1ST DISIM WORKSHOP ON ENGINEERING CYBER-PHYSICAL SYSTEMS

1. Fon any information please contact Alessandro D’Innocenzo – alessandro.dinnocenzo@univaq.it - or Henry Muccini - henry.muccini@univaq.it 1ST DISIM WORKSHOP ON ENGINEERING CYBER-PHYSICAL SYSTEMS TUESDAY 26, JANUARY 2016, 2:00 PM MEETING ROOM 2.3, II FLOOR, COPPITO 1 UNIVERSITY OF L’AQUILA, ITALY PROGRAM 14:00 - Alessandro D’Innocenzo & Henry Muccini - Welcome & Introduction to CPS 14:20 - Alessandro D’Innocenzo - Modeling and Co-design of Control Tasks over Wireless Networking Protocols: State of the Art and Challenges 14:40 - Giordano Pola – Formal methods for analysis and control of CPS 15:00 - Elena De Santis - Safe Communication in Power Systems: application to a DC microgrid control - Safe Human-Inspired Model for Vehicle Control 15:20 – Henry Muccini – Architecting (Self-Adaptive) Cyber-Physical Systems: a View on the State of the Art 15:40 - Luigi Pomante: Electronic Design Automation & Embedded Systems Development 16:00 - Stefania Costantini - Agent-based hybrid architecture for Smart Cyber-Physical Systems and applications to eHealth 16:20 - Discussion

2. Alessandro D’Innocenzo, Henry Muccini alessandro.dinnocenzo@univaq.it henry.muccini@univaq.it DISIM Dept. of Information Engineering, Computer Science and Mathematics University of L’Aquila, Italy DEWS Centre of Excellence on Design Methodologies of Embedded Controllers, Wireless Interconnect and Systems-on-chip - University of L’Aquila, Italy

3. SEA Group The Next Computing Revolution Mainframe computing (60’s – 70’s) Large computers to execute big data processing applications Desktop computing & Internet (80’s – 90’s) One computer at every desk to do business/personal activities Ubiquitous computing (00’s) Numerous computing devices in every place/person Millions for desktops vs. billions for embedded processors Cyber Physical Systems (10’s)

4. SEA Group What are Cyber Physical Systems? Cyber-Physical Systems (CPS) as ``engineered systems that are built from, and depend upon, the seamless integration of computational and physical components” [NSF12] Cyber-Physical Systems (CPS) are integrations of computation with physical processes. Embedded computers and networks monitor and control the physical processes, usually with feedback loops where physical processes affect computations and vice versa [Lee08] A cyber-physical system (CPS) is a system of collaborating computational elements controlling physical entities [Wikipedia].

5. SEA Group HW/SW component HW/SW component HW/SW component HW/SW component HW/SW component Monitor and control Affect Feedback loop Collaborate

6. SEA Group Different names for same things… Cyberphysical Systems (CPS), Networked Embedded Systems, SCADA, Swarm Robotics, Drone Sensor Networks, Internet of Things (IoT), Wireless Sensor Networks (WSN),

7. SEA Group Main characteristics - Networked embedded components - Feedback loop - Adaptable, re-configurable, dynamic - Distributed control

8. SEA Group CPS versus Embedded Systems CPS represents an evolution of embedded systems, where components are immersed in and interacting with the physical world CPS has to satisfy new requirements, such as continuous evolution and adaptability, due to the computational complexity, distribution and system adaptability of those systems.

9. SEA Group Example #1 (taken from Luca Mottola slides)

10. SEA Group Example #1 (taken from Luca Mottola slides)

11. SEA Group Example #2: self-driving cars

12. SEA Group Example #3: smart buildings

13. INCIPICT SER2: Building automation systems: Motivations Physical modeling, automatic control, communication: Cyber-Physical Systems

14. Rule Based DR Model Based DR Data-Driven DR Building automation systems: SoA Courtesy of Madhur Behl

15. SEA Group CPS versus Networked Systems CPS represents an evolution of networked control systems, where physical systems and controllers interact via a communication system CPS inherit from NCS challenges on distributed control and dynamic reconfiguration

16. Networked Control Systems Plant u y x • Let a plant model be given by input/output/internal variables and differential/difference equations, e.g.: ‫ݔ‬ ݇ + 1 = ‫ݔܣ‬ ݇ + ‫ݑܤ‬ ݇ , ‫ݕ‬ ݇ = ‫)݇(ݔܥ‬

17. Networked Control Systems Plant u y x • Let a plant model be given by input/output/internal variables and differential/difference equations, e.g.: ‫ݔ‬ ݇ + 1 = ‫ݔܣ‬ ݇ + ‫ݑܤ‬ ݇ , ‫ݕ‬ ݇ = ‫)݇(ݔܥ‬ • Let some specifications be given on the desired behavior of the variables, e.g. stability or some temporal logic formula

18. Networked Control Systems PlantController u y x • Let a plant model be given by input/output/internal variables and differential/difference equations, e.g.: ‫ݔ‬ ݇ + 1 = ‫ݔܣ‬ ݇ + ‫ݑܤ‬ ݇ , ‫ݕ‬ ݇ = ‫)݇(ݔܥ‬ • Let some specifications be given on the desired behavior of the variables, e.g. stability or some temporal logic formula • Design a controller such that the closed-loop interconnection satisfies the specifications, e.g. ℎ ݇ + 1 = ‫ܧ‬ℎ ݇ + ‫ݕܨ‬ ݇ , u ݇ = ‫ܩ‬ℎ(݇)

19. Networked Control Systems PlantController • Let a plant model be given by input/output/internal variables and differential/difference equations, e.g.: ‫ݔ‬ ݇ + 1 = ‫ݔܣ‬ ݇ + ‫ݑܤ‬ ݇ , ‫ݕ‬ ݇ = ‫)݇(ݔܥ‬ • Let some specifications be given on the desired behavior of the variables, e.g. stability or some temporal logic formula • Design a controller such that the closed-loop interconnection satisfies the specifications, e.g. ℎ ݇ + 1 = ‫ܧ‬ℎ ݇ + ‫ݕܨ‬ ݇ , u ݇ = ‫ܩ‬ℎ ݇ • What if plant and controller exchange data via a communication network? R. Alur, A. D'Innocenzo, K.H. Johansson, G.J. Pappas, G. Weiss. Compositional Modeling and Analysis of Multi-Hop Control Networks. IEEE Transactions on Automatic Control, Special Issue on Wireless Sensor and Actuator Networks, full paper, 56(10):2345-2357, 2011. u y xComm. Network

20. SEA Group Bibliography [NSF12] National Science Foundation, Cyber-Physical Systems Program Solicitation NSF 13-502, October 2012 [Lee08] Edward A. Lee. Cyber Physical Systems: Design Challenges.Technical Report No. UCB/EECS-2008-8, January 23, 2008

21. SEA Group

22. Modeling and Co-design of Control Tasks over Wireless Networking Protocols: State of the Art and Challenges Alessandro D’Innocenzo 1st DISIM Workshop on Engineering Cyber Physical Systems January 26, 2016 – University of L’Aquila

23. Objective 1: Robust & secure design of control tasks over wireless communication protocols Objective 2: Co-simulation and emulation of control algorithms, communication protocols and physical systems • Formal compositional interfaces between control algorithms and wireless communication protocols • Quantify impact of wireless networking on control performance • Robustness with respect to packet losses and delays • Resilience with respect to failures and malicious intrusions • Formal verification tools and co-simulation environments

24. Goal: to develop novel methods for co-design of control algorithms and communication protocol configuration Method: Interdisciplinary research across the “3C”: control theory, computer science and communication theory Output: novel methods that improve performance and security of technological solutions for wireless automation systems Contact info: alessandro.dinnocenzo@univaq.it

25. Control task Plant u y x • Let a plant model be given by input/output/internal variables and differential/difference equations, e.g.: 𝑥 𝑘 + 1 = 𝐴𝑥 𝑘 + 𝐵𝑢 𝑘 , 𝑦 𝑘 = 𝐶𝑥(𝑘)

26. Control task Plant u y x • Let a plant model be given by input/output/internal variables and differential/difference equations, e.g.: 𝑥 𝑘 + 1 = 𝐴𝑥 𝑘 + 𝐵𝑢 𝑘 , 𝑦 𝑘 = 𝐶𝑥(𝑘) • Let some specifications be given on the desired behavior of the variables, e.g. stabilityor some temporal logicformula

