- A1.1.2. Hardware accelerators (GPGPU, FPGA, etc.)
- A1.1.4. High performance computing
- A1.1.5. Exascale
- A1.1.9. Fault tolerant systems
- A1.1.10. Reconfigurable architectures
- A1.3. Distributed Systems
- A1.3.5. Cloud
- A1.3.6. Fog, Edge
- A1.4. Ubiquitous Systems
- A1.6. Green Computing
- A2.1.9. Synchronous languages
- A2.2. Compilation
- A2.3.1. Embedded systems
- A2.5.1. Software Architecture & Design
- A2.5.2. Component-based Design
- A2.5.4. Software Maintenance & Evolution
- A2.6.2. Middleware
- A2.6.4. Ressource management
- A4.9.1. Intrusion detection
- A4.9.3. Reaction to attacks
- A6.4. Automatic control
- B4.5. Energy consumption
- B5.1. Factory of the future
- B6.1. Software industry
- B6.1.1. Software engineering
- B6.1.2. Software evolution, maintenance
- B6.4. Internet of things
- B6.5. Information systems
- B6.6. Embedded systems
- B8.1. Smart building/home
1 Team members, visitors, external collaborators
- Eric Rutten [Team leader, INRIA, Researcher, HDR]
- Raphaël Bleuse [UGA, Associate Professor]
- Gwenaël Delaval [UGA, Associate Professor]
- Stéphane Mocanu [GRENOBLE INP, Associate Professor, HDR]
- Salim Chehida [Inria, from Apr 2022 until Sep 2022]
- Karim Fellah [Inria, until Jun 2022]
- Ghada Moualla [UGA, from Sep 2022]
- Mike Da Silva [CEA]
- Quentin Guilloteau [UGA]
- Estelle Mareva Hotellier [Naval Group]
- Jolahn Vaudey [UGA, from Oct 2022]
- Nelson Nkawa [UGA, Engineer]
Interns and Apprentices
- Ahmadreza Ahmadi [UGA, Intern, from Feb 2022 until Jun 2022]
- Ali-El-Hadi Noura [UGA, Intern, from Feb 2022 until Aug 2022]
- Jolahn Vaudey [UGA, from Feb 2022 until Aug 2022]
- Maria Immaculada Presseguer [INRIA]
- Bogdan Robu [UGA]
2 Overall objectives
Objective: control support for autonomic computing
Ctrl-A is motivated by the observation that computing systems, large (data centers) or small (embedded), are more and more required to be adaptive to the dynamical fluctuations of their environments and workloads, evolutions of their computing infrastructures (mobile, shared, or subject to faults), or changes in application modes and functionalities. Their administration, traditionally managed by human system administrators, needs to be automated in order to be efficient, safe and responsive. Autonomic Computing 31 is the approach that emerged in the early 2000's in distributed systems to answer that challenge, in the form of feedback loops for self-administration control. These loops address objectives like self-configuration (e.g. in service-oriented systems), self-optimization (resource consumption management e.g., energy), self-healing (fault-tolerance, resilience), self-protection (security and privacy).
Therefore, there is a pressing and increasing demand for methods and tools to design controllers for self-adaptive computing systems, that ensure quality and safety of the behavior of the controlled system. The critical importance of the quality of control on performance and safety in automated systems, in computing as elsewhere, calls for a departure from traditional approaches relying on ad hoc techniques, often empirical, unsafe and application-specific solutions.
The main objective of the Ctrl-A project-team is to develop a novel framework for model-based design of controllers in Autonomic Computing, exploiting techniques from Control Theory 30, particularly Discrete Event Systems 33, but also other forms. We want to contribute generic Software Engineering methods and tools for developers to design appropriate controllers for their particular reconfigurable architectures, software or hardware, and integrate them at middleware level. We want to improve concrete usability of techniques from Control Theory by specialists of computing systems 7, and to provide tool support for our methods in the form of specification languages and compilers, as well as software architectures.
We address policies for self-configuration, self-optimization (resource management, low power), self-healing (fault tolerance) and self-protection (security).
3 Research program
Modeling and control techniques for autonomic computing
Our research activity is mainly targeted at models and architectures, with also a notable part devoted to applications and case studies, in co-operations with specialists of the application domains, either academic researchers (e.g. in HPC) or industrial partners (e.g., CEA, Orange labs, in IoT). We adopt a strategy of parallel investigation of, on the one hand, generic models and tools for the design support for control in Autonomic Computing, and, on the other hand, experimental identification of needs and validation of proposals. Therefore we have activities related to several application domains, for each of which we build co-operations with specialists, for example middleware platforms for Cloud systems 3, HPC architectures (e.g., multi-core 11), Dynamic Partial Reconfiguration in FPGA-based hardware 6 and the IoT and smart environments 8.
The main objective of Ctrl-A translates into a number of scientific axes :
- (i) Design support for Control in Autonomic Computing : under the angle of Models and control (e.g., Discrete Event Systems and reactive languages), or at the level of Software Components and Architectures (e.g., for separation of concerns, coordination of multiple autonomic managers : Control, ML, RJMS, or application/infrastructure-levels);
- (ii) Self-adaptative distributed systems and Cloud-Edge/HPC : e.g., RJMS-level dynamical resource harvesting in HPC clusters ; node-level energy management through RAPL ; reproducibility of experimental validation.
- (iii) CyberSecurity & Self-protection in Industrial Control Systems : intrusion detection ; automated risk analysis ; validation of conformity to IEC 62443 standard; self-protection, resilience and reaction by self-reconfiguration ; applications to Smart-Grid infrastructures ; experimental lab.
Achieving the goals of Ctrl-A requires multidisciplinarity and expertise from several domains. The expertise in Autonomic Computing and programming languages is covered internally by members of the Ctrl-A team. On the side of theoretical aspects of control, we have active external collaborations with researchers specialized in Control Theory, in the domain of Discrete Event Systems as well as in classical, continuous control. Additionally, an important requirement for our research to have impact is to have access to concrete, real-world computing systems requiring reconfiguration control. We target autonomic computing at different scales, in embedded systems or in cloud infrastructures, which are traditionally different domains. This is addressed by external collaborations, with experts in either hardware or software platforms, who are generally missing our competences on model-based control of reconfigurations.
