Course: AdvancedSoftware Engineering - UnivAQ/0809/Lectures/8_LabADL… · · 2009-11-30DAOP ADL CommUnity C2 SADEL C2 AML C2 ARTECH ArchiTRIO ArchWare ArchJava AESOP ... Management

1

Lecturer:Henry Muccini

Computer Science Department University of L'Aquila - Italy

[email protected] –[www.HenryMuccini.com]

Course:

Advanced Software EngineeringCourse Web-site: [www.di.univaq.it/SE+/]

Lecturer:Vittorio Cortellessa


[email protected] -[www.di.univaq.it/cortelle]

Lecturer:Vittorio Cortellessa


[email protected] -[www.di.univaq.it/cortelle]

L08: LAB ADL

2SEA Group

© 2008 by H. Muccini and V. CortellessaSEA GroupSEA Group

Copyright Notice

» The material in these slides may be freely reproduced and distributed, partially or totally, as far as an explicit referenceor acknowledge to the material author is preserved.

Henry Muccini

2

3SEA Group


LILEANNA

KOALA

JACAL

ISDL

HMDES

GEN VOCA

EXPRESSION

EAST ADL

DICAM

DARWIN

DAOP ADL

CommUnity

C2 SADEL

C2 AML

C2

ARTECH

ArchiTRIO

ArchWare

ArchJava

AESOP

ADML

ADLARS

ADAGE

ACME

ABC/ADL

AADL

NOME ADL

xC2

xArch / xADL

xArch / xAcme

WSDL

WRIGHT

WEAVES

UNICON

UDL/i

SKWYRL

SATURN

SADL

RESOLVE

RAPIDE

RADL

PRISMA

PALANTIR

MODE CHART

MIMOLA

META H

Ménage / xADL

MAUDE

MAFIIA

MADL

MAE

LITTLE JIL

LISA

NOME ADL

Existing ADLs

4SEA Group


AADL/OSATEAADL/OSATE ACME/ACME/AcmeStudioAcmeStudio AcmeArchJavaAcmeArchJava DARWIN/SAADARWIN/SAA

EASTEAST--ADL/AutoFocus2ADL/AutoFocus2 xADLxADL//MMéénagenage--PalantirPalantir Prisma/Prisma/PrismaCasePrismaCase xADLxADL//ArchStudioArchStudio

Orientato prevalentemente

all’analisi

Fortemente orientato agli

stili architetturali

Supporto alla generazione di

codice ed architectural programming

Orientato alle architetture dinamiche

tramite FSP

Supporto al model checking

Rappresentazione ed

implementazione di PLA

Supporto allo sviluppo Aspect

Oriented e Component

Based

Estendibilitàper mezzo di XML Schemas

ADL/Tool Support

3

5SEA Group


Practical ADLs» xADL 2.0/ArchStudio 4

> Box and Line

» AADL/OSATE

» ACME/ACME STUDIO

> Formal ADL

» UML 2/Magic Draw

> UML semi-formal

» Architectural Programming Language:

- ArchJava

» Dually

6SEA Group


AADL AADL

4

7SEA Group


SAE Architecture Analysis & Design Language (AADL) Standard

» Notation for specification of runtime architecture of real-time, embedded, fault-tolerant, secure, safety-critical, software-intensive systems

» Fields of application: Avionics, Aerospace, Automotive, Autonomous systems, Medical devices

» Based on 15 years of research & industry input

» Standard approved & published Nov 2004

» www.aadl.info

8SEA Group


High level description of AADL

» Developed and standardized under the auspices of the International Society of Automotive Engineers (SAE)

» Support the design and analysis of complex real-time safety-critical systems in avionics, automotive, space, …

» AADL provides a formal mechanism to capture the architecture specification

> AADL -> mathematical analysis of real-time embedded, multiprocessor, safety critical, fault tolerant systems (hardware and software)

» AADL is precise but abstract, incremental, system of systems, extendable

5

9SEA Group


Model-based AssurancePredictive Analysis Across Perspectives Security

IntrusionIntegrityConfidentiality

Availability & ReliabilityMTBFFMEAHazard analysis

Real-timePerformanceExecution time/Deadline Deadlock/starvationLatency

ResourceConsumptionBandwidthCPU timePower consumption

Data precision/accuracyTemporal correctnessConfidence

Data Quality

Architecture Model

Reduced model validation cost due to single source model

10SEA Group


Model-Based Embedded System Engineering

Execution Platform

Devices Bus Processor

HTTPSGPS Ada Runtime. . . . . . . . . .

