Update on Behavior Language for Embedded Systems with Software for Proof Based Analysis of Behavior
|
|
- Phebe Curtis
- 5 years ago
- Views:
Transcription
1 October 19, 2010 BLESS Progress Report (1) Update on Behavior Language for Embedded Systems with Software for Proof Based Analysis of Behavior Brian Larson Multitude Corporation October 19, 2010
2 October 19, 2010 BLESS Progress Report (2) Behavior Language for Embedded Systems with Software (BLESS) BLESS is AADL Annex Sublanguage(s) (v2 standardized by SAE in 2009) Inspired by Behavioural Annex (BA) Sublanguage Grammar of BLESS Coordinated with BA BLESS proof tool currently Java application; to become OSATE v2 (by SEI) plugin Convert BLESS behavior to BA to leverage BA tools Make adding proofs to models incremental, low-risk
3 October 19, 2010 BLESS Progress Report (3) Origins of BLESS Guidant (now Boston Scientific) used proprietary architecture language PADL derived from MetaH AADL, also derived from MetaH, was SAE International standard; anticipated migration to supplant home-brewed tools with commercial tools attended AADL tutorial at SEI (2007) invited to participate in AADL standard committee as medical device industry user reviewed v2 core standard and all annex standard documents Behavioural annex sublanguage (BA) might be augmented with Assertions to become proof outlines that could be transformed into a formal correctness proof by a proof tool like the one created for DANCE
4 October 19, 2010 BLESS Progress Report (4) Origins of BLESS, continued created temporal logic for Assertions while editing PACEMAKER System Specification (2006) migrate proof tool from ANTLR2 to ANTLR3 (start 2008, ongoing) wrote LRM defining semantics from set theory in LaTeX* (2009) BLESS grammar coordinated with BA grammar to make it easy to convert BLESS programs to BA text suspended in frustration development of OSATE/Eclipse plugin (2009); get tool working as Java application first VVI.aadl pushed through BLESS proof tool before May 2010 meeting of AADL committee in Toulouse (v0.12); half-day workshop/tutorial following was well received *please read it; ask questions; challenge suppositions
5 October 19, 2010 BLESS Progress Report (5) News DDD.aadl proved correct last Friday semantics for timeout dispatch conditions extended to express that none of the dispatch conditions leaving a source state has fired since the time of previous suspension, tops
6 October 19, 2010 BLESS Progress Report (6) BLESS is Three AADL Annex Sublanguages Assertion attached individually to features such as ports; annex libraries allow multiple assertions subbless attached only to subprograms; has only value transformations and Assertions without time expressions; subbless DANCE BLESS attached only to thread, device, or system AADL components; has states, transitions, timeouts, actions including communication, events, and Assertions with time expressions
7 October 19, 2010 BLESS Progress Report (7) BLESS is Three AADL Sublanguages subbless action firstorder predicate BLESS states transitions communication event dispatch persistence Assertion ˆ
8 October 19, 2010 BLESS Progress Report (8) Assertions are Temporal Logic Formulas Assertion grammar is first-order predicate calculus augmented and ˆ says when a predicate is true in real time: p@t means p is true at time t ˆ says when a predicate is true in thread periods (clock ticks): d@i means d is true i ticks (thread periods) from now; i is usually negative says when a predicate is true the previous tick: c means cˆ-1 the value of c set by the thread last period; used in calculating new values for this period; c:=c -1 decrements c each clock cycle
9 October 19, 2010 BLESS Progress Report (9) Lower Rate Limit Assertion Lower Rate Limit (LRL) -- The Lower Rate Limit (LRL) is the number of -- generator pace pulses -- delivered per minute (atrium or ventricle) -- in the absence of -- Sensed intrinsic activity. -- Sensor-controlled pacing at a higher rate. -- The LRL is affected in the following ways: When Rate Hysteresis is disabled, the LRL shall -- define the longest allowable pacing interval In DXX or VXX modes, the LRL interval starts -- at a ventricular sensed or paced event <<LRL:theTime: -- there has been a V-pace or a non-refractory V-sense exists t:timing_properties::time -- within the previous LRL interval in (thetime-pp::lower_rate_limit_interval)..thetime -- in which a heartbeat was paced if not sensed that (nr_vs or vp)@t >> means that at thetime, there has been a non-refractory, ventricular sense (nr_vs) or ventricular pace (vp) in the previous period lasting lower_rate_limit_interval.
