No Arabic abstract
Industrial cyber-physical systems require complex distributed software to orchestrate many heterogeneous mechatronic components and control multiple physical processes. Industrial automation software is typically developed in a model-driven fashion where abstractions of physical processes called plant models are co-developed and iteratively refined along with the control code. Testing such multi-dimensional systems is extremely difficult because often models might not be accurate, do not correspond accurately with subsequent refinements, and the software must eventually be tested on the real plant, especially in safety-critical systems like nuclear plants. This paper proposes a framework wherein high-level functional requirements are used to automatically generate test cases for designs at all abstraction levels in the model-driven engineering process. Requirements are initially specified in natural language and then analyzed and specified using a formalized ontology. The requirements ontology is then refined along with controller and plant models during design and development stages such that test cases can be generated automatically at any stage. A representative industrial water process system case study illustrates the strengths of the proposed formalism. The requirements meta-model proposed by the CESAR European project is used for requirements engineering while IEC 61131-3 and model-driven concepts are used in the design and development phases. A tool resulting from the proposed framework called REBATE (Requirements Based Automatic Testing Engine) is used to generate and execute test cases for increasingly concrete controller and plant models.
The benefits that arise from the adoption of a systems engineering approach to the design of engineered systems are well understood and documented. However , with software systems, different approaches are required given the changeability of requirements and the malleability of software. With the design of industrial cyber-physical systems, one is confronted with the challenge of designing engineered systems that have a significant software component. Furthermore, that software component must be able to seamlessly interact with both the enterprises business systems and industrial systems. In this paper, we present Janus, which together with the GORITE BDI agent framework, provides a methodology for the design of agent-based industrial cyber-physical systems. Central to the Janus approach is the development of a logical architecture as in traditional systems engineering and then the allocation of the logical requirements to a BDI (Belief Desire Intention) agent architecture which is derived from the physical architecture for the system. Janus has its origins in product manufacturing; in this paper, we apply it to the problem of Fault Location, Isolation and Service Restoration (FLISR) for power substations.
Combinatorial testing has been suggested as an effective method of creating test cases at a lower cost. However, industrially applicable tools for modeling and combinatorial test generation are still scarce. As a direct effect, combinatorial testing has only seen a limited uptake in industry that calls into question its practical usefulness. This lack of evidence is especially troublesome if we consider the use of combinatorial test generation for industrial safety-critical control software, such as are found in trains, airplanes, and power plants. To study the industrial application of combinatorial testing, we evaluated ACTS, a popular tool for combinatorial modeling and test generation, in terms of applicability and test efficiency on industrial-sized IEC 61131-3 industrial control software running on Programmable Logic Controllers (PLC). We assessed ACTS in terms of its direct applicability in combinatorial modeling of IEC 61131-3 industrial software and the efficiency of ACTS in terms of generation time and test suite size. We used 17 industrial control programs provided by Bombardier Transportation Sweden AB and used in a train control management system. Our results show that not all combinations of algorithms and interaction strengths could generate a test suite within a realistic cut-off time. The results of the modeling process and the efficiency evaluation of ACTS are useful for practitioners considering to use combinatorial testing for industrial control software as well as for researchers trying to improve the use of such combinatorial testing techniques.
Industrial cyber-physical systems (ICPSs) manage critical infrastructures by controlling the processes based on the physics data gathered by edge sensor networks. Recent innovations in ubiquitous computing and communication technologies have prompted the rapid integration of highly interconnected systems to ICPSs. Hence, the security by obscurity principle provided by air-gapping is no longer followed. As the interconnectivity in ICPSs increases, so does the attack surface. Industrial vulnerability assessment reports have shown that a variety of new vulnerabilities have occurred due to this transition while the most common ones are related to weak boundary protection. Although there are existing surveys in this context, very little is mentioned regarding these reports. This paper bridges this gap by defining and reviewing ICPSs from a cybersecurity perspective. In particular, multi-dimensional adaptive attack taxonomy is presented and utilized for evaluating real-life ICPS cyber incidents. We also identify the general shortcomings and highlight the points that cause a gap in existing literature while defining future research directions.
Orchestrated collaborative effort of physical and cyber components to satisfy given requirements is the central concept behind Cyber-Physical Systems (CPS). To duly ensure the performance of components, a software-based resilience manager is a flexible choice to detect and recover from faults quickly. However, a single resilience manager, placed at the centre of the system to deal with every fault, suffers from decision-making overburden; and therefore, is out of the question for distributed large-scale CPS. On the other hand, prompt detection of failures and efficient recovery from them are challenging for decentralised resilience managers. In this regard, we present a novel resilience management framework that utilises the concept of management hierarchy. System design contracts play a key role in this framework for prompt fault-detection and recovery. Besides the details of the framework, an Industry 4.0 related test case is presented in this article to provide further insights.
Cyber-Physical Systems (CPS) pose new challenges to verification and validation that go beyond the proof of functional correctness based on high-level models. Particular challenges are, in particular for formal methods, its heterogeneity and scalability. For numerical simulation, uncertain behavior can hardly be covered in a comprehensive way which motivates the use of symbolic methods. The paper describes an approach for symbolic simulation-based verification of CPS with uncertainties. We define a symbolic model and representation of uncertain computations: Affine Arithmetic Decision Diagrams. Then we integrate this approach in the SystemC AMS simulator that supports simulation in different models of computation. We demonstrate the approach by analyzing a water-level monitor with uncertainties, self-diagnosis, and error-reactions.