ARINC653 toolset: Ocarina, Cheddar and POK
|
|
- Francine Reed
- 5 years ago
- Views:
Transcription
1 ARINC653 toolset: Ocarina, Cheddar and POK Julien Delange Laurent Pautet 09/11/09
2 Context ARINC653 systems Layered architecture Enforce isolation across partitions High-integrity, reliable and dependable Partition 1 Partition 2 Kernel Task scheduling Partition scheduling Strong requirements Hierarchical scheduling Requirements analysis and verification (memory,...) System analysis, isolation verification Certification requirements (cf. DO178B) 2 Julien Delange, Laurent Pautet
3 Problem and solutions ARINC653 systems Must be verified BEFORE implementation (save time, money) Careful design, error can have catastrophic consequence Must be validated against certification standards (DO178B) Our tools: Verify of the system BEFORE implementation Generate code validated requirements Ease certification (code coverage, scheduling analysis, execution traces) 3 Julien Delange, Laurent Pautet
4 Proposed approach Dedicated development process AADL, backbone language Verification, execution, certification «Libre» toolset Ocarina model analyzer, code generator Cheddar, scheduling simulator and analyzer POK, ARINC653-compliant runtime for the AADL Available under GPL or BSD licenses Ocarina Cheddar POK Requirements verification (ex: memory requirements) Scheduling Simulation Implementation Simulation traces Compare execution AGAINST simulation traces 4 Julien Delange, Laurent Pautet
5 Requirements verification Ensure requirements enforcement Memory requirements Fault tree (each potential fault will be recovered) Verify basic scheduling requirements Rely on Ocarina AADL toolsuite Model analysis REAL theorems for model validation Requirements verification (ex: memory requirements) See. Model-Based Engineering for the Development of ARINC653 Architectures», AEROTECH09 5 Julien Delange, Laurent Pautet
6 Scheduling simulation Verify scheduling requirements Deadlines can be met Use time isolation of ARINC653 architectures Simulate system scheduling Tasks activation time Shared resources utilization Scheduling Simulation Scheduling feasability Hierarchical scheduler handling Produce trace file XML file, can be reused later Reproduce the tasks activation diagram Simulation traces Scheduling diagram Verify graphical tasks execution 6 Julien Delange, Laurent Pautet
7 Automatic implementation Automatic code generation Enforce model requirements Minimal code, avoid potential overhead Implementation with POK Partitioned runtime for AADL Provides isolation across partitions Automatic instrumentation Trace system execution Output tasks activation time Generation of ARINC653-compliant code traces See «Code Generation Strategies for Partitioned Systems», RTSS08-WIP Reduce overhead Avoid traditional error Ensure requirements enforcement Verify system correctness Integration with devices and other nodes Trace equivalent to scheduling trace Potentially exploit other information (executed statements,...) 7 Julien Delange, Laurent Pautet
8 Compare simulation and execution Compare simulation and execution Task execution is similar Time isolation is well enforced Automatic process Driven by Can also check both execution diagrams Cheddar Scheduling Simulation Simulation traces Ocarina POK Implementation traces See «Validate, simulate and implement ARINC653 systems using the AADL», SIGAda09 Compare execution against simulation Tasks execution meets simulation? 8 Julien Delange, Laurent Pautet
9 Additional: ARINC653 XML generation ARINC653 OS are configured with XML files Configure module service Useful for some verification Lack of information for a complete analysis Really useful? Cannot generate the whole runtime system Generate configuration + runtime with AADL ensure requirements enforcement Ocarina ARINC653 XML deployment file Vendor-specific tools ARINC653 OS configuration 9 Julien Delange, Laurent Pautet
10 Going further: code coverage Code coverage? Check statement execution Verify evaluation of conditions See. statement coverage, MC/DC,... Fundamental requirement for avionics systems Requirement for DO178B certification Coverage level depends on criticality level All code MUST be covered Actually performed with code review and analysis 10 Julien Delange, Laurent Pautet
11 Automatic code generation Code coverage and code generation Partition 1 Partition 2 Code reflects architecture needs and requirements! Remove useless functions Avoid potential overhead Event ports Blackboards Event ports Intra-partition comm Intra-partition comm Thread management Thread management Partition 1 Partition 2 Partitions scheduler Time service Kernel Sampling ports Inter-partitions comm. 11 Julien Delange, Laurent Pautet
