integrated design and analysis tools for software-based control systems software enabled control
DESCRIPTION
Integrated Design and Analysis Tools for Software-based Control Systems Software Enabled Control. Lead Investigators Shankar Sastry Edward A. Lee Tom Henzinger Alberto Sangiovanni-Vincentelli Other Investigators Luca Berardi Luca de Alfaro Magnus Egerstedt - PowerPoint PPT PresentationTRANSCRIPT
SEC Kickoff - 1
Integrated Design and Analysis Tools for Software-based Control Systems Software Enabled Control Lead Investigators
Shankar SastryEdward A. LeeTom HenzingerAlberto Sangiovanni-VincentelliOther Investigators Luca Berardi Luca de Alfaro Magnus Egerstedt Laurent El Ghaoui Ben Horowitz Karl Johansson John Koo Jie Liu Xiaojun Liu John Lygeros Rupak Majumdar George Pappas Santosh Philip Claudio Pinello Maria Prandini Shahid Rashid Jean-Francois Raskin Shawn M. Schaffert Hyunchul Shim Bruno Sinopoli Slobodan Simic Rene Vidal
OCP Participation SummaryUC Berkeley
SEC Kickoff - 2
Objectives• OCP participation
– “run-time support methods for hybrid and multi-modal systems.”• Component architectures
– maintain efficiency– compose properties
• Understand designs– reduce reliance on simulation– correct-by-construction implementations– rely on pre-proven frameworks
• Orthogonalize concerns– regimes of operation– federated coordination
SEC Kickoff - 3
Trajectory Plan• Study group (weekly++):
– ...– 9/7 CORBA (part I) -- Concepts – 9/9 CORBA (part II) -- Java IDL– 9/14 TAO and Quality of Service in CORBA – 9/17 RT-IDL and Scheduling for Embedded Systems – 9/21 Case Study -- Helicopter Control Systems – 9/28 Real-time Operating Systems -- QNX/PSOS/VxWorks – 10/5 The Time-Triggered Architecture– 10/12 Timed Automata Verification – 10/19 Planning for kickoff meeting– ...
• Architecture for Berkeley AERobots (BEAR) project
• (RT) Corba experimental platform
SEC Kickoff - 4
NovAtel DGPS Ground Station
BEAR Research Platform
LabWindows GUI
Silicon Graphics PC
Ground Monitoring System
WaveLanAccesspoint
WaveLAN: T. John KooPioneer mobile rotot: Omid Shakernia, Frank HoffmanPitching deck landing pad: Tulio
ethernet
ethe
rnet
Wireless ethernet
Wireless ethernet
Wireless ethernet
UAV’s
Landing Deck
Ground Mobile Robots
thanks to: David H. Shim
SEC Kickoff - 5
Ursa Minor3
Navigation computer
GPSAntenna
Boeing DQI-NPon fluid mounting
Length: 1.4m Width: 0.39mHeight: 0.47mWeight: 9.4 kgEngine Output: 2.8 bhpRotor Diameter: 1.5mFlight time: 15 minSystem operation time: 30 min
Wireless Modem
Radio Receiver
GPS Card
thanks to: David H. Shim
SEC Kickoff - 6
1. Ursa Magnus 2: Boeing DQI-NP based system
W/L Modem 1-Data Download
NovAtel GPSRT-2
CPU P-233
RS-232
CTC T/O Board ServoSystem
LongitudinalLateral
Main CollectiveTail Collective
Engine Throttle
Power Board Li-Ion Batt
PC-104 Stack
64MB RAM
W/L Modem 1-Data Download
W/L Modem 2-Differential GPS
NovAtel GPSRT-2
CPU Penitum 233MMX
RS-232
CTC T/O Board ServoSystem
LongitudinalLateral
Main CollectiveTail Collective
Engine Throttle
Power Board Li-Ion Batt
PC-104 Stack
Boeing DQI-NP
RS23
2
RS232
RS23
2
RS23
2
RS23
2
Navigation Hardware (Ursa Magnus)
Compass
85MB Flash Disk
Ethernet
WaveLANWireless Ethernet
thanks to: David H. Shim
running QNX
SEC Kickoff - 7
OCP = Component-Based Design
Backplane approach:
softwarecomponents hardware
components
OCP
RT CORBAinterface
First principle: We seek software architectures for modular construction of distributed control systems.
SEC Kickoff - 8
Run-Time ModelsKey issue: What interface to expose at the OCP level?
•OO methods?•Event notification?•Irregular or low rate?•Wrappers for legacy components?
softwarecomponents wrapper
component
OCP
COTShardwarecomponent
Interface definition depends on the model of computation.
SEC Kickoff - 9
Model of Computation• Component ontology
– processes? objects? procedures?– reactive? active? passive?
• Component epistemology– visibility of other components– global information, such as time– reflection and introspection
• Interaction protocols – synchronization? push? pull?– delivery guarantees
• Interaction lexicon– vocabulary of messages– type system
A model of computation is the ontology and epistemology of components together with the protocols and lexicon of their interaction.
SEC Kickoff - 10
CORBA• CORBA provides
– distributed objects with location transparency– synchronous (two way) remote method invocation– asynchronous (one way) remote method invocation– deferred synchronous invocation (at higher cost)
• COS/CES event channel provides:– asynchronous notification– publish & subscribe
• RT event service:– prioritized dispatching– periodic event processing– active consumers and suppliers
SEC Kickoff - 11
Presumed Model of Computation• Component ontology
– Objects (CORBA) and processes (TAO)
• Component epistemology– publish & subscribe, with event filtering– time is reduced to priorities
• Interaction protocols – few constraints … anything is possible.
