Petri net based development of globally-asynchronous locally-synchronous distributed embedded systems

Dissertação para obtenção do Grau de Doutor em Engenharia Electrotécnica e de ComputadoresA model-based development approach (MBDA) for Globally-Asynchronous Locally- Synchronous (GALS) Distributed Embedded Systems (DESs) is proposed. This approach relies on the GALS-DESs specification through (low- or high-level) Petri net classes, which ensure that the created models are GALS, locally deterministic, distributable, networkindependent, and platform-independent and support their simulation, verification, and implementation (using simulation, model-checking, and code generation tools). The use of network- and platform-independent models enable the use of heterogeneous communication networks to support the distributed components interaction and enable the use of heterogeneous platforms to support the components and the communication nodes implementation. To enable the proposed MBDA, Petri nets are extended with a set of the concepts, most notably time-domains and asynchronous-channels. Algorithms to support the verification of GALS-DES models and their decomposition into implementable sub-models are also proposed. A tool chain framework (IOPT-tools) was extended with this work proposals, supporting their validation and the GALS-DESs development.Fundação para a Ciência e a Tecnologia - grant ref. SFRH/BD/62171/200

The DS-Pnet modeling formalism for cyber-physical system development

This work presents the DS-Pnet modeling formalism (Dataflow, Signals and Petri nets), designed for the development of cyber-physical systems, combining the characteristics of Petri nets and dataflows to support the modeling of mixed systems containing both reactive parts and data processing operations. Inheriting the features of the parent IOPT Petri net class, including an external interface composed of input and output signals and events, the addition of dataflow operations brings enhanced modeling capabilities to specify mathematical data transformations and graphically express the dependencies between signals. Data-centric systems, that do not require reactive controllers, are designed using pure dataflow models. Component based model composition enables reusing existing components, create libraries of previously tested components and hierarchically decompose complex systems into smaller sub-systems. A precise execution semantics was defined, considering the relationship between dataflow and Petri net nodes, providing an abstraction to define the interface between reactive controllers and input and output signals, including analog sensors and actuators. The new formalism is supported by the IOPT-Flow Web based tool framework, offering tools to design and edit models, simulate model execution on the Web browser, plus model-checking and software/hardware automatic code generation tools to implement controllers running on embedded devices (C,VHDL and JavaScript). A new communication protocol was created to permit the automatic implementation of distributed cyber-physical systems composed of networks of remote components communicating over the Internet. The editor tool connects directly to remote embedded devices running DS-Pnet models and may import remote components into new models, contributing to simplify the creation of distributed cyber-physical applications, where the communication between distributed components is specified just by drawing arcs. Several application examples were designed to validate the proposed formalism and the associated framework, ranging from hardware solutions, industrial applications to distributed software applications

NOVA mobility assistive system: Developed and remotely controlled with IOPT-tools

UID/EEA/00066/2020In this paper, a Mobility Assistive System (NOVA-MAS) and a model-driven development approach are proposed to support the acquisition and analysis of data, infrastructures control, and dissemination of information along public roads. A literature review showed that the work related to mobility assistance of pedestrians in wheelchairs has a gap in ensuring their safety on road. The problem is that pedestrians in wheelchairs and scooters often do not enjoy adequate and safe lanes for their circulation on public roads, having to travel sometimes side by side with vehicles and cars moving at high speed. With NOVA-MAS, city infrastructures can obtain information regarding the environment and provide it to their users/vehicles, increasing road safety in an inclusive way, contributing to the decrease of the accidents of pedestrians in wheelchairs. NOVA-MAS not only supports information dissemination, but also data acquisition from sensors and infrastructures control, such as traffic light signs. For that, it proposed a development approach that supports the acquisition of data from the environment and its control while using a tool framework, named IOPT-Tools (Input-Output Place-Transition Tools). IOPT-Tools support controllers’ specification, validation, and implementation, with remote operation capabilities. The infrastructures’ controllers are specified through IOPT Petri net models, which are then simulated using computational tools and verified using state-space-based model-checking tools. In addition, an automatic code generator tool generates the C code, which supports the controllers’ implementation, avoiding manual codification errors. A set of prototypes were developed and tested to validate and conclude on the feasibility of the proposals.publishersversionpublishe

