Category Theory Framework for System Engineering and Safety Assessment Model Synchronization Methodologies
Abstract
:1. Introduction
2. State of the Art
2.1. Model-Based System Engineering and Safety Assessment
2.1.1. Model-Based System Engineering (MBSE)
2.1.2. Model-Based Safety Assessment (MBSA)
2.1.3. Structural Models
2.2. Synchronisation Methodologies
- Abstraction: The models are translated to a common formalism.
- Comparison: The comparison is operated in the abstracted models. Writing the compared models in a common formalism makes the comparison easier than with heterogeneous models.
- Concretization: The comparison results are carried back to the original models. Concretization can be achieved by correcting the models, annotations, or other means.
- P and B are sets of symbols called ports and blocks, respectively;
- C is a multiset of subsets of P called connections;
- is a subset of such as any element of that is associated with, at most, a unique element of B called its parent, and there exists a unique block with no parent.
2.3. Category Theory
2.3.1. Category
- A class Ob(C) of objects;
- For , the set of morphisms from x to y;
- Morphisms are often called arrows;
- This set is called the Homset of x and y.
- Composition: If and , then .
- Associativity: If f,g,h are morphisms such that and exist, then .
- Identity: for each , there exists an identity morphism
- A function ;
- For each , a function .
- Identities are preserved by F, i.e., for , ;
- Composition is preserved by F, i.e., for and , , we have .
2.3.2. Some Interesting Concepts
- A functor ;
- Natural transformations and .
2.3.3. Use of Category Theory in System Engineering
3. Mathematical Framework for Consistency
3.1. Mathematical Representation of a Structural Model
- Blocks;
- Ports;
- Connections.
- is a finite set of blocks, ports and connections;
- For each connection C, if a port is such that , then there exists two functors and in B such that maps to and maps every element of C to and every morphism to .
- For each block :
- -
- For each connection , we have and there is a morphism in B that maps each element of C to ;
- -
- For each port , we have and there is a morphism in B that maps to ;
- -
- For each block , we have and there is a morphism that maps every object of to itself in and does the same with morphisms;For each X in , there exist a unique block (possibly ), such that there is no block such that ; we also have either or ;
- There are no other morphisms in the block than those described here and the morphisms that derive from category theory axioms, i.e., identities and compositions.
- Ob(M) is a finite set of blocks, ports, and connections;
- There exists a block R called the root of M such that , and for each , ;
- The morphisms described between each object and a block in the definition of a block also hold between the objects of M and the block R;
- There are no other morphisms in the model than those described here and the morphisms derived from category theory axioms, i.e., identities and compositions.
- A is a block, and f is the identity over this block;
- A is a port, and f maps to ;
- A is a connection, and f maps any to .
- , the set of all S2ML models. We call them the objects of ;
- For each , Hom(X, Y) is the set of the injections from X to Y.
- Identity:Let .The morphisms of S2ML+Cat are the injections between S2ML models.Due to the identity being trivially injective on objects and morphisms, it is an injection.Therefore, .
- Composition:Let , let and let .is an injection, because each of its components (over objects and homsets) is a composition of injective applications and thus an injective application.Therefore .
- Associativity:Injections are functors between categories; therefore, they are associative.
- Ob(X) contains:
- -
- For each , the port = {p};
- -
- For each , the connection such as with ;
- -
- For each block , the block that contains all blocks, ports, and connections that are under b for the relation;
- The morphisms in X are trivially obtained from Definition 12.
- P = { | is a port };
- B = { b′ | b′ is a symbol associated to , which is a block };
- C = { c’ = { for | is a connection};
- = { | contains a direct belonging morphism };
- r is the root of X.
- F maps R to and vice versa.
- F maps each block of order 1 to a block of order 1. The component of F on B and its descendants corresponds to an injection between the models (of order < n) that have B and B′ as their root objects. Thus, we can associate an inverse to this injection.
- and have the same numbers of ports of order 1 and connections of order 1.
