A Compositional Interchange Format for Hybrid Systems: Design and Implementation

The design of large industrial controlled systems is a difficult task, which calls for a modelbased design approach. For this, different formalisms exist. Each of these formalisms addresses a specific set of problems, and has its own set of features. Moreover, several formalisms and tools are used in each stage of the system development. As a consequence, there is a conspicuous need for integrated tool support for the design of large complex controlled systems, from the first concept to the implementation, and further on, over their entire life cycle. The Compositional Interchange Format (CIF) has been developed during this research to serve as an interchange format between different formalisms. CIF is an automata-based formalism, that allows to model and simulate hybrid systems. The language incorporates process algebraic operations, and has a formal semantics, based on the Structured Operational Semantics (SOS) framework. The semantics is shown to be compositional and we have proven that it preserves important algebraic properties, which express our intuition about the behavior of the language operators. CIF was extended with hierarchy (HCIF), to support the development of systems through stepwise refinement. The semantics of HCIF is given by means of SOS rules, and is defined in a compositional manner, by referring only to the transition system of the substructures, and not to their syntactic representation. This compositional introduction of hierarchy allows us to keep the semantics of the HCIF operators almost unchanged with respect to the CIF original semantics. A case-study on a patient support system is modeled in HCIF to show its applicability. Based on the formal description of CIF, we developed a simulator that conforms to the language semantics. We use the SOS specification of the language to obtain a new set of socalled symbolic rules. These rules contain the predicates that are required during simulation to compute time delays, and action updates. In this way, we present a rigorous method, which given the semantic specification of a complex language, allows us to obtain a simulator for models written in that language. We defined a linearization process for CIF terms, to allow the elimination of operators that are not natively supported in other languages, and to facilitate tool reuse. The linearization algorithm is obtained through a stepwise refinement of the original CIF SOS rules. As a result, we show how the semantic specification of the language can guide the implementation of such a procedure, yielding a simple proof of correctness. To enable the verification of timed CIF models, we formalized and proved a semanticpreserving transformation from CIF to Uppaal. Finally, the tools we developed were used in a complex case-study: the design of a controller for a miniature pipeless plant. In this way we show the applicability, as a proof of concept, of the toolchain developed in the FP7-MULTIFORM project. This toolchain involves controller synthesis, verification, and hybrid-systems simulation. In this thesis we show how formal semantics can be used not only for specifying mathematically a language, but also for developing tools and model transformations for it. However, working with such a degree of formalization requires the development of tool support for assisting this process. Otherwise the process is not maintainable nor scalable. In hindsight it is clear now that besides the mathematical correctness, the modeling convenience of a modeling formalism is crucial for its adoption. However in this thesis the effort was put mostly in the former aspect.

[1]  David Harel,et al.  Statecharts: A Visual Formalism for Complex Systems , 1987, Sci. Comput. Program..

[2]  Gordon D. Plotkin,et al.  A structural approach to operational semantics , 2004, J. Log. Algebraic Methods Program..

[3]  M. J. de Mol,et al.  Reasoning about functional programs : Sparkle, a proof assistant for Clean , 2009 .

[4]  A. J. Markvoort Towards hybrid molecular simulations , 2006 .

[5]  Gürcan Gülesir,et al.  Evolvable Behavior Specifications Using Context-Sensitive Wildcards , 2008 .

[6]  Stephanie Kemper,et al.  Modelling and analysis of real-time coordination patterns , 2011 .

[7]  Adriaan Middelkoop,et al.  Inference of Program Properties with Attribute Grammars, Revisited , 2012 .

[8]  Martin Hüfner,et al.  A transformation framework for the compositional interchange format for hybrid systems , 2011 .

[9]  EM Elena Bortnik,et al.  Formal methods in support of SMC design , 2008 .

[10]  Laura Brandán Briones,et al.  Theories for Model-based Testing: Real-time and Coverage , 2007 .

[11]  Tae-Eog Lee,et al.  Automata-based supervisory control logic design for a multi-robot assembly cell , 2002, Int. J. Comput. Integr. Manuf..

[12]  Aad Mathssen,et al.  Logical Calculi for Reasoning with Binding , 2008 .

