SlideShare a Scribd company logo

A Framework for Contract-Based Composition of CPS Analyses

Download as PPTX, PDF
Ivan Ruchkin
Ivan Ruchkin

This is a collaboration between the Institute for Software Research and the Software Engineering Institute, also known as Virtual Integration of CPS Analyses. These slides were presented at an SSSG @ ISR.

TechnologyEducation
1 of 21
A Framework for Contract-Based Composition of CPS Analyses Ivan Ruchkin In collaboration the SEI: Sagar Chaki, Dionisio De Niz, and Mark Klein. ISR Software Seminar October 14, 2013
Outline ● Composition of architectural analyses – – ● SEI modeling ecosystem Composition problem Framework for contract-based analysis composition – Analysis contracts – Design – Future work 2
Outline ● Composition of architectural analyses – – ● SEI modeling ecosystem Composition problem Framework for contract-based analysis composition – Analysis contracts – Design – Future work 3
CPS Modeling Ecosystem ? Hybrid model Deadlock model ? ? Cyber-Physical System Physical model Control model 4
AADL in One Slide ● ADL for avionics, embedded, and real-time systems. – ● Fixed architectural style. Modularity: – – ● Types and instances. Interfaces and implementations. Annexes – Language extensions for analyses. 5
SEI Modeling Ecosystem Security analysis Frequency scaling analysis Frequency scaling model Security model AADL system model Error analysis 1 Error analysis 2 Scheduling analysis Error behavior model Scheduling model 6
Example: Security Analysis ● ● Goal: determine which threads can be collocated on the same processor Security model: – – ● Analysis interface: – – ● a data type “security class,” a thread type with a security class field. Inputs: processes, threads, and thread security levels. Outputs: description of which threads cannot be collocated. Security analysis Analysis body: the algorithm of transforming inputs into outputs. 7
SEI Development Ecosystem Security analysis Frequency scaling analysis Frequency scaling model Security model ? AADL system model Error analysis 1 Error analysis 2 Scheduling analysis Error behavior model Scheduling model 8
Analysis Composition Problem ● Analyses have semantic interdependencies – how to not violate them? – ● E.g., scheduling needs collocation restrictions Analyses rely on each other to work correctly – how to ensure correct composition? – E.g., frequency scaling relies on correct scheduling Security analysis Scheduling analysis Frequency scaling analysis 9
Related Work ● Software verification – ● OCL for UML & SysML – ● Does not allow verification of assumptions Equation-based OO (Modelica) – ● Does not address architectural analyses Signal-flow equations, not discrete behavior Other toolkits (VEST, …) – Do not allow separation of models and analyses 10
Outline ● Composition of architectural analyses – – ● SEI modeling ecosystem Composition problem Framework for contract-based analysis composition – Analysis contracts – Design – Future work 11
A Framework for Contract-Based Analysis Composition a.k.a. virtual integration for open runtime analytic models ● Framework to specify the dependencies and assumptions of analyses ● Relies on analysis contracts ● Builds on top of the AADL design environment ● Uses third party tools to perform analyses 12
Analysis Contracts ● ● ● ● Inputs: what parts of the model the analysis accesses. Output: what parts of the model the analysis updates. Assumptions: what has to true about the model for the analysis to be applicable. Guarantees: what does the analysis guarantee about the model after its execution. M.-Y. Nam, D. de Niz, L. Wrage, and L. Sha, “Resource allocation contracts for open analytic runtime models,”, 2011. 13
Example of Analyses ● Security (confidentiality) analysis – ● Bin packing (real-time allocation) analysis – ● Allocate processes to processors. Frequency scaling (power efficiency) analysis – ● Based on security levels of threads, determine which threads can be collocated on one processor. Minimize the processor frequency to meet the task deadlines. Model checking (safety) analysis – Assuming the threads are scheduled correctly, check if the system is safe. 14
Example of Analyses: Dependency Graph In: processes allocated to processors Out: processor frequencies Frequency scaling In: threads with collocation info, processes, and processors Out: allocation to processors In: processes and threads with security classes Out: collocation info In: processes allocated to processors Out: deadlock safety Model checking Bin packing Security analysis Execution order 15
Example of Analyses: assumptions and guarantees Pre: no preemption for shorter deadlines Post: true Frequency scaling Pre: not collocated with what is prohibited Post: true Pre: true Post: not collocated with what is prohibited Pre: deadlines are equal to periods Post: true Model checking Bin packing Security analysis Execution order 16
Contracts Verification Use Cases ● Model-specific: – ● Applicability check: assumptions and guarantees satisfied by a concrete model. Model-independent: – – – Feasibility check: intersection of all assumptions and guarantees should satisfiable. Implication check: guarantees might imply the assumptions. Variant replacement: replacing analysis variants in existing graphs requires weaker assumptions and stronger guarantees. 17
Framework Design OSATE Eclipse Analyses contracts and source Graph Constructor Z3 Logical compiler Spin … Concrete model source Graph of analyses DB assumption checker Analysis executor DB Constructor Model DB (SQL) 18 Data flow
Future Work ● Theory: – – ● Verifying formulas in different logics: FOPL & LTL Looking for patterns in formulas Application: – Include other analyses, e.g., error behavior analysis – Include other verification engines: UPPAAL, Alloy 19
Summary ● ● ● CPS modeling requires analysis composition support. Analysis contracts capture semantic dependencies between analyses. The analysis composition framework allows to create and verify AADL analyses. 20
References ● ● M.-Y. Nam, D. de Niz, L. Wrage, and L. Sha, “Resource allocation contracts for open analytic runtime models,” in Proc. of the 9th ACM international conference on Embedded software, 2011. M.-Y. Nam, D. de Niz, L. Wrage, and L. Sha, "Open Analytic Runtime Models," in Proc. of the Workshop on Architectures for CPS, 2011. 21

