Research

Cyber-Physical Systems (CPS) integrate computational processes with physical processes. Different systems are summarised in this term, from cars, trains, and aircrafts to modern smart home systems. These systems must meet requirements of openness, connectivity, increased software-implemented functionality, flexible configurability, dependability, and resilience, all in a cost-effective way, and during all phases of their life-time. The limitations of current CPS design approaches become obvious when trying to fulfil these requirements simultaneously. The central concept to cope with the ever-increasing complexity of CPS, alongside functional decomposition, is the definition of views which enable the specialisation of developer roles. While dealing with component dependencies is well researched, the unsolved scientific challenge of view consistency is the central reason for the above-mentioned trade-offs between configurability, functionality, dependability, and cost-effectiveness. The aim of this CRC is to develop a general, comprehensive understanding of view consistency and mechanisms to detect and, when possible, automatically or interactively resolve consistency violations between views in CPS design.

Before realising a complex software-intensive system it is worth analysing its emerging properties. Analyses are applied for investigating systems for quality properties or properties specific to a given domain. Model-based analysis is the appropriate technique to do that early in development to avoid inappropriate design decisions and costly design flaws. For today’s heterogeneous and complex systems, analysis techniques become complex as well. To master the development of tailor-made analysis techniques, decomposition and composition of analyses is unavoidable. The very different nature of quality properties has led to the use of individual analysis techniques and independent tools for each quality property. Moreover, recently emerging innovations like internet of things and cyber-physical systems combine several domains, such as software, electrics/electronics and mechanics. In consequence, analyses need to be (de)composed along quality properties and domain-specific properties. The goal of the FeCoMASS project is to provide more flexibility in model-driven engineering by investigating foundations of decomposition and composition mechanisms specifically for model- based analyses for tomorrow’s increasingly heterogeneous and complex systems. For this purpose, we will investigate in (1) (de)compositional semantics for modelling languages and analysis techniques to ensure sound analysis results, (2) concepts and guidelines for flexible use and reuse of model-based analyses, and (3) foundations for easily configurable constructions of model-based analyses.

Future mobility solutions will be data-driven and strongly oriented towards the needs of users. Personal data is often essential, but is subject to data protection regulations. The ANYMOS competence cluster uses specific use cases to investigate the use of anonymization techniques while retaining the utility value of the data. The advantage of anonymization, which is reducing uncertainties about the data protection-compliant handling of personal data, must not come at the expense of the usability of data for specific applications.

The ANYMOS competence cluster pursues the long-term goal of establishing anonymization as an enabling technology in order to reduce uncertainties regarding the need to apply data protection regulations when sharing and using data and to maintain Germany's strong position in the automotive and public transport sectors, including in data-driven innovations. As an instrument to reduce uncertainties, ANYMOS will develop and establish a process model that helps companies to identify anonymization needs and possibilities for use cases in the field of mobility, to select suitable anonymization methods according to the state of the art in research and technology, to apply them correctly and to systematically identify and evaluate re-identification risks.

The research group Dependability of Software-intensive Systems is involved in the joint project Software-Defined Car through a total of four research topics. First, we address the anonymization of vehicle data at the level of software architecture. In this context, we provide techniques to analyze whether concrete anonymization procedures provide sufficient data protection. Second, we are researching the conception of an operationalized conceptual model for the joint handling of software variants and versions. Based on the Vitruvius approach, we develop a methodology for maintaining consistency of variants and versions consisting of heterogeneous artifacts. Third, we investigate typical modeling and programming languages with respect to common and different language features. On this basis, we develop a methodology for adapting and combining languages by configuring and composing language components. Fourth, we address the derivation of delta-based changes from views in software development. To this end, we provide a methodology for bidirectional consistency preservation of heterogeneous views.

The Palladio research project aims at the development of methods and tools for systematically constructing component based software architectures with predictable quality attributes. For predicting the quality of service of software architectures we utilise and enhance existing prediction models, such as stochastic Petri nets, queuing models and Markov models in general is a special modeling language targeted at model-driven performance predictions. The PCM is accompanied by several model transformations, which derive stochastic regular expressions, queuing network models, or Java source code from a software design model. Software architects can use the results of the analytical models to evaluate the feasibility of performance requirements, identify performance bottlenecks, and support architectural design decisions quantitatively.

During the development of large software-intensive systems, developers use several modeling languages and tools to describe a system from different viewpoints. Model-driven and view-based technologies have made it easier to define domain-specific languages and transformations. Nevertheless, using several languages leads to fragmentation of information, to redundancies in the system description, and eventually to inconsistencies. Inconsistencies have negative impacts on the system’s quality and are costly to fix. The Vitruvius approach adresses this issue with view-based methods for consistency modeling and preservation, and a model-driven development process. Vitruvius is implemented prototypically using the Eclipse Modeling Framework.