Software Engineering Techniques for the Development of Systems of Systems Radu Calinescu and Marta Kwiatkowska Computing Laboratory, University of Oxford 15th Monterey Workshop Foundations of Computer Software, Future Trends and Techniques for Development
Outline 1 Context LSCITS Initiative Definitions 2 Prototype Framework for SoS Development Challenges and Candidate SE Solutions Technical Details 3 Case Study Overview Results
LSCITS Initiative Large-Scale Complex IT Systems (LSCITS) LSCITS Initiative UK research and training initiative in the science and engineering of Large-Scale Complex IT Systems Research Programme, 2007 2012 Doctoral Training Programme, 2009 2015
LSCITS Initiative Large-Scale Complex IT Systems (LSCITS) LSCITS Initiative UK research and training initiative in the science and engineering of Large-Scale Complex IT Systems Research Programme, 2007 2012 Doctoral Training Programme, 2009 2015 5 UK universities (Bristol, Leeds, Oxford, York, St. Andrews); industrial & public-sector partners LSCITS stack
Definitions From systems... system a set or assemblage of things connected, associated, or interdependent, so as to form a complex unity a whole composed of parts in orderly arrangement according to some scheme or plan Oxford English Dictionary, 2008
Definitions From systems... System system a set or assemblage of things connected, associated, or interdependent, so as to form a complex unity a whole composed of parts in orderly arrangement according to some scheme or plan Oxford English Dictionary, 2008
Definitions From systems to system of systems... System System of systems system of systems (SoS) The things that compose the system: have operational autonomy pursue their own, local objectives in addition to contributing to the global ones are systems in their own right Maier, 1999; Boardman & Sauser, 2006
Definitions From systems to system of systems... System System of systems system of systems (SoS) The things that compose the system: have operational autonomy pursue their own, local objectives in addition to contributing to the global ones are systems in their own right Maier, 1999; Boardman & Sauser, 2006 system of systems are important Underpinning key applications in healthcare, energy, transportation, aerospace, defence,...
Definitions From systems to system of systems... System System of systems system-of-systems characteristics unprecedented size, diversity, variability and complexity unforeseen interactions and emergent behaviour
Definitions From systems to system of systems... System System of systems system-of-systems characteristics unprecedented size, diversity, variability and complexity unforeseen interactions and emergent behaviour heterogeneous components often developed, procured and managed independently component systems may belong to more than one SoS, which they can join and leave dynamically
Definitions From systems to system of systems and beyond System System of systems ultralarge-scale systems (ULS) Systems of systems characterised by: incomplete & continually changing requirements and components normal failures Feiler et. al, 2006; Goth, 2008 Ultra large scale system
Challenges and Candidate SE Solutions Software Engineering Techniques for SoS Development System basic idea Existing SE techniques are unable to address the whole spectrum of challenges associated with the development of systems of systems... System of systems Ultra large scale system
Challenges and Candidate SE Solutions Software Engineering Techniques for SoS Development System System of systems basic idea Existing SE techniques are unable to address the whole spectrum of challenges associated with the development of systems of systems...... yet, the SoS development frameworks of the future are bound to incorporate some of today s SE techniques or enhanced variants of them Ultra large scale system
Challenges and Candidate SE Solutions Software Engineering Techniques for SoS Development specification of global objectives Global objectives of effective SoS specified through high-level rewards/penalties ecosystems laws of nature cities common/civil laws economies taxation policies
Challenges and Candidate SE Solutions Software Engineering Techniques for SoS Development specification of global objectives Global objectives of effective SoS specified through high-level rewards/penalties ecosystems laws of nature cities common/civil laws economies taxation policies (policy-based) autonomic computing supports the development of technical systems that manage themselves based on a set of high-level policies
Challenges and Candidate SE Solutions Software Engineering Techniques for SoS Development component interoperability & security SoS development involves the integration and secure interoperation of vastly diverse technical systems
Challenges and Candidate SE Solutions Software Engineering Techniques for SoS Development component interoperability & security SoS development involves the integration and secure interoperation of vastly diverse technical systems service-oriented architectures platform independence, loose coupling and support for security good for implementing new systems, or front-ends to legacy systems that need to be integrated into an SoS
Challenges and Candidate SE Solutions Software Engineering Techniques for SoS Development adaptiveness SoS components must collaborate with peer systems whose characteristics are often unknown until runtime.