Recommended

Fault Diagnosis Schemes for Low-Energy Block Cipher Midori Benchmarked on FPGA
Fault Diagnosis Schemes for Low-Energy Block Cipher Midori Benchmarked on FPGAFault Diagnosis Schemes for Low-Energy Block Cipher Midori Benchmarked on FPGA
Fault Diagnosis Schemes for Low-Energy Block Cipher Midori Benchmarked on FPGAJAYAPRAKASH JPINFOTECH
 
Variance analysis
Variance analysisVariance analysis
Variance analysissai precious
 
Analysis of Variance (ANOVA)
Analysis of Variance (ANOVA)Analysis of Variance (ANOVA)
Analysis of Variance (ANOVA)Avjinder (Avi) Kaler
 
Variance Analysis
Variance AnalysisVariance Analysis
Variance AnalysisDr. Rana Singh
 
Analytic Dependency Loops in Architectural Models of Cyber-Physical Systems
Analytic Dependency Loops in Architectural Models of Cyber-Physical SystemsAnalytic Dependency Loops in Architectural Models of Cyber-Physical Systems
Analytic Dependency Loops in Architectural Models of Cyber-Physical SystemsIvan Ruchkin
 
Framework for Inter-Model Analysis of Cyber-Physical Systems
Framework for Inter-Model Analysis of Cyber-Physical SystemsFramework for Inter-Model Analysis of Cyber-Physical Systems
Framework for Inter-Model Analysis of Cyber-Physical SystemsIvan Ruchkin
 
On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...
On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...
On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...Benoit Combemale
 
Enabling the digital thread using open OSLC standards
Enabling the digital thread using open OSLC standardsEnabling the digital thread using open OSLC standards
Enabling the digital thread using open OSLC standardsAxel Reichwein
 

Recommended

Fault Diagnosis Schemes for Low-Energy Block Cipher Midori Benchmarked on FPGA
Fault Diagnosis Schemes for Low-Energy Block Cipher Midori Benchmarked on FPGAFault Diagnosis Schemes for Low-Energy Block Cipher Midori Benchmarked on FPGA
Fault Diagnosis Schemes for Low-Energy Block Cipher Midori Benchmarked on FPGAJAYAPRAKASH JPINFOTECH
 
Variance analysis
Variance analysisVariance analysis
Variance analysissai precious
 
Analysis of Variance (ANOVA)
Analysis of Variance (ANOVA)Analysis of Variance (ANOVA)
Analysis of Variance (ANOVA)Avjinder (Avi) Kaler
 
Variance Analysis
Variance AnalysisVariance Analysis
Variance AnalysisDr. Rana Singh
 
Analytic Dependency Loops in Architectural Models of Cyber-Physical Systems
Analytic Dependency Loops in Architectural Models of Cyber-Physical SystemsAnalytic Dependency Loops in Architectural Models of Cyber-Physical Systems
Analytic Dependency Loops in Architectural Models of Cyber-Physical SystemsIvan Ruchkin
 
Framework for Inter-Model Analysis of Cyber-Physical Systems
Framework for Inter-Model Analysis of Cyber-Physical SystemsFramework for Inter-Model Analysis of Cyber-Physical Systems
Framework for Inter-Model Analysis of Cyber-Physical SystemsIvan Ruchkin
 
On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...
On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...
On Modeling and Testing When Unpredictability Becomes the Pattern (April 2nd,...Benoit Combemale
 
Enabling the digital thread using open OSLC standards
Enabling the digital thread using open OSLC standardsEnabling the digital thread using open OSLC standards
Enabling the digital thread using open OSLC standardsAxel Reichwein
 
Chapter 08
Chapter 08Chapter 08
Chapter 08Nazir Ahmed
 
IncQuery Group's presentation for the INCOSE Polish Chapter 20220310
IncQuery Group's presentation for the INCOSE Polish Chapter 20220310IncQuery Group's presentation for the INCOSE Polish Chapter 20220310
IncQuery Group's presentation for the INCOSE Polish Chapter 20220310IncQuery Labs
 
Studying Software Engineering Patterns for Designing Machine Learning Systems
Studying Software Engineering Patterns for Designing Machine Learning SystemsStudying Software Engineering Patterns for Designing Machine Learning Systems
Studying Software Engineering Patterns for Designing Machine Learning SystemsHironori Washizaki
 
Data Integration Solutions Created By Koneksys
Data Integration Solutions Created By KoneksysData Integration Solutions Created By Koneksys
Data Integration Solutions Created By KoneksysKoneksys
 