10 October 19, 2010 BLESS Progress Report (10) Timeout va,sav,pav -[on dispatch timeout (vp nr_vs) PP::Lower_Rate_Limit_interval ms]->va {...}; pav -[on dispatch vs]-> pav_check_vrp{}; <<((vp or and not (exists t:timing_properties::time in now-pp::lower_rate_limit_interval,,now that (vp or )) and (VAI(now) and LAST_VP_OR_VS() and LAST_AS() and LRL(now) and URL(now))>>
11 October 19, 2010 BLESS Progress Report (11) Including a term that says no dispatch condition was true between time-of-previous-suspension, tops, and the present instant, now: <<((vp or nr_vs)@(now-pp::lower_rate_limit_interval) and not (exists t:timing_properties::time in now-pp::lower_rate_limit_interval,,now that (vp or nr_vs)@t )) and VAI(now) and LAST_VP_OR_VS() and LAST_AS() and LRL(now) and URL(now) and not (exists u:timing_properties::time in tops,,now that ((vp or nr_vs)@(u-pp::lower_rate_limit_interval) and not (exists t:timing_properties::time in u-pp::lower_rate_limit_interval,,u that (vp or nr_vs)@t )) or (as@u) or (vs@u) or (((vp or nr_vs)@(u-va_interval) and not (exists t:timing_properties::time in u-va_interval,,u that (vp or nr_vs)@t ))) or (stop) )>>
12 October 19, 2010 BLESS Progress Report (12) Dense time, actions, durations semantics of Assertions can express temporal behavior declaratively BLESS quantification integrates properties across time Needed to add open ranges: lb,,ub lb,.ub lb.,ub
13 October 19, 2010 BLESS Progress Report (13) DDD.aadl Proof 998 Theorems 414 lines of code 4 minutes run-time script to prove each initial obligation individually
14 October 19, 2010 BLESS Progress Report (14) BLESS, most recently DDD.aadl has been a challenging second example; many new or converted proof rules; caused re-evaluation of proof obligations for thread behavior Released tool (v0.14) yesterday; LRM (still v0.13) Many classes of proof rules and features added since Toulouse extensive use of ANTLR, 36 grammars and string template groups
15 October 19, 2010 BLESS Progress Report (15) Plentiful interesting things to do... use BLESS to prove RTEdge correctness integrate with Fiacre model checker (TOPCASED) attempt conversion of stand-alone application to OSATE (SEI) or STOOD (Ellidiss) plugins, experiment with avionics (Dassault), NPP shutdown systems (NRC), or robotics (PaR), add code generation to proof tool, Ocarina or ANTLR demonstrate proved-correct software running on real hardware for Pacemaker Challenge behavior semantics shoot-out : Fiacre, Maude, Ocarina, BLESS... but scarce funding
16 October 19, 2010 BLESS Progress Report (16) ESA s Avionics Reference Architecture and IMA Modeling Might be opportunity to integrate BLESS with TOPCASED (ASSERT) tool suite, and experiment with avionics subject Safety-critical systems complexity tamed using math like every other engineering discipline Ensure execution correctness with both proofs and testing Compose proved-correct building blocks into proved-correct systems
17 October 19, 2010 BLESS Progress Report (17) Team to Define Experiment Using BLESS on ESA s Avionics Reference Architecture Thierry Cornilleau - Dassault Aviation Pierre Dissaux - Ellidiss (STOOD, Adele) Jerome Hughes - ISAE (Ocarina) Mamoun Filalai - IRIT (Fiacre) Frank Singhoff - Brest (concurrency control protocols) Eric Conquet - ESA (ASSERT)* Julien Delange- ESA (ARA) Laurent Pautet - ESA (ARA) Serban Gheorghe - Edgewater (RTEdge) Oleg Sokolsky - UPenn (cyber-physical systems) Peter, Bruce, Dio, Lutz - SEI (OSATE) others? * What we prove is what we get.
Monday Jan 30. Tuesday Jan 31. AADL Standards Meeting Jan 30 Feb 1, 2012 Toulouse, France with ERTS Conference N7 INPT University de Toulouse
AADL Standards Meeting Jan 30 Feb 1, 2012 Toulouse, France with ERTS Conference N7 INPT University de Toulouse http://maps.google.com/maps?q=rue+charles+camichel,+31000+toulouse,+france&z=16 Teleconference
More informationHow to Use the BLESS Plug-in to OSATE
How to Use the BLESS Plug-in to OSATE Brian R Larson Kansas State University brl@k-state.edu September 29, 2014 Architecture-Centric Virtual Integration Workshop MoDELS Conference Universitat Politecnica
More informationSAE Architecture Analysis and Design Language. AS-2C ADL Subcommittee Meeting June 6-9, 2011 Paris, France
SAE Architecture Analysis and Design Language AS-2C ADL Subcommittee Meeting June 6-9, 2011 Paris, France Election of AS2 Chair Greg Newman elected Replaces Mike Pakucko Covers AS2C (AADL) AS2D (time triggered)
More informationUML&AADL 11 An Implementation of the Behavior Annex in the AADL-toolset OSATE2
UML&AADL 11 An Implementation of the Behavior Annex in the AADL-toolset OSATE2 Jérôme Hugues Gilles Lasnier Laurent Pautet Lutz Wrage jerome.hugues@isae.fr gilles.lasnier@telecom-paristech.fr laurent.pautet@telecom-paristech.fr
More informationAADL Tools & Technology. AADL committee 22 April Pierre Dissaux. Ellidiss. T e c h n o l o g i e s. w w w. e l l i d i s s.
