 |
Luca PAZZI
Ricercatore Universitario
Dipartimento di Ingegneria "Enzo Ferrari"
|
Home |
Curriculum(pdf) |
Didattica |
Pubblicazioni
- Method for ensuring safety and liveness rules in a state based design
[Brevetto]
Pazzi, Luca
abstract
A method for controlling a physical machine or an assemblage of physical machines for ensuring safety and liveness rules in a state based design of said physical machine or assemblage of physical machines, characterized in that it comprises associating at least one logical state to at least one physical state said physical machine or assemblage of physical machines may assume, providing state constraints for said logical states, checking that a physical state assumed by said physical machine or assemblage of physical machines is associated to a logical state complying with said state constraints.
2017
- Adaptive Manufacturing: Challenges to the Industrial and Scientific Community
[Abstract in Atti di Convegno]
Pazzi, Luca; Pellicciari, Marcello
abstract
Adaptive manufacturing posesmany challenges to the industrial and scientific community. One of the main interesting issues, still requiring further research efforts, consist in achieving effective modularisation of both control systems and related physical machinery. Modularisation brings evident advantages towards effective and fast reconfiguration of assembly lines, maintaining at the same time high reliability of the single machinery as well as safety and effectiveness of more complex production units. Safety and reliability of either a single device or production cell are however not enough in order to ensure safety of more complex assembly units. Novel methodologies which consider manufacturing at the system level are then required. In general, safety (as well as hazard) is indeed an emergent systemic property and as such requires to be dealt with specific, system oriented, methodologies. Such methodologies allow to obtain control software which is “correct-by-design” and are tightly integrated with design: interestingly, such methodologies may be applied from the intra-device level to single devices, machinery, production units, assembly lines. As complexity increases, it becomes possible to deal with single primary faults within simple mechanical components (for example small engines and actuators) to more complex units, for example production cells and assembly lines, providing increasing levels of failure detection and protection, ranging from primary faults to fail operational and fail safe behaviours.
2017
- From the Internet of Things to Cyber-Physical Systems: The Holonic Perspective
[Articolo su rivista]
Pazzi, Luca; Pellicciari, Marcello
abstract
The paper presents a distributed model for implementing Cyber-Physical Systems aimed at controlling physical entities through the Internet of Things. The model tames the inherent complexity of the task by a recursive notion of modularity which makes each module both a controller and a controlled entity. Modules are arranged along part-whole tree-like hierarchies which collectively constitute the system. The behaviour of each module is strictly local since it has visibility only on its controlled modules, but not on the module which controls it. Each behaviour can be thus checked locally at design time against safety and liveness formulas, which still hold when component holons are composed into more complex ones, thus contributing, without the need of additional checks, to the overall safety and liveness of the final system.
2015
- Control Theory Meets Software Engineering: The Holonic Perspective
[Relazione in Atti di Convegno]
Pazzi, Luca
abstract
One of the main challenges towards a software-based theory of control consists in finding an effective method for decomposing monolithic event-based interactive applications into modules. The task is challenging since this requires in turn to decompose both the invariants to be maintained as well as the main control loop. We present a formalisms for gathering portion of behaviour by special units, called holons, which are both parts and wholes and which can be arranged into part-whole taxonomies. Each holon hosts a state machine and embodies different invariants which give semantics to its states. Control is achieved by both taking autonomously internal actions by the state machine in order to maintain such state invariants, as well as by having the the state machine move from one invariant to another by actions driven by external events. Such an approach requires to introduce non trivial solutions in order to allow communication among such modules, mainly by implementing control loops among couple of holons. The proposed model consists essentially in shaping each module in order to be both a controller and a controllable entity. Each module may control a definite number of modules and is controlled by a single module. Control is exercised by discrete events which travel through a communication medium. Control actions as well as feedback events travel thus from a module to the another, thus achieving local control loops which, taken globally, decompose the main control loop.