Towards Design-space Exploration of Component Chains in Vehicle Software
Towards Design-space Exploration of Component Chains in Vehicle SoftwareTowards Design-space Exploration of Component Chains in Vehicle Software
Towards Design-space Exploration of Component Chains in Vehicle SoftwareAlessio Bucaioni
 
From Model-based to Model and Simulation-based Systems Architectures
From Model-based to Model and Simulation-based Systems ArchitecturesFrom Model-based to Model and Simulation-based Systems Architectures
From Model-based to Model and Simulation-based Systems ArchitecturesObeo
 
Security Patterns: Research Direction, Metamodel, Application and Verification
Security Patterns: Research Direction, Metamodel, Application and VerificationSecurity Patterns: Research Direction, Metamodel, Application and Verification
Security Patterns: Research Direction, Metamodel, Application and VerificationHironori Washizaki
 
Fast and effective analysis of architecture diagrams
Fast and effective analysis of architecture diagrams Fast and effective analysis of architecture diagrams
Fast and effective analysis of architecture diagrams GlobalLogic Ukraine
 
Glasswall Wardley Maps & Services
Glasswall Wardley Maps & ServicesGlasswall Wardley Maps & Services
Glasswall Wardley Maps & ServicesSteve Purkis
 
Making Model-Driven Verification Practical and Scalable: Experiences and Less...
Making Model-Driven Verification Practical and Scalable: Experiences and Less...Making Model-Driven Verification Practical and Scalable: Experiences and Less...
Making Model-Driven Verification Practical and Scalable: Experiences and Less...Lionel Briand
 
Technical Practices for Agile Engineering - PNSQC 2019
Technical Practices for Agile Engineering - PNSQC 2019Technical Practices for Agile Engineering - PNSQC 2019
Technical Practices for Agile Engineering - PNSQC 2019Moss Drake
 
Serverless machine learning architectures at Helixa
Serverless machine learning architectures at HelixaServerless machine learning architectures at Helixa
Serverless machine learning architectures at HelixaData Science Milan
 
The secret life of rules in Software Engineering
The secret life of rules in Software EngineeringThe secret life of rules in Software Engineering
The secret life of rules in Software EngineeringJordi Cabot
 
Software Engineering Research: Leading a Double-Agent Life.
Software Engineering Research: Leading a Double-Agent Life.Software Engineering Research: Leading a Double-Agent Life.
Software Engineering Research: Leading a Double-Agent Life.Lionel Briand
 
OOSE Unit 4 PPT.ppt
OOSE Unit 4 PPT.pptOOSE Unit 4 PPT.ppt
OOSE Unit 4 PPT.pptitadmin33
 
CHAPTER12.ppt
CHAPTER12.pptCHAPTER12.ppt
CHAPTER12.pptCharenReposposa
 
Adaptive13 test
Adaptive13 testAdaptive13 test
Adaptive13 testGeorg Püschel
 
Oose unit 4 ppt
Oose unit 4 pptOose unit 4 ppt
Oose unit 4 pptDr VISU P
 
Cs 1023 lec 3 architecture (week 1)
Cs 1023 lec 3 architecture (week 1)Cs 1023 lec 3 architecture (week 1)
Cs 1023 lec 3 architecture (week 1)stanbridge
 
Cs 1023 lec 3 architecture (week 1)
Cs 1023 lec 3 architecture (week 1)Cs 1023 lec 3 architecture (week 1)
Cs 1023 lec 3 architecture (week 1)stanbridge
 
Poster: Conservative Safety Monitors of Stochastic Dynamical Systems
Poster: Conservative Safety Monitors of Stochastic Dynamical SystemsPoster: Conservative Safety Monitors of Stochastic Dynamical Systems
Poster: Conservative Safety Monitors of Stochastic Dynamical SystemsIvan Ruchkin
 
Poster: How Safe Am I Given What I See? Calibrated Prediction of Safety Chanc...
Poster: How Safe Am I Given What I See? Calibrated Prediction of Safety Chanc...Poster: How Safe Am I Given What I See? Calibrated Prediction of Safety Chanc...
Poster: How Safe Am I Given What I See? Calibrated Prediction of Safety Chanc...Ivan Ruchkin
 

More Related Content

Similar to A Framework for Contract-Based Composition of CPS Analyses

IncQuery Group's presentation for the INCOSE Polish Chapter 20220310
IncQuery Group's presentation for the INCOSE Polish Chapter 20220310IncQuery Group's presentation for the INCOSE Polish Chapter 20220310
IncQuery Group's presentation for the INCOSE Polish Chapter 20220310IncQuery Labs
 
Studying Software Engineering Patterns for Designing Machine Learning Systems
Studying Software Engineering Patterns for Designing Machine Learning SystemsStudying Software Engineering Patterns for Designing Machine Learning Systems
Studying Software Engineering Patterns for Designing Machine Learning SystemsHironori Washizaki
 
Data Integration Solutions Created By Koneksys
Data Integration Solutions Created By KoneksysData Integration Solutions Created By Koneksys
Data Integration Solutions Created By KoneksysKoneksys
 