AADL Tools & Technology AADL committee 22 April 2013 Pierre Dissaux Ellidiss T e c h n o l o g i e s w w w. e l l i d i s s. c o m Independent SW tool editor: Ellidiss Software w w w. e l l i d i s s.
More informationQuery Language for AADLv2, Jérôme Hugues, ISAE Serban Gheorghe, Edgewater
Query Language for AADLv2, Jérôme Hugues, ISAE Serban Gheorghe, Edgewater Outline 1. Discussion from previous meetings 2. Defining elements for a DSL, inputs from the meta model 3. Defining elements for
More informationSAE Architecture Analysis and Design Language. AS-2C AADL Subcommittee Meeting Feb 3-6, 2014 Toulouse, France
SAE Architecture Analysis and Design Language AS-2C AADL Subcommittee Meeting Feb 3-6, 2014 Toulouse, France Upcoming SAE/AADL Meetings Next Meeting: September 2013 Montreal Spring 2014 Santa Barbara,
More informationSAE Architecture Analysis and Design Language. AS-2C AADL Subcommittee Meeting Sept 29-Oct 2, 2014 Valencia, Spain
SAE Architecture Analysis and Design Language AS-2C AADL Subcommittee Meeting Sept 29-Oct 2, 2014 Valencia, Spain Upcoming SAE/AADL Meetings Fall 2014 - Valencia, Workshop is the Monday, Sept 29 th, Meeting
More informationModel Editing & Processing Tools. AADL Committee, San Diego February 4th, Pierre Dissaux. Ellidiss. Technologies w w w. e l l i d i s s.
Model Editing & Processing Tools AADL Committee, San Diego February 4th, 2015 Pierre Dissaux Technologies w w w. e l l i d i s s. c o m Independent Technology Provider: Software w w w. e l l i d i s s.
More informationThe AADL Behavioural annex 1
1 IRIT-CNRS ; Université de Toulouse, France Ellidis Software France-UK SEI CMU USA Wednesday March 24 th 2010 OXFORD UML-AADL 2010 Panel 1 This work was partly supported by the French AESE project Topcased
More informationAn Implementation of the Behavior Annex in the AADL-toolset Osate2
2011 16th IEEE International Conference on Engineering of Complex Computer Systems An Implementation of the Behavior Annex in the AADL-toolset Osate2 Gilles Lasnier, Laurent Pautet Inst. TELECOM - TELECOM
More informationIntroduction to AADL 1
Introduction to AADL 1 M. Filali joint work with Bernard Berthomieu, Jean-Paul Bodeveix, Christelle Chaudet, Silvano Dal Zilio, François Vernadat IRIT-CNRS ; University of Toulouse, France LAAS-CNRS ;
More informationSAE Architecture Analysis and Design Language. AS-2C AADL Subcommittee Meeting Feb 2-5, 2015 San Diego, USA
SAE Architecture Analysis and Design Language AS-2C AADL Subcommittee Meeting Feb 2-5, 2015 San Diego, USA Upcoming SAE/AADL Meetings Fall 2014 - Valencia, Workshop is the Monday, Sept 29 th Winter 2015
More informationAADL Inspector Tutorial. ACVI Workshop, Valencia September 29th, Pierre Dissaux. Ellidiss. Technologies w w w. e l l i d i s s.
AADL Inspector Tutorial ACVI Workshop, Valencia September 29th, 2014 Pierre Dissaux Ellidiss Technologies w w w. e l l i d i s s. c o m Independent Technology Provider: Ellidiss Software w w w. e l l i
More informationUsing the AADL for mission critical software development paper presented at the ERTS conference, Toulouse, 21 January 2004
Using the AADL for mission critical software development paper presented at the ERTS conference, Toulouse, 21 January 2004 Pierre Dissaux, pierre.dissaux@tni-world.com TNI-Europe Limited Mountbatten Court,
More informationInvestigation of System Timing Concerns in Embedded Systems: Tool-based Analysis of AADL Models
Investigation of System Timing Concerns in Embedded Systems: Tool-based Analysis of AADL Models Peter Feiler Software Engineering Institute phf@sei.cmu.edu 412-268-7790 2004 by Carnegie Mellon University
More informationModel-Based Engineering for the Development of ARINC653 Architectures
Model-Based Engineering for the Development of ARINC653 Architectures SAE 2009 AeroTech Congress and Exhibition Julien Delange Olivier Gilles Jérôme Hugues Laurent Pautet Context ARINC653 systems Time
More informationModeling and verification of memory architectures with AADL and REAL
Modeling and verification of memory architectures with AADL and REAL Stéphane Rubini, Frank Singhoff LISyC - University of Brest - UEB 20, Avenue Le Gorgeu, CS 93837 29238 Brest Cedex 3, France {stephane.rubini,frank.singhoff}@univ-brest.fr
More informationThe Montana Toolset: OSATE Plugins for Analysis and Code Generation
Fremont Associates Process Project QA The Montana Toolset: OSATE Plugins for Analysis and Code Generation Oleg Sokolsky University of Pennsylvania AADL Workshop 005 Paris, France October 17-18, 18, 005
More informationSystem-level co-modeling AADL and Simulink specifications using Polychrony (and Syndex)
System-level co-modeling AADL and Simulink specifications using Polychrony (and Syndex) AADL Standards Meeting June 6., 2011 Jean-Pierre Talpin, INRIA Parts of this presentation are joint work with Paul,
More informationExecutable AADL. Real Time Simulation of AADL Models. Pierre Dissaux 1, Olivier Marc 2.
