A Systematic Literature Review on Software Maintenance for Cyber-physical Systems

Cyber-physical systems (CPS) are widely used in almost every sector of our modern life. They are also changing the way how systems are designed and maintained as CPS represent a combination of hardware and software components. Thus, the maintenance of CPS is challenging due to the various components that are involved, including embedded software technologies, internet of things (IoT), machine to machine interactions, connectivity and wireless networks. In this paper, we performed a systematic literature review of the existing studies related to software maintenance of CPS starting from January 2006 until December 2020. After extensive manual analysis and filtering, we identified a total of 109 primary studies that we deeply analyzed through different criteria to answer four main research questions about software maintenance activities, techniques, types and evaluation methods used in CPS. Based on the data collected from this survey, we created a taxonomy to classify the existing research works, identified research trends, and highlighted gaps in the literature and avenues for further research in the field.


I. INTRODUCTION
I N 2006, Dr Helen Gill, the director of the Embedded & Hybrid Systems program at the National Science Foundation (NSF) in the United States, announced a new research project on "cyber-physical systems" (CPS). That was the first time that this term has been used. CPS are not traditional embedded/real-time systems. They are intelligent entities which dynamically integrate computation and software with physical processes in a way that is considered as an intersection between the cyber and the physical more than just a union, which requires a deep understanding of the dynamics among computers, networking, and physical systems.
Ever since 2006, large amounts of funds have been awarded for research on CPS, making them as national research priorities in several countries around the world in a way that, today, CPS are considered as the key element to ensure a successful transition towards the upcoming industrial revolution: industry 4.0.
With this rising research interest on CPS, comes the need of appropriate robust maintenance strategies that enable to increase the useful life, the productivity and the reliability of the cyber-physical systems. Obviously, the maintenance of CPS covers two different parts: the machinery maintenance, which involves repairing the equipment (e.g., by replacing the non-functional parts), and the software maintenance that is about the computing side of CPS.
In this paper, we are interested in the software maintenance of cyber-physical systems. In fact, this type of maintenance could lead to predict and prevent the machinery failures of these systems which would ensure their good performance in today's highly competitive environments.

A. PROBLEM DESCRIPTION AND MOTIVATION
The definition of "software maintenance" as presented in the IEEE standard [1] is as follows: "Modification of a software product after delivery to correct faults, to improve performance or other attributes, or to adapt the product to a modified environment".
In today's world where computing devices (such as In-ternet of Things (IoT) devices) are embedded in so many equipment around us, and where technology is rapidly evolving from day to day; software maintenance became a mandatory requirement. The purpose of software maintenance is not only to ensure the good performance and operation of these systems by sustaining the software product throughout its life cycle, but also to add and adapt new technologies to the existing environments. The importance of software maintenance became even higher with the introduction of cyber-physical systems. While each CPS component (either hardware, software or network component) plays an important role in the proper functioning of the CPS, the software is considered as the conductor and the most important of all of the CPS components. Indeed, implementing the right software on CPS allows to optimize the use of each component, to create a high level of synergy between the different elements and to control the whole system effectively. On the other hand, a faulty software could interrupt the interaction of each CPS component with the others and with the surrounding environment which leads to a total failure of the system. This fact leads us to affirm that performing studies on software maintenance for CPS is essential and even strategic for future research works. Several papers address the maintenance of cyber-physical systems, but only few covered the software maintenance of these systems.
We conducted this study using a systematic literature review (SLR) by following a defined protocol established by Kitchenham and Charters [2]. SLRs are considered as a powerful tool to summarize existing research works and to understand the state-of-the-art about a specific subject. Hence, it helps researchers to identify future directions for that specific research field.