27. Control task PlantController u y x • Let a plant model be given by input/output/internal variables and differential/difference equations, e.g.: 𝑥 𝑘 + 1 = 𝐴𝑥 𝑘 + 𝐵𝑢 𝑘 , 𝑦 𝑘 = 𝐶𝑥(𝑘) • Let some specifications be given on the desired behavior of the variables, e.g. stabilityor some temporal logicformula • Design a controller such that the closed-loop interconnectionsatisfies the specifications, e.g. ℎ 𝑘 + 1 = 𝐸ℎ 𝑘 + 𝐹𝑦 𝑘 , u 𝑘 = 𝐺ℎ(𝑘)

28. Control task PlantController • Let a plant model be given by input/output/internal variables and differential/difference equations, e.g.: 𝑥 𝑘 + 1 = 𝐴𝑥 𝑘 + 𝐵𝑢 𝑘 , 𝑦 𝑘 = 𝐶𝑥(𝑘) • Let some specifications be given on the desired behavior of the variables, e.g. stabilityor some temporal logicformula • Design a controller such that the closed-loop interconnectionsatisfies the specifications, e.g. ℎ 𝑘 + 1 = 𝐸ℎ 𝑘 + 𝐹𝑦 𝑘 , u 𝑘 = 𝐺ℎ 𝑘 • What if plant and controller exchange data via a wireless network? R. Alur, A. D'Innocenzo, K.H. Johansson, G.J. Pappas, G. Weiss. Compositional Modeling and Analysis of Multi-Hop Control Networks. IEEE Transactions on Automatic Control, Special Issue on Wireless Sensor and Actuator Networks, full paper, 56(10):2345-2357, 2011. u y xWireless Network

29. Challenges with Wired Control Networks Wires are expensive • Wires as well as installationcosts • Wire/connector wear and tear Lack of flexibility • Wires constrain sensor/actuator mobility • Limited reconfigurationoptions Restricted control architectures • Centralizedcontrol paradigm

30. Paradigm shift towards wireless control architectures “Removing cables undoubtedly saves cost, but often the real cost gains lie in the radically different design approach that wireless solutions permit. […] In order to fully benefit from wireless technologies, a rethink of existing automation concepts and the complete design and functionality of an application is required.” Jan-Erik Frey, R&D Manager ABB

31. Wireless Control Network A collection of cooperating algorithms (controllers) designed to achieve a set of common goals, aided by interactions with the environment through distributed measurements (sensors) and actions (actuators) exchanged via a wireless communication network

32. Wireless Control Network A collection of cooperating algorithms (controllers) designed to achieve a set of common goals, aided by interactions with the environment through distributed measurements (sensors) and actions (actuators) exchanged via a wireless communication network

33. Applications of Wireless Control Networks Industrial automation EnvironmentalMonitoring, Disaster Recovery and Preventive Conservation Supply Chain and Asset Management Physical Security and Control

34. Opportunities vs challenges with Wireless Control Networks Lower costs, easier installation • Suitable for emerging markets Broadens scope of sensing and control • Easier to sense/monitor/actuate: opens new application domains Compositionality • Enables system evolution via composable control loops Runtime adaptation and reconfiguration • Control can be maintained in response to failures and malicious attacks Complexity • Systems designers and programmers need suitable abstractions to hide the complexity from wireless devices and communication protocols Reliability • Need for robust and predictable behavior despite wireless non-idealities Security • Wireless technology is vulnerable: security mechanisms for control loops Take into account communication protocol behavior!

35. ISO/OSI model for (wireless) communication protocols Application Session Presentation Transport Network Data/Link Physical Application Session Presentation Transport Network Data/Link Physical Wireless link))) ((( • Open systems interconnection (OSI) model separates functional elements of a network into seven layers Host A Host B

36. ISO/OSI model for (wireless) communication protocols Application Session Presentation Transport Network Data/Link Physical Application Session Presentation Transport Network Data/Link Physical Wireless link))) ((( Interference, data losses, delays, limited energy, channel capacity, failures, malicious intrusions Coding, modulation, tx power Scheduling, access to the wireless channel Routing strategy • Open systems interconnection (OSI) model separates functional elements of a network into seven layers • OSI model has allowed refinement of each layer independently Skype, youTube… TCP, UDP Host A Host B

37. ISO/OSI model for (wireless) communication protocols Application Session Presentation Transport Network Data/Link Physical Application Session Presentation Transport Network Data/Link Physical Wireless link))) ((( • Open systems interconnection (OSI) model separates functional elements of a network into seven layers • OSI model has allowed refinement of each layer independently • Each layer only talks with the corresponding layer…by exchanging packets with the layers above & below Host A Host B

38. Classical control loop 𝑢 𝑘 = 𝑓(𝑦 𝑘 ) Application Session Presentation Transport Network Data/Link Physical Application Session Presentation Transport Network Data/Link Physical Wireless link))) ((( S1 • Communication stack and medium is transparent to the control algorithm A1 A2 Robust and Fault-tolerant Control 𝑢5 𝑘 𝑢6 𝑘 y 𝑘 𝑢5 𝑘 𝑢6 𝑘 y 𝑘

39. Plant control law Control loop over a wireless network 𝐮 𝐤 = 𝐟(𝐲 𝐤 ) Session Presentation Transport Network Data/Link Physical Sensing/actuation Session Presentation Transport Network Data/Link Physical Wireless link))) ((( • Sensing and actuation data are relayed via the protocol stack layers S1A1 A2

40. Control loops over a wireless network A1 A2 S1 𝐮 𝐤 = 𝐟(𝐲 𝐤 ) Session Presentation Transport Network Data/Link Physical Sensing/actuation Session Presentation Transport Network Data/Link Physical Wireless link))) ((( Plant control law • Sensing and actuation data are relayed via the protocol stack layers • Several feedback control mechanisms within separate communication layers TCP congestion control Routing control Medium access control Power, coding & modulation control Intra-layer control loops

41. Control loops over a real wireless network Wireless network

42. Control loops over a real wireless network Wireless network Borderline between control over network and control of network disappears M.C. Escher, Relativity Lithograph, 1953

43. Control loops over a real wireless network Wireless network Borderline between control over network and control of network disappears M.C. Escher, Relativity Lithograph, 1953 Different perspectives in terms of • Time-scales • Mathematical setting • Performance metrics • Constraints & non-idealities

44. Handle complexity of CPS via hybrid systems theory J.Lygeros,S.Sastry,C.J.Tomlin. A game theoretic approach to controller design for hybrid systems. In Proc. Of IEEE 88(7):949-970, July 2000 • Discrete Variables: – Heater off: q0 – Heater on: q1 • Continuous Variables: – Room temperature : x • Transitions: – Turn heater ON when the temperature is smaller than 70 degrees: x≤70. – Turn heater OFF when the temperature is greater than 80 degrees: x≥80. • Analysis and control of hybrid systems via formal methods: – Discretize state space: Pola et al. […] – Discretize trajectories: Yi Deng, A. D'Innocenzo, M. D. Di Benedetto, S. Di Gennaro, A. A. Julius. Verification of Hybrid Automata Diagnosability with Measurement Uncertainty. IEEE Transactions on Automatic Control

45. Challenge: Co-design the control algorithm and the communication protocol Controller Application Session Presentation Transport Network Data/Link Physical Handle complexity of CPS via tailored modeling and design

46. Co-design over time-triggered communication protocols Challenge: Co-design the control algorithm and the communication protocol (scheduling, routing and control) Controller Application Session Presentation Transport Network Data/Link Physical

47. WirelessHART MAC (scheduling) and Network (routing) layers § Time-triggered access to the channel § Time divided in periodic frames § Each frame divided in Π time slots of duration Δ

48. 27 WirelessHART MAC (scheduling) and Network (routing) layers § Time-triggered access to the channel § Time divided in periodic frames § Each frame divided in Π time slots of duration Δ

49. 28 WirelessHART MAC (scheduling) and Network (routing) layers § Time-triggered access to the channel § Time divided in periodic frames § Each frame divided in Π time slots of duration Δ § Enables redundancy in data routing

52. 31 WirelessHART MAC (scheduling) and Network (routing) layers § Time-triggered access to the channel § Time divided in periodic frames § Each frame divided in Π time slots of duration Δ § Enables redundancy in data routing § Scheduling must guarantee relay via multiple paths

55. 34 WirelessHART MAC (scheduling) and Network (routing) layers § Time-triggered access to the channel § Time divided in periodic frames § Each frame divided in Π time slots of duration Δ § Enables redundancy in data routing § Scheduling must guarantee relay via multiple paths Protocols designed for “slow” control tasks: exploit redundancy to use it on “fast” control tasks

