Model-based Architectural Verification & Validation
|
|
- Rosa Hodges
- 6 years ago
- Views:
Transcription
1 Model-based Architectural Verification & Validation Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Peter H Feiler Feb Carnegie Mellon University
2 Outline Architecture-Centric Model-based Engineering Multi-fidelity Model-based Analysis Validation of Implementations 2
3 Airbus Auto-Pilot Problem Fallback solution also computer-controlled 3
4 Mismatched Assumptions System Engineer Physical Plant Characteristics Control Engineer Hardware Engin neer System Under Control Compute Platform Data Stream Characteristics Distribution Redundancy Runtime Architecture Embedded SW System Engineer Control System Application Software Concurrency Communication Precision Units Applicat tion Developer Why do system level failures still occur despite fault tolerance techniques being deployed in systems? 4
5 System Level Fault Root Causes Data (stream) consistency End-to-end latency analysis Stream miss rates, Mismatched data representation, Latency jitter & age Violation of data stream assumptions Partitions as Isolation Regions Space, time, and bandwidth partitioning Isolation not guaranteed due to undocumented resource sharing fault containment, security levels, safety levels, distribution Fault propagation security analysis Logical vs. physical redundancy redundancy patterns Virtualization of time & resources Time stamping of data & asynchronous systems Inconsistent System States & Interactions Modal systems with modal components Concurrency & redundancy management Application level interaction protocols Modeling of partitioned architectures Validation by model checking & proofs 5
6 Potential Model-based Engineering Pitfalls The system Inconsistency between independently developed analytical models System models Confidence that model reflects implementation System implementation Models are more than Powerpoint pictures or block diagrams 6
7 Architecture-Centric Modeling Approach Availability & Reliability MTBF FMEA Hazard analysis Single Source Annotated Architecture Model Architecture Model Security Intrusion Integrity Confidentiality Data Quality Data precision/ accuracy Temporal correctness Confidence Auto-generated analytical models Real-time Performance Execution time/ Deadline Deadlock/starvation Latency Resource Consumption Bandwidth CPU time Power consumption Impact Across Quality Dimensions 7 7
8 Outline Architecture-Centric Model-based Engineering Multi-fidelity Model-based Analysis Validation of Implementations 8
9 Latency Contributors Operational Environment System Engineer System Under Control Control Engineer Control System Processing latency Sampling latency Physical signal latency 9
10 Impact of Sampling Latency Jitter Impact of Scheduler Choice on Controller Stability A. Cervin, Lund U., CCACSD 2006 Sampling jitter due execution time jitter and application-driven send/receive 10
11 11
12 Partition-Level Flow Latency Subsystem latency exceeds expected latency Lower bound latency inherent to partition architecture 12
13 Managed Latency Jitter through Deterministic Sampling From Partitions Nav signal data Navigation Sensor Processing Nav sensor data 20Hz Nav sensor data Integrated Navigation 10Hz Nav data Guidance Processing 20Hz Periodic I/O 20Hz Guidance To Partitions Input-compute-output (ICO) AADL thread semantics Immediate and delayed data port connections for deterministic sampling Fuel Flow Nav data FP data Aircraft Performance Calculation 2Hz Flight Plan Processing Performance data 5Hz FP data 13
14 Latency Revisited Latency has increased 14 14
15 Software-Based Latency Contributors Execution time variation: algorithm, use of cache Processor speed Resource contention Preemption Legacy & shared variable communication Rate group optimization Protocol specific communication delay Partitioned architecture Migration of functionality Fault tolerance strategy 15
16 Outline Architecture-Centric Model-based Engineering Multi-fidelity Model-based Analysis Validation of Implementations 16
17 Options Implements model semantics Validate generator vs. source code 17
18 Double Buffering From Customer Design Document The 200 Hz update rate was used because the MUX data needed to be processed at twice the rate of the fastest channel to avoid a race condition. Because channel 3 operates at 100 Hz, the IO processor had to operate at 200 Hz. The race condition has been fixed by double-buffering data, but the IO processor execution rate was left at 200 Hz to reduce latency of MUX data. Did double buffering solved the problem or do we need to do more buffering? 18 18