Towards Design-space Exploration of Component Chains in Vehicle Software
Towards Design-space Exploration of Component Chains in Vehicle SoftwareTowards Design-space Exploration of Component Chains in Vehicle Software
Towards Design-space Exploration of Component Chains in Vehicle SoftwareAlessio Bucaioni
 
From Model-based to Model and Simulation-based Systems Architectures
From Model-based to Model and Simulation-based Systems ArchitecturesFrom Model-based to Model and Simulation-based Systems Architectures
From Model-based to Model and Simulation-based Systems ArchitecturesObeo
 
Security Patterns: Research Direction, Metamodel, Application and Verification
Security Patterns: Research Direction, Metamodel, Application and VerificationSecurity Patterns: Research Direction, Metamodel, Application and Verification
Security Patterns: Research Direction, Metamodel, Application and VerificationHironori Washizaki
 
Fast and effective analysis of architecture diagrams
Fast and effective analysis of architecture diagrams Fast and effective analysis of architecture diagrams
Fast and effective analysis of architecture diagrams GlobalLogic Ukraine
 
Glasswall Wardley Maps & Services
Glasswall Wardley Maps & ServicesGlasswall Wardley Maps & Services
Glasswall Wardley Maps & ServicesSteve Purkis
 
Making Model-Driven Verification Practical and Scalable: Experiences and Less...
Making Model-Driven Verification Practical and Scalable: Experiences and Less...Making Model-Driven Verification Practical and Scalable: Experiences and Less...
Making Model-Driven Verification Practical and Scalable: Experiences and Less...Lionel Briand
 
Technical Practices for Agile Engineering - PNSQC 2019
Technical Practices for Agile Engineering - PNSQC 2019Technical Practices for Agile Engineering - PNSQC 2019
Technical Practices for Agile Engineering - PNSQC 2019Moss Drake
 
Serverless machine learning architectures at Helixa
Serverless machine learning architectures at HelixaServerless machine learning architectures at Helixa
Serverless machine learning architectures at HelixaData Science Milan
 
The secret life of rules in Software Engineering
The secret life of rules in Software EngineeringThe secret life of rules in Software Engineering
The secret life of rules in Software EngineeringJordi Cabot
 
Software Engineering Research: Leading a Double-Agent Life.
Software Engineering Research: Leading a Double-Agent Life.Software Engineering Research: Leading a Double-Agent Life.
Software Engineering Research: Leading a Double-Agent Life.Lionel Briand
 
OOSE Unit 4 PPT.ppt
OOSE Unit 4 PPT.pptOOSE Unit 4 PPT.ppt
OOSE Unit 4 PPT.pptitadmin33
 
Oose unit 4 ppt
Oose unit 4 pptOose unit 4 ppt
Oose unit 4 pptDr VISU P
 
Cs 1023 lec 3 architecture (week 1)
Cs 1023 lec 3 architecture (week 1)Cs 1023 lec 3 architecture (week 1)
Cs 1023 lec 3 architecture (week 1)stanbridge
 
Cs 1023 lec 3 architecture (week 1)
Cs 1023 lec 3 architecture (week 1)Cs 1023 lec 3 architecture (week 1)
Cs 1023 lec 3 architecture (week 1)stanbridge
 

Similar to A Framework for Contract-Based Composition of CPS Analyses (20)

Chapter 08
Chapter 08Chapter 08
Chapter 08
 
IncQuery Group's presentation for the INCOSE Polish Chapter 20220310
IncQuery Group's presentation for the INCOSE Polish Chapter 20220310IncQuery Group's presentation for the INCOSE Polish Chapter 20220310
IncQuery Group's presentation for the INCOSE Polish Chapter 20220310
 
Studying Software Engineering Patterns for Designing Machine Learning Systems
Studying Software Engineering Patterns for Designing Machine Learning SystemsStudying Software Engineering Patterns for Designing Machine Learning Systems
Studying Software Engineering Patterns for Designing Machine Learning Systems
 
Data Integration Solutions Created By Koneksys
Data Integration Solutions Created By KoneksysData Integration Solutions Created By Koneksys
Data Integration Solutions Created By Koneksys
 
Towards Design-space Exploration of Component Chains in Vehicle Software
Towards Design-space Exploration of Component Chains in Vehicle SoftwareTowards Design-space Exploration of Component Chains in Vehicle Software
Towards Design-space Exploration of Component Chains in Vehicle Software
 
From Model-based to Model and Simulation-based Systems Architectures
From Model-based to Model and Simulation-based Systems ArchitecturesFrom Model-based to Model and Simulation-based Systems Architectures
From Model-based to Model and Simulation-based Systems Architectures
 
Security Patterns: Research Direction, Metamodel, Application and Verification
Security Patterns: Research Direction, Metamodel, Application and VerificationSecurity Patterns: Research Direction, Metamodel, Application and Verification
Security Patterns: Research Direction, Metamodel, Application and Verification
 
Fast and effective analysis of architecture diagrams
Fast and effective analysis of architecture diagrams Fast and effective analysis of architecture diagrams
Fast and effective analysis of architecture diagrams
 
Glasswall Wardley Maps & Services
Glasswall Wardley Maps & ServicesGlasswall Wardley Maps & Services
Glasswall Wardley Maps & Services
 
Making Model-Driven Verification Practical and Scalable: Experiences and Less...
Making Model-Driven Verification Practical and Scalable: Experiences and Less...Making Model-Driven Verification Practical and Scalable: Experiences and Less...
Making Model-Driven Verification Practical and Scalable: Experiences and Less...
 