12 Going further: code coverage Coverage project Automatically analyze code coverage Deduced at system execution Goal: reach MC/DC code coverage Generation of ARINC653-compliant code Application to generated application Automatically perform coverage analysis Analyze impact of code generation from AADL Facilitate DO178B/C certification Actually, statement coverage = 95% See. Couverture: an Innovative Open Framework for Coverage Analysis of Safety Critical Applications», Ada User Journal Coverage analysis 12 Julien Delange, Laurent Pautet
13 Conclusion Past projects show the importance of the AADL System analysis Automatic code generation cf. ASSERT project (2007) Ongoing work open new perspectives Improved analysis tools Automatic generation and certification of layered architectures Verification of requirements enforcement at execution time cf. PARSEC, AVSI, COUVERTURE projects (2009) 13 Julien Delange, Laurent Pautet
ARINC653 annex: examples
ARINC653 annex: examples Julien Delange Laurent Pautet Peter Feiler 10/11/09 Better understanding of ARINC653 systems Help to understand ARINC653 architectures
More informationModel-Based Engineering for the Development of ARINC653 Architectures
Model-Based Engineering for the Development of ARINC653 Architectures SAE 2009 AeroTech Congress and Exhibition Julien Delange Olivier Gilles Jérôme Hugues Laurent Pautet Context ARINC653 systems Time
More informationARINC653 and AADL. Julien Delange Laurent Pautet
ARINC653 and AADL Julien Delange delange@enst.fr Laurent Pautet pautet@enst.fr Background ARINC653, avionics standard Partitioning support Runtime services (communication, ) Partition 1 Partition 2 ARINC653
More informationModel-Based Engineering for the Development of ARINC653 Architectures
09ATC-0265 Model-Based Engineering for the Development of ARINC653 Architectures Copyright 2009 SAE International Julien Delange, Olivier Gilles, Jérôme Hugues, Laurent Pautet TELECOM ParisTech LTCI UMR
More informationPOK. An ARINC653-compliant operating system released under the BSD licence. Julien Delange, European Space Agency
POK An ARINC653-compliant operating system released under the BSD licence Julien Delange, European Space Agency Laurent Lec, MakeMeReach Introduction Problems
More informationARINC653 AADL Annex. Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Julien Delange 07/08/2013
ARINC653 AADL Annex Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Julien Delange 07/08/2013 Context, Rationale ARINC653 Avionics standard Standardized API (called APEX
More informationInvolved subjects in this presentation Security and safety in real-time embedded systems Architectural description, AADL Partitioned architectures
Introduction Problem: security and reliability Purpose: design and implementation of safe/secure systems Help system designers to describe their requirements Ensure safety and security policies enforcement
More informationPOK User Guide. POK Team
POK User Guide POK Team February 19, 2014 Contents 1 Introduction 3 1.1 What is POK?.............................. 3 1.2 Purpose of this document........................ 3 1.3 Supported platforms...........................
More informationThe TASTE MBE development toolchain - update & case-studies
The TASTE MBE development toolchain - update & case-studies Julien Delange 18/10/2010 Agenda 1. Overview of the TASTE environment 2. Latest improvements 3. Ongoing projects, conclusion TASTE update & case-studies
More informationFrom MDD back to basic: Building DRE systems
From MDD back to basic: Building DRE systems, ENST MDx in software engineering Models are everywhere in engineering, and now in software engineering MD[A, D, E] aims at easing the construction of systems
More informationPOK, an ARINC653-compliant operating system released under the BSD license
POK, an ARINC653-compliant operating system released under the BSD license Julien Delange European Space Agency Keplerlaan 1, 2201AG Noordwijk, The Netherlands julien.delange@esa.int Laurent Lec MakeMeReach
More informationInstitut Supérieur de l Aéronautique et de l Espace Ocarina: update and future directions
Institut Supérieur de l Aéronautique et de l Espace Ocarina: update and future directions Jérôme Hugues, ISAE/DMIA jerome.hugues@isae.fr Ocarina story 2004: ESA promoted the use of AADL 1.0 in the context
More informationGenerating high-integrity systems with AADL and Ocarina. Jérôme Hugues, ISAE/DMIA
Generating high-integrity systems with AADL and Ocarina Jérôme Hugues, ISAE/DMIA jerome.hugues@isae.fr Modeling with AADL, what else? AADL is an interesting framework to model and validate complex systems:
More informationARINC653 AADL Annex Update
ARINC653 AADL Annex Update Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Julien Delange AADL Meeting February 15 Report Documentation Page Form Approved OMB No. 0704-0188
More informationModel Editing & Processing Tools. AADL Committee, San Diego February 4th, Pierre Dissaux. Ellidiss. Technologies w w w. e l l i d i s s.
