Studies in Computational Intelligence 632 Roman Gumzej Engineering Safe and Secure Cyber-Physical Systems The Specification PEARL Approach Studies in Computational Intelligence Volume 632 Series editor Janusz Kacprzyk, Polish Academy of Sciences, Warsaw, Poland e-mail: [email protected] About this Series The series “Studies in Computational Intelligence” (SCI) publishes new develop- mentsandadvancesinthevariousareasofcomputationalintelligence—quicklyand with a high quality. The intent is to cover the theory, applications, and design methods of computational intelligence, as embedded in the fields of engineering, computer science, physics and life sciences, as well as the methodologies behind them. The series contains monographs, lecture notes and edited volumes in computational intelligence spanning the areas of neural networks, connectionist systems, genetic algorithms, evolutionary computation, artificial intelligence, cellular automata, self-organizing systems, soft computing, fuzzy systems, and hybrid intelligent systems. Of particular value to both the contributors and the readership are the short publication timeframe and the worldwide distribution, which enable both wide and rapid dissemination of research output. More information about this series at http://www.springer.com/series/7092 Roman Gumzej Engineering Safe and Secure Cyber-Physical Systems fi The Speci cation PEARL Approach 123 RomanGumzej Faculty of Logistics University of Maribor Celje Slovenia ISSN 1860-949X ISSN 1860-9503 (electronic) Studies in Computational Intelligence ISBN978-3-319-28903-8 ISBN978-3-319-28905-2 (eBook) DOI 10.1007/978-3-319-28905-2 LibraryofCongressControlNumber:2015960778 ©SpringerInternationalPublishingSwitzerland2016 Thisworkissubjecttocopyright.AllrightsarereservedbythePublisher,whetherthewholeorpart of the material is concerned, specifically the rights of translation, reprinting, reuse of illustrations, recitation, broadcasting, reproduction on microfilms or in any other physical way, and transmission orinformationstorageandretrieval,electronicadaptation,computersoftware,orbysimilarordissimilar methodologynowknownorhereafterdeveloped. The use of general descriptive names, registered names, trademarks, service marks, etc. in this publicationdoesnotimply,evenintheabsenceofaspecificstatement,thatsuchnamesareexemptfrom therelevantprotectivelawsandregulationsandthereforefreeforgeneraluse. The publisher, the authors and the editors are safe to assume that the advice and information in this book are believed to be true and accurate at the date of publication. Neither the publisher nor the authorsortheeditorsgiveawarranty,expressorimplied,withrespecttothematerialcontainedhereinor foranyerrorsoromissionsthatmayhavebeenmade. Printedonacid-freepaper ThisSpringerimprintispublishedbySpringerNature TheregisteredcompanyisSpringerInternationalPublishingAGSwitzerland This book is dedicated to Eva Foreword Thetermcyber-physicalsystem(CPS)isjustafewyearsoldandisnowinvogue. It refers, however, by no means to anything new. Actually, it is a synonym for real-time computer system, which was defined by J. Martin already half a century agoas“onewhichcontrolsanenvironmentbyreceivingdata,processingthem,and takingactionorreturningresultssufficientlyquicklytoaffectthefunctioningofthe environment at that time.” Particularly with respect to the attribute “sufficiently quickly” this definition was refined by a German standard: “Real-time operation is the operating mode of a computing system, in which the programs for the pro- cessingofdataarrivingfromtheoutsidearepermanentlyreadyinsuchaway,that the processing results become available within time periods given a priori; these datamaybecomeavailableforprocessingeitheratrandomlydistributedinstantsor at predetermined points in time.” In these definitions, the computer stands for the cyber-part of a CPS controlling its physical part, viz. the “environment” or the “outside”, with the dynamics there the computer must keep pace. To support the design of embedded real-time systems, a number of computer-aidedtoolsweredeveloped.Theyare,however,generallynotsatisfactory for different reasons. Some were derived from tools originally developed for the non-real-time domain by just adding to them an often insufficient minimum of real-timefunctionality.Othersweretooformaland,thus,notappealingtoengineers for use inreal-lifeprojects. Inthis situation thebookin handpresentsas aremedy a novel approach based on the Process and Experiment Automation Real-time Language (PEARL). The development of this programming language commenced in1969,startingoutwitharathercomplexfirstdesign.Sincethen,asimplification process extensively exploiting experience gained in course of its industrial use led to several improved versions of PEARL. A unique feature of PEARL is its closeness to natural language rendering PEARLcodetobeeasilyreadableandunderstandable,evenforpersonswhodonot know the language. Furthermore, its very high-level constructs to a certain extent let it even be feasible for use as a specification language. Therefore, the author of this book bases his approach on this feature and derives from the programming vii viii Foreword languagePEARLthelanguageSpecificationPEARL. Asgraphical representations usually appeal better to humans than textual ones, the author makes his approach also applicable within the framework of the Unified Modeling Language (UML) exploiting the latter’s extensibility. To this end, he maps PEARL’s