2014
- Modeling Systemic Behavior by State-Based Holonic Modular Units
[Relazione in Atti di Convegno]
Pazzi, Luca
abstract
The paper explores a vision in modeling the behavior of complex systems by modular units hosting state machines arranged in part-whole hierarchies and communicating through event flows. Each modular unit plays at the same time the double role of part and whole, i.e. it is inspired by the philosophical idea of holon, providing both an interface and an implementation by which other component state machines may be controlled in order to achieve a global behavior. It is moreover observed that it is possible to assign a formal characterization to such state modules, due to their part-whole arrangement, since higher-level behaviors can derive formally their meaning from lower-level component behaviors. Such a way of arranging behavioral modules allows to establish directly correct-by-construction safety and liveness properties of state-based systems thus challenging the current approach by which state machines interact at the same level and have to be model-checked for ensuring correctness.
2013
- FACING CRITICAL SITUATIONS BY IMPROVED HOLON-BASED EVENT FLOW
[Abstract in Rivista]
Pazzi, Luca
abstract
ABSTRACT FOR THE INTERNATIONAL SYMPOSIUM:
THE ECONOMIC CRISIS: TIME FOR A PARADIGM SHIFT TOWARDS A SYSTEMS APPROACH
2013
- Facing Critical Situations by Improved Holon-Based Event Flow
[Abstract in Atti di Convegno]
Pazzi, Luca
abstract
Facing critical situations means handling them with a good understanding of their complexity: this calls in turn for a class of new models as well as for associated methodologies for dealing with systemic failures. A system by our approach is merely a restriction of the cartesian automaton of the states of existence of its constituent parts. Any of such composite states becomes, by the principle of abstraction, a state in the behavior of the new system. Since any interaction among systems implies a restriction of their global cartesian state automaton, interactions represent a valuable information in order to discover a feasible criterion for eliciting new systems - albeit not “concrete" systems in the classical sense.
For example relationships among systems are nothing but systems on their own, having related systems as component parts. This suggests that the very notion behind system discovery and modeling is thus inherently dynamical. Such a dynamical characterization can be shown to furnish formal and methodological instruments in order to enrich the early notion of Holons by Koestler. Holonic part-whole hierarchies, named “holarchies", require to introduce a new taxonomy for event signals in order to have the internal dynamics of systems to deal with the interface of component systems. This reduces the overall complexity by allowing to modularize and partition mutual control and feedback among hierarchically related modular systems. It is finally shown that the proposed approach allows to models a hierarchy of system failures at different levels in the holarchy, which can be effectively be used in order to analyze and prevent complex critical situations.
2013
- Systems of Systems Modeled by a Hierarchical Part-Whole State-Based Formalism
[Relazione in Atti di Convegno]
Pazzi, Luca
abstract
The paper presents an explicit state-based modeling approach aimed at modeling Systems of Systems behavior. The approach allows to specify and verify incrementally safety and liveness rules without using model checking techniques. The state-based approach allows moreover to use the system behavior directly as an interface, greatly improving the effectiveness of the recursive composition needed when assembling Systems of Systems.
2012
- Controlling hazards and safety in complex systems: a multi-layered part-whole approach to system safety
[Articolo su rivista]
Pazzi, Luca
abstract
The behavior of complex dependable systems poses severe safety issues due to hazards which may result from incorrect and unpredictable behavior. In order to prevent such hazards, system behavior has to be specified and checked incrementally, in order to defeat the overall system’s complexity. Modularity in system design is however not trivial due to the intrinsic monolithic nature of the control loop, typical of such systems. An additional problem is given by the fact that the current modeling paradigm tends at introducing additional interactive complexity due to the direct communication and synchronization mechanism among decomposed modules. It can be shown, however, that modular decomposition is feasible by revising the current communication and interaction paradigm. Physical interactions in physical systems denote in fact less evident conceptual structures, which host the overall interaction and synchronization knowledge among the component parts. By introducing additional system entities with the aim of hosting such knowledge in a localized and compact manner, we obtain a part-whole hierarchy of systems, called holarchy. Such systems are, at the same time, both parts and wholes within a holarchy, thus giving a formal characterization to Koestler’s holons.