Model Editing & Processing Tools AADL Committee, San Diego February 4th, 2015 Pierre Dissaux Technologies w w w. e l l i d i s s. c o m Independent Technology Provider: Software w w w. e l l i d i s s.
More informationThe Ocarina Tool Suite. Thomas Vergnaud
The Ocarina Tool Suite Motivation 2 ENST is developing a middleware architecture: PolyORB generic, configurable, interoperable enables middleware verification create a tool chain
More informationAADL : about code generation
AADL : about code generation AADL objectives AADL requirements document (SAE ARD 5296) Analysis and Generation of systems Generation can encompasses many dimensions 1. Generation of skeletons from AADL
More informationLearn AADL concepts in a pleasant way
Learn AADL concepts in a pleasant way Julien DELANGE, Peter FEILER at Software Engineer Institute, Carnegie Mellon University delange@enst.fr, phf@sei.cmu.edu February 24, 2009 Contents 1 Before you start
More informationTowards AADL to SystemC mapping for partitioned systems. Etienne Borde Laurent Pautet Marc Gatti
Towards AADL to SystemC mapping for partitioned systems Michael Lafaye Etienne Borde Laurent Pautet Marc Gatti Presentation of a First Mapping Prototype: AADL to SystemC for Avionics Partitioned Systems
More informationAADL to build DRE systems, experiments with Ocarina. Jérôme Hugues, ENST
AADL to build DRE systems, experiments with Ocarina Jérôme Hugues, ENST ENST Research topic: Methods for DRE Building a DRE is still a complex issue: RT-CORBA, DDS are only partial solutions Still difficult
More informationAADL Inspector Tutorial. ACVI Workshop, Valencia September 29th, Pierre Dissaux. Ellidiss. Technologies w w w. e l l i d i s s.
AADL Inspector Tutorial ACVI Workshop, Valencia September 29th, 2014 Pierre Dissaux Ellidiss Technologies w w w. e l l i d i s s. c o m Independent Technology Provider: Ellidiss Software w w w. e l l i
More informationRAMSES. Refinement of AADL Models for the Synthesis of Embedded Systems. Etienne Borde
Refinement of AADL Models for the Synthesis of Embedded Systems Etienne Borde etienne.borde@telecom-paristech.fr AADL: Architecture Analysis and Design Language We use AADL to model SCES architectures:
More informationGreen Hills Software, Inc.
Green Hills Software, Inc. A Safe Tasking Approach to Ada95 Jim Gleason Engineering Manager Ada Products 5.0-1 Overview Multiple approaches to safe tasking with Ada95 No Tasking - SPARK Ada95 Restricted
More informationAn Information Model for High-Integrity Real Time Systems
An Information Model for High-Integrity Real Time Systems Alek Radjenovic, Richard Paige, Philippa Conmy, Malcolm Wallace, and John McDermid High-Integrity Systems Group, Department of Computer Science,
More informationInvestigation of System Timing Concerns in Embedded Systems: Tool-based Analysis of AADL Models
Investigation of System Timing Concerns in Embedded Systems: Tool-based Analysis of AADL Models Peter Feiler Software Engineering Institute phf@sei.cmu.edu 412-268-7790 2004 by Carnegie Mellon University
More informationAUTOBEST: A United AUTOSAR-OS And ARINC 653 Kernel. Alexander Züpke, Marc Bommert, Daniel Lohmann
AUTOBEST: A United AUTOSAR-OS And ARINC 653 Kernel Alexander Züpke, Marc Bommert, Daniel Lohmann alexander.zuepke@hs-rm.de, marc.bommert@hs-rm.de, lohmann@cs.fau.de Motivation Automotive and Avionic industry
More informationModel-Driven Engineering Approach for Simulating Virtual Devices in the OSATE 2 Environment
Model-Driven Engineering Approach for Simulating Virtual Devices in the OSATE 2 Environment Fáber D. Giraldo and Mónica M. Villegas Abstract Simulating devices while developing software for embedded systems
More informationAADL Tools & Technology. AADL committee 22 April Pierre Dissaux. Ellidiss. T e c h n o l o g i e s. w w w. e l l i d i s s.
AADL Tools & Technology AADL committee 22 April 2013 Pierre Dissaux Ellidiss T e c h n o l o g i e s w w w. e l l i d i s s. c o m Independent SW tool editor: Ellidiss Software w w w. e l l i d i s s.
More informationExecutable AADL. Real Time Simulation of AADL Models. Pierre Dissaux 1, Olivier Marc 2.
