Embedded Software and Systems Course @ UvA Continues to Evolve

The fall semester of the very special academic year 2020/2021 is over. Most of the students following the Master of Software Engineering program at the University of Amsterdam have just completed my course Embedded Software and Systems (ESS). The ESS course had changed in a three important ways this year.

Firstly, a generic lecture about Petri Nets was changed to a series about two lectures, explaining how Petri Nets can be used to model and analyze software interfaces and components. Part of the material for this course was reused from the course Modelling and Analysis of Component-based Systems (MOANA-CBS), developed together with Thales targeting an industrial audience. These new lectures also prime students nicely for a lecture about the DYNAMICS project, a research collaboration between ESI and Thales. This allows me to show how these models and analyses can be used in practice to address problems related to software evolution by detecting incompatibilities and generating adapters when updating software interfaces. A generic lecture about the data-flow model of computation was removed to create room for this new material, but I am happy to teach fewer modelling formalisms and have more time to go in depth and show how they can be used to solve industrial problems. A nice result of this change to the course is that three master students have accepted thesis projects in the area of modelling and analysis of software components and interfaces in collaboration with ESI under the supervision of myself and my colleague Debjyoti Bera.

Secondly, the course project was redeveloped this year. Previously, students used Mathworks Stateflow to program Lego Mindstorm EV3 rovers to follow a line, avoid obstacles, and count objects. However, this project felt a bit too much like a toy and there were technical problems with both rovers and tools that were hard to overcome and limited the education experience. In particular, it was not easily possible to see or influence how code was generated for the Lego Mindstorm robots, which felt like a missed opportunity when teaching model-based engineering. 

Two bachelor students did their theses in spring to evaluate the suitability of using the TurtleBot3 Burger robot, both in reality and in simulation using Gazebo, in the course. In addition, Stateflow was exchanged for Yakindu Statechart Tools, which is easier to use and gives us the flexibility we need in code generation. The new application developed in the project is to use Yakindu to program the TurtleBot to autonomously drive through a maze and map it.

Lastly, the COVID-19 pandemic required the entire course to be taught online. As a result, used a blended learning approach and prerecorded the lectures so that the students could watch them when they wanted to. Online interactive sessions were added to the course where the students could ask questions about the lectures, and participate in quizzes and group discussions. Online teaching meant that the students did not have access to the four physical TurtleBots that we had purchased. Luckily, the newly developed course project could be done with simulations in Gazebo. Below is a demo from one of the groups that very successfully solved the assignment. 

The ESS course is continuously evolving and maturing and next year will be no different. Most importantly, we hope that the pandemic will be over by then and that we can put our three physical TurtleBots to good use.

Design Methodologies for Cyber-physical Systems

In this short two minute presentation, I introduce myself and my fundamental and academic research into design methodologies for cyber-physical systems. I sketch a high-level view of the problem and outline a direction based on model-based engineering in which my previous work into domain-specific languages and analysis non-functional behavior fits. For a more elaborate description of my research, please have a look at my research page.

Paper Accepted at GPCE 2020

A paper entitled “PReGO: a Generative Methodology for Satisfying Real-Time Requirements on COTS-based Systems – Definition and Experience Report” was accepted for publication at the 19th International Conference on Generative Programming: Concepts & Experiences (GPCE). This is my first paper in collaboration with my new colleagues at the University of Amsterdam, and it describes work done in the TeamPlay project, a three-year research project funded by the EU Horizon 2020 research and innovation programme.

The paper addresses the problem of satisfying real-time requirements in industrial systems using unpredictable hardware and software, which limit or entirely prevent the application of established real-time analysis techniques. To this end, we propose PReGO, a generative methodology for satisfying real-time requirements in industrial commercial-off-the-shelf (COTS) systems. We report on our experience in applying PReGO to a use-case: a Search & Rescue application running on a fixed-wing drone with COTS components, including an NVIDIA Jetson board and a stock Ubuntu/Linux. We empirically evaluate the impact of each integration step and demonstrate the effectiveness of our methodology in meeting real-time application requirements in terms of deadline misses and energy consumption.

Component Modelling and Analysis (ComMA) in Bits & Chips

Bits & Chips just published an article about ComMA (Component Modelling and Analysis). ComMA addresses key design and verification challenges for complex systems comprising many components developed by different parties, challenges that are frequently encountered in the high-tech industry across application domains. The challenges are tackled by allowing structure and behavior of component interfaces to be formally specified using a set of domain-specific languages. From this specification, a number of artifacts are automatically generated, including system tests, run-time monitors that detect protocol violations, performance metrics, and documentation. Together, these artifacts reduce the time to design, integrate, and evolve complex high-tech systems, allowing the next generation of these systems to be developed faster and with higher quality.

ComMA was developed by ESI (TNO) in applied research projects with Philips. Successfully proving the approach in an industrial context at Philips has sparked interest from other companies, including Thermo Fisher Scientific, Thales, and Kulicke & Soffa. This eco-system of high-tech companies is expected to increase further as the ComMA tooling becomes open source as part of the Eclipse Foundation.

The article also mentions the applied research project DYNAMICS, for which I am the technical lead. Here, ESI and Thales have been looking at challenges and opportunities related to the evolution of interfaces. The strong point of interfaces is that they abstract from the component providing a particular functionality, allowing it to be changed or even replaced without compromising the overall functionality of the system. However, eventually the interfaces themselves need to be updated to prevent technical debt, and at that point all components relying on that interface are affected simultaneously. In the DYNAMICS project, we study how to automatically detect whether a change to the protocol of an interface is backwards compatible and if this is not the case, semi-automatically generate adapters that bridge the differences with previous versions. The benefit of this approach is that it reduces the time and cost of interface updates, allowing them to evolve faster and avoid creative workarounds that ultimately lead to unreliable systems and lower software quality. If you are interested in reading more about this work and how it leverages ComMA and Petri Net technology to achieve this, read this overview paper from last year.

