Towards Integrated Multi-Formalism Tool Support for the Design of - - PowerPoint PPT Presentation

Software Technologies Concertation on Formal Methods for Components and Objects (FMCO’10)

Towards Integrated Multi-Formalism Tool Support for the Design of Embedded Control Systems

Martin Hüfner, Christian Sonntag, Sebastian Engell Process Dynamics and Operations Group (DYN)

• Dept. of Biochemical and Chemical Engineering (BCI)

Technische Universität Dortmund, Germany

2

Outline

• The MULTIFORM project
• Illustrative example

– Integrated design of a pipeless plant

• Goals of the MULTIFORM project
• Design flow example
• Research areas

– Algorithmic model exchange – Controller specification and synthesis – Trans-level tool integration and verification – Code verification – The design framework

• Summary & state of the project

3

• History

– Initiated by TU Dortmund as a successor of HYCON WP3 (Tool Integration) – Application October 2007 – Start September 2008

• Funding

– Financed by the EU within the 7th Framework Programme in the ICT domain – Funding: 2.800.000 € – 8 Partners, thereof two industrial

• Duration: 42 months

– September 2008 – February 2012

• More information

– http://www.ict-multiform.eu

The European Project MULTIFORM

4

• TUDO (Coordinator)

– TU Dortmund, Germany Sebastian Engell

• TUE

– TU Eindhoven, Netherlands Koos Rooda, Bert van Beek, Jos Baeten

• Verimag/ UJF

– Universite Joseph Fourier, Grenoble, France Goran Frehse, Oded Maler

• RWTH

– RWTH Aachen, Germany Stefan Kowalewski

• AAU

– Aalborg Universitet, Denmark Kim Larsen, Brian Nielsen

• ESI

– Stichting Embedded Systems Institute Ed Brinksma, Boudewijn Haverkort

UJF

The MULTIFORM Consortium

• VEMAC

– Aachen, Germany Michael Reke

• KVCA

– “Danish Cooling Cluster” Jens Andersen – Closely working with DANFOSS

TUDO RWTH/VEMAC Verimag/UJF TUE/ESI AAU/KVCA

5

Control PC Camera AGVs Storage station Charging stations Product Color stations Mixing station

Example: Design of a Pipeless Plant

6

Challenges for Model-based Design (1)

• Design and validation on different

levels of abstraction

– Specification

• Specification of the tasks and of

the performance of the system

– High-level design

• Choice of the equipment,

feasibility and bottleneck analysis, throughput maximization, plant layout

• ptimization

– Low-level design

• Optimization and control of

processing steps and motion dynamics, logic control

• Choice of sensors and actuators,

communication system

– Implementation

• PLCs, embedded controllers,

communication system

Control PC Camera AGVs Storage station Charging stations Product Color stations Mixing station

System specification High-level design Low-level design Implementation Implementation tests Low-level tests High-level tests Performance analysis

Design Validation

7

Challenges for Model-based Design (2)

• The control system spans the

complete control hierarchy

– Coordination control

• Scheduling and performance
• ptimization

– Advanced control

• Control of batch processes
• AGV path planning

– Regulatory control

• AGV motion control
• Docking control
• Sequence control in the

processing stations

• Low-level continuous control

– Low-level safety-related control

Control PC Camera AGVs Storage station Charging stations Product Color stations Mixing station

Discrete-event, timed, and hybrid models Discrete-event, hybrid, and continuous models Timed or hybrid models Continuous models

8

• Extension of the model-based approach beyond the scope of

classical feedback controller design to cover the complete control hierarchy.

• The long-term goal is to support a fully model-driven design

process of a controlled system over its full life cycle

– Build systems that are correct by design and where the interaction of the components is fully transparent

Goal of the MULTIFORM Project

9

• Integrated modeling and design of the system itself and of the multi-

layered and networked control system

– Including a structured approach to the management of specifications, design decisions, models, and results

• Coverage of all layers of the automation and design hierarchy

– Integrated tool support on all layers of the automation and design hierarchies

• Current state: Islands of support for specific design and analysis tasks
• Trans-level integration of model-based design approaches
• Support of iterations in the design process
• Propagation of faults and unexpected behaviors
• Modifications over the life cycle without top-down redesign

 Tool integration and Design Framework  Exchange of models between tools via the CIF (Compositional Interchange Format)  Improvement of the tool support for the design steps