Executable AADL Real Time Simulation of AADL Models Pierre Dissaux 1, Olivier Marc 2 1 Ellidiss Technologies, Brest, France. 2 Virtualys, Brest, France. pierre.dissaux@ellidiss.com olivier.marc@virtualys.com
More informationPattern-Based Analysis of an Embedded Real-Time System Architecture
Pattern-Based Analysis of an Embedded Real-Time System Architecture Peter Feiler Software Engineering Institute phf@sei.cmu.edu 412-268-7790 Outline Introduction to SAE AADL Standard The case study Towards
More informationModelling Avionics Architectures
Modelling Avionics Architectures Julien Delange Hollywood, Florida 24/01/2011 ESA UNCLASSIFIED For Official Use Rationale 1. System architectures don t differ significantly a. One OBC that communicate
More informationAADL performance analysis with Cheddar : a review
AADL performance analysis with Cheddar : a review P. Dissaux*, J. Legrand*, A. Plantec+, F. Singhoff+ *Ellidiss Technologies, France +University of Brest/UBO, LISyC, France Talk overview 1. Cheddar project
More informationTitle: Configuration and Scheduling tools for TSP systems based on XtratuM.
Title: Configuration and Scheduling tools for TSP systems based on XtratuM. Authors: I. Ripoll, M. Masmano, V. Brocal, S. Peiró, P. Balbastre, A. Crespo Affiliation: Instituto de Informática Industrial,
More informationPDP 4PS : Periodic Delayed Protocol for Partitioned Systems
PDP 4PS : Periodic Delayed Protocol for Partitioned Systems Authors: Antoine Jaouën Etienne Borde Laurent Pautet Thomas Robert firstname.lastname@telecom-paristech.fr Introduction & Issues ontext Safety
More informationTesting Operating Systems with RT-Tester
Testing Operating Systems with RT-Tester Jan Peleska, Oliver Meyer, Johannes Kanefendt and Florian Lapschies jp@verified.de University of Bremen and Verified Systems International GmbH, Bremen, Germany
More informationToolset for Mixed-Criticality Partitioned Systems: Partitioning Algorithm and Extensibility Support
1 Toolset for Mixed-Criticality Partitioned Systems: Partitioning Algorithm and Extensibility Support Alejandro Alonso, Emilio Salazar Dept. de Ingenería de Sistemas Telemáticos, Universidad Politécnica
More informationAADL committee, Valencia October 2 nd, Pierre Dissaux (Ellidiss) Maxime Perrotin (ESA)
AADL committee, Valencia October 2 nd, 2014 Pierre Dissaux (Ellidiss) Maxime Perrotin (ESA) what is TASTE? A tool-chain targeting heterogeneous, embedded systems, using a model-centric development approach
More informationAUTOBEST: A microkernel-based system (not only) for automotive applications. Marc Bommert, Alexander Züpke, Robert Kaiser.
AUTOBEST: A microkernel-based system (not only) for automotive applications Marc Bommert, Alexander Züpke, Robert Kaiser vorname.name@hs-rm.de Outline Motivation AUTOSAR ARINC 653 AUTOBEST Architecture
More informationUML&AADL 11 An Implementation of the Behavior Annex in the AADL-toolset OSATE2
UML&AADL 11 An Implementation of the Behavior Annex in the AADL-toolset OSATE2 Jérôme Hugues Gilles Lasnier Laurent Pautet Lutz Wrage jerome.hugues@isae.fr gilles.lasnier@telecom-paristech.fr laurent.pautet@telecom-paristech.fr
More informationAutomatic Selection of Feasibility Tests With the Use of AADL Design Patterns
Automatic Selection of Feasibility Tests With the Use of AADL Design Patterns V. Gaudel, F. Singhoff, A. Plantec, S. Rubini P. Dissaux*, J. Legrand* University of Brest/UBO, LISyC, France *Ellidiss Technologies,
More informationRapid Prototyping of Distributed Real-Time Embedded Systems Using the AADL and Ocarina
Rapid Prototyping of Distributed Real-Time Embedded Systems Using the AADL and Ocarina Jérôme HUGUES, Bechir ZALILA, Laurent PAUTET GET-Télécom Paris LTCI-UMR 5141 CNRS 46, rue Barrault, F-75634 Paris
More informationA Data-Centric Approach for Modular Assurance Abstract. Keywords: 1 Introduction
A Data-Centric Approach for Modular Assurance Gabriela F. Ciocarlie, Heidi Schubert and Rose Wahlin Real-Time Innovations, Inc. {gabriela, heidi, rose}@rti.com Abstract. A mixed-criticality system is one
More informationSTRAST. UPMSat-2 On-board computers. Grupo de Sistemas de Tiempo Real y Arquitectura de Servicios Telemáticos Universidad Politécnica de Madrid.
