Mapping AADL to Petri Net Tool-Sets Using PNML Framework

Architecture Analysis and Design Language (AADL) has been utilized to specify and verify non- functional properties of Real-Time Embedded Systems (RTES) used in critical application systems. Examples of such critical application systems include medical devices, nuclear power plants, aer- ospace, financial, etc. Using AADL, an engineer is enable to analyze the quality of a system. For example, a developer can perform performance analysis such as end-to-end flow analysis to guarantee that system components have the required resources to meet the timing requirements relevant to their communications. The critical issue related to developing and deploying safety critical systems is how to validate the expected level of quality (e.g., safety, performance, security) and functionalities (capabilities) at design level. Currently, the core AADL is extensively applied to analyze and verify quality of RTES embed in the safety critical applications. The notation lacks the formal semantics needed to reason about the logical properties (e.g., deadlock, livelock, etc.) and capabilities of safety critical systems. The objective of this research is to augment AADL with exit- ing formal semantics and supporting tools in a manner that these properties can be automatically verified. Toward this goal, we exploit Petri Net Markup Language (PNML), which is a standard act- ing as the intermediate language between different classes of Petri Nets. Using PNML, we interface AADL with different classes of Petri nets, which support different types of tools and reasoning. The justification for using PNML is that the framework provides a context in which interoperability and exchangeability among different models of a system specified by different types of Petri nets is possible. The contributions of our work include a set of mappings and mapping rules between AADL and PNML. To show the feasibility of our approach, a fragment of RT-Embedded system, namely, Cruise Control System has been used

Towards Harmonizing Multiple Architecture Description Languages for Real-Time Embedded Systems

Abstract-The increasing complexity of real-time embedded systems requires appropriate methods and techniques to support the development including the specification and analysis of different architectural aspects. A large number of architectural description languages (ADL) have been proposed with varying focus and application domains. There is a need for harmonization of these ADLs. This can be from develoloping and understanding of how they differ or could be synergistically combined for increasing the overall development efficiency and fulfilling the ever increasing functional and non-functional requirements on a system. This paper addresses this issue and focuses on four different ADLs: EAST-ADL, AUTOSAR, AADL and Rubus. In this work we compare these ADLs, identify possible usage scenarios involving more than one ADL and discuss some of the underlying challenges. A representative industrial case study of a brake-by-wire system is used to support the work

Une approche intégrée pour la validation et la génération de systèmes critiques par raffinement incrémental de modèles architecturaux

The increasing complexity of distributed realtime and embedded (DRE) systems and their implication in various domains imply new design and development methods. In safety- criticial domains such as space, aeronautical, transport or medicine, their failure could result in the failure of the mission, or in dramatic damages such as human losses. This particular class of systems comes with strong requirements to satisfy safety, reliability and security properties. The Model-driven Engineering (MDE) introduces the concept of «model» - an abstract description of the system and a set of tools (editor, transformation engine, code generator) to simplify and automatize the design, the validation and the implementation of the system. Thus, various abstractions are realized using different domain-specific modeling languages in order to assess one particular aspect of the system and to re-use model-based analysis tools and generative technologies. These various representations may share some commonalities but the consistency between them is hard to validate (for example : Is the analyzed system the same as the generated one ?).This PhD thesis leverages MDE concepts and mechanisms, to enhance the reliability of the model-based development process of DRE systems. Our approach is based on the definition of the architectural and behavioral modeling language AADLHI Ravenscar, a restriction of AADL (Architecture Analysis & Design Language) and its behavioral annex. This subset of AADL constructs, comes up with a semantic close to the one of an imperative programming language, to drive both the analysis and the code generation of the application components and its relying execution platform (middleware) components...L’augmentation de la complexité des systèmes temps-réel répartis embarqués (TR2E) et leur implication dans de nombreux domaines de notre quotidien imposent de nouvelles mé thodes de réalisation. Dans les domaines dits critiques (transport, médecine...) ces systèmes doivent satisfaire des contraintes dures pour garantir leur bon fonctionnement et éviter toutes défaillances qui engendreraient des conséquences financières ou humaines dramatiques. L’Ingénierie Dirigée par les Modèles (IDM) introduit le “modèle” - i.e. une description abstraite du système - et un ensemble d’outils (édition, transformation...) permettant la simplification et l’automatisation des étapes de conception, de validation et de génération du système. Ainsi, différentes abstractions du système sont élaborées dans des formalismes spécifiques de manière à couvrir un aspect du système et à permettre la réutilisation des outils d’analyse et de génération existants. Cependant, ces multiples représentations évoluent à des niveaux d’abstractions différents et il n’est pas toujours évident de mettre en corrélation système analysé et système généré. Ce travail de thèse exploite les concepts et les mécanismes offerts par l’IDM pour améliorer la fiabilité du processus de réalisation des systèmes critiques basé sur les modèles. L’approche que nous avons définie repose sur la définition du langage de modélisation architecturale et comportementale AADL-HI Ravenscar - un sous-ensemble du langage AADL (Architecture Analysis & Design Language) et de son annexe comportementale - contraint pour permettre conjointement l’analyse et la génération de l’ensemble des composants de l’application y compris de son exécutif, avec une sémantique proche d’un langage de programmation impératif..