Vision for Integrated Model-based Design

10

Design tasks Requirement specification Feasibility analysis Plant layout design AGV speed analysis Controller design Controller code generation

Design Flow: Design Tasks for the Pipeless Plant

11

Boderc key drivers Feasibility analysis Plant layout design AGV speed analysis Controller design Controller code generation

Design Flow: Refinement of Requirements

Design tasks Models Requirement specification

12

Storage station Complex & interesting Plant dosing station mixing station cleaning station AGV broad AGV even AGV round AGV with wheels Standard AGV AGV with Microcontroller AGV with WLAN Vessel separable from AGV Transparent vessel Open space/no rails for AGV Process times/AGV speed > 2? AGV operating time/charging time > 3? Colored product Complex recipes Different recipes with different steps Small production time Non-toxic materials Recipes can be modified Quality control for product Avoid cross contamination Parameterization of plant and recipes Parallel production Path planning & routing Vessel tracking Camera localization system Simple & powerful GUI Control PC Lab size plant boundaries Emergency stop Sensors for safety Sensors for control Same power supply Electrical power No hydraulics Avoid pneumatics Support documentation of all steps Appropriate design approach Integration to Multiform safety Standard parts Interesting & Impressive product Easy handling & robustness Multiform must-haves

Price / budget hast to be kept Demonstrator plant For Multiform Design flow and tool chain Reuse as a lab experiment / fair exhibit

Key Drivers for the Pipeless Plant

13

Boderc key drivers

Requirements

System configuration:

• Production Tasks
• Functionality of the Stations
• Type of AGVs

+ Design choices

• Number of stations
• Station types (Color, Mixing, Storage,…)
• Number of AGVs

Design Flow: Initial Design

Design step

14

Boderc key drivers Timed Chi Requirement specification Plant layout design AGV speed analysis Controller design Controller code generation

– Complete coarse plant model – Here: Timed model – Purpose: Simulation

Information propagation via Design Framework

Design tasks Models

Design Flow: Feasibility Analysis

Feasibility analysis

15

Feasibility Analysis Design step Requirements Design flow Design step

Boderc key drivers & Design Decisions Timed Chi model – Complete coarse plant model

– Timed model – Simulation

Model of the complete plant using approximation System configuration:

• # and type of stations
• Recipes
• # and type of AGVs

Design Flow: Feasibility Analysis

Another View Control View

Plant Model

Chi model

Structure View

System block

16

Chi model

Boderc key drivers Timed Chi

– Complete plant – Timed model – Simulation

System configuration:

• # Stations=5
• StationTypes=[5x1]
• StationPositions=[5x2]
• # AGVs=3
• RecipeList=[6x1]
• MovementTimes=[5x5]

Design Flow: Feasibility Analysis

17

Experiment: Set input: Model parameters #Stations:=5 StationTypes #AGVs:=3 MovementTimes:=[5x5]

Boderc key drivers Timed Chi

– Complete plant – Timed model – Simulation

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]

Set input:

Chi model

Design Flow: Feasibility Analysis Experiment

18

Boderc key drivers Timed Chi

– Complete plant – Timed model – Simulation

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]

Experiment: Set input: Model parameters #Stations:=5 StationTypes #AGVs:=3 MovementTimes:=[5x5] Tool parameters Chi model

Design Flow: Feasibility Analysis Experiment

19

Boderc key drivers Timed Chi

– Complete plant – Timed model – Simulation

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]

Chi Simulator Select tool: Experiment: Set input: Model parameters #Stations:=5 StationTypes #AGVs:=3 MovementTimes:=[5x5] Tool parameters Chi model

Design Flow: Feasibility Analysis Experiment

20

Boderc key drivers Timed Chi

– Complete plant – Timed model – Simulation

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]

Chi Simulator Select tool: Chi Simulation results Save results: Experiment: Set input: Model parameters #Stations:=5 StationTypes #AGVs:=3 MovementTime:=[5x5] Tool parameters Chi model