Technical Practices for Agile Engineering - PNSQC 2019
Technical Practices for Agile Engineering - PNSQC 2019Technical Practices for Agile Engineering - PNSQC 2019
Technical Practices for Agile Engineering - PNSQC 2019
 
Serverless machine learning architectures at Helixa
Serverless machine learning architectures at HelixaServerless machine learning architectures at Helixa
Serverless machine learning architectures at Helixa
 
The secret life of rules in Software Engineering
The secret life of rules in Software EngineeringThe secret life of rules in Software Engineering
The secret life of rules in Software Engineering
 
Software Engineering Research: Leading a Double-Agent Life.
Software Engineering Research: Leading a Double-Agent Life.Software Engineering Research: Leading a Double-Agent Life.
Software Engineering Research: Leading a Double-Agent Life.
 
OOSE Unit 4 PPT.ppt
OOSE Unit 4 PPT.pptOOSE Unit 4 PPT.ppt
OOSE Unit 4 PPT.ppt
 
CHAPTER12.ppt
CHAPTER12.pptCHAPTER12.ppt
CHAPTER12.ppt
 
Adaptive13 test
Adaptive13 testAdaptive13 test
Adaptive13 test
 
Oose unit 4 ppt
Oose unit 4 pptOose unit 4 ppt
Oose unit 4 ppt
 
Cs 1023 lec 3 architecture (week 1)
Cs 1023 lec 3 architecture (week 1)Cs 1023 lec 3 architecture (week 1)
Cs 1023 lec 3 architecture (week 1)
 
Cs 1023 lec 3 architecture (week 1)
Cs 1023 lec 3 architecture (week 1)Cs 1023 lec 3 architecture (week 1)
Cs 1023 lec 3 architecture (week 1)
 

More from Ivan Ruchkin

Poster: Conservative Safety Monitors of Stochastic Dynamical Systems
Poster: Conservative Safety Monitors of Stochastic Dynamical SystemsPoster: Conservative Safety Monitors of Stochastic Dynamical Systems
Poster: Conservative Safety Monitors of Stochastic Dynamical SystemsIvan Ruchkin
 
Poster: How Safe Am I Given What I See? Calibrated Prediction of Safety Chanc...
Poster: How Safe Am I Given What I See? Calibrated Prediction of Safety Chanc...Poster: How Safe Am I Given What I See? Calibrated Prediction of Safety Chanc...
Poster: How Safe Am I Given What I See? Calibrated Prediction of Safety Chanc...Ivan Ruchkin
 
Verify-then-Monitor: Calibration Guarantees for Safety Confidence
Verify-then-Monitor: Calibration Guarantees for Safety ConfidenceVerify-then-Monitor: Calibration Guarantees for Safety Confidence
Verify-then-Monitor: Calibration Guarantees for Safety ConfidenceIvan Ruchkin
 
Causal Repair of Learning-Enabled Cyber-physical Systems
Causal Repair of Learning-Enabled Cyber-physical SystemsCausal Repair of Learning-Enabled Cyber-physical Systems
Causal Repair of Learning-Enabled Cyber-physical SystemsIvan Ruchkin
 
Conservative Safety Monitors of Stochastic Dynamical Systems
Conservative Safety Monitors of Stochastic Dynamical SystemsConservative Safety Monitors of Stochastic Dynamical Systems
Conservative Safety Monitors of Stochastic Dynamical SystemsIvan Ruchkin
 
Confidence Composition for Monitors of Verification Assumptions
Confidence Composition for Monitors of Verification AssumptionsConfidence Composition for Monitors of Verification Assumptions
Confidence Composition for Monitors of Verification AssumptionsIvan Ruchkin
 
Overcoming Heterogeneity in Autonomous Cyber-Physical Systems
Overcoming Heterogeneity in Autonomous Cyber-Physical SystemsOvercoming Heterogeneity in Autonomous Cyber-Physical Systems
Overcoming Heterogeneity in Autonomous Cyber-Physical SystemsIvan Ruchkin
 
High-Confidence Data Programming for Evaluating Suppression of Physiological ...
High-Confidence Data Programming for Evaluating Suppression of Physiological ...High-Confidence Data Programming for Evaluating Suppression of Physiological ...
High-Confidence Data Programming for Evaluating Suppression of Physiological ...Ivan Ruchkin
 
Data Generation with PROSPECT: a Probability Specification Tool
Data Generation with PROSPECT: a Probability Specification ToolData Generation with PROSPECT: a Probability Specification Tool
Data Generation with PROSPECT: a Probability Specification ToolIvan Ruchkin
 
