
Timing/ Tracker/DTS Phoenix-25, Axi 2208/26
10-50 Hz Altitude Analog 1 Hz
59
A Theme in This Course: Think Critically

Any course that purports to teach you how to design

embedded systems is misleading you.

The technology will change!

Our goal is to teach you how things are done today, and
why that is not good enough. So you will not be surprised
by the changes that are coming.

60