Executable AADL Real Time Simulation of AADL Models Pierre Dissaux 1, Olivier Marc 2 1 Ellidiss Technologies, Brest, France. 2 Virtualys, Brest, France. pierre.dissaux@ellidiss.com olivier.marc@virtualys.com
More informationIntroduction to AADL analysis and modeling with FACE Units of Conformance
Introduction to AADL analysis and modeling with FACE Units of Conformance AMRDEC Aviation Applied Technology Directorate Contract Number W911W6-17- D-0003 Delivery Order 3 This material is based upon work
More informationFormal Verification of AADL models with Fiacre and Tina
Formal Verification of AADL models with Fiacre and Tina B. Berthomieu, J.-P. Bodeveix, S. Dal Zilio, P. Dissaux, M. Filali, P. Gaufillet, S. Heim, F. Vernadat CNRS ; LAAS ; 7 avenue colonel Roche, F-31077
More informationARINC653 and AADL. Julien Delange Laurent Pautet
ARINC653 and AADL Julien Delange delange@enst.fr Laurent Pautet pautet@enst.fr Background ARINC653, avionics standard Partitioning support Runtime services (communication, ) Partition 1 Partition 2 ARINC653
More informationPresentation of the AADL: Architecture Analysis and Design Language
Presentation of the AADL: Architecture Analysis and Design Language Outline 1. AADL a quick overview 2. AADL key modeling constructs 1. AADL components 2. Properties 3. Component connection 3. AADL: tool
More informationGenerating high-integrity systems with AADL and Ocarina. Jérôme Hugues, ISAE/DMIA
Generating high-integrity systems with AADL and Ocarina Jérôme Hugues, ISAE/DMIA jerome.hugues@isae.fr Modeling with AADL, what else? AADL is an interesting framework to model and validate complex systems:
More informationArchitecture Description Languages. Peter H. Feiler 1, Bruce Lewis 2, Steve Vestal 3 and Ed Colbert 4
Architecture Description Languages An Overview of the SAE Architecture Analysis & Design Language (AADL) Standard: A Basis for Model-Based Architecture-Driven Embedded Systems Engineering Peter H. Feiler
More informationProject Report. Using the AADL to support the ASSERT modeling process
Project Report Using the AADL to support the ASSERT modeling process Pierre Dissaux (Ellidiss) AADL committee Salt Lake City April 16, 2007 Copyright 2004-2007 ASSERT Project 1 Goals Improve system-and-software
More informationAADL committee, Valencia October 2 nd, Pierre Dissaux (Ellidiss) Maxime Perrotin (ESA)
AADL committee, Valencia October 2 nd, 2014 Pierre Dissaux (Ellidiss) Maxime Perrotin (ESA) what is TASTE? A tool-chain targeting heterogeneous, embedded systems, using a model-centric development approach
More informationARINC653 toolset: Ocarina, Cheddar and POK
ARINC653 toolset: Ocarina, Cheddar and POK Julien Delange Laurent Pautet 09/11/09 Context ARINC653 systems Layered architecture Enforce isolation across partitions High-integrity,
More informationAADL Subsets Annex Update
AADL Subsets Annex Update V. Gaudel, P. Dissaux, A. Plantec, F. Singhoff, J. Hugues*, J. Legrand University of Brest/UBO, Lab-Sticc, France Ellidiss Technologies, France *Institut Supérieur de l Aéronautique
More informationarxiv: v1 [cs.se] 2 Mar 2015
Real-Time Model Checking Support for AADL B. Berthomieu b,c, J.-P. Bodeveix a,c, S. Dal Zilio b,c,, M. Filali a,c, D. Le Botlan b,c, G. Verdier a,c, F. Vernadat b,c a CNRS, IRIT, 118 route de Narbonne,
More informationPresentation of the AADL: Architecture Analysis and Design Language
Presentation of the AADL: Architecture Analysis and Design Language Outline 1. AADL a quick overview 2. AADL key modeling constructs 1. AADL components 2. Properties 3. Component connection 3. AADL: tool
More informationTTM/PAT: Specifying and Verifying Timed Transition Models