Comma interfaces open the door to reliable high-tech systems

Bachelor Thesis on Synthetic Interface Generation Defended

Mohammed (Mo) Diallo just defended his bachelor thesis entitled “Towards the Scalability of Detecting and Correcting Incompatible Service Interfaces“. This work is carried out in the context of a project between ESI (TNO) and Thales that developed a five-step methodology for automatic detection and correction of behavioral incompatibilities resulting from evolving software interfaces (see paper for more details). Mo’s thesis provides a starting point for evaluating the scalability of the proposed methodology. An essential ingredient towards this is the ability to synthetically generate interfaces of various complexity. The thesis has two main contributions: 1) a notion of interface complexity in terms of inputs, outputs and non-determinism is defined and the relation between these parameters is studied, and 2) the methodology for a ComMA interface generator using user-supplied complexity parameters, and its implementation in a supporting tool, is introduced.

I would like to thank Mo for the excellent work he delivered in this thesis, and I am happy that he will continue working over summer to extend it.

Announcement of Appointment as Professor at UvA

The press release announcing my appointment as Professor at the University of Amsterdam is finally ready. Time to make them and ESI (TNO) proud!

The Chair of Design Methodologies for Cyber-Physical Systems focuses on two research areas. The first area considers design methodologies for cyber-physical systems in which abstraction, provided by models used for specification, analysis, simulation, or synthesis, play an essential role. While this area applies to cyber-physical systems in general, the second area focuses on design aspects of real-time systems. Together, these two areas capture much of my existing work in both academic (TU/e, CTU Prague, CISTER) and applied research (ESI) in different application domains and industries in which I have worked, e.g. avionics (Airbus), consumer electronics (Philips & NXP), and defense (Thales). They are also broad enough to sustain a long-term effort towards managing complexity of cyber-physical systems. For more information about the research, click the ‘Research‘ button in the menu at the top of the page.

My first mission will involve developing and teaching a course on Embedded Software and Systems, a course that is extremely relevant to our work at ESI. The course is primarily aimed at students following the Master in Software Engineering and teaches the fundamentals of embedded system development. This includes modelling systems using StateCharts, Petri Nets, Data-flow graphs, and Domain-Specific Languages, embedded hardware, functional and timing verification, and design-space exploration. I will also explain the industrial reality behind some of these aspects by drawing on my experience from projects at ESI.

During the course, the students will get practical experience with model-based engineering as they work in groups to program a LEGO Mindstorm Rover using Stateflow to autonomously follow a path, while avoiding obstacles. From this batch of students, I am hoping to find some promising ones that can help us make the next innovative steps in model-based engineering for complex cyber-physical systems for their thesis project.

Paper Acccepted at ModComp 2019

Our paper “Towards Continuous Evolution through Automatic Detection and Correction of Service Incompatibilities” has been accepted at the 6th International Workshop on Interplay of Model-driven and Component-Based Software Engineering (ModComp). ModComp takes place in September and is co-located with the MODELS conference in Munich.

The paper describes applied research from an industrial ESI project with goal of enabling continuous evolution of software in service-oriented architectures through automatic detection and correction of service incompatibilities. Towards this, the paper has three main contributions: 1) the state-of-the-art in the areas of specification of service interfaces, and detection and correction of incompatible service interactions is surveyed, 2) directions for a methodology to detect and correct incompatible interactions that is currently under development are discussed, and 3) the methodology is discussed in the context of a simplified industrial case study from the defense domain.

Book Chapter Published by Elsevier

I am pleased to announce that our chapter “Reducing Design Time and Promoting Evolvability using Domain-specific Languages in an Industrial Context” has been accepted for publication in the Elsevier book “Model Management and Analytics for Large Scale Systems“.

This work is the result of an industrial ESI project addressing the need for new methodologies to reduce development time, simplify customization, and improve evolvability of complex software systems. The chapter explains how these challenges are addressed by an approach to model-based engineering (MBE) based on domain-specific languages (DSLs). However, applying the approach in industry has resulted in 5 technical research questions, namely how to: RQ1) achieve modularity and reuse in a DSL ecosystem, RQ2) achieve consistency between model and realizations, RQ3) manage an evolving DSL eco-system, RQ4) ensure model quality, RQ5) ensure quality of generated code. The five research questions are explored in the context of the published state-of-the-art, as well as practically investigated through a case study from the defense domain.

Paper Accepted at MOMA3N

A paper entitled “Pain-mitigation Techniques for Model-based Engineering using Domain-specific Languages” has been accepted at the Special Session on Model Management And Analytics (MOMA3N), a workshop co-located with MODELSWARD 2018. This paper is my first publication related to my work at TNO-ESI, which focuses on model-based engineering (MBE), virtual prototyping, and domain-specific languages (DSLs).

This paper is an experience report from an investigation into how to mitigate the pains associated with a transition to a model-based design flow using DSLs. The contributions of the paper are: 1) a list of 14 pains related to MBE as a technology that is representative of our industrial partners designing high-tech systems in different domains, 2) a selected subset of six pains is positioned with respect to the state-of-the-practice, 3) practical experiences and pain-mitigation techniques from applying a model-based design process using DSLs to an industrial case study based on a Threat Ranking component of a Combat Management System, and 4) a list of three open issues that require further research.