19 33 Application-based Send and Receive (ASR) (τ P τ C )* MP 3 buffers for ICO guarantee α P S&X Ω P MR T P α P S Ω P D P T C α C R Ω C D C α C R Ω C α : actual execution start time MC Ω : actual completion time α P - Ω P α C - Ω C non-deterministic sampling (S/R) order 19
20 34 Periodic Task Communication Summary Periodic ASR DSR DMT Same period IMT PMT IMT PMT τ P ; τ C MF:1B PD:2B S X R PD:2B R PD:2B S X/R MF:1B τ C ; τ P PD:1B PD:1B PD:1B PD:1B PD:1B τ P τ C ND:1B PD:2B X ND:1B PD:2B PD:2B PD:2B ND:1B R X/R τ P τ C ND:3B S/X C R C PD:2B X PD:2B R PD:2B X/R NDI:2B S/X/R C MF: Mid-Frame PD: Period Delay ND: Non-Deterministic NDI: No Data Integrity 1B: Single buffer 2B: Two buffers 3B: Three buffers 4B: Four buffers S, X, R : data copy S/X : IMT combined send/xfer S/X/R : DMT combined S, X, R X/R: DSR/PMT combined X, R o1 o2 : One operation copy 20
21 Dual Redundant Flight Guidance System 21
22 Mode Logic Specification Synchronous system case Asynchronous system case Component failure case Implementation Samples Distributed Mode State To validate: 1) At least one output 2) Exactly one output 3) Two outputs in critical mode Increased complexity of property 22
23 Modeling & Validation Issues Observation of events by sampling state Modeling in AADL helped identify issues Corrected asynchronous solution ignores pilot input events Push button requires complete event stream Distributed processing of mode state machine Central vs. distributed logic Fail safe coordination of state transitions Properties during mode transition Clock drift in asynchronous system Acceptable drift: bounded vs. fault Built-in drift bound through period: period wrap-around Loss of data stream element due to wrap around Button input as event to data port Reduced property complexity by mode transition as state Synchronization domains & fault conditions Event processing vs. data sampling 23
24 Quantified Out-of-sync Modes 24
25 Subtle Errors LM Aero UAV Sensor Voting OFP Triplex Voter 96 Simulink Subsystems 3 Stateflow Diagrams 6x10 13 Reachable States Formal Verification 25 Informal Requirements 57 Formal Properties Minutes reachable to Analyze states in Rockwell examples 1 sync 2 input_a 3 input_b 4 input_c 5 status_a 6 status_b 7 status_c 8 dst_index DOC Text Resulting In sync<> [trigger] [A] [B] [C] [status_a] [status_b] [status_c] [DSTi] [trigger] [A] [B] [C] trip_level trip_level1 persist_lim persistence limit [MS] totalizer_lim persistence limit1 [DSTi] DST Data Store Read trip_level persist_lim Index Vector input_a input_b input_c trip_level persist_lim MS totalizer_lim Extract Bits u16 [0 3] failreport triplex_input_monitor pc tc failreport [MS] [status_a] [status_b] [status_c] [prev_sel] [A] [B] [C] persistence_cnt<pc> 24 Counterexamples 3 totalizer_cnt<tc> totalizer_cnt 10 Design Modifications Formal verification has found Several subtle Requirements errors that Clarifications would likely be missed by traditional testing. mon_failure_report status_a status_b status_c prev_sel input_a input_b input_c 2 persistence_cnt [trigger] [A] [B] [DSTi] failure_report Failure_Isolation pc trigger input_a input_b input_c DST_index input_sel triplex_input_selector - Lockheed Martin [DSTi] 1 failure_report 25 [C] 4 input_sel 1 z Unit Delay failure_report dst_index Failure_Processing [prev_sel] 25
26 Towards Architecture Centric Engineering Build on architecture tradeoff analysis (e.g., SEI ATAM) Provides focused evaluation method MBE/AADL provides quantitative analysis & starter models to build on Facilitate pattern-based technical architecture root cause analysis Identify systemic risks in technology migration and refresh AADL provides semantic framework to reason about technical problem areas and potential mitigation strategies Scalability through architecture extraction Leverage existing design data bases Challenge: abstract away from design details Focus on what instead of how Support system and software assurance Provides structured approach to safety/dependability assurance MBE/AADL provides evidence based on validated models 26
27 Peter H Feiler phf@sei.cmu.edu
Model Checking of Aerospace Domain Models in an Industrial Context
Model Checking of Aerospace Domain Models in an Industrial Context Michael Dierkes Rockwell Collins France Forum Méthodes Formelles 16 Octobre 2014 Proprietary Information Agenda 1.Presentation of Rockwell
More informationInvestigation of System Timing Concerns in Embedded Systems: Tool-based Analysis of AADL Models
Investigation of System Timing Concerns in Embedded Systems: Tool-based Analysis of AADL Models Peter Feiler Software Engineering Institute phf@sei.cmu.edu 412-268-7790 2004 by Carnegie Mellon University