Contribution à la modélisation explicite des plates-formes d'exécution pour l'IDM

23 pagesNational audienceOne foundation of the model driven engineering (MDE) is to separate the modelling application description from its technological implementation (i.e. platform). Some of them are dedicated to the system execution. Hence, one promise solution of the MDE is to automate transformations from platform independent models to platform specific models. Little work has explicitly described platform characteristics. Yet, an explicit modelling allows taking in account their characteristics more easily (par ex., performances, maintainability,portability). This paper presents both an execution platform modelling state of art and a pattern to describe execution platform modelling framework. It intends to confirm the feasibility and the interests in describing an execution platform metamodel

Méthode de conception dirigée par les modèles pour les systèmes avioniques modulaires intégrés basée sur une approche de cosimulation

RÉSUMÉ Dans l’industrie aérospatiale, le développement des systèmes devient de plus en plus complexe. Dans ce contexte, l’architecture avionique modulaire intégrée (IMA) a été conçue pour remplacer son prédécesseur - l’architecture fédérée, afin de réduire le poids, la puissance dissipée et la dimension des appareils. Les travaux de recherche présentés dans ce mémoire, dans le cadre du projet en avionique AVIO509, proposent un ensemble de solutions efficaces en termes de temps et de coût pour le développement et la validation fonctionnelle des systèmes IMA. Les méthodologies présentées se concentrent principalement sur deux flots de conception basés sur : 1) le concept de l’ingénierie dirigée par les modèles et 2) une plateforme de cosimulation. Dans le premier flot de conception, le langage de modélisation AADL est utilisé pour décrire une architecture IMA, alors que l’environnement OCARINA pour la génération de code certifié (e.g., POK), va être étendu pour permettre la génération de modèles haut niveau simulables par l’environnement commercial SIMA (un simulateur d’applications IMA conforme aux normes ARINC 653). Dans le deuxième flot de conception, Simulink est choisi pour simuler le monde externe du module IMA grâce à la disponibilité d’une libraire de l’avionique qui offre des capteurs et actuateurs, et aussi grâce à son efficacité pour créer les modèles. La plateforme de cosimulation est donc composée de deux simulateurs: Simulink pour la simulation de périphériques et de SIMA pour la simulation des applications IMA. Ceci représente une alternative idéale aux environnements de développement commerciaux, de nos jours très dispendieux. Pour permettre la portabilité, une partition SIMA est réservée pour jouer le rôle d’ « adaptateur ». Ici, l’adaptateur est responsable de synchroniser la communication entre les deux simulateurs via le protocole TCP/IP. Seul l’« adaptateur » devra donc être modifié lorsque l’application est portée vers la plateforme de l’implémentation (e.g. PikeOS), puisque la communication interne et la configuration des systèmes restent les mêmes. À titre d’étude de cas, une application avionique a été développée dans le but de démontrer la validité des flots de conception. La recherche proposée dans ce mémoire est une continuité de projets de l’équipe de recherche AVIO 509, et parallèlement pourra être étendue dans le cadre des travaux futurs.----------Abstract In the aerospace industry, with the development of avionic systems becomes more and more complex, the integrated modular avionics (IMA) architecture was proposed to replace its predecessor – the federated architecture, in order to reduce the weight, power consumption and the dimension of the avionics equipment. The research work presented in this thesis, which is considered as a part of the research project AVIO509, aims to propose to the aviation industry a set of time-effective and cost-effective solutions for the development and the functional validation of IMA systems. The proposed methodologies mainly focus on two design flows that are based on: 1) the concept of model-driven engineering design and 2) a cosimulation platform. In the first design flow, the modeling language AADL is used to describe the IMA architecture. The environment OCARINA, a code generator initially designed for POK, was modified so that it can generate avionic applications from an AADL model for the simulator SIMA (an IMA simulator compliant to the ARINC653 standards). In the second design flow, Simulink is used to simulate the external world of IMA module thanks to the availability of avionic library that can offer lots of avionics sensors and actuators, and as well as its effectiveness in creating the Simulink models. The cosimulation platform is composed of two simulators: Simulink for the simulation of peripherals and SIMA for the simulation of IMA module, the latter is considered as an ideal alternative for the super expensive commercial development environment. In order to have a good portability, a SIMA partition is reserved as the role of « adapter » to synchronize the communication between these two simulators via the TCP/IP protocol. When the avionics applications are ported to the implementation platform (such as PikeOS) after the simulation, there is only the « adapter » to be modified because the internal communication and the system configuration are the same. An avionics application was developed as a case study, in order to demonstrate the validation of the proposed design flows. The research presented in this paper is a continuation of project of the AVIO509 research team, and parallelly may be extended in the future work