B. CONTRIBUTIONS
Cyber-physical systems represent today a multidisciplinary research field with a very increasing interest worldwide. Software maintenance is one of the pillars to ensure an effective and efficient operation for CPS. Our primary purpose with this systematic literature review is to deeply go through all papers related to this field to study them and propose future orientations and, in order to ensure the quality and the validity of our study's output, this SLR follows a protocol defined in the literature [2]- [4]. We used various electronic databases and a large number of articles to comprise all the possible candidate studies and cover more works than existing SLRs. We identified a final set of 109 studies related to software maintenance for CPS published between 2006 and 2020, fulfilling the quality assessment criteria. These studies can be used by the research and industry communities as a reliable basis and help them conduct further research on software maintenance for CPS.
This SLR contributes to the existing literature in the following ways: • We present a comprehensive qualitative and quantitative synthesis reflecting the state-of-the-art in soft-ware maintenance for CPS with data extracted from those 109 high-rigor studies. Our synthesis covers the following themes: software maintenance activities, techniques, types and evaluation methods applied in the CPS field.
• We establish a common ground towards a unified taxonomy that classifies and categorizes the research works used in our study which may help the researchers to easily reach the desired classof studies based on the category of the software maintenance to be applied on CPS and the best tools and approaches to use for their research purpose.
• We provide guidelines and recommendations based on our findings to support further research in the area by identifying the research gaps and axis that need more investigations and by proposing future research directions on several aspects of the software maintenance of the CPS.

C. RELATED SURVEYS
Few articles in literature have dealt with surveys or reviews on software maintenance aspects for CPS. Existing systematic literature reviews examine findings in very specific aspects of software maintenance applied on CPS. Security challenges are one of the biggest concerns for CPS maintenance and attracted widespread attention of researchers from all around the world. Geismann et al. [5] conducted a systematic literature review on CPS dealing with this particular aspect of maintenance. The aim of this paper was to find out which model-driven approaches for secure CPS do exist that cover explicitly both cyber and physical layers of CPS. In the same context, Nazarenko et al. in their survey [6] presented an insight on vulnerabilities and attack types on CPS with distinction between security and safety challenges. Another aspect of CPS maintenance was studied in the SLR conducted by Zhou et al. [7] and which focused on investigating several testing methods for CPS.
In [8], Dos Santos et al. conducted a mapping review on software quality aspects on robotic systems and made a classification of the software engineering approaches used to address software quality aspects on robotic systems.
On the other hand, an almost complete survey on software maintenance was carried out in [9]. In this paper, Malhotra et al. presented several metrics, types and activities about software maintenance and maintainability. However, it didn't deal with a specific area of research, such as the CPS.
At the time this SLR was conducted, there is no survey in literature that deals with the overall aspects of the software maintenance applied on CPS as we did it in this review. For this, we tried to make our SLR the most comprehensive and complete as possible to be a good reference for researchers interested in this subject.
The remainder of the paper is structured as follows. First, we outline in Section II the research methodology we followed and the underlying protocol for the systematic literature review. Then, we conducted our survey and reported and discussed its outcome in Section III. Finally, and before we conclude in Section VI, we state future directions and perspectives to our study in Section V.

II. RESEARCH METHODOLOGY
This section details the performed research steps and the protocol of our systematic literature review. We start in Subsection II-A by describing the research questions emphasized in our survey. Then, in Subsection II-B, we present the literature search steps that we considered. In Subsection II-C, we highlight the inclusion and exclusion criteria to filter our final data set. The data preprocessing step and our proposed taxonomy are described in Subsection II-D. The quality assessment criteria are defined in Subsection II-E.

A. RESEARCH QUESTIONS
We present here-after the main research questions we seek to answer in this literature review, taking into consideration the aforementioned objectives: RQ1. What are the software maintenance activities for CPS?
RQ2. What are the techniques used for the automation of software maintenance for CPS?
RQ3. What are the common evaluation methods used to validate software maintenance techniques for CPS?
RQ4. What are the main types of software maintenance used for CPS?