TTM/PAT: Specifying and Verifying Timed Transition Models Jonathan S. Ostroff 1, Chen-Wei Wang 1,Yang Liu 2, Jun Sun 3, and Simon Hudon 1 1 Department of Electrical Engineering & Computer Science, York
More informationAADL Requirements Annex Review
Dominique Blouin Lab-STICC Université de Bretagne-Occidentale Université de Bretagne-Sud Bretagne, France 1 AADL Standards Meeting, April 23 th, 2013 Agenda Comments from Annex Document Review Motivations
More informationARINC653 annex: examples
ARINC653 annex: examples Julien Delange Laurent Pautet Peter Feiler 10/11/09 Better understanding of ARINC653 systems Help to understand ARINC653 architectures
More informationARINC653 AADL Annex. Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Julien Delange 07/08/2013
ARINC653 AADL Annex Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Julien Delange 07/08/2013 Context, Rationale ARINC653 Avionics standard Standardized API (called APEX
More informationFUSED Framework for System Engineering Hands-on Tutorial SAE AADL 19 April 2012
FUSED Framework for System Engineering Hands-on Tutorial SAE AADL 19 April 2012 Steve.Vestal@Adventiumlabs.com Tutorial Agenda Overview: Goals and Approach Scenario-Driven Capabilities Overviews Hands-On
More informationRAMSES. Refinement of AADL Models for the Synthesis of Embedded Systems. Etienne Borde
Refinement of AADL Models for the Synthesis of Embedded Systems Etienne Borde etienne.borde@telecom-paristech.fr AADL: Architecture Analysis and Design Language We use AADL to model SCES architectures:
More informationUpdate on AADLInspector and Cheddar : new interface and multiprocessors analysis
Update on AADLInspector and Cheddar : new interface and multiprocessors analysis P. Dissaux*, J. Legrand*, A. Schach*, S. Rubini+, J. Boukhobza+, L. Lemarchand+, J.P. Diguet+, N. Tran+, M. Dridi+, R. Bouaziz$,
More informationAn Information Model for High-Integrity Real Time Systems
An Information Model for High-Integrity Real Time Systems Alek Radjenovic, Richard Paige, Philippa Conmy, Malcolm Wallace, and John McDermid High-Integrity Systems Group, Department of Computer Science,
More informationCONFIENT Introduction
CONFIENT Introduction January 10, 2008 Not available for sale in the U.S. CAUTION: Investigational Device. Limited by Federal Law to investigational use. Disclaimer This material describes products in
More informationInstitut Supérieur de l Aéronautique et de l Espace Ocarina: update and future directions
Institut Supérieur de l Aéronautique et de l Espace Ocarina: update and future directions Jérôme Hugues, ISAE/DMIA jerome.hugues@isae.fr Ocarina story 2004: ESA promoted the use of AADL 1.0 in the context
More informationAutomatically adapt Cheddar to users need
Automatically adapt Cheddar to users need AADL Standards Meeting, Toulouse A. Plantec +, V. Gaudel +, S. Rubini +, F. Singhoff + P. Dissaux*, J. Legrand* + University of Brest/UBO, LISyC, France *Ellidiss
More informationAADL v2.1 errata AADL meeting Sept 2014
AADL v2.1 errata AADL meeting Sept 2014 Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 V2.1 Errata Additional applies to allowances Inconsistency in reference/applies to
More informationInstitut Supérieur de l Aéronautique et de l Espace Constraints Annex Implementation Approach
Institut Supérieur de l Aéronautique et de l Espace Constraints Annex Implementation Approach Jérôme Hugues, ISAE/DMIA jerome.hugues@isae.fr Rethinking what we have already > Idea not new, tested in various
More informationHOOD, STOOD and AADL. Ada Europe, Valencia June 2010
HOOD, STOOD and AADL Ada Europe, Valencia June 2010 Tony Elliston The ELLIDISS Group Model Driven Engineering with Component Based Approaches for Critical Systems and Software Ellidiss Software w w w.
More informationDependability Modeling Based on AADL Description (Architecture Analysis and Design Language)
Dependability Modeling Based on AADL Description (Architecture Analysis and Design Language) Ana Rugina, Karama Kanoun and Mohamed Kaâniche {rugina, kanoun, kaaniche}@laas.fr European Integrated Project
More informationInvolved subjects in this presentation Security and safety in real-time embedded systems Architectural description, AADL Partitioned architectures
Introduction Problem: security and reliability Purpose: design and implementation of safe/secure systems Help system designers to describe their requirements Ensure safety and security policies enforcement
More informationModelling Avionics Architectures
Modelling Avionics Architectures Julien Delange Hollywood, Florida 24/01/2011 ESA UNCLASSIFIED For Official Use Rationale 1. System architectures don t differ significantly a. One OBC that communicate
More informationUpdate on AADL Requirements Annex
Open-PEOPLE Open Power and Energy Optimization PLatform and Estimator Update on AADL Requirements Annex Dominique BLOUIN* *Lab-STICC, Université de Bretagne Sud, Lorient, FRANCE AADL Standards Meeting,
More informationAADS+: AADL Simulation including the Behavioral Annex
AADS+: AADL Simulation including the Behavioral Annex Fifth IEEE International workshop UML and AADL 24th March 2010, Oxford, UK Roberto Varona Gómez Eugenio Villar {roberto, evillar}@teisa.unican.es University
More informationTranslating AADL into BIP Application to the Verification of Real time Systems
Toulouse, France (in conjunction with MODELS 2008) 1st International Workshop on Model Based Architecting and Construction of Embedded Systems (ACESMB 2008) Translating AADL into BIP Application to the
More informationAADL Model Behavior: Rapid-Prototype XOR Exactitude?
AADL Model Behavior: Rapid-Prototype XOR Exactitude? Brian R Larson 7 June 2011 SAE International AS-2C Standard Committee Meeting TELECOM ParisTech 6-9 June 2011 brl@multitude.net Brian R Larson () Rapid-Prototype
More informationARINC653 AADL Annex Update
ARINC653 AADL Annex Update Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Julien Delange AADL Meeting February 15 Report Documentation Page Form Approved OMB No. 0704-0188
More informationModel Verification: Return of experience
Model Verification: Return of experience P. Dissaux 1, P. Farail 2 1: Ellidiss Technologies, 24, quai de la douane, 29200 Brest, France 2: Airbus Operations SAS, 316 route de Bayonne, 31060 Toulouse, France
More informationThis is an author-deposited version published in: Eprints ID: 9287
Open Archive Toulouse Archive Ouverte (OATAO) OATAO is an open access repository that collects the work of Toulouse researchers and makes it freely available over the web where possible. This is an author-deposited
More informationTest and Evaluation of Autonomous Systems in a Model Based Engineering Context
Test and Evaluation of Autonomous Systems in a Model Based Engineering Context Raytheon Michael Nolan USAF AFRL Aaron Fifarek Jonathan Hoffman 3 March 2016 Copyright 2016. Unpublished Work. Raytheon Company.
More informationFormal Verification. Lecture 10
Formal Verification Lecture 10 Formal Verification Formal verification relies on Descriptions of the properties or requirements of interest Descriptions of systems to be analyzed, and rely on underlying
More informationThis is an author-deposited version published in: Eprints ID: 3664
This is an author-deposited version published in: http://oatao.univ-toulouse.fr/ Eprints ID: 3664 To cite this document: GILLES, Olivier. HUGUES, Jérôme. Expressing and enforcing user-defined constraints
More informationFormal Semantics of Behavior Specifications in the Architecture Analysis and Design Language Standard
Formal Semantics of Behavior Specifications in the Architecture Analysis and Design Language Standard Loïc Besnard, Thierry Gautier, Clément Guy, Paul Le Guernic, Jean-Pierre Talpin, INRIA & IRISA Brian
More informationModel-Driven Engineering Approach for Simulating Virtual Devices in the OSATE 2 Environment
Model-Driven Engineering Approach for Simulating Virtual Devices in the OSATE 2 Environment Fáber D. Giraldo and Mónica M. Villegas Abstract Simulating devices while developing software for embedded systems
More informationPOK. An ARINC653-compliant operating system released under the BSD licence. Julien Delange, European Space Agency
POK An ARINC653-compliant operating system released under the BSD licence Julien Delange, European Space Agency Laurent Lec, MakeMeReach Introduction Problems
More informationSchedulability Analysis of AADL Models
Schedulability Analysis of AADL Models Oleg Sokolsky Insup Lee University of Pennsylvania Duncan Clarke Fremont Associates Overview AADL modeling language Why is it useful and what it has Formal schedulability
More informationDevelopment Process for Critical Embedded Systems
I Workshop de Sistemas Embarcados 151 Development Process for Critical Embedded Systems L.B. Becker 1, J.-M. Farines 1, J.-P. Bodeveix 2, M. Filali 2, F. Vernadat 3 1 Dept of Automation and Systems Universidade
More informationThe SAE Architecture Analysis and Description Language (AADL) Standard: A Basis for Architecture- Driven Embedded Systems Engineering
The SAE Architecture Analysis and Description Language (AADL) Standard: A Basis for Architecture- Driven Embedded Systems Engineering DSN 2006 Workshop on Architecting Dependable Systems (WADS) 27 June
More informationPart II. Hoare Logic and Program Verification. Why specify programs? Specification and Verification. Code Verification. Why verify programs?