Actes des Sixièmes journées nationales du Groupement De Recherche CNRS du Génie de la Programmation et du Logiciel

National audienceCe document contient les actes des Sixièmes journées nationales du Groupement De Recherche CNRS du Génie de la Programmation et du Logiciel (GDR GPL) s'étant déroulées au CNAM à Paris du 11 au 13 juin 2014. Les contributions présentées dans ce document ont été sélectionnées par les différents groupes de travail du GDR. Il s'agit de résumés, de nouvelles versions, de posters et de démonstrations qui correspondent à des travaux qui ont déjà été validés par les comités de programmes d'autres conférences et revues et dont les droits appartiennent exclusivement à leurs auteurs

Scheduling of a Cyber-Physical System Simulation

The work carried out in this Ph.D. thesis is part of a broader effort to automate industrial simulation systems. In the aeronautics industry, and more especially within Airbus, the historical application of simulation is pilot training. There are also more recent uses in the design of systems, as well as in the integration of these systems. These latter applications require a very high degree of representativeness, where historically the most important factor has been the pilot’s feeling. Systems are now divided into several subsystems that are designed, implemented and validated independently, in order to maintain their control despite the increase in their complexity, and the reduction in time-to-market. Airbus already has expertise in the simulation of these subsystems, as well as their integration into a simulation. This expertise is empirical; simulation specialists use the previous integrations schedulings and adapt it to a new integration. This is a process that can sometimes be time-consuming and can introduce errors. The current trends in the industry are towards flexible production methods, integration of logistics tools for tracking, use of simulation tools in production, as well as resources optimization. Products are increasingly iterations of older, improved products, and tests and simulations are increasingly integrated into their life cycles. Working empirically in an industry that requires flexibility is a constraint, and nowadays it is essential to facilitate the modification of simulations. The problem is, therefore, to set up methods and tools allowing a priori to generate representative simulation schedules. In order to solve this problem, we have developed a method to describe the elements of a simulation, as well as how this simulation can be executed, and functions to generate schedules. Subsequently, we implemented a tool to automate the scheduling search, based on heuristics. Finally, we tested and verified our method and tools in academic and industrial case studies

A Model-Based Development and Verification Framework for Distributed System-on-Chip Architecture

The capabilities and thus, design complexity of VLSI-based embedded systems have increased tremendously in recent years, riding the wave of Moore’s law. The time-to-market requirements are also shrinking, imposing challenges to the designers, which in turn, seek to adopt new design methods to increase their productivity. As an answer to these new pressures, modern day systems have moved towards on-chip multiprocessing technologies. New architectures have emerged in on-chip multiprocessing in order to utilize the tremendous advances of fabrication technology. Platform-based design is a possible solution in addressing these challenges. The principle behind the approach is to separate the functionality of an application from the organization and communication architecture of hardware platform at several levels of abstraction. The existing design methodologies pertaining to platform-based design approach don’t provide full automation at every level of the design processes, and sometimes, the co-design of platform-based systems lead to sub-optimal systems. In addition, the design productivity gap in multiprocessor systems remain a key challenge due to existing design methodologies. This thesis addresses the aforementioned challenges and discusses the creation of a development framework for a platform-based system design, in the context of the SegBus platform - a distributed communication architecture. This research aims to provide automated procedures for platform design and application mapping. Structural verification support is also featured thus ensuring correct-by-design platforms. The solution is based on a model-based process. Both the platform and the application are modeled using the Unified Modeling Language. This thesis develops a Domain Specific Language to support platform modeling based on a corresponding UML profile. Object Constraint Language constraints are used to support structurally correct platform construction. An emulator is thus introduced to allow as much as possible accurate performance estimation of the solution, at high abstraction levels. VHDL code is automatically generated, in the form of “snippets” to be employed in the arbiter modules of the platform, as required by the application. The resulting framework is applied in building an actual design solution for an MP3 stereo audio decoder application.Siirretty Doriast