Live in ConSerts: Model-Driven Runtime Safety Assurance on Microcontrollers, Edge, and Cloud Practical Experience Report

Engineering highly-integrated Cyber-Physical Systems (CPS) requires dealing with increased complexity and variability, both within the CPS architecture, but also in the dynamic interactions formed with other CPS during operation. Developing, instrumenting, and deploying effective and efficient monitoring is an essential component of any strategy aiming to assure the dependability of CPS. Such runtime monitors use pre-assured knowledge models, which describe safety-relevant properties of the CPS and its environment. During operation, event monitors determine the current situation and thus enable automated safety reasoning based on the modeled knowledge. Conditional Safety Certificates (ConSerts) are a previously introduced concept for safety-related assume-guarantee reasoning models that enable dynamic adaptation of CPS during operation by exploiting dependability assurance established during development. In this work, we introduce a code generation concept and tool support that enables the automatic synthesis of ConSert-based runtime monitors for CPS in the Rust programming language. We demonstrate and evaluate the feasibility of the concept on a robot-assisted industrial manufacturing use case.