Conference PaperPDF Available

Core Research and Innovation Areas in Cyber-Physical Systems of Systems


Abstract and Figures

The CPSoS project is developing a roadmap for future research and innovation in cyber-physical systems of systems. This paper presents preliminary findings and proposals that are put forward as a result of broad consultations with experts from industry and academia, and through analysis of the state of the art in cyber-physical systems of systems.
Content may be subject to copyright.
Core Research and Innovation Areas
in Cyber-Physical Systems of Systems
Initial Findings of the CPSoS Project
S. Engell1, R. Paulen1, M.A. Reniers2(B
), C. Sonntag3, and H. Thompson4
1Process Dynamics and Operations, TU Dortmund, Dortmund, Germany
2Control Systems Technology, Eindhoven University of Technology (TU/e),
Eindhoven, The Netherlands
3euTeXoo GmbH, Dortmund, Germany
4Haydn Consulting Ltd, Sheffield, UK
Abstract. The CPSoS project is developing a roadmap for future
research and innovation in cyber-physical systems of systems. This paper
presents preliminary findings and proposals that are put forward as a
result of broad consultations with experts from industry and academia,
and through analysis of the state of the art in cyber-physical systems of
1 Introduction
Cyber-physical systems of systems (CPSoS) are large physical systems as, e.g.,
railway systems, the electric grid and production plants that consist of many
interacting physical elements and of distributed IT systems for monitoring, con-
trol, and optimization and interaction with human operators and managers that
are interfaced to the physical system elements and are interconnected via com-
munication networks. These systems are of crucial importance for the welfare of
the citizens of Europe as they represent some of the most important infrastruc-
tures and the backbone of the European economy.
Characteristic features of cyber-physical systems of systems are:
Complex dynamics,
Distributed control, supervision and management,
Partial autonomy of the subsystems,
This project has received funding from the European Union’s Seventh Programme
for research, technological development and demonstration under grant agreement
No 611115.
Springer International Publishing Switzerland 2015
C. Berger and M.R. Mousavi (Eds.): CyPhy 2015, LNCS 9361, pp. 40–55, 2015.
DOI: 10.1007/978-3-319-25141-7 4
Core Research and Innovation Areas in CPSoS 41
Dynamic reconfiguration of the overall system on different timescales,
Continuous evolution of the overall system during its operation, and
Possibility of emerging behaviours.
As cyber-physical systems of systems comprise physical elements as well as
computing systems that are tightly coupled, the engineering and operation of
these systems must build upon theories, tools and knowledge from a large num-
ber of domains, from population dynamics and nonlinear systems theory over
advanced modelling, simulation, optimisation and signal processing to software
engineering, computer networks, validation and verification and user interaction.
Knowledge about the physical aspects of the systems as well as about the appli-
cation domains is indispensable to arrive at solutions that are taken up in the
real world. To integrate these diverse research and development communities to
realise the opportunities and to respond to the challenges of large-scale, intercon-
nected, distributed synergistic systems and to mitigate the associated risks and
challenges is the most crucial aspect for a successful future development of the
domain of CPSoS. Relevant theory and tools for CPSoS can only be developed
with awareness and in-depth knowledge of application needs and industry trends.
The CPSoS project ( is a Communication and Support Action
that acts as an exchange platform for systems of systems (SoS) related projects
and communities [10]. One of the main goals of the project is to develop a
European research and innovation agenda on CPSoS. To support this process,
the project has set up three working groups to capture the views of industry and
Systems of Systems in Transportation and Logistics, led by Haydn Thompson,
Haydn Consulting Ltd, United Kingdom,
Physically Connected Systems of Systems, led by Sebastian Engell, TU
Dortmund, Germany, and
– Tools for Systems of Systems Engineering and Management, led by Michel
Reniers, Eindhoven University of Technology, Netherlands.
The working groups currently comprise of 36 members, leading specialists from
industry and academia, and include delegates from ongoing EU-funded projects
in the area of SoS to ensure that as many views as possible are represented.
Information about the composition of these working groups can be found via
Based on input from the working group members, and extensive consulta-
tions with domain experts in three public meetings with over 100 participants,
and more than 130 written contributions and interviews, a state of the art docu-
ment was produced (,[5]) and the proposals were
synthesized into a first research and innovation agenda (,
[4]). The agenda describes three main areas of research and development:
1. Distributed, reliable and efficient management of CPSoS,
2. Engineering support for the design-operation continuum of CPSoS, and
3. Cognitive CPSoS.
42 S. Engell et al.
The contents of this paper is based on documents produced in the context of
the CPSoS project [35]. An abstract of the research challenges has also been
published in [11].
Below, these challenges are explained in more detail. First, Sect.2gives an
overview of the properties of CPSoS. The specific features and challenges of
CPSoS in operation and design are analysed in Sect. 3. Building upon this analy-
sis, the three main areas that have been identified as key challenges for future
research and innovation are then outlined in Sect. 4. Section 5provides a sum-
mary of the paper.
2 Cyber-Physical Systems of Systems
The concept of systems of systems has been developed to characterize large,
distributed systems that consist of interacting and networked, but partially
autonomous, elements that together can show emergent behaviour [7,9]. Generic
approaches to the analysis, design, management and control of SoS has become
an active domain of research in recent years at the interface of various disciplines,
such as computer science, systems and control, and systems engineering.
Cyber-physical systems are large complex physical systems that interact with
a considerable number of distributed computing elements for monitoring, control
and management. Additionally, they can exchange information between them-
selves and with human users. The elements of the physical system are connected
by the exchange of material, energy, or momentum and/or the use of common
resources (roads, rail-tracks, air space, waterways) while the elements of the con-
trol and management system are connected by communication networks which
may impose restrictions on the frequency and speed of information exchange.
The CPSoS project has refined the above definitions into the following defi-
nition [3].