[13]  Goran Frehse,et al.  PHAVer: algorithmic verification of hybrid systems past HyTech , 2005, International Journal on Software Tools for Technology Transfer.

[14]  Pieter J. Mosterman,et al.  Constitutive Hybrid Processes: a Process-Algebraic Semantics for Hybrid Bond Graphs , 2008, Simul..

[15]  J. Endrullis Termination and Productivity , 2010 .

[16]  Ka Lok Man,et al.  Formal specification and analysis of hybrid systems , 2006 .

[17]  J. Kwisthout,et al.  The Computational Complexity of Probabilistic Networks , 2009 .

[18]  de Hayco Jong Flexible heterogeneous software systems , 2007 .

[19]  Marcel Verhoef,et al.  Modeling and validating distributed embedded real-time control systems , 2009 .

[20]  Michel A. Reniers,et al.  Linearization of CIF Through SOS , 2011, EXPRESS.

[21]  J. Ketema,et al.  Bohm-Like Trees for Rewriting , 2006 .

[22]  Cfj Christian Lange,et al.  Assessing and improving the quality of modeling : a series of empirical studies about the UML , 2007 .

[23]  Jasen Markovski,et al.  Reconciling Urgency and Variable Abstraction in a Hybrid Compositional Setting , 2010, FORMATS.

[24]  Harsh Beohar,et al.  Hierarchical states in the Compositional Interchange Format , 2010, SOS.

[25]  Bas Basten,et al.  Ambiguity Detection for Programming Language Grammars , 2011 .

[26]  Ncwm Niels Braspenning Model-based integration and testing of high-tech multi-disciplinary systems , 2008 .

[27]  Martin Bravenboer,et al.  Exercises in Free Syntax. Syntax Definition, Parsing, and Assimilation of Language Conglomerates , 2003 .

[28]  Flavio D. Garcia Formal and Computational Cryptography: Protocols, Hashes and Commitments , 2008 .

[29]  Peter Fritzson,et al.  GENERATING A MODELICA COMPILER FROM NATURAL SEMANTICS SPECIFICATIONS , 1998 .

[30]  K. Tsirogiannis,et al.  Analysis of flow and visibility on triangulated terrains , 2011 .

[31]  J. van den Berg,et al.  Reasoning about Java programs in PVS using JML , 2009 .

[32]  Lennart C. L. Kats,et al.  Building Blocks for Language Workbenches , 2011 .

[33]  Peter Linz,et al.  An Introduction to Formal Languages and Automata , 1997 .

[34]  Arjen van Weelden,et al.  Putting Types To Good Use , 2007 .

[35]  Pieter J. Mosterman,et al.  An Overview of Hybrid Simulation Phenomena and Their Support by Simulation Packages , 1999, HSCC.

[36]  Ling Cheung,et al.  Reconciling nondeterministic and probabilistic choices , 2006 .

[37]  Eu-Jin Goh,et al.  Searching on Encrypted Data , 2003 .

[38]  RH Rudolf Mak,et al.  Design and performance analysis of data-independent stream processing systems , 2008 .

[39]  D. A. van Beek,et al.  A semantic-preserving transformation from the compositional interchange format to UPPAAL , 2011 .

[40]  van Jan Schuppen Control for coordination of distributed systems , 2008 .

[41]  Michel A. Reniers,et al.  Lost in Translation: Hybrid-Time Flows vs. Real-Time Transitions , 2008, HSCC.

[42]  van Mf Marcel Amstel,et al.  Assessing and improving the quality of model transformations , 2012 .

[43]  E Elena Mumford,et al.  Drawing graphs for cartographic applications , 2008 .

[44]  Jasen Markovski,et al.  Real and stochastic time in process algebras for performance evaluation , 2008 .

[45]  Michael W. Shields Hybrid Transition Systems , 1997 .

[46]  Marcin Czenko,et al.  TuLiP : reshaping trust management , 2009 .

[47]  Trajce Dimkov,et al.  Alignment of organizational security policies: Theory and Practice , 2012 .

[48]  Farhad Arbab,et al.  Model Checking of Component Connectors , 2007, 31st Annual International Computer Software and Applications Conference (COMPSAC 2007).

[49]  Michel A. Reniers,et al.  Linearization of hybrid processes , 2006, J. Log. Algebraic Methods Program..