On-board computers Grupo de Sistemas de Tiempo Real y Arquitectura de Servicios Telemáticos Universidad Politécnica de Madrid dit UPM Computers in spacecraft Computers are used on board of spacecraft for
More informationA Real-Time Component Framework: Experience with CCM and ARINC-653
A Real-Time Component Framework: Experience with CCM and ARINC-653 Abhishek Dubey Gabor Karsai Robert Kereskenyi Nagabhushan Mahadevan Institute for Software Integrated Systems, Vanderbilt University,
More informationTo cite this document
This is an author-depositedd version published in: Eprints ID: 4733 http://oatao.univ-toulouse.fr/ To cite this document: HUGUES Jérôme. AADL, de l'analyse à la génération de code. In: Séminaire DTIM -
More informationImplementing a High-Integrity Executive using Ravenscar
Implementing a High-Integrity Executive using Ravenscar Neil Audsley, Alan Burns and Andy Wellings Real-Time Systems Research Group Department of Computer Science, University of York, UK Abstract This
More informationSAE Architecture Analysis and Design Language. AS-2C ADL Subcommittee Meeting June 6-9, 2011 Paris, France
SAE Architecture Analysis and Design Language AS-2C ADL Subcommittee Meeting June 6-9, 2011 Paris, France Election of AS2 Chair Greg Newman elected Replaces Mike Pakucko Covers AS2C (AADL) AS2D (time triggered)
More informationAn Implementation of the Behavior Annex in the AADL-toolset Osate2
2011 16th IEEE International Conference on Engineering of Complex Computer Systems An Implementation of the Behavior Annex in the AADL-toolset Osate2 Gilles Lasnier, Laurent Pautet Inst. TELECOM - TELECOM
More informationTaming Multi-Paradigm Integration in a Software Architecture Description Language
Taming Multi-Paradigm Integration in a Software Architecture Description Language Daniel Balasubramanian, Tihamer Levendovszky, Abhishek Dubey, and Gábor Karsai Institute for Software Integrated Systems
More informationSafety-critical Partitioned Software Architecture
Safety-critical Partitioned Software Architecture Seung Chung, Dan Dvorak, Dave Hecox, Greg Horvath Jet Propulsion Laboratory California Institute of Technology 2009-11-05 Copyright 2009 California Institute
More informationThis is an author-deposited version published in: Eprints ID: 3664
This is an author-deposited version published in: http://oatao.univ-toulouse.fr/ Eprints ID: 3664 To cite this document: GILLES, Olivier. HUGUES, Jérôme. Expressing and enforcing user-defined constraints
More informationModeling and verification of memory architectures with AADL and REAL
Modeling and verification of memory architectures with AADL and REAL Stéphane Rubini, Frank Singhoff LISyC - University of Brest - UEB 20, Avenue Le Gorgeu, CS 93837 29238 Brest Cedex 3, France {stephane.rubini,frank.singhoff}@univ-brest.fr
More informationCrisis and paradox in distributed-systems development
IEEE DISTRIBUTED SYSTEMS ONLINE 1541-4922 2005 Published by the IEEE Computer Society Vol. 6, No. 3; March 2005 Department Editor: Olivier Marin, http://www.cs.vu.nl/~omarin/, Laboratoire d'informatique
More informationVirtualización. Apolinar González Alfons Crespo
Virtualización Apolinar González Alfons Crespo OUTLINE Introduction Virtualisation techniques Hypervisors and real-time TSP Roles and functions Scheduling issues Case study: XtratuM 2 Conceptos previos
More informationAADL Subsets Annex Update
AADL Subsets Annex Update V. Gaudel, P. Dissaux, A. Plantec, F. Singhoff, J. Hugues*, J. Legrand University of Brest/UBO, Lab-Sticc, France Ellidiss Technologies, France *Institut Supérieur de l Aéronautique
More informationAutomatically adapt Cheddar to users need
Automatically adapt Cheddar to users need AADL Standards Meeting, Toulouse A. Plantec +, V. Gaudel +, S. Rubini +, F. Singhoff + P. Dissaux*, J. Legrand* + University of Brest/UBO, LISyC, France *Ellidiss
