Carnegie Mellon University

Modeling from the Ground Up

Software Engineering Ph.D. student Ivan Ruchkin blends the formalism of system modeling with a grassroots approach to tackle the challenges of the cyber-physical world.

Troubleshooting a system model is no simple task. Now imagine that you were not only attempting to weed out potential issues in a single model but also reconciling potential conflicts across several models – each originating from a unique engineering perspective.

This is the challenge faced by Software Engineering Ph.D. student Ivan Ruchkin. “There is a wealth of research and established practice when it comes to modeling complex systems,” Ruchkin notes. “What we don’t have is a way for these various engineers from various background and disciplines to play together nicely.”

Originally from Moscow, Russia, Ruchkin – now in his final year of the Ph.D. program – was drawn to formal approaches as an undergraduate at Moscow State University. “In Russia, there is a great deal of importance placed upon theoretical computer science and mathematics. The formal approaches inherent to modeling a software system were, at some basic level, really appealing to me.”

However, he notes, something was missing. “While I was studying for my undergraduate degree, I was also working as a software developer. I had a hard time reconciling the high-level theoretical work with the daily challenges I faced as a developer,” Ruchkin explains. “The real world is messier than what I experienced in the classroom.” But it was this messiness – this complexity – that energized Ruchkin. “I wondered if there was a way to bring the clarity of this high-level modeling research to bear on the state of the practice.”

And so, in 2011, Ruchkin joined the Software Engineering Ph.D. program, where he came under the mentorship of Dr. David Garlan. “It was David’s background in practical formal approaches and software architecture that led me to my current research focus: modeling methods for cyber-physical systems.”

A cyber-physical system is an intelligent, autonomous system which, while driven by software, often interacts substantially with the physical world. “These systems aren’t sitting on a server somewhere, calculating how many calories I burned today,” Ruchkin points out. “They are moving shipping containers, managing smart grids, and driving my car.”

Composed of numerous different software and hardware components, cyber-physical systems are notoriously difficult to model. Ruchkin explains that to deal with this complexity teams will often isolate the various components of a system. “The control engineers build the control module, the mechanical engineers work on physical components, and the software engineers develop the glue code to do the networking.” But, as he explains, this separation poses significant problems when it comes time to integrate. “When you plug these pieces together, you may discover all sorts of issues. These issues all come back to teams making implicit assumptions about how the system will work.”  Some of these assumptions are at a very fundamental level, such as two components modeling time in entirely different ways, Ruchkin notes. “When there is an inconsistency at this level, you get defects in the system that are extremely difficult to detect, much less correct.”

This is where Ruchkin’s work comes in. Using abstraction techniques to draw out the relevant information in the various models that make up a cyber-physical system, Ruchkin can then develop techniques to detect and reconcile any inconsistencies that may exist. “This is a very bottom-up approach to the problem.” Cyber-physical systems, he notes, present a unique challenge in that each module team often builds their model based on a unique set of domain-specific technologies. “Rather than demanding standardization across languages, frameworks, tools, etc., my work is looking at ways that we can detect these inconsistencies and remediate them regardless of what development environment or engineering perspective comes into play. This isn’t about making a unified model out of numerous, disparate models. It is about getting the models to work together. ”

Ruchkin’s approach is rather novel in the field of systems modeling. “Much of the work up until now has been concerned with addressing inconsistencies in static models,” Ruchkin says. “But models change over time. It is really difficult to take a snapshot of the model from the repository and tell that something bad is going to happen three or four versions down the line.” Taking a change-oriented approach, Ruchkin’s abstraction methods attempt to identify potential points of failure, flagging inconsistencies before or as they arise.

But this non-prescriptive, dynamic approach is not without its frustrations. “It is intentionally messy. We are committing to the fact that we are going to be dealing with some diversity and we’re not trying to confine ourselves to a nice context where we control everything,” Ruchkin explains. “We are taking what real development teams are doing in the real world and building upon it.  It is not likely that a development team is going to dump their entire approach and toolkit to adopt some new approach. My work is about how to make things work together as they are and not as we wish they would be.”