Towards a new methodology for design, modelling, and verification of reconfigurable distributed control systems based on a new extension to the IEC 61499 standard

In order to meet user requirements and system environment changes, reconfigurable control systems must dynamically adapt their structure and behaviour without disrupting system operation. IEC 61499 standard provides limited support for the design and verification of such systems. In fact, handling different reconfiguration scenarios at runtime is difficult since function blocks in IEC 61499 cannot be changed at run-time. Hence, this thesis promotes an IEC 61499 extension called reconfigurable function block (RFB) that increases design readability and smoothly switches to the most appropriate behaviour when a reconfiguration event occurs. To ensure system feasibility after reconfiguration, in addition to the qualitative verification, quantitative verification based on probabilistic model checking is addressed in a new RFBA approach. The latter aims to transform the designed RFB model automatically into a generalised reconfigurable timed net condition/event system model (GRTNCES) using a newly developed environment called RFBTool. The GR-TNCES fits well with RFB and preserves its semantic. Using the probabilistic model checker PRISM, the generated GR-TNCES model is checked using defined properties specified in computation tree logic. As a result, an evaluation of system performance and an estimation of reconfiguration risks are obtained. The RFBA methodology is applied on a distributed power system case study.Dynamische Anforderungen und Umgebungen erfordern rekonfigurierbare Anlagen und Steuerungssysteme. Rekonfiguration ermöglicht es einem System, seine Struktur und sein Verhalten an interne oder externe Änderungen anzupassen. Die Norm IEC 61499 wurde entwickelt, um (verteilte) Steuerungssysteme auf Basis von Funktionsbausteinen zu entwickeln. Sie bietet jedoch wenig Unterstützung für Entwurf und Verifikation. Die Tatsache, dass eine Rekonfiguration das System-Ausführungsmodell verändert, erschwert die Entwicklung in IEC 61499 zusätzlich. Daher schlägt diese Dissertation rekonfigurierbare Funktionsbausteine (RFBs) als Erweiterung der Norm vor. Ein RFB verarbeitet über einen Master-Slave-Automaten Rekonfigurationsereignisse und löst das entsprechende Verhalten aus. Diese Hierarchie trennt das Rekonfigurationsmodell vom Steuerungsmodell und vereinfacht so den Entwurf. Die Funktionalität des Entwurfs muss verifiziert werden, damit die Ausführbarkeit des Systems nach einer Rekonfiguration gewährleistet ist. Hierzu wird das entworfene RFB-Modell automatisch in ein generalised reconfigurable timed net condition/event system übersetzt. Dieses wird mit dem Model-Checker PRISM auf qualitative und quantitative Eigenschaften überprüft. Somit wird eine Bewertung der Systemperformanz und eine Einschätzung der Rekonfigurationsrisiken erreicht. Die RFB-Methodik wurde in einem Softwarewerkzeug umgesetzt und in einer Fallstudie auf ein dezentrales Stromnetz angewendet

Software framework for the development of context-aware reconfigurable systems

In this project we propose a new software framework for the development of context-aware and secure controlling software of distributed reconfigurable systems. Context-awareness is a key feature allowing the adaptation of systems behaviour according to the changing environment. We introduce a new definition of the term “context” for reconfigurable systems then we define a new context modelling and reasoning approach. Afterwards, we define a meta-model of context-aware reconfigurable applications that paves the way to the proposed framework. The proposed framework has a three-layer architecture: reconfiguration, context control, and services layer, where each layer has its well-defined role. We define also a new secure conversation protocol between distributed trustless parts based on the blockchain technology as well as the elliptic curve cryptography. To get better correctness and deployment guarantees of applications models in early development stages, we propose a new UML profile called GR-UML to add new semantics allowing the modelling of probabilistic scenarios running under memory and energy constraints, then we propose a methodology using transformations between the GR-UML, the GR-TNCES Petri nets formalism, and the IEC 61499 function blocks. A software tool implementing the methodology concepts is developed. To show the suitability of the mentioned contributions two case studies (baggage handling system and microgrids) are considered.In diesem Projekt schlagen wir ein Framework für die Entwicklung von kontextbewussten, sicheren Anwendungen von verteilten rekonfigurierbaren Systemen vor. Kontextbewusstheit ist eine Schlüsseleigenschaft, die die Anpassung des Systemverhaltens an die sich ändernde Umgebung ermöglicht. Wir führen eine Definition des Begriffs ``Kontext" für rekonfigurierbare Systeme ein und definieren dann einen Kontextmodellierungs- und Reasoning-Ansatz. Danach definieren wir ein Metamodell für kontextbewusste rekonfigurierbare Anwendungen, das den Weg zum vorgeschlagenen Framework ebnet. Das Framework hat eine dreischichtige Architektur: Rekonfigurations-, Kontextkontroll- und Dienste-Schicht, wobei jede Schicht ihre wohldefinierte Rolle hat. Wir definieren auch ein sicheres Konversationsprotokoll zwischen verteilten Teilen, das auf der Blockchain-Technologie sowie der elliptischen Kurven-Kryptographie basiert. Um bessere Korrektheits- und Einsatzgarantien für Anwendungsmodelle zu erhalten, schlagen wir ein UML-Profil namens GR-UML vor, um Semantik umzufassen, die die Modellierung probabilistischer Szenarien unter Speicher- und Energiebeschränkungen ermöglicht. Dann schlagen wir eine Methodik vor, die Transformationen zwischen GR-UML, dem GR-TNCES-Petrinetz-Formalismus und den IEC 61499-Funktionsblöcken verwendet. Es wird ein Software entwickelt, das die Konzepte der Methodik implementiert. Um die Eignung der genannten Beiträge zu zeigen, werden zwei Fallstudien betrachtet

