A runtime safety analysis concept for open adaptive systems

© Springer Nature Switzerland AG 2019. In the automotive industry, modern cyber-physical systems feature cooperation and autonomy. Such systems share information to enable collaborative functions, allowing dynamic component integration and architecture reconfiguration. Given the safety-critical nature of the applications involved, an approach for addressing safety in the context of reconfiguration impacting functional and non-functional properties at runtime is needed. In this paper, we introduce a concept for runtime safety analysis and decision input for open adaptive systems. We combine static safety analysis and evidence collected during operation to analyse, reason and provide online recommendations to minimize deviation from a system’s safe states. We illustrate our concept via an abstract vehicle platooning system use case

Decision Process in Human-Agent Interaction: Extending Jason Reasoning Cycle

The main characteristic of an agent is acting on behalf of humans. Then, agents are employed as modeling paradigms for complex systems and their implementation. Today we are witnessing a growing increase in systems complexity, mainly when the presence of human beings and their interactions with the system introduces a dynamic variable not easily manageable during design phases. Design and implementation of this type of systems highlight the problem of making the system able to decide in autonomy. In this work we propose an implementation, based on Jason, of a cognitive architecture whose modules allow structuring the decision-making process by the internal states of the agents, thus combining aspects of self-modeling and theory of the min

Architectural Homeostasis in Self-Adaptive Software-Intensive Cyber-Physical Systems

Self-adaptive software-intensive cyber-physical systems (sasiCPS) en-counter a high level of run-time uncertainty. State-of-the-art architecture-based self-adaptation approaches assume designing against a fixed set of situations that warrant self-adaptation; as a result, failures may appear when sasiCPS operate in environment conditions they are not specifically designed for. In response, we propose to increase the homeostasis of sasiCPS, i.e., the capacity to maintain an operational state despite run-time uncertainty, by introducing run-time changes to the architecture-based self-adaptation strategies according to environment stimuli. In addition to articulating the main idea of architectural homeostasis, we describe three mechanisms that reify the idea: (i) collaborative sensing, (ii) faulty component isolation from adaptation, and (iii) enhancing mode switching. More-over, our experimental evaluation of the three mechanisms confirms that allowing a complex system to change its self-adaptation strategies helps the system recover from runtime errors and abnormalities and keep it in an operational state

A runtime risk assessment concept for safe reconfiguration in open adaptive systems

Adaptivity is a consequential requirement for software systems that allow integration of components or devices at runtime. Dynamic integration of components and a subsequent reconfiguration during operation causes change in both functional and non-functional properties of the system. Since these systems often operate in Safety-Critical environment, safety becomes a crucial characteristic to be taken under consideration during reconfiguration. In this paper, we introduce a dynamic metrics based runtime risk assessment approach for safe reconfiguration in open adaptive systems. We combine design time safety analysis and runtime monitoring to evaluate risk factors of potential configurations of an adaptive component at runtime. Based on the evaluated risk factors the configurations are assigned a dynamic rank in an increasing order of their risk. During reconfiguration the adaptive component conforms to the ranking, thereby activating the configuration with lowest associated risk

IAS: an IoT Architectural Self-adaptation Framework

International audienceThis paper develops a generic approach to model control loops and their interac- tion within the Internet of Things (IoT) environments. We take advantage of MAPE-K loops to enable architectural self-adaptation. The system’s architectural setting is aligned with the adaptation goals and the components run-time situation and constraints. We introduce an integrated framework for IoT Architectural Self-adaptation (IAS) where functional control elements are in charge of environmental adaptation and autonomic control elements handle the functional system’s architectural adaptation. A Queuing Networks (QN) approach was used for modeling the IAS. The IAS-QN can model control levels and their interaction to perform both architectural and environmental adaptations. The IAS-QN was modeled on a smart grid system for the Melle-Longchamp area (France). Our architectural adaptation approach successfully set the propositions to enhance the performance of the electricity trans- mission system. This industrial use-case is a part of CPS4EU European industrial innovation pro ject

A DSL for MAPE patterns representation in self-adapting systems

In architecture-based self-adaptation, the adaptation logic is usually structured in terms of MAPE-K (Monitor-Analyze-Plan-Execute over a shared Knowledge) control loops dealing with the adaptation concerns of the managed system. In case of large, complex and decentralized systems, multiple interacting MAPE loops are introduced. Some common design patterns of interactive MAPE components have been proposed in the literature; however, a well-defined way to document them and to express the semantics of their interactions is still missing. This paper presents a domain-specific language, MAPE Specification Language (MSL), as modeling front-end to define and instantiate common patterns of interacting MAPE components when architecting the adaptation logic of a self-adaptive system. We also provide a semantic mapping (implemented by a model generator) to transform MSL descriptions of MAPE pattern instances into formal executable models based on the formalism of self-adaptive Abstract State Machines (ASMs). Such a mapping provides a link to the modeling back-end of ASMs for formally specifying and analyzing the behavior of instances of MAPE patterns

Gaining certainty about uncertainty: Testing cyber-physical systems in the presence of uncertainties at the application level

A cyber-physical system (CPS) comprises several connected, embedded systems and is additionally equipped with sensors and actuators. Thus, CPSs can communicate with their cyber environment and measure and interact with their physical environment. Due to the complexity of their operational environment, assumptions the manufacturer have made may not hold in operation. During an unforeseen environmental situation, a CPS may expose behavior that negatively impactsits reliability. This may arise due to insufficiently considered environmental conditions during the design of a CPS, or – even worse – it is impossible to anticipate such conditions. In the U-Test project, we are developing a configurable search-based testing framework that exploits information from functional testing and from declarative descriptions of uncertainties. Itaims at revealing unintended behavior in the presence of uncertainties. This framework enables testing for different scenarios of uncertainty and thus, allows to achieve a certain coverage of those, and to find unknown uncertainty scenarios

Combining Monitoring and AutonomousFeedback Requests to Elicit Actionable Knowledge of System Use

[Context and motivation] To validate developers’ ideas of what users might want and to understand user needs, it has been proposed to collect and combine system monitoring with user feedback. [Question/problem] So far, the monitoring data and feedback have been collected passively, hoping for the users to get active when problems emerge. This approach leaves unexplored opportunities for system improvement when users are also passive or do not know that they are invited to offer feedback. [Principal ideas/results] In this paper, we show how we have used goal monitors to identify interesting situations of system use and let a system autonomously elicit user feedback in these situations. We have used a monitor to detect interesting situations in the use of a system and issued automated requests for user feedback to interpret the monitoring observations from the users’ perspectives. [Contribution] The paper describes the implementation of our approach in a Smart City system and reports our results and experiences. It shows that combining system monitoring with proactive, autonomous feedback collection was useful and surfaced knowledge of system use that was relevant for system maintenance and evolution. The results were helpful for the city to adapt and improve the Smart City application and to maintain their internet-of-things deployment of sensors