Introduction to the Selected Papers from ICCPS 2016

Since their inception more than a decade ago, terms such as “cyber-physical systems” (CPS) or “cooperating objects” have come to describe research and engineering efforts that tightly conjoin real-world physical processes and computing systems. The integration of physical processes and computing is not new; embedded computing systems have been in place for decades controlling physical processes. The revolution is steaming from the extensive networking of embedded computing devices and the holistic cyber-physical co-design that integrates sensing, actuation, computation, networking, and physical processes. Such systems pose many broad scientific and technical challenges, ranging from distributed programming paradigms to networking protocols, as well as systems theory that combines physical models and networked embedded systems. Notably, as the physical interactions imply that timing requirements are considered, real-time computing systems methodologies and technologies are also pivotal in many of those systems. Moreover, many of these systems are often safety-critical, and therefore it is fundamental to guarantee other nonfunctional properties (such as safety, security, and reliability), which often interplay among them and with timeliness requirements. CPS is a growing key strategic research, development, and innovation area, and it is becoming pivotal for boosting the development of the future generation of highly complex and automated computing systems, which will be pervasive in virtually all application domains. Notable examples are aeronautics, aerospace and defence systems, robotics, autonomous transportation systems, the Internet of Things, energy-aware and green computing, smart factory automation, smart grids, and advanced medical devices and applications. This special issue contains a selection of extended versions of the best papers presented at the Seventh ACM/IEEE International Conference on Cyber-Physical Systems (ICCPS 2016), which was held with the Cyber-Physical Systems Week in Vienna, Austria, on 11–14 April 2016. This selection reflects effectively the growing pervasiveness of these systems in various applications domains. These papers excel at describing the diversity of methodologies used to design and verify various non-functional properties of these complex systems.info:eu-repo/semantics/publishedVersio

Human oocytes and embryos viewed by time-lapse videography, and the development of an embryo deselection model

Despite its wide application today, in vitro fertilization (IVF) treatment continues to have relatively low efficacy, largely due to inaccuracy in selecting the best quality embryo(s) from the cohort for transfer. Novel methodologies for improved selection are being developed, and time-lapse observation of human embryos is gaining increasing popularity due to the more detailed morphokinetic information obtained plus uninterrupted culture conditions. The morphokinetic information enables the use of quantitative timings in developmental milestones of embryos and qualitative measures of abnormal biological events, to assist embryo selection/deselection. This project aimed to identify current limitations in the use of such measures and to develop recommendations for improvement in clinical application. In the current study, most data were collected retrospectively from infertile couples seeking IVF treatment at a fertility clinic, with consent to use time-lapse incubation (Embryoscope) for embryo culture. Comparisons of time-lapse measures were made between embryos with confirmed implantation and non-implantation outcomes following uterine transfers. Thereafter, an embryo deselection model was proposed based on the retrospective findings, followed by prospective validation. It was found in the current study that the reference starting time point (t0) in certain existing time-lapse systems was inaccurate due to (i) the early biological variations between sibling oocytes, (ii) technical limitations in current equipment and protocols, and (iii) different insemination methods used (Papers 1&2). The above variations may be minimized by using pronuclear fading (PNF, a biological time point) as t0 rather than insemination (a procedural time point) (Paper 2). An example of such application was the comparison of embryo development between patients with high and low serum progesterone levels on the trigger-day (Paper 3). Furthermore, the growth rate of embryos reported in the literature is subject to multiple clinical or laboratory factors, and this was in agreement with the present study where a published time-lapse algorithm emphasizing quantitative timing parameters was shown to lose its discriminatory power in implantation prediction when applied in two different laboratories (Paper 4). Interestingly, the qualitative measures seemed to have better inter-laboratory transferability due to the embryo growth patterns appearing independent of clinical and technical factors (Paper 4). Two novel qualitative measures were reported in the present study, namely reverse cleavage and less than 6 intercellular contact points at the end of the 4-cell stage, showing negative correlations with embryo implantation outcomes (Papers 5&6). A qualitative embryo deselection model was therefore proposed, including several qualitative measures with implantation rates being potentially increased from 22.4% to 33.6% (Paper 6). Finally, an embryo deselection model combining both qualitative and quantitative measures was reported with the use of PNF as t0, showing significant prediction of implantation outcomes in embryos regardless of insemination method (Paper 7). In conclusion, this thesis demonstrates the usefulness of time-lapse embryo selection during IVF treatment in one specific laboratory. However, any new time-lapse parameter or model for embryo selection requires external validation by properly designed large-scale studies. Future clinical research and the development of integrated engineering and computer technology may further improve the efficacy of time-lapse selection of human embryos