Definition 1. Cyber-physical systems of systems are cyber-physical systems
that exhibit the features of SoS:
Large, often spatially distributed physical systems with complex dynamics,
Distributed control, supervision and management,
Partial autonomy of the subsystems,
Dynamic reconfiguration of the overall system on different timescales,
Continuous evolution of the overall system during its operation,
Possibility of emerging behaviours.
Prominent examples of CPSoS are rail and road transport systems, power plants,
large production facilities, gas pipeline networks, container terminals, water sys-
tems, and supply chains.
Core Research and Innovation Areas in CPSoS 43
3 Features of CPSoS and Industrial Challenges in Their
Development and Operation
In this section the key features that characterise CPSoS are highlighted. This is
put into context of real applications to explain the key challenges faced by indus-
trial developers of such systems. Major challenges are in dealing with constantly
evolving, highly complex systems with distributed management, a mixture of
autonomous and human control interactions, and dynamic reconfiguration to
deal with local failure management.
3.1 Size and Distribution
CPSoS comprise a significant number of interacting components that are (par-
tially) physically coupled and together fulfil a certain function, provide a service,
or generate products. The components can provide services independently, but
the performance of the overall system depends on the “orchestration” of the
components. The physical size or geographic distribution of the system are not
essential factors to make it a system of systems, but rather is its complexity.
A factory with many “stations” and materials handling and transportation sys-
tems is structurally not much different from a large rail transportation network
that extends over several countries.
A distinguishing feature for a system of systems is that at least some of the
components can provide useful services also independently. So a car engine with
several controllers that are connected by a communication system is a cyber-
physical system, but not a system of systems, as the components only provide a
useful function together with the engine, and there is no local autonomy of the
subsystems but only a distributed deployment of control functions.
3.2 Control and Management
Owing to the scope and the complexity of the overall system or due to the
ownership or management structures, the control and management of CPSoS
cannot be performed in a completely centralized or hierarchical top-down manner
with one authority tightly controlling and managing all the subsystems. Instead,
there is a significant distribution of authority with partial local autonomy, i.e.,
partially independent decision making.
The distribution of the management and control structure usually follows the
physical distribution of the system elements. Large systems are always controlled
in a hierarchical and distributed fashion where local “uncertainties”, e.g., the
effects of non-ideal behaviours of components or of disturbances, are reduced
by local control. In CPSoS, there are partly autonomous human or automatic
decision makers that steer the subsystems according to local priorities. The
“managerial element” of the components of the management and control sys-
tems in CPSoS goes beyond classical decentralized control where decentralized
controllers control certain variables to externally set reference values.
44 S. Engell et al.
Communication between the physical sub-systems and the control and man-
agement of sub-systems takes place via sensors and actuators and various types
of communication channels, from wires to connections over the internet that
may be unreliable or have limited bandwidth. The elements of the management
and control systems similarly communicate via suitable channels. Internet com-
munication mechanisms and wireless channels have provided a much greater
connectivity of distributed system elements and this trend will continue (“Inter-
net of Things”). Research and innovation in CPSoS is about how to use this
connectivity for better management and control of the overall SoS. Internet con-
nectivity adds a significant element of flexibility but also of vulnerability to
technical systems that can have consequences that go far beyond issues of pri-
vacy, as potentially large damages (accidents, power outages, standstills) can
be caused. Therefore, security against unauthorized access is a major system
issue, and detection of manipulated signals or commands are important aspects
of CPSoS design.
For CPSoS, the management of the overall system as well as of its sub-systems
will usually not only be driven by technical criteria but rather by economic,
social, and ecologic performance indicators, e.g., profitability, acceptance, sat-
isfaction of users, and environmental impact. CPSoS are managed by humans,
and many performance criteria concern providing services to human users. Thus,
CPSoS have to be addressed as socio-technical systems with the specific feature
of a large technical/physical structure that determines and constrains the behav-
iour of the system to a large extent.
3.3 Partial Autonomy
Partial autonomy of the subsystems both in terms of their independent ability to
provide certain services and of partial autonomy of their control and management
systems is essential in the definition of CPSoS. Often, the sub-systems can exhibit
selfish behaviour with local management, goals, and preferences. The autonomy
can in particular result from human users or supervisors taking or influencing
the local decisions.
Autonomy is understood as the presence of local goals that cannot be fully
controlled on the system of systems level. Rather, incentives or constraints are
given to the subsystem control in order to make it contribute to the global
system targets. An example is the operation of units of a chemical plant that
consume and produce steam as a necessary resource or by-product of their main
task. Their operators or managers run their processes autonomously to achieve
local goals and meet local targets. The site owner/operator sets mechanisms
to negotiate about the steam generation/consumption and in doing so provides
suitable incentives so that the global profit of the site is maximized.
Autonomy can lead to self-organizing systems: Consider the flow of cars in a
city when there is a new construction site. Due to their autonomous intelligence,
the drivers seek new paths, quite predictably, and after a few days each one
Core Research and Innovation Areas in CPSoS 45
re-optimizes her or his route to minimize travel time, and a new flow pattern
establishes itself. This may not be provably optimal, but the autonomous actions
of the “agents” lead to resilience of the overall system.
3.4 Dynamic Reconfiguration
Dynamic reconfiguration, i.e., the frequent addition, modification or removal of
components is a widespread phenomenon in CPSoS. This includes systems where
components come and go (like in air traffic control) as well as the handling of
faults and the change of system structures and management strategies following
changes of demands, supplies or regulations.
Fault detection and handling of errors or abnormal behaviours is a key issue
in CPSoS design and operation. Due to the large scale and the complexity of
CPSoS, failures occur all the time. The average system performance, as well
as the degree of satisfaction of the users, is strongly affected by the impact of
unforeseen events and outer influences that require non-continuous actions and
cannot be compensated on the lower system levels. There is a massive need
for detecting such situations quickly and, if possible, preventing them, and for
fail-soft mechanisms and resiliency and fault tolerance at the systems level. The
handling of faults and abnormal behaviour is challenging from a systems design
point of view. In many cases it cannot be done optimally by a design based on
separation of concerns but requires a trans-layer design of the reaction to such
Living cells with their multiple metabolic pathways are an example of a
system that has optimized its ability to reconfigure itself to cope with changing
conditions (availability of nutrients and other external factors) by keeping many
options (metabolic pathways) intact and being able to switch between them.
