This proposal has been approved and the Eclipse ESCET (Supervisory Control Engineering Toolkit) project has been created.
Visit the project page for the latest information and development.

Go to Project

Eclipse ESCET (Supervisory Control Engineering Toolkit)

Friday, September 6, 2019 - 04:26 by Bert Van Beek
Basics
This proposal is in the Project Proposal Phase (as defined in the Eclipse Development Process) and is written to declare its intent and scope. We solicit additional participation and input from the community. Please login and add your feedback in the comments section.
Project
Eclipse ESCET (Supervisory Control Engineering Toolkit)
Parent Project
Eclipse Technology
Proposal State
Created
Background

The Compositional Interchange Format (CIF) for hybrid systems is an automata-based modeling language for the specification of discrete event, timed, and hybrid systems. The CIF tooling supports the entire development process of (supervisory) controllers, including among others specification, supervisory controller synthesis, simulation-based validation and visualization, formal verification, real-time testing, and code generation.

Various versions of CIF have been created and developed at the Eindhoven University of Technology (TU/e) in The Netherlands since 2007. CIF has been applied in industry, mostly by students from the TU/e. There is great interest in industry for both model-based design of (supervisory) controllers and supervisory controller synthesis. However, the lack of commercial support for CIF from the TU/e has prevented wide-spread adoption of CIF by industry. The TU/e sees transferring CIF to the Eclipse Foundation as the next step for the future of CIF.

The goal is, together with the other parties interested in the use of CIF, to create a larger community around CIF. The aim is to make it easier for all parties to contribute together to the development of CIF in an open setting. Furthermore, CIF should no longer be seen as academic, but instead should receive more industrial attention and support. The TU/e believes the Eclipse Foundation is an excellent fit for the future of CIF.

The TU/e further foresees that, in the future, CIF may not be the only modeling language and toolset to tackle industrial development of (supervisory) controllers. As such, the proposal is to name the Eclipse project ‘Eclipse ESCET (Supervisory Control Toolkit)’. The project then starts with CIF as initial modeling language and toolset contribution. The initial community is the current CIF community. 

Scope

The scope of the Eclipse ESCET (Supervisory Control Toolkit) project is to create a toolkit for the development of supervisory controllers. The toolkit has a strong focus on industrial applicability, e.g. to cyber physical systems. The toolkit includes tooling to support the entire development process of (supervisory) controllers, including among others specification, supervisory controller synthesis, simulation-based validation and visualization, formal verification, real-time testing, and code generation.

Description

High-tech companies increasingly adopt the Model-Based Systems Engineering (MBSE) paradigm. The use of (formal) models for controller design allows validation and verification of controllers long before they are implemented and integrated into the system. Early validation and verification have been shown to lead to less defects and reduced costs.

The Eclipse Supervisory Control Toolkit (ESCT) project provides a toolkit for the development of supervisory controllers in the MBSE paradigm. The toolkit has a strong focus on model-based design, supervisory controller synthesis, and industrial applicability, for example to cyber physical systems. The toolkit supports the entire development process of (supervisory) controllers, from modeling, supervisory controller synthesis, simulation-based validation and visualization, and formal verification, to real-time testing and implementation.

Supervisory controller synthesis is the key feature of the toolkit. It involves the automatic generation of supervisory controllers from a specification of the uncontrolled system and the (safety) requirements that the controller needs to enforce. This shifts controller design from ‘how should the implementation work’ to ‘what should the controller do’. Implementation of the controller is achieved through (implementation language) code generation, reducing the number of errors introduced at this stage.

The ESCT project currently features one modeling language, CIF. The language is a powerful automata-based modeling language for the specification of discrete event, timed (linear dynamics), hybrid (piecewise continuous dynamics) systems. It can be seen as a rich state machine language with the following main features:

  • Modular specification with synchronized events and communication between automata.
  • Many data types are available (booleans, integers, reals, tuples, lists, arrays, sets, and dictionaries), combined with a powerful expression language for compact variables updates.
  • Text-based specification of the automata, with many features to simplify modeling large non-trivial industrial systems.
  • Primitives for supervisory controller synthesis are integrated in the language.