Minimalist Architecture to Generate Embedded System Web User Interfaces

Part 9: Embedded Systems and Petri NetsInternational audienceThis paper presents a new architecture to semi-automatically generate Web user interfaces for Embedded Systems designed using IOPT Petri Net models. The user interfaces can be used to remotely control, monitor and debug embedded systems using a standard Web Browser. The proposed architecture takes advantage of the distributed nature of the Internet to store all static user interface data and software on third-party Web services (the Cloud), and execute the user-interface code on the user’s Web Browser. A simplified protocol is proposed to enable remote control, status-monitoring, debugging and step-by-step execution, minimizing resource consumption on the physical embedded devices, including processing load, memory and communication bandwidth. As the user interface data and code are kept on third-party Web services, these resources can be shared among multiple embedded device units, and the hardware requirements to implement the devices can be simplified, leading to reduced cost solutions. To prevent down-time due to network problems or server failures, a fault-tolerant topology is suggested. The distributed architecture is transparent to end-users, observing just a Web interface for an embedded device on the other side of an Internet URL

Petri net model decomposition - a model based approach supporting distributed execution

Dissertação apresentada para obtenção do Grau de Doutor em Engenharia Electrotécnica, Especialidade de Sistemas Digitais, pela Universidade Nova de Lisboa, Faculdade de Ciências e TecnologiaModel-based systems development has contributed to reducing the enormous difference between the continuous increase of systems complexity and the improvement of methods and methodologies available to support systems development. The choice of the modeling formalism is an important factor for success-fully increasing productivity. Petri nets proved to be a suitable candidate for being chosen as a system specification language due to their natural support of modeling processes with concurrency, synchronization and resource sharing, as well as the mechanisms of composition and decomposition. Also having a formal representation reinforces the choice, given that the use of verification tools is fundamental for complex systems development. This work proposes a method for partitioning Petri net models into concurrent sub-models, supporting their distributed implementation. The IOPT class (Input-Output Place Transition) is used as a reference class. It is extended by directed synchronous communication channels, enabling the com- munication between the generated sub-models. Three rules are proposed to perform the partition, and restrictions of the proposed partition method are identified. It is possible to directly compose models which result from the partitioning operation, through an operation of model addition. This allows the re-use of previously obtained models, as well as the easy modification of the intended system functionalities. The algorithms associated with the implementation of the partition operation are presented, as well as its rules and other procedures. The proposed methods are validated through several case studies emphasizing control components of automation systems

Requirements Specification for Controller Design-from Use Cases to IOPT Net Models

12th IEEE International Conference on Industrial Informatics, INDIN , Porto Alegre: Jul 27-30, 2014Non-autonomous Petri nets offer a language especially adapted for controller specifications. They are typically used in the design phase often with no clear connection to the analysis phase, including requirements specification. This paper shows how use cases can be used to support requirements specification amenable to a direct transformation to IOPT nets, a class of non-autonomous Petri nets. To that end, we propose a set of semi-formal rules for use case descriptions, including use case relationships, which take advantage of the concepts available in IOPT nets, namely input and output signals and events and net addition, a net composition operation

Augmenting High-Level Petri Nets to Support GALS Distributed Embedded Systems Specification

Part 9: Embedded Systems and Petri NetsInternational audienceHigh-level Petri net classes are suited to specify concurrent processes with emphasis both in control and data processing, making them appropriate to specify distributed embedded systems (DES). Embedded systems components are usually synchronous, which means that DES can be seen as Globally-Asynchronous Locally-Synchronous (GALS) systems. This paper proposes to include in high-level Petri nets a set of concepts already introduced for low-level Petri nets allowing the specification of GALS systems, namely time domains, test arcs and priorities. Additionally, this paper proposes external messages and three types of (high-level) asynchronous communication channels, to specify the interaction between distributed components based on message exchange. With these extensions, GALS-DES can be specified using high-level Petri nets. The resulting models include the specification of each component with well-defined boundaries and interface, and also the explicit specification of the asynchronous interaction between components. These models will be used not only to specify the system behavior, but also to be the input for model-checking tools (supporting its verification) and automatic code generation tools (supporting its implementation in software and hardware platforms), giving a contribution to the model-based development approach and hardware-software co-design of DES based on high-level Petri nets

Developing Globally-Asynchronous Locally- Synchronous Systems through the IOPT-Flow Framework

Throughout the years, synchronous circuits have increased in size and com-plexity, consequently, distributing a global clock signal has become a laborious task. Globally-Asynchronous Locally-Synchronous (GALS) systems emerge as a possible solution; however, these new systems require new tools. The DS-Pnet language formalism and the IOPT-Flow framework aim to support and accelerate the development of cyber-physical systems. To do so it offers a tool chain that comprises a graphical editor, a simulator and code gener-ation tools capable of generating C, JavaScript and VHDL code. However, DS-Pnets and IOPT-Flow are not yet tuned to handle GALS systems, allowing for partial specification, but not a complete one. This dissertation proposes extensions to the DS-Pnet language and the IOPT-Flow framework in order to allow development of GALS systems. Addi-tionally, some asynchronous components were created, these form interfaces that allow synchronous blocks within a GALS system to communicate with each other

