A Model-based transformation process to validate and implement high-integrity systems

Despite numerous advances, building High-Integrity Embedded systems remains a complex task. They come with strong requirements to ensure safety, schedulability or security properties; one needs to combine multiple analysis to validate each of them. Model-Based Engineering is an accepted solution to address such complexity: analytical models are derived from an abstraction of the system to be built. Yet, ensuring that all abstractions are semantically consistent, remains an issue, e.g. when performing model checking for assessing safety, and then for schedulability using timed automata, and then when generating code. Complexity stems from the high-level view of the model compared to the low-level mechanisms used. In this paper, we present our approach based on AADL and its behavioral annex to refine iteratively an architecture description. Both application and runtime components are transformed into basic AADL constructs which have a strict counterpart in classical programming languages or patterns for verification. We detail the benefits of this process to enhance analysis and code generation. This work has been integrated to the AADL-tool support OSATE2

Virtual Node - To Achieve Temporal Isolation and Predictable Integration of Real-Time Components

We present an approach of two-level deployment process for component models used in distributed real-time embedded systems to achieve predictable integration of real-time components. Our main emphasis is on the new concept of virtual node with the use of a hierarchical scheduling technique. Virtual nodes are used as means to achieve predictable integration of software components with real-time requirements. The hierarchical scheduling framework is used to achieve temporal isolation between components (or sets of components). Our approach permits detailed analysis, e.g., with respect to timing, of virtual nodes and this analysis is also reusable with the reuse of virtual nodes. Hence virtual node preserves real-time properties across reuse and integration in different contexts

Integrating AADL and FMI to Extend Virtual Integration Capability

Virtual Integration Capability is paramount to perform early validation of Cyber Physical Systems. The objective is to guide the systems engineer so as to ensure that the system under design meets multiple criteria through high-fidelity simulation. In this paper, we present an integration scheme that leverages the FMI (Functional Mock-Up interface) standard and the AADL architecture description language. Their combination allows for validation of systems combining embedded platform captured by the AADL, and FMI components that represent physical elements, either mechanical parts, or the environment. We present one approach, and demonstrator case studies

Modeling and Generating Tailored Distribution Middleware for Embedded Real-Time Systems

International audienceDistributed real-time embedded (DRE) systems are becoming increasingly complex. They have to meet more and more stringent requirements, either functional or non-functional. Because of this, DRE systems development makes use of formal methods for verification; and, in some cases, generation of proven code. The distribution aspects are typically handled by a middleware, which must meet the system constraints. In this article, we describe our approach to model and generate middleware-based distributed systems for DRE applications. Our methodology is a three-step approach. First, we model the high-level inter-component interactions using connectors. We then use the Architecture Analysis and Design Language (AADL) as a pre-implementation description language to capture all the non-functional aspects of the system. Finally, we generate actual application code and the appropriate middleware from the AADL description. In order to demonstrate the feasibility of our approach, we created an application generator, Gaia. It is part of the Ocarina AADL tool suite and generates application source code for use with the PolyORB middleware

Heterogeneous models and analyses in the design of real-time embedded systems - an avionic case-study

The development of embedded systems according to Model-Driven Development relies on two complementary activities: system mod- eling on the one hand and analysis of the non-functional properties, such as timing properties, on the other hand. Yet, the coupling be- tween models and analyses remains largely disregarded so far: e.g. how to apply an analysis on a model? How to manage the analysis process? This paper presents an application of our research on this topic. In particular, we show that our approach makes it possible to combine heterogeneous models and analyses in the design of an avionic system. We use two languages to model the system at di erent levels of abstraction: the industry standard AADL (Ar- chitecture Analysis and Design Language) and the more recent implementation-oriented CPAL language (Cyber-Physical Action Language). We then combine di erent real-time scheduling analy- ses so as to gradually de ne the task and network parameters and nally validate the schedulability of all activities of the system

Functional Validation of AADL Models via Model Transformation to SystemC with ATL

6 pagesInternational audienceIn this paper, we put into action an ATL model transformation in order to automatically generate SystemC models from AADL models. The AADL models represent electronic systems to be embedded into FPGAs. Our contribution allows for an early analytical estimation of energetic needs and a rapid SystemC simulation before implementation. The transformation has been tested to simulate an existing video image processing system embedded into a Xilinx Virtex5 FPGA

Design Space Exploration: Bridging the Gap Between High­‐Level Models and Virtual ExecutionPlatforms

International audienceThispaper presents a novel embedded systems modeling framework that fills the gap betweenhigh-­‐level AADL models and low-­‐level hardware virtual execution platforms. This approach allows refinement and improvement of system performance through exploration of architectures at different levels of abstraction. The aim of the proposed approach is to achieve virtual prototyping of the complete system in order to allow validation to begin early in the design flow, thereby accelerating its development while improving system performances

Ravenscar computational model compliant AADL simulation on LEON2

AADL has been proposed for designing and analyzing SW and HW architectures for real-time mission-critical embedded systems. Although the Behavioral Annex improves its simulation semantics, AADL is a language for analyzing architectures and not for simulating them. AADS-T is an AADL simulation tool that supports the performance analysis of the AADL specification throughout the refinement process from the initial system architecture until the complete, detailed application and execution platform are developed. In this way, AADS-T enables the verification of the initial timing constraints during the complete design process. In this paper we focus on the compatibility of AADS-T with the Ravenscar Computational Model (RCM) as part of the TASTE toolset. Its flexibility enables AADS-T to support different processors. In this work we have focused on performing the simulation on a LEON2 processor.This work has been supported by ESTEC 22810/09/NL/JK HW-SW CODESIGN Project contracted to GMV Aerospace and Defence S.A.U

A toolset for the development of mixed-criticality partitioned systems

The development of mixed-criticality virtualized multi-core systems poses new challenges that are being subject of active research work. There is an additional complexity: it is now required to identify a set of partitions, and allocate applications to partitions. In this job, a number of issues have to be considered, such as the criticality level of the application, security and dependability requirements, time requirements granularity, etc. MultiPARTES [11] toolset relies on Model Driven Engineering (MDE), which is a suitable approach in this setting, as it helps to bridge the gap between design issues and partitioning concerns. MDE is changing the way systems are developed nowadays, reducing development time. In general, modelling approaches have shown their benefits when applied to embedded systems. These benefits have been achieved by fostering reuse with an intensive use of abstractions, or automating the generation of boiler-plate code

Ingénierie dirigée par les modèles pour la simulation, le cas de PRISE

Dans cet article, nous présentons une approche dirigée par les modèles permettant de fournir une vision haut niveau d’une simulation basée sur le standard HLA « High Level Architecture » sous forme d’un modèle AADL. Cette modélisation permet d’abstraire les paramètres clés d’une fédération HLA, de générer le code utile en lieu et place d’une écriture manuelle et de vérifier certains paramètres clés