Distributed real-time embedded (DRE) systems perform sequences of coordination and heterogeneous data manipulation tasks in dynamic environments to meet specified goals. Autonomous operation of DRE systems can benefit from the integrated operation of (1) a decision-theoretic spreading activation partial order planner (SA-POP) that combines task planning and scheduling in uncertain environments with (2) a resource allocation and control engine (RACE) middleware framework that integrates multiple resource management algorithms for (re)deploying and (re)configuring task sequence components in these systems. This paper demonstrates the effectiveness of SA-POP and RACE in managing and executing mission goals for a multi-satellite application. Our results show that combining planning, scheduling and resource constraints dynamically is the key to implementing autonomy in DRE systems

Clinical information systems (CIS) significantly influence the quality and efficiency of health care delivery. However, CIS are complex environments that integrate information technologies, human stakeholders, and patient-specific data. Given the sensitivity of patient data, federal regulations require healthcare providers to adopt policy, as well as technology, protections for patient data. Ad hoc system design and implementation of CIS can cause unforeseen and unintended privacy and security breaches. The introduction of model-based design techniques combined with the development of high-level modeling abstractions and analysis methods provide a mechanism to investigate these concerns by conceptually simplifying CIS without losing expressive power. This work introduces the Model-based Design Environment for Clinical Information Systems (MODECIS) - a graphical design environment that assists CIS architects in formalizing CIS systems as well-defined services. MODECIS leverages Service-Oriented Architectures to create realistic system models at an abstract level. By modeling CIS using abstractions, we enable the analysis of legacy architectures, as well as the design and simulation of, future CIS. We present the feasibility of MODECIS via modeling certain functions, such as the authentication process of the MyHealth@Vanderbilt patient portal.

NASA’s Earth Science Vision calls for a global sensor web comprised of heterogeneous platforms with on-board information processing, capable of orchestrating real-time collaborative operations with other platforms and ground stations. Such a global sensor web will be a system of systems, including many distributed real-time embedded (DRE) systems, such as multi-satellite formations. Individual systems of the sensor web must collect and analyze large quantities of data via sequences of heterogeneous data collection, manipulation, and coordination tasks to meet specified goals for earth science applications. In large DRE systems, such as those composing a global sensor web, the sheer number of available components often poses a combinatorial planning problem for identifying component sequences to achieve specified goals. Moreover, the dynamic nature of these systems requires runtime management and modification of deployed components. We present the design of the Multi-agent Architecture for Coordinated Responsive Observations which includes two novel services contributing to the design and deployment of autonomous, predictable, and high performance DRE systems that operate in dynamic and uncertain environments: (i) the Spreading Activation Partial Order Planner (SA-POP) that performs decision-theoretic planning and scheduling using a spreading activation network to capture the probabilistic functional relationships between tasks (implemented as components) and goals; and (ii) the Resource Allocation and Control Engine (RACE), which is an open source adaptive resource management framework built atop standards-based QoS-enabled component middleware. We illustrate the effectiveness of our approach in the face of changing operational conditions, workloads, and resource availability, in the context of salient Earth science missions.

Clinical Information Systems (CIS) have emerged as a new critical infrastructure that influence affordability and security of health care delivery. Complex and conflicting societal requirements, such as providing control for patients over their personal health information and requiring health organizations to assure the security and privacy of patient-specific information, create significant technical challenges for the design of CIS. This paper presents a novel approach that is based on the principles and tools of Model Integrated Computing (MIC), Platform-Based Design (PBD) and Service-Oriented Architectures (SOA). We present a domain-specific, graphical design environment and show how formal system specifications can be mapped to different Service-Oriented Architecture execution platforms through a set of standard languages, such as WSBPEL and XACML. The Model-Integrated Clinical Information Systems (MICIS) design environment includes a suite of domain-specific modeling languages capturing essential aspects of CIS design, model transformation tools that map the domain models onto the standard specification languages of SOA platforms and static model analysis tools checking the consistency and wellformedeness of the multiple-view models. The MICIS design tool is tested in modeling the MyHealth@Vanderbilt patient portal of the Vanderbilt University Medical Center.

