- Published on 10 Mar 2016
- External News
Cyber-Physical Systems: a coin with two sides
Edward A. Lee is the Robert S. Pepper Distinguished Professor in the Electrical Engineering and Computer Sciences (EECS) department at U.C. Berkeley. His research interests centre on the design, modelling and analysis of embedded, real-time computational systems. He is director of the nine-strong university TerraSwarm Research Center (http://terraswarm.org), a director of Chess, the Berkeley Center for Hybrid and Embedded Software Systems, and director of the Berkeley Ptolemy project. From 2005-2008, he served as chair of the EE Division and then chair of the EECS Department at UC Berkeley. He is co-author of nine books (including second and third editions) and numerous papers. He has led the development of several influential open-source software packages, notably Ptolemy and its various spinoffs. He received a B.Sc. in Computer Science from Yale University, New Haven, CT, in 1979, a Master’s in EECS from Massachusetts Institute of Technology (MIT), Cambridge, in 1981, and a PhD degree in EECS from the University of California Berkeley, Berkeley, in 1986. From 1979 to 1982 he was a member of technical staff in the Advanced Data Communications Laboratory at Bell Telephone Laboratories in Holmdel, New Jersey. He is a co-founder of BDTI, Inc., where he is currently a Senior Technical Advisor, and has consulted for a number of other companies. He is a Fellow of the IEEE, was an NSF Presidential Young Investigator, and won the 1997 Frederick Emmons Terman Award for Engineering Education.
Referring to an article in the ARTEMIS magazine (April 2014) in which professor Alberto Sangiovanni-Vincentelli gave his views on the differences between the USA and Europe in terms of their respective approaches to research, development and innovation of Cyber-Physical Systems, Edward Lee could only concur with his eminent colleague. “In terms of what is happening in Europe and the US, Alberto’s insight is hard to beat. While European industry tends to be more conservative than US industry, I feel compelled to point out that exceptions do exist. Good examples are Airbus, which is much more aggressively using new technology in safety-critical software than Boeing, and the Bosch Rexroth printing press in 2008, which was a cyber-physical factory that used Ethernet and TCP/IP for real-time networking in a safety-critical system. At the time this was quite unique but I believe this is something that we will see become pervasive in the future, especially among automotive manufacturers.”
What are, then, the essential differences in approach?
“Most European industry is probably more hard-core industrial revolution – machinery – and the systems tend to be much more safety-critical than, shall we say, a Facebook page. In the US you have a lot of dominant companies that come from the IT world, like Google, starting to move into the physical world, as in its self-driving car. But apart from the safety-critical Google car, there is more of a tendency to probe those areas that are less safety-critical and so there is more of a shoot first, ask questions later mentality. I also think that there is a much greater culture of entrepreneurship in the US along with a more established venture capital machinery in place. This fuels an approach towards innovation that involves small groups of younger entrepreneurs that aggressively go after speculative targets.”
Digitisation? A term to be revered or reviled?
“I first heard the term when I was in Toulouse for ERTS2, where I gave a keynote talk a month or so ago. I don’t like the term, for two reasons. One is that it reminds me of the shift towards the paperless office in the 1990s. Digitising all the papers that we have and putting them into the IT environment. Although that is clearly not what is meant, it just has that connotation for me. But the second, and more fundamental, reason is that it reflects a bias that the problem of CPS is to make physical systems more cyber. I believe the problem is much more symmetric. I believe it’s an equally difficult problem to make cyber systems more physical. Perhaps even harder. I think this gets to the heart of what I believe is the intellectual challenge behind CPS. On the physical side of engineering, the history of engineering methods and tools goes back a few hundred years or more. Computer science, on the other hand has been around for just a hundred years at most, developing a set of engineering methods and tools that focus on processing information. That was considered the job of a computer. But CPS has changed that perception with the notion that the job of a computer is to sense and actuate what is happening in the physical world. And the engineering tools that have been developed in the computer science world are not very good at doing that job. The problem is that dynamics – how the system changes over time – in the physical world is important but in computers it doesn’t matter. And that makes for a mismatch. We have an engineering tradition that we’re trying to use for something for which it was not intended. But Moore’s Law allows us to get away with a lot of sloppy engineering.”
So what can we do about it?
“Well, if we want to digitise the factory floor, we have to get the software to talk to the machines. It’s a problem with contradictory requirements. And, as an academic, it’s the kind of problem I like to tackle. CPS is full of such problems. We want everything to be connected but we also want everything to be secure. We want things to scale up but we want behaviour to be repeatable and controllable. Such fundamentally contradictory requirements are fuel for innovation.”
Square pegs in round holes?
“In many ways I feel there really is a cultural gulf between the cyber and physical sides. The separation between computer science and physical engineering is more evident in the US than in Europe. In my view, that’s an enormous mistake.”
Despite all the problems, what achievements have been made in the field of CPS in the past decade?
“A lot has happened, no doubt about it. And there has been progress, too, at least in terms of potential. Like a lot of people, though, I’m frustrated by the generally slow pace of uptake of new technology in industrial automation. Of course, engineers have good reason to stick with what they know to be reliable and robust. They will eye with some scepticism someone like me who comes to them very excited with a new technology that is fundamentally unproven and ask them to help me prove it. Of course, for them there is a huge risk involved. That said, I believe the stage has been set over the past ten years for some really radical advances in the near future.”
“Networking technology. The technology that was originally developed for using the internet is becoming eminently usable in CPS. One of the reasons for this is the introduction of high-precision clock synchronisation protocols, which ultimately enable software in a distributed system to orchestrate its actions in a very controlled way, much as the Bosch-Rexroth printing press I referred to earlier. Another example is that you can take embedded systems and put them on a bigger network and, if reliably designed, connect them up to the internet in a way that is safe. The fact that this is now possible is potentially transformative because once these systems become networked, this will enable us to leverage a lot of other exciting developments in technology such as big data, where, using algorithms, data coming from a multiplicity of sources can be turned into intelligence. A third exciting development I would like to cite is the development of ubiquitous low bit-rate, low-cost wireless communication for IoT devices.”
Your recent publication is entitled ‘The Internet of important things’. Important?
“I’m trying to correct a public misconception here. IoT is not simply about toys or for hobbyists; it’s about serious systems. What I’m trying to convey is that we can and should be taking IoT to a much more mission-critical level, but it will take good quality engineering to do that.”
So we could do better?
“Absolutely. I think that software and computing as construed in the 20th century represent a mismatch of technology. We really can do much better. For example, there has been a notion among computer engineers over the past 40 or 50 years that you can’t improve performance without sacrificing control over timing. That has been debunked in a recent project, and was a bit of a surprise to many in the field. Distributed software is another example. I’m a great believer in leveraging and using existing technology but we must not get stuck and just assume things have to be the way they are. People coming at CPS from the physical side tend to lack a deep enough background in computing to be able to question the premises that are given to them in computing. But to rope in the computer experts is also an obstacle here, especially when many treat CPS as a niche, although this tends to be more of a problem in the US than in Europe where we have the separation I referred to earlier. In fact, I really enjoy visiting European institutions where there is a much greater sense of integration. And, in that respect, the US has a great deal to learn from Europe.”
Can you give a preview ahead of your keynote speech at the ARTEMIS Spring Event?
“It’s really to do with the role that models play in engineering. People often think very narrowly about model-based design. Engineers have always used models. But they tend to forget that the models they use the most are just that – models. And that’s a mistake. A model is something you want the physical system to emulate. What today we might consider a low-level model was a high-level model 40 years ago. So the use of models changes dynamically over time. The other observation to make is that engineers use models differently to a scientist. The value of a model to the scientist is how well a model behaves in terms of the physical artefact being modelled but to an engineer the value of the physical thing being modelled lies in how well it behaves like the model. But these are not contradictory uses of models; they are complementary. Given this, I advocate a different style of modelling – deterministic. The reason I provide this observational preface is that many people suggest the physical world cannot be deterministic. Stuff happens. Murphy’s law and all that. But you’re not using models to describe what the physical world is doing but to construct a physical system that behaves like a model. Historically, deterministic models have proved incredibly useful in that sense. And in CPS in particular, one of the challenges that we face is our lack of deterministic models. We need to rectify that.”