Highlights of the CIF tooling in the ESCT project:

  • Text-based editor that allows to easily specify and edit models.
  • Feature-rich powerful data-based synthesis tool. A transformation to the supervisory controller synthesis tool Supremica is also available.
  • A simulator that supports both interactive and automated validation of specifications. Powerful visualization features allow for interactive visualization-based validation.
  • Conversion to formal verification tools such as mCRL2 and UPPAAL.
  • Implementation language code generation (PLC languages, Java, C, and Simulink) for real-time testing and implementation of the designed controller.
Licenses
The MIT License (MIT)
Legal Issues

The initial contribution from the TU/e is licensed under the MIT license. We do not foresee any licensing issues.

There are other parties that use the name CIF, see for instance https://en.wikipedia.org/wiki/CIF. CIF is a registered as trademark for various product and services, including a cleaning product (see https://trademarks.justia.com/872/25/cif-87225621.html), heating oil (see https://trademarks.justia.com/778/00/cif-77800231.html), etc (see https://trademarks.justia.com/search?q=cif). An exhaustive search was not performed.

Why Here?

The main reason to choose for the Eclipse Foundation is outlined in the ‘Background’ section.

Furthermore, CIF is a set of Eclipse plug-ins, and provides an Eclipse product. Therefore, the Eclipse Foundation is a logical fit as a new home for CIF.

Future Work

The overall goal is to develop a state-of-the-art toolkit for the development of supervisory controllers for high tech systems including:

  • Automated generation of supervisory controllers based on formal requirement models and plant models.
  • Simulation based validation and interactive visualization of plant models and controller models.
  • Analysis of requirements and synthesized supervisors.
  • Generation of PLC-based or PC-based controller code.

The intention is to extend the toolkit with tools for requirements engineering, performance analysis, scheduling and verification. We also intend to provide the toolkit as a dedicated Eclipse application for supervisory control system development.

A key component of the toolkit is CIF (Compositional Interchange Format for hybrid systems), an automata-based modeling language for the specification of discrete-event, timed, and hybrid systems. CIF tooling supports the entire development process of controllers, including among others specification of requirements, specification of plant components, supervisory controller synthesis, simulation-based validation and visualization, transformation to verification tools, real-time execution and code generation.

An important focus for future development will be improvements of the CIF toolset itself, such as:

  • Improving the capabilities of dealing with timed and hybrid systems.
  • Improving the performance of the synthesis algorithms.
  • Improving the real-time visualization functionality.

Another development is extending the Eclipse ESCET to enhance its applicability for supervisory controllers in the contexts of industrial partners in the following ways:

  • Develop Domain Specific Languages for the specification of supervisory controllers for specific industrial problem domains.
  • Facilitate the development of robust supervisory controllers and code generation for (safety) PLCs.
  • Improve the scalability of the specification language.
  • Support visualization for the development of models.

Finally, the project aims at realization of support for the Eclipse ESCET in terms of bug-fixing, regular builds following the Eclipse release cycle, and manuals and instruction material.

As the name suggests, CIF was originally developed to easily connect various tools, which makes it an ideal platform to facilitate the inclusion of future industrial and academic partners in this project. As a first step to grow the community, we plan to set up a user group of interested parties around the project, including the industrial parties already interested in CIF. This group will share experiences related to the development of (supervisory) controllers, and determine what is missing or otherwise needed in the toolkit, thus contributing to the future direction of the project. 

Project Scheduling

The initial contribution is scheduled for 2020Q1. It will include a fully working CIF product, which successfully compiles. The first release as an Eclipse project is foreseen for 2020Q2.

