Chattering is a fundamental phenomenon that is unique to hybrid systems, due to the complex interaction between discrete dynamics (in the form of discrete transitions) and continuous dynamics (in the form of time). In practice, simulating chattering hybrid systems is challenging in that simulation effectively halts near the chattering time point, as an infinite number of discrete transitions would need to be simulated. In this paper, formal conditions are provided for when the simulated models of hybrid systems display chattering behavior, and methods are proposed for avoiding chattering “on the fly” in runtime. We utilize dynamical behavior analysis to derive conditions for detecting chattering without enumeration of modes. We also present a new iterative algorithm to allow for solutions to be carried past the chattering point, and we show by a prototypical implementation how to generate the equivalent chattering-free dynamics internally by the simulator in the main simulation loop. The concepts are illustrated with examples throughout the paper. © 2016 IEEE.
Domain-Specific Languages (DSLs) play an important role in both practice and education. But developing them is challenging, because a DSL must ultimately satisfy a large and complex set of user/customer requirements to fulfil its intended role, and neither requirements nor users are fully available at all times during the development process. Requirements can be elicited using agile methods but such methods assume the availability of the users. The situation is further complicated when the user base is primarily students and when enhanced learning is a key requirement. In this paper we propose developing DSLs, especially educational ones, as online applications. We analyze how this can help requirement elicitation and learning. Being online brings language development closer to the user, yielding new opportunities to improve and accelerate the language design process. It is also well-matched to agile methods, since web- based analytics provide an abundant source of data that integrates naturally into the development process. As an example, we consider applying the method to Acumen, a DSL designed to support teaching Cyber-Physical Systems.
Designing Cyber-Physical Systems is hard. Physical testing can be slow, expensive and dangerous. Furthermore computational components make testing all possible behavior unfeasible. Model-based design mitigates these issues by making it possible to iterate over a design much faster. Traditional simulation tools can produce useful results, but their results are traditionally approximations that make it impossible to distinguish a useful simulation from one dominated by numerical error. Verification tools require skills in formal specification and a priori understanding of the particular dynamical system being studied.
This thesis presents rigorous simulation, an approach to simulation that uses validated numerics to produce results that quantify and bound all approximation errors accumulated during simulation. This makes it possible for the user to objectively and reliably distinguish accurate simulations from ones that do not provide enough information to be useful. Explicitly quantifying the error in the output has the side-effect of leading to a tool for dealing with inputs that come with quantified uncertainty.
We formalize the approach as an operational semantics for a core subset of the domain-specific language Acumen. The operational semantics is extended to a larger subset through a translation. Preliminary results toward proving the soundness of the operational semantics with respect to a denotational semantics are presented. A modeling environment with a rigorous simulator based on the operational semantics is described. The implementation is portable, and its source code is freely available. The accuracy of the simulator on different kinds of systems is explored through a set of benchmark models that exercise different aspects of a rigorous simulator. A case study from the automotive domain is used to evaluate the applicability of the simulator and its modeling language. In the case study, the simulator is used to compute rigorous bounds on the output of a model.
With the increasing level of automation in road vehicles, the traditional workhorse of safety assessment, namely, physical testing, is no longer adequate as the sole means of ensuring safety. A standard safety assessment benchmark is to evaluate the behavior of a new design in the context of a risk-exposing test scenario. Manual or computerized analysis of the behavior of such systems is challenging because of the presence of non-linear physical dynamics, computational components, and impacts. In this paper, we study the utility of a new technology called rigorous simulation for addressing this problem. Rigorous simulation aims to combine some of the benefits of traditional simulation methods with those of traditional analytical methods such as symbolic algebra. We develop and analyze in detail a case study involving an Intersection Collision Avoidance (ICA) test scenario using the hazard analysis techniques prescribed in the ISO 26262 functional safety standard. We show that it is possible to formally model and rigorously simulate the test scenario to produce informative results about the severity of collisions. The work presented in this paper demonstrates that rigorous simulation can handle models of non-trivial complexity. The work also highlights the practical challenges encountered in using it. © 2020, Springer Nature Switzerland AG.
The development of Cyber-Physical Systems benefits from better methods and tools to support the simulation and verification of hybrid (continuous/discrete) models. Acumen is an open source testbed for exploring the design space of what rigorous-but-practical next-generation tools can deliver to developers. Central to Acumen is the notion of rigorous simulation. Like verification tools, rigorous simulation is intended to provide guarantees about the behavior of the system. Like traditional simulation tools, it is intended to be intuitive, practical, and scalable. Whether these two goals can be achieved simultaneously is an important, long-term challenge.
This paper proposes a design principle that can play an important role in meeting this challenge. The principle addresses the criticism that accumulating numerical errors is a serious impediment to practical rigorous simulation. It is inspired by a twofold insight: one relating to the nature of systems engineered in the real world, and the other relating to how numerical errors in the simulation of a model can be recast as errors in the state or parameters of the model in the simulation. We present a suite of small, concrete benchmarks that can be used to assess the extent to which a rigorous simulator upholds the proposed principle. We also report on which benchmarks Acumen's current rigorous simulator already succeeds and which ones remain challenging.