Challenges and Candidate SE Solutions Software Engineering Techniques for SoS Development adaptiveness SoS components must collaborate with peer systems whose characteristics are often unknown until runtime. model-driven development & code generation offer the promise of generating the necessary interfaces and logic for collaborating with unknown types of peer systems at runtime
Challenges and Candidate SE Solutions Software Engineering Techniques for SoS Development predictability and dependability Global objectives must be achieved in predictable and dependable ways, through the collaboration of components systems with potentially conflicting local objectives.
Challenges and Candidate SE Solutions Software Engineering Techniques for SoS Development predictability and dependability Global objectives must be achieved in predictable and dependable ways, through the collaboration of components systems with potentially conflicting local objectives. formal verification/analysis mathematically-based techniques for analysing the qualitative and quantitative properties of a system starting from a model of its behaviour
Challenges and Candidate SE Solutions Software Engineering Techniques for SoS Development challenge: flexibility, adaptiveness, longevity Systems of systems are required to attain high levels of longevity through continual adaptation to changes in their environment, structure and objectives.
Challenges and Candidate SE Solutions Software Engineering Techniques for SoS Development flexibility, adaptiveness, longevity Systems of systems are required attain high levels of longevity through continual adaptation to changes in their environment, structure and objectives. dynamic reconfiguration enables re-purposing online machine learning updates the knowledge in line with observed changes in the system behaviour
Challenges and Candidate SE Solutions Software Engineering Techniques for SoS Development component integration & collaboration SoS components are expected to actively seek partner systems and establish collaborations with them.
Challenges and Candidate SE Solutions Software Engineering Techniques for SoS Development component integration & collaboration SoS components are expected to actively seek partner systems and establish collaborations with them. resource discovery techniques employed by today s grid- and web-based distributed systems can be extended for use in SoS component-based development provides techniques for the integration of existing and future commercial, open-source and proprietary systems
Challenges and Candidate SE Solutions Software Engineering Techniques for SoS Development
Challenges and Candidate SE Solutions Summary
Technical Details System Model model = (S, C, f) f : S C S (system behaviour) configuration (read-write system parameters) state (read-only system parameters)
Technical Details System Model model = (S, C, f) f : S C S (system behaviour) configuration (read-write system parameters) state (read-only system parameters) model XML document, so that model transformations and code generation can be performed using of-the-shelf tools instance of well-defined metamodel (i.e., XML schema), so that all models have the same type
Technical Details Probabilistic model checking/quantitative analysis in a nutshell Probabilistic model checker PRISM tool for the formal modelling and analysis of systems which exhibit random or probabilistic behaviour discrete- and continuous-time Markov chains, and Markov decision processes a property specification in the temporal logics probabilistic computational tree logic, and continuous stochastic logic a a extended with costs and rewards
Technical Details Probabilistic model checking/quantitative analysis in a nutshell (running) example: cluster availability given: a cluster topology; the failure rates for its components (i.e., servers, switches, ISP); the number of servers required to handle the cluster workload (req servers); and the (larger) number of servers in the cluster what is the expected percentage of a one-year time period during which at least reg servers are available?
Technical Details Probabilistic model checking/quantitative analysis in a nutshell
Technical Details Autonomic computing policies p action : S C C p goal : S C {false, true} p utility : S C R
Technical Details Autonomic computing policies p action : S C C p goal : S C {false, true} p utility : S C R p definition : S C M S C, where s S; c C p definition (s, c) = (model, s, c ) model = (S, C, f )
Overview Federation of clusters each datacentre contains a set of N > 0 variable-workload clusters whose server allocations are optimised by the autonomic manager so as to maximise the availability-based utility policy N i=1 priority i GOAL(availability i l i ) ɛ N i=1 servers i
Overview Federation of clusters additionally, a definition policy is used to expose a) any spare servers, so that they can be leased to peer systems b) the utility achieved by the datacentre, so that datacentre dashboards can be generated dynamically S = {id : string, spareservers : int, utility : int, maxutility : int} C = {peerid : string, requestedservers : int, svc : string} dom f =
Results Isolated Datacentre
Results Datacentre within SoS
Conclusions Today s SE techniques are the starting point for the SoS development approaches of the future including formal methods, model-driven development, code generation, reconfigurable architectures integrating these techniques is a good way of identifying their strengths and limitations
Conclusions Today s SE techniques are the starting point for the SoS development approaches of the future including formal methods, model-driven development, code generation, reconfigurable architectures integrating these techniques is a good way of identifying their strengths and limitations More (hidden) foundation is needed formal verification of parameterised families of models, incremental model checking online machine learning, model synthesis
Otherwise...
Thank you Questions?