Design Flow: Feasibility Analysis Experiment

21

Boderc key drivers Timed Chi

– Complete plant – Timed model – Simulation

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]
• Recipes/Day=12

Chi lot-time diagram

Number in block represents vessel

Design Flow: Feasibility Analysis Experiment

22

Boderc key drivers Timed Chi

– Complete plant – Timed model – Simulation

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]
• Recipes/Day=12

Experiment: Chi Simulator Select tool: Save results: Set input: Model parameters #Stations:=5 StationTypes #AGVs:=3 MovementTime:=[5x5] Tool parameters Chi model Chi Simulation results Add new parameter and value from results

Design Flow: Feasibility Analysis Experiment

Iteration until result satisfactory

23

Requirements Feasibilty Analysis Design flow Design step

Boderc key drivers Timed Chi

– Complete plant – Timed model – Simulation

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]
• Recipes/Day=12

Design Flow: Feasibility Analysis Experiment

Another View Control View Structure View

Plant

Results

Experiment Configuration

Chi model

24

Boderc key drivers Timed-Chi Uppaal Requirement specification Feasibility analysis AGV speed analysis Controller design Controller code generation

– Complete plant model – Timed Automata model – Scheduling – Complete plant model – Timed model – Simulation

Information propagation via Design Framework

Design Flow: Plant Layout Design/ Scheduling

Design tasks Models

Algorithmic model transformation

Plant layout design

25

Uppaal – Complete plant

– Timed Automata – Scheduling

Boderc key drivers Timed Chi

– Complete plant – Timed model – Simulation

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]
• Recipes/Day=12

Algorithmic model transformation

Design Flow: Plant Layout Design / Scheduling

Requirements Feasibilty Analysis Design step Scheduling Design flow

Another View Control View Structure View

Plant Chi

26

Experiment: Set input: Model parameters Tool parameters Chi model Uppaal model file Tool chain: Chi- to-Uppaal transformation Select tool: Save results:

Uppaal – Complete plant

– Timed Automata – Scheduling

Boderc key drivers Timed Chi

– Complete plant – Timed model – Simulation

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]
• Recipes/Day=12

Design Flow: Transformation Experiment

27

Uppaal – Complete plant

– Timed Automata – Scheduling

Boderc key drivers Timed Chi

– Complete plant – Timed model – Simulation

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]
• Recipes/Day=12

Design Flow: Plant Layout Design / Scheduling

Requirements Feasibilty Analysis Design step Scheduling Design flow

Another View Control View Structure View

Plant

Uppaal

Chi

28

Experiment: Set input: Model parameters Tool parameters Uppaal model Uppaal scheduling Uppaal Select tool: Save results:

Uppaal – Complete plant

– Timed Automata – Scheduling

Boderc key drivers Timed Chi

– Complete plant – Timed model – Simulation

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]
• Recipes/Day=12

Uppaal trace file

Design Flow: Plant Layout Design / Scheduling

29

Experiment: Set input: Model parameters Tool parameters Uppaal model Uppaal scheduling Uppaal Select tool: Save results:

Uppaal – Complete plant

– Timed Automata – Scheduling

Boderc key drivers Timed Chi

– Complete plant – Timed model – Simulation

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]
• Recipes/Day=14

Uppaal trace file

Design Flow: Plant Layout Design / Scheduling

30

Uppaal – Complete plant

– Timed Automata – Scheduling

Boderc key drivers Timed Chi

– Complete plant – Timed model – Simulation

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]
• Recipes/Day=14

Design Flow: Plant Layout Design / Scheduling

Requirements Feasibilty Analysis Design step Scheduling Design flow

Another View Control View Structure View

Plant

Schedule Trace

Uppaal

Chi

31

Development tool chain

Boderc key drivers Timed Chi Uppaal PPSim Requirement specification Feasibility analysis AGV speed analysis Controller design Controller code generation

– Complete plant – Timed Automata – Scheduling – Complete plant model – Geometrical plant layout – Routing heuristics – Simulation – Complete plant – Timed model – Simulation

Design tasks Models

Information propagation via Design Framework

Plant layout design

32

Uppaal – Complete plant

– Timed Automata – Scheduling

Boderc key drivers Timed-Chi

– Complete plant – Timed model – Simulation

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]
• Recipes/Day=14

PPSim – Complete plant

– Geometrical plant layout – Basic routing – Simulation

Complete plant model based on the scheduling trace of Uppaal

Design Flow: Detailed Plant Layout Design

Requirements Feasibilty Analysis Design step Scheduling Plant layout Design flow

Another View Control View Structure View

Plant

Uppaal

PPSim Chi

33

Uppaal – Complete plant

– Timed Automata – Scheduling

Boderc key drivers Timed-Chi

– Complete plant – Timed model – Simulation

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]
• Recipes/Day=14

PPSim – Complete plant

– Geometrical plant layout – Basic routing – Simulation

Plant editor Recipe editor

Design Flow: The PPSim Tool

34

Uppaal – Complete plant

– Timed Automata – Scheduling

Boderc key drivers Timed-Chi

– Complete plant – Timed model – Simulation

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]
• Recipes/Day=14
• avgAGVSpeed=500

