Institute for Software Integrated Systems

Vanderbilt University

CYBER PHYSICAL SYSTEMS (CPS)

Janos Sztipanovits
ISIS, Vanderbilt University
 Overview
 What are Cyber-Physical Systems?
 Scientific challenges
 Composition and compositionality
 How to build, compose networked CPS at all scales?
 How to achieve compositionality in high-confidence, dynamically-configured systems?
 Design and design automation
 What is the meaning and cost of heterogeneity?
 How to accommodate changes in products, design process and design
culture
 Interaction-based computing
 What are the new computing paradigms?
 How to model interactions

2
 CPS: Computing Perspective
• Two types of computing systems •
– Desktops, servers, PCs, and
notebooks
– Embedded
• The next frontier
– Mainframe computing (60’s-70’s)
• Large computers to execute big
data processing applications
– Desktop computing & Internet (80’s-
90’s)
• One computer at every desk to do
business/personal activities
– Embedded computing (21st
Century)
• “Invisible” part of the
environment
• Transformation of industry
Number of microprocessor
units per year
– Millions in desktops
– Billions in embedded processors
• Applications:
– Automotive Systems
• Light and heavy automobiles,
trucks, buses
– Aerospace Systems
• Airplanes, space systems
– Consumer electronics
• Mobile phones, office electronics,
digital appliances
– Health/Medical Equipment
• Patient monitoring, MRI, infusion
pumps, artificial organs
– Industrial Automation
• Supervisory Control and Data
Acquisition (SCADA) systems for
chemical and power plants
• Manufacturing systems
– Defense
• Source of superiority in all
weapon systems
3
 CPS: Systems Perspective
Sectors Opportunities
Transportation Aircraft that fly faster and further on
less energy. Air traffic control
systems that make more efficient
use of airspace.
Automobiles that are more capable
and safer but use less energy.
Defense More capable defense systems;
defense systems that make better use
of networked fleets of autonomous
vehicles.

Energy and New and renewable energy sources.

Industrial Homes, office, buildings and
Automation vehicles that are more energy
efficient and cheaper to operate.
 CPS Definition

A CPS is a system in which:

 information processing and physical processes
are so tightly integrated that it is not possible to
identify whether behaviors are the result of
computations, physical laws, or both working
together
 where functionality and salient system
characteristics are emerging through the
interaction of physical and computational objects
 Transformation of Industries:
Automotive
 Current picture
 Largely single-vehicle focus
 Integrating safety and fuel economy (full hybrids,
regenerative braking, adaptive transmission control,
stability control)
 Safety and convenience “add-ons” (collision
avoidance radar, complex airbag systems, GPS, …)
 Cost of recalls, liability; growing safety culture
 Better future?
 Multi-vehicle high-capacity cooperative control
roadway technologies
 Vehicular networks
 Energy-absorbing “smart materials” for collision
protection (cooperative crush zones?)
 Alternative fuel technologies, “smart skin”
integrated photovoltaics and energy scavaging, ….
 Integrated operation of drivetrain, smart tires,
active aerodynamic surfaces, …
 Safety, security, privacy certification; regulatory
enforcement
 Time-to-market race
Image thanks to Sushil Birla, GMC 6
 Transformation of Industries:
Health Care and Medicine
 National Health Information Network,
Electronic Patient Record initiative
 Medical records at any point of service
 Hospital, OR, ICU, …, EMT?
 Home care: monitoring and control
 Pulse oximeters (oxygen saturation), blood glucose
monitors, infusion pumps (insulin), accelerometers
(falling, immobility), wearable networks (gait analysis),
…
 Operating Room of the Future (Goldman)
 Closed loop monitoring and control; multiple treatment
stations, plug and play devices; robotic microsurgery
(remotely guided?)
 System coordination challenge
 Progress in bioinformatics: gene, protein
expression; systems biology; disease dynamics,
control mechanisms