56. Redundancy in data routing… § …makes system tolerant to long- term link failures § …enables detection and isolation of failures and malicious attacks § …makes system robust to short-term link failures (e.g. packet losses)

57. Redundancy in data routing… Close a control loop investigating two routing strategies: 1. Single-path dynamic routing: switching behavior due to dynamic routing 2. Multi-path static routing:algorithms to merge redundant data § …makes system tolerant to long- term link failures § …enables detection and isolation of failures and malicious attacks § …makes system robust to short-term link failures (e.g. packet losses)

58. Redundancy in data routing… § …makes system tolerant to long- term link failures § …enables detection and isolation of failures and malicious attacks § …makes system robust to short-term link failures (e.g. packet losses) Close a control loop investigating two routing strategies: 1. Single-path dynamic routing: switching behavior due to dynamic routing 2. Multi-path static routing:algorithms to merge redundant data

59. Wireless control networks as switching systems 𝐾(𝑡)

60. Wireless control networks as switching systems 𝑡 𝐾(𝑡)

61. Wireless control networks as switching systems t+1 𝐾(𝑡)

62. Wireless control networks as switching systems t+… 𝐾(𝑡) Different paths are associated with different delays.

63. Wireless control networks as switching systems 𝑡+… 𝐾(𝑡) 𝐴 = 𝐴I 𝐵I 0 0 0 𝐼 ⋮ ⋮ ⋮ ⋯ 0 0 ⋯ 0 0 ⋱ ⋮ ⋮ 0 0 0 0 0 0 0 0 0 ⋯ 𝐼 0 ⋯ 0 𝐼 ⋯ 0 0 𝐵 𝜎 𝑡 = 𝐵𝛿Q R ,S 𝐼𝛿Q R ,5 ⋮ 𝐼𝛿Q R ,TU6 𝐼𝛿Q R ,TU5 𝐼𝛿Q R ,T Different paths are associated with different delays. Mathematical model: 𝑥 𝑡 + 1 = 𝐴𝑥 𝑡 + 𝐵 𝜎 𝑡 𝑣 𝑡 , 𝑡 ∈ ℕ, where 𝑥 𝑡 is the plant and network state, 𝜎 𝑡 ∈ Σ depends on routing/scheduling. The switching signal is considered as a disturbance.

64. Wireless control networks as switching systems 𝑡+… Problem: Design a controller 𝐾(𝑡) s.t. the closed loop system is asymptotically stable. Given a state-feedback staticcontroller 𝐾(𝑡), the closed loop systems is asymptotically stable iff the Joint Spectral Radius of 𝐴 + 𝐵 𝜎 𝑡 𝐾 𝑡 Q R ∈Z is smaller than 1. Insights: Switching systems analysis and design is a crowded research area: • Leverage special structure of matrices 𝐴 and 𝐵 𝜎 𝑡 to provide tailored results that outperform classical results on general switching systems 𝐾(𝑡) Different paths are associated with different delays. Mathematical model: 𝑥 𝑡 + 1 = 𝐴𝑥 𝑡 + 𝐵 𝜎 𝑡 𝑣 𝑡 , 𝑡 ∈ ℕ, where 𝑥 𝑡 is the plant and network state, 𝜎 𝑡 ∈ Σ depends on routing/scheduling. The switching signal is considered as a disturbance.

65. Wireless control networks as switching systems R. M. Jungers, A. D'Innocenzo, M. D. Di Benedetto. Modeling, analysis and design of linear systems with switching delays. IEEE Transactions on Automatic Control, to appear. A. Cicone, A. D'Innocenzo, N. Guglielmi, L. Laglia. A sub-optimal solution for optimal control of linear systems with unmeasurable switching delays. 54th IEEE Conference on Decision and Control, Osaka, Japan, December 15-18, 2015. R. M. Jungers, A. D'Innocenzo, M. D. Di Benedetto. Further results on controllability of linear systems with switching delays. 9th IFAC World Congress, Cape Town, South Africa, August 24-29, 2014. R. M. Jungers, A. D'Innocenzo, M. D. Di Benedetto. How to control Linear Systems with switching delays. 13th European Control Conference (ECC14), Strasbourg, France, June 24-27, 2014. R.M. Jungers, A. D'Innocenzo, M.D. Di Benedetto. Feedback stabilization of dynamical systems with switched delays. 51st IEEE Conference on Decision and Control, Maui, Hawaii, December 10-13 2012. 𝐾(𝑡)

66. Redundancy in data routing… Close a control loop investigating two routing strategies: 1. Single-path dynamic routing:take into account switching behavior due to dynamic routing 2. Multi-path static routing:take into account algorithms to merge redundant data § …makes system tolerant to long- term link failures § …enables detection and isolation of failures and malicious attacks § …makes system robust to short-term link failures (e.g. packet losses)

67. Multi-path static routing § …makes system tolerant to long- term link failures § …enables detection and isolation of failures and malicious attacks § …makes system robust to short-term link failures (e.g. packet losses) Investigate algorithms to merge redundant data: • Objective: stabilize the closed-loop system • Best strategy: keep most recent packet vs. compute combination? • Different paths are associated with different delays • Not a trivial question, best strategy from the point of view of stability strongly depends on plant and network: need for a control-theoretic approach

68. Multi-path static routing § …makes system tolerant to long- term link failures § …enables detection and isolation of failures and malicious attacks § …makes system robust to short-term link failures (e.g. packet losses) Investigate algorithms to merge redundant data: • Objective: stabilize the closed-loop system • Best strategy: keep most recent packet vs. compute combination? • Different paths are associated with different delays • Not a trivial question, best strategy from the point of view of stability strongly depends on plant and network: need for a control-theoretic approach

69. Syntax: § Linear plant 𝒫 = (𝐴, 𝐵, 𝐶) MIMO MCN model

70. Syntax: § Linear plant § Weight function 𝑊 determines data processing through the network - reminiscent of network coding 𝐺ℛ = 𝑉ℛ, 𝐸ℛ, 𝑊ℛ 𝑊ℛ_ : 𝐸ℛ → ℝ 𝑖 = 1, ⋯, 𝑚 𝒫 = (𝐴, 𝐵, 𝐶) 𝐺 𝒪 = 𝑉𝒪, 𝐸 𝒪,𝑊𝒪 𝑊𝒪_ : 𝐸 𝒪 → ℝ 𝑖 = 1, ⋯, 𝑙 MIMO MCN model

71. Syntax: § Linear plant § Weight function 𝑊 determines data processing through the network - reminiscent of network coding § Communication scheduling 𝜂 assigns transmission of nodes 𝐺ℛ = 𝑉ℛ, 𝐸ℛ, 𝑊ℛ 𝑊ℛ_ : 𝐸ℛ → ℝ 𝑖 = 1, ⋯, 𝑚 𝜂ℛ_ : 1, … , Π → 2jℛ 𝐺 𝒪 = 𝑉𝒪, 𝐸 𝒪,𝑊𝒪 𝑊𝒪_ : 𝐸 𝒪 → ℝ 𝑖 = 1, ⋯, 𝑙 𝜂 𝒪_ : 1, … , Π → 2j 𝒪 𝒫 = (𝐴, 𝐵, 𝐶) MIMO MCN model

72. Syntax: § Linear plant § Weight function 𝑊 determines data processing through the network - reminiscent of network coding § Communication scheduling 𝜂 assigns transmission of nodes § Model at time scale of frames instead of time-slots (no switching behavior) 𝑇 = ΠΔ 𝐺ℛ = 𝑉ℛ, 𝐸ℛ, 𝑊ℛ 𝑊ℛ_ : 𝐸ℛ → ℝ 𝑖 = 1, ⋯, 𝑚 𝜂ℛ_ : 1, … , Π → 2jℛ 𝐺 𝒪 = 𝑉𝒪, 𝐸 𝒪,𝑊𝒪 𝑊𝒪_ : 𝐸 𝒪 → ℝ 𝑖 = 1, ⋯, 𝑙 𝜂 𝒪_ : 1, … , Π → 2j 𝒪 𝒫 = (𝐴, 𝐵, 𝐶) MIMO MCN model

73. Resilient control 𝐹 set of all configurations of links subject to a failureor a malicious intrusion

76. Resilient control Mf 𝐹 set of all configurations of links subject to a failureor a malicious intrusion

77. Resilient control Mf 𝐹 set of all configurations of links subject to a failureor a malicious intrusion

78. Resilient control Mf 𝐹 set of all configurations of links subject to a failureor a malicious intrusion § Benefit: Do not reconfigure the whole network (i.e. scheduling and routing) when a failure occurs: instead,onlyreconfigure neighbors offaultynodes § Benefit: Do not add complexity to local communication to detect faulty or malicious nodes:instead,use plant dynamics and path redundancy § Technical challenge: Exploit graph theory and control-theoretic approaches for model-based failure detection and isolation

