1

Hirokazu IharaHiro Systems Laboratory ihara@coral.ocn.ne.jp

Motohisa Funabashi Systems Development Laboratory, Hitachi, Ltd. funa@sdl.hitachi.co.jp

Systems Approach to Computing Dependability

In and Out of HitachiConcept, Applications and Perspective

IFIP-WCC2004 Topic 3 In honor of Emeritus Professor Algirdas Avizienis

Sculpture by Ryoji Goto

2

(a) Reliability is prior to its performance and cost.(b) Environment conditions are very rigorous (ambient temperature, humidity, vibration, dust,

etc.)(c)Event-driven or data-driven processing from the

machines(d) Time-critical(e) The turnkey or the solution business(f) Periodically to adapt their functions by changing

demands

Inherent Property of Control ComputingCompared to Enterprise Computing

Two Business groups for Enterprise and ControlComputing has been operated in Hitachi Ltd.

3

Evolution of Computing Systems

ShutdownShutdown

Partial CutoffPartial Cutoff

Autonomous ReconfigurationAutonomous Reconfiguration

Function-sharingFunction-sharingStrict InterfaceStrict Interface

ExpandabilityExpandability& Versatility& Versatilityfor Manufacturerfor Manufacturer

DistributionDistribution1970s

1980s

CentralizationCentralizationTight ConnectionTight ConnectionTime-sharingTime-sharing

PerformancePerformance

2000s

ExtendabilityExtendabilityDependabilityDependabilityin Operationin Operation

DecentralizationDecentralizationReceiver InitiativeReceiver Initiative

AutonomousAutonomousFunctionFunction

Multi LayeredMulti LayeredDecentralizationDecentralization

Emergent FunctionEmergent FunctionMulti-modal InitiativeMulti-modal Initiative

On-lineOn-lineMetamorphosisMetamorphosis

System StructureSystem StructureRequirementRequirement FeatureFeature

19601960ss

3

4Centralized

Hierarchical Distributed

Functional Distributed

Cost performance System performanceCoordinability Autonomous Coordinability

Autonomous controllability

Controllability

Fault tolerance

Fault avoidance

Autonomous Decentralized

Our Target of System Concept

5

Constantvalue

Judgment

Comparator

AND

ComputerB

System input

System output

DSC (Dual System Controller)

Register Register

Constantvalue

Interrupt Interrupt

ComputerA

Dual Structure System of COMTRAC

COMputer aided TRAffic Control

6

ComputerC

DSC

ComputerA

DSC

ComputerB

STR

System output

DSC

System input

Symmetrical Structure of COMTRACDual –Duplex System Structure

DSC;dual systemcontroller

STR;statusregister

7

Tokaido Line

Sanyo Line

NaganoNagoyaOsaka

Hakata

Kyushu Line Tohoku Line

Jyoetsu Line

Fukushima

NiigataYamagata

Akita

Nagano Morioka

Tokyo

NagoyaOsaka

OkayamaKumamoto

Kagoshima

Hachinohe

Nagano Line

Yamagata LineAkitata Line

Network of Shinkansen has been developed line by line since 1964 andoperated by COMTRAC since 1972 without any system failure.

Present Dependable COMTRAC

19722004

8

Principle Recognition ofAutonomous Decentralization Concept (ADC)

(a) Always includes inactive (temporary faulty,complementary or spare) parts

(b) Always changes its conditions and states amongoperation, metabolism, generation and growth(plus or minus)

(c) Always changes its objectives to the goal byalternatives selection, optimization and daptation

(d) Always keeps accomplishing its objectives almostcompletely

This observations are opposite recognition againstthat system should be complete and stable.

9

(a) Autonomous controllability: if any subsystem fails, the other survivors can manage themselves

(b) Autonomous coordinability: if any subsystem fails, the other survivors can coordinate their individual objectives among themselves.