PPSim – Complete plant

– Geometrical plant layout – Basic routing – Simulation

PPSim model

Extract parameters:

• Average AGV speed

Design Flow: Detailed Plant Layout Design

35

Experiment: Set input: Model parameters Tool parameters PPSim model PPSim Select tool: Save results: System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]
• Recipes/Day=14
• avgAGVSpeed=500

Uppaal – Complete plant

– Timed Automata – Scheduling

Boderc key drivers Timed-Chi

– Complete plant – Timed model – Simulation

PPSim – Complete plant

– Geometrical plant layout – Basic routing – Simulation

Simulation results

Design Flow: PPSim Experiment

36

Uppaal – Complete plant

– Timed Automata – Scheduling

Boderc key drivers Timed-Chi

– Complete plant – Timed model – Simulation

PPSim – Complete plant

– Geometrical plant layout – Basic routing – Simulation

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]
• Recipes/Day=14
• avgAGVSpeed=500

Design Flow: Detailed Plant Layout Design

Requirements Feasibilty Analysis Design step Scheduling Plant layout Design flow

Another View Control View Structure View

Plant

Uppaal

PPSim Chi

37

• 1. Rerun experiments

Uppaal – Complete plant

– Timed Automata – Scheduling

Boderc key drivers Timed-Chi

– Complete plant – Timed model – Simulation

PPSim – Complete plant

– Geometrical plant layout – Basic routing – Simulation

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]
• Recipes/Day=14
• avgAGVSpeed=500

Design Flow: Parameter Propagation

Plant

Uppaal

PPSim Chi

38

• 1. Rerun experiments
• 2. Update results

Uppaal – Complete plant

– Timed Automata – Scheduling

Boderc key drivers Timed-Chi

– Complete plant – Timed model – Simulation

PPSim – Complete plant

– Geometrical plant layout – Basic routing – Simulation

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]
• Recipes/Day=13
• avgAGVSpeed=500

Design Flow: Parameter Propagation

Plant

Uppaal

PPSim Chi

39

Boderc key drivers Timed Chi Uppaal PPSim Requirement specification Feasibility analysis AGV speed analysis Controller design Controller code generation

– Complete plant – Timed Automata – Scheduling – Complete plant – Geometrical plant layout – Basic routing – Simulation – Complete plant – Timed model – Simulation

Information propagation via Design Framework Model transformation via the CIF

Design Flow: Parameter Propagation

Design tasks Models Plant layout design

40

Boderc key drivers Timed Chi Uppaal PPSim gPROMS Requirement specification Feasibility analysis Plant layout design Controller design Controller code generation

– Complete plant – Timed Automata – Scheduling – Complete plant – Geometrical plant layout – Basic routing – Simulation – Hybrid dynamics, PDE models – Optimization – Complete plant – Timed model – Simulation

Information propagation via Design Framework Model transformation via the CIF

Design Flow: AGV Speed Analysis

Design tasks Models AGV speed analysis

41

Uppaal

– Complete plant – Timed Automata – Scheduling

Boderc key drivers Timed-Chi

– Complete plant – Timed model – Simulation

PPSim

– Complete plant – Geometrical plant layout – Basic routing – Simulation

gPROMS – Dynamics

– Optimization

Model of AGV movement and fluid dynamics

Design Flow: AGV Speed Analysis

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]
• Recipes/Day=13
• avgAGVSpeed=500

Requirements Feasibilty Analysis Design step Scheduling Plant layout Speed analysis Design flow

Another View Control View Structure View

Plant

Uppaal

PPSim

Stations +AGVs

AGVs

gPROMS

Chi

42

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]
• Recipes/Day=13
• avgAGVSpeed=500

Uppaal

– Complete plant – Timed Automata – Scheduling

Boderc key drivers Timed-Chi

– Complete plant – Timed model – Simulation

PPSim

– Complete plant – Geometrical plant layout – Basic routing – Simulation

gPROMS – Dynamics

– Optimization

Time Speed

500

Acceleration

max.