79. BANK OF LUENBERGER OBSERVERS 𝑓l 𝑘𝑇 = [𝑓l5 𝑘𝑇 , 𝑓l6 𝑘𝑇 ,… , 𝑓l|o| 𝑘𝑇 ] Observer-based diagonal FDI problem

82. BANK OF LUENBERGER OBSERVERS 𝑓l 𝑘𝑇 = [𝑓l5 𝑘𝑇 , 𝑓l6 𝑘𝑇 ,… , 𝑓l|o| 𝑘𝑇 ] Observer-based diagonal FDI problem Derive a common mathematical model for network topology (graph) and plant (LTI system): exploit structured systems theory that translates LTI system into a graph

83. Resilient control A. D'Innocenzo, F. Smarra, M.D. Di Benedetto. Fault Tolerant Control of MIMO Multi-Hop Control Networks. Automatica, full paper, to appear. A. D'Innocenzo, F. Smarra, M. D. Di Benedetto. Further results on fault detection and isolation of malicious nodes in Multi-hop Control Networks. 14th European Control Conference (ECC 2015), Linz, Austria, July 15- 17, 2015. Best application paper award. M.D. Di Benedetto, A. D'Innocenzo, F. Smarra. Fault-tolerant control of a wireless HVAC control system. ISCCSP2014, 2014 A. D'Innocenzo, M.D. Di Benedetto, F. Smarra. Fault detection and isolation of malicious nodes in MIMO Multi-hop Control Networks. 52nd IEEE CDC, 2013 F. Smarra, A. D'Innocenzo, M.D. Di Benedetto. Fault Tolerant Stabilizability of MIMO Multi-Hop Control Networks. 3rd IFAC NecSys 2012 A. D'Innocenzo, M.D. Di Benedetto, E. Serra. Fault Tolerant Control of Multi-Hop Control Networks. IEEE Transactions on Automatic Control, 58(6):1377-1389, 2013.

84. Challenges in Wireless Control Networks Modeling • Formal interfaces between control algorithms and wireless communication protocols • Compositional models for scalable analysis and design of multiple control loops Analysis • Quantify impact of wireless networking on control performance Design • Controller design incorporating wireless network properties • Control-network co-design Robustness • Robust with respect to packet losses and delays • Tolerant with respect to failures and malicious intrusions – CPS Security (SafeCOP) Tools • Formal verification and automatic (co-)design of safe & secure WCN (SafeCOP) • Co-simulation of control algorithms, communication protocols and physical systems Experimental set-up • WirelessHART laboratory (INCIPICT + SafeCOP) • Building automation laboratory (INCIPICT)

85. Formal Methods for the Analysis and Control of Cyber-Physical Systems Giordano Pola Department of Information Engineering, Computer Science and Mathematics, Center of Excellence DEWS, University of L’ Aquila, Italy giordano.pola@univaq.it

86. At DISIM & DEWS:  Marika Di Benedetto  Pierdomenico Pepe  Elena De Santis  Costanzo Manes Outside:  Paulo Tabuada (UCLA, USA)  Karl Henrik Johansson (KTH, Sweden)  Arjan J. van der Schaft (University of Groningen, The Netherlands)  Antoine Girard (Universite’ Joseph Fourier, France)  Alessandro Borri (IASI-CNR, Italy)  Majid Zamani (TU Munich, The Netherlands)  Manuel Mazo (TU Delft, The Netherlands) Acknowledgments: 01/13 Collaborations

87. 02/13 http://CyberPhysicalSystems.org Cyber Physical Systems (CPS) – a concept map

88. 02/13 http://CyberPhysicalSystems.org Cyber Physical Systems (CPS) – a concept map

89. 03/13 Network of plants Pi and computing units Ci communicating via non-ideal communication infrastructures Our model of CPS P1 P2 PN C1 C2 CN

90. Our model of CPS 04/13 P1 P2 PN C1 C2 CN Plants: nonlinear control systems with possible disturbances and time-varying (states and inputs) delays dx(t) / dt = f (x(t),x(t-x(t)),u(t-u(t)),d(t)) :Pi

91. Our model of CPS 05/13 P1 P2 PN C1 C2 CN Computing Units: Labelled transition systems T = (Q, Q0, L, ,O,H) :Ci

92. Our model of CPS 06/13 Non-idealities in communication infrastructures:  Quantization errors  Bounded time-varying network access times  Bounded time-varying communication delays  Limited bandwidth  Bounded number of packet losses P1 P2 PN C1 C2 CN :

93. 07/13 Goals:  Synthesis of correct-by-design embedded control software enforcing complex specifications  Detection of faults and/or criticalities in safety-critical CPS Our model of CPS P1 P2 PN C1 C2 CN

94. Approach based on a three phases process: #1. construct the finite/symbolic model T of the plant system  #2. design a finite/symbolic controller C that solves the specification S for T #3. design a controller C’ for  on the basis of C Advantages:  Integration of software and hardware constraints in the control design of purely continuous processes  Use of computer science techniques to address complex logic specifications Correct-by-design embedded control software Symbolic domain Physical domain Plant: Continuous or Hybrid system Symbolic model Finite controllerSoftware & hardware Hybrid controller 08/13

95. stable control systems [Automatica-2008] stable switched systems [IEEE-TAC-2010] stable time-delay systems [SCL-2010] stable time-varying delay systems [IJRNC-2014] [IJC-2012] unstable control systems [IEEE-TAC-2012] efficient control algorithms [IEEE-TAC-2012] approximate bisimulation [Girard & Pappas,IEEE-TAC-2007] incremental stability [Angeli,IEEE-TAC-2002] networked control systems [HSCC-2012] [IEEE-CDC-2012] [ERCIM News ‘97] [IEEE-TAC-2016 ?] Research at DEWS (IAB meeting 2014) PWA systems [IEEE-TAC-2014] networks of control systems [IEEE-ACC-2014] [IEEE-TAC-2016 ?] decentralized symbolic control & application to vehicle platooning [NecSys 2013] stable control systems with disturbances [SIAM-2009] 09/13

96. #1. Construct the symbolic model T of the plant system  Done: 1.1 CPS with one plant and one computing unit communicating via nonideal communication infrastructure [Borri et al; HSCC-2012], [Liu et al.; HSCC-2014], [Zamani et al; IEEE-CDC-2015],] 1.2 CPS with multiple plants and computing units communicating via ideal communication infrastructure [Tazaki et al.; HSCC-2008], [Pola et al.; IEEE-TAC-2016 ?] To be done: 1.1 + 1.2 = ?  Incremental stability notions for CPS  Symbolic models for CPS with multiple plants and computing units communicating via nonideal communication infrastructure Correct-by-design embedded control software 10/13

97. #2. Design a symbolic controller C that solves the specification S for T Done: [Borri et al; HSCC-2012]  Model: CPS with one plant and one computing unit communicating via nonideal communication infrastructure  Specifications: non-deterministic transition systems To be done:  Extension to symbolic control design with specifications in terms of Linear Temporal Logic  Extension to symbolic control design for CPS with multiple plants and computing units communicating via nonideal communication infrastructure Correct-by-design embedded control software 11/13

98. Model: Networks of Finite State Machines Assumptions:  no continuous and/or hybrid dynamics  ideal communication infrastructure Done: [Pola et al.; Automatica-2016 ?]  Decentralized observers detecting instantaneously faults/criticalities in CPS  Model reduction via bisimulation theory To be done:  Extension to CPS with continuous and/or hybrid dynamics and with nonideal communication infrastructure  Extension to opacity [Mazare et., WITS 2004], i.e. to keep secret a set of states of an FSM with respect to all possible measurements on the system Detection of Faults and/or Criticalities in CPS 12/13

99. Additional expertise required:  From Telecommunication Engineering to set up a comprehensive model of communication infrastructures  From Embedded Systems Engineering to set up a comprehensive model of hardware/software infrastructures  From Computer Science to design efficient algorithms for analysis and controllers’ synthesis The need for an interdisciplinary approach 13/13

