Emergent paradigms of Industry 4.0 and Industrial Internet of Things expect cyber-physical systems to reliably provide services overcoming disruptions in operative conditions and adapting to changes in architectural and functional requirements. In this paper, we describe a hardware/software framework supporting operation and maintenance of software-controlled systems enhancing resilience by promoting a Model-Driven Engineering (MDE) process to automatically derive structural configurations and failure models from reliability artifacts. Specifically, a reflective architecture developed around digital twins enables representation and control of system Configuration Items properly derived from SysML Block Definition Diagrams, providing support for variation. Besides, a plurality of distributed analytic agents for qualitative evaluation over executable failure models empowers the system with runtime self-assessment and dynamic adaptation capabilities. We describe the framework architecture outlining roles and responsibilities in a System of Systems perspective, providing salient design traits about digital twins and data analytic agents for failure propagation modeling and analysis. We discuss a prototype implementation following the MDE approach, highlighting self-recovery and self-adaptation properties on a real cyber-physical system for vehicle access control to Limited Traffic Zones.

中文翻译：

---

弹性软件控制系统的模型驱动工程框架

工业 4.0 和工业物联网的新兴范式期望网络物理系统能够可靠地提供服务，克服操作条件的中断并适应架构和功能要求的变化。在本文中，我们描述了一个硬件/软件框架，支持软件控制系统的操作和维护，通过促进模型驱动工程 (MDE) 过程从可靠性工件中自动导出结构配置和故障模型，从而增强弹性。具体而言，围绕数字孪生开发的反射架构能够表示和控制从 SysML 块定义图正确派生的系统配置项，为变化提供支持。除了，用于对可执行故障模型进行定性评估的多个分布式分析代理使系统具有运行时自我评估和动态适应能力。我们描述了框架架构，从系统角度概述了角色和职责，提供了有关数字双胞胎和数据分析代理的显着设计特征，用于故障传播建模和分析。我们讨论了遵循 MDE 方法的原型实现，突出了真实网络物理系统上的自我恢复和自适应特性，用于对有限交通区域的车辆访问控制。为故障传播建模和分析提供有关数字孪生和数据分析代理的显着设计特征。我们讨论了遵循 MDE 方法的原型实现，突出了真实网络物理系统上的自我恢复和自适应特性，用于对有限交通区域的车辆访问控制。为故障传播建模和分析提供有关数字孪生和数据分析代理的显着设计特征。我们讨论了遵循 MDE 方法的原型实现，突出了真实网络物理系统上的自我恢复和自适应特性，用于对有限交通区域的车辆访问控制。