Images thanks to Dr. Julian Goldman, Dr. Fred Pearce 7

 Transformation of Industries:
Electric Power Grid
 Current picture:
 Equipment protection devices trip
locally, reactively
 Cascading failure: August (US/Canada)
and October (Europe), 2003
 Better future?
 Real-time cooperative control of
protection devices
 Or -- self-healing -- (re-)aggregate
islands of stable bulk power (protection,
market motives)
 Ubiquitous green technologies
 Issue: standard operational control
concerns exhibit wide-area IT Layer
characteristics (bulk power stability and
quality, flow control, fault isolation)
 Context: market (timing?) behavior,
power routing transactions, regulation

Images thanks to William H. Sanders, Bruce Krogh, and Marija Ilic 8

 Why is CPS Hard?

Software Control
package org.apache.tomcat.session;

import org.apache.tomcat.core.*;
import org.apache.tomcat.util.StringManager;
import java.io.*;
import java.net.*;
import java.util.*;
import javax.servlet.*;
import javax.servlet.http.*;

/**
* Core implementation of a server session
*
* @author James Duncan Davidson [duncan@eng.sun.com]
* @author James Todd [gonzo@eng.sun.com]
*/

public class ServerSession {

private StringManager sm =
StringManager.getManager("org.apache.tomcat.session");
private Hashtable values = new Hashtable();
private Hashtable appSessions = new Hashtable();
private String id;
private long creationTime = System.currentTimeMillis();;
private long thisAccessTime = creationTime;
private long lastAccessed = creationTime;
private int inactiveInterval = -1;

ServerSession(String id) {
this.id = id;
}

public String getId() {

return id;
}

public long getCreationTime() {

return creationTime;
}

public long getLastAccessedTime() {

return lastAccessed;
}

public ApplicationSession getApplicationSession(Context context,

boolean create) {
ApplicationSession appSession =
(ApplicationSession)appSessions.get(context);

if (appSession == null && create) {

// XXX
// sync to ensure valid?

appSession = new ApplicationSession(id, this, context);

appSessions.put(context, appSession);
}

// XXX
// make sure that we haven't gone over the end of our
// inactive interval -- if so, invalidate and create
// a new appSession

return appSession;
}

void removeApplicationSession(Context context) {

appSessions.remove(context);
}

/**
* Called by context when request comes in so that accesses and
* inactivities can be dealt with accordingly.
*/

void accessed() {
// set last accessed to thisAccessTime as it will be left over
// from the previous access

lastAccessed = thisAccessTime;
thisAccessTime = System.currentTimeMillis();

void validate()

Crosses Interdisciplinary Boundaries

• Disciplinary boundaries need to be realigned

• New fundamentals need to be created
• New technologies and tools need to be developed
• Education need to be restructured
9
 Long-Term Goal

 Transform how we interact with the

physical world just like the internet
transformed how we interact with one another.
 Transcend space
 Control the physical environment remotely
 Building CPSs that integrate computational and
physical objects requires new systems science
foundations.
 Fusion of physical and computational sciences

Produce significant impact on society and national

competitiveness.
 Overview
 What are Cyber-Physical Systems?
 Scientific challenges
 Composition and compositionality
 How to build, compose networked CPS at all scales?
 How to achieve compositionality in high-confidence, dynamically-configured
systems?
 Design and design automation
 What is the meaning and cost of heterogeneity?
 How to accommodate changes in products, design process and design
culture
 Interaction-based computing
 What are the new computing paradigms?
 How to model interactions

11
 Example:
CPS Composition Theories 1/3

v(t) = R * i(t)

v(t) = R * i(t - t)

R/r is the pole of

the transfer function
v(z)/e(z) => the step
response may become
unstable.

Source: Roitman and Diniz, ICDS’95, 1995

 Example:
CPS Composition Theories 2/3

Discretization of components
using trapezodial rule for
integration.

Composition task: Not realizable implementation..