- -
- Let be a connection of order 1. We know that F(C) has the same number of ports as C and that the images of the ports of C are the ports of F(C). Therefore, we can define an inverse to the component of F on C, and its ports, and this inverse is compatible with the ones defined for blocks of order 1.
- -
- We can associate two by two the remaining ports. When we add the compositions to these components, we obtain a functor , which is the inverse of F.
- Reflexivity:Let A be a S2ML model.A is equivalent to A because the identity over A is an injection. Therefore, and composed of for each x, and with suits.
- Symmetry:A is equivalent to B, so the injections and exist. Therefore, we have two injections between B and A, and as such, B is equivalent to A.The relation is symmetric.
- Transitivity:Let A, B, C be three S2ML, with A equivalent to B and B equivalent to C.Let and , be the equivalence injections for A, B and be the equivalence injections for B, C.Then and are two injections between A and C. Therefore, A and C are equivalent.
- Reflexivity :Let X be a S2ML model, and let be the identity over X, i.e., the image of is x and for with the image of g is g. Then is trivially an injection. Therefore, X is injected into X.
- Antisymmetry:Assume X and Y are two S2ML models such that X is injected in Y and Y is injected in X, with and such injections.Then, we have two injections between X and Y, and therefore, X and Y are equivalent.
- TransitivityLet X, Y, and Z be S2ML models.Let and be injections.Let be the composition of F and G on objects and morphisms, i.e., composed of:and for each ,Because each of the applications defined here are compositions of injective applications, they are injections. Therefore, H is an injection, and thus, X is injected in Y.
3.2. Consistency Relation
- ;
- ;
- ;
- .
- ;
- .
4. Application Example with SmartSync
4.1. Study Case
- Safety assessment: An AltaRica 3.0 model represents the model for safety assessment.
- Scenario: A SCOLA (SCenario Oriented LAnguage) model represents the functional scenarios.
- Multi-physics: A Modelica model represents the multi-physics behavior of the drone’s power electronics and aerodynamics.
4.2. Applying SmartSync to the Study Case
4.2.1. The Use of SmartSync
- We translated the models to S2ML.
- The SmartSync tool associated the main elements of both models and asked the user to align the children elements of the mains.
- When given the associated children of the main, the SmartSync tool iterated the previous steps for these elements, asking the user to align their children.
- Such iterations were done until the tool had entirely explored the models.
Translation to S2ML
MBSE/MBSA
MBSE/Multi-Physics
- Most components of the drone are missing in the Modelica model. This can be explained by the fact that we are here only interested in the propulsion and aerodynamics of the drone; therefore, components related to other functions are not represented.
- In some specific cases, the Modelica representation is more detailed than the architecture model. This is the case of the motors since the SysML model only considers them through a black box view, whereas the Modelica view shows the inner parts of the motor for calculations.
- There is an inconsistency between the models. This inconsistency is the presence of the fuselage within the Modelica model, which is modeled for aerodynamics purposes, but unrepresented in the architecture model. This inconsistency is corrected by adding the fuselage to the architecture model.
4.2.2. Categorical Point of View
Visualisation of S2ML + Cat Models with NetworkX
Comparison with the S2ML + Cat Models
5. Discussion
5.1. Pragmatics
- is a set of blocks, ports and connections, such that we have , such that for each and , we have if and only if the elements have been aligned by the user;
- p and q are injective functions;
- We give the dictionary the form of a model by building the morphisms needed to have images of the morphisms of and when we enrich p and q to make them functors.
5.2. Composition
5.3. Connections
5.4. Connections and Tuples
5.5. Version Control
5.6. Perspective about Comparison of This Framework with Other Formal Definitions of Consistency Outside the Scope of MBSE/MBSA
- Different kinds of inconsistencies;
- Internal (i.e., consistency of a model within itself) and/or external consistency (i.e., consistency between different models);
- Traceability between successive versions of the models;
- Diagnostics of the inconsistencies;
- Resolution of the inconsistencies.
6. Conclusions
Author Contributions
Funding
Institutional Review Board Statement
Informed Consent Statement
Data Availability Statement
Acknowledgments
Conflicts of Interest
Abbreviations
MDPI | Multidisciplinary Digital Publishing Institute |
MBSE | Model-Based System Engineering |
MBSA | Model-Based Safety Assessment |
UML | Unified Modeling Language |
SysML | System Modeling Language |
DSL | Domain-Specific Language |
SAML | Security Assertion Markup Language |
GTS | Guarded Transition System |
S2ML | System Structure Modeling Language |
SCOLA | SCenario Oriented LAnguage |
CSV | Comma-Separated Values file format |
BDD | Block Definition Diagram |
IBD | Internal Block Diagram |
References
- Gul, F.; Mir, I.; Abualigah, L.; Sumari, P.; Forestiero, A. A Consolidated Review of Path Planning and Optimization Techniques: Technical Perspectives and Future Directions. Electronics 2021, 10, 2250. [Google Scholar] [CrossRef]
- Guychard, C.; Guerin, S.; Koudri, A.; Beugnard, A.; Dagnat, F. Conceptual interoperability through Models Federation. In Proceedings of the Semantic Information Federation Community Workshop, Miami, FL, USA, October 2013. [Google Scholar]
- Finkelstein, A.; Gabbay, D.; Hunter, A.; Kramer, J.; Nuseibeh, B. Inconsistency handling in multi-perspective specifications. IEEE Trans. Softw. Eng. 1994, 20, 569–578. [Google Scholar] [CrossRef] [Green Version]
- Legendre, A. Ingénierie Système et Sûreté de Fonctionnement: Méthodologie de Synchronisation des Modèles d’Architecture et d’Analyse de Risques. Ph.D. Thesis, Université Paris Saclay (COmUE), Gif-sur-Yvette, France, 2017. [Google Scholar]
- Batteux, M.; Prosvirnova, T.; Rauzy, A. Model synchronization: A formal framework for the management of heterogeneous models. In Proceedings of the International Symposium on Model Based Safety Assessment, IMBSA 2019, Thessaloniki, Greece, 16–18 October 2019. [Google Scholar] [CrossRef] [Green Version]
- Estefan, J. (NASA Jet Propulsion Laboratory, Pasadena, CA, USA). Personal communication, 2008. [Google Scholar]
- OMG. OMG Unified Modeling Language; Version 2.5.1; OMG: Needham, MA, USA, 2017. [Google Scholar]
- OMG. OMG Systems Modeling Language (OMG SysMLTM); OMG: Needham, MA, USA, 2018. [Google Scholar]
- Wach, P.; Salado, A. The need for semantic extension of SysML to model the problem space. In Proceedings of the Systems Engineering Research (CSER), Redondo Beach, CA, USA, 20–22 March 2020. [Google Scholar] [CrossRef]
- Krob, D. CESAM: CESAMES Systems Architecting Method—A Pocket Guide; ESAMES Association: Paris, France, 2017. [Google Scholar]
- Mhenni, F.; Choley, J.-Y.; Penas, O.; Plateaux, R.; Hammadi, M. A SysML-based methodology for mechatronic systems architectural design. Adv. Eng. Inform. 2014, 28, 218–231. [Google Scholar] [CrossRef]
- Batteux, M.; Prosvirnova, T.; Rauzy, A. AltaRica 3.0 in 10 Modeling Patterns. Int. J. Crit. Comput. Based Syst. (IJCCBS) 2017, 9, 133–165. [Google Scholar] [CrossRef]
- Mhenni, F.; Choley, J.-Y.; Nguyen, N.; Frazza, C. Flight Control System Modeling with SysML to Support Validation, Qualification and Certification. IFAC-PapersOnLine 2016, 49, 453–458. [Google Scholar] [CrossRef]
- Dugan, J.B.; Bavuso, S.J.; Boyd, M.A. Dynamic Fault-Tree Models for Fault-Tolerant Computer Systems. IEEE Trans. Reliab. 1992, 41, 363–377. [Google Scholar] [CrossRef] [Green Version]
- Gudemann, M.; Ortmeier, F. A framework for qualitative and quantitative model-based safety analysis. In Proceedings of the IEEE 12th High Assurance System Engineering Symposium (HASE 2010), San Jose, CA, USA, 3–4 November 2010; pp. 132–141. [Google Scholar] [CrossRef]
- Bouissou, M.; Bouhadana, H.; Bannelier, M.; Villatte, N. Knowledge modelling and reliability processing: Presentation of the FIGARO language and of associated tools. In Proceedings of the SAFECOMP’91—IFAC International Conference on Safety of Computer Control Systems, Trondheim, Norway, 30 October–1 November 1991; pp. 69–75. [Google Scholar] [CrossRef]
- Batteux, M.; Prosvirnova, T.; Rauzy, A. AltaRica 3.0 Language Specification. 126p. Available online: https://www.openaltarica.fr/docs/AltaRica3.0LanguageSpecification-v1.1.pdf (accessed on 27 April 2021).
- Rauzy, A. Guarded transition systems: A new states/events formalism for reliability studies. Proc. Inst. Mech. Eng. Part J. Risk Reliab. 2008, 222, 495–505. [Google Scholar] [CrossRef] [Green Version]
- Batteux, M.; Prosvirnova, T.; Rauzy, A. From Models of Structures to Structures of Models. In Proceedings of the 4th IEEE International Symposium on Systems Engineering, ISSE 2018, Rome, Italy, 1–3 October 2018. [Google Scholar] [CrossRef] [Green Version]
- Batteux, M.; Choley, J.-Y.; Mhenni, F.; Prosvirnova, T.; Rauzy, A. Synchronization of System Architecture and Safety Models: A Proof of Concept. In Proceedings of the International Symposium on Systems Engineering (ISSE), Edinburgh, UK, 1–3 October 2019; pp. 1–8. [Google Scholar] [CrossRef] [Green Version]
- Batteux, M.; Choley, J.-Y.; Mhenni, F.; Palladino, L.; Prosvirnova, T.; Rauzy, A.; Theobald, M. Synchronization of system architecture, multi-physics and safety models. In Proceedings of the Tenth International Conference on Complex Systems Design and Management, CSDM 2019, Paris, France, 12–13 December 2019. [Google Scholar] [CrossRef] [Green Version]
- Batteux, M.; Prosvirnova, T.; Rauzy, A. System Structure Modeling Language (S2ML); 2015. Available online: https://hal.archives-ouvertes.fr/hal-01234903/document (accessed on 29 April 2021).
- Berriche, A.; Mhenni, F.; Mlika, A.; Choley, J.-Y. Towards Model Synchronization for Consistency Management of Mechatronic Systems. Appl. Sci. 2020, 10, 3577. [Google Scholar] [CrossRef]
- Demachy, R.; Guilmeau, S. Structural consistency of MBSE and MBSA models using Consistency Links. In Proceedings of the Embedded Real Time Systems, ERTS 2022, Toulouse, France, 1–2 June 2022. [Google Scholar]
- Grothendieck, A. Sur quelques points d’algèbre homologique, I. Tohoku Math. J. 1957, 2, 119–221. [Google Scholar] [CrossRef]
- Spivak, D.I. Category Theory for the Sciences; Massachusetts Institute of Technology, Ed.; The MIT Press: Cambridge, MA, USA, 2014. [Google Scholar]
- Schultz, P.; Spivak, D.I.; Vasilakopoulou, C. Dynamical Systems and Sheaves. Appl. Categ. Struct. 2020, 28, 1–57. [Google Scholar] [CrossRef] [Green Version]
- Ehresmann, A.C. MENS, an info-computational model for (Neuro-)Cognitive systems capable of creativity. Entropy 2012, 14, 1703–1716. [Google Scholar] [CrossRef]
- Ernadote, D. MB 2 SE: A Theoretical Foundation for Systems Engineering—Une Fondation Theorique Pour l’Ingenierie Systeme. HDR Thesis, Université Paris-Saclay, Gif-sur-Yvette, France, 2020. [Google Scholar] [CrossRef]
- Abdeljabbar, N.; Mhenni, F.; Choley, J.-Y. A Categorical Framework for Collaborative Design of Safety Critical Mechatronic Systems. In Proceedings of the 7th IEEE International Symposium on Systems Engineering, ISSE 2021, Vienna, Austria, 13 September–13 October 2021. [Google Scholar] [CrossRef]
- Ackerman, E.; Michael, K. Zipline’s Medical Delivery Drones are changing the game in Rwanda, The blood is here. IEEE Spectr. 2019, 56, 24–31. [Google Scholar] [CrossRef]
- Hagberg, A.; Schult, D.; Swart, P. NetworkX Reference (Release 2.7.1). 2011. Available online: https://networkx.org/ (accessed on 29 April 2021).
