ACM Transactions on

Cyber-Physical Systems (TCPS)

Latest Articles

Demand Response and Smart Buildings: A Survey of Control, Communication, and Cyber-Physical Security

In this article, we perform a comprehensive survey of the technical aspects related to the implementation of demand response and smart buildings. Specifically, we discuss various smart loads such as heating, ventilating, and air-conditioning (HVAC) systems and plug-in electric vehicles (PEVs); the power architecture with multibus characteristics;... (more)

Towards Cyber-Physical Systems Design for Structural Health Monitoring: Hurdles and Opportunities

Large civil structures, such as bridges, buildings, and aerospace vehicles form the backbone of our society are critical to some catastrophic events... (more)

Adaptive Real-Time Scheduling of Cyber-Physical Energy Systems

This article addresses the application of real-time scheduling to the reduction of the peak load of power consumption generated by electric loads in... (more)

A Cloud-Based Black-Box Solar Predictor for Smart Homes

The popularity of rooftop solar for homes is rapidly growing. However, accurately forecasting solar generation is critical to fully exploiting the... (more)

Data Analytics for Managing Power in Commercial Buildings

Commercial buildings are significant consumers of electricity. We propose a number of methods for managing power in commercial buildings. The first... (more)

Optimal Control of PEVs with a Charging Aggregator Considering Regulation Service Provisioning

Plug-in electric vehicles (PEVs) are considered the key to reducing fossil fuel consumption and an... (more)


CFP: Special Issue on Real-Time aspects in Cyber-Physical Systems
This special issue invites original, high-quality work that report the latest advances in real-time aspects in CPSs. Featured articles should present novel strategies that address real-time issues in different aspects of CPS design and implementation, including theory, system software, middleware, applications, network, tool chains, test beds, and case studies. For more information, visit the Special Issue webpage.

CFP: Special Issue on Transportation Cyber-Physical Systems
The aim of this special issue will be to feature articles on new technologies that will impact future transportation systems. They might span across vehicular technologies – such as autonomous vehicles, vehicle platooning and electric cars, communication technologies to enable vehicle-to-vehicle and vehicle-to-infrastructure communication, security mechanisms, infrastructure-level technologies to support transportation, as well as management systems and policies such as traffic light control, intersection management, dynamic toll pricing and parking management. In addition to terrestrial transportation, traffic control and autonomous management of aerial vehicles and maritime ships are also of interest. For more information, visit the Special Issue webpage.

CFP: Special Issue on Dependability in Cyber Physical Systems and Applications
This special issue focuses on bringing together current research ideas and techniques from researchers and practitioners belonging to a myriad of research areas, with the final goal of sharing their specific challenges and solutions for CPS dependability. More specifically, contributions related to dependability aspects of CPS applications/systems in practice are of interest. For more information, visit the Special Issue webpage.

CFP: Special Issue on Medical Cyber-Physical Systems

This special issue seeks papers describing significant research contributions in the domain of medical cyber-physical systems; each paper should show enough evidence of contributions to medical cyber-physical systems applications and systems in practice. For more information, visit the Special Issue webpage.

CFP: Special Issue on Internet of Things

This special issue focuses on the technical issues we face when designing, engineering, deploying, and maintaining the IoT. We seek high-quality and unpublished papers that push research in all the facets of the IoT. Contributions may present and solve open technical problems, integrate novel solutions efficiently, and focus on the performance evaluation and comparison with existing standards. Both theoretical and experimental studies are welcome. For more information, visit the Special Issue webpage.

CFP: Special Issue on Smart Homes, Buildings, and Infrastructures

The purpose of this special issue is to present the state-of-the-art CPS research for building efficient smart homes, buildings, and infrastructures. The submissions should address the above challenges with a system perspective that includes both cyber and physical aspects, and should articulate how proposed approaches may be applied in practical CPS systems. For more information, visit the Special Issue webpage.

