Today, Bart-Jan Hilbrands, a master student from UvA supervised by myself and my ESI colleague Debjyoti Bera, successfully defended his master thesis “Verification of Inter-Dependent Interfaces in Component-Based Architectures”. The thesis considers formal verification of ComMA components with multiple interfaces with inter-dependent behavior, caused by three different types of functional constraints. The four main contributions of the thesis are: 1) A formalization of each type of interface constraint, defining how they should restrict behavior, 2) a set of assumptions, describing properties that help ComMA users avoid creating specifications with termination issues, 3) methods for encoding the behavior of these constraints into existing Petri net representations of interfaces, and 4) methods for validating whether a set of given constraints is encoded correctly into a given Petri net. The theory is supported by a prototype implementation ComMA.
Bart presented his thesis well and expertly answered questions from the committee. We thank Bart for his excellent work and wish him good luck is his future career. First off, he will continue working with me and Deb to publish his work as a paper.
The paper describes ESI’s current view on the field of System-Performance Engineering (SysPE). SysPE encompasses modeling formalisms, methods, techniques, and industrial practices to design systems for performance, where performance is taken integrally into account during the whole system life cycle. Industrial SysPE state of practice is generally model-based. Due to the rapidly increasing complexity of systems, there is a need to develop and establish model-driven methods and techniques. To structure the field of SysPE, the paper identifies: (1) industrial challenges motivating the importance of SysPE, (2) scientific challenges that need to be addressed to establish model-driven SysPE, (3) important focus areas for SysPE and (4) best practices. A survey was conducted to collect feedback on our views. The responses were used to update and validate the identified challenges, focus areas, and best practices. The final result is presented in this paper. Interesting observations are that industry sees a need for better design-space exploration support, more than for additional performance modeling and analysis techniques. Also tools and integral methods for SysPE need attention. From the identified focus areas, scheduling and supervisory control is seen as lacking established best practices.
The paper will be presented as a part of Industry Session 2 at ESWEEK on October 12. The second talk of that session presents why and how ITEC, Nexperia, a world-leading manufacturer of semiconductor equipment, is moving towards model-driven system-level development. The session ends with a moderated Q&A. Since ESWEEK is an online event this year, you can register for 20 USD if you want to attend the conference and the session.
Update: The video of the Industry session is now available:
ESI (TNO) was featured in the latest episode (Season 4 Episode 1) of Nederland Maakt Het, a program on RTL Z about Dutch organizations that develop of apply innovative technologies. In the segment, Wouter Leibbrandt, the Research and Operations director at ESI, explains that the Netherlands has a powerful high-tech industry, which is important to its competitiveness and earning power. To stay at the top and continue to develop excellent products in light of increasing system complexity, it is important to invest in research and development of new design methodologies. Big high-tech companies do this in an open innovation environment to address the challenges they face together. ESI is the applied research organization and knowledge partner that brings the industry and academic parties together into an eco-system to facilitate this.
In my role as part-time professor at UvA, I explain my view on open innovation and how universities contribute and get value from the eco-system. In the Embedded Software and Systems course at the University of Amsterdam, which is an academic partner of ESI since 2021, I discuss the increasing system complexity with my students and teach model-based engineering methodologies to help them address this challenge. I also supervise students that want to contribute to solving the complexity problem by doing their thesis project in with ESI or in industry. Lastly, Hein Otto Folkerts, the (former) head of Research at ASML, provides the industry view and explains the value of open innovation to ASML, one of the big high-tech companies in the Eindhoven region.
For those of you that missed the episode, it is available for online viewing on RTL XL. The segment about ESI starts at 14m30s and last for about 4 minutes. ESI also has a version of this segment in its own house style that is used for promotional purposes. This version is available here:
The fall semester of the very special academic year 2020/2021 is over. Most of the students following the Master of Software Engineering program at the University of Amsterdam have just completed my course Embedded Software and Systems (ESS). The ESS course had changed in a three important ways this year.