4 Application domains
We are attacking the problem of designing well-regulated and efficient self-adaptive computing systems by the development of novel strategies for their runtime management. Therefore the kind of application domains that we typically target involve computing systems with relatively coarse-grain computation tasks (e.g. image processing or HPC tasks, components or services, control functions in Industrial Control Systems). They must be run on distributed heterogeneous architectures. Runtime, unpredictable variations can come from the environment(e.g., data values, user inputs, physical sensors), the application (e.g., functional modes depending on algorithm progress, computation phases, or business processes), or the infrastructure (e.g., resource overload, faults, temperature variations, communication network variations, cyber-attacks).
The general control problem then consists of deciding at runtime the choice of which implementation or version of tasks to dynamically deploy or redeploy on which computing resources, in order to enforce high-level strategies involving objectives in terms of constraints, optimization, logical invariance or reachability. The design of such controllers involves the design of appropriate sensors and actuators in the computing infrastructures. It is based on the use of modeling and decision formalisms of different kinds according to the application characteristics.
The objectives of Ctrl-A are achieved and evaluated in both of our main application domains, thereby exhibiting their similarities from the point of view of reconfiguration control.
Self-adaptive and reconfigurable computing systems, in Cloud-Edge and HPC
One main application domain for the research of Ctrl-A concerns Cloud-Edge and High-Performance Computing. In these contexts, tasks can be achieved following a choice of implementations or versions, such as in e.g., service oriented approaches. Each implementation has its own characteristics and requirements, e.g., w.r.t. resources consumed and QoS offered. The systems execution infrastructures present heterogeneity, with different computing processors, a variety of peripheral devices (e.g., I/O, video port, accelerators), and different means of communications. This hardware or middleware level also presents adaptation potential e.g., in varying quantities of resources or sleep and stand-by modes.
The kinds of control problems encountered in these self-adaptive systems concern the navigation in the configurations space defined by choice points at the levels of applications, tasks, and architecture. The pace of control is more sporadic, and slower than the instruction-level computation performance inside the large-grain tasks.
In this application area, we currently focus especially on the runtime management of resources for energy objectives and digital soberness, e.g. at the level of a data-center by dynamically harvesting unused resources, or at node level by dynamically adjusting frequency under QoS constraints. Ongoing or recent cooperations in the application domain feature Qarnot Computing (défin Inria PULSE), Orange labs, Nokia, Argonne National Laboratories (USA) (JLESC).
Industrial Control Systems, w.r.t. their cybersecurity and Cloud-Edge self-adaptive virtualization
Another general application domain to confront our approaches and models is Industrial Control Systems (ICS), which can be seen as a form of Cyber-Physical Systems (CPS) and IoT, more specifically Industry 4.0 related infrastructures, like SCADA. In this application domain we particularly focus on Cyber-Security problems, considered at the operational level, in terms of Intrusion Detection Systems (IDS), as well as reaction to attacks, in the form of self-adaptive resilience and self-protection. In a context of evolution of technologies in ICS, namely their softwarization and virtualization, we also apply our approaches of the Cloud-Edge application domain, e.g. in virtualized control of Smart Grids. The adaptation problems concern both the functional aspects of the applications, and the middleware support deployment and reconfiguration issues.
Ongoing or recent cooperations in the application domain feature Naval Group, CEA, RTE.
5 Social and environmental responsibility
5.1 Footprint of research activities
In the year 2022, again, the travels of the team have been drastically reduced, particularly due to sanitary restrictions. We are considering focusing more our participation to conferences, w.r.t. geographical location, and favoring publications in journals.
Our activities in energy-efficient management of computing infrastructures involve running experiments on large computing infrastructures e.g., using Grid 5000, where we spend approx. 90k core·hours of computing.
5.2 Impact of research results
We have research activities w.r.t. energy efficiency in computing systems, at the levels of nodes (RAPL) as well as at the higher level of grids (RJMS, CiGri), which are contributing to a better mastered energy consumption in computing.
On the different aspect of sobriety concerning data and privacy, we also are interested in topics of locality of data in Fog/Edge architectures,in order to avoid, useless spreading of confidential data.
On a longer term, we are having reflexions on how to orient our research towards topics explicitely targeting environmental as well social impacts. In line with our topic of autonomic management, for example, we consider control objectives involving trade-offs between performance or QoS and economy of resources and impact, so that users can choose a level of sobriety, thereby allowing for potential resource and energy savings. Our starting cooperation with Qarnot Computing has a potential for involving not only technical considerations but also societal and regulatory constraints, or user and customer choices.
6 Highlights of the year
We have co-chaired, with the TIMA laboratory and CEA in Grenoble, the organization committee of the FETCH’22 summer school (École d’hiver Francophone sur les Technologies de Conception des Systèmes Embarqués Hétérogènes), which should have taken place in winter 2021, but had to be postponed to winter 2022, and then again to summer 2022 due to sanitary restrictions (FETCH’22 web site).
We co-organised the special session on Control for Computing Systems, at CCTA 2022, 6th IEEE Conference on,Control Technology and Applications, aug. 2022, Trieste Italy. (CCTA '22 web site).
Our work in cooperation with Orange labs presented at the FedCSIS 22 conference received the "Professor Zdzisław Pawlak Best Paper Award" in the category of "Industry Cooperation Award" (Award web site).
7 New software and platforms
7.1 New software
Compilers, Synchronous Language, Controller synthesis
Heptagon is an experimental language for the implementation of embedded real-time reactive systems. It is developed inside the Synchronics large-scale initiative, in collaboration with Inria Rhones-Alpes. It is essentially a subset of Lucid Synchrone, without type inference, type polymorphism and higher-order. It is thus a Lustre-like language extended with hierchical automata in a form very close to SCADE 6. The intention for making this new language and compiler is to develop new aggressive optimization techniques for sequential C code and compilation methods for generating parallel code for different platforms. This explains much of the simplifications we have made in order to ease the development of compilation techniques.
The current version of the compiler includes the following features: - Inclusion of discrete controller synthesis within the compilation: the language is equipped with a behavioral contract mechanisms, where assumptions can be described, as well as an "enforce" property part. The semantics of this latter is that the property should be enforced by controlling the behaviour of the node equipped with the contract. This property will be enforced by an automatically built controller, which will act on free controllable variables given by the programmer. This extension has been named BZR in previous works. - Expression and compilation of array values with modular memory optimization. The language allows the expression and operations on arrays (access, modification, iterators). With the use of location annotations, the programmer can avoid unnecessary array copies.
Adrien Guatto, Brice Gelineau, Cédric Pasteur, Eric Rutten, Gwenaël Delaval, Léonard Gérard, Marc Pouzet
UGA, ENS Paris, Inria, LIG
7.2 New platforms
Participants: Stéphane Mocanu.
Hardware-in-the-loop simulation software
Web site: G-ICS. Self-assessment:
- Software Family
- utility: Utility, (see Sae, Section 3.4).
- universe: wide-audience software (aims to be usable by a wide public, to become the reference software in its area, etc.).
- Evolution and maintenance:
- lts: long term support.
- Duration of the Development (Duration): years
- Description : The embedded software on the electronic boards of the G-ICS HIL systems. The electronic board schematics as well as the PCB, embedded software, communication protocol specification and software interfaces with various simulators are provided in open source 14.
- Software Family
8 New results
8.1 Design support for Control in Autonomic Computing
8.1.1 Models and control for multiple loops
Participants: Raphaël Bleuse, Gwenaël Delaval, Jolahn Vaudey, Eric Rutten.
We work on the general notion of Software Engineering for designing controllers for Self-Adaptive Systems, and particularly the potential contribution of Control Theory to provide for Assurances in Self-Adaptive Software Systems (book chapter 7). We propose to consider feedback control as a behavioural model-based instanciation of the MAPE-K loop in Autonomic Computing (book chapter 10). We are considering that complex systems can require multiple loops, motivated by the fact that different sub-problems can require combinations of different decision and control techniques.
One particularly interesting topic is the combination of Control and Machine Learning . In the framework of our cooperation with Nokia Bell-labs (See Section 9.1), and the Dyonisos team at Inria Rennes, and Sophie Cerf now at Spirals team at Inria Lille, we have been considering the management of Software Defined Networks (SDN). The main approach, considering AI / Machine Learning, was developed at Inria Rennes. A cooperation topic has been to consider that these reinforcement learning based approaches involve questions of trust and explanability. In our team we propose to address them by considering their composition (particularly Reinforcement and Neural Networks) with controllers based on Control Theory (particularly deterministic), in order to maintain guarantees on the behaviors of the managed system. As a result we performed a survey of the state of the art in interactions between RL and deterministic control, some of them classic, others less explored. We also contributed to the identification of use-cases from our partners in the Inria/Nokia project, by the proposal of a control-based approach enabling the faster convergence of RL, published in the COMNET journal 12.
Another case of high potential is to consider the combination of control and scheduling. In the context of resource harvesting in HPC (see Section 8.2.3), we start considering the coordination of a controller regulating the injection of bets-effort jobs with the OAR scheduler in the RJMS (Resource and Jobs Management System) of CiGri. Another aspect of this combination is considered in terms of the relationship bewteen discrete control of tasks reconfigurations and scheduling. This topic has been the object of the M2 internship of JolahnVaudey 28.
8.1.2 Software Architectures for multiple loops
Participants: Eric Rutten.
We are studying the question of multiple loops coordination also from the point of view of Software Architectures, generalizing from the similarities and recurring patterns appearing in use-cases. In the past we have worked in the framework of software components-based approaches (JSS 1,TSE 3) involving proposals for modularity and hierarchy of autonomic discrete controllers. In another series of works, targeting the self-adaptation of reconfigurable hardware, namely DPR FPGA (TECS 2), we considered the management of a combination of mission-level and computing platform-level objectives (CBSE14 6). In other, more applicative work (ICCAC17 35)related to a rule-based middleware (COORD17, 8 , we proposed a design framework for reliable multiple Autonomic Loops, motivated by the management of different functionalities, at different levels of the system, and/or with different decision models. Part of the ideas emerging from that work was followed upon in the different context of Cyber-Physical Systems and the CPS4EU project, where we explore software architectures for self-adaptative middleware support for IoT and CPS. We propose the separation of concerns between the description of the self-adaptation and configurations space at the different levels of applications or functionality on the one side, and infrastructure and resources on the other side. Each dimension can have its own dynamics, independently of the other, and can be designed separately, while both have to be coordinated. We have instanciated this idea using models like queing networks (ECSA20 9).
8.1.3 Discrete Control and reactive languages
Participants: Gwenaël Delaval, Jolahn Vaudey, Stéphane Mocanu, Eric Rutten.
Our work in reactive programming for autonomic computing systems is focused on the specification and compilation of declarative control objectives, under the form of contracts, enforced upon classical mode automata as defined in synchronous languages. The compilation involves a phase of Discrete Controller Synthesis, integrating the tool ReaX, in order to obtain an imperative executable code. The programming language Heptagon / BZR (see Section 7.1.1 ) integrates our research results 5.
Recent work concerns a methodology for the evaluation of controllers. We are considering that Discrete Controller Synthesis produces results that are correct by construction w.r.t. the formal specification, but in practice there remains to evaluate the obtained controller quantitatively, to check e.g., whether it is not overconstrained, and effectively producing the expected impact on the overall system behavior. We consider our work on self-protection (see Section 8.3.2) as a use case, evaluating the improvement of resilience of a system in the presence of attacks.
We used Heptagon/BZR as a simulation tool, to compare a program embedding a synthesized controller, with a similar program either without controller, or with a simple controller programmed manually, without use of discrete controller synthesis. The environment (alarms from an intrusion detection system) has been modeled also in Heptagon/BZR as a Markov chain, that can be simulated with an ad hoc Heptagon library. We then measure several values for each program version: average number of steps before the system get to a “safe” state (state where one remote processing unit do not work anymore because of the attacks), evolution in time of the average number of “programs” in “safe” mode. This evaluation by simulation confirm that the program with the synthesized controller is more efficient w.r.t. these measurements. In some specific cases, we are also able to compare the values obtained by simulation, with theoretical optimal values computed from the Markov chain of the environment.