B. LITERATURE SEARCH STRATEGY
We conducted our search in several scientific literature sources in order to collect the maximum of papers that are dealing with our subject and to make our review as comprehensive as possible. The databases we used are described as follows: • Digital Libraries: ACM Library, IEEE Xplore, Science-Direct, SpringerLink.
• Citation Databases: Web of Science (formerly ISI Web of Knowledge), Scopus.
• Citation Search Engines: DBLP, Google Scholar. For our search, we needed to cover two different areas: software maintenance and cyber-physical systems. For that, we defined a set of keywords relative to each area that could be considered as scientific synonyms: • Set 1: software maintenance, software testing, software quality • Set 2: cyber-physical system, cyber physical system, embedded, robot, robotic, industry 4.0, autonomous, internet of things, iot, smart We put as many related keywords as possible aiming not to exclude any relevant approach during our search. These keywords were combined using logical operators ANDs and ORs to create search terms. The goal of our generated search strings is to collect all papers having at least one keyword from the first set and one keyword from the second set either in their title, or abstract or keywords. The final list of search strings is shown in Table 1. After that, we refined the resulting set of papers by following a multi-stage model (as shown in Figure 1) in order to keep the most relevant publications as much as possible.  Figure 1 shows the number of articles kept at each step VOLUME 4, 2016 along with the total returned publications. The different steps of our systematic review are as follow: Step 1: Executing the search queries on the selected databases mentioned above. A total of 7592 references were found.
Step 2: Applying a set of clearly defined inclusion and exclusion criteria (explained in Subsection II-C) to our resulting papers, which reduced the list of candidate papers to 5167.
Step 3: Removing the duplicates. A total 4783 articles were kept.
Step 4: Performing a manual examination of titles and abstracts to discard irrelevant publications and exclude those that describe unrelated domains, such as Blockchain for example, or papers talking about the use of CPS for maintenance. We also looked at the body of the paper whenever necessary to make sure that we only keep papers that deal with software maintenance applied to cyber-physical systems. At this step, we also applied a study quality assessment (which will be described in Subsection II-E). This has drastically reduced our set of papers to 124 articles.
Step 5: Downloading the obtained set of articles. Four papers were not available online, which made us to remove them from our list. At the end of this step, we kept a list of 120 articles.
Step 6: We removed all short papers having less than 5 pages. Our list at this stage is limited to 101 articles.
Step 7: Finally, applying forward as well as backward snowballing as recommended by Wohlin [3], until no additional papers were found. This allowed us to add 8 new papers satisfying our selection criteria for this SLR, and to get a final set of 109 relevant papers.

C. INCLUSION AND EXCLUSION CRITERIA
We defined a set of inclusion and exclusion criteria that we followed to filter out irrelevant papers as explained in Stage 2 of our search methodology.

1) Inclusion criteria
All of the following criteria must be satisfied in the selected primary studies: 1) Date range: we limited our search in a range between 2006 -the year when the term "cyber-physical systems" has first appeared-and 2020 since this SLR was conducted at the beginning of 2021.
2) Subject area:The article must be related to computer science and engineering fields and propose software maintenance techniques, methods and tools applied for CPS.
3) Language: The paper must be written in English.

4) Paper types:
We selected articles from journals, conference proceedings and books. In case a conference paper has a journal extension with the same title, authors and abstract, that would be considered as a duplicated article and we would include only one of them.

5)
Availability: The paper must be available in an electronic format.
6) Quality assessment:The paper must pass the quality assessment criteria that are elaborated in Subsection II-E.

2) Exclusion Criteria
If an article selected in Step 1 of our search methodology holds at least one of the following criteria, it is excluded from our final list. 1) Publication stage: We focused in our SLR on collecting mature research works. For that, we excluded all papers that are explicitly marked as "work-inprogress", as well as papers published in workshops, symposiums or poster sessions only.
2) Subject areas: We excluded all papers that are not related to computer science nor engineering fields, and studies that do not focus on software maintenance applied for CPS.
3) Grey Literature: that "stands for manifold document types produced on all levels of government, academics, business, and industry" [10] and covers all research works that have been published in non-commercial nor academic forms.