More informationPattern-Based Analysis of an Embedded Real-Time System Architecture
Pattern-Based Analysis of an Embedded Real-Time System Architecture Peter Feiler Software Engineering Institute phf@sei.cmu.edu 412-268-7790 Outline Introduction to SAE AADL Standard The case study Towards
More informationSemantics of Statecharts
Semantics of Statecharts Michael Whalen Program Director University of Minnesota Software Engineering Center 1 Statecharts Popular notation for implementing complex state machines Proposed by Harel in
More informationImpact of Runtime Architectures on Control System Stability
Impact of Runtime Architectures on Control System Stability P. Feiler, J. Hansson Software Engineering Institute, Pittsburgh, PA Abstract: Control systems are sensitive to the endto-end latency and age
More informationModel-Based Embedded System Engineering & Analysis of Performance-Critical Systems
Sponsored by the U.S. Department of Defense 2005, 2006 by Carnegie Mellon University Model-Based Embedded System Engineering & Analysis of Performance-Critical Systems Peter H. Feiler Jan 2007 1 page 1
More informationBeyond Static Code Analysis
Beyond Static Code Analysis Dr. Michael Whalen July 23, 2009 Traditional Domains of Concern Mats Heimdahl. Tool Intensive Software Development, FAA Software Tools Forum, Daytona Beach, FL, May, 2004 2
More informationWhy We Model: Using MBD Effectively in Critical Domains
Why We Model: Using MBD Effectively in Critical Domains Mike Whalen Program Director, UMSEC University of Minnesota 5/27/2013 Why We Model - Mike Whalen 1 Acknowledgements Rockwell Collins (Darren Cofer,
More informationEfficient Embedded Runtime Systems through Port Communication Optimization
13th IEEE International Conference on Engineering of Complex Computer Sstems Efficient Embedded Runtime Sstems through Port Communication Optimization Peter H. Feiler Software Engineering Institute, Carnegie
More informationAnalytical Architecture Fault Models
Analytical Architecture Fault Models Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Peter H. Feiler Dec 4, 2012 Copyright 2012 Carnegie Mellon University and IEEE This material
More informationModeling the Implementation of Stated-Based System Architectures
Modeling the Implementation of Stated-Based System Architectures Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Peter H Feiler June 2009 Are Everywhere What is a state-based
More informationMixed Critical Architecture Requirements (MCAR)
Superior Products Through Innovation Approved for Public Release; distribution is unlimited. (PIRA AER200905019) Mixed Critical Architecture Requirements (MCAR) Copyright 2009 Lockheed Martin Corporation
More informationFlow Latency Analysis with the Architecture Analysis and Design Language (AADL)
Flow Latency Analysis with the Architecture Analysis and Design Language (AADL) Peter Feiler Jőrgen Hansson December 2007 TECHNICAL NOTE CMU/SEI-2007-TN-010 Performance-Critical Systems Initiative Unlimited
More information1. INTRODUCTION. four years and by 2014 the cost of 27M SLOC of software is estimated to exceed $10B (see Figure 1).
Model-Based Validation of Safety-Critical Embedded Systems Peter H. Feiler Software Engineering Institute Carnegie Mellon University 4500 Fifth Ave Pittsburgh, PA 15213 412-268-7790 phf@sei.cmu.edu Abstract
More informationAADL v2.1 errata AADL meeting Sept 2014
AADL v2.1 errata AADL meeting Sept 2014 Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 V2.1 Errata Additional applies to allowances Inconsistency in reference/applies to
More informationBridging the Gap Between Model-Based Development and Model Checking
Bridging the Gap Between Model-Based Development and Model Checking AFRL Safe & Secure Systems & Software Symposium Dr. Steven P. Miller Acknowledgements NASA Langley Research Center (Ricky Butler) Air
More informationA Multi-Modal Composability Framework for Cyber-Physical Systems
S5 Symposium June 12, 2012 A Multi-Modal Composability Framework for Cyber-Physical Systems Linh Thi Xuan Phan Insup Lee PRECISE Center University of Pennsylvania Avionics, Automotive Medical Devices Cyber-physical
More informationSAE AADL Error Model Annex: Discussion Items
SAE AADL Error Model Annex: Discussion Items Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Peter Feiler phf@sei.cmu.edu April 2012 Sponsored by the U.S. Department of Defense
More informationComplexity-Reducing Design Patterns for Cyber-Physical Systems. DARPA META Project. AADL Standards Meeting January 2011 Steven P.