They may be used as a paradigm for the design of resilient CPSoS that do not
operate in a strictly controlled environment.
3.5 Continuous Evolution
CPSoS are large systems that operate and are continuously improved over long
periods of time. In many systems, from railways to chemical plants, the hardware
(real physical hardware) infrastructure “lives” for 30 or more years, and new
functionalities or improved performance have to be realized with only limited
changes of many parts of the overall system. Management and control software as
well usually has long periods of service, while the computing hardware base and
the communication infrastructure change much more rapidly. Components are
modified, added, the scope of the system may be extended or its specifications
changed. So engineering to a large extent has to be performed at runtime.
The V-model paradigm with consecutive phases: requirements – modelling –
model-based design – verification – validation – commissioning – operation –
dismantling, is not applicable in its pure form to SoS where the requirements
change during operation. There is a need for a scientific foundation to handle
multi-layer operations and multiple life-cycle management.
46 S. Engell et al.
Specification needs to be particularly thorough in the context of SoS, and
should be as simply and clearly articulated as possible. Testing also needs to
be thorough in the context of real SoS and must include also “mis-use cases”.
Once rolled out, operating and maintaining a system of systems requires a good
knowledge of the “as-deployed-and-configured” system’s physical, functional and
behavioural configuration. Here the aviation industry has great experience.
When a new system is developed and deployed, the two activities of design
and operational management usually can clearly be distinguished and often dif-
ferent groups of people are responsible for them. But later, the distinction is
blurred, the experience gained in (day-to-day) management must be taken into
account in revisions, extensions etc. The operational management must also take
care of the implementation of engineered changes in a running system. Validation
and verification has to be done “on the fly”. This integration strengthens the
role of models in both engineering processes. Up-to-date (because continuously
updated) models of the running operation can be used for both purposes. The
engineering of system of systems requires methods and tools that can be used
seamlessly during design as well as operation (design-operations continuum).
3.6 Possibility of Emerging Behaviours
Emerging behaviours are an issue that is highly disputed. It is a simple and often
stated fact that the system as a whole is more than its parts and can provide
services that the components cannot provide autonomously. Sometimes the term
emerging behaviour is used for the consequences of simple dynamic interactions,
e.g., that a feedback loop that consists of stable subsystems may become unstable
(and vice versa), or of design flaws due to an insufficient consideration of side-
effects. The term emerging behaviour however seems more appropriate for the
occurrence of patterns, oscillations or instabilities on a system-wide level, as
it may occur in large power systems or in transportation systems, and to self-
organization and the formation of structures in large systems.
Emerging behaviour should be distinguished from cascades of failures, like if
a traffic jam on one motorway leads to one on the alternative route. However, if
faults lead to instabilities and possible breakdowns of a large system due to “long-
range interactions” in the system, like in power blackouts, then this can be called
emerging behaviour. Emerging behaviour should be addressed both from the side
of system analysis under which conditions does emerging behaviour occur and
from the side of systems design how can sufficient resiliency be built into the
system such that local variations, faults, and problems can be absorbed by the
system or be confined to the subsystem affected and its neighbours and do not
trigger cascades or waves of problems in the overall system. Formal verification
(e.g., assume/guarantee reasoning) as well as dynamic stability analysis for large-
scale systems are possible approaches to prove the non-existence of unwanted
emerging behaviours.
Core Research and Innovation Areas in CPSoS 47
3.7 Enabling Technologies and Methodologies
In order to build and to operate CPSoS, knowledge and technologies from many
domains are needed. We distinguish between enabling technologies that are
required to realize CPSoS but are developed independently and for a broad
range of purposes, and core technologies that are specific and have to be specif-
ically developed for CPSoS. The following are examples of enabling technolo-
– Communication technologies and communication engineering. Standardized
protocols, exploiting the Internet of Things, e.g., interactions between phone
and car, to provide new functionality/services, LiFi light communications.
Computing technologies, high-performance and distributed computing. Mul-
ticore computing and new computer architectures to deal with more data and
provide localised processing, low power processing for ubiquitous installation
(with energy harvesting supplies), ability to implement mixed criticality on
– Sensors, e.g., energy harvesting, Nano NEMs sensors - the next generation
beyond MEMs.
Management and analysis of huge amounts of data (“big data”).
– Human-machine interfaces, e.g., head up displays, display glasses, polymer
electronics and organic LEDs to display information.
Dependable computing and communications.
Security of distributed/cloud computing and of communication systems.
Research and innovation in these areas contributes strongly to the ability to
build more efficient and more reliable CPSoS, but have broader applications and
includes investigating how to best make use of these technologies and to trigger
and jointly perform specific developments related to CPSoS.
4 Key Research and Innovation Challenges in CPSoS
In this section, the identified key research and innovation challenges in the engi-
neering and management of CPSoS are introduced.
4.1 Distributed, Reliable and Efficient Management of CPSoS
Due to the scope and the complexity of CPSoS as well as due to ownership
or management structures, the control and management tasks in such systems
cannot be performed in a centralized or hierarchical top-down manner with one
authority tightly controlling all subsystems. In CPSoS, there is a significant dis-
tribution of authority with partial local autonomy. An illustrative example of
such a system is a self-organizing automation system for coordinating smart
components within the grid as presented in [1]. See Fig. 1for an illustrative
example. The design of such management systems for reliable and efficient man-
agement of the overall systems poses a key challenge in the design and operation
of CPSoS.
48 S. Engell et al.
Fig. 1. Self-Organizing energy automation systems: coordinating smart components
within the grid, from [1].
