CESEC Chair – Training Embedded System Architects for the Critical Systems Domain

Increasing complexity and interactions across scientific and tech- nological domains in the engineering of critical systems calls for new pedagogical approach. In this paper, we introduce the CESEC teaching chair. This chair aims at supporting new integrative ap- proach for the initial training of engineer and master curriculum to three engineering school in Toulouse: ISAE, INSA Toulouse and INP ENSEEIHT. It is supported by the EADS Corporate Foundation. In this paper, we highlight the rationale for this chair: need for sys- tem architect with strong foundations on technical domains appli- cable to the aerospace industry. We then introduce the ideal profile for this architect and the various pedagogical approaches imple- mented to reach this objective

A group learning management method for intelligent tutoring systems

In this paper we propose a group management specification and execution method that seeks a compromise between simple course design and complex adaptive group interaction. This is achieved through an authoring method that proposes predefined scenarios to the author. These scenarios already include complex learning interaction protocols in which student and group models use and update are automatically included. The method adopts ontologies to represent domain and student models, and object Petri nets to specify the group interaction protocols. During execution, the method is supported by a multi-agent architecture

Distributed Simulation of Heterogeneous and Real-time Systems

This work describes a framework for distributed simulation of cyber-physical systems (CPS). Modern CPS comprise large numbers of heterogeneous components, typically designed in very different tools and languages that are not or not easily composeable. Evaluating such large systems requires tools that integrate all components in a systematic, well-defined manner. This work leverages existing frameworks to facilitate the integration offers validation by simulation. A framework for distributed simulation is the IEEE High-Level Architecture (HLA) compliant tool CERTI, which provides the infrastructure for co-simulation of models in various simulation environments as well as hardware components. We use CERTI in combination with Ptolemy II, an environment for modeling and simulating heterogeneous systems. In particular, we focus on models of a CPS, including the physical dynamics of a plant, the software that controls the plant, and the network that enables the communication between controllers. We describe the Ptolemy extensions for the interaction with HLA and demonstrate the approach on a flight control system simulation

Time Management of Heterogeneous Distributed Simulation

Cyber-physical systems (CPS), by their very nature, mix continuous and discrete behavior and are modeled by heterogeneous components. Formal analysis cannot always handle such complex systems and simulation is a necessary step. In particular, distributed simulation is very useful for the validation of CPS for two main reasons: either the CPS itself is distributed (e.g., a fleet of UAVs) or the CPS is too complex and/or has too much models (e.g., an aircraft). We discuss in this paper the impact of distributing the simulation of a system: which are the rules that must be applied to guarantee a correct behavior between the different simulators? If a centralized simulation already exists (using Discrete Event simulation), which hypothesis must be made for the Distributed Discrete Event simulation? The co-simulation framework used and discussed in this work is Ptolemy-HLA. It allows a Ptolemy model to be distributed using the high-level architecture (HLA) standard

Uncertainty handling in quantitative BDD-based fault-tree analysis by interval computation

In fault-tree analysis probabilities of failure of components are often assumed to be precise. However this assumption is seldom verified in practice. There is a large literature on the computation of the probability of the top (dreadful) event of the fault-tree, based on the representation of logical formulas in the form of a binary decision diagram (BDD). When probabilities of atomic propositions are ill-known and modelled by intervals, BDD-based algorithms no longer apply to the computation of the top probability interval. This paper investigates this question, and proposes an approach based on interval methods, relying on the analysis of the structure of the Boolean formula representing the fault-tree. The considered application deals with the reliability of aircraft operations

Evaluating the Uncertainty of a Boolean Formula with Belief Functions

In fault-tree analysis, probabilities of failure of components are often assumed to be precise and the events are assumed to be inde- pendent, but this is not always verified in practice. By giving up some of these assumptions, results can still be computed, even though it may require more expensive algorithms, or provide more imprecise results. Once compared to those obtained with the simplified model, the impact of these assumptions can be evaluated. This paper investigates the case when probability intervals of atomic propositions come from independent sources of information. In this case, the problem is solved by means of belief functions. We provide the general framework, discuss computation methods, and compare this setting with other approaches to evaluating the uncertainty of formulas

Controle digital usando microcomputador de 16 BITS com aritmética de ponto fixo

Dissertação (mestrado) - Universidade Federal de Santa Catarina, Centro Tecnológico. Programa de Pós-Graduação em Engenharia Elétrica

Les aspects temporels qualitatifs et quantitatifs dans les systèmes embarqués

Je présente mes travaux qui se situent à différentes étapes du cycle de vie d'un système. Certains de mes travaux concernent l'expression des besoins et plus précisément le passage d'une expression semi-formelle des besoins (diagrammes UML) à leur expression formelle (réseau de Petri) pour des besoins de vérification. D'autres travaux concernent les phases de conception et de mise en oeuvre en s'appuyant sur des systèmes multi-agents, et des réseaux de Petri avec ou sans information imprécise (floue). Une partie de mes travaux traite des aspects formels avec la vérification de réseaux de Petri temporels et temporels flous. Ces travaux ont en commun un même outil de base, les réseaux de Petri, et se trouvent à l'intersection de différentes disciplines, faisant appel par exemple à la logique linéaire, la théorie des possibilités, le raisonnement temporel et UML. Ils sont organisés en quatre unités thématiques : - la sémantique des diagrammes UML décrivant la dynamique, - la vérification et mise en oeuvre de systèmes à événements discrets, - la spécification de contraintes floues, - la spécification et vérification de contraintes temporelles quantitatives imprécises et floues

Possibilistic WorkFlow nets to deal with non-conformance in Process Execution

In this paper, an approach based on WorkFlow nets and on possibilistic Petri nets is proposed to deal with non- conformance in Business Processes. Routing patterns existing in Business Process are modeled by WorkFlow nets. To express in a more realistic way the uncertainty attached to human activities, possibilistic Petri nets with uncertainty on the marking and on the transition firing are considered. Combining both formalisms, a kind of possibilistic WorkFlow net is obtained. An example of deviation at a process monitoring level due to human behavior in a “Handle Complaint Process” is presented

Inconsistency recovery in Business Processes using a possibilistic WorkFlow net

In this paper, an approach based on WorkFlow nets and on possibilistic Petri nets is proposed to deal with non- conformance in Business Processes. Routing patterns existing in Business Processes are modeled by WorkFlow nets. To express in a more realistic way the uncertainty attached to human activities, possibilistic Petri nets with uncertainty on the marking and on the transition firing are considered. Combining both formalisms, a kind of possibilistic WorkFlow net is obtained. An example of inconsistency recovery at a process monitoring level due to human behavior in a “Handle Complaint Process” is presented