Complexity-Reducing Design Patterns for Cyber-Physical Systems DARPA META Project AADL Standards Meeting 24-27 January 2011 Steven P. Miller Delivered to the Government in Accordance with Contract FA8650-10-C-7081
More informationEvolving the CORBA standard to support new distributed real-time and embedded systems
Evolving the CORBA standard to support new distributed real-time and embedded systems Tom Bracewell Senior Principal Software Engineer Raytheon Integrated Defense Systems Sudbury, MA. / (978) 440-2539
More informationChapter 39: Concepts of Time-Triggered Communication. Wenbo Qiao
Chapter 39: Concepts of Time-Triggered Communication Wenbo Qiao Outline Time and Event Triggered Communication Fundamental Services of a Time-Triggered Communication Protocol Clock Synchronization Periodic
More informationAADL Webinar. Carnegie Mellon University Notices Architecture Analysis with AADL The Speed Regulation Case-Study... 4
AADL Webinar Table of Contents Carnegie Mellon University Notices... 4 Architecture Analysis with AADL The... 4 What this talk is about?... 7 Agenda... 8 Agenda... 9 Polling Question 1... 10 Safety-Critical
More informationOSATE Analysis Support
OSATE Analysis Support Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Julien Delange/Peter Feiler 07/08/2013 Overview of OSATE2 Eclipse-based AADL editor Support for AADLv2.1,
More informationTools for Formally Reasoning about Systems. June Prepared by Lucas Wagner
Tools for Formally Reasoning about Systems June 9 2015 Prepared by Lucas Wagner 2015 Rockwell 2015 Collins. Rockwell All Collins. rights reserved. All rights reserved. Complex systems are getting more
More information02 - Distributed Systems
02 - Distributed Systems Definition Coulouris 1 (Dis)advantages Coulouris 2 Challenges Saltzer_84.pdf Models Physical Architectural Fundamental 2/58 Definition Distributed Systems Distributed System is
More information02 - Distributed Systems
02 - Distributed Systems Definition Coulouris 1 (Dis)advantages Coulouris 2 Challenges Saltzer_84.pdf Models Physical Architectural Fundamental 2/60 Definition Distributed Systems Distributed System is
More informationPriya Narasimhan. Assistant Professor of ECE and CS Carnegie Mellon University Pittsburgh, PA
OMG Real-Time and Distributed Object Computing Workshop, July 2002, Arlington, VA Providing Real-Time and Fault Tolerance for CORBA Applications Priya Narasimhan Assistant Professor of ECE and CS Carnegie
More informationThe SAE Architecture Analysis and Description Language (AADL) Standard: A Basis for Architecture- Driven Embedded Systems Engineering
The SAE Architecture Analysis and Description Language (AADL) Standard: A Basis for Architecture- Driven Embedded Systems Engineering DSN 2006 Workshop on Architecting Dependable Systems (WADS) 27 June
More informationDeterministic Ethernet & Unified Networking
Deterministic Ethernet & Unified Networking Never bet against Ethernet Mirko Jakovljevic mirko.jakovljevic@tttech.com www.tttech.com Copyright TTTech Computertechnik AG. All rights reserved. About TTTech
More informationExCuSe A Method for the Model-Based Safety Assessment of Simulink and Stateflow Models
ExCuSe A Method for the Model-Based Safety Assessment of Simulink and Stateflow Models MATLAB Expo 2018 2018-06-26 München Julian Rhein 1 Outline Introduction Property Proving Application to Safety Assessment
More informationAirTight: A Resilient Wireless Communication Protocol for Mixed- Criticality Systems
AirTight: A Resilient Wireless Communication Protocol for Mixed- Criticality Systems Alan Burns, James Harbin, Leandro Indrusiak, Iain Bate, Robert Davis and David Griffin Real-Time Systems Research Group
More informationTime-Triggered Ethernet
Time-Triggered Ethernet Chapters 42 in the Textbook Professor: HONGWEI ZHANG CSC8260 Winter 2016 Presented By: Priyank Baxi (fr0630) fr0630@wayne.edu Outline History Overview TTEthernet Traffic Classes
More informationSystem Models for Distributed Systems
System Models for Distributed Systems INF5040/9040 Autumn 2015 Lecturer: Amir Taherkordi (ifi/uio) August 31, 2015 Outline 1. Introduction 2. Physical Models 4. Fundamental Models 2 INF5040 1 System Models
More informationQuartzV: Bringing Quality of Time to Virtual Machines
QuartzV: Bringing Quality of Time to Virtual Machines Sandeep D souza and Raj Rajkumar Carnegie Mellon University IEEE RTAS @ CPS Week 2018 1 A Shared Notion of Time Coordinated Actions Ordering of Events
More informationTest and Evaluation of Autonomous Systems in a Model Based Engineering Context
Test and Evaluation of Autonomous Systems in a Model Based Engineering Context Raytheon Michael Nolan USAF AFRL Aaron Fifarek Jonathan Hoffman 3 March 2016 Copyright 2016. Unpublished Work. Raytheon Company.
