From UML to AADL: a Need for an Explicit Execution Semantics Modeling with MARTE

International audienceA modeling process for real-time embedded systems may involve the coordinated use of several languages. Each of these languages are dedicated to a particular phase of development (specification, design, test, ...) and coupled with various tools (scheduling analysis, formal verification, model checker,...). The combined use of UML and AADL is an increasing practice. UML and its recent MARTE (Modeling and Analysis of Real-Time and Embedded systems) profile seem suitable for capturing requirements, analysis and preliminary design. AADL is tailored for the detailed design phase and offers linked validation and verification tools. In order to combine UML/MARTE and AADL, translation mechanisms between these two formalisms have to be defined. Previous works have defined translations between the structural concepts of AADL and MARTE artifacts. However, the behavioral aspect have also to be treated. The presented work focuses on the translation of the thread execution and communication semantics. It is a pragmatic and on-going approach, validated in an industrial context, on representative examples

Distributed run-time WCET controller for concurrent critical tasks in mixed-critical systems

International audienceWhen integrating mixed critical systems on a multi/many-core, one challenge is to ensure predictability for high criticality tasks and an increased utilization for low criticality tasks. In this paper, we address this problem when several high criticality tasks with different deadlines, periods and offsets are concurrently executed on the system. We propose a distributed run-time WCET controller that works as follows: (1) locally, each critical task regularly checks if the interferences due to the low criticality tasks can be tolerated, otherwise it decides their suspension; (2) globally, a master suspends and restarts the low criticality tasks based on the received requests from the critical tasks. Our approach has been implemented as a software controller on a real multi-core COTS system with significant gains

DOL-BIP-Critical: a tool chain for rigorous design and implementation of mixed-criticality multi-core systems

International audienceMixed-criticality systems are promoted in industry due to their potential to reduce size, weight, power, and cost. Nonetheless, deploying mixed-criticality applications on commercial multi-core platforms remains a highly challenging problem. To name a few reasons: (i) Industrial mixed-criticality applications are usually complex reactive applications, which cannot be specified by traditional, e.g., dataflow-based, models of computation. Appropriate mixed-criticality models of computation built upon Vestal's assumptions are missing; (ii) Scheduling such applications on multicores with shared resources, such as memory buses, requires that any timing interference among applications of different criticality is bounded in order to guarantee-the necessary for certification-temporal isolation and to enable incre-mental design; (iii) The implementation of isolation-preserving mixed-criticality schedulers is itself subject to certification. Hence, it needs to be not only efficient, but also provably correct. This paper proposes, for the first time, a complete design flow covering all aspects from specification, using a novel mixed-criticality aware model of computation (DOL-Critical), to correct-by-construction implementation, using the principle 'what you verify is what you generate' which is based on a novel variant of task automata (BIP). We demonstrate the applicability of our design flow with an industrial avionic test case on the state-of-the-art Kalray MPPA R-256