Source: Bilbao and Smith III, 2005

 Example:
CPS Composition Theories 3/3

 Wave Digital Filters

Alfred Fettweis in the early 1970s, was an attempt at translating analog filters into the
digital realm with a pointed emphasis on preserving as much of the underlying physics as
possible.
Properties:
– if the reference filter is passive, the WDF implementation is also passive
– guaranteed stability
– reduced accuracy requirements for coefficients and good dynamic range
– free of zero input limit-cycle oscillation, …

 Resonator-Bank Filters
Peceli and others, 1980’s. Similar properties, different implementation strategy.

Need for investigating composition

theories for CPS
 Overview
 What are Cyber-Physical Systems?
 Economic context
 Scientific challenges
 Composition and compositionality
 How to build, compose networked CPS at all scales?
 How to achieve compositionality in high-confidence, dynamically-configured systems?
 Design and design automation
 What is the impact and cost of heterogeneity?
 How to accommodate changes in products, design process and
design culture
 Interaction-based computing
 What are the new computing paradigms?
 How to model interactions

15
 Heterogeneity and Modeling
Languages

Computing Physical
System Physical System
Composition instantiation Composition
Domain Logical Physical Domain
specification system
(source code) characteristics

• “Cyber” Models • Physical Models

• Modeling Languages • Modeling Languages
– Structure – Structure
– Behaviors – Behaviors
• Mathematical Domains • Physical Laws
– traces/state variables – Physical variables
– no reference semantics – Physical Units
or “semantic units”
 Challenges in DSML Semantics
• Usually, specification stops at the level of abstract
syntax metamodels (“static semantics”)
• Specification of behavioral semantics (if done)
– involve major effort due to overly complex
DSML modeling languages,
– use a wide range of formalisms and
• Impact is far-reaching
? – tool chains are closed and built around
loosely defined “conventions” and proprietary
interpretations of semantics instead of
Semantic standards
– potential semantic mismatches create
Domain unacceptable risk for safety critical applications

Major roadblock that slows down acceptance

of
model-based design technology.
Need for developing theories and tools for compositional
specification of DSML semantics
 Goal: Heterogeneous and
Composable Design Flows
Controller System Code Validation Target Comp/Platf Component System Component Validation Target
Modeling Platform Platform
Synthesis Analysis Synthesis Verification Analysis Modeling Implement. Modeling Integration Verification Analysis
Platform Models
Platform Models

Interaction/Fault mgmt/… Models

Test Vectors

Download Integrated Code Download

Plant Model Integrated Model Valid Model Code/Model Valid Code/Model Partial Model Component Model System Model Model

Component Code Valid Code/Model

Design Feedback
Valid Model
Design Feedback
Design Feedback

Design Feedback Design Feedback

Simulink Matlab R-T

Stateflow Simulator Workshop ESML/GME ESML/GME AIRES AIRES PENTIUM/
MPC555/
ECSL/GME Checkmate Checkmate ECSL/GME Checkmate WindView UML/Rose Manual Honeywell Honeywell SWRI/ASC SWRI/ASC TAO/
OSEK
Ptolemy Charon SAL Kestrel AIRES AIRES ESML/GME CMU TimeWeaver TimeWiz ESML/GME BOLD-
PENTIUM/
Teja Ptolemy STROKE
QNX
UP Reach
Charon Automotive Design Flow Avionics Design Flow

BACKPLANE Open Tool Integration Framework

• Integrated Physical/Computational
Modeling and Analysis
• Generative Programming
• Hybrid System Analysis
Metagenerators • Customizable (metaprogrammable)
MIC/GEN
Kestrel modeling tools and generators
Metamodel • Open tool integration framework;
Composition & GME/Meta
Validation configurable design flow and
Metamodeling
UML/OCL composable design environments
GME/Meta
 Overview
 What are Cyber-Physical Systems?
 Economic context
 Scientific challenges
 Composition and compositionality
 How to build, compose networked CPS at all scales?
 How to achieve compositionality in high-confidence, dynamically-configured systems?
 Design and design automation
 What is the meaning and cost of heterogeneity?
 How to accommodate changes in products, design process and design
culture?
 Interaction-based computing
 What are the new computing paradigms?
 How to model interactions?