[50]  M. T. de Berg,et al.  Algorithms for Fat Objects: Decompositions and Applications , 2004 .

[51]  Christian Sonntag,et al.  Translating Sequential Function Charts to the Compositional Interchange Format for hybrid systems , 2010, 49th IEEE Conference on Decision and Control (CDC).

[52]  Ka Lok Man,et al.  Syntax and consistent equation semantics of hybrid Chi , 2006, J. Log. Algebraic Methods Program..

[53]  Frank Budinsky,et al.  Eclipse Modeling Framework , 2003 .

[54]  Miguel E. Andrés,et al.  Quantitative Analysis of Information Leakage in Probabilistic and Nondeterministic Systems , 2011, ArXiv.

[55]  Magiel Bruntink,et al.  Renovation of idiomatic crosscutting concerns in embedded systems , 2005 .

[56]  Zef Hemel Methods and Techniques for the Design and Implementation of Domain-Specific Languages , 2012 .

[57]  Michel A. Reniers,et al.  Hybrid process algebra , 2005, J. Log. Algebraic Methods Program..

[58]  van Pja Paul Tilburg From computability to executability : a process-theoretic view on automata theory , 2011 .

[59]  G Giovanni Russello,et al.  Separation and adaptation of concerns in a shared data space , 2006 .

[60]  Bart De Schutter,et al.  Equivalence of hybrid dynamical models , 2001, Autom..

[61]  T. van der Storm Component-based configuration, integration and delivery , 2003 .

[62]  Ali Mesbah,et al.  Analysis and Testing of Ajax-based Single-page Web Applications , 2009 .

[63]  Peter Claussen Theories of programming languages , 2000, SOEN.

[64]  D. A. van Beek,et al.  Syntax and formal semantics of Chi 2.0 , 2008 .

[65]  Ivan S. Zapreev Model checking Markov chains : techniques and tools , 2008 .

[66]  Dipl.-Inform. Karl-Heinz John,et al.  IEC 61131-3: Programming Industrial Automation Systems , 2001, Springer Berlin Heidelberg.

[67]  Matthew Hennessy,et al.  Symbolic Bisimulations , 1995, Theor. Comput. Sci..

[68]  Walter Murray Wonham,et al.  Nonblocking supervisory control of state tree structures , 2005, IEEE Transactions on Automatic Control.

[69]  Nancy A. Lynch,et al.  Hybrid I/O Automata Revisited , 2001, HSCC.

[70]  Ramon R. H. Schiffelers,et al.  New Concepts in the Abstract Format of the Compositional Interchange Format , 2009, ADHS.

[71]  J. M. van de Mortel-Fronczak,et al.  Verification of timed chi models using uppaal , 2005, ICINCO.

[72]  Jan Friso Groote,et al.  Notions of bisimulation and congruence formats for SOS with data , 2005, Inf. Comput..

[73]  D. Graaf,et al.  Mining semi-structured data, theoretical and experimental aspects of pattern evaluation , 2008 .

[74]  Jasen Markovski,et al.  Coordination of resources using generalized state-based requirements , 2010, WODES.

[75]  Young-Joo Moon,et al.  Stochastic models for quality of service of component connectors , 2011 .

[76]  D. A. van Beek,et al.  Model-Based Engineering of Supervisory Controllers using CIF , 2009 .

[77]  Rodolfo Gómez A Compositional Translation of Timed Automata with Deadlines to Uppaal Timed Automata , 2009, FORMATS.

[78]  John M. Rushby,et al.  An operational semantics for Stateflow , 2004, International Journal on Software Tools for Technology Transfer.

[79]  M. A. Akanbi,et al.  Numerical solution of initial value problems in differential - algebraic equations , 2005 .

[80]  Jana Kosecka,et al.  Control of Discrete Event Systems , 1992 .

[81]  Hugo Jonker,et al.  Security matters : privacy in voting and fairness in digital exchange , 2009 .

[82]  Marius Adrian Marin,et al.  An Integrated System to Manage Crosscutting Concerns in Source Code , 2008 .

[83]  Frank Budinsky,et al.  EMF: Eclipse Modeling Framework 2.0 , 2009 .

[84]  Kab Kevin Verbeek Algorithms for cartographic visualization , 2012 .

