Split of Composite Components for Distributed Applications

International audienceComposite structures as in UML are a way to ease the development of complex applications. Composite classes contain sub-components that are instantiated, interconnected and configured along with the composite. Composites may also contain operations and further attributes. Their deployment on distributed platforms is not trivial, since their sub-components might be allocated to different computing nodes. In this case, the deployment implies a split of the composite. In this paper, we will motivate why composites need to be allocated to different nodes in some cases by examining the particular case of interaction components. We will also discuss several options to achieve the separation and their advantages and disadvantages including modeling restrictions for the classes

A Comparison of Uncertainty Estimation Approaches in Deep Learning Components for Autonomous Vehicle Applications

A key factor for ensuring safety in Autonomous Vehicles (AVs) is to avoid any abnormal behaviors under undesirable and unpredicted circumstances. As AVs increasingly rely on Deep Neural Networks (DNNs) to perform safety-critical tasks, different methods for uncertainty quantification have recently been proposed to measure the inevitable source of errors in data and models. However, uncertainty quantification in DNNs is still a challenging task. These methods require a higher computational load, a higher memory footprint, and introduce extra latency, which can be prohibitive in safety-critical applications. In this paper, we provide a brief and comparative survey of methods for uncertainty quantification in DNNs along with existing metrics to evaluate uncertainty predictions. We are particularly interested in understanding the advantages and downsides of each method for specific AV tasks and types of uncertainty sources.Comment: Accepted Workshop AISafety 2020 - Workshop in Artificial Intelligence Safet

Modelling the Component-based Architecture and Safety Contracts of ArmAssist in Papyrus for Robotics

Healthcare robots are increasingly being used and the way they are engineered they still have several challenges regarding reference models and validation. In this experience report we focus on the ArmAssist robotic system and how it can be modelled including safety considerations for validation in early design phases. ArmAssist is an upper-limb robotic system for stroke rehabilitation based on serious games. The open-source tool Papyrus for Robotics was used for modelling the robotic system in close collaboration with neurorehabilitation domain experts. Papyrus for Robotics includes new functionalities that we contributed for contract-based design at component and system level, allowing to make explicit and validate the safety considerations using formal languages. In our case, the assertions are expressed in OCL and Othello. We present the resulting model and a discussion from domain experts.This work has been funded by the SafeCC4Robot Integrated Technical Project which received funding from the European Union’s Horizon 2020 Research and Innovation Programme under grant agreement No. 732410, in the form of financial support to third parties of the RobMoSys Project. We would like to thank Angel Lopez, Elixabete Ostolaza, Matteo Morelli, ´ and Huascar Espinoza for their help during the tool design and development. The authors also would like to thank to Inigo Dorronsoro, Javier Arcas Ruiz-Ruano, Gabriel Gaminde, ˜ Benat Garcia-Mendizabal, Je Hyung Jung, Cristina Rodriguez- ˜ de-Pablo, Joel Perry, Aitor Belloso, David Valencia and Haritz Zabaleta for their contributions to the ArmAssist system development

Process and tool support for design patterns with safety requirements

The requirement for higher Security and Dependability (S&D) of systems is continuously increasing, even in domains tradi-tionally not deeply involved in such issues. Nowadays, many practitioners express their worries about current S&D software engineering practices. New recommendations should be considered to ground this discipline on two pillars: solid theory and proven principles. We took the second pillar towards software engineering for embedded system applications, focusing on the problem of integrating S&D by design to foster reuse. In this paper, we propose to combine design patterns and Model Driven Engineering (MDE) techniques for building component-based applications with safety requirements. The resulting modeling framework serves primarily to capture the basic concepts for specifying safety-oriented design patterns, building an S&D pattern system, and maintain safety properties, with existing modeling artifacts, during the engineering process based on the S&D pattern system. As a proof of concept, we are evaluating the feasibility of the framework through the example of the MooN pattern system for building systems having safety requirements: Communication Based Train Control (CBTC)

Designing Fault-Tolerant component based applications with a model driven approach

