Advances in sensing, embedded computing, and communication technologies offer unprecedented opportunities to add “intelligence” into physical systems and enable the creation of Instrumented Cyber- Physical Spaces (ICPSs). Example critical infrastructures include airports, energy distribution networks, and organizations such as schools and hospitals. Example critical applications range from surveillance to security and situation-aware emergency response. For ICPSs to transform our lives through new functionality, robustness, and efficiency, they must provide dependable infrastructure components in the presence of failures and disruptions and generate dependable information in the face of errors in sensing, communications, and computations. Dynamic adaptability of large ICPSs that employ heterogeneous sensing and actuation technologies becomes the fundamental enabler for dependable ICPSs.
Dependability, as defined by the IFIP 10.4 Working Group on Dependable Computing and Fault Tolerance, refers to the trustworthiness of computing systems that allows reliance to be justifiably placed on the services it delivers. Dependability constitutes a variety of non-functional requirements including availability, reliability, maintainability, safety, and integrity. In the context of ICPS, dependability can broadly be classified at two interdependent levels that, combined, can provide a trustworthy platform for building applications:
• Infrastructure Dependability – how dependable are the underlying infrastructure components (e.g., sensors, networks, actuators, computing/storage elements, software environments) in the presence of diverse failures that may lead to disruptions, and
• Information Dependability – how dependable is the information generated by the underlying infrastructure given errors/uncertainty in sensor readings and data analysis mechanisms.
In this project, we are expoiting an “observe-analyze-adapt” (OAA) architecture in which an ICPS has a model of itself, its objectives, and its effects on the environment; the ICPS achieves dependability objectives through adaptation using runtime application of formal analysis methods. The proposed dependability techniques are cross-layer in nature and range from combining multiple networking and messaging technologies to adaptive sensing and information fusion.
Figure 1 illustrates our approach to designing ICPS management software - using OAA approach where a self- observing, introspecting system will initiate a logical adaptation of its components to meet dependability needs. ICPS systems and devices (designed using a cross-layer architecture) supply dynamic streams of information that are used by application which in turn adapt the usage and execution of the infrastructure. Since ICPS systems are dynamic, observation and monitoring of a system and its evolution is critical to enabling dependability. At the heart of the system is the ICPS StateDB that implements the “observe” aspect of the OAA cycle. A formal modeling and reasoning component allows for concrete specification of the ICPS system and analyzes the current system state to reason about the dependability properties; providing a limited, but focused “analyze” component in the OAA cycle. The outcome of the analysis will help us generate adaptations that comply with dependability constraints. The adaptation component makes changes to deal with dynamics in the environment, implements human-driven changes by embedding human activities and human-in-the-loop decisions, and deploys the logical adaptations into the physical ICPS infrastructure. A key feature of our approach (see right side of Figure 2) is the ability to perform cross-layer analysis and adaptation, both vertically (i.e., across abstraction layers ranging from the application, to middleware, OS, and hardware) and horizontally, across geographically distributed components interconnected via multiple, heterogeneous networks. Thus OAA at the infrastructure level enables stability of the entire operational infrastructure. The proposed effort focuses on system-level techniques for dependable CPS operation – human interactions occur via applications that specify their dependability needs.
There are four main research tasks included in our project:
1.Dependable, Cross-Layer Observation and State Management
2.Formal Methods for CPS System Dependability Analysis
3.Adaptations to Support Infrastructure Dependability
4.Adaptations to Support Information Dependability
Research Task 1 corresponds to the observe step in OAA. In this task we will generate a cross-layer specification of the underlying system, its abilities and application dependability needs using quantitative and qualitative analysis and design an ICPS state capture service. For the analyze step, we use lightweight formal methods to analyze the current state of the system, given an infrastructure and application to determine violations of dependability needs (Task 2). Finally, the adapt step is investigated in Research Tasks 3 and 4 where adaptations are designed to enhance infrastructure and information dependability.
We aim to develop: (1) an array of specific cross-layer adaptation techniques to support infrastructure and information dependability in ICPSs using the OAA paradigm, (2) a formal modeling framework supporting executable formal models to maintain runtime system models and formal analysis techniques to guide the adaptation process, and (3) the incorporation of (1) and (2) into middleware services that provide dependability-aware ICPS state management and adaptation. Responsphere/I-sensorium, are real, NSF-funded ICPS infrastructure on the University of California at Irvine (UCI) campus will be used to identify research challenges, concretize our research, and test and validate our ideas with an emergency response application (situational awareness in firefighting). We will build on our experience and software developed in the DHS-funded project SAFIRE and prior NSF project RESCUE to use Responsphere in testing for emergency drills planned in collaboration with our first responder partners.
CYPRESS 2011 Poster
This material is based upon work supported by the National Science Foundation under ward Numbers 1063596, 1059436. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation