Section: New Results

Real-Life Applications and Case Studies

Ambient intelligence is an active research field, whose aim is to design and analyze smart environments that are capable of automated interaction with users and the physical world, through sensors, actuators, displays, and computational elements, embedded in everyday objects, and connected through a network. In the Grenoble area, the Equipex Amiqual4Home (http://amiqual4home.inria.fr) provides among others access to a Smart Home, which is a fully functional two-stage 90 meters square flat with 4 rooms including an open to kitchen living room, a bedroom, a bathroom and a small office. All the rooms are equipped with cameras, microphones, sensors and actuators to remote control various appliances like rollershutter, lights or multimedia devices. The software architecture of the Smart Home is based on the open source home automation software OpenHAB (http://www.openhab.org). It allows a complete control of the flat devices with a single system, despite the various protocols used. Using the rule engine, it also enables the definition of rules expressing how the Smart Home should react to physical (human action, sensors, etc.) or external (weather prediction service, calendar, etc.) events. A difficult question is how to make sure that smart environments are programmed correctly, and will not lead to unexpected or even harmful behaviour.

Smart environments are concurrent and asynchronous by nature. To address the question above, we started, in collaboration with Nicolas Bonnefond (PERVASIVE INTERACTION team and Amiqual4Home), to study how existing tools for the formal design and verification of concurrent asynchronous systems present in the CADP toolbox can be used to verify a smart environment. Firstly, we proposed a translation from OpenHAB rules into a formal LNT model on which properties can be verified [42]. Secondly, in collaboration with Paula Lago and Claudia Roncancio (SIGMA team of LIG), we exploited the dataset ContextAct@A4H of daily living activities collected and annotated within Amiqual4Home for the purpose of activity recognition. Each activity was described as an MCL temporal logic formula that is checked repeatedly on the log of sensor measurements until all occurrences of the activity have been found. This approach has the ability to recognize the start and end points of activities (thus not requiring to segment sensor data) and also expresses the temporal order of events, thus palliating a limitation of existing ontology based activity recognition techniques. This led to a publication in an international conference [17].

The demo examples of CADP, which have been progressively accumulated since the origins of the toolbox, are a showcase for the multiple capabilities of CADP, as well as a test bed to assess the new features of the toolbox. In 2017, the effort to maintain and enhance these demos has been pursued. The demo 05 (Airplane-ground communication protocol) has been modified to use the new syntax of exceptions in the LNT language. The LOTOS and LNT specifications of demo 12 (Message Authenticator Algorithm) have been entirely revised, based upon the fine knowledge acquired by modelling this cryptographic function as a term rewrite system [14]. The LNT specification has also been extended to incorporate the test vectors given in the International Standards ISO 8730 and 8731-2. The resulting specification, which was initially too large to be compiled, is now successfully handled after the enhancements brought to the LNT2LOTOS translator. Demo 19 (Production Cell) has been simplified and is now fully documented in a publication [15].

In the framework of the SECURIOT-2 project (see § 8.2.2.1), a Memory Protection Unit has been formally specified in LNT and verified at Tiempo using CADP. A paper has been submitted to an international conference.