Architecture framework of IoT-based food and farm systems: A multiple case study

The Internet of Things (IoT) is expected to be a real game changer in food and farming. However, an important challenge for large-scale uptake of IoT is to deal with the huge heterogeneity of this domain. This paper develops and applies an architecture framework for modelling IoT-based systems in the agriculture and food domain. The framework comprises a coherent set of architectural viewpoints and a guideline to use these viewpoints to model architectures of individual IoT-based systems. The framework is validated in a multiple case study of the European IoF2020 project, including different agricultural sub sectors, conventional and organic farming, early adopters and early majority farmers, and different supply chain roles. The framework provides a valuable help to model, in a timely, punctual and coherent way, the architecture of IoT-based systems of this diverse set of use cases. Moreover, it serves as a common language for aligning system architectures and enabling reuse of architectural knowledge among multiple autonomous IoT-based systems in agriculture and food

System Capability Feedback-Cycles in Automotive Software Development

Context: The automotive industry is currently going through rapid change, driven by new technology; for example, electrification, autonomous driving, and connected cars. This new technology is largely based on electronics and software, and vehicles are increasingly becoming software-intensive systems. This affects how vehicles are developed, as automotive companies seek to adopt processes used in development of software-only systems, to gain the benefits of development speed and quick learning cycles possible in software development. Where sequential processes were previously the norm, automotive companies now aim to use agile methods at company-scale. Given the safety-critical nature of vehicles, and the mix software, hardware, and mechanical parts, this is challenging.Objective: This thesis explores how system-level feedback capabilities can be achieved in development of automotive systems.Method: To investigate a real-world setting, empirical methods are a natural choice. As an overarching research strategy, field studies are conducted at automotive companies. Over four studies, qualitative data is collected through semi-structured and structured interviews, focus groups, and workshops. The data is analyzed using adaptable methods, such as thematic coding. These qualitative approaches allow for open-ended questions, which are suitable for exploratory research.Findings: Transitioning towards agility changes the role of architecture, requirements, and in general of system-level artifacts previously finalized during early development phases. Nevertheless, what is covered by architecture and requirements still needs to be handled. They contain accumulated expertise, and fundamental concerns, such as safety, remain. However, automotive companies need to handle an increased importance of software for new feature development. Continuing business-as-usual is not an option.Conclusion: To achieve feedback capabilities on the system-level, there is a need for tools and methods allowing artifacts on higher levels of abstraction, for example architecture descriptions and requirements, to be modified and evolve over the entire course of development

Model-Driven Methodology for Rapid Deployment of Smart Spaces based on Resource-Oriented Architectures

Advances in electronics nowadays facilitate the design of smart spaces based on physical mash-ups of sensor and actuator devices. At the same time, software paradigms such as Internet of Things (IoT) and Web of Things (WoT) are motivating the creation of technology to support the development and deployment of web-enabled embedded sensor and actuator devices with two major objectives: (i) to integrate sensing and actuating functionalities into everyday objects, and (ii) to easily allow a diversity of devices to plug into the Internet. Currently, developers who are applying this Internet-oriented approach need to have solid understanding about specific platforms and web technologies. In order to alleviate this development process, this research proposes a Resource-Oriented and Ontology-Driven Development (ROOD) methodology based on the Model Driven Architecture (MDA). This methodology aims at enabling the development of smart spaces through a set of modeling tools and semantic technologies that support the definition of the smart space and the automatic generation of code at hardware level. ROOD feasibility is demonstrated by building an adaptive health monitoring service for a Smart Gym

A Compositional Approach to Creating Architecture Frameworks with an Application to Distributed AI Systems

Artificial intelligence (AI) in its various forms finds more and more its way into complex distributed systems. For instance, it is used locally, as part of a sensor system, on the edge for low-latency high-performance inference, or in the cloud, e.g. for data mining. Modern complex systems, such as connected vehicles, are often part of an Internet of Things (IoT). To manage complexity, architectures are described with architecture frameworks, which are composed of a number of architectural views connected through correspondence rules. Despite some attempts, the definition of a mathematical foundation for architecture frameworks that are suitable for the development of distributed AI systems still requires investigation and study. In this paper, we propose to extend the state of the art on architecture framework by providing a mathematical model for system architectures, which is scalable and supports co-evolution of different aspects for example of an AI system. Based on Design Science Research, this study starts by identifying the challenges with architectural frameworks. Then, we derive from the identified challenges four rules and we formulate them by exploiting concepts from category theory. We show how compositional thinking can provide rules for the creation and management of architectural frameworks for complex systems, for example distributed systems with AI. The aim of the paper is not to provide viewpoints or architecture models specific to AI systems, but instead to provide guidelines based on a mathematical formulation on how a consistent framework can be built up with existing, or newly created, viewpoints. To put in practice and test the approach, the identified and formulated rules are applied to derive an architectural framework for the EU Horizon 2020 project ``Very efficient deep learning in the IoT" (VEDLIoT) in the form of a case study

Learning for Multi-robot Cooperation in Partially Observable Stochastic Environments with Macro-actions