100. Autonomous Vehicle and MicroGrids as CPS Elena De Santis Introduction Traﬃc Control Motivations Autonomous Vehicle Power Systems Motivations DC Microgrid Conclusions Autonomous Vehicle and MicroGrids as CPS: Challenges and Opportunities Elena De Santis L’Aquila University Center of Excellence DEWS L’Aquila, Jenuary 26th 2016 1/17 Autonomous Vehicle and MicroGrids as CPS

101. Autonomous Vehicle and MicroGrids as CPS Elena De Santis Introduction Traﬃc Control Motivations Autonomous Vehicle Power Systems Motivations DC Microgrid Conclusions Index 1 Introduction 2 Traﬃc Control Motivations Autonomous Vehicle 3 Power Systems Motivations DC Microgrid 4 Conclusions 2/172/17 Autonomous Vehicle and MicroGrids as CPS

102. Autonomous Vehicle and MicroGrids as CPS Elena De Santis Introduction Traﬃc Control Motivations Autonomous Vehicle Power Systems Motivations DC Microgrid Conclusions Presentation outline Traﬃc Control: Development of an Adaptive Cruise Control model able to imitate human driver behaviour Power Systems Control: Analysis and control of a Direct Current microgrid connected to renewables, storage systems and loads 3/173/17 Autonomous Vehicle and MicroGrids as CPS

103. Autonomous Vehicle and MicroGrids as CPS Elena De Santis Introduction Traﬃc Control Motivations Autonomous Vehicle Power Systems Motivations DC Microgrid Conclusions CPS 4/174/17 Autonomous Vehicle and MicroGrids as CPS

104. Autonomous Vehicle and MicroGrids as CPS Elena De Santis Introduction Traﬃc Control Motivations Autonomous Vehicle Power Systems Motivations DC Microgrid Conclusions Traﬃc Control Microscopic approach: each element is analyzed (ex: mechanical laws) Macroscopic approach: the elements together are analyzed (ex: kinetic gas theory) Mesoscopic approach: macroscopic quantities are introduced in the microscopic approach! 5/175/17 Autonomous Vehicle and MicroGrids as CPS

105. Autonomous Vehicle and MicroGrids as CPS Elena De Santis Introduction Traﬃc Control Motivations Autonomous Vehicle Power Systems Motivations DC Microgrid Conclusions Why Human-Inspired? BREAKING NEWS! 6/176/17 Autonomous Vehicle and MicroGrids as CPS

106. Autonomous Vehicle and MicroGrids as CPS Elena De Santis Introduction Traﬃc Control Motivations Autonomous Vehicle Power Systems Motivations DC Microgrid Conclusions State of the art 7/177/17 Autonomous Vehicle and MicroGrids as CPS

107. Autonomous Vehicle and MicroGrids as CPS Elena De Santis Introduction Traﬃc Control Motivations Autonomous Vehicle Power Systems Motivations DC Microgrid Conclusions Hybrid systems H = (Q, X, f , Init, Dom, E, G, R) Q = {q1, q2, ...} is the set of discrete states; X = Rn is the continuous state space; f = {fi , qi ∈ Q} is a vector ﬁeld; Init ⊆ Q × X is the set of initial conditions; Dom(·) : Q → 2X ; E ⊆ Q × Q is the set of edges; G(·) : E → 2X is a map describing guard conditions; R(·, ·) : E × X → 2X is a reset. 8/178/17 Autonomous Vehicle and MicroGrids as CPS

108. Autonomous Vehicle and MicroGrids as CPS Elena De Santis Introduction Traﬃc Control Motivations Autonomous Vehicle Power Systems Motivations DC Microgrid Conclusions Discrete States and related Domains Important Control based on information from LEADER + ENVIRONMENT 9/179/17 Autonomous Vehicle and MicroGrids as CPS

109. Autonomous Vehicle and MicroGrids as CPS Elena De Santis Introduction Traﬃc Control Motivations Autonomous Vehicle Power Systems Motivations DC Microgrid Conclusions Power Systems Control 10/1710/17 Autonomous Vehicle and MicroGrids as CPS

110. Autonomous Vehicle and MicroGrids as CPS Elena De Santis Introduction Traﬃc Control Motivations Autonomous Vehicle Power Systems Motivations DC Microgrid Conclusions Change of paradigm Energy Production Energy Transportation 11/1711/17 Autonomous Vehicle and MicroGrids as CPS

111. Autonomous Vehicle and MicroGrids as CPS Elena De Santis Introduction Traﬃc Control Motivations Autonomous Vehicle Power Systems Motivations DC Microgrid Conclusions DC Microgrid Deﬁnition Microgrid concept: a cluster of loads and microsources operating as a single controllable system that provides power to its local area. 12/1712/17 Autonomous Vehicle and MicroGrids as CPS

112. Autonomous Vehicle and MicroGrids as CPS Elena De Santis Introduction Traﬃc Control Motivations Autonomous Vehicle Power Systems Motivations DC Microgrid Conclusions Framework 13/1713/17 Autonomous Vehicle and MicroGrids as CPS

113. Autonomous Vehicle and MicroGrids as CPS Elena De Santis Introduction Traﬃc Control Motivations Autonomous Vehicle Power Systems Motivations DC Microgrid Conclusions Compressed Sensing Problem: Find a sparse solution to the under-determined set of equations: 14/1714/17 Autonomous Vehicle and MicroGrids as CPS

114. Autonomous Vehicle and MicroGrids as CPS Elena De Santis Introduction Traﬃc Control Motivations Autonomous Vehicle Power Systems Motivations DC Microgrid Conclusions Why is interesting? 15/1715/17 Autonomous Vehicle and MicroGrids as CPS

115. Autonomous Vehicle and MicroGrids as CPS Elena De Santis Introduction Traﬃc Control Motivations Autonomous Vehicle Power Systems Motivations DC Microgrid Conclusions References Safe Human-Inspired Mesoscopic Hybrid Automaton for Longitudinal Vehicle Control, A. Iovine, F. Valentini, E. De Santis, M. Di Benedetto, M. Pratesi, 5th IFAC Conference on Analysis and Design of Hybrid Systems (ADHS’15), Atlanta, 14-16 October 2015 A Safe Human-Inspired Mesoscopic Hybrid Automaton for Autonomous Vehicles, A. Iovine, F. Valentini, E. De Santis, M. Di Benedetto, M. Pratesi, to be submitted to IFAC journal Nonlinear Analysis: Hybrid Systems (NAHS) Management of the Interconnection of Renewables and Storages into a DC Microgrid, A. Iovine, S. B. Siad, G. Damm, A. Benchaib, F. Lamnabhi-Lagarrigue, E. De Santis, M. D. Di Benedetto, draft Secure Estimation for Wireless Tracking Control under Denial-of-Service Attacks G.Fiore, Y.H. Chang, Q.Hu, C. Tomlin, M.D. Di Benedetto, draft 16/1716/17 Autonomous Vehicle and MicroGrids as CPS

116. Autonomous Vehicle and MicroGrids as CPS Elena De Santis Introduction Traﬃc Control Motivations Autonomous Vehicle Power Systems Motivations DC Microgrid Conclusions Thanks for your attention! Any Questions? 17/1717/17 Autonomous Vehicle and MicroGrids as CPS

117. Henry Muccini henry.muccini@univaq.it DISIM Dept. of Information Engineering, Computer Science and Mathematics University of L’Aquila, Italy DEWS Centre of Excellence on Design Methodologies of Embedded Controllers, Wireless Interconnect and Systems-on-chip - University of L’Aquila, Italy

118. SEA Group Which architectural styles? Objective 1: Discovering best practices in Architecting Cyber-Physical Systems Objective 2: Discovering self-adaptation practices in Architecting Cyber-Physical Systems Collaborating CPS components • Which architectural style? • How to describe the architecture of a CPS? • Which are the critical architecture decisions? • How to assess the quality of such a model?

119. SEA Group Goal: to analyze the state-of-the art in architecting (self-adaptive) CPS Method: Systematic Literature Review Output: a classification of the most frequent practices used for architecting CPS More info: http://dl.acm.org/citation.cfm?id=2797453 Contact info: henry.muccini@univaq.it

120. SEA Group Models Interoperability Multi View Management (DS)Language Extensibility Usable & Analytic DSL Group Design Decision Resilience SA-based Testing and MC Needs and Challenges Domains CPS Mobile any Technical Foundations Metamodel Composition Model Transformation Model Weaving Semantic Wiki DLSs Editors Megamodeling Survey TSE 2013 + Software Architecture 4 MDE Architecting complex systems

121. Software and System Architecture Comp Comp Comp Comp Comp Comp Comp SYSTEM

122. SEA Group Architecting challenges How to build an architecture that satisfies the functional and non functional requirements and constraints? Which architectural decisions to be made? Which architectural style to be used? How to validate such a design model?