More informationxuml, AADL and Beyond
xuml and AADL xuml, AADL and Beyond Chris Raistrick www.kc.com xuml and AADL xuml Overview Chris Raistrick www.kc.com Platform Independent Model A Platform Independent Model (PIM) is a technology agnostic
More informationArchitecture-driven development of Climate Control Software LMS Imagine.Lab Embedded Software Designer Siemens DF PL
Architecture-driven development of Climate Control Software LMS Imagine.Lab Embedded Software Designer Siemens DF PL Restricted Siemens AG 2017 Realize innovation. Content 1 Overview 3 2 LMS Imagine.Lab
More informationReal-Time Component Software. slide credits: H. Kopetz, P. Puschner
Real-Time Component Software slide credits: H. Kopetz, P. Puschner Overview OS services Task Structure Task Interaction Input/Output Error Detection 2 Operating System and Middleware Application Software
More informationMiddleware for Embedded Adaptive Dependability (MEAD)
Middleware for Embedded Adaptive Dependability (MEAD) Real-Time Fault-Tolerant Middleware Support Priya Narasimhan Assistant Professor of ECE and CS Carnegie Mellon University Pittsburgh, PA 15213-3890
More informationSystem Models 2. Lecture - System Models 2 1. Areas for Discussion. Introduction. Introduction. System Models. The Modelling Process - General
Areas for Discussion System Models 2 Joseph Spring School of Computer Science MCOM0083 - Distributed Systems and Security Lecture - System Models 2 1 Architectural Models Software Layers System Architecture
More informationProviding Real-Time and Fault Tolerance for CORBA Applications
Providing Real-Time and Tolerance for CORBA Applications Priya Narasimhan Assistant Professor of ECE and CS University Pittsburgh, PA 15213-3890 Sponsored in part by the CMU-NASA High Dependability Computing
More informationDistributed IMA with TTEthernet
Distributed IMA with thernet ARINC 653 Integration of thernet Georg Gaderer, Product Manager Georg.Gaderer@tttech.com October 30, 2012 Copyright TTTech Computertechnik AG. All rights reserved. Introduction
More informationCS4514 Real-Time Systems and Modeling
CS4514 Real-Time Systems and Modeling Fall 2015 José M. Garrido Department of Computer Science College of Computing and Software Engineering Kennesaw State University Real-Time Systems RTS are computer
More informationVerified Switched Control System Design using Real- Time Hybrid Systems Reachability
Verified Switched Control System Design using Real- Time Hybrid Systems Reachability Stanley Bak, Taylor Johnson, Marco Caccamo, Lui Sha Air Force Research Lab Information Directorate Rome, NY 1 Cyber-Physical
More informationCORBA in the Time-Triggered Architecture
1 CORBA in the Time-Triggered Architecture H. Kopetz TU Wien July 2003 Outline 2 Hard Real-Time Computing Event and State Messages The Time Triggered Architecture The Marriage of CORBA with the TTA Conclusion
More informationMethods and Tools for Embedded Distributed System Timing and Safety Analysis. Steve Vestal Honeywell Labs
Methods and Tools for Embedded Distributed System Timing and Safety Analysis Steve Vestal Honeywell Labs Steve.Vestal@Honeywell.com 5 April 2006 Outline Preliminary Comments Timing and Resource Utilization
More informationSimulink, simulation, code generation and tasks. Marco Di Natale Associate Professor, Scuola S. Anna - Italy, UTRC Visiting Fellow
Simulink, simulation, code generation and tasks Marco Di Natale Associate Professor, Scuola S. Anna - Italy, UTRC Visiting Fellow Simulink model Many things A network of blocks Workspace variables Type
More informationARINC653 AADL Annex. Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Julien Delange 07/08/2013
ARINC653 AADL Annex Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Julien Delange 07/08/2013 Context, Rationale ARINC653 Avionics standard Standardized API (called APEX
More informationSAE AS5643 and IEEE1394 Deliver Flexible Deterministic Solution for Aerospace and Defense Applications
SAE AS5643 and IEEE1394 Deliver Flexible Deterministic Solution for Aerospace and Defense Applications Richard Mourn, Dap USA Inc. AS5643 coupled with IEEE-1394 Asynchronous Stream capability provides
More informationIntroduction. Distributed Systems IT332
Introduction Distributed Systems IT332 2 Outline Definition of A Distributed System Goals of Distributed Systems Types of Distributed Systems 3 Definition of A Distributed System A distributed systems
More informationEnsuring Schedulability of Spacecraft Flight Software
Ensuring Schedulability of Spacecraft Flight Software Flight Software Workshop 7-9 November 2012 Marek Prochazka & Jorge Lopez Trescastro European Space Agency OUTLINE Introduction Current approach to
More informationApplications of Program analysis in Model-Based Design
Applications of Program analysis in Model-Based Design Prahlad Sampath (Prahlad.Sampath@mathworks.com) 2018 by The MathWorks, Inc., MATLAB, Simulink, Stateflow, are registered trademarks of The MathWorks,
More informationCIS 890: High-Assurance Systems