Part II. Hoare Logic and Program Verification Part II. Hoare Logic and Program Verification Dilian Gurov Props: Models: Specs: Method: Tool: safety of data manipulation source code logic assertions Hoare
More informationModel-Based Engineering for the Development of ARINC653 Architectures
09ATC-0265 Model-Based Engineering for the Development of ARINC653 Architectures Copyright 2009 SAE International Julien Delange, Olivier Gilles, Jérôme Hugues, Laurent Pautet TELECOM ParisTech LTCI UMR
More informationAADL performance analysis with Cheddar : a review
AADL performance analysis with Cheddar : a review P. Dissaux*, J. Legrand*, A. Plantec+, F. Singhoff+ *Ellidiss Technologies, France +University of Brest/UBO, LISyC, France Talk overview 1. Cheddar project
More informationModel-Based Embedded System Engineering & Analysis of Performance-Critical Systems
Sponsored by the U.S. Department of Defense 2005, 2006 by Carnegie Mellon University Model-Based Embedded System Engineering & Analysis of Performance-Critical Systems Peter H. Feiler Jan 2007 1 page 1
More informationLearn AADL concepts in a pleasant way
Learn AADL concepts in a pleasant way Julien DELANGE, Peter FEILER at Software Engineer Institute, Carnegie Mellon University delange@enst.fr, phf@sei.cmu.edu February 24, 2009 Contents 1 Before you start
More informationComplexity-Reducing Design Patterns for Cyber-Physical Systems. DARPA META Project. AADL Standards Meeting January 2011 Steven P.
Complexity-Reducing Design Patterns for Cyber-Physical Systems DARPA META Project AADL Standards Meeting 24-27 January 2011 Steven P. Miller Delivered to the Government in Accordance with Contract FA8650-10-C-7081
More informationA discrete-event simulator for early validation of avionics systems
A discrete-event simulator for early validation of avionics systems Denis Buzdalov and Alexey Khoroshilov {buzdalov,khoroshilov}@ispras.ru Institute for System Programming of the Russian Academy of Sciences
More informationDistributed simulation of AADL specifications in a polychronous model of computation
Distributed simulation of AADL specifications in a polychronous model of computation Yue Ma Jean-Pierre Talpin Sandeep Kumar Shukla Thierry Gautier INRIA, Unité de Recherche Rennes-Bretagne-Atlantique,
More informationAnnex Document Y - Assertion
Assertion AS5506/2 Annex Y AADL STANDARD COMMITTEE DRAFT v0.9-1- Annex Document Y - Assertion Normative v0.9 April 26, 2016 0 SAE Technical Standards Board Rules provide that: This report is published
More informationMODELING OF MULTIPROCESSOR HARDWARE PLATFORMS FOR SCHEDULING ANALYSIS
1 MODELING OF MULTIPROCESSOR HARDWARE PLATFORMS FOR SCHEDULING ANALYSIS Stéphane Rubini, Christian Fotsing, Frank Singhoff, Hai Nam Tran Lab-STICC, University of Western Britany (UBO) Contact: Stephane.Rubini@univ-brest.fr
More informationLecture 11 Lecture 11 Nov 5, 2014
Formal Verification/Methods Lecture 11 Lecture 11 Nov 5, 2014 Formal Verification Formal verification relies on Descriptions of the properties or requirements Descriptions of systems to be analyzed, and
More informationTo be or not programmable Dimitri Papadimitriou, Bernard Sales Alcatel-Lucent April 2013 COPYRIGHT 2011 ALCATEL-LUCENT. ALL RIGHTS RESERVED.