123. SEA Group Views and Viewpoints Distributed team management SA Styles SA Languages Components and Connectors Technologies 25 years of work on Software Architectures

124. Problem Statement 9 Q: How the Software Architecture community can contribute to engineering CPSs? Q: How our theories and methods can be adapted to fruitfully design CPSs? Q: What are the new design challenges in architecting CPS? Architecting Cyber Physical Systems More abstraction New design processes New middlw components Multiple levels of abstractions Still, the trends of research on architecting CPS is unclear!

125. Università degli Studi dell’Aquila Architecting Henry Muccini DISIM, University of L’Aquila, Italy Joint work with Ivano Malavolta and Mohammad Sharaf henry.muccini@univaq.it, @muccinihenry

126. How? 11 4 Research Questions Search and Selection Protocol Keywording Inclusion and Exclusion Search on Scholar Search on Conferences RQ1 – What are the application domains in which the activity of architecting CPSs has been used so far? RQ2 – What are the type of quality attributes (challenges) encountered when architecting CPSs? RQ3 – What are the goals and focus areas of the activity of architecting CPSs? RQ4 – What are the types of solutions to support the activity of architecting CPSs?

127. 4 9 13 14 20 23 24 26 44 51 52 0 10 20 30 40 50 60 TESTABILITY SECURITY MAINTAINABILITY FLEXIBILITY RELIABILITY DEPENDABILITY COMPATIBILITY MODIFIABILITY PORTABILITY SURVIVABILITY PERFORMANCE RQ2: Quality Attributes (challenges) 12 PERFORMANCE timing: 30 resource utilization: 8 energy/power consumption: 8 efficiency: 6 SURVIVABILITY heterogeneity: 29 distribution: 7 reconfigurability:7 mobility: 4 autonomy: 4 PORTABILITY integrability: 20 adaptability: 19 portability: 3 independency: 2

128. RQ4: Solutions 13 10 10 13 13 18 22 22 24 26 72 76 77 0 10 20 30 40 50 60 70 80 90 MIDDLEWARE RESOURCE RECONFIGURATION VIRTUALIZATION SOFTWARE AGENTS COMPONENT-BASED COMMUNICATION INFRASTRUCTURE MODELING AND VALIDATION FRAMEWORKS MODELING LANGUAGES DESIGN ARCHITECTURE PATTERNS PATTERNS SOA: 31 multi-tier : 15 event-driven: 11 cloud: 11 ARCHITECTURE cloud architecture: 11 system architecture: 8 Integration architecture: 4 DESIGN modeling: 34 quality driven for system design: 12 platform: 7

129. RQ1: domains and applications 14 2 4 8 9 12 18 27 34 47 0 5 10 15 20 25 30 35 40 45 50 MILITARY CONSUMER INFRASTRUCTURE ROBOTICS HEALTH CARE MANUFACTURING COMMUNICATION ENERGY TRANSPORTATION TRANSPORTATION -vehicular CPS -avionics and aerospace -intelligent transportation (traffic control) ENERGY -smart grids -building control systems (smart building and smart city) -distributed energy systems COMMUNICATION -WSNs -Mobile CPS -IoT RQ1 – What are the application domains in which the activity of architecting CPSs has been used so far?

130. Case studies15 Military 1 2% Consumer 2 4% Infrastructure 1 2% Robotics 4 8% Health Care 5 10% Manufacturing: 11 23% Communication 1 2% Energy 7 papers 15% Transportati on: 16 33% Architectural Methods and Techniques languages; 18; 4% middleware; 26; 6% tactics; 28; 6%reference architecture; 31; 7% Framework; 34; 8% views; 55; 12% models; 60; 14% architect ure; 94; 21% style; 96; 22% 8 13 32 119 0 20 40 60 80 100 120 140 WORKSHOP PAPER BOOK CHAPTER JOURNAL PAPER CONFERENCE PAPER Publication Venue

131. Università degli Studi dell’Aquila Self-Adaptation Henry Muccini, Mohammad Sharaf, Danny Weyns DISIM, University of L’Aquila KU Leuven, Sweden

132. SEA Group RQ1: How is self-adaptation applied in cyber physical systems? • Concerns, technology stack, application domains RQ2: How do existing approaches for self-adaptation in cyber physical systems handle self-adaptation concerns? • feedback loops, models RQ3: What type of evidence is provided by existing approaches for self-adaptation in cyber physical systems? • Empirical methods, assurances

133. SEA Group Feedback Loops Technology stack

134. SEA Group Main Findings Application layer Middleware layer Communication layer Service layer .. layer Feedback loop Feedback loop Feedback loop performance and reliability Security and interoperabiliy Technolgy stack vs Feedback loop Concerns

135. Università degli Studi dell’Aquila Security Henry Muccini, Mohammad Sharaf, Deepak Khrisna, Vikas Kumar DISIM, University of L’Aquila

136. Università degli Studi dell’Aquila A modellig platform Ivano Malavolta, Henry Muccini GSSI, L’Aquila DISIM, University of L’Aquila

137. SEA Group Modeling environment Programming Framework Analysis and Code Generati on

138. Università degli Studi dell’Aquila Ivano Malavolta, Henry Muccini GSSI, L’Aquila DISIM, University of L’Aquila

139. SEA Group AMUSE MUSEUM: To mitigate waiting queues To manage emergencies To provide ICT services

140. SEA Group References Ivano Malavolta, Henry Muccini, Mohammad Sharaf: A Preliminary Study on Architecting Cyber-Physical Systems. ECSA Workshops 2015: 20:1-20:6 Ivica Crnkovic, Ivano Malavolta, Henry Muccini, Mohammad Sharaf: On the Use of Component- Based Principles and Practices for Architecting Cyber- Physical Systems. CBSE 2016 (to appear) Henry Muccini, Mohammad Sharaf, Danny Weyns: Self- Adaptation for Cyber-Physical Systems: A Systematic Literature Review. SEAMS 2016 (to appear)

141. Electronic Design Automation & Embedded Systems Development Luigi Pomante First DISIM Workshop on Engineering Cyber-Physical Systems, L’Aquila, 26/01/2016

142. 2 Overview  Cyber-Physical Systems  M3 research line: main research topics  Electronic System-Level HW/SW Co-Design  Networked Embedded Systems  Mixed-Criticality Systems  Smart monitoring systems for Embedded SoC architectures  Advanced Processing Architectures  M3 research line: main research projects

143. 3 Cyber-physical systems A cyber-physical system (CPS) is an integration of computation with physical processes. Embedded computers and networks monitor and control the physical processes, usually with feedback loops where physical processes affect computations and vice versa. As an intellectual challenge, CPS is about the intersection, not the union, of the physical and the cyber. E. A. Lee, S. A. Seshia Introduction to Embedded Systems, a Cyber-Physical Systems approach LeeSeshia.org, 2011

144. 4 Cyber-physical systems CYBER PHYSICAL EMBEDDED REAL TIME NETWORKED

145. 5 M3 Main Research Topics  Networked Embedded Systems  HW/SW Technologies for (Networked) Embedded Systems  Wireless Sensor Networks  Middleware, Localization/Tracking, Security, EDA tools for WSN  Mixed-Criticality Systems  Hypervisor technologies for mixed-criticality multi-core platforms  Mixed-criticality Network-On-Chip  Electronic System-Level HW/SW Co-Design  HW/SW Co-Design of Heterogeneous Parallel Dedicated/Embedded Systems  HEPSYCODE

146. 6 M3 Main Research Topics  Smart monitoring systems for Embedded SoC architectures  Distributed HW Profiling System for Parallel Architectures on FPGA  Platforms  4-LOOP, A-LOOP  Advanced Processing Architectures  SDR Platforms  Many-core chips for TSR

147. Insights on Research Topics 7

148. 8 Networked Embedded Systems: Wireless Sensor Networks Middleware for WSN  Heterogeneous HW/SW/radio platforms  Virtual Machines (support to cooperations and distributed SW development)  Services  Indoor Localization  Security (cryptography, intrusion detection system) Remote Lab and Testbed (LabSMILING)  Up to 100 nodes remotely programmable and monitorable  WSN data collection and analysis

149. 9 Technologies Hardware  CrossBow/Memsic: Mica2, MicaZ, IRIS, Imote2, TelosB  Advanticsys: TelosB-like  Texas Instruments: CC2xxx, CC4xxx  IBM: Moterunner  Atmel: ZigBit

