Autonomous and Critical Embedded Systems

Loosely Coupled Systems

The theme of loosely coupled systems focuses on distributed systems. It includes roughly 2 full professors (P. Kuznetsov, E. Najm) and 3 assistant professors. P. Kuznetsov (FP) focuses on algorithms for distributed systems and in particular for synchronisation and failure detection. S. Tardieu (AP) is getting back to research and is investigating research issues in the domain of the blockchain technologies (smart contracts) with P. Kuznetsov. Very recently, a new position (AP) has been opened in our team on algorithms for distributed systems and in particular on blockchain technology. E. Najm (FP) and S. Vignes (AP) are working on modelling, analysing and synthesising distributed services (in particular in the context of the Internet of Things). A. Diaconescu (AP) is addressing complex distributed systems and in particular those that interact in an autonomous and adaptative manner (like those present in smart grids and domestic systems). To summarise this theme, the most emblematic systems of this theme, because the most open, are certainly autonomic systems that are characterised by their ability to adapt to various behaviour models, sometimes inspired by human mechanisms. Similar characteristics can also be found in systems fors the Internet of Things (IoT), which also face constraints related to embedded systems.

Complex autonomic systems

Ada Diaconescu works on systems that adapt to unpredictable changes in their environments. The increasing development and reliance upon complex adaptive technical systems — such as smart grids, smart cities and the Internet of Things — raise serious technical challenges, with important socio-economic ramifications. Ada takes an interdisciplinary approach, and, from a software engineering perspective, analyses existing complex adaptive systems in nature — including inert physical systems, individual organisms and advanced societies — and aims to identify the reoccurring structures and processes behind their success.

The goal is to formalise these core structures and processes via reusable engineering artefacts, including generic principles, architectures, models, design patterns, frameworks, methodologies, platforms, and tools. Providing such engineering artefacts will provide the basis for facilitating the development and maintenance of viable and efficient artificial complex autonomic systems, which are becoming essential for our modern societies. These engineering artefacts are distilled progressively from experience with concrete projects in different application domains. Concrete contributions include four PhD thesis and several research internships on decentralised autonomic controllers in smart grids and smart homes (PhD Grehant) data management in complex (PhD Rodrigues), collaborations with EDF Labs, VEDECOM, University of Grenoble-Alpes, University of Colombia); a regional MONOLOGIC project, MEDICAL (ended in 2014) on self-managing data mediation systems (with University of Grenoble-Alpes, Orange Labs and ScalAgent); and several national and international collaborations resulting in co-authored publications, co-organised events, long stays in Hannover University and 14 invited talks such as Dagstuhl seminars.

As a complementary endeavour, Ada Diaconescu also examines the impact on society brought about by such complex technical systems, both in the short and long term, and considers viable alternatives.

Merging expertise in autonomic systems and communication networks, A. Diaconescu and M. Coupechoux (RMS team) have co-supervised a PhD student financed by VEDECOM (2015-2017) on the topic of self-adaptive
clustering of vehicular networks, based on both local wireless and cellular networks.

Fault-tolerant and asynchronous distributed computing

Petr Kuznetsov focuses on the foundations of distributed computing, assuming asynchronous or partially synchronous communication and component failures (from crash to Byzantine). A major part of his time over the years of 2013-2015 was devoted to the Marie-Curie ITN project on theoretical foundations of transactional memory, a programming paradigm intended to render concurrent system design tractable and efficient. The project enabled a thesis for one doctoral student (Srivatsan Ravi, now with USC).

In 2014 Petr Kuznetsov launched an ANR-DFG (jointed French-German) DISCMAT project on mathematical methods in distributed computing, in collaboration with D. Kozlov, a professor in mathematics at Bremen University, M. Raynal (U Rennes 1), and Achour Mostefaoui (Univ Nantes). Within the project, T. Rieutord, a doctoral student at Télécom ParisTech, managed to formulate an elegant combinatorial characterisation of a large class of distributed computing models, strongly generalising all previously established characterisations.

P. Kuznetsov’s work is mostly theoretical, though he periodically takes detours to systems research, such as hybrid transactional memory design, consistent software-defined networking, and blockchain-based services. Recently, he joined the BART project, accumulating blockchain-focused research undertaken by several research institutes of the Parisian metropolis (India, Télécom ParisTech, Télécom SudParis, and IRT SystemX). An associate professor position in this topic has been open at the ACES group, to be filled in summer 2018.