Definition of ADS

Properties of ADC

Uniformityofstructure

Equalityamongsubsystems

Locality ofinformation

10

Subsystems

FlagFlag CCContent

CodeSender

IDSender

IDControl

codeControl

CodeData or

CommandRC

Virtual Data Field by Broadcast

Elements of Typical Information Format

VDF(Virtual Data Field)

Data/Data/CommandCommand

Flag

BroadcastingBroadcastingnetworksnetworks

AutonomousAutonomouscontrolcontrolprocessor(ACP)processor(ACP)

ACPsACPsdistinguishdistinguishtheirtheirnecessarynecessaryinformationinformationby Contentby ContentCodesCodes

ACP ACP ACPACP

11

Connection of Autonomous Decentralized Systems

Analogy of Nerve Analogy of Brain

b3b3

a2a2a3a3

a1a1

b1b1 b2b2

c2c2

c1c1

c3c3

L1L1

L2L2

ACPACP

ACPACP

Tightly coupledHexagonal connection

Loosely coupled Doubleloop network

ACP ACP

Sculpture by Ryoji Goto

12

Kofu Shinjyuku

Shinagawa

Kawasaki

YokohamaOfuna

Tokyo

Ueno

Omiya

Jinbohara Kuroiso

Hatori

ChibaOchanomizu

2,200 computers

Atami

Kofu Tachikawa

Kawasaki

introduced since 1996 in Tokyo Metropolitan Wide Area

Ikebukuro

Yokosuka

19 lines

300 stations

6,500trains

Total line 1,200km

Autonomous decentralized Transport Operation controland information System (ATOS)

13

Strong Non-linear

ProblemSolving Systems

Strong Non-linear

Complex Problems

ProblemSolving Systems

Degree of structuring

high

poor

Linear orSimple-non linearProblem

Analytical Engine

Knowledge Conquer

Intelligent Information

Inference Engine

abstract

Human Brain & Intelligence

Common/Specific Knowledge

Formula, Axiom, Law

Perception, UnderstandingSelection, Analogy, Association

Search Engine

Ad hoc, Matching

Syntactics-oriented

-specialization-domain

--

-oriented

Processing Systems

-

--

--

Our Target of Remained Area of Computing

specificSemantics

ProceduralProceduralProcessing systemsProcessing systems

segmentationlinearization

14

Fuzzy Expert System forSubway Operation (1987)

Evolutional Practice of AI Technology

Attempts in early 1980sDiagnosis of Nuclear

Power PlantQuality Control of

SemiconductorManufacturing

Project Management ofOversea Construction ofFossil Power Plant

Real ApplicationsDeveloped in 1980s

Operation Guidance ofBlast Furnace and PublicUtility Plants

Generation Assistance ofTrain Operation Diagrams

Construction Planning andProject ManagementSupport

Assessment Support ofFinancial Investment

EUREKA(Real-timeInferenceEngine)

ManagementMethodology

forUncertainty

BlastFurnace

14

15

Knowledge Acquisition Technologyfor AI Systems

BareExpertise

ConsistentExpertise

KnowledgeRefinementBy NeuralNetwork

DataWarehouse

Data Mining

AcquiredKnowledge

PredictionModel

Objectiveof

Acquisition

CRM (CustomerRelationshipManagement)Systems inTelecommunicationOperators

Quality ControlSystems in LSIManufacturing

Control Systems forPublic Utility Plants

Financial TradingSystems

Gray Box Approach

Black Box Approach

Applications for instance

MovingAverage

16

City

Nation

UniformVariety

Disperse

Close

Vert

ical

Dis

trib

utio

n

Horizontal Distribution

EADC

Hierarchical Systems of Human-beings

Hierarchical Layers andEqual Diversification

CommunityCommunity

FamilyFamily

IndividualIndividual

OrganOrgan

CellCellADCADC

17

Autonomous Observability: if any change occurs

in the surrounding of the subsystem, subsystems can observe it immediately

EADC is characterized by

Autonomous controlability

Autonomous coordinability

Autonomous observability

Definition of Autonomous Observabilityfor EADC

18

controllability

Coordi- nability

autonomouscontrollability

observability

autonomousobservability

TwoTwo dimensionaldimensional

Four dimensionalFour dimensional

(Space & Time)(Space & Time)