• max.

Optimization of acceleration profile with constraints:

Avoidance of spilling during transport

Design Flow: Dynamic Optimization

43

Experiment: Set input: Model parameters Tool parameters: Maximize avgAGVSpeed Without spilling liquid gPROMS model

Uppaal

– Complete plant – Timed Automata – Scheduling

Boderc key drivers Timed-Chi

– Complete plant – Timed model – Simulation

PPSim

– Complete plant – Geometrical plant layout – Basic routing – Simulation

gPROMS – Dynamics

– Optimization

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]
• Recipes/Day=13
• avgAGVSpeed=432

gPROMS Select tool: Save results: gPROMS

• ptimization

results

Design Flow: gPROMS Experiment

44

Uppaal

– Complete plant – Timed Automata – Scheduling

Boderc key drivers Timed-Chi

– Complete plant – Timed model – Simulation

PPSim

– Complete plant – Geometrical plant layout – Basic routing – Simulation

gPROMS

• 1. Rerun experiments

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]
• Recipes/Day=13
• avgAGVSpeed=432

Design Flow: Parameter Propagation

Plant

Stations +AGVs

AGVs

gPROMS

PPSim

Uppaal

Chi

– Dynamics – Optimization

45

Uppaal

– Complete plant – Timed Automata – Scheduling

Boderc key drivers Timed-Chi

– Complete plant – Timed model – Simulation

PPSim

– Complete plant – Geometrical plant layout – Basic routing – Simulation

gPROMS

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]
• Recipes/Day=13
• avgAGVSpeed=432
• 1. Rerun experiments
• 2. Update results

Design Flow: Parameter Propagation

Plant

Stations +AGVs

AGVs

gPROMS

PPSim

Uppaal

Chi

– Dynamics – Optimization

46

Uppaal

– Complete plant – Timed Automata – Scheduling

Boderc key drivers Timed-Chi

– Complete plant – Timed model – Simulation

PPSim

– Complete plant – Geometrical plant layout – Basic routing – Simulation

gPROMS

• 1. Rerun experiments

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]
• Recipes/Day=13
• avgAGVSpeed=432

Design Flow: Parameter Propagation

Plant

Stations +AGVs

AGVs

gPROMS

PPSim

Uppaal

Chi Uppaal

– Dynamics – Optimization

47

Uppaal

– Complete plant – Timed Automata – Scheduling

Boderc key drivers Timed-Chi

– Complete plant – Timed model – Simulation

PPSim

– Complete plant – Geometrical plant layout – Basic routing – Simulation

gPROMS

System configuration:

• # Stations=5
• Station Types=[5x1]
• Station Positions=[5x2]
• # AGVs=3
• Recipe List=[6x1]
• Movement Times=[5x5]
• Recipes/Day=11
• avgAGVSpeed=432
• 1. Rerun experiments
• 2. Update results

Design Flow: Parameter Propagation

Plant

Stations +AGVs

AGVs

gPROMS

PPSim

Uppaal

Chi Uppaal

– Dynamics – Optimization

48

Boderc key drivers Timed Chi Uppaal PPSim gPROMS Requirement specification Feasibility analysis Plant layout design Controller design Controller code generation

– Complete plant – Timed Automata – Scheduling – Complete plant – Geometrical plant layout – Basic routing – Simulation – Dynamics – Optimization – Complete plant – Timed model – Simulation

Information propagation via Integration Framework Model transformation via the CIF

Design Flow: Parameter Propagation

Design tasks Models AGV speed analysis

49

Boderc key drivers Timed Chi Uppaal PPSim DC/FT gPROMS Requirement specification Feasibility analysis Plant layout design AGV speed analysis Controller code generation Supervisory Control

– Complete plant – Timed Automata – Scheduling – Complete plant – Geometrical plant layout – Basic routing – Simulation – Dynamics – Optimization – Complete plant – Timed model – Simulation

DES – Docking process

– Timed model

Design Flow: Logic Controller Design and Synthesis

Information propagation via Integration Framework Model transformation via the CIF