19
 Change in Computing Platforms
Future Computers on Silicon
• 1 Power Processor Element (PPE)
• 8 Synergistic Processor Element (SPE)
• Interconnection (EIB) consists of 4 x 16
byte rings run at half the CPU clock speed
and can allow up to 3 simultaneous
transfers.  Theoretical peak of the EIB is
204.8 Gigabytes per second.

• Programming challenge – coordinating

the execution of jobs….
• Programming models:
- job queue,
- multitasking,
- stream processing,
-…

• Challenge: understanding task interaction

and utilizing concurrency
 Change in CPS Applications:
Networked Systems
Future Systems in the Field
• Heterogeneous CPS
Standards-Based
Information Open Software
Common Operating Information Management
Management
Joint Common Architecture
Database Picture Vehicle Applications
Human Machin e Interface /Mach ine-Machin e Interface

Mission Applicatio ns Business Applicatio ns Ad ministratio n Applications

Information Layer Distributed Database

EmbeddedMission Training
Interoperable

Sustainment
MissionPlanning &Prep

SituationUnderstanding

Remote Troubleshoot
Software Distribution
SystemManagement
Health Management

TargetRecognition

Remote Server Mgt

Software Upgrade

User Management
BattleCommand

Software Install
Sensor Fusion

Transportation
Procurement
Engineering
Propulsion
Navigation

Personnel
Integrated
Hydraulic
COTS

Facilities

Logistics
Electrical
Controls

Fuel Sys

Disposal
NDI

• Open Dynamic
export
Application Program Interfaces – Commo n Services

ESO Infor mation Assurance (IA)

SOS Operations Servic es
Network M gt (NM ) Infor mation Dissemination Mgt (IDM)

HQ SOS Framewor k Services

COP
COTS
N etwork Infrastr uctur eServices N DI
Oper ating System Abstraction Servic es

Operating System
Foundation Infrastr ucture – (e.g, N etwork with: COMSE C Cr ypto Servic es, Mobil ity E nhancements, IP N etwork Appli qué's, )

Warfighter Interface

DB Synchronization
Architecture

Battle Mgmt & Execution

Mission Planning & Prep
Situation Understanding

Integrated Sustainment
- heterogeneous

Embedded Training
Target Recognition
FIOP

Sensor Fusion
Interoperability
Interoperability

EPLRS Link 4A
networking
Reachback SINCGARS Link 11
VHF Link 16
WIN T Common Services
- heterogeneous
HHQ XX
Battle
Command
Information Management
components
Computing and Networking
ESO
UE/HQ HQ

WIN-T Hierarchical Ad-Hoc Network

• Very high level
stubnet
WNW WNW

concurrency with
UGS
Data
Images
JTRS
complex interactions
Voice
Video Vetronics

• Challenge: understanding
EO/IR EO/IR
system interactions
SAR/MTI L COP L COP L COP L COP Common Vehicle
Subsystems and analyzing (bounding)
Networked
Networked Command
Command
Platform
Platform
behavior
 Interaction and Coordination
Changes in Cyber
 Rich time models instead of
sequencing
 Behavioral invariants instead
of end results
 Functionality through
interactions of ongoing
behaviors instead of sequence
of actions
 Component architectures
instead of procedural
abstraction
 Concurrency models with
partially ordered instead of
linearly ordered event sets
Changes in Physical
 Precise interaction and
coordination protocols
 Hugely increased system
size with controllable, stable
behavior
 Dynamic system
architectures (nature and
extent of interaction can be
modified)
 Adaptive, autonomic
behavior
 Self-descriptive, self
monitoring system
architecture for safety
guarantees.
 Summary

 CPS-s represent the coming new age in systems

design
 The required technology changes are
fundamental – go way beyond “multidisciplinary”
design
 The impact on competitiveness is huge: CPS-s
are the foundation for the systems industry