Firstly, a generic lecture about Petri Nets was changed to a series about two lectures, explaining how Petri Nets can be used to model and analyze software interfaces and components. Part of the material for this course was reused from the course Modelling and Analysis of Component-based Systems (MOANA-CBS), developed together with Thales targeting an industrial audience. These new lectures also prime students nicely for a lecture about the DYNAMICS project, a research collaboration between ESI and Thales. This allows me to show how these models and analyses can be used in practice to address problems related to software evolution by detecting incompatibilities and generating adapters when updating software interfaces. A generic lecture about the data-flow model of computation was removed to create room for this new material, but I am happy to teach fewer modelling formalisms and have more time to go in depth and show how they can be used to solve industrial problems. A nice result of this change to the course is that three master students have accepted thesis projects in the area of modelling and analysis of software components and interfaces in collaboration with ESI under the supervision of myself and my colleague Debjyoti Bera.
Secondly, the course project was redeveloped this year. Previously, students used Mathworks Stateflow to program Lego Mindstorm EV3 rovers to follow a line, avoid obstacles, and count objects. However, this project felt a bit too much like a toy and there were technical problems with both rovers and tools that were hard to overcome and limited the education experience. In particular, it was not easily possible to see or influence how code was generated for the Lego Mindstorm robots, which felt like a missed opportunity when teaching model-based engineering.
Two bachelor students did their theses in spring to evaluate the suitability of using the TurtleBot3 Burger robot, both in reality and in simulation using Gazebo, in the course. In addition, Stateflow was exchanged for Yakindu Statechart Tools, which is easier to use and gives us the flexibility we need in code generation. The new application developed in the project is to use Yakindu to program the TurtleBot to autonomously drive through a maze and map it.
Lastly, the COVID-19 pandemic required the entire course to be taught online. As a result, used a blended learning approach and prerecorded the lectures so that the students could watch them when they wanted to. Online interactive sessions were added to the course where the students could ask questions about the lectures, and participate in quizzes and group discussions. Online teaching meant that the students did not have access to the four physical TurtleBots that we had purchased. Luckily, the newly developed course project could be done with simulations in Gazebo. Below is a demo from one of the groups that very successfully solved the assignment.
The ESS course is continuously evolving and maturing and next year will be no different. Most importantly, we hope that the pandemic will be over by then and that we can put our three physical TurtleBots to good use.
I attended the online edition of Software-Centric Systems Conference (SC2) today. Although I prefer the networking and social aspects of a physical conference, it was nice to enjoy these presentations from the comfort of my couch.
It was interesting to see that most of the conference presentations were related to domain-specific languages (DSLs) in one way or another. There were also presentations about model-based testing and digital twinning. I am not sure if model-based engineering was an intentional theme, or if this is just what is considered interesting in software-centric systems in the Netherlands for the moment. However, this suggests that the applied research into model-based design methodologies done by ESI (TNO) together with its industrial eco-system is highly relevant.
A highlight for myself was the two presentations about the Component Modelling and Analysis (ComMA) DSL. This is not only because it relates to my research on evolvable interfaces, but also because of the main message that the industry can achieve a lot through open innovation in areas that are not their core business, such as specification, verification, and evolution of software interfaces. Great news that ComMA will become open-source in 2021!
In this short two minute presentation, I introduce myself and my fundamental and academic research into design methodologies for cyber-physical systems. I sketch a high-level view of the problem and outline a direction based on model-based engineering in which my previous work into domain-specific languages and analysis non-functional behavior fits. For a more elaborate description of my research, please have a look at my research page.
The paper addresses the problem of satisfying real-time requirements in industrial systems using unpredictable hardware and software, which limit or entirely prevent the application of established real-time analysis techniques. To this end, we propose PReGO, a generative methodology for satisfying real-time requirements in industrial commercial-off-the-shelf (COTS) systems. We report on our experience in applying PReGO to a use-case: a Search & Rescue application running on a fixed-wing drone with COTS components, including an NVIDIA Jetson board and a stock Ubuntu/Linux. We empirically evaluate the impact of each integration step and demonstrate the effectiveness of our methodology in meeting real-time application requirements in terms of deadline misses and energy consumption.