2012
- Modularity and part-whole compositionality for computing the state semantics of statecharts
[Relazione in Atti di Convegno]
Pazzi, Luca; M., Pradelli
abstract
The paper discusses modularity and compositionality issues in state-based modeling formalisms and presents related recent research results. Part-Whole Statecharts provide modular constructs to traditional Statecharts in order to allow incremental and fully reusable composition of behavioral abstractions, enforcing explicitly the coordinated systemic behavior and bringing benefits to subsequent modeling and implementation phases. The paper shows that Part-Whole Statecharts have a computable semantics, which can be specified through a constraint-driven specification method. Such a method allows to specify and verify the intended meaning of states directly at design time, thus avoiding to employ less effective verification techniques, such as exhaustive testing or model checking.
2011
- Part-Whole Formal Specification and Verification of Complex Systems
[Relazione in Atti di Convegno]
Pazzi, Luca; Pradelli, Marco
abstract
The paper explores the overall feasibility and possible advantages of part-whole hierarchical state-based modeling with respect to formal specification and verification. It is shown, partly by a running example, that the identification of pattern of coordinated behavior allows to partition the overall complexity of a state based design by self-contained and uncoupled modules. Such modules can be incrementally validated against specification constraints, thus allowing to reuse al- ready validated modules. Finally, the proposed approach interleaves validation and design, forcing the designer to transform specification statements into state proposi- tions which further improve understandability.
2010
- Automatic Fault Behavior Detection and Modeling by a State-Based Specification Method
[Relazione in Atti di Convegno]
Pazzi, Luca; M., Interlandi; Pradelli, Marco
abstract
Safety assessment methods are typically based on the reliability of the single components making a system. A different notion of safety as an emergent property of the system taken as a whole is however emerging. The current state-based modeling paradigm tends at misrepresenting systemic behavior, thus contrasting the adoption and development of systemic compositional fault detection techniques. We propose a state-based formalism, highly committed towards the explicit representation of systemic behavior, by which it is possible to formally identify faulty behaviors once the regular one has been specified.
2010
- Using Part-Whole Statecharts for the safe modeling of clinical guidelines
[Relazione in Atti di Convegno]
Pazzi, Luca; Pradelli, Marco
abstract
Behavioral aspects of medical guidelines can be modeled and formalized in a straightforward way by flow diagrams. However, safety plays a critical role in both modeling and formalization given the intermingled involvement of human actors and medical devices which have to interact and coordinate according to precise rules and strict timelines. Although state based formalisms can be shown to be very apt in depicting complex situations in both an intuitive and formal manner, they do not provide modular constructs for defeating complexity and require model checking in order to be verified against safety requirements. The paper proposes to adopt a modular and hierarchical state based formalism for the sake of representing behavioral aspects in medical guidelines. Such a formalism can be shown to provide a natural arrangement of different fault management strategies at the different decomposition levels.
2009
- Part-Whole Hierarchical Modularization of Fault-Tolerant and Goal-Based Autonomic Systems
[Relazione in Atti di Convegno]
Pazzi, Luca; Pradelli, Marco
abstract
The paper examines current trends in autonomic space software systems and proposes the adoption of a hierarchical state based formalism which allows the different paradigms employed in the field to meet seamlessly. It is not clear, for example, how goal- based on-board autonomy, originally conceived for deductive-flavored systems which may not be ground controlled for indefinite portions of time, be able to combine with model based engineering, which best fits current industrial design strategies. Other aspects, such as closed loop discrete control and fault tolerance do not easily lend themselves to modularity. The paper shows that, by employing the proposed formalism, goals can be decomposed and distributed in a very natural way among different modules. Each module is, at the same time, both a controller and a controllable part of the whole system, allowing to partition the closed loop control flow at different levels of complexity. Formal verification is also possible by employing goals as state based constraint in the implementation phase.
2008
- A state-based systemic view of behaviour for safe medical computer applications
[Relazione in Atti di Convegno]
Pazzi, L.; Pradelli, M.
abstract
The paper addresses safety issues involved in making ad hoc interconnections among medical devices in order to assemble more complex medical systems. The main problem is that the systemic view may be easily concealed by nowadays behavioral modeling tools. Missing such a systemic view does not allow to have a precise view of what is being modeled: we propose instead to adopt novel methodological guidelines in developing assembled medical systems, basically by showing how a a clear and unambiguous semantics may be given for any state of the system being modeled, from specification to test phases. Such a state semantics may then be checked against safety axioms by simply visiting the state diagram without the need of resorting to model checking techniques.