The following sub-topics should be addressed:
Decision structures and system architectures,
Self-organization, structure formation, and emergent behaviour in technical
Real-time monitoring, exception handling, fault detection and mitigation of
faults and degradation,
Adaptation and integration of new components,
Humans in the loop and collaborative decision making, and
Trust in large distributed systems.
Decision Structures and System Architectures. The interaction and
coordination of dynamic systems with partial autonomy in SoS, possibly with
dynamic membership, must be studied broadly. Examples of applicable meth-
ods are population dynamics and control and market-based mechanisms for the
distribution of constraining resources. The partial autonomy of the components
from the overall system of systems perspective leads to uncertainty about the
behaviour of the subsystems. Therefore the system-wide coordination must take
into account uncertain behaviour and must nonetheless guarantee an acceptable
performance of the overall system. Stochastic optimization and risk management
must be developed for CPSoS. It must be understood better how the manage-
ment structure (centralized, hierarchical, distributed, clustered) influences sys-
tem performance and robustness.
Core Research and Innovation Areas in CPSoS 49
Self-Organization, Structure Formation, and Emergent Behaviour in
Technical SoS. Due to local autonomy and dynamic interactions, CPSoS can
realize self-organization and exhibit structure formation and system-wide insta-
bility, in short, emergent behaviour. The prediction of such system-wide phenom-
ena is an open challenge at the moment. Distributed management and control
methods must be designed such that CPSoS do not show undesired emerging
behaviour. Inputs from the field of dynamic structure or pattern formation in
large systems with uncertain elements must be combined with classical stability
analysis and assume-guarantee reasoning. Methods must be developed such that
sufficient resiliency is built into the system so that local variations, faults, and
problems can be absorbed by the system or be confined to the subsystem affected
and its neighbours and no cascades or waves of disturbances are triggered in the
overall system.
Real-Time Monitoring, Exception Handling, Fault Detection, and
Mitigation of Faults and Degradation. Due to the large scale and the
complexity of CPSoS, the occurrence of failures is the norm. Hence there is a
strong need for mechanisms for the detection of abnormal states and for fail-soft
mechanisms and fault tolerance by suitable mechanisms at the systems level.
Advanced monitoring of the state of the system and triggering of preventive
maintenance based on its results can make a major contribution to the reduc-
tion of the number of unexpected faults and to the reduction of maintenance
costs and downtime. Faults may propagate over the different layers of the man-
agement and automation hierarchy. Many real-world SoS experience cascading
effects of failures of components. These abnormal events must therefore be han-
dled across the layers.
Adaptation and Integration of New or Modified Components. CPSoS
are operated and continuously improved over long periods of time. New function-
alities or improved performance have to be realized with only limited changes
of many parts of the overall system. Components are modified and added, the
scope of the system may be extended or its specifications may be changed. So
engineering to a large extent has to be performed at runtime. Additions and
modifications of system components are much facilitated by plug-and-play capa-
bilities of components that are equipped with their own management and control
systems (decentralized intelligence).
Humans in the Loop and Collaborative Decision Making. HMI concepts,
i.e., filtering and appropriate presentation of information to human users and
operators are crucial for the acceptance of advanced computer-based solutions.
Human interventions introduce an additional nonlinearity and uncertainty in the
system. Important research issues are the human capacity of attention and how
to provide motivation for sufficient attention and consistent decision making. It
must be investigated how the capabilities of humans and machines in real-time
50 S. Engell et al.
monitoring and decision making can be combined optimally. Future research
on the monitoring of the actions of the users and anticipating their behaviours
and modelling their situation awareness is needed. Social phenomena (e.g., the
dynamics of user groups) must also be taken into account.
Trust in Large Distributed Systems. Cyber-security is a very important
element in CPSoS. A specific challenge is the recognition of obstructive injections
of signals or takeovers of components in order to cause malfunctions, suboptimal
performance, shutdowns or accidents, e.g., power outages. The detection of such
attacks requires taking into account both the behaviour of the physical elements
and the computerized monitoring, control and management systems. In the case
of the detection of insecure states, suitable isolation procedures and soft (partial)
shut-down strategies must be designed.
4.2 Engineering Support for the Design-Operation
Continuum of CPSoS
While model-based design methods and tools have been established in recent
years in industrial practice for traditional embedded systems, the engineering of
CPSoS poses key challenges that go beyond the capabilities of existing method-
ologies and tools for design, engineering, and validation. These challenges result
directly from the constitutive properties of CPSoS:
CPSoS are continuously evolving which softens, or even completely removes,
the traditional separation between the engineering/design phases and the
operational stages,
– The high degree of heterogeneity and partial autonomy of CPSoS requires
new, fully integrated approaches for their design, validation, and operation,
CPSoS are highly flexible and thus subject to frequent, dynamic reconfigu-
ration, which must be supported by design support tools to enable efficient
Failures, abnormal states, and unexpected/emerging behaviours are the norm
in CPSoS, and
– CPSoS are socio-technical systems in which machines and humans interact
The efficient design and operation of such systems requires new design support
methodologies and software tools in the following areas:
Integrated engineering of CPSoS over their full life cycle,
Modelling, simulation, and optimization of CPSoS,
Establishing system-wide and key properties of CPSoS.
Integrated Engineering of CPSoS over Their Full Life Cycle. The dis-
appearance of the separation between the design and engineering phases and
the operational stage necessitates new engineering frameworks that support the
Core Research and Innovation Areas in CPSoS 51
Fig. 2. DANSE system engineering life cycle, from [6].
specification, adaptation, evolution, and maintenance of requirements, structural
and behavioural models, and realizations not only during design, but over their
complete life cycle.
An example of such a life cycle is the DANSE system engineering life cycle
showninFig.2which features a continuous SoS management phase [6]. The
challenges in rolling out SoS are the asynchronous life cycles of the constituent
parts and also the fact that many components are developed independently and
that legacy systems may only be described insufficiently.