About TCPS

Cyber-Physical Systems (CPS) has emerged as a unifying name for systems where the cyber parts, i.e., the computing and communication parts, and the physical parts are tightly integrated, both at the design time and during operation. Such systems use computations and communication deeply embedded in and interacting with physical processes to add new capabilities to physical systems. These cyber-physical systems range from miniscule (pace makers) to large-scale (a national power-grid). There is an emerging consensus that new methodologies and tools need to be developed to support cyber-physical systems.  READ MORE

Forthcoming Articles
Securing Communication Data in Pervasive Social Networking based on Trust with KP-ABE

Pervasive Social Networking (PSN) intends to support instant social activities in a pervasive way at anytime and anywhere. In order to protect crucial social activities and enhance user privacy, securing pervasive social communications becomes especially important. However, neither centralized nor distributed solutions can protect PSN communications as expected. How to automatically control data access in a trustworthy and efficient way is an important security issue. In this paper, we propose a scheme to guarantee communication data security in PSN based on two dimensions of trust in a flexible manner on the basis of Key-Policy Attribute-based Encryption (KP-ABE). Its advantages and performance are justified and evaluated through extensive analysis on security, computation complexity, communication cost, scalability and flexibility, as well as scheme implementation. In addition, we develop a demo system based on Android mobile devices to test our scheme in practice. The results demonstrate its efficiency and effectiveness. Comparison with our previous work based on CP-ABE [Yan and Wang 2014] further shows its feasibility to be applied into PSN.

RSimplex: A Robust Control Architecture for Cyber And Physical Failures

As the complexity of Cyber-Physical Systems (CPS) increases, it becomes more and more challenging to ensure CPS reliability, especially in the presence of software and/or physical failures. The Simplex architecture is shown to be an efficient tool to address software failures in such systems. When physical failures exist, however, Simplex may not function correctly, because physical failures could change the system dynamics and the original Simplex design may not work for the new faulty system. To address concurrent software and physical failures, this paper presents the RSimplex architecture, which integrates the robust fault-tolerant control (RFTC) techniques into the Simplex architecture. It includes the uncertainty monitor, the high-performance controller (HPC), the robust high-assurance controller (RHAC), and the decision logic that triggers the switch of the controllers. Based on the uncertainty monitor of physical failures, we introduce a monitor-based switching rule in the decision logic in addition to the traditional stability-envelope-based rule. The RHAC is designed based on robust fault-tolerant controllers. We show that RSimplex can efficiently handle a class of software and physical failures.

Cyber-Physical Specification Mismatches

Embedded systems use increasingly complex software and are evolving into cyber-physical systems (CPS) with sophisticated interaction and coupling between physical and computational processes. Many CPS operate in safety-critical environments and have stringent certification, reliability, and correctness requirements. These systems undergo changes throughout their lifetimes, where either the software or physical hardware is updated in subsequent design iterations. One source of failure in safety-critical CPS is when there are unstated assumptions in either the physical or cyber parts of the system, and new components do not match those assumptions. In this work, we present an automated method towards identifying unstated assumptions in CPS. Dynamic specifications in the form of candidate invariants of both the software and physical components are identified using dynamic analysis (executing and/or simulating the system implementation or model thereof). A prototype tool called Hynger (for HYbrid iNvariant GEneratoR) was developed that instruments Simulink/Stateflow (SLSF) model diagrams to generate traces in the input format compatible with the Daikon invariant inference tool, which has been extensively applied to software systems. Hynger, in conjunction with Daikon, is able to detect candidate invariants of several CPS case studies. We use the running example of a DC-to-DC power converter, and demonstrate that Hynger can detect a specification mismatch where a tolerance assumed by the software is violated due to a plant change. Another case study of a powertrain fuel control system is also introduced to illustrate the power of Hynger and Daikon in automatically identifying cyber-physical specification mismatches.

Hybrid Optimal Control under Mode Switching Constraints with Applications to Pesticide Scheduling

In this paper, we consider a class of hybrid optimal control problems with temporal constraints on the mode switchings. Physical systems can typically not switch infinitely fast and the switch order may not be free resulting in constraints on the adjacent and non-adjacent switching times. In this paper, we incorporate these types of constraints into the hybrid optimal control problem and present a gradient projection algorithm to compute the optimal control inputs. The application of our results is considered for the problem of optimal pesticide scheduling where the problem is posed as a switched stochastic system so as to minimize the risk of various infestations while satisfying constraints on the use of different pesticides. We demonstrate this methodology via a simulation example with scheduling constraints based on recommendations and regulations from agricultural experts. Our case study considers blueberries, a crop whose cultivation currently involves little automation.