Confidence Monitoring and Composition for Dynamic Assurance of Learning-Enabl...
Confidence Monitoring and Composition for Dynamic Assurance of Learning-Enabl...Confidence Monitoring and Composition for Dynamic Assurance of Learning-Enabl...
Confidence Monitoring and Composition for Dynamic Assurance of Learning-Enabl...Ivan Ruchkin
 
Confidence Composition (CoCo) for Dynamic Assurance of Learning-Enabled Auton...
Confidence Composition (CoCo) for Dynamic Assurance of Learning-Enabled Auton...Confidence Composition (CoCo) for Dynamic Assurance of Learning-Enabled Auton...
Confidence Composition (CoCo) for Dynamic Assurance of Learning-Enabled Auton...Ivan Ruchkin
 
Confidence Monitoring and Composition for Dynamic Assurance of Learning-Enabl...
Confidence Monitoring and Composition for Dynamic Assurance of Learning-Enabl...Confidence Monitoring and Composition for Dynamic Assurance of Learning-Enabl...
Confidence Monitoring and Composition for Dynamic Assurance of Learning-Enabl...Ivan Ruchkin
 
On the Role of Assumptions in Engineering Smart Systems
On the Role of Assumptions in Engineering Smart SystemsOn the Role of Assumptions in Engineering Smart Systems
On the Role of Assumptions in Engineering Smart SystemsIvan Ruchkin
 
Compositional Probabilistic Analysis of Temporal Properties over Stochastic D...
Compositional Probabilistic Analysis of Temporal Properties over Stochastic D...Compositional Probabilistic Analysis of Temporal Properties over Stochastic D...
Compositional Probabilistic Analysis of Temporal Properties over Stochastic D...Ivan Ruchkin
 
Overview of Epidemic Models for COVID-19
Overview of Epidemic Models for COVID-19Overview of Epidemic Models for COVID-19
Overview of Epidemic Models for COVID-19Ivan Ruchkin
 
Thesis Defense: Integration of Modeling Methods for Cyber-Physical Systems
Thesis Defense: Integration of Modeling Methods for Cyber-Physical SystemsThesis Defense: Integration of Modeling Methods for Cyber-Physical Systems
Thesis Defense: Integration of Modeling Methods for Cyber-Physical SystemsIvan Ruchkin
 
Towards a Formal Framework for Hybrid Planning in Self-Adaptation
Towards a Formal Framework for Hybrid Planning in Self-AdaptationTowards a Formal Framework for Hybrid Planning in Self-Adaptation
Towards a Formal Framework for Hybrid Planning in Self-AdaptationIvan Ruchkin
 
IPL: An Integration Property Language for Multi-Model Cyber-Physical Systems
IPL: An Integration Property Language for Multi-Model Cyber-Physical SystemsIPL: An Integration Property Language for Multi-Model Cyber-Physical Systems
IPL: An Integration Property Language for Multi-Model Cyber-Physical SystemsIvan Ruchkin
 
Inconsistencies in Models of Adaptive Service Robots
Inconsistencies in Models of Adaptive Service RobotsInconsistencies in Models of Adaptive Service Robots
Inconsistencies in Models of Adaptive Service RobotsIvan Ruchkin
 
Challenges in Physical Modeling for Adaptation of Cyber-Physical Systems
Challenges in Physical Modeling for Adaptation of Cyber-Physical SystemsChallenges in Physical Modeling for Adaptation of Cyber-Physical Systems
Challenges in Physical Modeling for Adaptation of Cyber-Physical SystemsIvan Ruchkin
 

More from Ivan Ruchkin (20)

Poster: Conservative Safety Monitors of Stochastic Dynamical Systems
Poster: Conservative Safety Monitors of Stochastic Dynamical SystemsPoster: Conservative Safety Monitors of Stochastic Dynamical Systems
Poster: Conservative Safety Monitors of Stochastic Dynamical Systems
 
Poster: How Safe Am I Given What I See? Calibrated Prediction of Safety Chanc...
Poster: How Safe Am I Given What I See? Calibrated Prediction of Safety Chanc...Poster: How Safe Am I Given What I See? Calibrated Prediction of Safety Chanc...
Poster: How Safe Am I Given What I See? Calibrated Prediction of Safety Chanc...
 
Verify-then-Monitor: Calibration Guarantees for Safety Confidence
Verify-then-Monitor: Calibration Guarantees for Safety ConfidenceVerify-then-Monitor: Calibration Guarantees for Safety Confidence
Verify-then-Monitor: Calibration Guarantees for Safety Confidence
 
Causal Repair of Learning-Enabled Cyber-physical Systems
Causal Repair of Learning-Enabled Cyber-physical SystemsCausal Repair of Learning-Enabled Cyber-physical Systems
Causal Repair of Learning-Enabled Cyber-physical Systems
 
Conservative Safety Monitors of Stochastic Dynamical Systems
Conservative Safety Monitors of Stochastic Dynamical SystemsConservative Safety Monitors of Stochastic Dynamical Systems
Conservative Safety Monitors of Stochastic Dynamical Systems
 
Confidence Composition for Monitors of Verification Assumptions
Confidence Composition for Monitors of Verification AssumptionsConfidence Composition for Monitors of Verification Assumptions
Confidence Composition for Monitors of Verification Assumptions
 
Overcoming Heterogeneity in Autonomous Cyber-Physical Systems
Overcoming Heterogeneity in Autonomous Cyber-Physical SystemsOvercoming Heterogeneity in Autonomous Cyber-Physical Systems
Overcoming Heterogeneity in Autonomous Cyber-Physical Systems
 
High-Confidence Data Programming for Evaluating Suppression of Physiological ...
High-Confidence Data Programming for Evaluating Suppression of Physiological ...High-Confidence Data Programming for Evaluating Suppression of Physiological ...
High-Confidence Data Programming for Evaluating Suppression of Physiological ...
 