D. STUDY CLASSIFICATION
To address our research questions formulated in Subsection II-A, we conducted our systematic literature review in order to seek answers to the following questions: • Software maintenance activities for CPS (related to RQ1).
• Automation techniques of software maintenance for CPS (related to RQ2).
• Evaluation methods of software maintenance for CPS (related to RQ3).
• Software maintenance types used for CPS (related to RQ4). We outline in Table 2 the keywords we defined for our research questions as follows to identify relevant papers: • RQ1: Software maintenance activities for CPS: --Testing: by maintaining control over software modification and adapting programs so that different hardware, software, system features, and telecommunications facilities can be used.
--Maintenance quality: by preventing software performance from degrading to unacceptable levels.
--Bugs repairing: by correcting faults and maintaining control over the software's day-to-day functions, --Security: by identifying security threats and fixing security vulnerabilities.
• RQ2:Automation techniques of software maintenance for CPS: --Formal/ conventional methods: it includes all conventional tools and methodologies that support software maintenance based on a rigorous mathematical process [11].
--Machine Learning: it includes unconventional new methods used for software maintenance based on machine learning (ML) and artificial intelligence (AI), and where failures should be self-avoided and self-managed by the system, --Static analysis: it is about analysing the source code without actually executing the program but mainly collecting information from the structure of the code, --Dynamic analysis: it is about analysing execution traces to assess the system's behavior through running the system against a specified or intended behavior.
• RQ3: Evaluation methods of software maintenance for CPS: --Automated or manual approaches: * the manual evaluation approach is based on testing, and there are several testing techniques that can be used manually. * the automated evaluation approach uses automated processes to test the software.
--Academic or industrial approaches: * the academic evaluation approach uses open source tools. * the industrial evaluation approach is based on projects with industrial partners.
• RQ4: Software maintenance types used for CPS: --Corrective maintenance: it is about taking actions to rectify bugs and errors observed while the system is in use.
--Adaptive maintenance: it aims to keep the software product up-to date with any new related technology, or to adapt it to new platforms or operating systems based on user's request.
--Perfective maintenance: it includes modifications and updates needed to support new features or to change some functionalities that the user could ask for in order to keep the software usable over a long period of time.
--Preventive maintenance: its goal is to anticipate and prevent problems of the software which might occur in the future in order to improve its future maintainability and provide a basis for future enhancements. As shown in Table 2, we extracted as well a set of keywords for each answer we provided which helped us to properly classify the resulting papers for our study. For these keywords, we just put the root, and removed all the possible affixes (suffixes or prefixes) in order to cover the maximum forms and derivatives of the word. For example the word automat will cover, in our search, words such automation, automatic, automatically, automate, automated, etc..

E. STUDY QUALITY ASSESSMENT
The quality of publications is assessed in parallel at the time of data extraction. After having applied the inclusion and exclusion criteria, we performed a measurement of quality of the primary studies we collected. We followed the quality checklist given by Kitchenham and Charters in [2]. We chose a set of questions (described in Table 3) to which the answers could be a "Yes", "Partially", or "No", which correspond to a score of 1, 0.5, or 0, respectively. If any of the previous answers could not be applied to a question in a specific study, we don't evaluate that study for that particular question. If a study does not meet the quality assessment criteria, it is removed from our final list.

III. RESULTS
We will present in this section the results we obtained from our 109 articles in order to answer the research questions defined earlier. For each article from our last set of papers, we implemented a Python code to go through the body of this paper and count the number of appearances of all the keywords defined in Table 2 for every potential answer to that particular RQ. If this sum of the keywords per paper is superior to 10, the answer will be automatically validated for that RQ and that particular paper. If not, and if the sum is not null, we will go to a manual examination to be able to confirm or not that answer as a way to check the relevance of the paper to a particular research question. Table 4 summarizes these results based on the taxonomy described in Subsection II-D. We will present as well in this section the observations and insights that can be derived from the classification results. Based on existing studies related to software maintenance for CPS, we found four main activities: testing, quality assessment, software repair VOLUME 4, 2016   Quality Assessment Questions

Design
Are the automation techniques of software maintenance for CPS clearly described? Are the maintenance activities considered clearly stated and defined? Was the sample size justified? Are the evaluation measures fully defined?

Conduct
Are the data collection methods adequately described?

Analysis
Are the results of applying the identification techniques evaluated? Are the data sets adequately described? (size, programming languages, source) Are the study participants or observational units adequately described? Are the statistical methods described? Are the statistical methods justified? Is the purpose of the analysis clear? Are the scoring systems (performance evaluation) described?

Conclusion
Are all study questions answered? Are negative findings presented? Are the results compared with previous reports? Do the results add to the literature? Are validity threats discussed?
and security issues detection and repair. The testing of software in CPS received the highest attention from the research community which is a consistent result with existing systematic reviews on software maintenance in general. Furthermore, it is important that security is considered as an important topic for the maintenance of software in cyber-physical systems. Indeed, the vulnerability of software running in CPS can cause severe issues in critical domains. The assessment of the quality of CPS systems and their automated repair received the least number of existing studies of around 17% of selected papers. It is interesting that the detection of quality issues is receiving less attention from the community than the security issues. One main reason could be that performance issues may not be as costly as security vulnerabilities.
To address the different software maintenance problems in CPS, we found that mainly four categories of techniques are used (RQ2). As described in Table 4, both formal methods
We extracted in Figure 3 the top 10 countries publishing papers about software maintenance for CPS. The United States of America comes on the top of the list of countries with almost the third of all our final publications (33.03% of all articles), followed by Germany with 12.84% and China with 9.17%. The announcement of the NSF back in 2006 about CPS seems to have given the United States a head start over other countries in the world with a considerable increase in interest over the years in this research field especially that CPS were listed as the number one research priority by the U.S. President's Council of Advisors on Science and Technology. Figure 4 shows the yearly evolution of the scientific production in the field of software maintenance for CPS