New engineering frameworks must enable the engineers to design fault-
resilient management and control architectures by an integrated cross-layer
design that spans all levels of the design and of the automation hierarchies, and
by providing model-based analysis facilities to detect design errors early and
to perform risk management. Such engineering frameworks must be integrated
closely with industrial infrastructure (e.g., databases, modelling and simulation
tools, execution and runtime systems, ...).
CPSoS usually are not designed and maintained by a single company, but
instead many providers of tools and hardware may be involved. Thus, collabo-
rative engineering and runtime environments are essential that enable providers
to jointly work on aspects of the CPSoS while competing on others. Integra-
tion must be based on open, easy-to-test interfaces and platforms that can be
accessed by all component providers. Methods and software tools must provide
semantic integration to simplify the interactions of existing systems as well as
the deployment of new systems.
The advantages of these new CPSoS technologies may not be immediately
apparent to industrial users, in particular in smaller companies. Thus, the
demonstration of industrial business cases and application results that clearly
illustrate the benefits of these technologies is an important goal.
52 S. Engell et al.
Modelling, Simulation, and Optimization of CPSoS. Challenges in mod-
elling and simulation are the high cost for building and maintaining models,
modelling of human users and operators, simulation and analysis of stochastic
behaviour, and setting up models that include failure states and the reaction to
abnormal situations for validation and verification purposes. Key for the adap-
tation of models during the life cycle of a system and for reduced modelling
cost are methodologies and software tools for model management and for the
integration of models from different domains. Such model management requires
Efficient simulation algorithms are needed to enable the system-wide sim-
ulation of large heterogeneous models of CPSoS, including dynamic on-the-fly
reconfiguration of the simulation models that represent the reconfiguration of
the underlying CPSoS. For performance and risk analysis, global high-level mod-
elling and simulation of CPSoS is necessary including stochastic phenomena and
the occurrence of abnormal states.
The model-based development of SoS necessitates collaborative environments
for competing companies and the integration of legacy systems simulation as well
as open approaches for tight and efficient integration and consolidation of data,
models, engineering tools, and other information across different platforms. New
business models may lead to a situation where for potential system components
simulation models are delivered such that the overall system can be designed
based on these models.
The real potential of model-based design is only realized if the models can
be coupled to optimization algorithms. Single-criterion optimization of complex
systems, including dynamic systems that are described by equation-based mod-
els has progressed tremendously in the recent decade. The next steps will be
to develop efficient optimization tools for heterogeneous models, to progress
towards global optimization and to use multi-criterion optimization in order
to explore the design space.
Establishing System-Wide and Key Properties of CPSoS. Establish-
ment, validation, and verification of key properties of CPSoS is an important
challenge. New approaches are needed for dynamic requirements management
during the continuous evolution of a CPSoS, ensuring correctness by design dur-
ing its evolution, and for verification especially on the system of systems level.
New algorithms and tools should enable the automatic analysis of complete,
large-scale, dynamically varying and evolving CPSoS. This includes formal lan-
guages and verification techniques for heterogeneous distributed hybrid systems
including communication systems, theory for successive refinements and abstrac-
tions of continuous and discrete systems so that validation and verification at dif-
ferent levels of abstraction are correlated, and the joint use of assume-guarantee
reasoning and simulation-based (Monte Carlo) and exhaustive (model checking)
verification techniques.
Core Research and Innovation Areas in CPSoS 53
4.3 Cognitive CPSoS
SoS by their very nature are large, distributed and extremely complex presenting
a myriad of operational challenges. To cope with these challenges there is a
need for improved situational awareness [2,8]. Gaining an overview of the entire
SoS is inherently complicated by the presence of decentralized management and
control. The introduction of cognitive features to aid both operators and users
of complex CPSoS is seen as a key requirement for the future to reduce the
complexity management burden from increased interconnectivity and the data
deluge presented by increasing levels of data acquisition. This requires research in
a number of supporting areas to allow vertical integration from the sensor level to
supporting algorithms for information extraction, decision support, automated
and self-learning control, dynamic reconfiguration features and consideration
of the socio-technical interactions with operators and users. The following key
subtopics have been identified as being necessary to support a move to cognitive
Situation awareness in large distributed systems with decentralized manage-
ment and control
Handling large amounts of data in real time to monitor the system perfor-
mance and to detect faults and degradation
Learning good operation patterns from past examples, auto-reconfiguration
and adaptation
Analysis of user behaviour and detection of needs and anomalies
Situation Awareness in Large Distributed Systems with Decentralized
Management and Control. In order to operate a system of systems efficiently
and robustly there is a need to detect changes in demands and operational
conditions (both of the equipment and outer factors) and to deal with anomalies
and failures within the system. This can only be achieved via the introduction of
much greater levels of data acquisition throughout the CPSoS and the use of this
data for optimization, decision support and control. Here a key enabler is the
introduction of novel, easy to install, low cost, sensor technologies and monitoring
concepts. If wireless monitoring is to be used there is also a need for ultra-low
power electronics and energy harvesting technologies to avoid the need for, and
associated maintenance costs of, battery change. An increase in data gathering
will also require robust wired and wireless communication protocols that can
deal with efficient transmission of individual data values from a multitude of
sensors to streaming of data at high data rates, e.g., for vibration and video
Handling Large Amounts of Data in Real Time to Monitor the System
Performance and to Detect Faults and Degradation. A challenge for the
future will be the physical system integration of highly complex data acquisition
systems and the management of the data deluge from the plethora of installed
sensors and the fusion of this with other information sources. This will require
54 S. Engell et al.
analysis of large amounts of data in real time to monitor system performance
and to detect faults or degradation. Here there is a need for visualization tools to
manage the complexity of the data produced allowing managers to understand
the “real world in real time”, manage risk and make informed decisions on how
to control and optimize the system.
Learning Good Operation Patterns from Past Examples, Auto-
Reconfiguration, and Adaptation. There is a great opportunity to aid
system operators by incorporating learning capabilities within decision support
tools to identify good operational patterns from past examples. Additionally, to
deal with the complexity of managing system faults, which is a major burden
for CPSoS operators, auto-reconfiguration and adaptation features can be built
into the system.
Analysis of User Behaviour and Detection of Needs and Anomalies.
CPSoS are socio-technical systems and as such humans are an integral element
of the system. SoS thus need to be resilient to the effects of the natural unpre-
dictable behaviour of humans. There is thus a need to continuously analyse user
behaviour and its impact upon the system to ensure that this does not result in
system disruption.
The end result of combining real world, real-time information for decision
support with autonomous control and learning features will be to provide cog-
nitive CPSoS that will support both users and operators, providing situational
awareness and automated features to manage complexity that will allow them
to meet the challenges of the future.
5 Summary
After a thorough investigation of the state of the art in the domains of trans-
portation and logistics, electrical grids, processing plants, smart buildings, dis-
tribution networks and methods and tools for the engineering and management
of CPSoS and discussions and consultations with stakeholders in the domains
from industry and from academia, the project CPSoS has identified three core
research and innovation areas for the next decade:
1. Distributed, reliable and efficient management of CPSoS,
2. Engineering support for the design-operation continuum of CPSoS, and
3. Cognitive CPSoS.
Important long-term research topics in these domains have been described
above. CPSoS will continue to raise awareness about cyber-physical systems of
systems and their importance for the welfare of Europe and will propose also
shorter term research and innovation topics for national and European research
and innovation funding.
Core Research and Innovation Areas in CPSoS 55
1. B¨ose, C., Hoffmann, C., Kern, C., M., M.: New principles of operating electri-
cal distribution networks with a high degree of decentralized generation. In: 20th
International Conference on Electricity Distribution, Prague (2009)
2. Broy, M., Cengarle, M.V., Geisberger, E.: Cyber-physical systems: imminent chal-
lenges. In: Calinescu, R., Garlan, D. (eds.) Monterey Workshop 2012. LNCS, vol.
7539, pp. 1–28. Springer, Heidelberg (2012)
3. CPSoS Consortium: Cyber-Physical Systems of Systems – definition and core
research and innovation areas (2014).
2015/07/CPSoS-Scope- paper- vOct-26-2014.pdf
4. CPSoS Consortium: Cyber-Physical Systems of Systems: Research and innovation
priorities (2015).
5. CPSoS Consortium: D2.4 Analysis of the state-of-the-art and future challenges in
Cyber-physical Systems of Systems (2015).
6. DANSE project: Deliverable D4.4 DANSE methodology V03 (2015)
7. Jamshidi, M. (ed.): Systems of Systems Engineering: Principles and Applications.
CRC Press, Boca Raton (2008)
8. van de Laar, P., Tretmans, J., Birth, M. (eds.): Situation Awareness with Systems
of Systems. Springer, Heidelberg (2013)
9. Maier, M.W.: Architecting principles for system of systems. Syst. Eng. 1(4),
267–284 (1998)
10. Reniers, M.A., Engell, S.: A European roadmap on cyber-physical systems of sys-
tems. ERCIM News 2014(97), 21–22 (2014)
11. Reniers, M.A., Engell, S., Thompson, H.: Core research and innovation areas in
cyber-physical systems of systems. ERCIM News 2015(102) (2015)
... It entails the continuous communication, updating and analyzing of data shared between physical devices (such as sensors) and cyber platforms and infrastructures (such as cloud computing technologies) over diverse network structures, running multiple applications [1]. Hence, it is being applied in the development of smart cities, smart healthcare, smart transport, and logistics systems, smart grids and utility systems, etc. [2]. ...
... Example works that have incorporated the above requirements for CPSoS deployment include the DESTECS project [39], a framework designed and modeled to combine continuous time and discrete event systems. The results of the design were the Crescendo platform from exhibiting specific behaviors while facilitating multiple applications [2]. Each autonomous subsystem comprises of CPS devices and computing technologies that enable CPSoS to offer need applicational features like scalability, decentralized/networked control and monitoring, autonomous operations, continuous system configuration and evolution [33]. ...
Full-text available
CPS entails the incorporation of four key characteristic technologies. CPS device technologies, CPS computational technologies, Cyber Physical System of Systems (CPSoS) and CPS networking and communication (CPS-ComNet) technologies. Multiple CPS architectures, of which the Industrial Internet Reference Architecture (IIRA), Reference Architecture Model for Industrie 4.0 (RAMI 4.0) and Intelligent Manufacturing System Architecture (IMSA) are the major referenced architectures and this demand to facilitate interoperability between such architectures for effective integration. This framework has evolved toward having smart CPS with intelligence and decision-making capabilities and highly networked and integrated components. CPSs have been categorized into two types namely Cyber Physical Production Systems (CPPS) for the development of products and Cyber Physical Service Systems (CPSS) for the servicing of products. These developments facilitate the adoption of the CPS in smart cities, smart farming systems, smart manufacturing, and smart supply chain systems, etc., while it gives CPS the importance as one of the core technologies making up Industry 4.0 era. Despite these advances, cybersecurity and privacy, real-time control of systems, interoperability of services, etc. are key challenges facing the development of CPS and they demand solutions overcoming such challenges. This paper, therefore, presents the role, evolution, characteristics, architectures, and applications of CPSs and their future potentials.
... Major challenges in control are in dealing with the increasing heterogeneity of networked systems-possibly characterized by decentralized management, autonomy of the parts and dynamic structural reconfiguration capabilities [2]. In such setting, selfish interests may assume a dominant role, significantly constraining the management of the system and their performance. ...
... Then there exists an efficient allocation of the merger cost, i.e., vectors p (1) ∈ R |C1| and p (2) ...