Memory

DB

Document the ArchitectureAbstract, but

Precise

NavigationSystem

AirbagDeploymentParking

Assistance

EmissionManagementCruise

Control

AntilockBrakingSystem

Application Software

ElectronicFuel

Injection

System Analysis• Schedulability• Performance• Reliability• Fault Tolerance• Dynamic Configurability

System Construction• AADL Runtime System • Application Software

Integration

ExternalEnvironment

6

11SEA Group


SAE AADL Standard

MetaHHoneywell

DSSA

SAE AADLStandardNov 2004

Industry StandardsIndustrial

Projects

Industrial Initiatives

RMALehoczky

Klein

Simplex Dependable Upgrade

Sha

GMEVanderBilt

MoBIES

ACMEGarlanEDCS

HOODSTOOD

MetaHError ModelHoneywell

AutomotiveUnmanned

Vehicles

OSATEToolset

SEI

AADL Meta Model & XMI

June 2006

AADL Error Annex Standard

June 2006

AADL UML Profile Std

2007

AvionicsAerospace

EmbeddedSystemsResearch Industrial

Tools

Medical

Autom

otiveA

vionicsA

erospace

Eclipse EMF

MBE

www.aadl.info

12SEA Group


Industrial Embedded Systems Initiatives

SAE AADLStandardNov 2004

Automotive

OSATEToolset

SEIAADL Meta Model & XMI

June 2006AADL Error

Annex StandardJune 2006

Avionics

Aerospace

MBE

TOPCASEDOpen Source Embedded

Systems Tool Framework28 partners €20+M 2005-2008

ITEA SPICESModel-Driven Embedded

Systems Engineering15 partners €16M 2006-2009

US AVSI Avionics ConsortiumAnalysis-based System Validation

8 partners $12+M 2007-2010

EC ASSERTProof-based Satellite

Architectures ESA + 30 partners€15M 2004-2007

EAST ADLAutoSAR

IST ARTIST2Embedded SystemsCenter of Excellence

2007-2011

OpenGroupReal-Time ForumEU + US partners

7

13SEA Group


Two-Tier Tool Strategy» Based on AADL XMI interchange format standard

» Open Source Tool Solution

> Low entry cost solution based on Eclipse & Eclipse Modeling Framework> SEI Open Source AADL Tool Environment (OSATE) integrated with open source

Airbus TOPCASED tools> Vehicle for pilot projects, in-house prototyping, and architecture research

» Commercial Tool Support

> Addition of AADL to existing commercial environment (ElliDiss)> Interface with in-house & commercial tools (Dassault, Airbus, Rockwell,

Honeywell)> UML tool environment extension & integration (Telelogic, Rational, Artisan,

MARTE)

14SEA Group


Look and Feel

8

15SEA Group


Application Components

» System: hierarchical organization of components

» Process: protected virtual address space

» Thread group: organization of threads in processes

» Thread: an active unit of concurrent execution

» Data: potentially sharable data

» Subprogram: Callable unit of sequential code

16SEA Group


Implementation of the “process”component

» Allowed internal elements:

> Data> Thread> Thread group

9

17SEA Group


Textual Implementation of the “process”component

Type.name

Name: element

18SEA Group


ADL driven Software Design in AADL

» An AADL design:

- It does notnot enforce any specific style- It doesdoes require a clear distinction between component

types and instances- It doesdoes permit component nesting- It doesdoes support both a textual and a graphical notation- It doesdoes allow both structural and (some form of)

behavioral specification- It does notnot use XML for storing architectural

information

10

19SEA Group


Implementation of the “thread”component

20SEA Group


Implementation of the “thread group”component

11

21SEA Group


Implementation of the “data”component

22SEA Group


Ports & Connections

Data port

out

in

in out

Event port

Event data port

Port group

Ports: directional transfer of data & control

Data port: state, sampled data streams

Event port: Queued, thread dispatch & mode switch trigger

Event data port: queued messages

Port group: aggregation of ports into single connection point

Connection: connects ports in the direction of their flow. Two types: Immediate, delayed

12

23SEA Group


Ports & Connections implementation

24SEA Group


Component type & Component implementation

» A component type contains:

- features;- flow specifications;- property associations.

» A component implementation must conform to the description of the corresponding component type

» A type can inherit from another type

» An implementation can inherit from another implementation

13

25SEA Group


Execution Platform Components» Processor – provides thread scheduling and execution

services

» Memory – provides storage for data and source code

» Bus – provides physical connectivity between execution platform components

» Device – interface to external environment

Processor

Device

Bus

Memory

26SEA Group


Hardware ComponentsPilot

Multifunction Display1

Pilot Multifunction

Display2

CoPilotMultifunction

Display1

CoPilotMultifunction

Display2

Display Processor

Display Processor

Display Processor

Display Processor

MissionProcessor

MissionProcessor

MissionProcessor

High speed network

1553 bus

Auto-Pilot GPS Nav Radio

1553 bus

High speed network

14

27SEA Group


Summary of AADL elements

28SEA Group


Other modeling issues: Timing & Concurrency Issues

Navigation Sensor

Processing

Integrated Navigation

Guidance Processing

Flight PlanProcessing

Aircraft Performance Calculation

20Hz

10Hz

20Hz

5Hz

2Hz

From other Partitions

Dec

reas

ing

Prio

rity

Periodic I/O20Hz

To otherPartitions

Shared data area

Pr 1

Pr 2

Pr 3

Pr 4

Pr 6

Pr 9Potential priority inversion due to priority assignmentLower rate thread has higher

priority

Shared data access may

require locking

15

29SEA Group


Warning

» AADL/Osate comes with a textual notation and a graphical user interface for architectural modeling

» There are still problems with the GUI

- Misalignment between the textual and the graphical specs

» Be aware of this issue

30SEA Group


Riferimento

» The Architecture Analysis & Design Language (AADL): An Introduction .Peter H. Feiler, David P. Gluch,John J. Hudak February 2006

16

31SEA Group


Using AADL: taking a look to an existingexample

How to use AADLTo be done together

44SEA Group


ADL ADL SummarySummary

17

45SEA Group


Summary

» No “one true approach”

» Flexibility, interchange, evolvability of ADLs is still unachieved

- But we’re getting there, and hopefully will be there soon!

46SEA Group


Problems with Existing ADLs» High degree of formality

- making difficult their integration in industrial life-cycles

» Specialized semantic basis:

- Different analysis require different ADLs- Impossible to construct an ADL which supports every kind of

analysis

» Limited tool support

» Lack of lifecycle-wide support

» Very limited industry buy-in to date

18

47SEA Group


A Compromise: UML

»UML is emerging as the de facto standard design notationof choice in industrial software development

» Understood by many industrial software developers

»Reasonably applicable to software architectures

- UML can be adapted for use as an ADL, but> Less formal and much more ambiguous than existing ADLs> Mature design environments, but lack of powerful analysis tools

»Nowadays, 20 + approaches to extend the UML for SA modeling

Documents

Course: AdvancedSoftware Engineering - UnivAQ/0809/Lectures/8_LabADL… · · 2009-11-30DAOP ADL CommUnity C2 SADEL C2 AML C2 ARTECH ArchiTRIO ArchWare ArchJava AESOP ... Management