Mixed Criticality Cyber Physical Systems

Lead Research Organisation: University of York
Department Name: Computer Science

Abstract

The concept of Cyber-Physical Systems, CPS, arose just over ten years ago and is a generalisation of the issues found in building embedded control systems. A CPS consists of a collection of computing devices communicating with one another (perhaps using wireless media) and interacting with the physical world via sensors and actuators. Such systems are everywhere, from smart buildings to medical devices to aerospace and to all kinds of automobiles. They increasing control crucial aspects of our lives. Research in CPS, and the related topics of System-of-Systems (SoS) and the Internet of Things (IoT), involves an understanding of system complexity, communication, environmental uncertainty, and the requirements of the associated software to behave in a timely fashion and to cater for faults and failures within the distributed hardware platform.

Many, indeed most, CPS can also be characterised as being Mixed-Criticalty Systems (MCS). Criticality is a designation of the level of assurance against failure needed for a system component. A MCS is one that integrates applications and/or components/systems with different levels of criticality onto the same hardware platform. This platform will, in the future, include many-core processing units, and communication media of various kinds, including wireless. It will also include smart sensors and actuators.

The Mixed Criticality Cyber Physical Systems (MCCps) project will consider how resource efficient, and hence potentially commercially successful, CPS can be specified, designed and analysed. Issues to be considered include, assumptions about the environment that cannot be held with complete certainty, failures that require reconfiguration (in a criticality-aware way), security protocols that require over-specified resource usage (to hide actual behaviour), and the allocation of software to the processing platform that balances the need for separation for safety/security and integration for efficiency. Such efficiency will lead to reduced size, weight and power consumption.

Previous work at York, including that supported by EPSRC, has explored the trade-off between separation and integration for single processor and many-core systems. In this project we expand this focus to include complete CPS platforms where resilience (e.g. fault tolerance and adaptive control), time-critical communications (including wireless), certification, tolerance of specification error (i.e. false assumptions about how the environment will behave and human users interact) and power consumption are all crucially important. The research will deliver models, forms of analysis, protocols, verification techniques including model-checking and cycle-accurate, protocol-accurate and scenario-based simulators, and industrial case-studies.

Planned Impact

The ultimate goal of this project is to allow Cyber Physical Systems (CPS) to be built that are safe, secure, resilient
and cost-effective. To obtain effective resource usage then fabric and energy must be shared; but this can often be seen as the antithesis of simple partitioned design. The key to unlock this schism is the recognition that CPS are mixed criticality. This allows a disciplined approach to resource usage to be developed; and for this approach to be backed up by models, analysis and subsequently tools.

The proposed research has the potential to benefit the following individuals and organisations:

- Original Equipment Manufacturers and their suppliers in the automotive electronics and avionics industries.
- Middleware vendors providing software tools and services for real-time systems development.
- Silicon vendors, designing the next generation of embedded processor, network interfaces etc.
- The general public as the research will drive down the cost of advanced real-time embedded systems as found in cars, avionics, consumer products, health technologies etc.

By exploiting the results of this project companies building complex real-time embedded systems will be able to obtain maximum performance from the hardware platform without compromising the assurances needed for the most critical components of the system. The increased efficiency can be utilised to reduce size, weight and power consumption of the hardware required, leading to reductions in lifetime costs and CO2 emissions. A sound theoretical approach, that can predict the resources required by an application, can lead to reduced time-to-market and enhance end-product reliability. These factors will have economic benefits for the companies adopting the technology , contributing to economic prosperity, and ultimately a societal benefit in terms of more reliable, more efficient and cost effective products.

We intend our research to have a clear impact on a number of sectors where the UK enterprises can exploit the knowledge we will accumulate. In more specialist domains, especially in the safety-critical industries, our work will contribute to the trend of certifying more integrated systems of systems. We have in the past transferred research findings into clear industrial impact via spin-off companies (we contributed three 4* REF case studies in the last REF exercise). Through our interactions with the large companies that advise us (BAE, ETAS and Rolls Royce) and through our experience is spinning out new ventures we believe we are in an excellent position to maximise the impact of the research from this project.
 
Description We have developed a protocol for wireless communication that is criticality aware, and hence more fault tolerant that previous protocols.
We have also developed a range of scheduling protocols that can lead to more reliable and energy efficient embedded real-time systems (also
known as Cyber-Physical Systems).
Exploitation Route We advise industry on real-time scheduling protocols that reduce energy usage and provide predictable performance.
Sectors Aerospace

Defence and Marine

Digital/Communication/Information Technologies (including Software)

Transport

URL https://www.cs.york.ac.uk/rts/projects/mccps.html
 
Description Industry continues to evaluate the result of the research undertaken on this project. We have produce advice for a number of UK companies. For example work within Rolls-Royce is based on the robust scheduling model and making use of simulation validation techniques developed within the MCC and MCCps project. Rolls-Royce have a strong interest in Mixed-Criticality Scheduling and have led two significant Innovate UK funded projects (worth more than £50 million) that aim to embed the techniques within the company. These projects have involved most of the UK civil avionics companies with a number of UK defence companies as unfunded partners. The work in mixed-criticality scheduling in Rolls-Royce has focussed on: the architecture needs to ensure compliance with certification expectations; how to implement the scheduling policy with manageable overheads; and how to guarantee the quality of service for lower-critical software. The core research work has continued to include AI-enabled components and Digital Twin usage. Here the monitoring of an active Cyber-Physical system with AI classifiers by a run-time Digital Twin allows the parameters of the scheduling model to be updated, the architecture of the classifiers to be updated, the false-positive and false-negative rates to be improved, the power consumption to be reduced, and the overall confidence in system safety to be improved - even when the characteristics of the system's operational environment are changing.
First Year Of Impact 2014
Sector Aerospace, Defence and Marine,Transport
Impact Types Economic