An implementation of the behavior annex in the AADL-toolset Osate2

AADL is a modeling language to design and analyze High-Integrity Distributed and Real-time systems. Embedded sub-languages published as AADL annexes extend an AADL model to enhance analysis. The behavior annex specifies the behavior of an AADL application model. An implantation of this annex allows to perform behavior analysis. In addition, as there are several AADL annexes, the implementation of generic mechanisms to support each one of them is challenging. The behavior annex is a valid candidate to illustrate these challenges by combining several sub-languages. In this paper we expose our experiment to support the behavior annex in the reference AADL toolset OSATE2. This one, supports the AADL version 2 by providing a front-end and a set of analysis plug-ins to analyze an AADL model

Fiacre: an Intermediate Language for Model Verification in the Topcased Environment

International audienceFiacre was designed in the framework of the TOPCASED project dealing with model-driven engineering and gathering numerous partners, from both industry and academics. Therefore, Fiacre is designed both as the target language of model transformation engines from various models such as SDL, UML, AADL, and as the source language of compilers into the targeted verification toolboxes, namely CADP and Tina in the first step. In this paper, we present the Fiacre language. Then transformations from AADL to Fiacre are illustrated on a small example

Modelling Embedded Systems with AADL: A Practical Study

In today’s world, embedded systems can be seen everywhere around us. These systems range from consumer electronics such as mobile phones, cameras and portable music players to sophisticated devices such as planes and satellite systems. In either form embedded systems are designed to perform specific tasks with constraints on their qualities and available resources. These constraints can either be soft or hard depending on the nature of the system: a satellite system, for example, has hard safety constraints. Some of the major constraints for embedded systems are high reliability, performance, safety and dependability, small memory size, low power and low processing capabilities. Designing systems with such constraints is a challenge. Developing system architectures during system development has gained importance as it helps in analyzing the system before its implementation. A system architecture is a formal description of a system that describes its building blocks, their properties and the interactions among them. System architectures can be used to analyze various properties of a system such as memory consumption and system safety. For embedded systems, this is of extreme importance since a well described system architecture allows us to predict whether any of the previously mentioned constraints can be met, without requiring the construction of an often expensive prototype implementation. Description of system architectures can be achieved using the formal notations offered by Architecture Description Languages (ADLs). Such ADLs often also provide tool support for the modelling and analysis of the system architecture. Many ADLs for embedded systems are available in both academic and industrial communities, such as Rapide, MetaH, AADL and Wright. Among the available ADLs, the best known and most actively used language is the Architecture Analysis and Design Language (AADL). Standardized by the Society of Automotive Engineers, AADL was originally developed for modelling and analysis of systems in the domain of avionics. However, because of its rich modelling and analysis capabilities, it is widely used for embedded systems in other domains as well. AADL provides a modelling formalism accompanied by a toolset to support modelling activities and system analyses. AADL models can be used to perform various analyses such as flow latency, resource consumption, real-time schedulability, security and safety analysis. Because of its history in the avionics domain, AADL does not address each and every modelling and analysis requirement of other embedded domains. However, during its design, it was foreseen that use of AADL in other domains could require additional modelling concepts and analyses. To meet potential needs AADL was designed as an extensible ADL. This chapter is intended to provide insight into the design needs of embedded systems and the formalisms available to address those needs.status: publishe

Design and Analysis of Multi-Core Architecture for Cyber-Physical Systems

International audienceCyber-Physical Systems are becoming software intensive, collocating many functions on a single processor and requiring a significant processing capacity which increased over the years. In recent years, improving processing performance has been achieved by adding more processing cores on the same chip rather than increasing its frequency. This new design also introduces issues: interaction among cores may impact software performance and might also arm software isolation layers, such as the one defined in ARINC653. For that reason, software using multi-core architecture must be carefully designed and specified with hardware and software aspects. This would help to analyze the system and detect potential design issue. This paper proposes an approach to represent multi-core architectures and their association with software ar-tifacts, such as the ones used for cyber-physical systems (e.g., the ARINC653 platform). For that purpose, we use the AADL language and define specific modeling patterns with new properties

Towards a formal semantics for AADL execution model

International audienceIn this paper, we present a specification in TLA+ of an AADL execution model. This formal specification is used forderiving a prototype verification tool for AADL the TOPCASED development environment