More informationThis is an author-deposited version published in: Eprints ID: 10292
Open Archive Toulouse Archive Ouverte (OATAO) OATAO is an open access repository that collects the work of Toulouse researchers and makes it freely available over the web where possible. This is an author-deposited
More informationA Multi-Modal Composability Framework for Cyber-Physical Systems
S5 Symposium June 12, 2012 A Multi-Modal Composability Framework for Cyber-Physical Systems Linh Thi Xuan Phan Insup Lee PRECISE Center University of Pennsylvania Avionics, Automotive Medical Devices Cyber-physical
More informationPosition Paper. Minimal Multicore Avionics Certification Guidance
Position Paper On Minimal Multicore Avionics Certification Guidance Lui Sha and Marco Caccamo University of Illinois at Urbana-Champaign Greg Shelton, Marc Nuessen, J. Perry Smith, David Miller and Richard
More informationASIC world. Start Specification Design Verification Layout Validation Finish
AMS Verification Agenda ASIC world ASIC Industrial Facts Why Verification? Verification Overview Functional Verification Formal Verification Analog Verification Mixed-Signal Verification DFT Verification
More informationUsing the MPU with an RTOS to Enhance System Safety and Security
Using the MPU with an RTOS to Enhance System Safety and Security By Stephen Ridley 10 December, 2016 www.highintegritysystems.com WITTENSTEIN WITTENSTEIN high integrity systems: A World Leading RTOS Ecosystem
More informationUpdate on Behavior Language for Embedded Systems with Software for Proof Based Analysis of Behavior
October 19, 2010 BLESS Progress Report (1) Update on Behavior Language for Embedded Systems with Software for Proof Based Analysis of Behavior Brian Larson Multitude Corporation October 19, 2010 October
More informationApplying MILS to multicore avionics systems
Applying MILS to multicore avionics systems Eur Ing Paul Parkinson FIET Principal Systems Architect, A&D EuroMILS Workshop, Prague, 19 th January 2016 2016 Wind River. All Rights Reserved. Agenda A Brief
More informationEnsuring Schedulability of Spacecraft Flight Software
Ensuring Schedulability of Spacecraft Flight Software Flight Software Workshop 7-9 November 2012 Marek Prochazka & Jorge Lopez Trescastro European Space Agency OUTLINE Introduction Current approach to
More informationModel-Based Design for High Integrity Software Development Mike Anthony Senior Application Engineer The MathWorks, Inc.
Model-Based Design for High Integrity Software Development Mike Anthony Senior Application Engineer The MathWorks, Inc. Tucson, AZ USA 2009 The MathWorks, Inc. Model-Based Design for High Integrity Software
More informationHAMES Review at SRI, 7 October 2008 partly based on Layered Assurance Workshop 13, 14 August 2008, BWI Hilton and based on Open Group, 23 July 2008,
HAMES Review at SRI, 7 October 2008 partly based on Layered Assurance Workshop 13, 14 August 2008, BWI Hilton and based on Open Group, 23 July 2008, Chicago Component Security Integration John Rushby Computer
More informationTest Suite Coverage Measurement and Reporting for Testing an Operating System without Instrumentation
Test Suite Coverage Measurement and Reporting for Testing an Operating System without Instrumentation Hermann Felbinger Virtual Vehicle Research Center Graz, Austria hermann.felbinger@v2c2.at Joel Sherrill
More informationDon t Be the Developer Whose Rocket Crashes on Lift off LDRA Ltd
Don t Be the Developer Whose Rocket Crashes on Lift off 2015 LDRA Ltd Cost of Software Defects Consider the European Space Agency s Ariane 5 flight 501 on Tuesday, June 4 1996 Due to an error in the software
More informationError Detection by Code Coverage Analysis without Instrumenting the Code