This dissertation shows how to develop wireless networked embedded control systems (wnecs) in which the controller and the plant are isolated and can only interact over a wireless network. Many of the new results presented are based on passivity and scattering theory. In particular we show how to: 1. synthesize discrete time passive, strictly-input passive, and strictly-output passive systems from their continuous counterparts using a inner-product equivalent sample and hold (IPESH) block (with an optional passive observer), 2. create a data-drop out, and delay tolerant l2-stable digital control network for a continuous passive plant in which: (a) the continuous passive plant can also be subject to various memoryless nonlinearities such as actuator saturation, (b) the digital controller only needs to be run when passive data is received over the wireless network, (c) the entire control network has been simulated on a theoretically validated wireless ring token network, (d) a new “power junction” is introduced in which multiple plants and controllers can interact while preserving passivity, (e) a new distortion measure is used to evaluate these control networks, 3. determine the capacity, and mean delays of a wireless ring token network. We conclude with a presentation of neclab, a set of python and C based tools used to help an engineer simulate and develop wnecs.

Modern planning and scheduling systems are capable of dealing with the size and complexity of many real world problems. However, mission critical planning is still often done by humans. Even if only a couple of plans are produced ("Master Plan" and "Plan B"), human experts evaluate multiple alternatives, think of contingencies, consider the likelihood of failure of various steps, and account for schedule slack and plan flexibility. Computers can evaluate thousands of alternative scenarios, but the solutions they ultimately produce are often not convincing enough for expert decision makers to trust human lives or mission critical operations to computer decisions. Further, automated systems often require significant changes in the way people operate, which in high-stakes high-pressure environments leads to rejection of the system by the users. In this paper we describe the decision support functionality of the Coordinated Multi-source Maintenance on Demand (CMMD) system. CMMD is designed to support the complete life cycle of mission plans for human space exploration, starting with initial long-term planning and ending with day-by-day execution of a detailed schedule. The goal of CMMD is not to replace human experts, but to assist them. To do so, CMMD explains reasons for commitments it makes, allows the user to interactively explore alternatives, guide the search toward more desirable solutions, and to run various queries (e.g., what courses of action have not yet been explored with respect to some goal?). We claim that giving users insight into workings of the system and gradually enhancing existing processes is crucial for gaining user confidence in produced plans and ultimately for adoption of the system.

Health care is a rapidly evolving field that is increasingly supported through clinical information systems (CIS) that integrate care providers, patients, and computer applications. Local and federal regulations require health care systems to define and enforce privacy and security policies to protect sensitive patient data within CIS. Service-oriented architectures (SOA) have been successfully applied to specific clinical services, such as decision support, but have yet to be adopted for large-scale CIS that need to account for diverse information technology architectures and complex person-computer interactions. In this work, we demonstrate that the incorporation of model-based design techniques and high-level modeling abstractions provide a framework to rapidly develop, simulate, and deploy CIS prototypes. This paper describes the implementation of a graphical design environment that allows CIS architects to develop formal system models and from these automatically generates executable code for deployment. The design tool leverages SOA to create reusable services that can be rapidly adapted. We illustrate the functionality of the tool by modeling a secure messaging service in the MyHealth@Vanderbilt patient portal, a portion of the Vanderbilt University Medical Center CIS.

The structural semantics of UML-based metamodeling were recently explored, providing a characterization of the models adhering to a metamodel. In particular, metamodels can be converted to a set of constraints expressed in a decidable subset of first-order logic, an extended Horn logic. We augment the constructive techniques found in logic programming, which are also based on an extended Horn logic, to produce constructive techniques for reasoning about models and metamodels. These methods have a number of practical applications: At the meta-level, it can be decided if a (composite) metamodel characterizes a non-empty set of models, and a member can be automatically constructed. At the model-level, it can be decided if a submodel has an embeddeding in a well-formed model, and the larger model can be constructed. This amounts to automatic model construction from an incomplete model. We describe the concrete algorithms for constructively solving these problems, and provide concrete examples.