Data Generation with PROSPECT: a Probability Specification Tool
Data Generation with PROSPECT: a Probability Specification ToolData Generation with PROSPECT: a Probability Specification Tool
Data Generation with PROSPECT: a Probability Specification Tool
 
Confidence Monitoring and Composition for Dynamic Assurance of Learning-Enabl...
Confidence Monitoring and Composition for Dynamic Assurance of Learning-Enabl...Confidence Monitoring and Composition for Dynamic Assurance of Learning-Enabl...
Confidence Monitoring and Composition for Dynamic Assurance of Learning-Enabl...
 
Confidence Composition (CoCo) for Dynamic Assurance of Learning-Enabled Auton...
Confidence Composition (CoCo) for Dynamic Assurance of Learning-Enabled Auton...Confidence Composition (CoCo) for Dynamic Assurance of Learning-Enabled Auton...
Confidence Composition (CoCo) for Dynamic Assurance of Learning-Enabled Auton...
 
Confidence Monitoring and Composition for Dynamic Assurance of Learning-Enabl...
Confidence Monitoring and Composition for Dynamic Assurance of Learning-Enabl...Confidence Monitoring and Composition for Dynamic Assurance of Learning-Enabl...
Confidence Monitoring and Composition for Dynamic Assurance of Learning-Enabl...
 
On the Role of Assumptions in Engineering Smart Systems
On the Role of Assumptions in Engineering Smart SystemsOn the Role of Assumptions in Engineering Smart Systems
On the Role of Assumptions in Engineering Smart Systems
 
Compositional Probabilistic Analysis of Temporal Properties over Stochastic D...
Compositional Probabilistic Analysis of Temporal Properties over Stochastic D...Compositional Probabilistic Analysis of Temporal Properties over Stochastic D...
Compositional Probabilistic Analysis of Temporal Properties over Stochastic D...
 
Overview of Epidemic Models for COVID-19
Overview of Epidemic Models for COVID-19Overview of Epidemic Models for COVID-19
Overview of Epidemic Models for COVID-19
 
Thesis Defense: Integration of Modeling Methods for Cyber-Physical Systems
Thesis Defense: Integration of Modeling Methods for Cyber-Physical SystemsThesis Defense: Integration of Modeling Methods for Cyber-Physical Systems
Thesis Defense: Integration of Modeling Methods for Cyber-Physical Systems
 
Towards a Formal Framework for Hybrid Planning in Self-Adaptation
Towards a Formal Framework for Hybrid Planning in Self-AdaptationTowards a Formal Framework for Hybrid Planning in Self-Adaptation
Towards a Formal Framework for Hybrid Planning in Self-Adaptation
 
IPL: An Integration Property Language for Multi-Model Cyber-Physical Systems
IPL: An Integration Property Language for Multi-Model Cyber-Physical SystemsIPL: An Integration Property Language for Multi-Model Cyber-Physical Systems
IPL: An Integration Property Language for Multi-Model Cyber-Physical Systems
 
Inconsistencies in Models of Adaptive Service Robots
Inconsistencies in Models of Adaptive Service RobotsInconsistencies in Models of Adaptive Service Robots
Inconsistencies in Models of Adaptive Service Robots
 
Challenges in Physical Modeling for Adaptation of Cyber-Physical Systems
Challenges in Physical Modeling for Adaptation of Cyber-Physical SystemsChallenges in Physical Modeling for Adaptation of Cyber-Physical Systems
Challenges in Physical Modeling for Adaptation of Cyber-Physical Systems
 

Recently uploaded

A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 

Recently uploaded (20)