- Rauzy, A.; Haskins, C. Foundations for model-based systems engineering and model-based safety assessment. Syst. Eng. 2019, 22, 146–155. [Google Scholar] [CrossRef]
- Rauzy, A.B. Model-Based Reliability Engineering. Available online: http://www.altarica-association.org/members/arauzy/Publications/pdf/Rauzy2022-MBREBook.pdf (accessed on 29 April 2021).
ZippyFlyer | Avionics | Battery | Calculator | Cell | Inertial_measurement_unit | Power_unit | Radar | |
---|---|---|---|---|---|---|---|---|
Alternative_1 | 1.0 | 0.0 | 0.0 | 0.0 | 0.0 | 0.0 | 0.0 | 0.0 |
AirAction | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.1 |
Battery | 0.0 | 0.0 | 1.0 | 0.0 | 0.0 | 0.0 | 0.0 | 0.0 |
Data_in | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.1 |
Data_out | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.1 |
Ener_elec | −1.0 | −1.0 | −1.0 | 0.0 | −1.0 | −1.0 | −1.0 | −1.1 |
Gravity | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 |
Obstacle_image | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 |
Orientation | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 |
Blood_bag | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 |
4G_network | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 |
Geolocation_signak | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 | −1.0 |
Avionics | 0.0 | 1.0 | 0.0 | 0.0 | 0.0 | 0.0 | 0.0 | 0.0 |
Calculator | 0.0 | 0.0 | 0.0 | 1.0 | 0.0 | 0.0 | 0.0 | 0.0 |
Cell | 0.0 | 0.0 | 0.0 | 0.0 | 1.0 | 0.0 | 0.0 | 0.0 |
Inertia_measurement_unit | 0.0 | 0.0 | 0.0 | 0.0 | 0.0 | 1.0 | 0.0 | 0.0 |
Power_unit | 0.0 | 0.0 | 0.0 | 0.0 | 0.0 | 0.0 | 1.0 | 0.0 |
radar | 0.0 | 0.0 | 0.0 | 0.0 | 0.0 | 0.0 | 0.0 | 1.0 |
Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |
© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
Share and Cite
Vidalie, J.; Batteux, M.; Mhenni, F.; Choley, J.-Y. Category Theory Framework for System Engineering and Safety Assessment Model Synchronization Methodologies. Appl. Sci. 2022, 12, 5880. https://doi.org/10.3390/app12125880
Vidalie J, Batteux M, Mhenni F, Choley J-Y. Category Theory Framework for System Engineering and Safety Assessment Model Synchronization Methodologies. Applied Sciences. 2022; 12(12):5880. https://doi.org/10.3390/app12125880
Chicago/Turabian StyleVidalie, Julien, Michel Batteux, Faïda Mhenni, and Jean-Yves Choley. 2022. "Category Theory Framework for System Engineering and Safety Assessment Model Synchronization Methodologies" Applied Sciences 12, no. 12: 5880. https://doi.org/10.3390/app12125880