Analysis and Monitoring of Cyber-Physical Systems via Environmental Domain Knowledge & Modeling

While verifying adherence to a specification (i.e., specification-based testing) is important, the results are only as valid as the specification itself. Problematically, verifying a system specification must be done within the context of changing or even unknown environmental domain knowledge that could render the specification ineffective or incorrect. This issue is even more apparent in the context of self-adaptive systems, where uncertainty in both the system configuration and environment can impact the validity of the system. This paper introduces a method to explicitly model domain knowledge of the environment as a secondary system to enable design-time verification against documented environmental assumptions (i.e., those elements external to the system). In addition, run-time monitors are used to detect scenarios in the actual environment not specified by the modeled environmental domain knowledge. Rather than simply identifying unexpected inputs, our approach is able to identify run-time violations of the environmental domain knowledge, even when inputs appear valid based on the domain assumptions embedded in the system specification. These violations can then be used to correspondingly update the system and environmental specifications via automated run-time adaptation or subsequent design-time revisions. We illustrate our approach by applying our method to a running example of a goal-based model of a baby monitor.