[85]  A Adam Koprowski,et al.  Termination of rewriting and its certification , 2004 .

[86]  J. Lambert Numerical Methods for Ordinary Differential Equations , 1991 .

[87]  Jeroen Doumen,et al.  Searching in encrypted data , 2004 .

[88]  Joao Sousa,et al.  UAV and AUVs coordination for ocean exploration , 2009, OCEANS 2009-EUROPE.

[89]  Anton Wijs,et al.  What to do next? Analysing and optimising system behaviour in time , 2007 .

[90]  Joseph Sifakis,et al.  Modeling Heterogeneous Real-time Components in BIP , 2006, Fourth IEEE International Conference on Software Engineering and Formal Methods (SEFM'06).

[91]  Sebastián Uchitel,et al.  Synthesis of live behaviour models , 2010, FSE '10.

[92]  de Ism Ivo Jong Integration and test strategies for complex manufacturing machines , 2008 .

[93]  M. Oliver,et al.  Structure and Hierarchy in Real-Time Systems , 2002 .

[94]  Ramon R. H. Schiffelers,et al.  Supervisory control synthesis for a patient support system , 2009, 2009 European Control Conference (ECC).

[95]  Christian Sonntag,et al.  On the Connection of Equation- and Automata-based Languages: Transforming the Compositional Interchange Format to Modelica , 2011 .

[96]  Ileana Buhan,et al.  Cryptographic keys from noisy data, theory and applications , 2008 .

[97]  Pascal Durr,et al.  Resource-based Verification for Robust Composition of Aspects , 2008 .

[98]  Iris Loeb Natural Deduction, Sharing By Presentation , 2007 .

[99]  A. L. de Groot,et al.  Practical Automaton proofs in PVS , 2000 .

[100]  David Broman,et al.  Formal Semantics Based Translator Generation and Tool Development in Practice , 2009, 2009 Australian Software Engineering Conference.

[101]  R. Bakhshi Gossiping Models : Formal Analysis of Epidemic Protocols , 2011 .

[102]  Tim K. Cocx,et al.  Metrics and visualisation for crime analysis and genomics , 2005 .

[103]  Alberto Bemporad,et al.  An Equivalence Result between Linear Hybrid Automata and Piecewise Affine Systems , 2006, Proceedings of the 45th IEEE Conference on Decision and Control.

[104]  Tingting Han,et al.  Diagnosis, Synthesis and Analysis of Probabilistic Models , 2009, Ausgezeichnete Informatikdissertationen.

[105]  Mohammad Reza Mousavi,et al.  Structuring structural operational semantics , 2005 .

[106]  S. Lafortune Supervisory Control Of Discrete Event Systems , 2011 .

[107]  Vijay Kumar,et al.  Hierarchical modeling and analysis of embedded systems , 2003, Proc. IEEE.

[108]  Michel A. Reniers,et al.  Deriving a Simulator for a Hybrid Language Using SOS Rules , 2013 .

[109]  Jens R. Calamé,et al.  Testing reactive systems with data: enumerative methods and constraint solving , 2008 .

[110]  Ramon R. H. Schiffelers,et al.  Model-Based Engineering of Supervisory Controllers using CIF , 2009, Electron. Commun. Eur. Assoc. Softw. Sci. Technol..

[111]  Bastiaan Stephan Graaf,et al.  Model-Driven Evolution of Software Architectures , 2007, 11th European Conference on Software Maintenance and Reengineering (CSMR'07).

[112]  Harmen Kastenberg Graph-based software specification and verification , 2008 .

[113]  M. G. van der Horst,et al.  Scalable block processing algorithms , 2008 .

[114]  Dmitri Jarnikov,et al.  QoS framework for video streaming in home networks , 2007 .

[115]  van Da Bert Beek,et al.  Linearization of hybrid Chi using program counters , 2007 .

[116]  van Mpwj Michiel Osch Model-based testing of hybrid systems , 2007 .

[117]  Holger Hermanns,et al.  MODEST: A Compositional Modeling Formalism for Hard and Softly Timed Systems , 2006, IEEE Transactions on Software Engineering.

[118]  K. A. Meeusen Bachelor Final Project Application of supervisor synthesis to the design of Cruise Control , 2012 .