Coalitional control is concerned with the management of multi-agent systems where cooperation cannot be taken for granted (due to, e.g., market competition, logistics). This paper proposes a model predictive control (MPC) framework aimed at large-scale dynamically-coupled systems whose individual components, possessing a limited model of the system, are controlled independently, pursuing possibly competing objectives. The emergence of cooperating clusters of controllers is contemplated through an autonomous negotiation protocol, based on the characterization as a coalitional game of the benefit derived by a broader feedback and the alignment of the individual objectives. Specific mechanisms for the cooperative benefit redistribution that relax the cognitive requirements of the game are employed to compensate for possible local cost increases due to cooperation. As a result, the structure of the overall MPC feedback can be adapted online to the degree of interaction between different parts of the system, while satisfying the individual interests of the agents. A wide-area control application for the power grid with the objective of minimizing frequency deviations and undesired inter-area power transfers is used as study case.
... Every SoIS or CPSoS is actually an SoS with additional characteristics. While CPSoS have been broadly explored over the past years, with well-established discussion about their definitions and fundamentals [3], SoIS still lacks this type of discussion. We noticed that SoIS impose particular engineering challenges that the state of the art on SoS had not necessarily coped with. ...
... We will herein interchangeably use SoIS acronym to express both singular and plural forms (System-of-Information Systems and Systems-of-Information Systems).3 Results of a search for "cyber-physical systems-of-systems": ...
System-of-Systems (SoS) has consolidated itself as a special type of software-intensive systems. As such, subtypes of SoS have also emerged, such as Cyber-Physical SoS (CPSoS) that are formed essentially of cyber-physical constituent systems and Systems-of-Information Systems (SoIS) that contain information systems as their constituents. In contrast to CPSoS that have been investigated and covered in the specialized literature, SoIS still lack critical discussion about their fundamentals. The main contribution of this paper is to present those fundamentals to set an understanding of SoIS. By offering a discussion and examining literature cases, we draw an essential settlement on SoIS definition, basics, and practical implications. The discussion herein presented results from research conducted on SoIS over the past years in interinstitutional and multinational research collaborations. The knowledge gathered in this paper arises from several scientific discussion meetings among the authors. As a result, we aim to contribute to the state of the art of SoIS besides paving the research avenues for the forthcoming years.
... However, in practice, there are significant challenges in CPSoS applicability and usability to be addressed to take full advantage of the CPSoS benefits and sustain/extend their growth. The fact that even a small CPSoS, (eg. a connected car) consists of several subsystems and executes thousands of lines of code highlights the complexity of the system of system solution and the extremely elaborate CPSoS orchestration which highlights the need for an approach beyond traditional control and management center [1]. ...
Full-text available
Cyber Physical Systems have been going into a transition phase from individual systems to a collecttives of systems that collaborate in order to achieve a highly complex cause, realizing a system of systems approach. The automotive domain has been making a transition to the system of system approach aiming to provide a series of emergent functionality like traffic management, collaborative car fleet management or large-scale automotive adaptation to physical environment thus providing significant environmental benefits (e.g air pollution reduction) and achieving significant societal impact. Similarly, large infrastructure domains, are evolving into global, highly integrated cyber-physical systems of systems covering all parts of the value chain. In practice, there are significant challenges in CPSoS applicability and usability to be addressed, i.e. even a small CPSoS such as a car consists several subsystems Decentralization of CPSoS appoints tasks to individual CPSs within the System of Systems. CPSoSs are heterogenous systems. They comprise of various, autonomous, CPSs, each one of them having unique performance capabilities, criticality level, priorities and pursued goals. all CPSs must also harmonically pursue system-based achievements and collaborate in order to make system-of-system based decisions and implement the CPSoS functionality. This survey will provide a comprehensive review on current best practices in connected cyberphysical systems. The basis of our investigation is a dual layer architecture encompassing a perception layer and a behavioral layer. Perception algorithms with respect to scene understanding (object detection and tracking, pose estimation), localization mapping and path planning are thoroughly investigated. Behavioural part focuses on decision making and human in the loop control.
Cyber-physical systems (CPSs) are seen as one of the tangible results of the convergence of advanced information technology, nanotechnology, biotechnology, cognitive science, and social science in addition to conventional systems science, engineering, and technologies. Designing next-generation cyber-physical systems (NG-CPSs) is a challenging matter for abundant reasons. It is not possible to consider all reasons and to address their interplays simultaneously in one paper. Therefore, this position paper elaborates only on a selected number of topical issues and influential factors. The author claims that the shift of the paradigm of CPSs and the uncertainty related to the paradigmatic systems features of NG-CPSs are among the primary reasons. Since the future of CPSs will be influenced strongly by their intellectualization, adaptation/evolution, and automation, these aspects are also addressed. It is argued that interaction and cooperation with NG-CPSs should be seen from a multi-dimensional perspective and that socialization of NG-CPSs needs more attention in research. The need for aggregation, management, and exploitation of the growing amount of synthetic systems knowledge produced by smart CPSs is seen by the author as an important emerging concern.
Conference Paper
View Video Presentation: The vision for the Urban Air Mobility airspace is a highly automated, cooperative, passenger and/or cargo carrying air transportation service for economic purposes. Comprised of highly complex, safety critical cyber-physical systems (CPSs), the integration of a UAM system within the National Airspace System (NAS) requires the development of robust control paradigms that are resilient to cyberattacks. Consequently, the cybersecurity of CPSs has emerged as one of the most important issues for UAM general operations. In this paper, we consider Denial-of-Service (DoS) cyberattacks and their effects on UAM traffic synchronization and collision avoidance for agents (e.g., aerial vehicles) within the modeled UAM flight corridor. Network connectivity is essential for such models to perform tasks such as distributed optimal control, optimal consensus, or distributed optimization problems, in a collaborative manner. We propose a novel distributed optimization-based control strategy that prompts UAM vehicles, who self-identify as vulnerable, to move towards the centroid of the network to maintain connectivity. We construct a composite interaction network by mixing the redundant information from the communication and auxiliary sensing networks to robustify the communication edge links so that the UAM vehicles are less likely to be vulnerable in the event of a DoS cyberattack. We validate the performance of the proposed control strategy via an illustrative simulation for aerial vehicle traffic synchronization and collision avoidance in the UAM flight corridor, in the presence of DoS cyberattacks.
