multi-view design for cpss
TRANSCRIPT
Multi-View Design for CPSs
12/12/2018By Hui ZHAO (équipe KAIROS)
1
Outline1. CPS and variety of CPS Design
2. Multi-view and Model Driven Engineering
3. My works and contributions
4. A case study
2
CPS Design
Cyber Physical System
A simple example for typical CPS architecture
Networks
computational system A
computational system B
Physical Plant
Sensors
Actuators
[1] E. A. Lee, “Cyber Physical Systems: Design Challenges,” 11th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing, 2008, pp. 363–369.
3
Edward Lee :Cyber-Physical Systems (CPS) are integrations of computation and physical processes. Embedded computers and networks monitor and control the physical processes, usually with feedback loops where physical processes affect computations and vice versa.
CPS Design
CPS and IoT?
4
In my opinion, all IoT devices are Cyber Physical Systems, but CPSs are not necessarily connected to the Internet and
thus, not necessarily IoT devices.
I don't have a distinct definition either, but from my understanding, CPS is more related to physical objects
and machines, while the IoT is a little bit more abstract and allows the integration of service and not only physical objects. Furthermore, my understanding of CPS is more concentrated on concrete development
scenarios and does not target of providing data outside the original scenario.
Safety & security
Problematic for CPS Design
Large Scale Cyber-Physical Systems Components Pervez et al, A Vision of Cyber-Physical, ACS' 16, At Istanbul, Turkey
Consistency
Heterogeneous
Complexity MDE (Model-driven
Engineering)
5
CPS Design
…
Multi-View design
Functional view
Architectural view
Security view
Allocation
Physical view
System expert
HW engineer
Security expert
RAMS&Arch Engineer
System
UML/SysML
UML/SysML
SecureUML/Sysml-sec
AADL
…
Various viewsWhole system Domain experts Example of design languages
Relationships between
each other?How to put
them
together?
Problems
Eliminate gaps
?
7
Motivation
• No one language can cover all of development aspects
• Avoid a single platform getting bigger and bigger
• The gap between different develop stages and views
Multi-View design
8
CPS Design
https://polarsys.org/capella/arcadia_capella_sysml_tool.html9
CPS Design
R. Ameur-Boulifa et al, SysML model transformation for safety and security analysis, ISSA 2018
10
How to solve CPS design problems
Works and Contributions
1. Abstract the Metamodel from views at high level
2. Analyze the relationship between the MMs
3. Combine two MMs of views by using a
combinational MM
4. Define a set of operators
5. Implement the rules in code (for Sysml-sec and
AADL)
My works and contributions
11
Works and Contributions
Meta-Model A
M1
M2
Meta-Model B
Meta-Model A’
Model A1 Model A1’
conf
orm
to
1
2 3
4
5
6
conform to
Source models Resulting model
Language A Language Bco
nfor
m to
conf
orm
to
Ø Step 1 define a set of operators that are used to combine functional metamodels 2 and the security metamodel 3 , which can be interpreted as model transformation language such as ATL (at step 5 )
Ø Step 4 produces a resulting metamodel A’, that includes functions and security entities.
Ø Step 5 applies a number of rules to generate a new combined model which can be exported to the security framework to perform security analysis at step 6. 12
Works and Contributions
Import
Transformation Rule LIB
Import
Arcadia Models
Functional Design/Analysis
M2
M1Temporary AADL ModelsArchitectural + Timing
Design/Analysis
Simulation
schedule 1 schedule 2
Simulate
Traceback
1
2
34
conf
orm
to
correspondingcorresponding
Legend
conform to
Export
corresponding
to be implementedco
nform
to
Metamodels of AADLMetamodels of ARCADIA
Temporary combinational Metamodel
conform to
Zhao H, Apvrille L, Mallet F, Meta-models Combination for Reusing Verification Techniques, Modelsward 2019.
Fig: Overview workflow for reusing verification techniques
13
Works and Contributions
Instance model
Functional View
Excerpt of functional view’s Metamodel
• Comp = {UFun} is a logical component container
which contains a set of functional elements.
• Fun is a finite set of functional block include
their name and id attributes.
• Port is a finite set of functional ports including
directions and allocation attributes.
• Exfun⊆ Port × Port denotes a finite set of
functional exchange (connection) between two
functional ports, it must be pair, one is source,
another is target.
• Mcf : ΣFun → Comp allocate functions to a
logical component container.
14
Works and Contributions
• Node is a execution platform, named node in Arcadia, it could be different type of physical component (e.g, processor, board).
• PP is the physical component port. • PL is physical link, it could be assigned a concrete type such
as bus.
Instance model
Physical View
Excerpt of physical view’s Metamodel
15
Works and Contributions
Hybrid Metamodel in DIPLOCUS
16
Corresponding Table
Works and Contributions
18
RulesSymbols
Example of Operators
Works and Contributions
19
Works and Contributions
20
Research Roadmap
Research Roadmap
Fundamental Relation
Allocation Relation
Matching and Transformation
Link different properties
AADLMetamodels
Researching Implementation Application & Practice
Etc. 21
Wrap up• Analyzed the relationships among models
• Defined a set of operators
• Implemented on partial sysml-sec( ttool) and
experimenting on AADL
22
Thanks for your attention
Questions?
23