People
Project Leads
Bert Van Beek
Dennis Hendriks
Committers
Albert Hofkamp
Bert van Beek
Dennis Hendriks
Mentors
Jens Reimann
Interested Parties

The following organisations, companies and projects will be involved in launching this project:

  • Eindhoven University of Technology, The Netherlands
  • Netherlands Organisation for Applied Scientific Research (TNO), The Netherlands
  • ASML, The Netherlands
  • Directorate-General for Public Works and Water Management (Rijkswaterstaat), The Netherlands
Source Code
Initial Contribution

The initial contribution for the Eclipse ESCET will consist of CIF 3, the third and current version of CIF. The existing code base for CIF includes the source code, documentation, and tests for the CIF plug-ins and products, more specifically:

  • CIF language, parser, type checker, pretty printer.
  • CIF common libraries.
  • CIF Eclipse Platform IDE-based text editor.
  • CIF simulator.
  • CIF supervisory controller synthesis tools.
  • Conversions from CIF to various other modeling languages, e.g. to mCRL2, UPPAAL.
  • CIF code generators, e.g. for C code, Java code, PLC code.
  • Other miscellaneous CIF tools, e.g. CIF merger, CIF explorer.
  • CIF website and documentation.
  • CIF examples.

Furthermore, CIF requires the following other toolsets, also developed by the TU/e, and also part of the transfer to the Eclipse Foundation as part of the initial contribution:

  • Common libraries, a collection of various reusable Java libraries for various purposes. CIF and the other toolsets described here use these at least some of these common libraries.
  • Common application framework, an application framework that provides common functionality for applications. Its main feature is an abstraction layer that allows applications to run both as a stand-alone Java program (say, from the command line), as well as within the Eclipse Platform IDE. It provides among others a uniform end-user experience, crash reports, user friendly error messages, and other basic functionality needed by most applications, to reduce the overhead needed for developers to develop an application with a consistent user-friendly experience. All CIF, SeText and ToolDef applications are created using the common application framework.
  • SeText, a toolset for the specification of the syntax of a language as well as automatic generation of scanners and LALR(1) parsers. It optionally also facilitates integration into the Eclipse Platform IDE. The CIF scanner and parser are generated using SeText.
  • ToolDef, a cross-platform and machine-independent scripting language. It supports command line execution, but is also available as plug-in for the Eclipse Platform IDE, providing an integrated development experience. ToolDef can be seen as an alternative to Linux shell scripts and Windows batch files. CIF features integration with ToolDef, to allow scripting of all CIF tools.

The TU/e is the copyright holder of the code and other artefacts.

The following non-Eclipse third-party libraries are used:

  • net.sf.javabdd (JavaBDD)
  • org.apache.batik (Apache Batik)
  • org.apache.commons.exec (Apache Commons Exec)
  • org.apache.commons.io (Apache Commons IO)
  • org.apache.commons.lang (Apache Commons Lang)
  • org.apache.commons.math3 (Apache Commons Math)
  • org.apache.xalan (Apache Xalan)
  • org.apache.xerces (Apache Xerces)
  • org.junit (JUnit)
  • org.w3c.dom.svg (W3C SVG DOM)
  • org.w3c.css.sac (W3C CSS SAC)

The community around developing the code currently consists of the following parties:

  • The TU/e.
  • Dennis Hendriks, the main developer of CIF while under the employment of the TU/e. He is currently employed by TNO, the Netherlands Organisation for Applied Scientific Research.

CIF is currently hosted by the TU/e. The CIF public website is located at http://cif.se.wtb.tue.nl/. The public development website is located at http://devel.se.wtb.tue.nl/trac/cifand includes not only CIF but a few other projects as well. The development website is being migrated to Gitlab, also hosted by the TU/e, at https://gitlab.tue.nl. This Gitlab is currently only accessible after login. A part of the CIF public website is also hosted at http://sedevel.se.wtb.tue.nl/4tc00/, for a TU/e student course.

The plan is to migrate all CIF websites and development resources to the Eclipse Foundation infrastructure.

Source Repository Type
Git
Source Repositories
http://devel.se.wtb.tue.nl/trac/cif
https://gitlab.tue.nl