Rigorous simulation is a new technology that can play a key role in managing uncertainty in the design of safety-critical cyber-physical systems. One of its important applications is the analysis and evaluation of functional safety for road vehicles according to international standards such as ISO 26262. Previous work presented preliminary evidence to support the feasibility of using rigorous simulation for this purpose. Here we report on advances in our implementation of rigorous simulation and show how they enable the rigorous simulation of more refined and more complete models. A larger case study highlights the benefits of these advances and helps us identify new challenges that should be addressed by future work. © 2015 IEEE.
Even simple hybrid automata like the classic bouncing ball can exhibit Zeno behavior. The existence of this type of behavior has so far forced a large class of simulators to either ignore some events or risk looping indefinitely. This in turn forces modelers to either insert ad-hoc restrictions to circumvent Zeno behavior or to abandon hybrid automata. To address this problem, we take a fresh look at event detection and localization. A key insight that emerges from this investigation is that an enclosure for a given time interval can be valid independent of the occurrence of a given event. Such an event can then even occur an unbounded number of times. This insight makes it possible to handle some types of Zeno behavior. If the post-Zeno state is defined explicitly in the given model of the hybrid automaton, the computed enclosure covers the corresponding trajectory that starts from the Zeno point through a restarted evolution. ©2015 The Authors. Published by Elsevier Ltd.
Even simple hybrid systems like the classic bouncing ball can exhibit Zeno behaviors. The existence of this type ofbehavior has so far forced simulators to either ignore some events or risk looping indefinitely. This in turn forces modelers to either insert ad hoc restrictions to circumvent Zeno behavior or to abandon hybrid modeling. To address this problem, we take a fresh look at event detection and localization. A key insight that emerges from this investigation is that an enclosure for a given time interval can be valid independently of the occurrence of agiven event. Such an event can then even occur an unbounded number of times, thus making it possible to handle certain types of Zeno behavior. © 2013 IEEE.
Developing Cyber-Physical Systems requires methods and tools to support simulation and verification of hybrid (both continuous and discrete) models. The Acumen modeling and simulation language is an open source testbed for exploring the design space of what rigorous-but-practical next-generation tools can deliver to developers of Cyber-Physical Systems. Like verification tools, a design goal for Acumen is to provide rigorous results. Like simulation tools, it aims to be intuitive, practical, and scalable. However, it is far from evident whether these two goals can be achieved simultaneously.
This paper explains the primary design goals for Acumen, the core challenges that must be addressed in order to achieve these goals, the "agile research method" taken by the project, the steps taken to realize these goals, the key lessons learned, and the emerging language design. © ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering 2016.
The flipped classroom format involves swapping activities traditionally performed inside and outside the classroom. The expected effects from this swap include increased student engagement and peer-to-peer interaction in the classroom, as well as more flexible access to learning materials. Key criteria for successful outcomes from these effects include improved test scores and enhanced student satisfaction. Unfortunately, while many researchers have reported positive outcomes from the approach, some instructors can still encounter difficulties in reproducing this success.
In this paper we report our experiences with flipping a first course on Cyber-Physical Systems at Halmstad University. The course is required for a Masters level program and is available as an elective for undergraduates. The focus of this report is on three separate editions of the course taught over three years. In the first year, lectures were recorded. In the second, the same instructor taught the course using the flipped format. In the third, new instructors taught it using the flipped classroom format.
Our experience suggests that flipping a classroom can lead to improved student performance and satisfaction from the first edition. It can also enable new instructors to take over the course and perform at a level comparable to an experienced instructor. On the other hand, it also suggests that the format may require more effort to prepare for, and to teach, than the traditional format, and that a higher level of attention to detail is needed to execute it with positive outcomes. Thus, the format can be demanding for instructors. It is also the case that not all students preferred this format.
Effective and creative Cyber-Physical Systems (CPS) development requires expertise in disparate fields that have traditionally been taught in several distinct disciplines. At the same time, students seeking a CPS education generally come from diverse educational backgrounds. In this paper, we report on our recent experience of developing and teaching a course on CPS. The course addresses the following three questions: What are the core elements of CPS? How should these core concepts be integrated in the CPS design process? What types of modeling tools can assist in the design of Cyber-Physical Systems? Our experience with the first four offerings of the course has been positive overall. We also discuss the lessons we learned from some issues that were not handled well. All material including lecture notes and software used for the course are openly available online.
Model-based tools have the potential to significantly improve the process of developing novel cyber-physical systems (CPS). In this paper, we consider the question of what language features are needed to model such systems. We use a small, experimental hybrid systems modeling language to show how a number of basic and pervasive aspects of cyber-physical systems can be modeled concisely using the small set of language constructs. We then consider four, more complex, case studies from the domain of robotics. The first, a quadcopter, illustrates that these constructs can support the modeling of interesting systems. The second, a serial robot, provides a concrete example of why it is important to support static partial derivatives, namely, that it significantly improves the way models of rigid body dynamics can be expressed. The third, a linear solenoid actuator, illustrates the language’s ability to integrate multiphysics subsystems. The fourth and final, a compass gait biped, shows how a hybrid system with non-trivial dynamics is modeled. Through this analysis, the work establishes a strong connection between the engineering needs of the CPS domain and the language features that can address these needs. The study builds the case for why modeling languages can be improved by integrating several features, most notably, partial derivatives, differentiation without duplication, and support for equations. These features do not appear to be addressed in a satisfactory manner in mainstream modeling and simulation tools.