• Interaction lexicon– CORBA method arguments, return values
Similar to Linda and JavaSpaces, but with real-time extensions.
SEC Kickoff - 12
Draft Static Structure of a Helicopter
GPS
#synchronizeINS(ins : INS)INS
+neuAcceleration() : float[]+neuVelocity() : float[]+pitchRollYaw() : float[]+setLocation(location : Location)+xyzPosition() : float[]+xyzVelocity() : float[]
-location : float[]-velocity : float[]-acceleration : float[]
Compass
+heading() : float
HeightM eter
+distanceToGround() : float
Engine
+rpm() : float+setRotorTilt(tilt : float)+setThrust(thrust : float)+setTailRotorThrust(thrust : float)+temperature() : float
+TEMPARTURE_ALARM : CorbaEvent
FlightController
+initialize()+execute(cmd : FlightCommand) : boolean+getInertialData() : Inertia
FlightCommand
+action : CommandAction+destination : Location+deadline : float
Location
+latitude : float+longitude : float+altitude : float
Navigation
+initialize()+getLocation() : Location+reset()
-location : float[]
call getInertialData() at 50 Hz
call setLocation() at 1 Hz
«Interface»Runnable
+run()
at initialization, call heading()
EventChannel
+addEventListener(listener : EventListener)+addEventListener(listener : EventListener, mask : EventMask)+postEvent(event : CorbaEvent)
CommandAction
+CLIMB : CommandAction+FLY_TO : CommandAction+LAND : CommandAction+TAKE_OFF : CommandAction+... : ...
«Interface»EventListener
+notifyOfEvent(event : CorbaEvent)
NOTE: EventChannelmediates most of the
communications. Onlysome show this explicitly.
SEC Kickoff - 13
Event Examples• initialize GPS• initialize INS• issue flight command• GPS re-initialize INS (at 1 Hz)• flight control reacts to INS data (at 50 Hz)• sensors notify of landing• height meter publishes distance to ground
Excluded• servo loops (control laws)• all fine-grain interaction• all continuous interaction
SEC Kickoff - 14
Hierarchical Component-Based Design
Use different interaction mechanisms at the various levels.
SEC Kickoff - 15
Alternative Component Interactions
• Hybrid systems– hierarchical nesting of automata and ODEs– is the event channel relevant? How to use it?
• Modal models– hierarchical nesting of automata and anything
else– are mode changes events in the event channel?
• Hard-real-time models– event channel seems more suited to notification
of irregular events than to sampled-data signals.How can we extend architectural principles to these alternative models?
SEC Kickoff - 16
Relevant Models of Computation• Publish and subscribe (Linda, JavaSpaces)• Transition systems, state machines...• Synchronous-reactive systems (SR)• ODEs and PDEs (continuous dynamics)• Discrete time (difference equations)• Discrete-event systems (DE, VHDL, Verilog)• Sequential processes with rendezvous (CSP)• Process networks (Kahn)• Dataflow (Dennis)• ...
SEC Kickoff - 17
Proposal• Identify a small suite of MoCs useful for
distributed control system design– one will not be enough– architecture at all levels
• Study inter-domain semantics– verifiability– comprehensibility
• Emphasize what is common across MoCs– abstract syntax for component architecture– semantic commonalities (such as type systems)
SEC Kickoff - 18
Generic Component Architecture(an abstract syntax)
PortPort
Entity EntityL ink
Relation
Entity
Port
connection
connection
conn
ectio
n
L ink
Link
For CORBA, relations mediate name service, event channel, and RPC functions.
The OCP effort should first agree on an abstract syntax.
SEC Kickoff - 19
Hierarchy & Abstraction
toplevel Com positeEntity
transparent Com positeEntity
A tom icEntity
Relationdangling
transparentPort
transparentPort
opaque Port
Ideally, aggregations of components behave like primitive components.
homosemantic composition.
SEC Kickoff - 20
Sequential Composition is Homosemantic
• Statements in imperative languages• Procedures• Objects• State machines• Transition systems
• Processes and threads are not homosemantic
SEC Kickoff - 21
Abstract SemanticsData transport•broadcast•publish & subscribe•multicast•push/pull•messages or RPC•synchronization•delivery guarantees•typing•polymorphism
Actor
IOPort IORelation
P2P1
E1
E2
send(0 ,t) rece iver.put(t) get(0)
token tR 1
Basic Transport:
Receiver(inside port)
The OCP effort should focus on defining its abstract semantics - independent of an implementation, what behavior do we want in component interactions?
SEC Kickoff - 22
Key Points• Heterogeneous hierarchical models can isolate
certain sources of complexity, e.g. separating modes from dynamics or events from dynamics.
• Consistent use of input/output views of component models facilitates their hierarchical composition (and is consistent with an event-channel transport mechanism).
• At all levels, there is a component architecture. Share infrastructure.
SEC Kickoff - 23
Mission Plan• OCP participation (Repeated)
– “run-time support methods for hybrid and multi-modal systems.”
• Understand application area– software architecture perspective.
• Realize event-level architecture– characterize intercomponent interaction semantics.
• Realize multi-level architecture– characterize interlevel semantics.
• Develop validation methods.– coupled with intercomponent interaction semantics
SEC Kickoff - 24
Conclusions• We are about component based design of
real-time, safety-critical control systems.
• Dialog should be about models of computation and component architectures.
• Agreement should be about abstract syntax, abstract semantics (first).