ARINC653 annex: examples

Transcription

1 ARINC653 annex: examples Julien Delange Laurent Pautet Peter Feiler 10/11/09

2 Better understanding of ARINC653 systems Help to understand ARINC653 architectures Isolation services Communication services Health Monitoring Understand the mapping to AADL AADL components for ARINC653 architecture modeling Use of new AADLv2 components Dedicated properties page 2

3 About the examples Different modeling approaches Architecture first, then application concerns Application first, then architecture Various origins Designed for dedicated purpose (ex: SIGAda09 for scheduling verification experiments) From technical reports (ex: Integrated) From existing projects (ex: Autopilot system) Need industrial models Feel free to send us materials to design new models! page 3

4 Basic example POK/Cheddar example Two partitions with data exchange Illustrate mapping of ARINC653 communication patterns to AADL Inter-partition communication Blackboard Events Inter-partition communication Sampling ports page 4

5 ARINC653 Sampling Port (inter-partition communication) ARINC653 Event (intrapartition communication) Basic example ARINC653 Buffer (intra-partition communication) ARINC653 Process (AADL thread) ARINC653 Partition (AADL process+virtual processor) ARINC653 module (AADL processor) Main memory (ex: RAM) Partitions memory segments AADL AEROTECH09 5 Julien Delange, Laurent Pautet, Peter Feiler

6 SIGAda09 example Architecture first Three partitions Different scheduling requirements Application then Data exchange Use different communication mechanisms (shared resources, blackboard,...) System Analysis Emphasis on scheduling feasability Demonstrate scheduling correctness at simulation AND execution page 6

7 but different scheduling policy SIGAda09 example Two partitions, same components... Shared resource Blackboard AADL AEROTECH09 7 Julien Delange, Laurent Pautet, Peter Feiler

8 Ardupilot example Application first Autopilot system Application that controls speed, direction from position feedback Then, architecture Separate components into partitions Partitions for application and each device Application code from page 8

9 Autopilot example Position feedback (device) Control speed and direction (devices) Compute new speed and direction AADL AEROTECH09 9 Julien Delange, Laurent Pautet, Peter Feiler

10 Integrated model SEI model example Technical report available Partitioned architecture with AADLv1 System Analysis Ressource analysis Power Analysis... page 10

11 Integrated example AADL AEROTECH09 11 Julien Delange, Laurent Pautet, Peter Feiler

12 MILS model: special case of ARINC653 modeling Example from POK Generation of MILS architecture Extension of ARINC653 annex Security level isolation System Analysis Security analysis Isolation enforcement... page 12

13 MILS example Network does not provide isolation between security levels Partitions enforce space isolation Partitions runtime provide different security levels AADL AEROTECH09 13 Julien Delange, Laurent Pautet, Peter Feiler

14 About the examples Different modeling approaches Architecture then software concerns Software then architecture concerns Various origins Designed specifically for the ARINC653 annex Technical reports, feedback from users Need industrial models Feel free to send us materials for the design of new models! page 14

15 Thank you Examples available at page 15