Dynamic Composition of Cyber-Physical Systems

Future cyber-physical systems must fulfill strong demands on timeliness and reliability, so that the safety of their operational environment is never violated. At the same time, such systems are networked computers with the typical demand for reconfigurability and software modification. The combination of both expectations makes established modeling and analysis techniques difficult to apply, since they cannot scale with the number of possible operational constellations resulting from the dynamics. The problem increases when components with different non-functional demands are combined to one cyber-physical system and updated independent from each other. We propose a new approach for the design and development of composable, dynamic and dependable software architectures, with a focus on the area of networked embedded systems. Our key concept is the specification of software components and their non-functional composition constraints in the formal language TLA+. We discuss how this technique can be embedded in an overall software design workflow, and show the practical applicability with a detailed resource scheduling example

Real Time in a TLA-Based Theory of Reactive Systems

A practical theory for operational specification of reactive systems is described. Reasoning on temporal properties is made possible at high levels of abstraction, and rigorous refinement towards implementation is supported. The paper discusses how the underlying logic, execution model, and refinement methods fit together, and how object-orientation, distribution, and real time are supported. A closer look is taken on the specification of real-time properties. The approach is illustrated by a logically layered specification of simple mobile robot control software. 1 Introduction Since conventional thinking of software engineering is dominated by languages, tools, and informal design methods, their inherent complexities burden most attempts to provide theoretical understanding of the fundamentals. In particular, an appropriate theory should allow to ignore unnecessary detail at the level of specification. Ideally, specification languages and tools should also reflect an underlying theo..