2008
- Improving Quality Factors in Model-Based Embedded Software
[Relazione in Atti di Convegno]
Pazzi, Luca; Pradelli, Marco
abstract
This paper surveys, mainly through a run- ning example, the most noticeable features of Part-Whole Statecharts, a formalism originally conceived with the aim of introducing modularity within the Statecharts formalism in order to solve software quality issues of Harel’s Statecharts.Embedded systems (electronics and software) are of widespread use in safety-critical domains such as aerospace, automotive, and industrial automation and in business-critical domains such as communications and consumer electronics. Stringent quality requirements go together with the demand for low costs and low maintenance needs, but high safety and security levels, high dependability, high reliability and short time-to-market. This symposium will put the emphasis on quality engineering of these systems.
2006
- Embedded software certification under a software engineering methodological perspective,
[Relazione in Atti di Convegno]
Pazzi, Luca; Riccardo, Corrado; Luigi, Luppi
abstract
Embedded systems pose a lot of challenges to the research community, both to academia and to industry. Moreover, the ever increasing diffusion of em- bedded devices in everyday life will soon bring the problematics of their safety certification to the attention of national as well as supranational institutions, which are, of course, already committed towards the safety certification of the products which are commercialized within their country-member bound- aries.
2005
- An Explicit Modeling Approach for Wholes in the Object-Oriented Development process
[Relazione in Atti di Convegno]
Pazzi, Luca; Andrea, Malagoli
abstract
Although the success of the object paradigm is owed to the capability of representing complex entities characteristic of highly structured application domains, current object-development methodologies do not provide the appropriate support for dealing homogeneously with complex units in the analysis, design and implementation phase. Mutually related entities can be modelled either implicitly by a web of mutually referencing objects or explicitly by an object holding part-of references to objects playing the role of parts. The paper explores the latter explicit approach, where complex entities are explicitly recognised, designed and implemented as wholes. Such an approach makes the appropriate conceptual and implementation tools available in the different phases of the object-oriented development process. The relevant steps of a methodology are drafted, with emphasis on the analysis and design phase, where the cognitive and ontological notion of whole suggests the guidelines towards a criterion for inferring and validating wholes from associative knowledge in the domain.
2000
- Part-whole statecharts for the explicit Representation of compound behaviours
[Relazione in Atti di Convegno]
Pazzi, L.
abstract
Although very effective, the adoption of Statecharts in object-oriented software development methods poses many problems, since their way to compose behavioral abstractions can be framed in the general context of implicit composition. In particular, the need to embed references from one behavioral description to other ones has mayor drawbacks since the description of a single entity behaviour is not self-contained, and the global behaviour results implicitly defined by following references from one entity to the other. In other words, both single and global behaviors are difficult to understand, modify and reuse. The paper proposes to overcome most of such problems by adopting Part-Whole Statecharts, whose primary policy for controlling complexity strictly enforces distinct layers for wholes and their parts. Since wholes may become parts of other aggregations, a recursive syntax and semantics can be given straightforwardly.
1999
- Implicit versus explicit characterization of complex entities and events
[Articolo su rivista]
Pazzi, Luca
abstract
A wide variety of relationships and behavioral dependencies can be seen abstractly as associative knowledge amongst individuals of the same complexity. Conversely, part-whole knowledge defines the relationships and behavioral dependencies between individuals of different complexity, arranged in part-whole hierarchies. Most of the current modeling paradigms do not correlate the two kinds of knowledge. It can be argued, rather, that an ontological dependency exists between associative and part-whole knowledge. Complex structured entities, referred to in the paper as wholes, are then required to explicitly encapsulate associative knowledge, thus providing units of reuse and stability. The principle is applied to behavioral modeling in Statecharts, where entity synchronization represents the associative knowledge used to compose complex behaviors from simpler ones. (C) 1999 Elsevier Science B.V. All rights reserved.