Design tasks Models Controller design

50

Boderc key drivers Timed Chi Uppaal PPSim DC/FT PHAVer / SpaceEx gPROMS Requirement specification Feasibility analysis Plant layout design AGV speed analysis Controller code generation Supervisory Control

– Complete plant – Timed Automata – Scheduling – Docking process – Hybrid dynamics – Complete plant – Geometrical plant layout – Basic routing – Simulation – Dynamics – Optimization – Complete plant – Timed model – Simulation

DES – Docking process

– Timed model

Design Flow: Verification

Design tasks Models

Composition with HA docking model

Controller design

51

Boderc key drivers Timed Chi Uppaal PPSim DC/FT Code gPROMS Requirement specification Feasibility analysis Plant layout design AGV speed analysis Controller design Supervisory Control

– Complete plant – Timed Automata – Scheduling – PLC/Ethercat/AGV code – Verification with [mc]square – Complete plant – Geometrical plant layout – Basic routing – Simulation – Dynamics – Optimization – Complete plant – Timed model – Simulation

DES– Docking process

– Timed model

Design Flow: Code Generation

Design tasks Models PHAVer / SpaceEx

Composition with hybrid docking model

– Docking process – Hybrid dynamics

Controller code generation

52

• Different views
• n same

system and models

• Not all models

present in every view

Require- ments Feasibilty Analysis Design step Scheduling Plant layout Speed analysis Design flow Docking Control Dead ends Code generation

Structure View

Plant

PPSim

Stations +AGVs

AGVs

gPROMS DC/FT PHAVer SC Uppaal

Chi

Control View

High level

Uppaal

PPSim

Low level

Imple- men- tation

gPROMS mc² DC/FT SC

Final Design Flow

53

Boderc key drivers Timed Chi Uppaal PPSim DC/FT Code gPROMS Requirement specification Feasibility analysis Plant layout design AGV speed analysis Controller design Supervisory Control

– Complete plant – Timed Automata – Scheduling – PLC/Ethercat/AGV code – Verification with [mc]square – Complete plant – Geometrical plant layout – Basic routing – Simulation – Dynamics – Optimization – Complete plant – Timed model – Simulation

DES – Docking process

– Timed model

Design Flow: Algorithmic Model Exchange

Design tasks Models PHAVer / SpaceEx

Composition with hybrid docking model

– Docking process – Hybrid dynamics

Controller code generation See second MULTIFORM presentation by

• B. van Beek et al.

54

Boderc key drivers Timed Chi Uppaal PPSim DC/FT Code gPROMS Requirement specification Feasibility analysis Plant layout design AGV speed analysis Controller design Supervisory Control

– Complete plant – Timed Automata – Scheduling – PLC/Ethercat/AGV code – Verification with [mc]square – Complete plant – Geometrical plant layout – Basic routing – Simulation – Dynamics – Optimization – Complete plant – Timed model – Simulation

TA – Docking process

– Timed model

Design Flow: Logic Controller Design

Design tasks Models PHAVer / SpaceEx

Composition with hybrid docking model

– Docking process – Hybrid dynamics

Controller code generation

55

Logic Controller Design and Synthesis

• Industrial practice: Logic controller design is a largely manual,

unsystematic, and error-prone procedure

• Benefits of systematic specification refinement and analysis

– Improved and systematic communication between the plant designer and the control engineer → less “misunderstandings” and errors – Algorithmic requirements analysis → error avoidance early in the design phase

• Benefits of the synthesis tool chain

– Largely automated design procedure – Comfortable choice between different synthesis approaches

Informal and vague specifications Systematic analysis Refinement Formal and precise specifications Control system Algorithmic synthesis Plant model

See third MULTIFORM presentation by

• A. David et al.

56

Boderc key drivers Timed Chi Uppaal PPSim gPROMS Requirement specification Feasibility analysis Plant layout design AGV speed analysis Controller design Controller code generation

– Complete plant – Timed Automata – Scheduling – Complete plant – Geometrical plant layout – Basic routing – Simulation – Dynamics – Optimization – Complete plant – Timed model – Simulation

TA – Docking process

– Timed model

Verification, Trans-Layer Integration, Abstraction & Refinement

Design tasks Models DC/FT Code Supervisory Control

– PLC/Ethercat/AGV code – Verification with [mc]square

PHAVer / SpaceEx – Docking process

– Hybrid dynamics

Composition with hybrid docking model

57 57

WP3 Objectives

informal specifications

abstract models (discrete / timed) formal specifications linear hybrid automata models detailed models (nonlinear)

Implementation

control system

MC2 StateEx/ Phaver Uppaal e.g. Simulink

Develop techniques for checking refinement relations between models and artifacts at different design levels.