CIS 890: High-Assurance Systems Hazard Analysis Lecture: Error Modeling Annex Version 2 - Introduction Copyright 2016, John Hatcliff, Hariharan Thiagarajan. The syllabus and all lectures for this course
More informationA Data-Centric Approach for Modular Assurance Abstract. Keywords: 1 Introduction
A Data-Centric Approach for Modular Assurance Gabriela F. Ciocarlie, Heidi Schubert and Rose Wahlin Real-Time Innovations, Inc. {gabriela, heidi, rose}@rti.com Abstract. A mixed-criticality system is one
More informationModel-Based Engineering with AADL: An Overview
Model-Based Engineering with AADL: An Overview Peter Feiler phf@sei.cmu.edu Outline AADL: The Language What s New in AADL V2 Modeling with AADL 2 AADL: Components and Connections Properties standard user
More informationChapter 1: Distributed Systems: What is a distributed system? Fall 2013
Chapter 1: Distributed Systems: What is a distributed system? Fall 2013 Course Goals and Content n Distributed systems and their: n Basic concepts n Main issues, problems, and solutions n Structured and
More informationFunctional Safety and Safety Standards: Challenges and Comparison of Solutions AA309
June 25th, 2007 Functional Safety and Safety Standards: Challenges and Comparison of Solutions AA309 Christopher Temple Automotive Systems Technology Manager Overview Functional Safety Basics Functional
More informationAlexandre Esper, Geoffrey Nelissen, Vincent Nélis, Eduardo Tovar
Alexandre Esper, Geoffrey Nelissen, Vincent Nélis, Eduardo Tovar Current status MC model gradually gaining in sophistication Current status MC model gradually gaining in sophistication Issue Safety-related
More informationWhat are Embedded Systems? Lecture 1 Introduction to Embedded Systems & Software
What are Embedded Systems? 1 Lecture 1 Introduction to Embedded Systems & Software Roopa Rangaswami October 9, 2002 Embedded systems are computer systems that monitor, respond to, or control an external
More informationAn Encapsulated Communication System for Integrated Architectures
An Encapsulated Communication System for Integrated Architectures Architectural Support for Temporal Composability Roman Obermaisser Overview Introduction Federated and Integrated Architectures DECOS Architecture
More informationGuidelines for deployment of MathWorks R2010a toolset within a DO-178B-compliant process
Guidelines for deployment of MathWorks R2010a toolset within a DO-178B-compliant process UK MathWorks Aerospace & Defence Industry Working Group Guidelines for deployment of MathWorks R2010a toolset within
More informationDISTRIBUTED SYSTEMS Principles and Paradigms Second Edition ANDREW S. TANENBAUM MAARTEN VAN STEEN. Chapter 1. Introduction
DISTRIBUTED SYSTEMS Principles and Paradigms Second Edition ANDREW S. TANENBAUM MAARTEN VAN STEEN Chapter 1 Introduction Modified by: Dr. Ramzi Saifan Definition of a Distributed System (1) A distributed
More informationMultiple Views and Relationships for Quality Driven Architecture with AADL: A Multimodel for Software Product Lines
Multiple Views and Relationships for Quality Driven Architecture with AADL: A for Software Product Lines Emilio Insfran, Silvia Abrahão, Javier González Department of Information Systems and Computation
More informationARINC653 annex: examples
ARINC653 annex: examples Julien Delange Laurent Pautet Peter Feiler 10/11/09 Better understanding of ARINC653 systems Help to understand ARINC653 architectures
More informationMPI in 2020: Opportunities and Challenges. William Gropp
MPI in 2020: Opportunities and Challenges William Gropp www.cs.illinois.edu/~wgropp MPI and Supercomputing The Message Passing Interface (MPI) has been amazingly successful First released in 1992, it is
More informationArchitecture Description Languages. Peter H. Feiler 1, Bruce Lewis 2, Steve Vestal 3 and Ed Colbert 4
Architecture Description Languages An Overview of the SAE Architecture Analysis & Design Language (AADL) Standard: A Basis for Model-Based Architecture-Driven Embedded Systems Engineering Peter H. Feiler
More informationFrom synchronous models to distributed, asynchronous architectures
From synchronous models to distributed, asynchronous architectures Stavros Tripakis Joint work with Claudio Pinello, Cadence Alberto Sangiovanni-Vincentelli, UC Berkeley Albert Benveniste, IRISA (France)
More information3. Quality of Service
3. Quality of Service Usage Applications Learning & Teaching Design User Interfaces Services Content Process ing Security... Documents Synchronization Group Communi cations Systems Databases Programming
More informationA Component Model and Software Architecture for CPS
A Component Model and Software Architecture for CPS Abhishek Dubey, Gabor Karsai, Nagabhushan Mahadevan ISIS/Vanderbilt University NASA Cooperative Agreement NNX08AY49A Outline Software components for
More informationTraditional Approaches to Modeling
Traditional Approaches to Modeling Timeliness, Performance and How They Relate to Modeling, Architecture and Design Mark S. Gerhardt Chief Architect Pittsburgh, PA 15213 Levels of Real Time Performance