150. 10 Technologies Software  C + HAL  OS: TinyOS, FreeRTOS, Contiki Middleware  Agilla/Agilla 2 Communication protocols  IEEE 802.15.4 (Atmel and TinyOS implementations)  Specific routing algorithms  Atmel, TinyOS and OpenZigBee implementations

151. 11 Mixed-Criticality Systems  In a mixed criticality system different functions with different insurance levels are allocated on the same component  A mixed criticality system requires a rigorous temporal and spatial partitioning  Robust hardware and software mechanisms to prevent interference between the various functions  Multi-core and many-core devices have considerable advantages  A much higher computational capacity per footprint, allowing a substantial reduction of energy consumption  Disadvantage: they are less predictable, given the heavy use of shared resources by the various processing elements

152. Mixed-Criticality Systems  Use of hypervisors on multi- processor architectures  Virtualization appears to be a promising technique to implement robust software architectures in multi-core avionics platforms  Analysis of paravirtualization tools on a multi-processor LEON4 platform specifically designed for the aerospace domain  FentISS XtratuM  SYSGO PikeOS  Porting and analysis of hypervisor solutions on FPGA based SoCs 12 PARTITION 1 HYPERCALL INTERFACE KERNEL MODE USERMODE PARTITION 2 PARTITION 3 XTRATUM USER PARTITIONS SUPERVISOR PARTITIONS PIKEOS SYSTEM SOFTWARE PARTITION 1 PARTITION 2 PARTITION 3 PIKEOS SEPARATION MICROKERNEL ARCHITECTURE SUPPORT PACKAGE PLATFORM SUPPORT PACKAGE KERNEL MODE USER MODE

153. 13 Mixed-Criticality Systems Picture: OpenSynergy/SYSGO - Mixed-Criticality: Hypervisors in networked cyber- physical systems

154. Mixed-Criticality Systems  Hardware mechanisms to support isolation in a network-on-a-chip  Isolation of different application classes on NoC architectures  Hardware mechanisms supporting isolation to be introduced into existing network interfaces  Support for the execution of multiple applications with different criticality levels  Strategy: message exchange supervision 14 R1 T7(c1), TM NI4 R4 T1(c1), T2(c2) NI1 R2 T5(c1), T6(c2) NI3 R3 T3(c1), T4(c1) NI2

155. 15 ESL HW/SW Co-Design: HEPSYCODE  A System-Level Methodology for HW/SW Co-Design of Heterogeneous Parallel Dedicated Systems that, starting from a model of the system behaviour, based on a Concurrent Processes MoC, leads to an heterogeneous parallel dedicated system able to satisfy given F/NF requirements  In particular, the goal is to suggest to designer  How to partition processes between HW and SW  Which kind of heterogeneous parallel architecture to use  How to map processes to processor

156. 16 ESL HW/SW Co-Design: HEPSYCODE The Co-Design Flow System Behaviour Model Functional Simulation Reference Inputs Co-Analysis Co-Estimation - Affinity - Timing - Size - Concurrency - Load - Bandwidth Timing Constraints HW/SW Partitioning, Mapping and Architecture Definition Timing Co-Simulation Design Space Exploration Algorithm-Level Flow System-Level Flow Hetrogeneous Parallel Dedicated System Technologies Library -Processors -Memories -Interconnections Scheduling Directives Architectural Constraints

157. 17 Smart monitoring systems for Embedded SoC architectures Concept of a monitoring system Functional Requirements Non-functional Requirements  Execution Time  Power Dissipation  Area  … How estimate parameters starting by measurements? How to make measurements? How to take measurements? Global Monitor System under examination

158. Identification of the monitoring system 18 Proposed framework Library of elements System identification Inputs Monitoring system composition Monitoring system implementation New monitored system Outputs F/NF requirements

159. General system view 19 core core Bridge Cache I/D core Cache I/D Cache I/D SDRAM Controller NetworkUART SSS S S SSS S S S SS Global monitor Adapter Interface Time measure Event Count Filtering Hardware sniffers Nucleus Current collaboration with UNIMORE to manage access to shared resources and to monitor system activities

160. Platforms 20

161. 21 Multicore platforms  4–LOOP - SMP system including:  A quad-core Leon 3 with Linux operating system, OpenMP library and hardware profiling system ML605 (Virtex 6) Development Board Current collaboration with POLIMI to port the Barbeque framework (http://bosp.dei.polimi.it) on 4-LOOP platform

162. 22 Multicore platforms  A–LOOP - AMP system including:  a dual-core ARM Cortex A9 processor with Linux operating system  a quad-core Leon3 processor with Linux operating system, OpenMP library and a hardware profiling system HARDWARE ARCHITECTURETHE PLATFORM ZedBoard (Zynq7000) Development Board Current collaboration with POLITO to evaluate reliability of an AMP (i.e. dual-SMP) PikeOS mixed-critical system

163. 23 Advanced Processing Architectures SDR Platforms  Sundance HW/SW development kit for Software-Defined-Radio (Wi-FI, 802.15.4, Wi-Max) Many-core accelerators for TSR  Development of Parallel SW for True Software Radio  Avionic/TLC algorithms for a 64 VLIW cores accelerator  Simulator for PRAM MoC

164. Projects & People 24

165. 25 M3 Main Research Projects  VISION (ERC-2009-StG 240555)  Video-oriented UWB-based Intelligent Ubiquitous Sensing  SMILING (RIDITT 2009, national project)  SMart In home LIviNG  PRESTO (Artemis-JU ASP 2010-269362)  ImProvements of industrial Real Time Embedded SysTems develOpment process  CRAFTERS (Artemis-JU ASP 2011-295371)  ConstRaint and Application-driven Framework for Tailoring Embedded Real-time Systems

166. 26 M3 Main Research Projects  EMC2 (Artemis-JU AIPP 2013-621429)  Embedded Multi-Core systems for Mixed Criticality applications in dynamic and changeable real-time environments  CASPER (H2020-MSCA-RISE-2014)  User-centric MW Architecture for Advanced Service Provisioning in Future Networks  SAFECOP (ECSEL-JU RIA-2015) [in negotiation]  Safe Cooperating Cyber-Physical Systems using Wireless Communication

167. 27 People  Post-doc  Fabio Federici, Claudia Rinaldi, Marco Santic  PhD Students  Vittoriano Muttillo, Giacomo Valente  Collaborators  Ileana Cerasani, Walter Tiberti

168. From Ambient IntelligenceFrom Ambient Intelligence to Cyber-Physical Systemsto Cyber-Physical Systems Stefania CostantiniStefania Costantini Pasquale CaianielloPasquale Caianiello Giovanni De GasperisGiovanni De Gasperis DISIMDISIM Università degli Studi di L’AquilaUniversità degli Studi di L’Aquila

169. Vision • Così • Non così • E non così (wearable computing?)

170. Ambient Intelligence • The term ‘Ambient Intelligence’ was introduced by Emile Aarts della Philips (http://www.research.philips.com/ technologies/syst_softw/ami/index.html) • It was then adopted by the European Community

171. Ambient Intelligence (AmI) • Computers and networks will be integrated into the everyday environment rendering accessible a multitude of services and applications through easy-to-use human interfaces. This vision of "ambient intelligence" places the user, the individual, at the centre of future developments for an inclusive knowledge based society for all • Now: Fog Computing, Cyber-Physical Systems

172. Ambient Intelligence (AmI) • The Environment will be integrated by intelligent interfaces supported by computing and networking technology which is everywhere, embedded in everyday objects such as furniture, clothes, vehicles, roads and smart materials even particles of decorative substances like paint

173. Ambient Intelligence: Vision • Radically rethink the human-computer interactive experience: – Integrate digital world (information & services) and physical world (physical objects/environment) – Make interfaces more responsive and proactive (objects & environment monitor user and (proactively) present information & services relevant to user’s current needs/interests)

174. Componenti dell’Ambient Intelligence • Ambient – Materiali innovativi, Wearable Computing, Sensori, Attuatori, Interfacce utente, Infrastrutture di Comunicazione • Intelligence – Elaborazione del Linguaggio Naturale, Interfacce Utente, Gestione dei Contenuti (Basi di Conoscenza), Computational intelligence (Intelligenza Artificiale,Agenti Intelligenti

175. Internet of Everything • I dispositivi digitali sono integrati negli oggetti di tutti i giorni e nell‘ambiente (ubiquità, pervasività) • Essi comunicano tramite una infrastruttura comune invisibile e apparentemente non intrusiva • Non c‘è più un solo computer per utente ma i vari dispositivi interagiscono mediante intelligenza distribuita.