CHARIOT: Goal-driven Orchestration Middleware for Resilient IoT Systems

The emerging trend in Internet of Things (IoT) applications is to move the computation (cyber) closer to the source of the data (physical). This paradigm is often referred to as edge computing. If edge resources are pooled together they can be used as decentralized shared resources for IoT applications, providing increased capacity to scale up computations and minimize end-to-end latency. Managing applications on these edge resources is hard, however, due to their remote, distributed, and possibly dynamic nature, which necessitates autonomous management mechanisms that facilitate application deployment, failure avoidance, failure management, and incremental updates. To address this need, we present CHARIOT, which is orchestration middleware capable of autonomously managing IoT systems that comprises edge resources and applications. CHARIOT implements a three-layer architecture. The topmost layer comprises a system description language; the middle layer comprises a persistent data storage layer and the corresponding schema to store system information; and the bottom layer comprises a management engine, which uses information stored in persistent data storage to formulate constraints that encode system properties and requirements, thereby enabling the use of Satisfiability Modulo Theories (SMT) solvers to compute optimal system (re)configurations dynamically at runtime. This paper describes the structure and functionality of CHARIOT and evaluates its efficacy as the basis for a smart parking system case study that is responsible for parking space management.

Distributed Scheduling of Event Analytics across Edge and Cloud

Internet of Things (IoT) domains generate large volumes of high velocity event streams from sensors, which need to be analyzed with low latency to drive decisions. Complex Event Processing (CEP) is a Big Data technique to enable such analytics, and is traditionally performed on Cloud Virtual Machines (VM). Leveraging captive IoT edge resources in combination with Cloud VMs can offer better performance, flexibility and monetary costs for CEP. Here, we formulate an optimization problem for placing CEP queries, composed as an analytics dataflow, across a collection of edge and Cloud resources, with the goal of minimizing the end-to-end latency for the dataflow. We propose a brute-force optimal algorithm (BF) and a Generic Algorithm (GA) meta-heuristic to solve this problem. We perform comprehensive real-world benchmarks on the compute, network and energy capacity of edge and Cloud resources for over 17 CEP query configurations. These results are used to define a realistic simulation study that validates the BF and GA solutions for 45 diverse dataflows. Our results show that the GA approaches within 99% of the optimal BF solution that takes hours, maps dataflows with 4  50 queries within 1  25 secs, and in fewer than 10% of the experiments is unable to offer a feasible solution.

SLATS: Simultaneous Localization and Time Synchronization

As the density of wireless, resource-constrained sensors grows, so does the need to choreograph their actions across both time and space. Recent advances in ultra-wideband RF communication have enabled accurate packet timestamping, which can be used to precisely synchronize time. Location may be further estimated by timing signal propagation, but this requires additional communication overhead to mitigate the effect of relative clock drift. This additional communication lowers overall channel efficiency and increases energy consumption. This paper describes a novel approach to simultaneously localizing and time synchronizing networked mobile devices. An Extended Kalman Filter is used to estimate all devices' positions and clock errors, and packet timestamps serve as measurements that constrain time and overall network geometry. By inspection of the uncertainty in our state estimate, we can adapt the number of messages sent in each communication round to balance accuracy with communication cost. This reduces communication overhead, which decreases channel congestion and power consumption compared to traditional time of arrival and time difference of arrival localization techniques. We demonstrate the performance and scalability of our approach using a real network of custom RF devices and mobile quadrotors.

Cyber-Physical System For Energy Efficient Stadium Operation: Methodology And Experimental Validation

The environmental impacts of medium to large scale buildings receive substantial attention in research, industry, and media. This paper studies the energy savings potential of a commercial soccer stadium during day-to-day operation. Buildings of this kind are characterized by special purpose system installations like grass heating systems and by event-driven usage patterns. This work presents a methodology to holistically analyze the stadiums characteristics and integrate its existing instrumentation into a Cyber-Physical System, enabling to flexibly deploy different control strategies. In total, seven different strategies for controlling the studied stadiums grass heating system are developed and tested in operation. Experiments in winter season 2014/2015 validated the strategies impacts within the real operational setup of the Commerzbank Arena, Frankfurt, Germany. With 95% confidence, these experiments saved up to 66% of median daily weather normalized energy consumption. Extrapolated to an average heating season, this corresponds to savings of 775 MWh and 148 t of CO2 emissions. In winter 2015/2016 an additional predictive nighttime heating experiment targeted lower temperatures. This experiment increased the savings to up to 85%, equivalent to 1 GWh (197 t CO2) in an average winter. In addition to achieving significant levels of energy savings, the different control strategies also met the target temperature levels to the satisfaction of the stadiums operational staff.

