Model-based Engineering Dominates Software-Centric Systems Conference

I attended the online edition of Software-Centric Systems Conference (SC2) today. Although I prefer the networking and social aspects of a physical conference, it was nice to enjoy these presentations from the comfort of my couch.

It was interesting to see that most of the conference presentations were related to domain-specific languages (DSLs) in one way or another. There were also presentations about model-based testing and digital twinning. I am not sure if model-based engineering was an intentional theme, or if this is just what is considered interesting in software-centric systems in the Netherlands for the moment. However, this suggests that the applied research into model-based design methodologies done by ESI (TNO) together with its industrial eco-system is highly relevant.

A highlight for myself was the two presentations about the Component Modelling and Analysis (ComMA) DSL. This is not only because it relates to my research on evolvable interfaces, but also because of the main message that the industry can achieve a lot through open innovation in areas that are not their core business, such as specification, verification, and evolution of software interfaces. Great news that ComMA will become open-source in 2021!

DYNAMICS Project in Keynote at Software-Centric Systems Conference

Two months ago, I mentioned that Bits & Chips had published an article about the ComMA (Component Modelling and Analysis) language and how it is being used in Philips and Thales to address challenges related to integration and evolution. The latter part, about semi-automatic detection and correction of interface incompatibilities as interfaces evolve is the topic of the DYNAMICS project, a research project between ESI (TNO) and Thales. This joint story, where two companies from different domains together presented their challenges and how it was addressed by technology developed by ESI was much appreciated by Bits & Chips and was invited as a keynote at the Software-Centric Systems Conference (SC2), which takes place on Thursday November 5. If you are interested in hearing this keynote, please register for the event. All presentations are also available on-demand after the event in case you cannot attend in real time.

Design Methodologies for Cyber-physical Systems

In this short two minute presentation, I introduce myself and my fundamental and academic research into design methodologies for cyber-physical systems. I sketch a high-level view of the problem and outline a direction based on model-based engineering in which my previous work into domain-specific languages and analysis non-functional behavior fits. For a more elaborate description of my research, please have a look at my research page.

Another Article in Real-time Systems Journal

An article entitled “Response Time Analysis of Multiframe Mixed-Criticality Systems with Arbitrary Deadlines” has been accepted for publication in Real-time Systems journal. This work is first authored by Ishfaq Hussain and is another collaboration with my former colleagues at CISTER. The article extends our RTNS 2019 paper “Response Time Analysis of Multiframe Mixed-Criticality Systems” that received both an Outstanding Paper Award and a Best Student Paper Award. The RTNS paper presented a schedulability analysis for the multi-frame mixed-criticality model, extending the static and dynamic analysis techniques for mixed-criticality scheduling and the schedulability analysis for multi-frame task systems.

The accepted journal article extends the RTNS paper by generalizing the proposed schedulability analyses from a constrained-deadline task model to the more general, but also more complex, model with arbitrary deadlines. The corresponding optimal priority assignment for our schedulability analysis is also identified. In experiments with synthetic workloads, the proposed analyses are compared in terms of scheduling success ratio, against the frame-agnostic analyses for the corresponding variants of the Vestal model.

Paper Accepted at GPCE 2020

A paper entitled “PReGO: a Generative Methodology for Satisfying Real-Time Requirements on COTS-based Systems – Definition and Experience Report” was accepted for publication at the 19th International Conference on Generative Programming: Concepts & Experiences (GPCE). This is my first paper in collaboration with my new colleagues at the University of Amsterdam, and it describes work done in the TeamPlay project, a three-year research project funded by the EU Horizon 2020 research and innovation programme.

The paper addresses the problem of satisfying real-time requirements in industrial systems using unpredictable hardware and software, which limit or entirely prevent the application of established real-time analysis techniques. To this end, we propose PReGO, a generative methodology for satisfying real-time requirements in industrial commercial-off-the-shelf (COTS) systems. We report on our experience in applying PReGO to a use-case: a Search & Rescue application running on a fixed-wing drone with COTS components, including an NVIDIA Jetson board and a stock Ubuntu/Linux. We empirically evaluate the impact of each integration step and demonstrate the effectiveness of our methodology in meeting real-time application requirements in terms of deadline misses and energy consumption.

Course on Modelling and Analysis of Component-based Systems

A course called “Modelling and Analysis of Component-based Systems” (MOANA-CBS) is being developed in collaboration with Thales as a part of the DYNAMICS project. The course addresses the challenge of overseeing the explosion of possible interactions between asynchronously communicating components in component-based systems. Some of these interactions may be undesirable and leave systems prone to deadlock, livelock, race conditions, and buffer overflows, reducing software quality. The course participants in the course learn how to mitigate this problem by modelling the behavior of components and interfaces using Petri Nets, a well-known formalism suitable for describing asynchronously communicating systems. Theory is linked to practice through demonstrations of relevant examples using the ComMA tool. Using properties and analysis methods for Petri Nets, they learn how to identify patterns in component and interface design that may cause the aforementioned problems, as well as design guidelines for how to avoid them. The course is taught using a combination of lectures, assignments, demonstrations, discussions, and reflection.

We piloted parts of the course at Van der Valk Hotel in Arnhem on October 7 and 8, attended by 12 software architects from Thales and Luminis. The course was positioned as a part of their Accelerate program, which aims to accelerate young architects from the two companies into a more senior role. We felt that the delivery of the course went well and evaluations from the participants suggests it was well-received. The evaluation of this pilot also highlighted some further points for improvement that will be considered going forward.