A. SOFTWARE MAINTENANCE ACTIVITIES FOR CPS
The need to software maintenance for CPS aims to satisfy the user requirements by maintaining good quality, efficiency, operability, and safety of that software for the CPS. It leads this study to spot four main categories of software maintenance activities: • Testing • Quality issues detection • Bugs repairing • Security  Figure 5 illustrates the percentage of the papers related to each software maintenance activity. The majority of the papers (40.41%) deal with testing operations. This big interest of the researchers in testing comes to satisfy the ultimate need of ensuring software reliability. To avoid bugs in the program that could lead to challenging debugging sessions, it is important to run the appropriate tests on the software. Security is also a topic of major interest with 28.98% rate among all our final papers. Indeed, it is very important for CPS -as they involve various interconnected systems -to avoid any vulnerability that can be compromised by a hacker attack directly affecting the operation of these systems and to have a software that is robust and resilient to attacks and cyber-security risks.
About 17% of the articles subject of this study are related to quality issues. One of the biggest user requirements has always been to develop good quality products. But it is also equally if not more important to preserve the quality of these products as they are maintained.
Bugs repairing represents 13.88% of our papers. This is about correcting and fixing problems within the software, which is the core of the software maintenance in general. But when it comes to CPS environments, this topic -in spite of its huge importance-becomes less prioritizing for researchers compared to the other 3 software maintenance activities.
This is more obvious when we look at the yearly evolution of the publications per software maintenance activities for CPS as shown in Figure 6, where we can see that the research interest on software bugs repairing for CPS has only increased for the last three years (2018, 2019 and 2020).

B. SOFTWARE MAINTENANCE TECHNIQUES FOR CPS
Several techniques can be used for software maintenance. In this study, we divided these techniques into four essential categories: • Formal/conventional methods • Machine learning • Static analysis • Dynamic analysis Figure 7 shows the percentage of publications about software maintenance techniques for CPS. At the top of the used techniques in the articles subject of this study, we VOLUME 4, 2016 This research interest into Machine Learning has increased since 2016 as shown in Figure 8. This increasing interest in unconventional software maintenance techniques such as ML was expected since CPS are the core of a new industrial revolution that is based on AI, ML and data analysis. Hence, it was normal to expect such techniques to ensure their maintenance. Besides, formal methods for software maintenance are still interesting researchers in the field of CPS, as they made the subject of 18 articles out of a total of 109 between 2013 and 2020. Static and dynamic analysis seem not to be subjects of big interest for researchers about software maintenance of CPS with only rates of 12.73% and 3.64% respectively from our selected set of papers. Two papers only dealt with dynamic analysis and were both published in 2018.

C. EVALUATION METHODS ON SOFTWARE MAINTENANCE FOR CPS
To ensure the effectiveness of software maintenance, it is mandatory to use evaluation methods and tools. The objective of the evaluation phase is to assess whether software maintenance activities fulfill the maintenance requirements or not. In our survey, we considered two major points of view: • Automated or Manual • Academic or Industrial As shown in Figure 9, about 65% of the papers of this study deal with automated evaluation approaches. When we recall that the most used maintenance technique in our papers is ML (see Figure 7), this high research interest on automated approaches seems natural. The manual approaches are still interesting many researchers in the field of CPS as almost one third (35.29%) of our papers deal with this subject. Seventy three of the studies dealt with evaluation methods based on industrial projects, slightly more than those with open-source approaches (72 articles). When it comes to software maintenance for CPS, academic and industrial tools are equally important. Figure 10 presents the yearly evolution of the publication per evaluation method. The four methods follow almost the same momentum with a slightly higher interest on automated tools.

