Cyber–physical systems increasingly feature highly-distributed and mobile deployments of devices spread over large physical environments: in these contexts, it is generally very difficult to engineer trustworthy critical services, mostly because formal methods generally hardly scale with the number of involved devices, especially when faults, continuous changes, and dynamic topologies are the norm. To start addressing this problem, in this paper we devise a formally correct and self-adaptive implementation of distributed monitors for spatial properties. We start from the Spatial Logic of Closure Spaces, and provide a compositional translation that takes a formula and yields a distributed program that provides runtime verification of its validity. Such programs are expressed in terms of the field calculus, a recently emerged computational model that focusses on global-level outcomes instead of single-device behaviour, and expresses distributed computations by pure functions and the functional composition mechanism. By reusing previous results and tools of the field calculus, we prove correctness of the translation, self-stabilisation of the derived monitors, and empirically evaluate adaptivity of such monitors in a realistic smart city scenario of safe crowd monitoring and control.

网络物理系统越来越多地具有分布在大型物理环境中的设备的高度分布式和移动部署：在这些情况下，通常很难设计可信赖的关键服务，主要是因为形式化方法通常很难随所涉及设备的数量而扩展，特别是当故障，连续变化和动态拓扑成为常态时。为了开始解决这个问题，在本文中，我们设计了一种形式正确且自适应的分布式监视器，以实现空间特性。我们从封闭空间的空间逻辑开始，提供了一个合成转换，该转换采用一个公式并生成一个分布式程序，该程序对其有效性进行运行时验证。这样的程序用领域演算来表达，最近出现的一种计算模型，该模型专注于全局级别的结果，而不是单一设备的行为，并通过纯函数和函数组成机制表示分布式计算。通过重用以前的结果和现场演算的工具，我们证明了翻译的正确性，派生监视器的自我稳定，并在安全人群监控的现实智慧城市场景中凭经验评估了此类监视器的适应性。