1997
- Extending Statecharts for Representing Parts and Wholes
[Relazione in Atti di Convegno]
Pazzi, Luca
abstract
As state-based formalisms and object-oriented development methods meet, statecharts represent a natural choice for object behavioural modelling. This is essentially due to built-in features that enforce modularity and control complexity. The paper suggests the improvement of the effectiveness of the statechart approach in achieving both modularity and reuse of behavioural abstractions by analysing the general problem of modelling parts and wholes. An extended statechart construct is proposed, which improves the capability of separating global from local contexts in the early phases of the object development process, achieving better global software quality factors.
1996
- An Explicit Modelling Perspective for Compound and Aggregate Entities in the Object Paradigm
[Relazione in Atti di Convegno]
Pazzi, Luca
abstract
The paper discusses the opportunity to introduce explicit compound objects with the purpose of modelling the aggregate entities of the domain; the alternative is to model aggregates by realising directly their structural and behavioural semantics in the objects making the composition. The two approaches, referred to in the following respectively as explicit and implicit approach, inhere different modelling methodologies: it can be observed that the classical, current object programming paradigm is committed towards the former approach, jeopardising reusability as well as other quality factors of the modelling. Turning the object paradigm towards the explicit approach promises to yield a better modelling: moreover since aggregate entities are often not readily apparent in the domain, their explicit introduction requires careful discussion and understanding of their ontological and cognitive status.
1996
- Part-whole relations in object-centered systems: An overview
[Articolo su rivista]
A., Artale; E., Franconi; N., Guarino; Pazzi, Luca
abstract
Knowledge bases, data bases and object-oriented systems (referred to in the paper as Object-Centered systems) all rely on attributes as the main construct used to associate properties to objects; among these, a fundamental role is played by the so-called part-whole relation. The representation of such structural information usually requires particular semantics together with specialized inference and update mechanisms, but rarely do current modelling formalisms and methodologies give it a specific, 'first-class' dignity. The main thesis of this paper is that the part-whole relation cannot simply be considered as an ordinary attribute: its specific ontological nature requires to be understood and integrated within data-modelling formalisms and methodologies. On the basis of such an ontological perspective, we survey the conceptual modelling issues involving part-whole relations, and the various modelling frameworks provided by knowledge representation and object-oriented formalisms.
1995
- Ontological foundations for state and identity within the object-oriented paradigm
[Articolo su rivista]
Bonfatti, Flavio; Pazzi, Luca
abstract
Objects can be seen, at an abstract level, as information tokens made of two parts: an identification part and state, or value part. The identification part contains an object identifier different from that of any other object. The state part contains instead a structured value denoting the collective value of the attributes of the object. While the identifier assigned to an object remains fixed, the state is allowed to change, i.e. different values can be found in the state part of the object at different times. An object model with identifiers abstracts the formal properties of identity achieving a neat separation between object identification and object representation. Object identification becomes therefore a formal property preserved by the system. Traditional approaches in data and knowledge representation use instead some aspects of individuals´ state, which only occasionally satisfy the uniqueness and continuity properties of identity. The problem is that identificative attributes chosen at a given time, may carry different values or may not be unique as the context changes; in general, identification is conceptually different from representation. The paper proposes an ontological foundation for the concept of object state and identity, showing formally the equivalence with the infinite properties which are inherent in the cognition of real world distinct entities (Leibniz´ principle).
1991
- Modeling object complexity and behavior: Towards an ontological paradigm
[Relazione in Atti di Convegno]
Bonfatti, Flavio; Pazzi, Luca
abstract
A novel paradigm is proposed that, although adopting many of the basic object-oriented concepts, removes the limitations imposed by modeling complexity and behavior with instance variables and methods. The problem is examined from an ontological point of view with the purpose of achieving a clear and semantically based definition of complexity and behavior. The concepts of system and law are introduced as modeling primitives, and it is shown that complexity and behavior, including time-dependent behavior, are strictly related aspects to be modeled jointly. A consequence of this paradigm is the definition of a precise context for coding constraints and dynamics.