Embedded control systems : Challenges and opportunities

1
Embedded control systems Challenges and
opportunities

• George J. Pappas
• School of Engineering and Applied Sciences
• University of Pennsylvania

2
Medical Device Software and Systems

• Organized workshop in Philadelphia, June 2005
• One hundred participants from
• academia
• medical sectors (care-givers, researchers, etc.)
• industry
• government agencies
• Sponsors NSF, NCO, Penn Engineering
• Supporting government agencies FDA, NIST, NSA,
  ARO
• Goals
• Identify research challenges and emerging issues
• Produce a comprehensive report on research needs
  and roadmap at the national level across multiple
  agencies
• Create a new scientific community

3
Six Working Groups

• Foundations for Integration of Medical Device
  Systems/Models
• Distributed Control Sensing of Networked
  Medical Device Systems
• Patient Modeling Simulation
• Embedded, Real-Time, Networked System
  Infrastructures for MDSS
• High-Confidence Medical Device Software
  Development Assurance and Medical
  Practice-driven Models
• Certification of MDSS and Requirements

4
Roadmap Phase I (0-2 years)

• Understand certification process
• Create a research community
• Open experimental platforms

5
Roadmap Phase II (0-5 years)

• Standards for secure data, communication,
  context.
• Robust real-time middleware infrastructure
• Interoperable, PnP device networks
• Metrics for assurance and certification
• Formalization of clinical, system requirements
• User-centered design

6
Roadmap Phase III (0-10 years)

• Patient models and simulators
• Foundations for heterogeneous model-based design
• Adaptive (reconfigurable), fault-tolerant,
  distributed
• control
• Component-based verification/certification/testing
  
• Incremental certification

7
More details at

• IEEE Computer, April 2006
• NCO report forthcoming.

8
Controller synthesis

• The main controller synthesis equation
• or a more relaxed version
• Equations can be interpreted over various model
  types
• Various semantics of composition and equivalence

9
Discrete semantics

• The main controller synthesis equation
• or a more relaxed version
• Models Finite state automata
• Composition
• Equivalence
• Order

10
Continuous semantics

• The main controller synthesis equation
• or a more relaxed version
• Models Control systems
• Composition Feedback composition
• Equivalence Asymptotic equivalence
• Order Trajectory inclusion

11
Issues

• Equation is homogeneous (A,X,B of same type)
• Equation is binary (true or false)

12
Challenge Heterogeneous Control

• Solve the following equation
• when A, X, B are systems of different type.
• Some success when A continuous
• B discrete
• X hybrid

13
Challenge From exact to robust

• Replace the following equation
• with a quantitative version such as
• Requirement

A. Girard, G.J.Pappas, Approximation metrics for
discrete and continuous systems, IEEE TAC, 2006
14
Large-scale safety verification

• Using Matisse
• Reachable sets of the 1. 100 dimensional linear
  system,
• 2. 6 dimensional approximation,
• 3. 10 dimensional approximation.

15
Large-scale safety verification

• Using Matisse
• The more robustly safe the system,
• the more we can compress the model
• the easier safety verification becomes

16
Verification versus Simulation

• Consider the finite horizon safety verification
  problem
• Verification Simulation

Reach(I)
I
Completeness () Automated () Complexity (-) Sim
ple models (-)
Completeness (-) Automated (-) Complexity () Com
plex models()
17
Verification using Robust Simulation

• Idea Metrics enable robust
  simulations
• Completeness If dgt0 then a finite number of
  simulations suffices
• Complexity O(-log(d))

I
A. Girard, G.J. Pappas, Verification using
simulation, Hybrid Systems Computation and
Control, 2006.
18
Challenges

• Bridging the gap between testing and verification
• Control methods for intelligent (malicious?)
  testing
• Understand tradeoffs between robustness and
• complexity in the context of verification and
  testing

19
Mapping model-based design to platforms

• Context Model-based design, platform-based
  implementation
• Problem Relationship between model and
  implementation properties
• Goal Formalize and quantify the implementation
  error
• Focus Feedback control designs over
  time-triggered platforms

Model Based Design

Implementation error
Code Generation
-
Platform Based Implementation
20
Closed-loop implementation error
Plant

Controller (SIMULINK)
-
Plant
Controller Implementation
H. Yazarel, A. Girard, G.J.Pappas, R. ALur,
Quantifiying the gap between embedded control
models and time-triggered implementations.
IEEE RTSS 2005.
21
Challenge Adaptive, self-monitoring embedded
systems
Monitor/ Control
22
Challenges

• Consider uncertain, nonlinear, hybrid
  models/controllers
• Characterize impact of scheduling/platforms on
  performance
• Rethink digital control
• Physically guided static/dynamic scheduling
  approaches
• Separation principles for control and
  scheduling
• Resource-aware control theory

23
More Challenges

• Interface theory for control and sensing
• Higher than behavioral semantics
• Functional and non-functional properties
• What is the price of modularity ?
• Architectural languages for control and sensing
• Science of system architecture
• Distributed control of interconnected systems
• Impact of topology architecture
• Topology control using dynamic reconfiguration

24
AppendixHCMDSS Research Challenges

25
Foundations for Integration of Medical Device
Systems/Models

• Model-based development and integration
• Plug-n-Play device networks
• Electronic health records and information sharing
• Virtual validation and component-based testing
• Monitoring and post-intervention analysis
• Human-centered design

26
Distributed control and sensingfor networked
medical devices

• Embedded systems technology
• Formal frameworks for embedded and hybrid systems
• System of (control) systems
• Algorithms
• System integration and performance issues
• Human in the loop

27
Patient modeling and simulation

• Multi-scale, heterogeneous modeling
• Accessible, coarse models for design, detailed
  for testing
• Patient models in normal/abnormal situations
• Models must capture uniqueness of each patient
• Modeling of users, contexts, environments

28
Embedded, real-time, networkedinfrastructure for
medical devices

• Interoperable data, devices, communication
• Security and privacy
• Large-scale medical information management
• Interaction of devices with different levels of
  criticality
• Multiple-level QoS tradeoffs
• Design for certification

29
Software development and assurancePractice-driven
models

• Open experimental platforms for research purposes
• Analysis/validation/verification of feature
  interactions
• Metrics for reliability, usability, etc.
• Transparency, interoperability, and reliability
  in the face of market forces that promote
  features and low cost
• Integration of disparate systems into a coherent
  whole

30
Certification and requirements

• Modeling of clinical environments and processes
• Testing from clinical requirements
• Component-wise certification
• Incremental certification
• Certification in the context of communication and
  security

31
Roadmap Phase I (0-2 years)

• Understand certification process
• Create (medical device) research community
• Open experimental platforms

32
Roadmap Phase II (0-5 years)

• Standards for secure data, communication,
  context.
• Robust real-time middleware infrastructure
• Interoperable, PnP device networks
• Metrics for assurance and certification
• Formalization of clinical, system requirements
• User-centered design

33
Roadmap Phase III (0-10 years)

• Patient models and simulators
• Foundations for heterogeneous model-based design
• Adaptive (reconfigurable), fault-tolerant,
  distributed
• control
• Component-based verification/certification/testing
  
• Incremental certification