Physical Layer Key Generation: Securing Wireless Communication in Automotive Cyber-Physical Systems

Modern automotive Cyber-Physical Systems (CPS) are increasingly adopting wireless communications for Intra-Vehicular, Vehicle-to-Vehicle (V2V) and Vehicle-to-Infrastructure (V2I) protocols as a promising solution for challenges such as the wire harnessing problem, collision detection, and collision avoidance, traffic control, and environmental hazards. Regrettably, this new trend results in new security challenges that can put the safety and privacy of the automotive CPS and passengers at great risk. In addition, automotive wireless communication security is constrained by strict energy and performance limitations of electronic controller units and sensors. As a result, the key generation and management for secure automotive CPS wireless communication is an open research challenge. This paper aims to help solve these security challenges by presenting a practical key generation technique based on the reciprocity and high spatial and temporal variation properties of the automotive wireless communication channel. Accompanying this technique is also a key length optimization algorithm to improve performance (in terms of time and energy) for safety-related applications constrained by small communication windows. To validate the practicality and effectiveness of our approach, we have conducted simulations alongside real-world experiments with vehicles and RC cars. Lastly, we demonstrate through simulations that we can generate keys with high security strength (keys with 67% min-entropy) with up to 10X improvement in performance and 20X reduction in code size overhead in comparison to the state-of-the-art security techniques.

A Mobile Health System for Neurocognitive Impairment Evaluation based on P300 Detection

A new mobile healthcare solution for neuro-cognitive function monitoring and treatment is presented. The technique is based on spatio-temporal detection and characterization of a specific brain potential, called P300. The diagnosis of cognitive deficit is achieved by analyzing the data collected by the system with a new algorithm called tuned-Residue Iteration Decomposition (t-RIDE). The system has been tested on 12 subjects involved in three different cognitive tasks with increasing difficulty. The system allows fast diagnosis of cognitive deficit, including mild and heavy cognitive impairment: t-RIDE convergence is achieved in 79 iterations (i.e., 1.95s) yielding an 80% accuracy in P300 amplitude evaluation with only 13 trials on a single EEG channel.

Distributed Trade-based Edge Device Management in Multi-gateway IoT

Internet-of-Things (IoT) envisions an infrastructure of ubiquitous networked smart devices offering advanced monitoring and control services. Current art in IoT architectures utilizes gateways to enable application-specific connectivity to IoT devices. In typical configurations, IoT gateways are shared among several IoT edge devices. Given the limited available bandwidth and processing capabilities of an IoT gateway, the service quality (SQ) of connected IoT edge devices must be adjusted over time not only to fulfill the needs of individual IoT device users, but also to tolerate the SQ needs of the other IoT edge devices sharing the same gateway. However, having multiple gateways introduces an interdependent problem, the binding, i.e. which IoT device shall connect to which gateway. In this paper, we jointly address the binding and allocation problems of IoT edge devices in a multi-gateway system under the constraints of available bandwidth, processing power, and battery lifetime. We propose a distributed trade-based mechanism in which after an initial setup, gateways negotiate and trade the IoT edge devices to increase the overall SQ. We evaluate the efficiency of the proposed approach with a case study and through extensive experimentation over different IoT system configurations regarding to the number and type of the employed IoT edge devices. Experiments show that our solution improves the overall SQ by up to 56% compared to an unsupervised system. Our solution also achieves up to 24.6% improvement on overall SQ compared to the state-of-the-art SQ management scheme while they both meet the battery lifetime constraints of the IoT devices.

Selecting the Transition Speeds of Engine Control Tasks to Optimize the Performance

Engine control applications include functions that need to be executed at specific rotation angles of the crankshaft. The tasks performing these functions are activated at variable rates and are programmed to be adaptive with respect to the rotation speed of the engine to avoid overloading the CPU. Simplified control implementations are used at high speeds, for example reducing the number of fuel injections or the complexity of the computations. Such different control implementations define execution modes with different execution times for different ranges of the rotation speed. The selection of the switching speeds for the operating modes of such tasks is an optimization problem, consisting in determining the optimal transition speeds that maximize the engine performance while guaranteeing schedulability. This paper presents three methods for tackling such an optimization problem under a set of assumptions about the performance metrics: two heuristics and a branch and bound method that guarantees finding the optimal solution within a given speed granularity. In addition, a simple method to compute a performance upper bound is presented. The approach and the hypothesis are validated using a Simulink model of the engine and the computational tasks, considering the engine efficiency and the production of pollutants (NO2) as metrics of interest. Simulation experiments show that the performance of proposed heuristics is quite close to the one of the upper bound and the optimum within a finite granularity.

