Dependability Analysis of Control Systems using SystemC and Statistical Model Checking

Stochastic Petri nets are commonly used for modeling distributed systems in order to study their performance and dependability. This paper proposes a realization of stochastic Petri nets in SystemC for modeling large embedded control systems. Then statistical model checking is used to analyze the dependability of the constructed model. Our verification framework allows users to express a wide range of useful properties to be verified which is illustrated through a case study

Structuring and composability issues in Petri nets modeling

Along Petri nets' history, numerous approaches have been proposed that try to manage model size through the introduction of structuring mechanisms allowing hierarchical representations and model composability. This paper proposes a classification system for Petri nets' structuring mechanisms and discusses each one of them. These include node fusion, node vectors, high-level nets, and object-oriented inspired Petri nets extensions, among others. One running example is used emphasizing the application of the presented mechanisms to specific areas, namely to automation systems modeling, and software engineering, where object-oriented modeling plays a major role

Reliability models for dataflow computer systems

The demands for concurrent operation within a computer system and the representation of parallelism in programming languages have yielded a new form of program representation known as data flow (DENN 74, DENN 75, TREL 82a). A new model based on data flow principles for parallel computations and parallel computer systems is presented. Necessary conditions for liveness and deadlock freeness in data flow graphs are derived. The data flow graph is used as a model to represent asynchronous concurrent computer architectures including data flow computers

Formal Model Engineering for Embedded Systems Using Real-Time Maude

This paper motivates why Real-Time Maude should be well suited to provide a formal semantics and formal analysis capabilities to modeling languages for embedded systems. One can then use the code generation facilities of the tools for the modeling languages to automatically synthesize Real-Time Maude verification models from design models, enabling a formal model engineering process that combines the convenience of modeling using an informal but intuitive modeling language with formal verification. We give a brief overview six fairly different modeling formalisms for which Real-Time Maude has provided the formal semantics and (possibly) formal analysis. These models include behavioral subsets of the avionics modeling standard AADL, Ptolemy II discrete-event models, two EMF-based timed model transformation systems, and a modeling language for handset software.Comment: In Proceedings AMMSE 2011, arXiv:1106.596

Dynamic state reconciliation and model-based fault detection for chemical processes

In this paper, we present a method for the fault detection based on the residual generation. The main idea is to reconstruct the outputs of the system from the measurements using the extended Kalman filter. The estimations are compared to the values of the reference model and so, deviations are interpreted as possible faults. The reference model is simulated by the dynamic hybrid simulator, PrODHyS. The use of this method is illustrated through an application in the field of chemical processe

Modularity for Security-Sensitive Workflows

An established trend in software engineering insists on using components (sometimes also called services or packages) to encapsulate a set of related functionalities or data. By defining interfaces specifying what functionalities they provide or use, components can be combined with others to form more complex components. In this way, IT systems can be designed by mostly re-using existing components and developing new ones to provide new functionalities. In this paper, we introduce a notion of component and a combination mechanism for an important class of software artifacts, called security-sensitive workflows. These are business processes in which execution constraints on the tasks are complemented with authorization constraints (e.g., Separation of Duty) and authorization policies (constraining which users can execute which tasks). We show how well-known workflow execution patterns can be simulated by our combination mechanism and how authorization constraints can also be imposed across components. Then, we demonstrate the usefulness of our notion of component by showing (i) the scalability of a technique for the synthesis of run-time monitors for security-sensitive workflows and (ii) the design of a plug-in for the re-use of workflows and related run-time monitors inside an editor for security-sensitive workflows

Non-functional property analysis using UML2.0 and model transformations

Real-time embedded architectures consist of software and hardware parts. Meeting non-functional constraints (e.g., real-time constraints) greatly depends on the mappings from the system functionalities to software and hardware components. Thus, there is a strong demand for precise architecture and allocation modeling, amenable to performance analysis. The report proposes a model-driven approach for the assessment of the quality of allocations of the system functionalities to the architecture. We consider two technical domains: the UML domain for the definition of the model elements (for both description and analysis), and an analysis domain, external to UML, used for formal verification. This report defines three meta-models, one for each domain, and provides automated transformations within and between these domains. A special attention is then paid to temporal property analysis, based on a particular analysis model: the Modular and Hierarchical Time Petri Nets

Modular supervisory controller for complex systems

Automation for the oil and gas industry is driven by the need to improve efficiency, productivity, consistency, and personnel safety, while reducing cost. Fully automated systems alleviate the physical toll on human operators and allow them to focus on monitoring unsafe well events and machinery maintenance. Complex systems like drilling rigs and snubbing units require supervisory controllers that can safely coordinate equipment and processes, overcome interoperability challenges and allow for functional scalability without sacrificing safety, security, and consistency of operations. The primary objective of this report is to explore the feasibility of developing a modular supervisory controller architecture which addresses these concerns by modifying and extending existing architectures. Such modifications include the use of non-homogeneous models in sub-system modules, including discrete event models for control and physics-based models for collision avoidance, addition of a system compilation module (Meta Module) to identify simple design errors, and implementation of an algorithm for synthesis of modules and filters to replace missing sub-systems. This report discusses the implementation results of the modular supervisory control architecture (modMFSM) on a simplified two-machine drilling system for assessment of design practices. Simulations for three test cases were executed to assess the ability of the controller to correctly perform error-free operations, detect and react to possible collisions, and adapt to missing equipment. The report then discusses the possibilities of extending the modMFSM architecture to control large complex systems such as drilling rigs, using snubbing operations as an example.Mechanical Engineerin