8.2 Self-adaptative distributed systems in Cloud-Edge and HPC
HPC (High-Performance Computing) systems have increasingly become more varying in their behavior, in particular in aspects such as performance and power consumption, thereby encountering problems also known in the Cloud, and the fact that they are becoming less predictable demands more runtime, autonomic management 11. We explore related issues along the following topics.
8.2.1 Sustaining performance while reducing energy consumption with a Control Theory Approach
Participants: Raphaël Bleuse, Eric Rutten.
We explore a form of trade-off between performance and resource and energy consumption, with the aim to sustain performance while reducing energy consumption with a Control Theory approach. The infrastructure is considered at a level close to the hardware, in that we use the RAPL (Running Average Power Limit) mechanism available in Intel processors. We exploit heterogeneity as an opportunity: as applications dynamically undergo variations in workload, due to phases or data/compute movement between devices, one can dynamically adjust power across compute elements to save energy without impacting performance. With an aim toward an autonomous and dynamic power management strategy for current and future HPC architectures, we explore the use of control theory for the design of a dynamic power regulation method, periodically monitoring application progress and choosing at runtime a suitable power cap for processors. Thanks to a preliminary offline identification process, we derive a model of the dynamics of the system and a proportional-integral (PI) controller. We evaluate our approach on top of an existing resource management framework, the Argo Node Resource Manager, deployed on several clusters of Grid’5000, using a standard memory-bound HPC benchmark.
Building upon a methodology and first results (EuroPar21 4), we improved the robustness and reusability of controllers by leveraging adaptive control (CCTA22 17). The work was presented at the JCAD 2022 21.
This work is done in cooperation with Swann Perarnau (Argonne National Lab., Chicago, IL) in the framework of the JLESC : Joint Laboratory on Extreme Scale Computing (see Section 10.1.1 ).
Amongst perspectives of this topic, we are considering to use it as a background in our starting research in the WP5 of defi Inria-Qarnot Computing "PULSE" (see Section 9.1).
8.2.2 RJMS-level dynamical resource harvesting in HPC clusters
Participants: Ahmadreza Ahmadi, Quentin Guilloteau, Raphaël Bleuse, Bogdan Robu, Eric Rutten.
This resource harvesting problem is found in the context of CiGri, a simple, lightweight, scalable and fault tolerant grid system which exploits the unused resources of a set of computing clusters. CiGri harvests and exploits the unused resources of a set of computing clusters, by injecting best-effort jobs on top of the prioritary applications. We consider autonomic administration for scientific workflows management through a control theoretical approach for maximizing usage while avoiding overload.
We propose a model described by parameters related to the key aspects of the infrastructure thus achieving a deterministic dynamical representation that covers the diverse and time-varying behaviors of the real computing system.
We studied simple forms of control, as well as adaptive and an exten- sion with model free control. We first considered essentially the performance of harvesting itself, then integrated the problem of Distributed File Server load, that can heavily disturb prioritary applications. The preparatory work involved identification of loads and profiles (COMPAS22 23, 25).
We more specifically consider the need for controllers that can adapt to variations a long time in the behavior of controlled systems, but also to being reused on different systems and processors. We therefore explore the application of Model-Free Control (MFC) in the context of resource harvesting in a Computing Grid, by regulating the injection of flexible jobs while limiting perturbation of the prioritary applications (CCTA 2022 16). This approach was also the topic of the Master's thesis in Control Theory of Ahmadreza Ahmadi 26
This work is done in cooperation with the Datamove team of Inria/LIG (O. Richard), and Gipsa-lab (B. Robu), and it is the topic of the PhD thesis in Computer Science of Quentin Guilloteau.
8.2.3 Combining Scheduling and Autonomic Computing for Parallel Computing Resource Management
Participants: Raphaël Bleuse, Ali Noura, Quentin Guilloteau, Bogdan Robu, Eric Rutten.
This research topic aims at studying the relationships between scheduling and autonomic computing techniques to manage resources for parallel computing platforms. The performance of such platforms has greatly improved (149 petaflops as of November 2019 34) at the cost of a greater complexity: the platforms now contain several millions of computing units. While these computation units are diverse, one has to consider other constraints such as the amount of free memory, the available bandwidth, or the energetic envelope. The variety of resources to manage builds complexity up on its own. For example, the performance of the platforms depends on the sequencing of the operations, the structure (or lack thereof) of the processed data, or the combination of application running simultaneously.
Scheduling techniques offer great tools to study/guaranty performances of the platforms, but they often rely on complex modeling of the platforms. They furthermore face scaling difficulties to match the complexity of new platforms. Autonomic computing manages the platform during runtime (on-line) in order to respond to the variability. This approach is structured around the concept of feedback loops. The scheduling community has studied techniques relying on autonomic notions, but it has failed to link the notions up.
We are starting to address this topic at the general level of a state of the art of relations between the two domains, and also at the more concrete and specific level of a real-world use-case, in the context of CiGri as above. Indeed this context features a RJMS (Resources and Jobs Management System) involving the OAR scheduler. Therefore we are identifying coordination with the previously described controller and OAR, in particular in such way that OAR is able to notify the controller of upcoming rises or falls of activity in prioritary tasks, and we are exploring how this information can be exploited by the controller, by adopting for example a Feed Forward approach.
This work is done in cooperation with the Datamove team of Inria/LIG (O. Richard), and Gipsa-lab (B. Robu), and it is in the topic of the PhD thesis in Computer Science of Quentin Guilloteau and of the Master's thesis in Control Theory of Ali-El-Hadi Noura 27
Amongst perspectives of this topic, we are considering to use it as a background in our starting research in the WP6 of defi Inria-Qarnot Computing "PULSE" (see Section 9.1).
8.2.4 Self-adaptation of Device Management servers for the IoT in the Cloud-Edge
Participants: Ghada Moualla, Eric Rutten.
In the context of IoT (Internet of Things), Device Management (DM), i.e., remote administration of IoT devices, becomes essential to keep them connected, updated and secure, thus increasing their lifespan through firmware and configuration updates and security patches. In a context where DM is being adapted to Cloud-Edge infrastructures, legacy DM solutions were adequate when dealing with home devices (such as Television set-top boxes), but they need to be extended to adapt to new IoT requirements. Indeed, their manual operation by system administrators requires advanced knowledge and skills. Further, the static DM platform – a component above IoT platforms that offers advanced features such as campaign updates / massive operation management – is unable to scale and adapt to IoT dynamicity. To cope with this, this work, performed in an industrial context at Orange, proposes a self-adaptive architecture with runtime horizontal scaling of DM servers, with an autonomic Auto-Scaling Manager, integrating in the loop constraint programming for decision making, validated with a meaningful industrial use-case (FedCSIS 18).
This work is in the framework of the Inria/Orange labs joint laboratory (see Section 9.1), and has been supported by the post-doctoral research of Ghada Moualla at Orange labs.
8.2.5 Self-adaptive support for Could-Edge Cyber-physical Systems : Smart Grids Use Case
Participants: Salilm Chehida, Karim Fellah, Stéphane Mocanu, Eric Rutten.
In this work we consider self-adaptation at the level of Software Architectures, targeted at the domain of Cyber-Physical Systems where Cloud-Edge infrastructures are being adopted in application domains like Smart Grids. This activity takes place in the framework of the H2020 project CPS4EU (see Section 10.2.1).
We develop a generic approach to model control loops and their interaction within Cloud-Edge infrastructures in CPS environments. We take advantage of MAPE-K loops to enable architectural self-adaptation. The system’s architectural setting is aligned with the adaptation goals and the components run-time situation and constraints. A hierarchical architecture with a control mechanism formalized with constraint programming (CP) is modeled. The control system assesses the reconfigurations that enhance the quality of service (QoS) while considering the internal and external limitations. The CP considers the desired application level control modes and assesses their feasibility by computing the response time and availability using a Netflow algorithm. As an applicative use-case of our Software Architectures approach from Section 8.1.2, we consider Smart Grid management, in cooperation with RTE (HICSS'22 19).
In another work, we consider self-adaptive security in such Cloud-Edge infrastructures-based CPS. Security risk assessment is an important challenge in the design of Cyber Physical Systems (CPS). Even more importantly, the intrinsically dynamical nature of these systems, due to changes in their environment, as well as evolutions in their infrastructures, makes them self-adaptive systems, where security aspects have to be considered in terms of management of detections and reactions for self-protection. In this work, we propose an approach to autonomously mitigate the threats in each reconfiguration at application or infrastructure levels of CPS. We propose and implement a framework for self-adaptive security : software architecture, design method, and integration with model-based decision. We use Attack-Defense Trees for modeling threats, and our approach involves security risk assessment, taking into account its balancing and coordination with quality of service aspects. We formulate and formalize the on-line decision problem to be solved at each cycle of the self- adaptation control loop in terms of Constraint Programming (CP) modeling and resolution. The CP model implements a set of constraints that allow to specify secure configurations, evaluated regarding their impact on system performance to pinpoint the most relevant one portraying a good balance between the security and quality of service. We perform validation of our approach with its application to Smart Grids, more particularly to an industrial case study from RTE.
At a different level, we consider another use-case from RTE, focused on the substation level, under the angle of questions of resilience, seen under the approach of self-adaptation, and more particularly as self-protection in response to attacks of the network. We currently work on analysing the problem and modelling it in terms of its constraints. The problem is to allocate and reallocate dynamically a set of control functions upon a distributed computing infrastructure, with self-adaptation to variations and perturbations. We define and implement the decision model using constraint programming, to describe the space of possible configurations, as well as the constraints and objectives formalizing the operators strategies. This model is used in simulation and implementation, calling the constraints solver at each cycle of the self-adaptation control loop. It offers design assistance and rapid prototyping to automation designers, to explore choices of solutions in requirements and strategies.
8.3 Cyber-Security & Self-protection
CTRL-A team is participating in the PEPR Cybersecurity reseach projetc SuperviZ. Stéphane Mocanu is the leader of the Platform workpackage of SuperviZ (Section 10.3.1).
8.3.1 Intrusion detection in industrial control systems
Participants: Estelle/Maréva Hotellier, Mike Da Silva, Stéphane Mocanu.
First results on process oriented sequential attacks detection were obtained during Oualid Koucham’s PhD and published recently in 13 together with a general alert correlation framework.
A complete intrusion detection and alert correlation framework was proposed and process oriented IDS and correlator were synthesised, implemented and available in open-source on-line (G-ICS). Smart-grid applications on intrusion detection and impact on dependability were presented in 32.
We further develop the results for distributed and hierarchical systems in the PhD thesis of Estelle Hotellier. Some first results on the attacks on industrial speed driver controlled via CanOpen were presented in August 2021 in the local Barbhack Hacking conference. We recently extended Zeek IDS detection capabilities to CAN networks and the code will soon be freely available.
8.3.2 Resilience and reaction in Industrial Control Systems
Participants: Gwenaël Delaval, Stéphane Mocanu, Eric Rutten, Jolahn Vaudey.
As consequences of attacks on Industrial Control Systems may be dramatic, an important topic in ICS cybersecurity is the improvement of cyber-resilience. Reaction in case of attacks is also a crucial and sensitive topic. Our approach for both resilience and reaction problems is based on the notion of self-protection, where self-adaptation takes the form of self-reconfiguration of the architecture. Based on a first approach developed in the PhD of Kabir-Querrec, and experience on modelling reconfiguration with DES, we formalized recently the self-protection problems as a DES control problems. A model and a formulation of the reconfiguration problem was specified in Heptagon/BZR (IFAC World 2020 conference 29). We are currently working on a method to evaluate the effectiveness of the obtained controllers related to section 8.1.3. This is the topic of the PhD thesis in Computer Science of Jolahn Vaudey.