[119]  José Proença,et al.  Synchronous Coordination of Distributed Components , 2011 .

[120]  Ernesto Kofman,et al.  Discrete Event Simulation of Hybrid Systems , 2004, SIAM J. Sci. Comput..

[121]  D. A. van Beek,et al.  Concrete syntax and semantics of the compositional interchange format for hybrid systems , 2008 .

[122]  Thomas A. Henzinger,et al.  The Algorithmic Analysis of Hybrid Systems , 1995, Theor. Comput. Sci..

[123]  R. Boumen,et al.  Integration and test plans for complex manufacturing systems , 2007 .

[124]  Seyyed Hamed Hashemi,et al.  Studies on verification of wireless sensor networks and abstraction learning for system inference , 2008 .

[125]  Vijay Kumar,et al.  Accurate Event Detection for Simulating Hybrid Systems , 2001, HSCC.

[126]  M. D. Berg,et al.  Optimal Geometric Data Structures , 2007 .

[127]  Wang Yi,et al.  Uppaal in a nutshell , 1997, International Journal on Software Tools for Technology Transfer.

[128]  Alberto L. Sangiovanni-Vincentelli,et al.  Interchange Format for Hybrid Systems: Abstract Semantics , 2006, HSCC.

[129]  M. Torabi Dashti,et al.  Keeping Fairness Alive : Design and formal verification of optimistic fair exchange protocols , 2008 .

[130]  Taolue Chen Clocks, Dice and Processes , 2009 .

[131]  Mohammad Ali Abam New data structures and algorithms for mobile data , 2007 .

[132]  Jos C. M. Baeten,et al.  Process Algebra: Equational Theories of Communicating Processes , 2009 .

[133]  Alberto Sangiovanni-Vincentelli,et al.  Hybrid Control: Taming Heterogeneity and Complexity of Networked Embedded Systems , 2006 .

[134]  Holger Hermanns,et al.  MoDeST: A compositional modeling formalism for real-time and stochastic systems , 2004 .

[135]  Hendrik Michaël van der Bijl,et al.  On changing models in model-based testing , 2011 .

[136]  Mari Antonius Cornelis Dekker,et al.  Flexible Access Control for Dynamic Collaborative Environments , 2009 .

[137]  Sebastian Engell,et al.  An Intuitive and Efficient Approach to Process Scheduling with Sequence-Dependent Changeovers Using Timed Automata Models , 2011 .

[138]  Mohammad Mahdi Jaghoori,et al.  Time At Your Service: Schedulability Analysis of Real-Time and Distributed Services , 2010 .

[139]  Antoine Girard,et al.  SpaceEx: Scalable Verification of Hybrid Systems , 2011, CAV.

[140]  Robin Milner,et al.  An Algebraic Definition of Simulation Between Programs , 1971, IJCAI.

[141]  D. Costa Formal models for component connectors , 2010 .

[142]  Anton Wijs,et al.  Silent steps in transition systems and Markov chains , 2007 .

[143]  Dana S. Scott,et al.  Outline of a Mathematical Theory of Computation , 1970 .

[144]  Ichiro Hasuo,et al.  Tracing Anonymity with Coalgebras , 2008 .

[145]  Ramon R. H. Schiffelers,et al.  Foundations of a Compositional Interchange Format for Hybrid Systems , 2007, HSCC.

[146]  Saeed Sedghi,et al.  Towards Provably Secure Efficiently Searchable Encryption , 2012 .

[147]  Karina R. Olmos Joffré Strategies for Context Sensitive Program Transformation , 2009 .

[148]  Michael Tiegelkamp,et al.  IEC 61131-3: Programming Industrial Automation Systems , 2001, Springer Berlin Heidelberg.

[149]  Wang Yi,et al.  Timed Automata: Semantics, Algorithms and Tools , 2003, Lectures on Concurrency and Petri Nets.

[150]  Alessandro Sperduti,et al.  Mining Structured Data , 2010, IEEE Computational Intelligence Magazine.

[151]  Tim K. Cocx,et al.  Algorithmic tools for data-oriented law enforcement , 2009 .

[152]  Thomas A. Henzinger,et al.  The theory of hybrid automata , 1996, Proceedings 11th Annual IEEE Symposium on Logic in Computer Science.