The Internet of Things (IoT) and the related terms, Smart Manufacturing, Cyber-Physical Systems, and Industry 4.0, attract significant interest in the chemical manufacturing industry. Such technologies, which include in-Cloud data storage, large scale computation, advanced control, enterprise-wide-optimization, and machine-learning, offer opportunities for improved production management, rapid proto-typing, and lower cost. This paper describes the application and proof of concept (POC) of the Vitro base-architecture for Smart Manufacture. Benchmarking against current technology showed that the engineering time required for data reconciliation, rectification, and standardization is significantly reduced. Instead of spending 80% of their efforts on such activities, process engineers and data scientists started to spend most of their time on real-time process analysis and decision making. The cloud-based architecture used to support the development was developed under a cooperative project between Vitro and Microsoft. The architecture can be applied to other industry sectors, such as the chemicals, petro-chemicals, pharmaceutical, agricultural, and metallurgical industries. The current paper describes the data management component of the project. It describes the standardized storage formats used for uniform display of rectified process data in engineering units. We found that the MS Azure based system provides operators, process engineers, and managers alike, the data needed to run the process at or close to optimal conditions minute by minute, day by day, and week by week as product portfolios and markets change. In a follow-up paper we will describe how the approach facilitates application of APC such adaptive MPC, real time optimization, and adaptive decision-making.
Large industrial sites commonly contain multiple production and utility systems. In practice, integrated optimization is often not possible because the necessary complete information cannot be exchanged between the systems. Often, industrial sites optimize the operation of production and utility systems sequentially without any feedback, which leads to suboptimal operation. In this paper, we propose a method to coordinate between production and utility systems in a multi-leader multi-follower Stackelberg game. The proposed method does not require complete information exchange. The only information exchanged in one feedback loop is the energy demand and demand-dependent energy cost. In two case studies, the method reduces the total production cost by 7.6% and 3.4% compared to the common sequential optimization. These cost savings correspond to 84% and 88% of the potential cost savings by an integrated optimization. In summary, the proposed method reduces cost significantly, while only incomplete information is exchanged between production and utility systems.
Conference Paper
Full-text available
A German project is presented which was initiated in order to analyse the potential and risks associated with Cyber-Physical Systems. These have been recognised as the next wave of innovation in information and communication technology. Cyber-Physical Systems are herein understood in a very broad sense as the integration of embedded systems with global networks such as the Internet. The survey aims at deepening understanding the impact of those systems at technological and economical level as well as at political and sociological level. The goal of the study is to collect arguments for decision makers both in business and politics to take actions in research, legislation and business development.
Conference Paper
Full-text available
The increasing share of decentralized small and medium power plants opens up interesting options for a paradigmatic change of network operation strategies. On the one hand fluctuating generation principally endanger robust network operation. On the other hand there is an economic and ecological pressure to maximize the infeed of renewable energy sources. There is therefore a need for a cheap and scalable solution to meet these challenges. The solution we propose requires more decision intelligence and communication between the players in the electrical network. Scalability is achieved if the central control task is distributed among the intelligent players. Optimization of the control problem then means to devise a set of roles for the players and rules among them. We present such a basic set of roles and rules. We discuss the self-organization that occurs on the basis of these rules, the system performance as well as the consequences for the evolution of present-day strategies of network operation.
This book discusses various aspects, challenges, and solutions for developing systems-of-systems for situation awareness, using applications in the domain of maritime safety and security. Topics include advanced, multi-objective visualization methods for situation awareness, stochastic outlier selection, rule-based anomaly detection, an ontology-based event model for semantic reasoning, new methods for semi-automatic generation of adapters bridging communication gaps, security policies for systems-of-systems, trust assessment, and methods to deal with the dynamics of systems-of-systems in run-time monitoring, testing, and diagnosis. Architectural considerations for designing information-centric systems-of-systems such as situation awareness systems, and an integrated demonstrator implementing many of the investigated aspects, complete the book. © 2013 Springer Science+Business Media New York. All rights are reserved.
This paper describes the features and characteristics of Genetic Algorithms (GAs) that are particularly appropriate for applications in control systems engineering. For the control engineer, GAs, and evolutionary algorithms in general, present opportunities to address some classes of problems that are not amenable to efficient solution through the application of conventional techniques. One particular area where GAs is showing interesting results is Industrial Automation. In this paper, GAs application in the management of manufacturing systems is described. In addition, formulations and simulation results are reported for several cases on the motion planning and control of robotic systems.
While the phrase “system-of-systems” is commonly seen, there is less agreement on what they are, how they may be distinguished from “conventional” systems, or how their development differs from other systems. This paper proposes a definition, a limited taxonomy, and a basic set of architecting principles to assist in their design. As it turns out, the term system-of-systems is infelicitous for the taxonomic grouping. The grouping might be better termed “collaborative systems.” The paper also discusses the value of recognizing the classification in system design, and some of the problems induced by misclassification. One consequence of the classification is the identification of principal structuring heuristics for system-of-systems. Another is an understanding that, in most cases, the architecture of a system-of-systems is communications. The architecture is nonphysical, it is the set of standards that allow meaningful communication among the components. This is illustrated through existing and proposed systems. © 1999 John Wiley & Sons, Inc. Syst Eng 1: 267–284, 1998
A European roadmap on cyber-physical systems of systems
  • M A Reniers
  • S Engell
  • MA Reniers
Reniers, M.A., Engell, S.: A European roadmap on cyber-physical systems of systems. ERCIM News 2014(97), 21-22 (2014)