Error Detection by Code Coverage Analysis without Instrumenting the Code Erol Simsek, isystem AG Exhaustive testing to detect software errors constantly demands more time within development cycles. Software
More informationDesign and Implementation of Real-Time Distributed Systems with the ASSERT Virtual Machine
Design and Implementation of Real-Time Distributed Systems with the ASSERT Virtual Machine Juan Zamorano, Juan A. de la Puente Universidad Politécnica de Madrid (UPM) E-28040 Madrid, Spain jzamora@fi.upm.es,
More informationEnhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization
Enhanced Operating System Security Through Efficient and Fine-grained Address Space Randomization Anton Kuijsten Andrew S. Tanenbaum Vrije Universiteit Amsterdam 21st USENIX Security Symposium Bellevue,
More informationSECURIFY: A COMPOSITIONAL APPROACH OF BUILDING SECURITY VERIFIED SYSTEM
1 SRIFY: A COMPOSITIONAL APPROACH OF BUILDING SRITY VERIFIED SYSTEM Liu Yang, Associate Professor, NTU SG-CRC 2018 28 March 2018 2 Securify Approach Compositional Security Reasoning with Untrusted Components
More informationXVIII. Software Testing. Laurea Triennale in Informatica Corso di Ingegneria del Software I A.A. 2006/2007 Andrea Polini
XVIII. Software Testing Laurea Triennale in Informatica Corso di Objective General discussion on Testing Testing Phases Approaches to testing Structural testing Functional testing Testing non functional
More informationSPIN Operating System
SPIN Operating System Motivation: general purpose, UNIX-based operating systems can perform poorly when the applications have resource usage patterns poorly handled by kernel code Why? Current crop of
More informationLecture Embedded System Security Introduction to Trusted Computing
1 Lecture Embedded System Security Prof. Dr.-Ing. Ahmad-Reza Sadeghi System Security Lab Technische Universität Darmstadt (CASED) Summer Term 2015 Roadmap: Trusted Computing Motivation Notion of trust
More informationEuropean Component Oriented Architecture (ECOA ) Collaboration Programme: Architecture Specification Part 2: Definitions
European Component Oriented Architecture (ECOA ) Collaboration Programme: Part 2: Definitions BAE Ref No: IAWG-ECOA-TR-012 Dassault Ref No: DGT 144487-D Issue: 4 Prepared by BAE Systems (Operations) Limited
More informationDeos SafeMCTM. - Flight Software Workshop - Thursday December 7 th, Safety Critical Software Solutions for Mission Critical Systems
Deos SafeMCTM Real-Time DO 178C DAL A Operating System for Safety-Critical Multicore Avionics Systems (ARINC 653 and RTEMS POSIX APIS) Presenter : Theresa Rickman Military Aerospace Accounts - Flight Software
More informationFrom the Prototype to the Final Embedded System Using the Ocarina AADL Tool Suite
From the Prototype to the Final Embedded System Using the Ocarina AADL Tool Suite JEROME HUGUES GET-Télécom Paris LTCI-UMR 5141 CNRS and BECHIR ZALILA GET-Télécom Paris LTCI-UMR 5141 CNRS and LAURENT PAUTET
More informationAn implementation of the AADL-BA Behavior Annex front-end: an OSATE2 Eclipse plug-in
An implementation of the AADL-BA Behavior Annex front-end: an OSATE2 Eclipse plug-in Etienne Borde Gilles Lasnier Sébastien Gardoll Laurent Pautet Jérôme Hugues Fabien Cadoret borde@telecom-paristech.fr
More informationThis is an author-deposited version published in: Eprints ID: 9287
Open Archive Toulouse Archive Ouverte (OATAO) OATAO is an open access repository that collects the work of Toulouse researchers and makes it freely available over the web where possible. This is an author-deposited
More informationThe BITX M2M ecosystem. Detailed product sheet
The BITX M2M ecosystem Detailed product sheet Stop wasting energy! Finally an M2M application development platform that doesn t have you running in circles. Why building it all from scratch every time?
More informationACM SOSP 99 paper by Zuberi et al.