Computação paralela utilizando GPU na análise de redes de Petri IOPT

O principal objetivo desta dissertação é melhorar o tempo de execução na construção do espaço de estados associado a um modelo de rede de Petri Input-Output Place-Transition (IOPT), utilizando computação paralela numa Graphics Processing Unit (GPU) instalada no computador com um servidor de IOPT-Tools em execução, permitindo o processamento descrito. Os modelos de sistema de controlo desenvolvidos em Rede de Petri (RdP) podem ser muito complexos, o que pode tornar de difícil compreensão o seu comportamento. Devido à variedade e à dimensão das redes, os sistemas desenvolvidos em RdP podem apresentar um grafo associado de espaço de estados com muitos nós e arcos, tornando-se um problema sobre o ponto de vista computacional quando se pretende realizar a verificação das propriedades do modelo. Isto porque, na construção do grafo do espaço de estados pode ocorrer uma explosão do número de estados, ou seja, o grafo pode ser tão grande que dificulta a procura e análise de todos os estados que o modelo pode alcançar. Com a utilização da GPU pode-se contribuir para mitigar este problema, aumentando o desempenho no processamento da construção do espaço de estados. O algoritmo implementado para o processamento da construção do espaço de estados utilizando GPU é adaptação do código gerado automaticamente pela plataforma IOTP-Tools. Para executar o algoritmo é usada a Compute Unified Device Architecture (CUDA) da NVidia. A CUDA permite executar o algoritmo em Central Processing Unit (CPU) e Graphics Processing Unit (GPU). A parte sequencial do algoritmo é executada na CPU e a parte do processamento intensivo, ou seja, o tratamento dos estados não processados é executada na GPU

Evaluating Resilience of Cyber-Physical-Social Systems

Nowadays, protecting the network is not the only security concern. Still, in cyber security, websites and servers are becoming more popular as targets due to the ease with which they can be accessed when compared to communication networks. Another threat in cyber physical social systems with human interactions is that they can be attacked and manipulated not only by technical hacking through networks, but also by manipulating people and stealing users’ credentials. Therefore, systems should be evaluated beyond cy- ber security, which means measuring their resilience as a piece of evidence that a system works properly under cyber-attacks or incidents. In that way, cyber resilience is increas- ingly discussed and described as the capacity of a system to maintain state awareness for detecting cyber-attacks. All the tasks for making a system resilient should proactively maintain a safe level of operational normalcy through rapid system reconfiguration to detect attacks that would impact system performance. In this work, we broadly studied a new paradigm of cyber physical social systems and defined a uniform definition of it. To overcome the complexity of evaluating cyber resilience, especially in these inhomo- geneous systems, we proposed a framework including applying Attack Tree refinements and Hierarchical Timed Coloured Petri Nets to model intruder and defender behaviors and evaluate the impact of each action on the behavior and performance of the system.Hoje em dia, proteger a rede não é a única preocupação de segurança. Ainda assim, na segurança cibernética, sites e servidores estão se tornando mais populares como alvos devido à facilidade com que podem ser acessados quando comparados às redes de comu- nicação. Outra ameaça em sistemas sociais ciberfisicos com interações humanas é que eles podem ser atacados e manipulados não apenas por hackers técnicos através de redes, mas também pela manipulação de pessoas e roubo de credenciais de utilizadores. Portanto, os sistemas devem ser avaliados para além da segurança cibernética, o que significa medir sua resiliência como uma evidência de que um sistema funciona adequadamente sob ataques ou incidentes cibernéticos. Dessa forma, a resiliência cibernética é cada vez mais discutida e descrita como a capacidade de um sistema manter a consciência do estado para detectar ataques cibernéticos. Todas as tarefas para tornar um sistema resiliente devem manter proativamente um nível seguro de normalidade operacional por meio da reconfi- guração rápida do sistema para detectar ataques que afetariam o desempenho do sistema. Neste trabalho, um novo paradigma de sistemas sociais ciberfisicos é amplamente estu- dado e uma definição uniforme é proposta. Para superar a complexidade de avaliar a resiliência cibernética, especialmente nesses sistemas não homogéneos, é proposta uma estrutura que inclui a aplicação de refinamentos de Árvores de Ataque e Redes de Petri Coloridas Temporizadas Hierárquicas para modelar comportamentos de invasores e de- fensores e avaliar o impacto de cada ação no comportamento e desempenho do sistema