This paper introduces design contracts between control and embedded software engineers for building Cyber-Physical Systems (CPS). CPS involves a variety of disciplines mastered by teams with diverse backgrounds. Many system properties influence the in more than one discipline. The lack clearly defined interfaces burdens interaction collaboration. We show how can facilitate 2 groups: engineers. A contract is an agreement on certain system. Every party specifies requirements assumptions...

In this paper, we explain how to achieve deterministic execution of FMUs (Functional Mockup Units) under the FMI Interface) standard. particular, focus on co-simulation, where an FMU either contains its own internal simulation algorithm or serves as a gateway tool. We give conditions design and master algorithms (which orchestrate FMUs) co-simulation. show that with current version standard, these demand capabilities from are optional in standard rarely provided by practice. When lacking...

We present a layered end-to-end approach for the design and implementation of embedded software on distributed platform. The comprises high-level modeling simulation layer (Simulink), middle-level programming validation (SCADE/Lustre) low-level execution (TTA). provide algorithms tools to pass from one next. First, translator Simulink Lustre. Second, set real-time code-distribution extensions Third, techniques decomposing Lustre program into tasks messages, scheduling messages processors...

We present a method of translating discrete-time Simulink models to Lustre programs. Our consists three steps: type inference, clock and hierarchical bottom-up translation. In the process, we explain formalize typing timing mechanisms Simulink. The has been implemented in prototype tool called S2L, which used context European research project translate two automotive controller provided by Audi.

In this paper, we explain how to achieve deterministic execution of FMUs (Functional Mockup Units) under the FMI Interface) standard. particular, focus on co-simulation, where an FMU either contains its own internal simulation algorithm or serves as a gateway tool. We give conditions design and master algorithms (which orchestrate FMUs) co-simulation. show that with current version standard, these demand capabilities from are optional in standard rarely provided by practice. When lacking...

Cyber-physical systems (CPS) are becoming indispensable in our modern way of life. As an application domain CPS is not new. intellectual discipline, however, it is. This paper focuses on modeling, which essential activity design, with multiple challenges. In particular, stakeholders lack a systematic framework and guidelines to help them choose among the many available modeling languages tools. We propose such this paper. Our consists three elements: viewpoints, capture stakeholders'...

Model-based design methodologies are commonly used in industry for the development of complex cyber-physical systems (CPSs). There many different languages, tools, and formalisms model-based design, each with its strengths weaknesses. Instead accepting some weaknesses a particular tool, an alternative is to embrace heterogeneity, develop tool integration platforms protocols leverage from environments. A fairly recent attempt this direction functional mock-up interface (FMI) standard that...

The Simulink/Stateflow toolset is an integrated suite enabling model-based design and has become popular in the automotive aeronautics industries. We have previously developed a translator called Simtolus from Simulink to synchronous language Lustre we build upon that work by encompassing Stateflow as well. problematical for languages because of its unbounded behaviour so propose analysis techniques define subset which can semantics. go further "safe" elides features are potential sources...

We introduce problems of decentralized control with delayed communication, where delays are either unbounded or bounded by a given constant k. In the k-bounded-delay model, between transmission message and its reception, plant can execute at most k events. unbounded-delay any number events reception. show that our framework yields an infinite hierarchy problems, containments strict, CC is set solvable single controller (centralized case) DCC/sub k/ (respectively, DCUC, DC) two controllers in...

We present a framework integrating specification and scheduler generation for real time systems. In first step, the system, which can include arbitrarily designed tasks (cyclic or sporadic, with without precedence constraints, any number of resources CPUs) is specified as timed Petri net. second our tool generates most general non preemptive online specification, using controller synthesis technique.

Synchronous systems offer a clean semantics and an easy verification path at the expense of often inefficient implementations. Capturing design specifications as synchronous models then implementing in less restrictive platform allow to address much larger space. The key issue this approach is maintaining semantic equivalence between model its implementation. We problem by showing how map onto loosely time-triggered architecture that fairly straightforward implement it does not require...

Compositional theories are crucial when designing large and complex systems from smaller components. In this work we propose such a theory for synchronous concurrent systems. Our approach follows so-called interface theories, which use game-theoretic interpretations of composition refinement. These appropriate with distinct inputs outputs, explicit conditions on that must be enforced during composition. interfaces model execute in an infinite sequence rounds. At each round, contract...