On lineOn line

HeuristicHeuristic

Off lineOff line

Extended ADS AttachedAutonomous Observability to ADS

autonomouscoordinability

Pre-installPre-install

19

Sensor Network Devices

Emerging Playersfor Autonomous Observability

µ-chip

0.4mm 0.4mm

2.45GHz RF antenna

1mm

µ-TAS (Micro Total Analysis System)for Health Monitoring

Micro Channel

Micro Separation Devices

Antenna Built-in Type RFID

10mm

LSI(Wireless+ Controller)

Prototype

Sensor

Vibration based Generator

R. Amirtharajahet al. of MIT (1999)

19

20

Super Distributed Objects: AYA(context Aware & Yet Another service)

OA WorldMobile World

UPnP World ECHONET World

Ad hoc Collaboration according to the Context Collaboration among AV, Facility, and OA

Systems with Autonomous Observability

HDLA World

SensorVideoVideoVideo

Voice

Air Conditioner

…

PCVoice

Listening via Mobilein case of Outdoor

Quiet and Energy Savingin case of Sleeping

Viewing via TV incase of Home

PCServer Functions-Monitoring-Content Delivery

Object Model: AYA

20

21

ABS

ABS

ABS

ABS

ABS

ABS

Autonomous Group Management for ITS based onAutonomous Observability

Dynamically Formed ABS (Autonomous BaseStation) Group according to Car Position

Reliable Data Transmission for High Speed Cars through DSRC(Dedicated Short Range Communications) by Autonomous GroupFormation of Base Stations

Data Field

ABS

AutonomousGroup Formation

Service Control

AutonomousService Delivery

Service ProvidersITS: Intelligent Transport Systems

tools

Systems engineers

Model view

InformationBase

Intelligent engineering system

Simulation Simulator

Life Cycle systemDynamic management system

Integration,Analysis,Optimization

Life cyclesystemmodel

requirement development operation

Intelligent collaboration

System knowledge

Overview of Emergent Synthesis EnvironmentDomain engineers

Open Development and Operation Infrastructure(ODOI)

Outsideexpert/

Citizen

22

For project members to retrieve, accumulate, suggest, simulate, validate and synthesize comprehensive information and knowledge for the phases of plan, design, validation and operationFor project members and experts outside to communicate, exchange, discuss and interactrecursivelyFor people interested in including citizens to watch recursively the on-going process and proposed new idea or suggestionFor developed systems to have autonomous operation supported by ODOE

Aims of Open Development & OperationInfrastructure (ODOI)

23

24

Sample Scenario for Yaoyorozu Society in 2010

AugmentedMemoryServices

MyRemembrance

YourRemembrance R

eminder

Service

Memory ofBenches

Memory ofLights

Memory ofRoads Small Smart

Devices

MemorizingService

3rd P

arty

Serv

ice

HealthDiagnosis

andAdvice

PervasiveInformation

Society(Yaoyorozu)

in 2010

(Annotated World bySmall Smart Devices)

Memorizing EveryPersonal HealthConditions,Perceptions, andSocial Interactions(Conversation, Mail, Phone, …)

P2PExchange

25

Yaoyorozu in Japanese Myth

PublicFacilities

Information & Media

Production

MaterialProduction

Home &Community

“Yaoyorozu” (= eight million)means countless in number,particularly in the phrase“Yaoyorozu no Kami-gami, or“eight million gods”, indicatingthat gods live not only in the manyshrines, but in trees and stones, inthe sky and water, constantlysurrounding and protecting us.

For our project, we use“Yaoyorozu” in place ofUbiquitous for the heterogeniousintelligent devices surroundingand protecting us.

Secure and AffluentSociety by Convergenceof IT, Bio, and Nano

Eight MillionGods inJapanese Myth

26

Supported by Special Coordination Funds for PromotingScience and Technology by MEXT (Ministry of Education,Culture, Sports, Science and Technology, Japan)

The Yaoyorozu Project

Systems(Trans-DisciplinaryScience &

Technology)

Humanity(Lifestyle,

Ethics)

Engineering(IT)

Research Goal- Desirable Institutional

Systems & CoreTechnology forUbiquitous (Yaoyorozu)Information Society in2010

- Research Methodologyfor Multi-disciplines

(August 2002-March 2005)

Project Organization

27

Our Research Attitude

Calligraphy by Mr. ODAIRANamihei

(Founder of Hitachi, Ltd.)

Sculpture by Ryoji Goto