krohloff, ppal matighet, schantz Approaches to Modeling and Simulation for Dynamic, Distributed Cyber-Physical Systems Kurt Rohloff, Partha Pal, Michael Atighetchi, Richard Schantz BBN Technologies Cambridge MA, USA @bbn.com Kishor Trivedi Duke University Durham NC, USA kst@ee.duke.edu Christos Cassandras Boston University Boston MA, USA cgc@bu.edu Abstract— In this paper we discuss challenges and new directions in modeling and simulation for effects-based what-if and sensitivity analysis of dynamic, distributed cyber-physical systems. We are motivated on one hand by the critical need to reliably understand how mission-critical cyber-physical systems would respond to unanticipated effects, and on the other hand by the technology gap that has prevented us from doing so until now. Modern cyber-physical systems are very large distributed systems, covering wide geographic areas with time-critical operations, asynchronous state updating and implicit interactions through resource sharing. Canonical examples of such systems include the national electric power generation and distribution grid, computing infrastructure, communication networks and manufacturing systems that are built upon multiple layers of software and physical resources. We address three main aspects of challenges and next steps to the modeling and simulation of these systems based on 1) a revised foundation for model representation, 2) advanced model-analytic tools and 3) a general adaptable and reusable simulation environment. Our suggested approach to these challenges incorporates both the generalization and repurposed use of existing technologies to create a rigorous and justifiable foundation for survivability analysis in large- scale cyber-physical systems. Keywords-cyber-physical systems; modeling; simulation; verification; challenges I. INTRODUCTION The safety and survivability of cyber-physical systems and systems-of-systems are and will continue to be crucially important for the maintenance of modern society as we know it. Examples of these cyber-physical systems include the national electric power generation and distribution grid, computing infrastructure, transportation systems such as train networks, communication networks and manufacturing systems that are built upon multiple layers of software and physical resources. Our society’s reliance on cyber-physical systems requires us to be able to model, simulate and analyze these systems for achieving critical properties, including safety and survivability in the face of combinations of accidents, operator error, cyber attacks, physical attacks and “wrath of god” incidents such as hurricanes, earthquakes and blizzards. We need to be able to model, simulate and analyze both 1) the likely direct affects of these adverse events on cyber-physical systems and 2) indirect effects, caused by the ability of partial component system faults to propagate, leading to large-scale outages and potentially catastrophic events. The ultimate goal of these analyses is to take corrective action in a timely manner (either proactively or reactively) to remove or limit the affects of these adverse events. Cyber-physical systems are particularly difficult to model and simulate because their components mix many different system modalities, and these system components interact both implicitly and explicitly. These systems, both in their physical and cyber domains blend time-driven behaviors (with discrete, continuous or hybrid state-updating) and event-driven behaviors (which may or may not be expressible as easily-modeled regular languages.) In this paper we discuss challenges and next steps for the effective modeling and simulation of large-scale cyber- physical systems. The remainder of this paper is organized as follows. In the following section we outline challenges of modeling and simulation for cyber-physical systems where failures can propagate, leading to unexpected and disastrous results. In Section III we introduce our vision for the next steps for modeling and simulation of wide-scale, distributed cyber-physical systems. In each of the following sections after this we discuss aspects of these challenges. II. CHALLENGES Specific challenges in modeling and simulation for these cyber-physical systems arise from the fact that they are large and highly interconnected, with a very large or effectively infinite number of:  States, internal interactions, and potential configurations, often coping with or embedding adaptive, non-deterministic, and evolving (e.g., learning) behaviors. Complicating matters further are