collaborative modeling and co simulation with destecs - a pilot study

Collaborative Modelling and Co-Simulationwith DESTECS: A Pilot Study

Carl Gamble and Ken PierceCentre for Software Reliability

Newcastle University

3rd IEEE Track on Collaborative Modeling & Simulation - CoMetS'12Toulouse, 27th June 2012

Yunyun Ni and Jan BroeninkEEMCS

University Twente

2

Introduction

• DESTECS approach: • Motivation• Concepts

• Pilot study: • Exercise tool• Methodology

• Concluding remarks

3

Motivations

• Demanding requirements for: • Rapid development in competitive markets• Resource utilisation• Resilience

• Complexity of error detection and recovery

• The need for coordinated engineering:• Across disciplines (cultures, abstractions,

formalisms)• ... and models.

4

DESTECS Approach

• Bridge disciplines through co-simulation• Combine DE controller models and CT plant models• Collaboration while working with familiar formalism

• Develop methods and tools• Linking heterogeneous models, each in an appropriate formalism• A linking co-simulation engine, based on a reconciled operational

semantics of the two simulations• Patterns for modelling faults and fault tolerance

mechanisms

(www.destecs.org)

5

Basic Concepts (1)

Runs a co-simulation Forces selections and external updates, e.g. set pointMultiple co-simulation runs enables design space exploration

Ideal & Realistic BehavioursFault Modelling: including error states & faulty functionality in the modelFault Injection during a simulation managed by script

Scenario

Co-model Interface

Co-model

DE Model Contract CT

Model

Shared • design parameters• variables• events

6

Basic Concepts (2)DE

Model Contract CT Model

VDM-RT: (Overture)• Formal language• Object Oriented• Concurrency• Support for embedded systems:

• Explicit CPUs and Busses • Timed

Bond Graph: (20-Sim)• Describe relevant dynamic behavior• Diagrams to show the structure• Port-based approach• Domain-independent

I

C

1

R

MSe

7

Pilot Study: a Line-Following Robot

servo motor

wheel encoder

IR line-follow sensors example path

8

Pilot Study: Top-level Model

9

Pilot Study: CT Model High-fidelity dynamics model using bond graphs Structuring with 20-sim constructs

10

Pilot Study: CT Model

Kinematic TF : rotational/translational coupling MTF: coordinate transformation from local (body fixed) to

inertial (global) frame

1l 2l 12

12 v

llv

11

22 F

llF 1v

2v

x

y

11

Pilot Study: DE Model

Mainly supervisory control Uses DE-first patterns

Controller

-lfLeft: IRSensor-lfRight: IRSensor-vLeft: SpeedServo-vRight: SpeedServo-mode: AbstractMode

+Step: () ==>()

AbstractMode

+Step: () ==>()

Idle

-lfLeft: IRSensor-lfRight: IRSensor-vLeft: SpeedServo-vRight: SpeedServo

+Step: () ==>()

TwoSensor

+Step: () ==>()

IRSensor

+Read: () ==> int

-value: int

SpeedServo

+Write: real ==> ()

-value: real

12

Pilot Study: Video with no Fault

This video may be viewed at:http://www.youtube.com/watch?v=24FuiGPEKVI

13

Pilot Study: Fault Modelling (1)

If component behaviour known, model those faults, if not.. Guidewords used to inspire thinking on faults HAZOP used within CT SHARD used for CT-DE interface Early / late : timing of a message or update Commission / omission : was a service provided Subtle / coarse : can a deviation from ideal behaviour be detected or

not

14

Pilot Study: Fault Modelling (2)

Line follow sensor initial model behaviour is ideal Add realistic and faulty behaviour

• Ambient light levels affect readings (black level)• Realistic sensor noise • Total failure

White

Black

Line

Ideal Ambient light Noise Total failure

15

Pilot Study: Fault Tolerance

Light levels: calibration mode Sensor failure: one-sensor mode Noise: filtering

Controller

-lfLeft: IRSensor-lfRight: IRSensor-vLeft: SpeedServo-vRight: SpeedServo-mode: AbstractMode

+Step: () ==>()

AbstractMode

+Step: () ==>()

Idle

-lfLeft: IRSensor-lfRight: IRSensor-vLeft: SpeedServo-vRight: SpeedServo

+Step: () ==>()

OneSensor

+Step: () ==>()

TwoSensor

+Step: () ==>()

Calibrate

+Step: () ==>()

IRSensor

+Read: () ==> int

-value: int

SpeedServo

+Write: real ==> ()

-value: real

Filter

+Read: () ==> int

-sens: IRSensor-values: seq of int

16

Pilot Study: Video with a Sensor Fault

This video may be viewed at:http://www.youtube.com/watch?v=jh94bL8BfyU

17

Modelling Story

Co-model

Square path

Line following

Faults andFault tolerance

Diff. Encoder semanticsDiff. Robot performance

Newcastle Twente

Sensor problem, tooling related, quickly solved locally

Direction of rotation reversed, different control semantics

Comments

No problems during this step

*-first

c1c2

c1

c3

c4

c5

Step

18

Concluding Remarks Have shown

• Concepts of the DESTECS approach• Walk through of the pilot model• Inclusion of faults and fault tolerance

Ongoing work:• Model construction methods • Model consistency• Patterns for faults and fault tolerance• Simulation scenario command language • Design of experiments and analysis

Collaborative Modelling and Co-Simulationwith DESTECS: A Pilot Study

Carl Gamble and Ken PierceCentre for Software Reliability

Newcastle University

3rd IEEE Track on Collaborative Modeling & Simulation - CoMetS'12Toulouse, 27th June 2012

Yunyun Ni and Jan BroeninkEEMCS

University Twente