A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 

A Framework for Contract-Based Composition of CPS Analyses

  • 1. A Framework for Contract-Based Composition of CPS Analyses Ivan Ruchkin In collaboration the SEI: Sagar Chaki, Dionisio De Niz, and Mark Klein. ISR Software Seminar October 14, 2013
  • 2. Outline ● Composition of architectural analyses – – ● SEI modeling ecosystem Composition problem Framework for contract-based analysis composition – Analysis contracts – Design – Future work 2
  • 3. Outline ● Composition of architectural analyses – – ● SEI modeling ecosystem Composition problem Framework for contract-based analysis composition – Analysis contracts – Design – Future work 3
  • 4. CPS Modeling Ecosystem ? Hybrid model Deadlock model ? ? Cyber-Physical System Physical model Control model 4
  • 5. AADL in One Slide ● ADL for avionics, embedded, and real-time systems. – ● Fixed architectural style. Modularity: – – ● Types and instances. Interfaces and implementations. Annexes – Language extensions for analyses. 5
  • 6. SEI Modeling Ecosystem Security analysis Frequency scaling analysis Frequency scaling model Security model AADL system model Error analysis 1 Error analysis 2 Scheduling analysis Error behavior model Scheduling model 6
  • 7. Example: Security Analysis ● ● Goal: determine which threads can be collocated on the same processor Security model: – – ● Analysis interface: – – ● a data type “security class,” a thread type with a security class field. Inputs: processes, threads, and thread security levels. Outputs: description of which threads cannot be collocated. Security analysis Analysis body: the algorithm of transforming inputs into outputs. 7
  • 8. SEI Development Ecosystem Security analysis Frequency scaling analysis Frequency scaling model Security model ? AADL system model Error analysis 1 Error analysis 2 Scheduling analysis Error behavior model Scheduling model 8
  • 9. Analysis Composition Problem ● Analyses have semantic interdependencies – how to not violate them? – ● E.g., scheduling needs collocation restrictions Analyses rely on each other to work correctly – how to ensure correct composition? – E.g., frequency scaling relies on correct scheduling Security analysis Scheduling analysis Frequency scaling analysis 9
  • 10. Related Work ● Software verification – ● OCL for UML & SysML – ● Does not allow verification of assumptions Equation-based OO (Modelica) – ● Does not address architectural analyses Signal-flow equations, not discrete behavior Other toolkits (VEST, …) – Do not allow separation of models and analyses 10
  • 11. Outline ● Composition of architectural analyses – – ● SEI modeling ecosystem Composition problem Framework for contract-based analysis composition – Analysis contracts – Design – Future work 11
  • 12. A Framework for Contract-Based Analysis Composition a.k.a. virtual integration for open runtime analytic models ● Framework to specify the dependencies and assumptions of analyses ● Relies on analysis contracts ● Builds on top of the AADL design environment ● Uses third party tools to perform analyses 12
  • 13. Analysis Contracts ● ● ● ● Inputs: what parts of the model the analysis accesses. Output: what parts of the model the analysis updates. Assumptions: what has to true about the model for the analysis to be applicable. Guarantees: what does the analysis guarantee about the model after its execution. M.-Y. Nam, D. de Niz, L. Wrage, and L. Sha, “Resource allocation contracts for open analytic runtime models,”, 2011. 13
  • 14. Example of Analyses ● Security (confidentiality) analysis – ● Bin packing (real-time allocation) analysis – ● Allocate processes to processors. Frequency scaling (power efficiency) analysis – ● Based on security levels of threads, determine which threads can be collocated on one processor. Minimize the processor frequency to meet the task deadlines. Model checking (safety) analysis – Assuming the threads are scheduled correctly, check if the system is safe. 14
  • 15. Example of Analyses: Dependency Graph In: processes allocated to processors Out: processor frequencies Frequency scaling In: threads with collocation info, processes, and processors Out: allocation to processors In: processes and threads with security classes Out: collocation info In: processes allocated to processors Out: deadlock safety Model checking Bin packing Security analysis Execution order 15
  • 16. Example of Analyses: assumptions and guarantees Pre: no preemption for shorter deadlines Post: true Frequency scaling Pre: not collocated with what is prohibited Post: true Pre: true Post: not collocated with what is prohibited Pre: deadlines are equal to periods Post: true Model checking Bin packing Security analysis Execution order 16
  • 17. Contracts Verification Use Cases ● Model-specific: – ● Applicability check: assumptions and guarantees satisfied by a concrete model. Model-independent: – – – Feasibility check: intersection of all assumptions and guarantees should satisfiable. Implication check: guarantees might imply the assumptions. Variant replacement: replacing analysis variants in existing graphs requires weaker assumptions and stronger guarantees. 17
  • 18. Framework Design OSATE Eclipse Analyses contracts and source Graph Constructor Z3 Logical compiler Spin … Concrete model source Graph of analyses DB assumption checker Analysis executor DB Constructor Model DB (SQL) 18 Data flow
  • 19. Future Work ● Theory: – – ● Verifying formulas in different logics: FOPL & LTL Looking for patterns in formulas Application: – Include other analyses, e.g., error behavior analysis – Include other verification engines: UPPAAL, Alloy 19
  • 20. Summary ● ● ● CPS modeling requires analysis composition support. Analysis contracts capture semantic dependencies between analyses. The analysis composition framework allows to create and verify AADL analyses. 20
  • 21. References ● ● M.-Y. Nam, D. de Niz, L. Wrage, and L. Sha, “Resource allocation contracts for open analytic runtime models,” in Proc. of the 9th ACM international conference on Embedded software, 2011. M.-Y. Nam, D. de Niz, L. Wrage, and L. Sha, "Open Analytic Runtime Models," in Proc. of the Workshop on Architectures for CPS, 2011. 21

Editor's Notes

  1. Sequences of analysesHow to ensure they plug well together – what is it is in next slide.
  2. Support for analysis writers: detect dependencies and verify contracts.Support for model engineers: sequentialize analyses and check applicability.
  3. Allows to do: Control sequence of executionCheck if assumptions are metCheck if an analysis is correctly implemented via checking guarantees
  4. Mention extension points