The usability of model transformation languages depends on the level of abstractions one can work with in rules to perform complex operations on models. Recently, we have introduced a novel operator for our model transformation language GReAT that allows the concise specification of complex model (graph) rewriting operations that manipulate entire subgraphs. In this paper we show how the new operator can be used to implement non-trivial model manipulations with fewer and simpler rules, while maintaining efficiency. The examples were motivated by problems encountered in real-life model transformations.

Clinical Information Systems (CIS) are complex environments that integrate information technologies, humans, and patient data. Given the sensitivity of patient data, federal regulations require health care providers to define privacy and security policies and to deploy enforcement technologies. The introduction of model-based design techniques, combined with the development of high-level modeling abstractions and analysis methods, provide a mechanism to investigate these concerns by conceptually simplifying CIS without sacrificing expressive power. This work introduces the Model-based Design Environment for Clinical Information Systems (MODECIS), which is a graphical design environment that assists CIS architects in formalizing systems and services. MODECIS leverages Service-Oriented Architectures to create realistic system models as abstractions. MODECIS enables the analysis of legacy architectures and the design and simulation of future CIS. We present the feasibility of MODECIS by modeling operations, such as user authentication, of MyHealth@Vanderbilt, a real world patient portal in use at the Vanderbilt University Medical Center.

This paper provides a framework to synthesize l2- stable networks in which the controller and plant can be subject to delays and data dropouts. This framework can be applied to control systems which use "soft-real-time" cooperative schedulers as well as those which use wired and wireless network feedback. The approach applies to passive plants and controllers that can be either linear, nonlinear, and (or) time-varying. This framework is based on fundamental results presented here related to passive control and scattering theory which are used to design passive force-feedback telemanipulation systems. Theorem 3 states how a (non)linear (strictly input or strictly output) passive plant can be transformed to a discrete (strictly input) passive plant using a particular digital sampling and hold scheme. Furthermore, theorem 4(5) provide new sufficient conditions for l2 (and L2)-stability in which a strictly - output passive controller and plant are interconnected with only wave-variables. Lemma 2 shows it is sufficient to use discrete wave-variables when data is subject to fixed time delays and dropouts in order to maintain passivity. Lemma 3 shows how to safely handle time varying discrete wave-variable data in order to maintain passivity. We then present a new cooperative scheduler algorithm to implement a I2-stable control network. We also provide an illustrative simulated example followed by a discussion of future research.

This paper provides a sufficient framework to synthesize l2-stable networks in which the controller and plant can be subject to delays and data dropouts. This framework can be applied to control systems which use “soft-real-time” cooperative schedulers as well as those which use wired and wireless network feedback. The framework applies to plants and controllers which are passive, therefore these passive systems can be either linear, nonlinear, and (or) time-varying. This framework arises from fundamental results related to passive control, and scattering theory which are used to design passive force-feedback telemanipulation systems, in which we provide a short review. Theorem 3 states how a (non)linear (strictly input or strictly output) passive plant can be transformed to a discrete (strictly input) passive plant using a particular digital sampling and hold scheme. Furthermore, Theorem 4(5) provide new sufficient conditions for l2 (and L2)-stability in which a strictly-output passive controller and plant are interconnected with only wave-variables. Lemma 2 shows it is sufficient to use discrete wave-variables when data is subject to fixed time delays and dropouts in order to maintain passivity. Lemma 3 shows how to safely handle time varying discrete wave-variable data in order to maintain passivity. Based on these new theories, we provide an extensive set of new results as they relate to LTI systems. For example, Proposition 2 shows how a LTI strictly-output passive observer can be implemented. We then present a new cooperative scheduler algorithm to implement an l2-stable control network. We also provide an illustrative simulated example which uses a passive observer followed with a discussion for future research.