A Dependable Time Series Analytics Framework for Cyber-Physical Systems of IoT based Smart Grid

With the emergence of cyber-physical systems (CPS), we are now at the brink of next computing revolution. As one of the foundations for this CPS revolution, IoT (Internet of Things) based Smart Grid (SG) is defined as a power grid integrated with a large network of smart objects. The volume of time series of SG equipments is tremendous and the raw time series are very likely to contain missing values because of undependable network transferring. The problem of storing tremendous volume of raw time series thereby providing a solid support for precise time series analytics is now become tricky. In this paper we propose a dependable time series analytics (DTSA) framework for IoT based SG. Our proposed DTSA framework is capable of proving a dependable data transforming from CPS to target database with an extraction engine to preliminary refining raw data and further cleansing the data with a correction engine built on top of a sensor-network-regularization based matrix factorization (SnrMF) method. The experimental results reveal that our proposed DTSA framework is capable of effectively increasing the dependability of raw time series transforming between CPS and the target database system through the online light-weight extraction engine and the offline correction engine. Our proposed DTSA framework would be useful for other industrial big data practices.

Dependable Visual Light Based Indoor Localization with Automatic Anomaly Detection for Location Based Service of Mobile Cyber-Physical Systems

Indoor localization has become popular in recent years due to the increasing need of location based services in mobile cyber-physical systems (CPS). The massive deployment of Light Emitting Diodes (LEDs) further promotes the indoor localization using visual light. As a key enabling technique for mobile CPS, accurate indoor localization based on visual light communication (VLC) remains nontrivial due to various non-idealities such as attenuation induced by unexpected obstacles. The anomalies of localication can potentially reduce the dependability of location based services. In this paper we develop a novel indoor localization framework based on relative received signal strength (RRSS). Most importantly, an efficient method is derived from the triangle inequality to automatically detect the abnormal LED lamps that are blocked by obstacles. These LED lamps are then ignored by our localization algorithm so that they do not bias the localization results, which improves the dependability of our localization framework. As demonstrated by the simulation results, the proposed techniques can achieve superior accuracy over the conventional approaches especially when there exists abnormal LED lamps.

Improve the Localization Dependability for Cyber-Physical Applications

Cyber-Physical Systems facilitate the seamless integration of devices in the physical world with cyberspace, which have attracted substantial interests from the academic, research, and industrial communities. Among them, localization is very important. For example, the date information will be meaningless without position, and localization provides precondition for various operations in the Cyber-Physical, such as routing, data collecting and so on. Localization for mobile group users is one of the important applications in Cyber-Physical systems. However, due to the sparse deployment of anchors and the instability of signals in the wireless environment, users may cannot receive adequate anchor information, which leads the localization quality is not dependable and acceptable. To solve this problem, we propose to exploit the localized users as the mobile anchors for localizing the non-localized users. These mobile users cooperate as a whole group to improve their localization accuracy. Moreover, to decrease the communication cost among these users, an algorithm for electing mobile anchors is designed, with several provable properties. This electing algorithm is a distributed method, without advanced negotiation among mobile users. In addition, for the scenarios with crowd of users, we divide the users into different groups according to their distance information, which can assure that only the dependable anchors are used for the localization. Extensive experimental results demonstrate that the localization dependability can be improved obviously.

On Reliability Analysis of Smart Grids under Topology Attacks: A Stochastic Petri Net Approach

Building an efficient, smart, and multifunctional power grid while maintaining high reliability and security is an extremely challenging task, particularly in the ever-evolving cyber threat landscape. The challenge is also compounded by the increasing complexity of power grids in both cyber and physical domains. In this article, we develop a stochastic Petri net based analytical model to assess and analyze the system reliability of smart grids, specifically against topology attacks, and system countermeasures (i.e., intrusion detection systems and malfunction recovery techniques). Topology attacks, evolving from false data injection attacks, are growing security threats to smart grids. In our analytical model, we define and consider both conservative and aggressive topology attacks, and two types of unreliable consequences (i.e., system disturbances and failures). The IEEE 14-bus power system is employed as a case study to clearly explain the model construction and parameterization process. The benefit of having this analytical model is the capability to measure the system reliability from both transient- and steady-state analysis. Finally, intensive simulation experiments are conducted to demonstrate the feasibility and efficiency of our proposed model.