ACM SOSP 99 paper by Zuberi et al. Motivation Overview of EMERALDS Minimizing Code Size Minimizing Execution Overheads Conclusions 11/17/10 2 Small-memory embedded systems used everywhere! automobiles
More informationCODE / CONFIGURATION COVERAGE
CODE / CONFIGURATION COVERAGE In all affairs it's a healthy thing now and then to hang a question mark on the things you have long taken for granted. - Bertrand Russell, 1872-1970 NASA Technical Fellow
More informationModel Verification: Return of experience
Model Verification: Return of experience P. Dissaux 1, P. Farail 2 1: Ellidiss Technologies, 24, quai de la douane, 29200 Brest, France 2: Airbus Operations SAS, 316 route de Bayonne, 31060 Toulouse, France
More informationOverview of Potential Software solutions making multi-core processors predictable for Avionics real-time applications
Overview of Potential Software solutions making multi-core processors predictable for Avionics real-time applications Marc Gatti, Thales Avionics Sylvain Girbal, Xavier Jean, Daniel Gracia Pérez, Jimmy
More informationReal-Time Operating Systems Design and Implementation. LS 12, TU Dortmund
Real-Time Operating Systems Design and Implementation (slides are based on Prof. Dr. Jian-Jia Chen) Anas Toma, Jian-Jia Chen LS 12, TU Dortmund October 19, 2017 Anas Toma, Jian-Jia Chen (LS 12, TU Dortmund)
More informationSOFT 437. Software Performance Analysis. Ch 7&8:Software Measurement and Instrumentation
SOFT 437 Software Performance Analysis Ch 7&8: Why do we need data? Data is required to calculate: Software execution model System execution model We assumed that we have required data to calculate these
More informationData Model Considerations for Radar Systems
WHITEPAPER Data Model Considerations for Radar Systems Executive Summary The market demands that today s radar systems be designed to keep up with a rapidly changing threat environment, adapt to new technologies,
More informationVerification and Profiling tools
Verification and Profiling tools Dissemination Event September 2014 Nick Lay Dave George Rapita Systems Ltd. Introduction to Rapita Systems www.rapitasystems.com Rapita Systems Ltd. Founded in January
More informationWHITE PAPER. 10 Reasons to Use Static Analysis for Embedded Software Development
WHITE PAPER 10 Reasons to Use Static Analysis for Embedded Software Development Overview Software is in everything. And in many embedded systems like flight control, medical devices, and powertrains, quality
More informationCERTIFIED. Faster & Cheaper Testing. Develop standards compliant C & C++ faster and cheaper, with Cantata automated unit & integration testing.
CERTIFIED Faster & Cheaper Testing Develop standards compliant C & C++ faster and cheaper, with Cantata automated unit & integration testing. Why Industry leaders use Cantata Cut the cost of standards
More informationTowards the integration of Overture and TASTE
Towards the integration of Overture and TASTE T. Fabbri 1, M. Verhoef 2, V. Bandur 3, M. Perrotin 2, T. Tsiodras 2, P.G. Larsen 3 with many thanks to K.G. Lausdahl and P.W.V. Tran-Jørgensen work performed
More informationA Model-Based Reference Workflow for the Development of Safety-Related Software
A Model-Based Reference Workflow for the Development of Safety-Related Software 2010-01-2338 Published 10/19/2010 Michael Beine dspace GmbH Dirk Fleischer dspace Inc. Copyright 2010 SAE International ABSTRACT
More informationIntegration of Mixed Criticality Systems on MultiCores: Limitations, Challenges and Way ahead for Avionics
Integration of Mixed Criticality Systems on MultiCores: Limitations, Challenges and Way ahead for Avionics TecDay 13./14. Oct. 2015 Dietmar Geiger, Bernd Koppenhöfer 1 COTS HW Evolution - Single-Core Multi-Core
More informationThe MILS Partitioning Communication System + RT CORBA = Secure Communications for SBC Systems
The MILS Partitioning Communication System + RT CORBA = Secure Communications for SBC Systems Kevin Buesing Objective Interface Systems Field Applications Engineer kevin.buesing@ois.com Jeff Chilton Objective
More informationBy V-cubed Solutions, Inc. Page1. All rights reserved by V-cubed Solutions, Inc.
By V-cubed Solutions, Inc. Page1 Purpose of Document This document will demonstrate the efficacy of CODESCROLL CODE INSPECTOR, CONTROLLER TESTER, and QUALITYSCROLL COVER, which has been developed by V-cubed
More informationTDDD07 Real-time Systems Lecture 10: Wrapping up & Real-time operating systems
TDDD07 Real-time Systems Lecture 10: Wrapping up & Real-time operating systems Simin Nadjm-Tehrani Real-time Systems Laboratory Department of Computer and Information Science Linköping Univerity 28 pages
More informationSCADE. SCADE 19.2 Solutions for ARINC 661 Compliant Systems. The ARINC 661 Standard EMBEDDED SOFTWARE
EMBEDDED SOFTWARE SCADE SCADE 19.2 Solutions for ARINC 661 Compliant Systems SCADE Solutions for ARINC 661 Compliant Systems is a simulation toolset that empowers engineers to prototype and design ARINC
More informationVerification and Test with Model-Based Design
Verification and Test with Model-Based Design Flight Software Workshop 2015 Jay Abraham 2015 The MathWorks, Inc. 1 The software development process Develop, iterate and specify requirements Create high
More informationBy Matthew Noonan, Project Manager, Resource Group s Embedded Systems & Solutions
Building Testability into FPGA and ASIC Designs By Matthew Noonan, Project Manager, Resource Group s Embedded Systems & Solutions Introduction This paper discusses how the architecture for FPGAs and ASICs
More information