Engineering framework for service-oriented automation systems

Tese de doutoramento. Engenharia Informática. Universidade do Porto. Faculdade de Engenharia. 201

Verification and Anomaly Detection for Event-Based Control of Manufacturing Systems.

Many important systems can be described as discrete event systems, including a manufacturing cell and patient flow in a clinic. Faults often occur in these systems and addressing these faults is important to ensure proper functioning. There are two main ways to address faults. Faults can be prevented from ever occurring, or they can be detected at the time at which they occur. This work develops methods to address faults in event-based systems for which there is no formal, pre-existing model. A primary application is manufacturing systems, where reducing downtime is especially important and pre-existing formal models are not commonly available. There are three main contributions. The first contribution is formalizing input order robustness - inputs occurring in different orders and yielding the same final state and set of outputs - and creating a method for its verification for logic controllers and networks of controllers. Theory is developed for a class of networks of controllers to be verified modularly, reducing the computational complexity. Input order robustness guarantees determinism of the closed-loop system. The second contribution is an anomaly detection solution for event-based systems without a pre-existing formal model. This solution involves model generation, performance assessment, and anomaly detection itself. A new variation of Petri nets was created to model the systems in this solution that incorporates resources in a less restrictive way. The solution detects anomalies and provides information about when the anomaly was first observed to help with debugging. The third contribution is the identification and resolution of five inconsistencies found between typical academic assumptions and industry practice when applying the anomaly detection solution to an industrial system. Resolutions to the inconsistencies included working with industry collaborators to change logic, and developing new algorithms to incorporate into the anomaly detection solution. Through these resolutions, the anomaly detection solution was improved to make it easier to apply to industrial systems. These three contributions for handling faults will help reduce down-time in manufacturing systems, and hence increase productivity and decrease costs.Ph.D.Electrical Engineering: SystemsUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/78897/1/lzallen_1.pd

Multi-Agent Modelling of Industrial Cyber-Physical Systems for IEC 61499 Based Distributed Intelligent Automation

Traditional industrial automation systems developed under IEC 61131-3 in centralized architectures are statically programmed with determined procedures to perform predefined tasks in structured environments. Major challenges are that these systems designed under traditional engineering techniques and running on legacy automation platforms are unable to automatically discover alternative solutions, flexibly coordinate reconfigurable modules, and actively deploy corresponding functions, to quickly respond to frequent changes and intelligently adapt to evolving requirements in dynamic environments. The core objective of this research is to explore the design of multi-layer automation architectures to enable real-time adaptation at the device level and run-time intelligence throughout the whole system under a well-integrated modelling framework. Central to this goal is the research on the integration of multi-agent modelling and IEC 61499 function block modelling to form a new automation infrastructure for industrial cyber-physical systems. Multi-agent modelling uses autonomous and cooperative agents to achieve run-time intelligence in system design and module reconfiguration. IEC 61499 function block modelling applies object-oriented and event-driven function blocks to realize real-time adaption of automation logic and control algorithms. In this thesis, the design focuses on a two-layer self-manageable architecture modelling: a) the high-level cyber module designed as multi-agent computing model consisting of Monitoring Agent, Analysis Agent, Self-Learning Agent, Planning Agent, Execution Agent, and Knowledge Agent; and b) the low-level physical module designed as agent-embedded IEC 61499 function block model with Self-Manageable Service Execution Agent, Self-Configuration Agent, Self-Healing Agent, Self-Optimization Agent, and Self-Protection Agent. The design results in a new computing module for high-level multi-agent based automation architectures and a new design pattern for low-level function block modelled control solutions. The architecture modelling framework is demonstrated through various tests on the multi-agent simulation model developed in the agent modelling environment NetLogo and the experimental testbed designed on the Jetson Nano and Raspberry Pi platforms. The performance evaluation of regular execution time and adaptation time in two typical conditions for systems designed under three different architectures are also analyzed. The results demonstrate the ability of the proposed architecture to respond to major challenges in Industry 4.0

