Supremica – An integrated environment for verification, synthesis and simulation of discrete event systems

An integrated environment, Supremica, for verification, synthesis and simulation of discrete event systems is presented. The basic model in Supremica is finite automata where the transitions have an associated event together with a guard condition and an action function that updates automata variables. Supremica uses two main approaches to handle large state-spaces. The first approach exploits modularity in order to divide the original problem into many smaller problems that together solve the original problem. The second approach uses an efficient data structure, a binary decision diagram, to symbolically represent the reachable states. Models in Supremica may be simulated in the environment. It is also possible to generate code that implements the behavior of the model using both the IEC 61131 and the IEC 61499 standard

Towards a new methodology for design, modelling, and verification of reconfigurable distributed control systems based on a new extension to the IEC 61499 standard

In order to meet user requirements and system environment changes, reconfigurable control systems must dynamically adapt their structure and behaviour without disrupting system operation. IEC 61499 standard provides limited support for the design and verification of such systems. In fact, handling different reconfiguration scenarios at runtime is difficult since function blocks in IEC 61499 cannot be changed at run-time. Hence, this thesis promotes an IEC 61499 extension called reconfigurable function block (RFB) that increases design readability and smoothly switches to the most appropriate behaviour when a reconfiguration event occurs. To ensure system feasibility after reconfiguration, in addition to the qualitative verification, quantitative verification based on probabilistic model checking is addressed in a new RFBA approach. The latter aims to transform the designed RFB model automatically into a generalised reconfigurable timed net condition/event system model (GRTNCES) using a newly developed environment called RFBTool. The GR-TNCES fits well with RFB and preserves its semantic. Using the probabilistic model checker PRISM, the generated GR-TNCES model is checked using defined properties specified in computation tree logic. As a result, an evaluation of system performance and an estimation of reconfiguration risks are obtained. The RFBA methodology is applied on a distributed power system case study.Dynamische Anforderungen und Umgebungen erfordern rekonfigurierbare Anlagen und Steuerungssysteme. Rekonfiguration ermöglicht es einem System, seine Struktur und sein Verhalten an interne oder externe Änderungen anzupassen. Die Norm IEC 61499 wurde entwickelt, um (verteilte) Steuerungssysteme auf Basis von Funktionsbausteinen zu entwickeln. Sie bietet jedoch wenig Unterstützung für Entwurf und Verifikation. Die Tatsache, dass eine Rekonfiguration das System-Ausführungsmodell verändert, erschwert die Entwicklung in IEC 61499 zusätzlich. Daher schlägt diese Dissertation rekonfigurierbare Funktionsbausteine (RFBs) als Erweiterung der Norm vor. Ein RFB verarbeitet über einen Master-Slave-Automaten Rekonfigurationsereignisse und löst das entsprechende Verhalten aus. Diese Hierarchie trennt das Rekonfigurationsmodell vom Steuerungsmodell und vereinfacht so den Entwurf. Die Funktionalität des Entwurfs muss verifiziert werden, damit die Ausführbarkeit des Systems nach einer Rekonfiguration gewährleistet ist. Hierzu wird das entworfene RFB-Modell automatisch in ein generalised reconfigurable timed net condition/event system übersetzt. Dieses wird mit dem Model-Checker PRISM auf qualitative und quantitative Eigenschaften überprüft. Somit wird eine Bewertung der Systemperformanz und eine Einschätzung der Rekonfigurationsrisiken erreicht. Die RFB-Methodik wurde in einem Softwarewerkzeug umgesetzt und in einer Fallstudie auf ein dezentrales Stromnetz angewendet

Software framework for the development of context-aware reconfigurable systems

In this project we propose a new software framework for the development of context-aware and secure controlling software of distributed reconfigurable systems. Context-awareness is a key feature allowing the adaptation of systems behaviour according to the changing environment. We introduce a new definition of the term “context” for reconfigurable systems then we define a new context modelling and reasoning approach. Afterwards, we define a meta-model of context-aware reconfigurable applications that paves the way to the proposed framework. The proposed framework has a three-layer architecture: reconfiguration, context control, and services layer, where each layer has its well-defined role. We define also a new secure conversation protocol between distributed trustless parts based on the blockchain technology as well as the elliptic curve cryptography. To get better correctness and deployment guarantees of applications models in early development stages, we propose a new UML profile called GR-UML to add new semantics allowing the modelling of probabilistic scenarios running under memory and energy constraints, then we propose a methodology using transformations between the GR-UML, the GR-TNCES Petri nets formalism, and the IEC 61499 function blocks. A software tool implementing the methodology concepts is developed. To show the suitability of the mentioned contributions two case studies (baggage handling system and microgrids) are considered.In diesem Projekt schlagen wir ein Framework für die Entwicklung von kontextbewussten, sicheren Anwendungen von verteilten rekonfigurierbaren Systemen vor. Kontextbewusstheit ist eine Schlüsseleigenschaft, die die Anpassung des Systemverhaltens an die sich ändernde Umgebung ermöglicht. Wir führen eine Definition des Begriffs ``Kontext" für rekonfigurierbare Systeme ein und definieren dann einen Kontextmodellierungs- und Reasoning-Ansatz. Danach definieren wir ein Metamodell für kontextbewusste rekonfigurierbare Anwendungen, das den Weg zum vorgeschlagenen Framework ebnet. Das Framework hat eine dreischichtige Architektur: Rekonfigurations-, Kontextkontroll- und Dienste-Schicht, wobei jede Schicht ihre wohldefinierte Rolle hat. Wir definieren auch ein sicheres Konversationsprotokoll zwischen verteilten Teilen, das auf der Blockchain-Technologie sowie der elliptischen Kurven-Kryptographie basiert. Um bessere Korrektheits- und Einsatzgarantien für Anwendungsmodelle zu erhalten, schlagen wir ein UML-Profil namens GR-UML vor, um Semantik umzufassen, die die Modellierung probabilistischer Szenarien unter Speicher- und Energiebeschränkungen ermöglicht. Dann schlagen wir eine Methodik vor, die Transformationen zwischen GR-UML, dem GR-TNCES-Petrinetz-Formalismus und den IEC 61499-Funktionsblöcken verwendet. Es wird ein Software entwickelt, das die Konzepte der Methodik implementiert. Um die Eignung der genannten Beiträge zu zeigen, werden zwei Fallstudien betrachtet