Bits & Chips just published an article about ComMA (Component Modelling and Analysis). ComMA addresses key design and verification challenges for complex systems comprising many components developed by different parties, challenges that are frequently encountered in the high-tech industry across application domains. The challenges are tackled by allowing structure and behavior of component interfaces to be formally specified using a set of domain-specific languages. From this specification, a number of artifacts are automatically generated, including system tests, run-time monitors that detect protocol violations, performance metrics, and documentation. Together, these artifacts reduce the time to design, integrate, and evolve complex high-tech systems, allowing the next generation of these systems to be developed faster and with higher quality.
ComMA was developed by ESI (TNO) in applied research projects with Philips. Successfully proving the approach in an industrial context at Philips has sparked interest from other companies, including Thermo Fisher Scientific, Thales, and Kulicke & Soffa. This eco-system of high-tech companies is expected to increase further as the ComMA tooling becomes open source as part of the Eclipse Foundation.
The article also mentions the applied research project DYNAMICS, for which I am the technical lead. Here, ESI and Thales have been looking at challenges and opportunities related to the evolution of interfaces. The strong point of interfaces is that they abstract from the component providing a particular functionality, allowing it to be changed or even replaced without compromising the overall functionality of the system. However, eventually the interfaces themselves need to be updated to prevent technical debt, and at that point all components relying on that interface are affected simultaneously. In the DYNAMICS project, we study how to automatically detect whether a change to the protocol of an interface is backwards compatible and if this is not the case, semi-automatically generate adapters that bridge the differences with previous versions. The benefit of this approach is that it reduces the time and cost of interface updates, allowing them to evolve faster and avoid creative workarounds that ultimately lead to unreliable systems and lower software quality. If you are interested in reading more about this work and how it leverages ComMA and Petri Net technology to achieve this, read this overview paper from last year.
Mohammed (Mo) Diallo just defended his bachelor thesis entitled “Towards the Scalability of Detecting and Correcting Incompatible Service Interfaces“. This work is carried out in the context of a project between ESI (TNO) and Thales that developed a five-step methodology for automatic detection and correction of behavioral incompatibilities resulting from evolving software interfaces (see paper for more details). Mo’s thesis provides a starting point for evaluating the scalability of the proposed methodology. An essential ingredient towards this is the ability to synthetically generate interfaces of various complexity. The thesis has two main contributions: 1) a notion of interface complexity in terms of inputs, outputs and non-determinism is defined and the relation between these parameters is studied, and 2) the methodology for a ComMA interface generator using user-supplied complexity parameters, and its implementation in a supporting tool, is introduced.
I would like to thank Mo for the excellent work he delivered in this thesis, and I am happy that he will continue working over summer to extend it.
The press release announcing my appointment as Professor at the University of Amsterdam is finally ready. Time to make them and ESI (TNO) proud!
The Chair of Design Methodologies for Cyber-Physical Systems focuses on two research areas.The first area considers design methodologies for cyber-physical systems in which abstraction, provided by models used for specification, analysis, simulation, or synthesis, play an essential role. While this area applies to cyber-physical systems in general, the second area focuses on design aspects of real-time systems. Together, these two areas capture much of my existing work in both academic (TU/e, CTU Prague, CISTER) and applied research (ESI) in different application domains and industries in which I have worked, e.g. avionics (Airbus), consumer electronics (Philips & NXP), and defense (Thales). They are also broad enough to sustain a long-term effort towards managing complexity of cyber-physical systems. For more information about the research, click the ‘Research‘ button in the menu at the top of the page.
My first mission will involve developing and teaching a course on Embedded Software and Systems, a course that is extremely relevant to our work at ESI. The course is primarily aimed at students following the Master in Software Engineering and teaches the fundamentals of embedded system development. This includes modelling systems using StateCharts, Petri Nets, Data-flow graphs, and Domain-Specific Languages, embedded hardware, functional and timing verification, and design-space exploration. I will also explain the industrial reality behind some of these aspects by drawing on my experience from projects at ESI.
During the course, the students will get practical experience with model-based engineering as they work in groups to program a LEGO Mindstorm Rover using Stateflow to autonomously follow a path, while avoiding obstacles. From this batch of students, I am hoping to find some promising ones that can help us make the next innovative steps in model-based engineering for complex cyber-physical systems for their thesis project.