Abstract. The requirement for higher reliability and availability of systems is continuously increasing even in domains not traditionally strongly involved in such issues. Solutions are expected to be efficient, flexible, reusable on rapidly evolving hardware and of course at low cost. Model driven approaches can be very helpful for this purpose. In this paper, we propose a study associating modeldriven technology and component-based development. This work is illustrated by the realization of a use case from aerospace industry that has fault-tolerance requirements: a launch vehicle. UML based modeling is used to capture application structure and related nonfunctional requirements thanks to the profiles CCM (CORBA Component Model) and QoS&FT (Quality of Service and Fault Tolerance). The application model is enriched with infrastructure component dedicated to fault-tolerance. From this model we generate CCM descriptor files which in turns are used to build bootcode (static deployment) which instantiates, configures and connects components. Within this process, component replication and FT properties are declaratively specified at model level and are transparent for the component implementation

Tool support for the distribution of object based applications

The development of distributed object-oriented applications is a complex task, even if a middleware (for instance CORBA or DCOM) is employed. The middleware offers the powerful abstraction of a remote method invocation. Yet there are the following problems. 1.Middleware-specific code can not be isolated in a single module. Thus, it is difficult to adapt the program to another middleware or a new distribution structure. 2.Middleware has certain restrictions; it is for example not possible to directly instantiate an object in a remote address space. In order to overcome the first problem, the approach presented in this thesis is based on the generation of a distributed application on the basis of a non-distributed source code. The specification of the distribution information is based on the attachment of elements of the application's class diagram to so-called partitions (the application is split into multiple partitions). In case that restrictions of the middleware are violated – this is automatically checked by an analysis tool – predefined operations can be used to transform the application in a suitable way. The implementation of the approach presented here employs a graph as its internal data structure. The graph rewriting system PROGRES is used to specify the structure of this graph and suitable transformations

Tool support for the distribution of object based applications

The development of distributed object-oriented applications is a complex task, even if a middleware (for instance CORBA or DCOM) is employed. The middleware offers the powerful abstraction of a remote method invocation. Yet there are the following problems. 1.Middleware-specific code can not be isolated in a single module. Thus, it is difficult to adapt the program to another middleware or a new distribution structure. 2.Middleware has certain restrictions; it is for example not possible to directly instantiate an object in a remote address space. In order to overcome the first problem, the approach presented in this thesis is based on the generation of a distributed application on the basis of a non-distributed source code. The specification of the distribution information is based on the attachment of elements of the application's class diagram to so-called partitions (the application is split into multiple partitions). In case that restrictions of the middleware are violated – this is automatically checked by an analysis tool – predefined operations can be used to transform the application in a suitable way. The implementation of the approach presented here employs a graph as its internal data structure. The graph rewriting system PROGRES is used to specify the structure of this graph and suitable transformations

An Entirely Model-Based Framework for Hardware Design and Simulation

International audienceFor a long time, the code generation from domain-specific and/or model-based languages to implementation ones remained manual and error-prone. The use of modeling was required in the early stages of development to ease the design and communicate intents, but because of the manual implementation, there were no traceability and no formal link with the final code. Model-Driven Development (MDD) was unable to win its audience. Today, models constructed with UML have an equivalent representation in XML. And thanks to XML technologies, manipulating models for data mining, transformation or code generation becomes possible. MDD is now commonly used within the software community. Next, for the hardware community, this work will empower the use of MDD in hardware design and simulation. It offers a completely operational framework based on OMG standards: UML and MARTE

Distribution of Applications with Graph Transformation Tools

The development of distributed applications is a difficult task. Although today eased by middleware there is still a need for additional tools. They should help the developer to specify the distribution structure of an application, to prepare the system for distribution and finally to insert the actual code interacting with the middleware. The first two activities preferably operate on the architecture of a software system. The architecture is naturally represented as a graph. We regard the preparation of a system for distribution as part of an (continuous) development process, thus we support forward and reengineering as well (see also [Rad97]). Transformations of an application system can be represented as graph rewriting steps. In section 2 we motivate the task of developing a distributed system by studying a small example program. The methodology