8.3.3 Automated risk analysis, and Embedded program verification
Participants: Nelson Nkawa, Mike Da Silva, Stéphane Mocanu.
One topic is in automated risk analysis, with the specification of a DSML dedicated to the automated analysis of the security of industrial control systems based on their safety properties. The idea is to extract the devices characteristic and the flow cartography from the configuration files and enrich the model with the description of the network infrastructure and available security measures. Based on public vulnerability databases a STRIDE threat model will be automatically constructed and a list of suggested measures proposed. An incipient proof of concept of automatic flow cartography based on configuration files was proposed in the PhD of Maëlle Kabir-Querrec.
9 Bilateral contracts and grants with industry
9.1 Bilateral grants with industry
Participants: Eric Rutten.
We have had a cooperation with Orange labs, around the Orange postdoctoral grant of Ghada Moualla, on the topic of autonomic device management (see Section 8.2.4). This activity is part of the Inria/Orange joint laboratory.
Nokia / Bell labs
Participants: Eric Rutten.
We have had a research action with Nokia / Bell labs, in cooperation with project-team Dyonisos at Inria Rennes, on the topic of the Autonomic management in Software Defined Networks, as described in Section 8.1.1. This activity is part of the Inria/ Nokia / Bell labs joint laboratory.
Participants: Estelle Hotellier, Stéphane Mocanu.
We have a cooperation with Naval Group, around the PhD grant of Estelle Hotellier, on the topic of intrusion detection in complex Industrial Control Systems (ICSs), as described in Section 8.3.1. We are interested in Process-Aware attacks i.e. attacks that target the physical integrity of systems. We consider the hybrid nature of ICSs and our methodology applies for event-driven and continuous dynamical systems. We aim at developing a behavioral network traffic Intrusion Detection System (IDS) based on the ICS characterization through security properties. To do so, we extract system safety properties from standards, devices programs or system specifications and synthesize them into security patterns. These patterns are then monitored by our IDS which is in charge of raising alerts.
Participants: Mike da Silva, Stéphane Mocanu.
We have a cooperation with CEA, around the PhD grant of Mike da Silva, as described in Section 8.3.3. This PhD topic objective is to provide an automatic vulnerability extraction from a security oriented ICS architecture model. Existing modeling languages (SCL for substation and AutomationML for industrial automation) provide support for controller hardware and network accessible data description but not for complete data flow and network infrastructure description nor for vulnerabilities and their effects. We extend existing languages with support for network infrastructure modeling including security controls and data flow description together with a vulnerability data-base support. We will rely on public CVE data bases and an extensive study of industrial protocols formal verification including support for high-availability networks. The results of the automatic architecture model processing is used for threat modeling, attack scenario construction, attack impact assessment and eventually security controls choice assistance.
Participants: Raphaël Bleuse, Eric Rutten.
We have a cooperation with Qarnot computing in the framework of the "défi Inria" PULSE, with the support of Ademe, on the topic of pushing carbon-neutral services towards the edge. Particularly, we are involved in WP5 on the Control of emissions of intensive computation tasks, and WP6, which we are coordinating, on the efficient hybridation of heterogeneous computing tasks.
10 Partnerships and cooperations
10.1 International initiatives
10.1.1 Participation in other International Programs
Participants: Raphaël Bleuse, Bogdan Robu, Eric Rutten.
We participate in the JLESC, Joint Laboratory for Extreme Scale Computing, with partners INRIA, the University of Illinois, Argonne National Laboratory, Barcelona Supercomputing Center, Jülich Supercomputing Centre and RIKEN AICS. We started a cooperation with Argonne National Labs, in the framework of a project on improving the performance and energy efficiency of HPC applications using autonomic computing techniques (see Section 8.2.1).
10.2 European initiatives
10.2.1 H2020 projects
Participants: Salim Chehida, Karim Fellah, Stéphane Mocanu, Eric Rutten.
Cyber Physical Systems for Europe
From July 1, 2019 to September 30, 2022
- KALRAY SA (KALRAY), France
- INSTITUT NATIONAL DE RECHERCHE EN INFORMATIQUE ET AUTOMATIQUE (INRIA), France
- UNIVERSITA DEGLI STUDI DI SALERNO, Italy
- UNIVERSITE DE LORRAINE (UL), France
- SCHNEIDER ELECTRIC FRANCE SAS (SEF), France
- ASSOCIATION JESSICA FRANCE (JESSICA FRANCE), France
- M3 SYSTEMS SAS (M3S), France
- TRUMPF WERKZEUGMASCHINEN SE + COKG (TRUMPF), Germany
- GREENWAVES TECHNOLOGIES (GREENWAVES TECHNOLOGIES), France
- ACS PLUS GMBH (ACS), Germany
- COMMISSARIAT A L ENERGIE ATOMIQUE ET AUX ENERGIES ALTERNATIVES (CEA), France
- WIKA MOBILE CONTROL GMBH & CO KG (WIKA), Germany
- VALEO VISION SAS (Valeo Vision), France
- VALEO VISION SAS (Valeo Vision), France
- TECHNISCHE UNIVERSITAT CLAUSTHAL (TUC), Germany
- BUDAPESTI MUSZAKI ES GAZDASAGTUDOMANYI EGYETEM (BUDAPEST UNIVERSITY OF TECHNOLOGY AND ECONOMICS), Hungary
