Team and Organization
Motivation: Applications of truly distributed sense and control
systems combining large numbers (100s to millions) of heterogeneous
tightly interacting components range from energy and environmental
management (e.g., power grid monitoring and control), traffic monitoring
and control (e.g., the Nokia-Berkeley Bay Area cell-phone based
traffic-monitoring experiment), autonomous vehicles and aircraft, to
biomedical and health care systems. However, most of these applications
come with a broad range of concerns in terms of intended and accomplished
behavior, reliability (and liability), longevity and survivability,
security, and constrained energy availability. These concerns are
aggravated by the spatial separation of the components that requires
control systems using communication networks to exchange information.
While progress has been made over the years in the design of large-scale
systems, we are far from having access to design methodologies and
technologies that can provide guarantees on behavior and execution.
Recent significant delays in the delivery of advanced aircraft both for
civil and military use due to unexpected interactions of a large
number of heterogeneous and strongly interdependent subsystems, the
difficulties faced in designing nano-scale micro-systems and the
necessity of reducing energy consumption expose the urgency of
developing sense and control algorithms and architectures, methodologies,
models and tools for the design of closed loop systems. The inherent
fragility of large-scale distributed systems with respect to
malfunctioning of their components as well as to malicious attacks
requires the development and deployment of fault-tolerant techniques as
well as novel trust and security concepts before catastrophic problems
surface in systems such as the energy infrastructures in vehicles,
buildings and regional grids. The issues with the design of complex
systems are compounded by the lack of a clear set of metrics to optimize
and of constraints to satisfy. More often than not designers rely on
approximate, qualitative assessments obtained using experience and
intuition, a strategy that worked in the past, when complexity was
manageable. The need of identifying quantities that can be used to assess
in rigorous ways the results of the design activity is now acute to
prevent endless and prohibitively expensive re-cycles.
Vision: We envision a design process that will support the
embedding of large numbers of unreliable, sporadically connected,
dynamically reconfigurable computational nodes into an application
domain, coupled with closed-loop control systems that react at
appropriate timescales as events arise. The relevant timescale may vary
by problem area, but all the areas we target have demanding reactivity
constraints coupled with limited power, bandwidth, or communication
topologies. Our focus on closed-loop scenarios differentiates this
proposal from the research agenda of the sensor networks community while
at the same time leveraging it; while sensor networks have been studied
and deployed mostly for monitoring applications, we believe that the
future will be about behavior control and autonomous operations that
require closed loop systems (as is clearly visible in the research agenda
of the large- and small-scale systems themes). Our contention is that the
only way to address the challenges of distributed control and sensor
multi-scale systems is to employ structured and formal design
methodologies that seamlessly and coherently combine the various
dimensions of the multi-scale design space, and that provide the
appropriate design metrics augmented with methods for computing them
unambiguously, and the abstractions, control algorithms and system
architectures to manage the inherent complexity. We believe that this
approach will form the necessary methodological infrastructure to develop
and test innovative system architectures that address issues such as
validation, reliability and long-term robustness, security and run-time
resiliency, and guarantee functionality and efficient operation. The
design of systems consisting of a multitude of components will be carried
out with rigorous quantitative analysis of performance figures including
energy consumption as an essential part while making sure that
functionality is as expected.
This research forms the methodological scaffolding of the other MuSyC
themes. As such it will drive, and be driven by, the energy-smart
applications of the other themes (in the large and the small). While the
primary focus of this theme will be on energy-metrics, its fundamental
nature makes it possible to extend the results to multiple design issues
in different industrial
domains.
In this respect, avionics for modern aircraft serve as an excellent
application for the technologies developed in this theme. Modern
commercial and military aircraft are rapidly increasing in complexity and
functionality, and have hundreds of IT components that interact to manage
the flight control, environmental control and energy-generation
subsystems. Together, these systems are responsible for maintaining
highly reliable, agile and efficient operation of the aircraft and,
increasingly, are part of an even larger system-of-systems consisting of
the overall air traffic control systems (for commercial airspaces) or air
operations center (for military systems). Future airborne systems that
are designed to dynamically optimize their operational performance and
energy efficiency rely on increased levels of complexity to coordinate
energy flows within a vehicle as well as operational tasks across a fleet
of vehicles (including combinations of manned and unmanned vehicles). To
help set identifiable goals and quantifiable metrics, this theme will use
large airborne platforms as the guiding case study in the development of
its methodologies and techniques (in addition, of course, to the
application drivers of the large-scale and small-scale systems themes.
Measures of Success. As in all efforts that involve improving the state-of-the-art in methodology and tools, measuring the success of the research listed in this Theme is a challenge. In EDA, there is still debate as to how much productivity improvement design tools have produced even though by now, no one questions that the impact was great. By the same token, the benefits of platform-based design as developed by the GSRC team have not been easy to measure albeit there is a general consensus that this methodology is impacting the industry in a major way. Nevertheless, the SCS Theme has made an effort to provide metrics to assess success in its endeavors. The metrics related to design time and quality will have to be computed defining the conditions for the test, which will have to involve either legacy designs or new designs but where the comparison is carried out with past designs of similar characteristics.
| Topic |
Measures of Success and Outcomes |
| Modeling |
Partially-ordered models of time that are robust and distributed;
Demonstration of multiple coexisting time scales on models of
physical dynamics; Definition of energy-centric semantic annotations;
Definition of timing repeatability metric; Algorithms to generate
quantitative models (so that the accuracy of prediction improves
super-linearly with the number of steps of the algorithm.
|
|
Verification and Diagnostics
|
Algorithms to either prove that the system is correct or generate a
test plan that demonstrates how the quantitative property is
violated; these algorithms will scale to > 10X larger systems than
possible with current verification methods; Heterogeneous simulation
technologies for multi-scale physical dynamics that can handle 10X
more complex cyber-physical systems; Localize the source of a failure
with low false alarm rate (< 5%) and using polynomially-many steps.
Testing tools to compute coverage metrics for semantic annotations
and energy usage.
|
|
Distributed Control
|
Increased efficiency of operations through at least 20% better
management of power. Communication architectures with low energy
consumption while improving by 10X the speed of distributed control
algorithms for multiple tasks.
|
|
Trust and Security
|
Incorporation of physical-layer security and authentication
mechanisms at multiple scales allowing >10X resiliency to a set of
common attacks, while expending no more than 2% higher energy and
scaling to >10X larger systems than possible with current
software-only security methods. Dynamic establishment of trusted
nodes enabling UCS for all distributed control and operation schemes,
with less than 5% communication overhead, less than 2% additional
energy consumption, capable of maintaining >80% performance
despite the existence of >35% corrupt nodes or agents.
|
|
Distributed Architectures
|
Overall 2X improvement in performance and reliability of the
system and 50% decrease in design time to achieve these results.
|
|
Avionics Systems
|
Reduction of the development time by 2X required for design,
implementation and verification of complex, distributed control
systems through the increased use of formal methods for
specification, design and verification. Reduction of the number of
fault conditions by 2X that require the system to be taken out of
service for inspection or repair, through the increase used of
onboard models and dynamic reconfiguration to provide enhanced fault
tolerance.
|
The team consists of world-renowned experts in distributed control,
sensor network design, system level design methodologies, tools and
models including verification, simulation and synthesis, security and
design-space exploration. In tune with the nature of this theme, we will
connect and interact closely with other FCRP centers including Platforms
(GSRC), Connectivity (IFC) and Modules and Circuits (C2S2).
|