Dependable Deep Computation Model for Feature Learning on Big Data in Cyber-Physical Systems

With the ongoing development of sensor devices and network techniques, big data is being generated from the cyber-physical systems. Because of sensor equipment occasional failure and network transmission unreliability, a large number of low-quality data, such as noisy data and incomplete data, is collected from the cyber-physical systems. Low-quality data poses a remarkable challenge on deep learning models for big data feature learning. As a novel deep learning model, the deep computation model achieves the super performance for big data feature learning. However, it is difficult for the deep computation model to learn dependable features for low-quality data since it uses the nonlinear function as the encoder. In this paper, a dependable deep computation model is proposed for feature learning on low-quality big data in cyber-physical systems. Specially, a regularity is added into the objective function of the deep computation model to obtain reliable features in the intermediate-level representation space. Furthermore, a learning algorithm based on the back-propagation strategy is devised to train the parameters of the proposed model. Finally, some experiments are conducted to evaluate the effectiveness of the dependable deep computation model for low-quality big data feature learning. Results indicate that the proposed model performs better than the conventional deep computation model and the denoising deep computation model for the classification and the restoration for the low-quality data in cyber-physical systems.

Privacy-preserving Data Aggregation Computing in Cyber-Physical Social Systems

In cyber-physical social systems (CPSS), a group of volunteers report data about the physical environment through their cyber devices and data aggregation is widely utilized. An important issue in data aggregation for CPSS is to protect users' privacy. In this paper, we use bitwise XOR and propose a bit-choosing algorithm to realize privacy-preserving min, \textit{k}-th min and percentile computation. By our algorithm, the aggregator can confirm whether a user's data value is equal to certain value or within certain scale. Consequently, it is also possible to count the number of users satisfying given conditions. Our bit-choosing algorithm makes sure that the users send non-repetition replies to the aggregator so as to raise the aggregation accuracy. We analyze the communication cost and the achievable accuracy of our algorithm. Via performance comparison against existing protocols, the efficiency and accuracy of our algorithm are verified.

Resource Cost-aware Fault-tolerant Design Methodology for End-to-end Functional Safety Computation on Automotive Cyber-Physical Systems

Automotive functional safety standard ISO 26262 aims to avoid unreasonable risks caused by systematic failures and random hardware failures. Automotive functions involve distributed end-to-end computation in automotive cyber-physical systems (ACPS). The automotive industry is highly cost-sensitive to the mass market. This study presents a resource cost-aware fault-tolerant design methodology for end-to-end functional safety computation on ACPS. The proposed design methodology involves early functional safety requirement verification and late resource cost design optimization. We first propose the functional safety requirement verification (FSRV) method to verify the functional safety requirement consisting of reliability and response time requirements of the distributed automotive function during the early design phase. We then propose the resource cost-aware fault-tolerant optimization (RCFO) method to reduce the resource cost while satisfying the functional safety requirement of the function during the late design phase. Finally, we perform experiments with real-life automotive and synthetic automotive functions. Findings reveal that the proposed RCFO and VFSR methods demonstrate satisfactory resource cost reduction compared with other methods while satisfying the functional safety requirement.

OS-Aware Automotive Controller Design Using Non-Uniform Sampling

Automotive functionalities typically consist of a large set of periodic/cyclic tasks scheduled under a time-triggered operating system (OS), and a large fraction of them are feedback control applications. OSEK/VDX is a common time-triggered automotive OS that offers preemptive periodic schedules supporting a pre-configured set of periods. The feedback controllers implemented onto such OSEK/VDX-compliant systems need to use one of the pre-configured (sampling) periods. A shorter period is often desired for a feedback controller for higher control performance, and on the other hand, this implies a higher processor load. For a given performance requirement, the longest sampling period that meets this requirement is the optimal one. Given a limited set of pre-configured periods, such optimal sampling periods are often not available, and the practice is to choose a shorter available period -- leading to a higher processor load. To address this, we propose a controller that cyclically switches among the available periods, thereby leading to an average sampling period closer to the optimal one. This way, we reduce the processor load and are able to pack more control applications on the same processor. The main challenge in this paper is the design of such controllers that takes into account such cyclic switching of sampling periods (i.e., use non-uniform sampling) and meets specified performance requirements (in settling time, which is the key metric for many real-time control applications and more difficult to optimize than quadratic cost) and system constraints (e.g., input saturation). Such a non-convex constrained controller optimization problem as raised in the OS-aware automotive systems design has not been addressed in the control theory and a new approach based on adaptively parameterized particle swarm optimization (PSO) is proposed to solve it.