Model-Based Testing

Supporting verification activities to validate models is a shared interest of ACES members. Using formal approaches is necessary and sometimes even required. Our research contributions in this field concern reactive systems that are permanently interacting with their physical environment and that are subject to external timing constraints. The challenge is to obtain a high-level confidence in Functional Validation of such systems, towards a verification workflow compatible with stringent certification.

The research undertaken by S. Vignes focuses on Model-Based Testing (MBT) of a reactive system in co-simulation with a physical process. The contribution concerns the positioning of model-checking techniques upstream of the development cycle to consolidate the functional validation of a critical system (PhD Sun). In collaboration with E. Borde, S. Vignes studied relations between formalised application of Model-Based Systems Engineering and model transformation.

In the period 2013-2017, S. Vignes mainly contributed to the French project CONNEXION and directed the doctoral thesis of Yanjun Sun. This project aimed at improving the development process of the Instrumentation & Control (I&C) system of nuclear power plants. I&C systems were modelled using synchronous data-flow language (Scade, Lustre) and were co-simulated with the physical process model (Modelica). We beneficially interacted with the academic partner CEA-LIST, using its tools towards the verification platform: (i) ARTiMon for real-time observations at execution time and (ii) the model checker GATeL to satisfy test objectives.

Security in Internet of Things

In the area of loosely-coupled systems, research interests of J. Leneutre lie in security issues of Internet of Things (IoT). Providing security in IoT is a challenging task. In particular, there is a need for protocols providing a secure management of objects in order to add new objects to a local network, to change their administrative domain, or to revoke them. These protocols, usually grouped in a process called security bootstrapping, are a pre-requisite for the definition of authentication and access control mechanisms. Such protocols use classical cryptographic mechanisms but also rely on assumptions about physical characteristics (existence of an out-of-band or human assisted channel, location or signal range of the device, shared contextual information, etc.). Formally proving security properties for these protocols becomes a new challenge: most of existing security protocol verification approaches do not, or only partially, take these physical characteristics into account. The thesis of Trung Nguyen proposed a security bootstrapping mechanism, parts of which have been verified formally. This work is pursued in the context of the CIFRE thesis of Aida Diop at Orange R&D, co-supervised by Maryline Laurent from Télécom SudParis.

Distributed services

The main focus of E. Najm’s research was on safe design and development of services, in two main areas: web-based interactive services and IoT-based autonomous services.

For web-based services, we considered the issue of the safe interaction of the orchestration of loosely coupled and independently designed services. Such services may interact in an inappropriate and incompatible manner resulting in run-time errors. Interaction errors manifest themselves when unexpected messages or when messages containing values with unexpected types are received. To mitigate this problem we investigated a typing approach whereby services that are checked to be well-typed at compile time are guaranteed to be interaction safe at run-time. We revisited and enhanced the well-known industry standard orchestration language WS-BPEL in view of its usage as a web service orchestrator. We defined also a typing algorithm that checks if an orchestrated service behaves according to its declared provided and required types. This work was published in the Journal of Logic and Algebraic Programming (PhD Michaux).

For IoT-based autonomous services, where services deployed, e.g. in a smart home, may share sensors and actuators, we considered the issue of designing conflict free services with maximised user satisfaction. To address these issues, we define service clusters endowed with orchestrators that manage access conflicts within these clusters. We provided also an algorithm that maximises a utility function that reflects end user satisfaction, and a set of rules to check the consistency and validity of the services and their orchestrators (patent). R. Sharrock worked on extending the autonomic architecture in order to manage misunderstanding situations and facilitate the sense making processes in the Autonomic Smart-Home.

Coordination of work on adaptive service compositions for the smart home (part of the SEIDO II Lab) to provide two complementary approaches: E. Najm and R. Sharrock focused on offline service composition, ensuring validity and absence of conflicts in the deployed system and on designing a simulator for detecting these conflicts; and Ada Diaconescu focused on online service composition, aiming to find system adaptation solutions for runtime changes that were not predicted offline.