Cyber-Physical System Design Contracts

This paper introduces design contracts between control and embedded software engineers for building Cyber-Physical Systems (CPS). CPS design involves a variety of disciplines mastered by teams of engineers with diverse backgrounds. Many system properties influence the design in more than one discipline. The lack of clearly defined interfaces between disciplines burdens the interaction and collaboration. We show how design contracts can facilitate interaction between 2 groups: control and software engineers. A design contract is an agreement on certain properties of the system. Every party specifies requirements and assumptions on the system and the environment. This contract is the central point of inter-domain communication and negotiation. Designs can evolve independently if all parties agree to a contract or designs can be modified iteratively in negotiation processes. The main challenge lies in the definition of a concise but sufficient contract. We discuss design contracts that specify timing and functionality, two important properties control and software engineers have to agree upon. Various design approaches have been established and implemented successfully to address timing and functionality. We formulate those approaches as design contracts and propose guidelines on how to choose, derive and employ them. Modeling and simulation support for the design contracts is discussed using an illustrative example.