Cyber-Virtual Systems: Simulation, Validation & Visualization

We describe our ongoing work and view on simulation, validation and visualization of cyber-physical systems in industrial automation during development, operation and maintenance. System models may represent an existing physical part - for example an existing robot installation - and a software simulated part - for example a possible future extension. We call such systems cyber-virtual systems. In this paper, we present the existing VITELab infrastructure for visualization tasks in industrial automation. The new methodology for simulation and validation motivated in this paper integrates this infrastructure. We are targeting scenarios, where industrial sites which may be in remote locations are modeled and visualized from different sites anywhere in the world. Complementing the visualization work, here, we are also concentrating on software modeling challenges related to cyber-virtual systems and simulation, testing, validation and verification techniques for them. Software models of industrial sites require behavioural models of the components of the industrial sites such as models for tools, robots, workpieces and other machinery as well as communication and sensor facilities. Furthermore, collaboration between sites is an important goal of our work.Comment: Preprint, 9th International Conference on Evaluation of Novel Approaches to Software Engineering (ENASE 2014

Formal Modeling of Testing Software for Cyber-Physical Automation Systems

Abstract-The paper presents a framework which uses formal models for testing control software for industrial automation systems. The formalism called Net Condition/Event Systems (NCES) is applied to model the program under test, along with the system under control (plant) and the testing environment. The benefits of using the framework include the opportunities to test systems with time delays without the need to wait, to test parameterized sets of systems with a single execution of a test suite, and to check test suites for correctness. The use of the framework is illustrated on a simple system consisting of a lab-scale plant and a control application for it

Usage of IEC 61131 and IEC 61499 standards for creating distributed control systems

This publication deals with the application of standards for industrial automation during distributed control systems design. Control systems design consists of a choice between two approaches based on the standards, IEC 61131 and IEC 61499. The question is which of the standards to use for distributed control systems design. The most commonly used standards are briefly listed in the introduction section. Then follows a more detailed description of the IEC 61131 and IEC 61499 standards, future development of the IEC 61499 standard and its usage during the creation of distributed control systems. Further on are lists and descriptions of existing commercial and research software tools, which are necessary in implementing this standard. The main section deals with the methodology for standard application comparison and criteria selection for comparing. This methodology is then verified on real control systems. The final section includes methodology generalization for suitable approach selection, resulting in recommendations for which standard to choose during creation of distributed control systems

Verification and Anomaly Detection for Event-Based Control of Manufacturing Systems.

Many important systems can be described as discrete event systems, including a manufacturing cell and patient flow in a clinic. Faults often occur in these systems and addressing these faults is important to ensure proper functioning. There are two main ways to address faults. Faults can be prevented from ever occurring, or they can be detected at the time at which they occur. This work develops methods to address faults in event-based systems for which there is no formal, pre-existing model. A primary application is manufacturing systems, where reducing downtime is especially important and pre-existing formal models are not commonly available. There are three main contributions. The first contribution is formalizing input order robustness - inputs occurring in different orders and yielding the same final state and set of outputs - and creating a method for its verification for logic controllers and networks of controllers. Theory is developed for a class of networks of controllers to be verified modularly, reducing the computational complexity. Input order robustness guarantees determinism of the closed-loop system. The second contribution is an anomaly detection solution for event-based systems without a pre-existing formal model. This solution involves model generation, performance assessment, and anomaly detection itself. A new variation of Petri nets was created to model the systems in this solution that incorporates resources in a less restrictive way. The solution detects anomalies and provides information about when the anomaly was first observed to help with debugging. The third contribution is the identification and resolution of five inconsistencies found between typical academic assumptions and industry practice when applying the anomaly detection solution to an industrial system. Resolutions to the inconsistencies included working with industry collaborators to change logic, and developing new algorithms to incorporate into the anomaly detection solution. Through these resolutions, the anomaly detection solution was improved to make it easier to apply to industrial systems. These three contributions for handling faults will help reduce down-time in manufacturing systems, and hence increase productivity and decrease costs.Ph.D.Electrical Engineering: SystemsUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/78897/1/lzallen_1.pd