HyPLC: Hybrid Programmable Logic Controller Program Translation for Verification

Programmable Logic Controllers (PLCs) provide a prominent choice of implementation platform for safety-critical industrial control systems. Formal verification provides ways of establishing correctness guarantees, which can be quite important for such safety-critical applications. But since PLC code does not include an analytic model of the system plant, their verification is limited to discrete properties. In this paper, we, thus, start the other way around with hybrid programs that include continuous plant models in addition to discrete control algorithms. Even deep correctness properties of hybrid programs can be formally verified in the theorem prover KeYmaera X that implements differential dynamic logic, dL, for hybrid programs. After verifying the hybrid program, we now present an approach for translating hybrid programs into PLC code. The new tool, HyPLC, implements this translation of discrete control code of verified hybrid program models to PLC controller code and, vice versa, the translation of existing PLC code into the discrete control actions for a hybrid program given an additional input of the continuous dynamics of the system to be verified. This approach allows for the generation of real controller code while preserving, by compilation, the correctness of a valid and verified hybrid program. PLCs are common cyber-physical interfaces for safety-critical industrial control applications, and HyPLC serves as a pragmatic tool for bridging formal verification of complex cyber-physical systems at the algorithmic level of hybrid programs with the execution layer of concrete PLC implementations.Comment: 13 pages, 9 figures. ICCPS 201

Electromyography-Based Control of Lower Limb Prostheses: A Systematic Review

Most amputations occur in lower limbs and despite improvements in prosthetic technology, no commercially available prosthetic leg uses electromyography (EMG) information as an input for control. Efforts to integrate EMG signals as part of the control strategy have increased in the last decade. In this systematic review, we summarize the research in the field of lower limb prosthetic control using EMG. Four different online databases were searched until June 2022: Web of Science, Scopus, PubMed, and Science Direct. We included articles that reported systems for controlling a prosthetic leg (with an ankle and/or knee actuator) by decoding gait intent using EMG signals alone or in combination with other sensors. A total of 1,331 papers were initially assessed and 121 were finally included in this systematic review. The literature showed that despite the burgeoning interest in research, controlling a leg prosthesis using EMG signals remains challenging. Specifically, regarding EMG signal quality and stability, electrode placement, prosthetic hardware, and control algorithms, all of which need to be more robust for everyday use. In the studies that were investigated, large variations were found between the control methodologies, type of research participant, recording protocols, assessments, and prosthetic hardware

Searching for Optimal Runtime Assurance via Reachability and Reinforcement Learning

A runtime assurance system (RTA) for a given plant enables the exercise of an untrusted or experimental controller while assuring safety with a backup (or safety) controller. The relevant computational design problem is to create a logic that assures safety by switching to the safety controller as needed, while maximizing some performance criteria, such as the utilization of the untrusted controller. Existing RTA design strategies are well-known to be overly conservative and, in principle, can lead to safety violations. In this paper, we formulate the optimal RTA design problem and present a new approach for solving it. Our approach relies on reward shaping and reinforcement learning. It can guarantee safety and leverage machine learning technologies for scalability. We have implemented this algorithm and present experimental results comparing our approach with state-of-the-art reachability and simulation-based RTA approaches in a number of scenarios using aircraft models in 3D space with complex safety requirements. Our approach can guarantee safety while increasing utilization of the experimental controller over existing approaches

A critical review of cyber-physical security for building automation systems

Modern Building Automation Systems (BASs), as the brain that enables the smartness of a smart building, often require increased connectivity both among system components as well as with outside entities, such as optimized automation via outsourced cloud analytics and increased building-grid integrations. However, increased connectivity and accessibility come with increased cyber security threats. BASs were historically developed as closed environments with limited cyber-security considerations. As a result, BASs in many buildings are vulnerable to cyber-attacks that may cause adverse consequences, such as occupant discomfort, excessive energy usage, and unexpected equipment downtime. Therefore, there is a strong need to advance the state-of-the-art in cyber-physical security for BASs and provide practical solutions for attack mitigation in buildings. However, an inclusive and systematic review of BAS vulnerabilities, potential cyber-attacks with impact assessment, detection & defense approaches, and cyber-secure resilient control strategies is currently lacking in the literature. This review paper fills the gap by providing a comprehensive up-to-date review of cyber-physical security for BASs at three levels in commercial buildings: management level, automation level, and field level. The general BASs vulnerabilities and protocol-specific vulnerabilities for the four dominant BAS protocols are reviewed, followed by a discussion on four attack targets and seven potential attack scenarios. The impact of cyber-attacks on BASs is summarized as signal corruption, signal delaying, and signal blocking. The typical cyber-attack detection and defense approaches are identified at the three levels. Cyber-secure resilient control strategies for BASs under attack are categorized into passive and active resilient control schemes. Open challenges and future opportunities are finally discussed.Comment: 38 pages, 7 figures, 6 tables, submitted to Annual Reviews in Contro