archi- tectural constructs into UML and provides suitable stereotypes, profiles, and patterns. Since real-time systems are very closely linked to processes in their environ- mentsandalsophysicallylocatedthere,anothersynonymoustermreferringtothem isembeddedsystems.Today,98%ofallprocessorsbuiltareembeddedintechnical systems of any kind, where their task is to automate the operation of the envi- ronments embedding them. To a large extent, these automation functions are safety-related, or even safety-critical. That is also the reason why currently an initiative is under way to elaborate a novel version of PEARL, which will be the first programming language explicitly oriented at functional safety. Enclosed in its present version, in a nested way it will comprise four more and more restrictive partial languages, each one corresponding to one of the safety integrity levels as defined in an international safety standard. But safety is not the only problem resulting from the very nature of automation systems, which must be taken into consideration in the course of their design. In contrast to earlier times, when embedded systems were proprietary and operating independently on their own, now they tend to be interconnected, often via the Internet. As a result, they are confronted with the same security problems as computers inthenon-real-time domain,viz. malware intrusionandeavesdropping. Thecurrenttrendtowardcompleteinterconnectednessaschampionedbyinitiatives such as Internet of Things or Industry 4.0 will even exacerbate the dangers to the informational security of embedded automation systems. With this in mind, the book in hand presents a holistic approach oriented at quality ofservice andstressing therequirements of safety and security, in addition to the ones of correctness and timeliness, right from the start, i.e., immediately by design. In other words, the old path is left of trying to make already designed and implemented systems safe and secure, and to verify their correct and timely behavior at later stages. Instead, both by its notation and by its co-simulation features the Specification PEARL co-design methodology provides for self-documentation as well as verification and validation. In correspondence with the safety orientation of PEARL’s forthcoming version, this methodology com- prises guidelines for the appropriate use and parameterization of its constructs aiming to comply with the individual safety and security levels as defined by the standards pertaining for safety and security of cyber-physical systems. Hagen Wolfgang A. Halang January 2016 Preface Cyber-physical systems representing networked computational systems controlling physical entities build on the concepts of embedded and autonomous systems that can be enhanced by methods of artificial intelligence. They are spatially and tem- porally determined and need to be aware of that during their operation, for the signals from their environment to be adequately captured and assessed. They need to expose properties, native to autonomous systems: self-management, self-configuration, self-optimization, self-protectionand self-healing. An important emphasis while using these systems lies with the concepts of their timeliness, functional correctness, safety of their operation as well as security of their trans- ferredandstoreddata,whichneedtobeassuredaccordingtoappropriatestandards on all levels of their operation. Hence, they need to be designed holistically by using the systems approach and engineering with respect to these standards. The dependability of cyber-physical systems is usually assured by redundancy and over-scaled components. This results in more complex designs and higher costs, but often without guaranteeing safety or security. To achieve better overall quality, much effort was invested in the search for standardized components, methods and tools apt to improve the designed system’s predictability and dependability. The design and development procedures of contemporary cyber-physical systems are well established, relatively cheap and widely used. Hardware components come with specifications, which undoubtedly state their capabilities and performance indicators. Complexity increases, however, when thereisaneedfortheirintegrationintolargerset-upsandsystem-levelperformance must be assured. Software makes things even more complicated, as the WORE (Write-Once-Run-Everywhere) principle is hard to achieve, and different software engineering techniques can lead to programs with very different quality-of-service while running on the same hardware platform. To achieve a managed level of quality(ofservice),systemsengineeringmethodsshouldenablehardware–software co-designaswellasefficientsystem’sdesignandsubsequentprototypeverification and validation before putting them to use. ix x Preface Throughout this book, a holistic quality of service-oriented approach to design and development of cyber-physical systems, with emphasis on their (timely) predictableanddependablebehaviour,ispresentedanddiscussed.Byfollowingthe standards for embedded system’s safety and using appropriate hardware and software components inherently safe system’s architectures can be devised and certified. At the same time their complexity is reduced to a reasonable level. The methodology and guidelines for designing and developing cyber-physical systems willresultintheirincreasedabilitytobecertifiedforsafetyandsecurityaswellas their improved interoperability. Celje Roman Gumzej January 2015