A Limb Tracking Platform for Tele-Rehabilitation

The average age of the population is regularly increasing. It is a symptom of an aging society which needs more and more moto-rehabilitative therapies. If the longer life expectancy is coupled with the problem of a decreasing availability of public money for the healthcare sector, the consequence is a degradation of the quality of care provided. A recent trend is to increase the adoption of self-care procedures, such as a motor therapy and rehabilitative sessions performed primarily in patients environment rather than in formal hospitals or healthcare structures. In particular, the diffusion of an efficient telerehabilitation system implies significant advantages for patients, their family, caregivers, clinicians, and researchers, especially in the case of intensive rehabilitation and chronic patients rehabilitation. In line with the promised advantages, this work presents a platform to enhance limb functional recovery through telerehabilitation sessions. The framework relies on a sensing system, based on inertial sensors and data fusion algorithms, a module to provide bio-feedback tailored to the users, and a one dedicated to the physicians practices. The systems design poses interesting cyber-physical problems due the tight interaction between patient and sensors, for instance, when taking body kinematics into account to improve the precision of measurements, simplify the calibration procedure, or generate bio-feedback signals. The precision improvement is shown through a set of experiments. Currently, the proposed solution is being tested in a medical trial, comparing the results with the traditional methodologies, both for patients rehabilitation and healthy subjects training. The presented approach can be quickly adapted for other application fields, as neurological rehabilitation (e.g., Parkinson, Stroke, etc.) and sports training.

Closed-loop quantitative verification of rate-adaptive pacemakers

Rate-adaptive pacemakers are cardiac devices able to automatically adjust the pacing rate depending on the metabolic demand of the patient. These devices are implanted in patients with chronotropic incompetence, i.e. whose heart is unable to provide an adequate rate at increasing levels of physical, mental or emotional activity. Rate-adaptive pacemakers work by processing data from physiological sensors in order to detect the patient's activity and update the pacing rate accordingly. However, rate-adaptation parameters depend on many patient-specific factors such as age, lifestyle and tolerance to rapid pacing, and personalization of such treatments can only be achieved through extensive testing under varying levels of physical exercise, which is time consuming in clinical practice and could be intolerable for the patient. In this work, we introduce a data-driven and model-based approach for the automated verification of rate-adaptive pacemakers. We develop a novel dual-sensor VVIR pacemaker model that combines information from electrocardiogram (ECG) and accelerometer sensors. The approach involves estimation of personalised heart models from patient data and enables closed-loop verification through the generation of synthetic, model-based physiological signals. To capture the probabilistic and non-linear dynamics of the heart, we define a probabilistic extension of timed I/O automata with data and employ statistical model checking (SMC) for the quantitative verification of rate modulation. We evaluate our VVIR pacemaker on three subjects and perform an extensive analysis of rate control under typical exercise curves and at increasing degrees of chronotropic incompetence, indicative of worsening heart conditions. Further, we show that phenomena of sensor-induced endless-loop tachycardia can be reproduced by our closed-loop design, and can be appropriately detected through SMC. The results demonstrate that our approach can provide the necessary safety assurance for rate-adaptive pacemakers through quantitative verification, eliminating the need for exercise testing with real patients through data-driven personalisation of models and rate modulation algorithms.

A Cyber-Physical System to Improve the Management of a Large Suite of Operating Rooms

Cyber-physical systems have been deployed with considerable success in many industries. However, the implementation of cyber-physical systems in hospitals has been far more limited. The nature of the field application that is a safety-critical system might be one of the reasons for this slow development but not only. Revenues from Operating Room (OR) time and surgery account for about 50 percent of the income of major hospitals, but the efficiency of OR utilization is often reported to be relatively low. Therefore, improving OR management with a cyber-physical system should be a priority. By nature, in clinical operations patient safety and consideration for health outcomes is of utmost importance, thus possibly slowing the implementation of innovative solutions with limited history. In this paper we will report on our experience implementing a cyber-physical system at Houston Methodist Hospital and discuss some of the difficulties and potential drivers for success. Our pilot study was done in the context of the management of a large suite of ORs and uses the agile co-development of a cyber-physical system through intense collaboration of clinicians and computational scientists. While technology remains the foundation of a cyber-physical system, this experience taught us that the human factor is certainly the driving force behind the design promoting user acceptance.