Model-Driven Development of Control Applications: On Modeling Tools, Simulations and Safety

Control systems are required in various industrial applications varying from individual machines to manufacturing plants and enterprises. Software applications have an important role as an implementation technology in such systems, which can be based on Distributed Control System (DCS) or Programmable Control System (PLC) platforms, for example. Control applications are computer programs that, with control system hardware, perform control tasks. Control applications are efficient and flexible by nature; however, their development is a complex task that requires the collaboration of experts and information from various domains of expertise.This thesis studies the use of Model-Driven Development (MDD) techniques in control application development. MDD is a software development methodology in which models are used as primary engineering artefacts and processed with both manual work and automated model transformations. The objective of the thesis is to explore whether or not control application development can benefit from MDD and selected technologies enabled by it. The research methodology followed in the thesis is the constructive approach of design science.To answer the research questions, tools are developed for modeling and developing control applications using UML Automation Profile (UML AP) in a model-driven development process. The modeling approach is developed based on open source tools on Eclipse platform. In the approach, modeling concepts are kept extendable. Models can be processed with model transformation techniques that plug in to the tool. The approach takes into account domain requirements related to, for example, re-use of design. According to assessment of industrial applicability of the approach and tools as part of it, they could be used for developing industrial DCS based control applications.Simulation approaches that can be used in conjunction to model-driven development of control applications are presented and compared. Development of a model-in-the-loop simulation support is rationalized to enable the use of simulations early while taking into account the special characteristics of the domain. A simulator integration is developed that transforms UML AP control application models to Modelica Modeling Language (ModelicaML) models, thus enabling closed-loop simulations with ModelicaML models of plants to be controlled. The simulation approach is applied successfully in simulations of machinery applications and process industry processes.Model-driven development of safety applications, which are parts of safety systems, would require taking into account safety standard requirements related to modeling techniques and documentation, for example. Related to this aspect, the thesis focuses on extending the information content of models with aspects that are required for safety applications. The modeling of hazards and their associated risks is supported with fault tree notation. The risk and hazard information is integrated into the development process in order to improve traceability. Automated functions enable generating documentation and performing consistency checks related to the use of standard solutions, for example. When applicable, techniques and notations, such as logic diagrams, have been chosen so that they are intuitive to developers but also comply with recommendations of safety standards

Table-based formal specification approaches for control engineers—empirical studies of usability

The dependability characteristic of the control software of manufacturing systems is highlighted more than before, going through repeated changes to cope with various and varying requirements. Formal methods are researched to be applied to automation system engineering to obtain a more effective and efficient quality assurance. One of the approaches, a formal specification language named Generalised Test Tables has been developed with the aim of intuitiveness and accessibility for automation application developers. The result of the experiments conducted to assess the usability of this language is presented here. Focussing on evaluating effectiveness and user satisfaction, three paper-based experiments have been conducted with students at the bachelor and master level. The evaluation results point to positive usability in both comparative effectiveness to conventional language, that is, Petri Nets, and subjective perception of user satisfaction

Contribution à la commande sûre des Systèmes à Événements Discrets

Les activités de recherche rentrent dans le spectre de la section 61 du CNU et ont pour domaine l’Automatique des Systèmes à Événements Discrets (SED). Elles sont conduites en vue d’accroître la sûreté de fonctionnement des systèmes automatisés comme ceux qu’il est possible de trouver dans le cadre de la production manufacturière, de la production d'énergie ou du transport. Une grande partie de ces recherches a concerné la conception sûre des systèmes de contrôle-commande à base d’Automates Programmables Industriels (API) et plus particulièrement les thématiques suivantes :- la vérification formelle de programmes de contrôle-commande,- la synthèse algébrique de programmes de contrôle-commande à partir de spécifications informelles,- le test de conformité d’un contrôleur logique vis-à-vis de sa spécification.D'autres recherches ont porté sur la formalisation des outils pour l’analyse de sûreté, utilisés dans le cadre de l’analyse prévisionnelle des risques d’un équipement ou d’une installation industrielle. Cette formalisation des outils utilisés en sûreté a été faite en examinant avec un point de vue SED une problématique qui ne l’était pas à son origine. Il a été étudié :- la modélisation algébrique des arbres de défaillances dynamiques,- l’analyse prévisionnelle des risques d’un point de vue qualitatif pour les systèmes réparables à partir de Boolean logic Driven Markov Processes (BDMPs),- l’analyse prévisionnelle des risques d’un point de vue quantitatif pour les systèmes réparables à l’aide de chaînes de Markov.D'une manière générale, ces activités de recherche ont pour objectif de proposer des apports formels ou méthodologiques à des outils de modélisation généralement issus de l’industrie tout en répondant à des besoins industriels déjà présents ou sur le point de le devenir