176. Un Possibile Futuro? Ambient semantics or “enriching your every day experience” – Book tells you about friends/famous people that loved it – Book tells you about particularly interesting passages – Touching 2 books makes their connections appear – Picking up book makes relevant music play

177. Un Possibile Futuro? • Objects with memory – Leaving messages in objects (e.g. reminders, personal stories) – Objects that can tell you their relevant stories/memories – Objects record history, rhythms of time and events

178. Intelligenza Artificiale e Agenti Intelligenti I droidi D-3BO e C1-P8 di “Star Wars”

179. L’Intelligenza Artificiale (AI, born 1956) John McCarthy, 1927-2011 Marvin Minski, 1927-2016

180. Agenti (software) • Sono situati in un ambiente non necessariamente del tutto noto a priori • Sono autonomi • Percepiscono l’ambiente • Agiscono sull’ambiente • Comunicano con altri agenti • Possono avere obiettivi, svolgere compiti

181. Agenti Intelligenti (software) • Interagiscono in modo flessibile con l’ambiente – Sopravvivono – Imparano – Si adattano – Perseguono obiettivi – Cooperano, competono, negoziano

182. 26 gennaio 2016 S. Costantini - Intelligenza Artificiale 15 Features • Reattività • Proattività • Capacità di ragionamento – pianificazione + – common sense reasoning • Abilità sociale • Memoria • Capacità di imparare e rivedere le proprie conoscenze

183. Una funzione essenziale: Imparare (Learning) • Imparare dall’utente • Imparare come si comporta l’utente • Imparare dagli altri agenti • Imparare dall’esperienza

184. 26 gennaio 2016 S. Costantini - Intelligenza Artificiale 17 Intelligenza come fenomeno emergente • Un agente software è dotato di un insieme di comportamenti e capacità • Quello che farà dipende: – dall’interazione con l’ambiente – dalle capacità dell’agente – dalle scelte dell’agente • Se l’agente è ben programmato e adattato, si comporterà in modo “intelligente”

185. DALI: un linguaggio logico per agenti Stefania Costantini & Arianna Tocchio • Definito e implementato nel Laboratorio AAAI@AQ, Università degli Studi di L’Aquila • Brevettato, usato in applicazioni reali (ad es. CUSPIS) – Disponibile su • https://github.com/AAAI-DISIM-UnivAQ/DALI

186. A Scenario: Augmented Reality • Augmented physical environments – Objects around you can draw your attention (e.g. books on a bookshelf of specific interest to you) – Walking around town, system points out buildings/places of particular interest to a user (based on user’s interests)

187. Today’s Augmented Reality • Google glasses or mobile apps

188. What we did: Turismo e Fruizione Beni Culturali • Localizzazione utenti via satelliti GALILEO • Agenti Intelligenti per: – Profilo utente – Informazioni personalizzate – Proposte correlate agli interessi

189. Fruizione Beni Culturali: scenario

190. Ruolo degli Agenti Intelligenti • Interagire con l’utente per ottenere il profilo base • Personalizzare informazioni e interazione • Capire gli interessi dell’utente, • Aggiornare il profilo

191. Progetto CUSPIS

192. CUSPIS Demonstrator : Villa Adriana

193. Domotica • Si occupa dell'integrazione delle tecnologie che consentono di automatizzare una serie di operazioni all’interno della casa. – Integrazione dei dispositivi elettrici ed elettronici, degli elettrodomestici, dei sistemi di comunicazione, di controllo e sorveglianza presenti nelle abitazioni. Il termine domotica deriva dall’importazione del neologismo francese domotique = domos automatique

194. Domotic and Smart Cities • Obiettivo: abitare in case più sicure e confortevoli, dotate di un sistema di automazione semplice, affidabile, flessibile ed economico • Un sistema (teoricamente) alla portata di tutti. – Confort – Sicurezza – Risparmio energetico

195. Smart Buildings (Energy Prosumers/Consumers)

196. Intelligent DALI Agents for Smart Buildings • Optimize personal confort according to preferences and health conditions while respecting overall objectives via a special Interval Temporal Logic • Objectives: keep comsumption/expense within limits, sell and buy energy at best prices

197. A Multiagent Saver for the Automatic Management of HVAC Systems Speaker: Giovanni De Gasperis, University of L'Aquila, Italy Prosumer node model – real-time predictive control of air conditioning systems in smart buildings in the context of energy management. In general, a PROSUMER NODE in a smart grid is: – A smart building that can produce, accumulate and have autonomy of decision making about resource consumption, dealing with given comfort constraints

198. A Predictive Model for the Automated Management of Conditioning Systems in Smart Buildings. Speaker: Giovanni De Gasperis, University of L'Aquila, Italy The predictive control needs a good estimate of near future power demand. To achieve acceptable near future estimates, we proposed a method based on “Evidence combination”, measuring performances of a bank of estimators over time: 1. Simple Moving Average (SMA) 2. Functional Regression (FR) 3. Support Vector Regression (SVR) 4. Gradient Tree Boosting (GTB) SMA FR SVR GTB bank of power demand estimators Actual Power measures performance assessment & evidence combination power demand forecast Cycling over 96 samples, 1 each quarter of hour of the last 24 next quarter of hour

199. A Multiagent Saver for the Automatic Management of HVAC Systems Speaker: Giovanni De Gasperis, University of L'Aquila, Italy Multi Agent Energy Saver Supervisor System Architecture

200. e-Health applications

201. What we intend to do: Sostegno ai Disabili • La disabilità non è una malattia, ma un “condizione attuale” di una persona (World Health Organization) • Una persona disabile è temporaneamente o definitivamente incapace di effettuare determinate attività in modo “corretto” o “normale” • La disabilità è correlata a situazioni nelle quali una persona non è capace di gestire in modo adeguato una situazione – Per cause fisiche o cognitive – Per cause esterne che creano limitazioni Tutti noi siamo occasionalmente disabili!

202. Ambient Intelligence/CPSs per il Sostegno ai Disabili • Localizzazione dell’utente nell’ambiente circostante • Aiuto nel riconoscere luoghi e oggetti • Adattamento all’utente per aumentare confidenza e garantire sicurezza • Fornire schemi per sequenze “corrette” di azioni • Riconoscere e correggere le sequenze “non corrette” di azioni

203. Ambient Intelligence/CPSs per il Sostegno ai Disabili • In casi estremi, prendere autonomamente alcune decisioni (ad esempio sul dove e come spostarsi) • Imparare ad interpretare autonomamente i pattern dei comportamenti quotidiani; • Riconoscere segni di angoscia, disorientamento,confusione

204. Ambient Intelligence/CPSs per il Sostegno ai Disabili • Offrire un aiuto proattivo attraverso diversi tipi di interventi fisici e verbali – Effettuare azioni per conto dell’utente – Raccogliere e fornire informazioni utili • Allertare altri in caso di pericolo.

205. Che cos'è il contesto? “L’informazione di contesto può in generale essere definita come un insieme ordinato multilivello di informazioni dichiarative riferite agli eventi che si verificano in un dato luogo e che coinvolgono oggetti animati ed inanimati” [J. Crowley] Context-awareness

206. Context-Awareness • Rappresentare il contesto – Ontologie (in Informatica): descrizione formale delle tipologie che si assume esistano in un dominio di interesse D dalla prospettiva dell’individuo che usa un linguaggio L al fine di parlare di D”. • Percepire il contesto allargando la descrizione con le nuove percezioni.

207. Dall’informazione di contesto alla comunicazione personalizzata • Obiettivi – adattività rispetto al contesto – adattività rispetto al terminale utente – personalizzazione rispetto al profilo dell’utente

208. Dall’informazione di contesto alla comunicazione personalizzata – Interazione multimodale: testo, voce, avatar – Interazione controllata da un agente intelligente

209. Big Picture (by Aielli, Ancona, Caianiello, Costantini, De Gasperis, Di Marco, Mascardi)

210. What we intend to do: eF&K for eHealth

211. Thank you for yourThank you for your Attention!Attention!

1ST DISIM WORKSHOP ON ENGINEERING CYBER-PHYSICAL SYSTEMS

You are reading a preview.

Check these out next

1ST DISIM WORKSHOP ON ENGINEERING CYBER-PHYSICAL SYSTEMS

More Related Content

Slideshows for you (20)

Viewers also liked (12)

Similar to 1ST DISIM WORKSHOP ON ENGINEERING CYBER-PHYSICAL SYSTEMS (20)

More from Henry Muccini (20)

Recently uploaded (20)