More informationData-Centric Architecture for Space Systems
Data-Centric Architecture for Space Systems 3 rd Annual Workshop on Flight Software, Nov 5, 2009 The Real-Time Middleware Experts Rajive Joshi, Ph.D. Real-Time Innovations Our goals are the same but not
More informationSubsystem Hazard Analysis (SSHA)
Subsystem Hazard Analysis (SSHA) c "!$#%! Examine subsystems to determine how their Normal performance Operational degradation Functional failure Unintended function Inadvertent function (proper function
More informationCSE 5306 Distributed Systems. Consistency and Replication
CSE 5306 Distributed Systems Consistency and Replication 1 Reasons for Replication Data are replicated for the reliability of the system Servers are replicated for performance Scaling in numbers Scaling
More informationChapter Outline. Chapter 2 Distributed Information Systems Architecture. Distributed transactions (quick refresh) Layers of an information system
Prof. Dr.-Ing. Stefan Deßloch AG Heterogene Informationssysteme Geb. 36, Raum 329 Tel. 0631/205 3275 dessloch@informatik.uni-kl.de Chapter 2 Distributed Information Systems Architecture Chapter Outline
More informationDistributed Systems. 05. Clock Synchronization. Paul Krzyzanowski. Rutgers University. Fall 2017
Distributed Systems 05. Clock Synchronization Paul Krzyzanowski Rutgers University Fall 2017 2014-2017 Paul Krzyzanowski 1 Synchronization Synchronization covers interactions among distributed processes
More informationCA464 Distributed Programming
1 / 25 CA464 Distributed Programming Lecturer: Martin Crane Office: L2.51 Phone: 8974 Email: martin.crane@computing.dcu.ie WWW: http://www.computing.dcu.ie/ mcrane Course Page: "/CA464NewUpdate Textbook
More informationFROM TIME-TRIGGERED TO TIME-DETERMINISTIC REAL-TIME SYSTEMS
FROM TIME-TRIGGERED TO TIME-DETERMINISTIC REAL-TIME SYSTEMS Peter Puschner and Raimund Kirner Vienna University of Technology, A-1040 Vienna, Austria {peter, raimund}@vmars.tuwien.ac.at Abstract Keywords:
More informationIndustrial Verification Using the KIND Model Checker Lucas Wagner Jedidiah McClurg
Industrial Verification Using the KIND Model Checker Lucas Wagner Jedidiah McClurg {lgwagner,jrmcclur}@rockwellcollins.com Software Complexity is Becoming Overwhelming Advancements in computing technology
More informationCOMPASS: FORMAL METHODS FOR SYSTEM-SOFTWARE CO-ENGINEERING
COMPASS: FORMAL METHODS FOR SYSTEM-SOFTWARE CO-ENGINEERING Viet Yen Nguyen Lehrstuhl für Informatik 2, RWTH Aachen University nguyen@cs.rwth-aachen.de Technology Innovation Days, ESA/ESTEC, 2011 ABOUT
More informationResource-bound process algebras for Schedulability and Performance Analysis of Real-Time and Embedded Systems
Resource-bound process algebras for Schedulability and Performance Analysis of Real-Time and Embedded Systems Insup Lee 1, Oleg Sokolsky 1, Anna Philippou 2 1 RTG (Real-Time Systems Group) Department of
More informationDeveloping deterministic networking technology for railway applications using TTEthernet software-based end systems
Developing deterministic networking technology for railway applications using TTEthernet software-based end systems Project n 100021 Astrit Ademaj, TTTech Computertechnik AG Outline GENESYS requirements
More informationEE249 Discussion Petri Nets: Properties, Analysis and Applications - T. Murata. Chang-Ching Wu 10/9/2007
EE249 Discussion Petri Nets: Properties, Analysis and Applications - T. Murata Chang-Ching Wu 10/9/2007 What are Petri Nets A graphical & modeling tool. Describe systems that are concurrent, asynchronous,
More informationIntroduction to Real-time Systems. Advanced Operating Systems (M) Lecture 2
Introduction to Real-time Systems Advanced Operating Systems (M) Lecture 2 Introduction to Real-time Systems Real-time systems deliver services while meeting some timing constraints Not necessarily fast,
More informationCSSE 490 Model-Based Software Engineering: Architecture Description Languages (ADL)
CSSE 490 Model-Based Software Engineering: Architecture Description Languages (ADL) Shawn Bohner Office: Moench Room F212 Phone: (812) 877-8685 Email: bohner@rose-hulman.edu Learning Outcomes: MBE Discipline
More informationCurriculum 2013 Knowledge Units Pertaining to PDC
Curriculum 2013 Knowledge Units Pertaining to C KA KU Tier Level NumC Learning Outcome Assembly level machine Describe how an instruction is executed in a classical von Neumann machine, with organization
More informationAADL Fault Modeling and Analysis Within an ARP4761 Safety Assessment
AADL Fault Modeling and Analysis Within an ARP4761 Safety Assessment Julien Delange Peter Feiler David P. Gluch John Hudak October 2014 TECHNICAL REPORT CMU/SEI-2014-TR-020 Software Solutions Division
More informationEventual Consistency Today: Limitations, Extensions and Beyond
Eventual Consistency Today: Limitations, Extensions and Beyond Peter Bailis and Ali Ghodsi, UC Berkeley - Nomchin Banga Outline Eventual Consistency: History and Concepts How eventual is eventual consistency?