Data Predictive Control for Cyber-Physical Energy Systems

Decisions on how best to optimize todays energy systems operations are becoming ever so complex and conflicting such that model-based predictive control algorithms must play a key role. However, learning dynamical models of energy consuming systems such as buildings, using grey/white box approaches is very cost and time prohibitive. Demand response (DR) is becoming increasingly important as the volatility on the grid continues to increase. We consider the problem of data-driven end-user demand response and peak power reduction for large buildings which involves predicting the demand response baseline, evaluating fixed rule based DR strategies, synthesizing DR control actions, and reducing the peak power consumption. We provide a model based control with regression trees algorithm (mbCRT), which allows us to perform closed-loop control for DR strategy synthesis for large commercial buildings. Our data-driven control synthesis algorithm outperforms rule-based DR by 17% for a large DoE commercial reference building and leads to a curtailment of 380kW and over $45, 000 in DR revenue. A data predictive control with regression trees (DPCRT) algorithm, is also presented. DPCRT is a finite receding horizon method, using which the building operator can optimally trade off peak power reduction against thermal comfort without having to learn white/grey box models of the systems dynamics. Our methods have been integrated into an open source tool called DR-Advisor, which acts as a recommender system for the buildings facilities manager and provides suitable control actions to meet the desired load curtailment while maintaining operations and maximizing the economic reward. DR-Advisor achieves 92.8% to 98.9% prediction accuracy for 8 buildings on Penns campus. We compare DR-Advisor with other data driven methods and rank 2nd on ASHRAEs benchmarking data-set for energy prediction.

Formal Verification of Medical CPS: a Laser Incision Case Study

The use of robots in operating rooms improves safety and decreases patient recovery time and surgeon fatigue, but introduces new potential hazards that can lead to severe injury, or even the loss of human life. Thus, safety has been perceived as a crucial system property since the early days both by the industry, the medical community and the regulatory agents. In this paper we discuss the application of the mathemat- ically rigorous technique known as Formal Verification to analyze the safety properties of a laser incision case study, and assess its safe and predictable operation. Like all formal methods approaches, our analysis has three distinct components: a method to create a model of the system, a language to specify the prop- erties, and a strategy to prove rigorously that the behavior of the model fulfills the desired properties. The model of the system takes the form of a hybrid automaton consisting of a discrete control part that operates in a continuous environment. The safety constraints are formalized as reachability properties of the hybrid automaton model, while the verification strategy exploits the capabilities of the tool ARIADNE to address the verification problem and answer the related questions ranging from safety to efficiency and effectiveness.

Towards the Emulation of the Cardiac Conduction System for Pacemaker Validation

The heart is a vital organ that relies on the orchestrated propagation of electrical stimuli to coordinate each heart beat. Abnormalities in the hearts electrical behaviour can be managed with a cardiac pacemaker. Recently, the closed-loop testing of pacemakers with an emulation (real-time simulation) of the heart has been proposed. This enables developers to interrogate their pacemaker design without having to engage in costly or lengthy clinical trials. Many high-fidelity heart models have been developed, but are too computationally intensive to be simulated in real-time. Heart models, designed specifically for the closed-loop testing of pacemakers, are too abstract to be useful in the testing of physical pacemakers. In the context of pacemaker testing, this paper presents a more computationally efficient heart model that generates realistic continuous-time electrical signals. The heart model is composed of cardiac cells that are connected by paths. Significant improvements were made to an existing cardiac cell model to stabilise its activation behaviour and to an existing path model to capture the behaviour of continuous electrical propagation. We provide simulation results that show our ability to faithfully model complex re-entrant circuits (that cause arrhythmia) that existing heart models can not.

Feature-driven Mediator Synthesis: Supporting Collaborative Security in the Internet of Things

As the number, complexity, and heterogeneity of connected devices in the Internet of Things (IoT) increase, so does our need to secure these devices, the environment in which they operate, and the assets they manage or control. Collaborative security exploits the capabilities of these connected devices and opportunistically composes them in order to protect assets from potential harm. By dynamically composing these capabilities, collaborative security implements the security controls through which security (and other) requirements are satisfied. However, this dynamic composition is often hampered by the heterogeneity of the devices available in the environment and the diversity of their behaviours. In this paper we present a systematic, tool-supported approach for collaborative security where the analysis of requirements drives the opportunistic composition of capabilities in order to realise the appropriate security control in the operating environment. This opportunistic composition is supported through a combination of feature modelling and mediator synthesis. We use features and transition systems to represent and reason about capabilities and requirements. We formulate the selection of the optimal set of features to implement adequate security control as a multi-objective constrained optimisation problem and use constraint programming to solve it efficiently. The selected features are then used to scope the behaviours of the capabilities and thereby restrict the state space for synthesising the appropriate mediator. The synthesised mediator coordinates the behaviours of the capabilities to satisfy the behaviour specified by the security control. Our approach ensures that the implemented security controls are the optimal ones given the capabilities available in the operating environment. We demonstrate the validity of our approach by implementing a Feature-driven medIation for Collaborative Security (FICS) tool and applying it to a collaborative robots case study.

All ACM Journals | See Full Journal Index

Search TCPS
enter search term and/or author name