Langage intermédiaire et transformations de modèles pour le développement de systèmes temps-réel : retour d'expérience sur la chaîne de vérification formelle Fiacre

6 pagesInternational audienceWe discuss the results obtained during the development of a formal verification toolchain for AADL based on a model driven engineering approach. Our approach is characterized by the use of the pivot language FIACRE to facilitate verification activities and transformations between models. We quickly analyse the first return on experience and present ongoing work started in the scope of the Quarteft project to improve the verification chain.Nous présentons les résultats obtenus durant le développement d’une chaîne de vérifi-cation formelle pour le langage d’architecture AADL basé sur une approche ingénierie dirigéepar les modèles. Notre approche se caractérise par l’utilisation du langage pivot FIACRE pourfaciliter les activités de vérification et de transformations entre modèles. Nous commentonsles premiers retours d’expérience issus de la mise en oeuvre de cette chaîne de vérification etprésentons en conclusion les travaux en cours dans le cadre du projet Quarteft qui visent àl’améliore

SOFTWARE TESTABILITY MEASURE FOR SAE ARCHITECTURE ANALYSIS AND DESIGN LANGUAGE (AADL)SOFTWARE TESTABILITY MEASURE FOR SAE ARCHITECTURE ANALYSIS AND DESIGN LANGUAGE (AADL)

Testability is an important quality attribute of software, especially for critical systems such as avionics, medical, and automotive. Improvement in the early testability of software architecture, the first artifact of the software system, will help reduce issues and costs later in the development process. AADL, an architecture analysis description language suitable for critical embedded, real-time systems, can be used for design documentation, analysis and code generation. Because the capability of AADL can be extended, it is possible to add new analyses to its core language. Tools such as the Open Source AADL Tool Environment (OSATE) provide plugins for processing AADL models. Although adding new plugins in OSATE extends AADL, there currently exists no AADL extension for testability measurement. The purpose of this thesis is to propose such a method to measure the testability of AADL models as well as to develop a testability plugin in OSATE. Much research has been conducted on testability of hardware, software and embedded systems, resulting in several approaches for measuring this quality attribute. Among them, the approach measuring testability as a product of controllability and observability using information transfer graph (ITG) is the most applicable for measuring the testability of AADL models. This thesis proposes a method applying this approach to AADL models. A complete testability measure plugin for OSATE was developed based on this approach and detailed examples are given in this thesis to demonstrate its applicability

From AADL to Timed Abstract State Machines: A Verified Model Transformation

International audienceArchitecture Analysis and Design Language (AADL) is an architecture description language standard for embedded real-time systems widely used in the avionics and aerospace industry to model safety-critical applications. To verify and analyze the AADL models, model transformation technologies are often used to automatically extract a formal specification suitable for analysis and verification. In this process, it remains a challenge to prove that the model transformation preserves the semantics of the initial AADL model or, at least, some of the specific properties or requirements it needs to satisfy. This paper presents a machine checked semantics-preserving transformation of a subset of AADL (including periodic threads, data port communications, mode changes, and the AADL behavior annex) into Timed Abstract State Machines (TASM). The AADL standard itself lacks at present a formal semantics to make this translation validation possible. Our contribution is to bridge this gap by providing two formal semantics for the subset of AADL. The execution semantics provided by the AADL standard is formalized as Timed Transition Systems (TTS). This formalization gives a reference expression of AADL semantics which can be compared with the TASM-based translation (for verification purpose). Finally, the verified transformation is mechanized in the theorem prover Coq

An Architecture-Based Verification Technique for AADL Specifications

Abstract. Quality assurance processes of software-intensive systems are an increasing challenge as the complexity of these systems dramatically increases. The use of Architecture Description Languages (ADLs) provide an important basis for evaluation. The Architecture Analysis and Design Language (AADL) is an ADL developed for designing softwareintensive systems. In this paper, we propose an architecture-based verification technique covering the entire development process by adapting a combination of model-checking and model-based testing approaches to AADL specifications. The technique reveals inconsistencies of early design decisions and ensures a system's conformity with its AADL specification. The objective and criteria (test-selection) of the verification technique is derived from traditional integration testing