D. SOFTWARE MAINTENANCE TYPES FOR CPS
Software maintenance has four big categories: As shown in Figure 11, the preventive maintenance is at the top of researchers' interests in CPS field with a percentage of 35.19% of our selected papers. In fact, this particular This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/ This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication.  type of maintenance is the key element for enterprises risk management as it prevents sudden failures of the system by systematic testing. This was expected in our survey due to the distinct system features of CPS that need advanced types of maintenance. The need to corrective maintenance will always remain high. This is what explains the big rate (35.19%, equally to preventive maintenance) of articles dealing with this type of maintenance, following almost the same momentum as the preventive maintenance as shown in Figure 12.
More than one quarter of our selected articles (28.76%) deal with the adaptive maintenance for CPS. However, only two articles (0.86%) published in 2019 (see Figure 12), dealt with the perfective maintenance for CPS. This was a bit surprising for us, as there is always a big need to change or add new features and new functionalities to cyber-physical systems. Since these two articles were published recently, we believe that this research area for CPS will be the subject of more future scientific works.

IV. THREATS TO VALIDITY
The assessment of Threats to Validity is critical to secure the quality of a systematic literature review [13]. In this section, we present some threats to validity of our results, according to Wohlin et al. [3].

A. CONSTRUCT VALIDITY
It refers to the relation between the theory behind the experiment and the observation(s). The main threats in this category are related to the research questions, search string and electronic databases used. With respect to the research questions, we had several discussions about them and goals of our mapping. Also, the databases used in our experiment are well-known sources and used in the literature, where these sources return papers that were published in conferences and journals of the field, thus including the most relevant studies.
There are some threats related to the search strings that can impact the results, and consequently, the number of papers found. For example, some papers may not explicitly mention the keywords we specified. To minimize such threat, we included in the adopted method a snowballing step. In this step, eight additional studies were identified and included. Even though this is a small number, we tried to understand why the papers found in the snowballing step were not selected by our search, and then we prefer to refine our search string and re-run it.

B. CONCLUSION VALIDITY
It relates to issues that affect the ability to draw the correct conclusions from the extracted data in our study. In this category, a threat is related to our classification schemes that was made automatically through a Python code.
To ensure the correctness of the obtained results, a manual verification phase by the three authors has been added after running the code where we went through the articles checking whether the appearance of certain keywords is relevant or not to the RQ answers we were looking for. Moreover, a crosscheck was necessary among the authors to make sure that the obtained conclusions address properly the research questions.

C. INTERNAL VALIDITY
It evaluates the relationship between the treatment and the output. In this paper, the treatment is the set of papers included and the outcome is the analysis reported. In this category, a possible threat to internal validity concerns the data extraction using the list of keywords to detect the different categories, since some relevant studies may not be selected. To address this threat, we elaborated well-defined inclusion and exclusion criteria, applying them by carefully analyzing the papers. Besides, a snowballing reading was performed in the primary studies and relevant studies already known by us were selected. Moreover, we had many meetings and discussions during the extraction and selection of studies, because in some of them software maintenance applied to CSP was not so clear to the reader and, in some situations, some subjective decisions were taken.

V. IMPLICATIONS AND FUTURE RESEARCH DIRECTIONS
In this section, we identify new opportunities for future research directions related to software maintenance for CPS based on the outcomes of our systematic literature review.

A. DOCKERIZING SOLUTIONS FOR SOFTWARE IN CPS
Most of cyber-physical systems, such as autonomous/connected vehicles, switched to the use of software containers (e.g., Docker). In fact, several studies show the benefits of containers to improve the reusablility, deployment and modularity of software systems for control systems in vehicles. However, the migration into the use of software containers is bringing many challenges related to their continuous monitoring and integration into embedded systems where limited resources are available. Software Containers have their dependencies packaged together to provide the flexibility of moving containerized features/applications to other compatible environments without the need to re-integrate or re-flash the ECUs in cyber-physical systems. This ability has not been available to the embedded environment and still under-explored. With the availability of such flexibility, an interesting research area can be designed to gain from this benefit for the embedded ECUs.
We searched in our 109 final studies for the words "docker" and "container". However, none of them contained any of these two words. This gap could lead to an important new research axis that needs to be taken into consideration in the future.

