System-level Co-simulation of Integrated Avionics Using Polychrony

International audienceThe design of embedded systems from multiple views and heterogeneous models is ubiquitous in avionics as, in partic- ular, different high-level modeling standards are adopted for specifying the structure, hardware and software components of a system. The system-level simulation of such composite models is necessary but difficult task, allowing to validate global design choices as early as possible in the system de- sign flow. This paper presents an approach to the issue of composing, integrating and simulating heterogeneous mod- els in a system co-design flow. First, the functional behavior of an application is modeled with synchronous data-flow and statechart diagrams using Simulink/Gene-Auto. The system architecture is modeled in the AADL standard. These high- level, synchronous and asynchronous, models are then trans- lated into a common model, based on a polychronous model of computation, allowing for a Globally Asynchronous Lo- cally Synchronous (GALS) interpretation of the composed models. This translation is implemented as an automatic model transformation within Polychrony, a toolkit for em- bedded systems design. Simulation, including profiling and value change dump demonstration, has been carried out based on the common model within Polychrony. An avionic case study, consisting of a simplified doors and slides control system, is presented to illustrate our approach

Virtual Node - To Achieve Temporal Isolation and Predictable Integration of Real-Time Components

We present an approach of two-level deployment process for component models used in distributed real-time embedded systems to achieve predictable integration of real-time components. Our main emphasis is on the new concept of virtual node with the use of a hierarchical scheduling technique. Virtual nodes are used as means to achieve predictable integration of software components with real-time requirements. The hierarchical scheduling framework is used to achieve temporal isolation between components (or sets of components). Our approach permits detailed analysis, e.g., with respect to timing, of virtual nodes and this analysis is also reusable with the reuse of virtual nodes. Hence virtual node preserves real-time properties across reuse and integration in different contexts

Teaching Real-Time Scheduling Analysis with Cheddar

National audienceThis article is a presentation of the Cheddar toolset.Cheddar is a GPL open-source scheduling analysis tool.It has been designed and distributed to allow students to understand the main concepts of the real-time scheduling theory.The tool is built around a simplified ADL (Architecture Description Language)devoted to real-time scheduling theory. Students can directly build their real-time systems models with this ADL andits associated editor, however, it is expected that they use modeling tools to illustrate how scheduling analysis fits in an engineering process.In this article, we introduce the Cheddar ADL and the scheduling analysis features of Cheddar. We alsopresent how Cheddar is implemented and how it can be adapted to specific requirements.Two examples of use of Cheddar are then described.Finally, in the annex of this article, teachers may find a sample of hand-outs that may be used to illustrate real-time scheduling theory with their students

Modelling Embedded Systems with AADL: A Practical Study

In today’s world, embedded systems can be seen everywhere around us. These systems range from consumer electronics such as mobile phones, cameras and portable music players to sophisticated devices such as planes and satellite systems. In either form embedded systems are designed to perform specific tasks with constraints on their qualities and available resources. These constraints can either be soft or hard depending on the nature of the system: a satellite system, for example, has hard safety constraints. Some of the major constraints for embedded systems are high reliability, performance, safety and dependability, small memory size, low power and low processing capabilities. Designing systems with such constraints is a challenge. Developing system architectures during system development has gained importance as it helps in analyzing the system before its implementation. A system architecture is a formal description of a system that describes its building blocks, their properties and the interactions among them. System architectures can be used to analyze various properties of a system such as memory consumption and system safety. For embedded systems, this is of extreme importance since a well described system architecture allows us to predict whether any of the previously mentioned constraints can be met, without requiring the construction of an often expensive prototype implementation. Description of system architectures can be achieved using the formal notations offered by Architecture Description Languages (ADLs). Such ADLs often also provide tool support for the modelling and analysis of the system architecture. Many ADLs for embedded systems are available in both academic and industrial communities, such as Rapide, MetaH, AADL and Wright. Among the available ADLs, the best known and most actively used language is the Architecture Analysis and Design Language (AADL). Standardized by the Society of Automotive Engineers, AADL was originally developed for modelling and analysis of systems in the domain of avionics. However, because of its rich modelling and analysis capabilities, it is widely used for embedded systems in other domains as well. AADL provides a modelling formalism accompanied by a toolset to support modelling activities and system analyses. AADL models can be used to perform various analyses such as flow latency, resource consumption, real-time schedulability, security and safety analysis. Because of its history in the avionics domain, AADL does not address each and every modelling and analysis requirement of other embedded domains. However, during its design, it was foreseen that use of AADL in other domains could require additional modelling concepts and analyses. To meet potential needs AADL was designed as an extensible ADL. This chapter is intended to provide insight into the design needs of embedded systems and the formalisms available to address those needs.status: publishe

Quantitative Timed Analysis of Interactive Markov Chains

Abstract This paper presents new algorithms and accompanying tool support for analyzing interactive Markov chains (IMCs), a stochastic timed 1 1 2-player game in which delays are exponentially distributed. IMCs are compositional and act as semantic model for engineering for-malisms such as AADL and dynamic fault trees. We provide algorithms for determining the extremal expected time of reaching a set of states, and the long-run average of time spent in a set of states. The prototypical tool Imca supports these algorithms as well as the synthesis of ε-optimal piecewise constant timed policies for timed reachability objectives. Two case studies show the feasibility and scalability of the algorithms.

Xoncrete: a scheduling tool for partitioned real-time systems

International audienceARINC 653 defines a partitioned framework where the partitions are scheduled according to a predefined cyclic plan and the processes of each partition are scheduled with a fixed priority policy. The timing characteristics defined in ARINC (period and duration) can hardly be used to precisely represent the timing requirements of the applications. We extend the timing model of ARINC 653 to consider deadlines and the periodic behaviour of the individual processes. A novel definition of how to model periodic activities and how this new model is specially useful in an heterogeneous partitioned system is also presented. The new model and the set of scheduling algorithms have been implemented in a scheduling tool (called Xoncrete) to assist the designer to generate the cyclic plan table. Although founded on solid theoretical results, Xoncrete is not a general purpose tool, it is a tool designed to provide real help to the system designer

Executing AADL models with UML/Marte

International audienceAADL and MARTE are two modeling formalisms supporting the analysis of real-time embedded systems. Since both cover similar aspects, a clear assessment of their respective strength and weakness is required. Building on previous works, we focus here on the time aspects of the two specifications. Relying on the MARTE Time Model and the operational semantics of its companion language CCSL we attempt to equipped UML activities with the execution semantics of an AADL specification. This is part of a much broader effort to build a generic simulator for UML models with the semantics explicitly defined within the model

Incremental Latency Analysis of Heterogeneous Cyber-Physical Systems

REACTION 2014. 3rd International Workshop on Real-time and Distributed Computing in Emerging Applications. Rome, Italy. December 2nd, 2014.Cyber-Physical Systems, as used in automotive, avionics, or aerospace domains, have critical real-time require-ments. Time-related issues might have important impacts and, as these systems are becoming extremely software-reliant, validate and enforcing timing constraints is becoming difficult. Current techniques are mainly focused on validating these constraints late by using integration tests and tracing the system execution. Such methods are time-consuming and labor-intensive and, discovering timing issue late in the development process might incur significant rework efforts. In this paper, we propose an incremental model-based ap-proach to analyze and validate timing requirements of cyber-physical systems. We first capture the system functions, its related latency requirements and validate the end-to-end latency at a high level. This functional architecture is then refined into an implementation deployed on an execution platform. As system description is evolving, the latency analysis is being refined with more precise values. Such an approach provide latency analysis from a high level specification without having to implement the system, saving potential re-engineering efforts. It also helps engineers to select appropriate execution platform components or change the deployment strategy of system functions to ensure that latency requirements will be met when implementing the system.This material is based upon work funded and supported by the Department of Defense under Contract No. FA8721-05-C-0003 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center