More informationModel-based Analysis of Event-driven Distributed Real-time Embedded Systems
Model-based Analysis of Event-driven Distributed Real-time Embedded Systems Gabor Madl Committee Chancellor s Professor Nikil Dutt (Chair) Professor Tony Givargis Professor Ian Harris University of California,
More informationChapter 4: Distributed Systems: Replication and Consistency. Fall 2013 Jussi Kangasharju
Chapter 4: Distributed Systems: Replication and Consistency Fall 2013 Jussi Kangasharju Chapter Outline n Replication n Consistency models n Distribution protocols n Consistency protocols 2 Data Replication
More informationSystem Models. 2.1 Introduction 2.2 Architectural Models 2.3 Fundamental Models. Nicola Dragoni Embedded Systems Engineering DTU Informatics
System Models Nicola Dragoni Embedded Systems Engineering DTU Informatics 2.1 Introduction 2.2 Architectural Models 2.3 Fundamental Models Architectural vs Fundamental Models Systems that are intended
More informationSafety and Reliability of Software-Controlled Systems Part 14: Fault mitigation
Safety and Reliability of Software-Controlled Systems Part 14: Fault mitigation Prof. Dr.-Ing. Stefan Kowalewski Chair Informatik 11, Embedded Software Laboratory RWTH Aachen University Summer Semester
More informationThe Embedded Systems Design Challenge. EPFL Verimag
The Embedded Systems Design Challenge Tom Henzinger Joseph Sifakis EPFL Verimag Formal Methods: A Tale of Two Cultures Engineering Computer Science Differential Equations Linear Algebra Probability Theory
More informationWireless Sensor Networks: Clustering, Routing, Localization, Time Synchronization
Wireless Sensor Networks: Clustering, Routing, Localization, Time Synchronization Maurizio Bocca, M.Sc. Control Engineering Research Group Automation and Systems Technology Department maurizio.bocca@tkk.fi
More informationMaintaining Mutual Consistency for Cached Web Objects
Maintaining Mutual Consistency for Cached Web Objects Bhuvan Urgaonkar, Anoop George Ninan, Mohammad Salimullah Raunak Prashant Shenoy and Krithi Ramamritham Department of Computer Science, University
More informationReal-Time Architectures 2003/2004. Resource Reservation. Description. Resource reservation. Reinder J. Bril
Real-Time Architectures 2003/2004 Resource reservation Reinder J. Bril 03-05-2004 1 Resource Reservation Description Example Application domains Some issues Concluding remark 2 Description Resource reservation
More informationEmbedded Software Programming
Embedded Software Programming Computer Science & Engineering Department Arizona State University Tempe, AZ 85287 Dr. Yann-Hang Lee yhlee@asu.edu (480) 727-7507 Event and Time-Driven Threads taskspawn (name,
More informationVerifying Periodic Programs with Priority Inheritance Locks
Verifying Periodic Programs with Priority Inheritance Locks Sagar Chaki, Arie Gurfinkel, Ofer Strichman FMCAD, October, 03 Software Engineering Institute, CMU Technion, Israel Institute of Technology Copyright
More informationto-end System Test Architecture
End-to to-end System Test Architecture Sr. Manager, Lockheed Martin SSC masuma.ahmed@lmco.com (408) 742-2553 2553 1 Net-Centric Mission Operations Features Fully Synchronized Interoperable, of ed Systems
More informationAn Introduction to TTEthernet
An Introduction to thernet TU Vienna, Apr/26, 2013 Guest Lecture in Deterministic Networking (DetNet) Wilfried Steiner, Corporate Scientist wilfried.steiner@tttech.com Copyright TTTech Computertechnik
More informationAn Architect s Point of View. TSP Symposium Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213
An Architect s Point of View on TSP TSP Symposium 2011 Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Felix Bachmann 09/2011 An Architect s Point of View on TSP 2 The Good
More information