This paper presents a data-driven approach for multi-robot coordination in partially-observable domains based on Decentralized Partially Observable Markov Decision Processes (Dec-POMDPs) and macro-actions (MAs). Dec-POMDPs provide a general framework for cooperative sequential decision making under uncertainty and MAs allow temporally extended and asynchronous action execution. To date, most methods assume the underlying Dec-POMDP model is known a priori or a full simulator is available during planning time. Previous methods which aim to address these issues suffer from local optimality and sensitivity to initial conditions. Additionally, few hardware demonstrations involving a large team of heterogeneous robots and with long planning horizons exist. This work addresses these gaps by proposing an iterative sampling based Expectation-Maximization algorithm (iSEM) to learn polices using only trajectory data containing observations, MAs, and rewards. Our experiments show the algorithm is able to achieve better solution quality than the state-of-the-art learning-based methods. We implement two variants of multi-robot Search and Rescue (SAR) domains (with and without obstacles) on hardware to demonstrate the learned policies can effectively control a team of distributed robots to cooperate in a partially observable stochastic environment.Comment: Accepted to the 2017 IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS 2017

Architecture-driven fault-based testing for software safety

Ankara : The Department of Computer Engineering and the Graduate School of Engineering and Science of Bilkent University, 2014.Thesis (Master's) -- Bilkent University, 2014.Includes bibliographical references leaves 159-166.A safety-critical system is defined as a system in which the malfunctioning of software could result in death, injury or damage to environment. To mitigate these serious risks the architecture of safety-critical systems need to be carefully designed and analyzed. A common practice for modeling software architecture is the adoption of architectural perspectives and software architecture viewpoint approaches. Existing approaches tend to be general purpose and do not explicitly focus on safety concern in particular. To provide a complementary and dedicated support for designing safety-critical systems we propose safety perspective and an architecture framework approach for software safety. Once the safety-critical systems are designed it is important to analyze these for fitness before implementation, installation and operation. Hereby, it is important to ensure that the potential faults can be identified and cost-effective solutions are provided to avoid or recover from the failures. In this context, one of the most important issues is to investigate the effectiveness of the applied safety tactics to safety-critical systems. Since the safety-critical systems are complex systems, testing of these systems is challenging and very hard to define proper test suites for these systems. Several fault-based software testing approaches exist that aim to analyze the quality of the test suites. Unfortunately, these approaches do not directly consider safety concern and tend to be general purpose and they doesn’t consider the applied the safety tactics. We propose a fault-based testing approach for analyzing the test suites using the safety tactic and fault knowledge.Gürbüz, Havva GülayM.S

Contracts for Systems Design: Methodology and Application cases

Recently, contract based design has been proposed as an ”orthogonal” approach that can beapplied to all methodologies proposed so far to cope with the complexity of system design. Contract baseddesign provides a rigorous scaffolding for verification, analysis and abstraction/refinement. Companionreport RR-8759 proposes a unified treatment of the topic that can help in putting contract-based design in perspective.This paper complements RR-8759 by further discussing methodological aspects of system design withcontracts in perspective and presenting two application cases.The first application case illustrates the use of contracts in requirement engineering, an area of system designwhere formal methods were scarcely considered, yet are stringently needed. We focus in particular to thecritical design step by which sub-contracts are generated for suppliers from a set of different viewpoints(specified as contracts) on the global system. We also discuss important issues regarding certification inrequirement engineering, such as consistency, compatibility, and completeness of requirements.The second example is developed in the context of the Autosar methodology now widely advocated inthe automotive sector. We propose a contract framework to support schedulability analysis, a key step inAutosar methodology. Our aim differs from the many proposals for compositional schedulability analysisin that we aim at defining sub-contracts for suppliers, not just performing the analysis by parts—we knowfrom companion paper RR-8759 that sub-contracting to suppliers differs from a compositional analysis entirelyperformed by the OEM. We observe that the methodology advocated by Autosar is in contradiction withcontract based design in that some recommended design steps cannot be refinements. We show how tocircumvent this difficulty by precisely bounding the risk at system integration phase. Another feature ofthis application case is the combination of manual reasoning for local properties and use of the formalcontract algebra to lift a collection of local checks to a system wide analysis

Optimizing the Automotive Security Development Process in Early Process Design Phases

Security is a relatively new topic in the automotive industry. In the former days, the only security defense methods were the engine immobilizer and the anti-theft alarm system. The rising connection of vehicles to external networks made it necessary to extend the security effort by introducing security development processes. These processes include, amongothers, risk analysis and treatment steps. In parallel, the development of ISO/SAE 21434 and UN-ECE No. R155 started. The long development cycles in the automotive industry made it necessary to align the development processes' early designs with the standards' draft releases. This work aims to design a new consistent, complete and efficient security development process, aligned with the normative references. The resulting development process design aligns with the overall development methodology of the underlying, evaluated development process. Use cases serve as a basis for evaluating improvements and the method designs. This work concentrates on the left leg of the V-Model. Nevertheless, future work targets extensions for a holistic development approach for safety and security.:I. Foundation 1. Introduction 2. Automotive Development 3. Methodology II. Meta-Functional Aspects 4. Dependability as an Umbrella-Term 5. Security Taxonomy 6. Terms and Definitions III. Security Development Process Design 7. Security Relevance Evaluation 8. Function-oriented Security Risk Analysis 9. Security Risk Analysis on System Level 10. Risk Treatment IV. Use Cases and Evaluation 11. Evaluation Criteria 12. Use Case: Security Relevance Evaluation 13. Use Case: Function-oriented Security Risk Analysis 14. Use Case: System Security Risk Analysis 15. Use Case: Risk Treatment V. Closing 16. Discussion 17. Conclusion 18. Future Work Appendix A. Attacker Model Categories and Rating Appendix B. Basic Threat Classes for System SRA Appendix C. Categories of Defense Method Propertie