- EUROTECH SPA (EUROTECH), Italy
- VALEO COMFORT AND DRIVING ASSISTANCE (Valeo Comfort And Driving Assistance), France
- VALEO COMFORT AND DRIVING ASSISTANCE (Valeo Comfort And Driving Assistance), France
- FUNDACION CENTRO DE TECNOLOGIAS DE INTERACCION VISUAL Y COMUNICACIONES VICOMTECH (VICOM), Spain
- ARCURE SA (ARCURE), France
- UNIVERSITE GRENOBLE ALPES (UGA), France
- EMBEDDED FRANCE (EMBEDDED FRANCE), France
- VSORA (VSORA), France
- YUMAIN (GST), France
- INTERNET OF TRUST, France
- INSTITUTO TECNOLOGICO DE INFORMATICA (ITI), Spain
- LEONARDO - SOCIETA PER AZIONI (LEONARDO), Italy
- RTE RESEAU DE TRANSPORT D'ELECTRICITE, France
- SHERPA ENGINEERING SA (SHERPA), France
- UNIVERSITAET AUGSBURG (UAU), Germany
- THALES (THALES), France
- PROVE& RUN (Prove & Run), France
- EMMTRIX TECHNOLOGIES GMBH (EMMTRIX), Germany
- CENTRE NATIONAL DE LA RECHERCHE SCIENTIFIQUE CNRS (CNRS), France
- ACOEM FRANCE SAS (ACOEM), France
- CENTRALESUPELEC (CentraleSupélec), France
- SPINSPLIT MUSZAKI KUTATO FEJLESZTOKFT (SPINSPLIT TECHNICAL RESEARCH AND DEVELOPMENT LLC), Hungary
- ANSYS FRANCE SAS (ANSYS), France
- AIRLANE TECHNOLOGIES (AIRLANE), France
- SEQUANS COMMUNICATIONS SA (SEQ), France
- ETH LAB SRL (ETH LAB), Italy
- SYSNAV SAS (SYSNAV), France
VALEO VISION SAS (Valeo Vision), France
In recent years, Cyber Physical Systems (CPS) technologies have become a game changer in strategic sectors such as Automotive, Energy and Industry Automation, where Europe is a world leader. In fact, CPS is a key driver for the innovation capacity of European industries, large and small, generating economic growth and supporting meaningful jobs for citizens. CPS4EU aims to arm Europe with extensive value chain across key sectors by:
1. Strengthening CPS Technology providers, mainly European SMEs, to increase their market share and their competitiveness to become world leaders
2. Improve design efficiency and productivity and enable secure certification
3. Enabling the creation of innovative European CPS products that will strengthen the leadership and competitiveness of Europe by both large groups and SMEs
4. Large Dissemination of CPS technologies.
To achieve these goals CPS4EU will:
1. Develop 4 key enabling technologies (computing, connectivity, sensing, cooperative systems) 2. Incorporate these CPS modules through pre-integrated architectures and design tools
3. Instantiate these architectures in dedicated use cases from strategic application: automotive, smart grid and industry automation
4. Improve CPS awareness and usage for all industrial sectors
CPS4EU gathers major large companies (BMW, VALEO, THALES, TRUMPF, RTE, ABENGOA, LEONARDO, and SCHNEIDER ELECTRIC), a large set of innovative SMEs and world-class research centres (FHG, CEA, DLR, INRIA, KIT, CNRS) to significantly reduce the development time and certification efforts through pan European collaboration, knowledge exchange and access to the strong value chain in strategic markets,
CPS4EU builds on a strong foundation in European and national initiatives. It will enable the European industry to lead strategic markets thanks to high level sharing of CPS technologies across sectors all along the value chain.
In this project, the Ctrl-A team is involved in WP4 and WP9 mainly, on topics of Software Architec- tures for Self-Adaptive systems in CPS, and our main industrial collaboration is with RTE (see Section 8.2.5).
10.3 National initiatives
10.3.1 PEPR Cybersecurity
Participants: Nelson Nkawa, Stéphane Mocanu.
We participate in the PEPR Cybersecurity research project SuperviZ.
Stéphane Mocanu is the leader of the Platform workpackage of SuperviZ.
10.3.2 IRT Nanoelec Pulse program
Participants: Nelson Nkawa, Stéphane Mocanu.
The IRT Nanoelec Pulse program aims at the development for SCADA cybersecurity demonstrators.
Participants: Raphaël Bleuse, Gwenaël Delaval, Stéphane Mocanu, Eric Rutten.
11.1 Promoting scientific activities
11.1.1 Scientific events: organisation
General chair, scientific chair
Eric Rutten is co-chairing, with Liliana Andrade (Université Grenoble Alpes, TIMA) and Pascal Vivet (CEA List), FETCH 2022 (École d’hiver Francophone sur les Technologies de Conception des Systèmes Embarqués Hétérogènes) the 15th Winter School on Heterogeneous Embedded Systems Design Technologies, postponed to 2022 due to sanitary restrictions.
11.1.2 Scientific events: selection
Member of the conference program committees
Raphaël Bleuse is PC member for IPDPS 2023.
Gwenaël Delaval and Eric Rutten are reviewers for IFAC World Congress 2023.
Gwenaël Delaval is reviewer for WODES'22.
Reviewer - reviewing activities
Gwenaël Delaval is reviewer for ACM TECS.
11.1.4 Invited talks
Quentin Guilloteau has been invited to give a talk at the YODA working group session of the GdR GPL days 2022.
11.1.5 Scientific expertise
Eric Rutten has been reviewing an ANR JCJC 2022 project.
11.1.6 Research administration
Raphaël Bleuse is member of the team organizing the LIG keynotes.
Gwenaël Delaval is elected member at the Academic Council (Conseil Académique) of University Grenoble Alpes (UGA) for the Confédération Générale du Travail trade union.
Eric Rutten is a named member of the Scientific Board (Bureau Scientifique) of LIG (Lig). He co-organised the LIG workshop of axes WAX.
Eric Rutten has a mission as Correspondent for Scientific Relations between Inria Grenoble and CEA.
