« Back to Page 1

As the name implies, cyber-physical systems are composed of both computerized and physical parts. Airplanes, for example, are cyber-physical systems. They move through the sky in physical space and also include computer controls that must make decisions in the face of constantly changing variables like shifting weather patterns and the movement of other planes in the sky.

Look around, Platzer says, and you will discover that we live in a world of cyber-physical systems, from cars and trains to robots and medical devices. The stakes are high in terms of both financial cost and human safety to make sure these systems work properly. Consider the recall of 8 million cars worldwide by Toyota since last fall because of reports that accelerator pedals can become stuck, possibly owing to a faulty electronics system.

"I am annoyed if my computer crashes, but I am really annoyed if my car crashes," says Platzer, who returned to Carnegie Mellon after earning his doctorate in 2008 and is now an assistant professor in the Computer Science Department. "So to a certain extent, it is much more important to get systems right that are actually interfacing with the physical environment and with humans because when they malfunction, it can be really dangerous."

Without model checking at their disposal, engineers do expensive trial-and-error testing and numerical simulation on computer-controlled devices such as automobiles and aircraft. "Yet, scary enough," Platzer notes, "it is obviously very difficult to test a system exhaustively."

Indeed, our powers of design now far outstrip our capacity to make sure the technologies we create will actually work properly in all possible real-world scenarios, according to Bruce Krogh, a professor of electrical and computer engineering at Carnegie Mellon, who also studies hybrid systems. "The problem," he says, "is how to ensure that you explore everything that can possibly happen, especially in large physical systems where the complexity becomes overwhelming."

He points to the catastrophe of USAir flight 427, which crashed in 1994 near the Greater Pittsburgh International Airport, killing all 132 people aboard. Investigations later showed that the aircraft's rudder became jammed, forcing the plane into an almost vertical roll less than 10 miles from the runway. "They determined that a mechanical system was able to get into a situation where controls from the pilot made it go exactly the wrong way," Krogh says. "I don't like dwelling on tragedies, but in all of the high-profile disasters like this, there is some situation that occurs that wasn't anticipated in testing or simulation."

However, as with the case of USAir 427, it's impossible to use model checking to examine every possible configuration of cyber-physical systems that must interact with the infinitely variable real world. These systems are highly nonlinear, meaning that small changes can have large effects, and their behavior often depends on more than a dozen variables. Model checking tools are still limited to handling problems with around four variables that are governed by more straightforward linear dynamics. "I cannot describe my car with that," Platzer says. "I'm not even sure if you can describe a coffee machine with that."

Ensuring that cyber-physical systems are free of potentially fatal errors is among the most difficult and important problems in computer science, agree experts, including Platzer, who was primed to take on this challenge at an early age. Ever since he was a young child growing up in Hamburg, Platzer has been interested in mathematics and logic. "The 'why' questions were most pressing for me as a boy," he recalls. "My parents still tell a lot of stories of me asking too many 'whys,' so I guess I had to end up as a scientist."

His first encounter with computers was in grade school when a geometry teacher required him to draw and measure hundreds of triangles to find the lengths of their missing sides. "I never really liked that, so I learned about trigonometric functions and wrote a computer program to do it for me," he recounts with a grin.

Platzer wasn't always focused on schoolwork. He had great success as a competitive ballroom dancer, even winning several major tournaments. He was so good at dancing it could've distracted him from his studies, but he decided to concentrate instead on computer science—and was accepted into 10 or so PhD programs after earning his master's degree from the University of Karlsruhe near the French-German border. "At some point you have to decide whether you want to do ballroom dancing professionally all the time, or do some research," he says. "Of course you can argue that flight choreography and dance choreography have some similarities. What you don't want are collisions, and what you do want are interesting maneuvers."

(Continued …)

1 2 3