B. MANAGING THE SOFTWARE WORKLOAD IN CPS
The current literature is still lacking a solution and strategy to enable dynamic workload balancing and intelli-gent scheduling of the software running in CPS (such as embedded ECUs). This enables the CPS to move critical applications to other ECUs in case of a failure or if the CPS switches to power conservation mode. This approach can be fully functional independent of cloud connectivity and prioritizing standard solutions. The current schedulers proposed in the litterature for balancing and scheduling the workload of containers is not optimized for embedded systems. Most of existing scheduler algorithms try to spread number of containers equally to all hosts which can be suitable for cloud environments but not limited resources such as CPS. An intelligent scheduler is needed for instance in embedded devices for autonomous cars, unlike cloud environments, to optimize the memory usage based on requests and priorities. Thus, it is critical to design an optimization-based scheduler algorithm to dynamically balance the software workload in CPS based on different conflicting objectives/scenarios (e.g. memory usage, CPU usage, intra-communications, number of images, etc.).

C. CLOUD AND IOT QUALITY OF SERVICE (QOS) IN CPS
With the emergence of new trends such as the Internet of Things (IoT), the software parts of CPS are distributed from edge devices and fog computing nodes to powerful cloud servers. Thus, finding the best deployment of software components is an extremely challenging and computationally hard problem for software engineers. One of the main problems is that testing and validating deployments are much harder for CPS as for classical software systems, sometimes even impossible to be done on the physical level. Thus, digital twins may be a strategy to test and validate (re)-deployments on a virtual level.
In existing research, researchers worked on dedicated architectural languages for moving software containers from on-premise computing infrastructures to the cloud infrastructures and platforms. However, such architectural language as well as more general system modeling languages miss the ability to cover the current spectrum of having edge/fog/cloud architectural layers which may be even dynamically switched if required during the runtime of a system. Thus, it is critial to extend previous developments on finding good deployments of software running in CPS for given requirements. This can be done before deploying the system for its first time, but also during runtime to consider specific needs in case some unexpected disturbance is occurring or finding a better trade-off for a specific situation. Such new paradigms need continuous optimization and learning processes running behind the scenes for having CPS appropriately embedded in our society.

VI. CONCLUSION
In this paper, we have conducted a systematic literature review on software maintenance for cyber-physical systems accompanied by meta-analysis to answer the defined research questions. After a comprehensive search that follows a systematic series of steps and assessing the quality of the studies, 109 publications were identified.
Based on the data extracted from these selected papers, we derived a comprehensive synthesis on the state-of-theart on software maintenance for cyber-physical systems. We were able to cover four different axis of this research subject: software maintenance activities, techniques, types and evaluation methods applied on CPS. We analyzed the primary studies and displayed the results using charts, graphs and maps to ease the understanding of the collected data.
We were also able to identify three potential research themes related to software maintenance for CPS and that we believe were not -at all or sufficiently-covered by researchers in the field until the date this review was carried. These potential research works are mainly about the virtualization solutions for software using docker containers, managing the software workload in cyber-physical systems when dealing with their software maintenance, and the cloud and IoT quality of service issues.
The results of our systematic review will help both researchers and practitioners to understand the current status of the field, structure it, and identify potential gaps for heir future research directions.
NADHIRA KHEZAMI is a PhD Eng. in Electrical Engineering, Automation and Industrial Computing. She received her PhD degree in 2011 from the Central School of Lille, France. She is currently an associate professor at the University of Carthage, Tunisia and as well a visiting professor and researcher at the University of Michigan-Dearborn, USA. Her main axis of research cover advanced automatic control, renewable energies, embedded systems and recently artificial intelligence and cyber-physical systems.
MAROUANE KESSENTINI is a recipient of the prestigious 2018 President of Tunisia distinguished research award, the University distinguished teaching award, the University distinguished digital education award, the College of Engineering and Computer Science distinguished research award, 4 best paper awards, and his AIbased software refactoring invention, licensed and deployed by industrial partners, is selected as one of the Top 8 inventions at the University of Michigan for 2018 (including the three campuses), among over 500 inventions, by the UM Technology Transfer Office. He is currently a tenured associate professor and leading a research group on Software Engineering Intelligence. Prior to joining UM in 2013, He received his Ph.D. from the University of Montreal in Canada in 2012. He received several grants from both industry and federal agencies and published over 110 papers in top journals and conferences. He has several collaborations with industry on the use of computational search, machine learning and evolutionary algorithms to address software engineering and services computing problems. His research interests focus on the use of User Preferences, Optimization Algorithms, and Artificial Intelligence techniques to address several Software Engineering problems such as Software Requirements, Software Testing, and Software Refactoring.