11.2 Teaching - Supervision - Juries
- R. Bleuse; network architecture; 44h; L1; Univ.@ Grenoble Alpes
- R. Bleuse; computer architecture; 40h tutorials/practicals; L1; Univ.@ Grenoble Alpes
- R. Bleuse; object-oriented design; 34h lectures/tutorials/practicals; L1; Univ.@ Grenoble Alpes
- R. Bleuse; network services installation; 8h practicals; L1; Univ.@ Grenoble Alpes
- R. Bleuse; setting up a development environment; 3h practicals; L1; Univ.@ Grenoble Alpes
- R. Bleuse; application devlopment and deployment; 30h; L2; Univ.@ Grenoble Alpes
- R. Bleuse; C language; 4h lectures/12h practicals; L2; Univ.@ Grenoble Alpes
- R. Bleuse; network architecture; 10h tutorials/practicals; L2; Univ.@ Grenoble Alpes
- R. Bleuse; advanced algorithmics/C++ language; 16h practicals; L1–2; Univ.@ Grenoble Alpes
- R. Bleuse; algorithmics/object-oriented programming refresher course; 24h lectures/tutorials/practicals; L3; Univ.@ Grenoble Alpes
- R. Bleuse; continuous integration; 28h lectures/tutorials/practicals; L3; Univ.@ Grenoble Alpes
- Licence : G. Delaval, Bases du développement logiciel, modularité et tests, 15h lecture/tutorials, 15h lab, L2, Univ. Grenoble Alpes
- Licence : G. Delaval, Algorithmique et programmation impérative, 16h30 lab, L2, Univ. Grenoble Alpes
- Master : G. Delaval, Compilation project, 4 weeks software project tutoring, M1, Univ. Grenoble Alpes
- Master : S. Mocanu, Computer Networks and Cybersecurity, 16h class, 34h lab, M1, Grenoble-INP/ENSE3
- Master : S. Mocanu, Industriel Computer Networks, 8h class, 8h lab, niveau (M1, M2), M2, Grenoble-INP/ENSE3
- Master : S. Mocanu, Reliability, 10h class, 8h lab, M2, Grenoble-INP/ENSE3
- Master : S. Mocanu, Intrusion Detection and Defense in Depth labs, niveau M2, Grenoble-ENSE3/ENSIMAG
- PhD in progress: Estelle Hotelier (CIFRE grant) ;Intrusion Detection in Complex Hybrid Industrial Systems, started April 2021; co-advised by Stéphane Mocanu with Franck Sicard and Julien Francq (Naval Group).
- PhD in progress: Mike Da Silva (CEA grant) ; Automated Risk Analysis for Industrial Systems, started October 2021; co-advised by Stéphane Mocanu with Maxime Puys and Pierre-Henri Thevenon (CEA-Leti).
- PhD in progress: Quentin Guilloteau (UGA) ; An autonomic approach to the dynamic management of recources in HPC clusters ; started oct. 20 ; co-advised by Eric Rutten with O. Richard, Datamove team Inria/LIG.
- PhD in progress: Jolahn Vaudey (UGA), Self-reconfiguration of industrial systems applied to cyber-resilience ; started Oct. 2022 ; co-advised by Stéphane Mocanu, Gwenaël Delaval, Eric Rutten
11.3.1 Articles and contents
Estelle Hotellier was involved in a PhD students green computing awarness project. The results were published in 20.
12 Scientific production
12.1 Major publications
- 1 articleA Domain-specific Language for The Control of Self-adaptive Component-based Architecture.Journal of Systems and SoftwareJanuary 2017
- 2 articleModel-based design of correct controllers for dynamically reconfigurable architectures.ACM Transactions on Embedded Computing Systems (TECS)153February 2016
- 3 articleDesigning Autonomic Management Systems by using Reactive Control Techniques.IEEE Transactions on Software Engineering427July 2016, 18
- 4 inproceedingsSustaining Performance While Reducing Energy Consumption: A Control Theory Approach.Lecture Notes in Computer ScienceEURO-PAR 2021 - 27th International European Conference on Parallel and Distributed Computing12820Euro-ParLisbon, PortugalSpringerSeptember 2021, 334–349
- 5 articleIntegrating Discrete Controller Synthesis in a Reactive Programming Language Compiler.journal of Discrete Event Dynamic System, jDEDS, special issue on Modeling of Reactive Systems2342013, 385-418URL: http://dx.doi.org/10.1007/s10626-013-0163-5
- 6 inproceedingsA Domain-specific Language for Autonomic Managers in FPGA Reconfigurable Architectures.ICAC 2018 - 15th IEEE International Conference on Autonomic ComputingTrento, ItalyIEEESeptember 2018, 1-10
- 7 incollection What Can Control Theory Teach Us About Assurances in Self-Adaptive Software Systems? Software Engineering for Self-Adaptive Systems 3: Assurances 9640 LNCS Springer May 2017
- 8 inproceedingsDevelopment Tools for Rule-Based Coordination Programming in LINC.19th International Conference on Coordination Languages and Models (COORDINATION)LNCS-10319Coordination Models and LanguagesPart 2: Languages and ToolsNeuchâtel, SwitzerlandSpringer International PublishingJune 2017, 78-96
- 9 inproceedingsIAS: an IoT Architectural Self-adaptation Framework.ECSA 2020 - 14th European Conference on Software ArchitectureL’Aquila, ItalySeptember 2020, 1-16
- 10 incollectionFeedback Control as MAPE-K loop in Autonomic Computing.Software Engineering for Self-Adaptive Systems III. Assurances.9640Lecture Notes in Computer ScienceSpringerJanuary 2018, 349-373
- 11 articleAn Autonomic-Computing Approach on Mapping Threads to Multi-cores for Software Transactional Memory.Concurrency and Computation: Practice and Experience3018September 2018, e4506
12.2 Publications of the year
International peer-reviewed conferences
Conferences without proceedings
Reports & preprints
Other scientific publications
12.3 Cited publications
- 29 inproceedingsDiscrete Control of Response for Cybersecurity in Industrial Control.IFAC 2020 - IFAC World Congress 2020Proc. of the 21st IFAC World CongressBerlin, GermanyJuly 2020, 1-8
- 30 bookFeedback Control of Computing Systems.Wiley-IEEE2004
- 31 articleThe Vision of Autonomic Computing.IEEE Computer361January 2003, 41--50
- 32 articleReal-Time Performance and Security of IEC 61850 Process Bus Communications.Journal of Cyber Security and Mobility102April 2021, 1-42
- 33 articleOn the Supervisory Control of Discrete Event Systems.Proceedings of the IEEE771January 1989
- 34 miscTOP500 list.URL: https://www.top500.org/lists/
- 35 inproceedingsDesign Framework for Reliable Multiple Autonomic Loops in Smart Environments.2017 IEEE International Conference on Cloud and Autonomic Computing (ICCAC) Tucson, AZ, United StatesSeptember 2017