58

The MULTIFORM Design Framework Putting Chaos under Control [ESI]

• Objective

– To enable more effective model-based design of complex systems – By means of making the decisions and dependencies in models and other design artifacts explicit

• Approach

– Self-triggered error-detection that enables the connection of not directly related models – Not aiming at one big (system) model, but cherish multi-disciplinarity

• software, hardware, mechanics, etc.
• Application areas

– High-tech (cyber-physical) systems

58

59

The MULTIFORM Design Framework [ESI]

• Consistent integration of design

models into a common software framework

• Support of a generic design flow

model

– Design decisions – System design

• Consistency management

– Communication of design parameters – Conflict detection – Models and results management

INPUT OUTPUT FORMAL INFORMAL DESIGN FLOW DESIGN STEP CONCRETE MODEL a n a l y s i s r e s u l t s analysis results

60

Case Study: Analysis of the Sensor and Actuator Wiring in Supermarket Refrigeration Systems by Online Testing

• Large supermarket refrigeration systems: many sensors and

actuators, complex wiring

• Faulty wiring is a

significant problem

• Goal: Automated,

robust methods that reliably identify faulty wiring by tests that do not damage the equipment

61

• Motivation

– Reduction of CO2 emissions and of the fuel consumption using PCC (piezo-controlled carburetor) in small combustion engines

• Present development process (ineffective, expensive)

Case Study: Engine Control for Small-power Combustion Engines

Scooters Motor Bikes Industry Engines Go Karts Chain Saws

error requirements specification

• mech. design

electronic design software design

• mech. prototype

elect . prototype software prototype test bench test under real condition s mass production software testing error

time

error requirements specification

• mech. design

electronic design software design

• mech. prototype

elect . prototype software prototype test bench test under real condition s mass production software testing error

time

62

Case Study: Supporting the System Design

• f Automatic Case Picking for Warehousing

Goals:

• Design traceability, less problems (explicit assumptions,

explicit parameter dependencies), less design time

• Link models of subsystems (Excel, POOSL, UPPAAL, …) at

the outside

• Main system aspects:

– System performance – Controls architecture

63

Summary

• There is a need for efficient model-based support of the

design of complex automated systems with trans-level propagation and iteration and re-use of models

• An all-encompassing mega-tool for the design of complex

automated systems is not realistic!

• Three different routes to tool and model integration and

design support are pursued in MULTIFORM: – Model exchange and tool chains via the CIF – Direct coupling of tools for testing – Propagation of parameters via the integration framework

64

State of the Project

• CIF Vers. 2 is stable  significant simplification of the

semantics

– CIF2 models can be simulated via the CIF1 simulator

• Transformations to and from gPROMS, Modelica, and from

SFC available

• Connections to and from PHAVER (SpaceEx), UPPAAL,

Matlab/Simulink, and MUSCOD II are in progress

• Ongoing developments in testing
• Ongoing development of verification tools (SpaceEx,

[mc]square)

• Definition of a generic design process and of the integration of

tools in the design process

• Design framework layout finished, development of a prototype

is under way

65

• TUDO (coordinator)

– TU Dortmund, Germany – Sebastian Engell

• TUE

– TU Eindhoven, Netherlands Koos Rooda, Bert van Beek, Jos Baeten

• Verimag/ UJF

– Universite Joseph Fourier, Grenoble, France Goran Frehse, Oded Maler

• RWTH

– RWTH Aachen, Germany Stefan Kowalewski

• AAU

– Aalborg Universitet, Denmark Kim Larsen, Brian Nielsen

• ESI

– Stichting Embedded Systems Institute Ed Brinksma, Boudewijn Haverkort

The ideas presented here are the outcome of the joint effort

• f all partners of the MULTIFORM Consortium!
• VEMAC

– Aachen, Germany Michael Reke

• KVCA

– “Danish Cooling Cluster” Jens Andersen Closely working with DANFOSS

But … only the authors are responsible for all errors or misrepresentations