Component Modelling and Analysis (ComMA) in Bits & Chips

Bits & Chips just published an article about ComMA (Component Modelling and Analysis). ComMA addresses key design and verification challenges for complex systems comprising many components developed by different parties, challenges that are frequently encountered in the high-tech industry across application domains. The challenges are tackled by allowing structure and behavior of component interfaces to be formally specified using a set of domain-specific languages. From this specification, a number of artifacts are automatically generated, including system tests, run-time monitors that detect protocol violations, performance metrics, and documentation. Together, these artifacts reduce the time to design, integrate, and evolve complex high-tech systems, allowing the next generation of these systems to be developed faster and with higher quality.

ComMA was developed by ESI (TNO) in applied research projects with Philips. Successfully proving the approach in an industrial context at Philips has sparked interest from other companies, including Thermo Fisher Scientific, Thales, and Kulicke & Soffa. This eco-system of high-tech companies is expected to increase further as the ComMA tooling becomes open source as part of the Eclipse Foundation.

The article also mentions the applied research project DYNAMICS, for which I am the technical lead. Here, ESI and Thales have been looking at challenges and opportunities related to the evolution of interfaces. The strong point of interfaces is that they abstract from the component providing a particular functionality, allowing it to be changed or even replaced without compromising the overall functionality of the system. However, eventually the interfaces themselves need to be updated to prevent technical debt, and at that point all components relying on that interface are affected simultaneously. In the DYNAMICS project, we study how to automatically detect whether a change to the protocol of an interface is backwards compatible and if this is not the case, semi-automatically generate adapters that bridge the differences with previous versions. The benefit of this approach is that it reduces the time and cost of interface updates, allowing them to evolve faster and avoid creative workarounds that ultimately lead to unreliable systems and lower software quality. If you are interested in reading more about this work and how it leverages ComMA and Petri Net technology to achieve this, read this overview paper from last year.

Comma interfaces open the door to reliable high-tech systems

Bachelor Theses on using TurtleBots for Embedded Systems Education

Two bachelor theses one the use of TurtleBot3 for embedded system education have just been finalized. The first thesis by Mirka Schoute is entitled “Application Programming for Embedded Systems in Education on TurtleBot3 using Statecharts” and investigates whether an existing lab project based on Lego Mindstorm EV3 and Stateflow can be replaced by a similar lab project using TurtleBot3 and Yakindu Statechart Tools. It compares the robot platform and the statechart tools in terms of features, and redesigns the lab project to contain the same educational challenges. The main conclusion is that the redesigned project based on TurtleBot3 and Yakindu Statechart Tools are a suitable replacement for old project and provides better opportunities for further development on the project going forward. Based on the results of this thesis, we have decided to change the robot and tooling for the lab project in the academic year 2020/2021. We are happy to announce that Mirka continues working with us over summer to further extend his work and prepare it for student consumption.

The second thesis is written by Louis van Zutphen and is entitled “Gazebo Simulation Fidelity for the Turtlebot3 Burger“. This work studies how well simulation of TurtleBot3 in the simulation environment Gazebo captures the real behavior of the robot. Tests of sensors and actuators are created both in simulation and reality and results are compared. The conclusion is that code developed and tested with Gazebo is easy to deploy on the TurtleBot, but that there are numerous differences between the real robot and environment and their corresponding models in Gazebo that affect the fidelity. Most of these differences can be managed as long as the programmer is aware of them, allowing the amount of time required with the physical robot to be greatly reduced. This work has convinced us that we do not need to buy a TurtleBot for each group of students, but that we can significantly reduce the cost of the lab by efficiently sharing them.

TurtleBot following a wall while avoiding obstacles and counting pieces of reflective tape.

Bachelor Thesis on Synthetic Interface Generation Defended

Mohammed (Mo) Diallo just defended his bachelor thesis entitled “Towards the Scalability of Detecting and Correcting Incompatible Service Interfaces“. This work is carried out in the context of a project between ESI (TNO) and Thales that developed a five-step methodology for automatic detection and correction of behavioral incompatibilities resulting from evolving software interfaces (see paper for more details). Mo’s thesis provides a starting point for evaluating the scalability of the proposed methodology. An essential ingredient towards this is the ability to synthetically generate interfaces of various complexity. The thesis has two main contributions: 1) a notion of interface complexity in terms of inputs, outputs and non-determinism is defined and the relation between these parameters is studied, and 2) the methodology for a ComMA interface generator using user-supplied complexity parameters, and its implementation in a supporting tool, is introduced.

I would like to thank Mo for the excellent work he delivered in this thesis, and I am happy that he will continue working over summer to extend it.

Article Accepted in IEEE Transactions on Computers

Anna Minaeva, who recently received her PhD degree, just had a journal article entitled “Control Performance Optimization for Application Integration on Automotive Architectures” accepted for publication in IEEE Transactions on Computers. This article is the result of a HiPEAC collaboration grant that Anna was awarded back in 2016 to visit the group of Samarjit Chakraborty at TU Munich. I am very happy to see that this grant resulted in a joint publication in a prestigious journal and hope to collaborate with Samarjit again in the future.

The article addresses the problem of generating a time-triggered schedule for a number of independently developed automotive applications on a number of shared resources, such that their control performance only suffers minimal degradation. The three main contributions are: 1) a constraint programming model that solves the problem optimally, exploiting properties of the problem to reduce the computation time; 2) a fast heuristic called Flexi that only has a minor impact on the optimality of the solution; and 3) an experimental evaluation of the scalability and efficiency of the proposed approaches on a case study, in addition to several synthetic datasets. The results show that the heuristic provides a solution on average 5 times faster, finding a feasible solution in 31% more problem instances than the optimal approach within a time limit, while only sacrificing 0.5% of the control performance quality for the largest dataset.