A hierarchical approach for modelling the adaptability features of complex systems is introduced. It is based on a structural level S, describing the adaptation dynamics of the system, and a behavioural level B accounting for the description of the admissible dynamics of the system. Moreover, a unified system, called S [B], is defined by coupling S and B. The adaptation semantics is such that the S level imposes structural constraints on the B level, which has to adapt whenever it no longer can

more »

... satisfy them. In this context, we introduce weak and strong adaptability, i.e. the ability of a system to adapt for some evolution paths or for all possible evolutions, respectively. We provide a relational characterisation for these two notions and we show that adaptability checking, i.e. deciding if a system is weakly or strongly adaptable, can be reduced to a CTL model checking problem. We apply the model and the theoretical results to the case study of a motion controller of autonomous transport vehicles. for the invariant features of the system that regulate the behaviour of the system. More precisely, both levels are modelled as state machines, but each state of the S level is associated with a set of constraints, i.e. logical formulas over observable variables of the B level. An S state in the structural level represents a relatively persistent situation, a steady region for the B level, identified by the set of B states satisfying the constraints. Therefore S is a higher order structure whose states can be interpreted as sets of B states, and whose transitions can be viewed as mappings among sets of B states. The coupled model will be referred to as S [B], in order to highlight the two basic levels that compose the system. The S[B] model is broadly inspired by a previous work of some of the authors, a spatial bio-inspired process algebra called Shape Calculus [3, 4] , where processes are characterised by a reactive behaviour B and by a shape S that imposes a set of geometrical constraints on their interactions and occupancy in the three-dimensional Euclidean space. Here, instead, the computational approach is shifted in a more general context, where S and B are coupled by a hierarchical relation defined on the structural constraints of the S level and the state space of the B level. The adaptation semantics can be briefly described as follows. Consider an S[B] system, let q be the current state of B and assume that it satisfies the constraints of the current S state. The adaptation is triggered whenever q cannot evolve because there is no next B state that satisfies the current S constraints. During adaptation, the S[B] system attempts to evolve towards a new B state that satisfies a new S state, chosen among the successors of the current one. In this phase B is no more constrained by S. Adaptation terminates successfully when B ends up in a state that fulfils the new global situation represented by one of the admissible S states. A first general introduction of the S[B] model was given in [38] and [39] by the authors. In this work, we provide several novelties and improvements, most of them devoted to the adaptability checking problem, i.e. the automatic checking of the adaptation capabilities of a given S[B] system. In particular, we define the notion of weak adaptability, possessed by an S [B] system that is able to adapt along some of all its possible evolution paths. Strong adaptability requires that the S[B] system is able to adapt along all its possible evolution paths. We formulate the notions of weak and strong adaptability as relations between the states of B and S and also in logical form, as Computation Tree Logic (CTL) formulas over the given semantics of an S[B] system. Then, we formally prove the equivalence between the relational and the logical formulation of strong and weak adaptability (Theorems 1 and 2) , showing that the adaptability checking problem can be reduced to a classical model checking problem. We also discuss the computational complexity of our approach. The effectiveness of the S[B] approach for self-adaptive systems is demonstrated using a case study in the context of adaptive software systems, a model for a motion controller of autonomous transport vehicles in a smart airport. The same case study is used for exemplifying the notions of weak and strong adaptability and the adaptability checking problem. The paper is organised as follows. Section 2 introduces the formalism and the syntax of the S[B] model. Section 3 illustrates the application of the model to the example of adaptive motion controller. In Section 4 we give the operational semantics of an S[B] system by means of a flattened transition system. In Section 5 we formalise the relations of weak and strong adaptation, which we equivalently characterise as CTL formulas in Section 6. Related works including adaptation features of S [B], and conclusions are given in Section 7. Finally, proofs are presented in Appendix A.