To be or not programmable Dimitri Papadimitriou, Bernard Sales Alcatel-Lucent April 2013 Introduction SDN research directions as outlined in IRTF RG outlines i) need for more flexibility and programmability
More informationEmbedded software design with Polychrony
Embedded software design with Polychrony DATE 09 tutorial on Correct-by-Construction Embedded Software Synthesis: Formal Frameworks, Methodologies, and Tools Jean-Pierre Talpin, RIA List of contributors
More informationRuntime Checking for Program Verification Systems
Runtime Checking for Program Verification Systems Karen Zee, Viktor Kuncak, and Martin Rinard MIT CSAIL Tuesday, March 13, 2007 Workshop on Runtime Verification 1 Background Jahob program verification
More informationCSSE 490 Model-Based Software Engineering: Architecture Description Languages (ADL)
CSSE 490 Model-Based Software Engineering: Architecture Description Languages (ADL) Shawn Bohner Office: Moench Room F212 Phone: (812) 877-8685 Email: bohner@rose-hulman.edu Learning Outcomes: MBE Discipline
More informationRapid Prototyping of Distributed Real-Time Embedded Systems Using the AADL and Ocarina
Rapid Prototyping of Distributed Real-Time Embedded Systems Using the AADL and Ocarina Jérôme HUGUES, Bechir ZALILA, Laurent PAUTET GET-Télécom Paris LTCI-UMR 5141 CNRS 46, rue Barrault, F-75634 Paris
More informationTOWARDS A VERIFIED CARDIAC PACEMAKER. Asankhaya Sharma
TOWARS A VERIFIE CARIAC PACEMAKER Asankhaya Sharma asankhaya@nus.edu.sg Technical Report November 2010 TOWARS A VERIFIE CARIAC PACEMAKER Abstract In this report we describe our attempt to solve the pacemaker
More informationTheorem proving. PVS theorem prover. Hoare style verification PVS. More on embeddings. What if. Abhik Roychoudhury CS 6214
Theorem proving PVS theorem prover Abhik Roychoudhury National University of Singapore Both specification and implementation can be formalized in a suitable logic. Proof rules for proving statements in
More informationCOMPASS: FORMAL METHODS FOR SYSTEM-SOFTWARE CO-ENGINEERING
COMPASS: FORMAL METHODS FOR SYSTEM-SOFTWARE CO-ENGINEERING Viet Yen Nguyen Lehrstuhl für Informatik 2, RWTH Aachen University nguyen@cs.rwth-aachen.de Technology Innovation Days, ESA/ESTEC, 2011 ABOUT
More informationA First-Order Logic with First-Class Types
A First-Order Logic with First-Class Types joint work with Peter H. Schmitt and Mattias Ulbrich Institute for Theoretical Computer Science The 8th KeY Symposium, Speyer, 2009 Java Card DL modal logic based
More informationSpecification and Analysis of Contracts Tutorial
Specification and Analysis of Contracts Tutorial Gerardo Schneider gerardo@ifi.uio.no http://folk.uio.no/gerardo/ Department of Informatics, University of Oslo Gerardo Schneider (UiO) Specification and
More informationAADL to build DRE systems, experiments with Ocarina. Jérôme Hugues, ENST
AADL to build DRE systems, experiments with Ocarina Jérôme Hugues, ENST ENST Research topic: Methods for DRE Building a DRE is still a complex issue: RT-CORBA, DDS are only partial solutions Still difficult
More informationMatching Logic. Grigore Rosu University of Illinois at Urbana-Champaign
Matching Logic Grigore Rosu University of Illinois at Urbana-Champaign Joint work with Andrei Stefanescu and Chucky Ellison. Started with Wolfram Schulte at Microsoft Research in 2009 Question could it
More informationCOMPASS GRAPHICAL MODELLER
COMPASS GRAPHICAL MODELLER Viet Yen Nguyen Software Modelling and Verification Group RWTH Aachen University Final Presentation Days, April 2012, ESTEC Christian Dehnert, Joost-Pieter Katoen, Thomas Noll
More informationSCADE AADL. Thierry Le Sergent, Adnan Bouakaz, Guilherme Goretkin (ANSYS)
SCADE AADL Thierry Le Sergent, Adnan Bouakaz, Guilherme Goretkin (ANSYS) thierry.lesergent@ansys.com ANSYS Esterel Technologies 9, rue Michel Labrousse, 31100, Toulouse, France adnan.bouakaz@ansys.com
More informationEA-7/05 - EA Guidance on the Application of ISO/IEC 17021:2006 for Combined Audits
Publication Reference EA-7/05 EA Guidance on the Application of ISO/IEC 17021:2006 for Combined Audits PURPOSE This document has been prepared by a task force under the direction of the European Cooperation
More informationCOTRE as an AADL profile
COTRE as an AADL profile Pierre GAUFILLET & Patrick FARAIL AIRBUS FRANCE pierre.gaufillet@airbus.com / patrick.farail@airbus.com Tel. : +33 (0)5.61.18.84.85 / +33 (0)5.61.93.66.28 COTRE overview 1/2 Funded
More informationRationale and Architecture Principles for Medical Application Platforms
Rationale and Architecture Principles for Medical Application Platforms http://mdcf.santos.cis.ksu.edu/ Acknowledgements: MD PnP Project led by Dr. Julian Goldman at CIMIT NIBIB Quantum Health Care Intranet
More informationM. De Wulf, L. Doyen,J.-F. Raskin Université Libre de Bruxelles Centre Fédéré en Vérification
Systematic Implementation of Real-Time Models M. De Wulf, L. Doyen,J.-F. Raskin Université Libre de Bruxelles Centre Fédéré en Vérification Model-based Development for Controllers Make a model of the environment
More informationSystem Synthesis from AADL using Polychrony
System Synthesis from AADL using Polychrony Yue Ma Huafeng Yu Thierry Gautier Jean-Pierre Talpin Loïc Besnard Paul Le Guernic INRIA Rennes/IRISA/CNRS, Campus de Beaulieu, 35042 Rennes Cedex, France Email:
More informationWorkshop 1: Specification for SystemC-AADL interoperability
Workshop 1: System Design in Avionics & Space Specification for -AADL interoperability Eugenio Villar Eduardo de las Heras Microelectronic Engineering Group University of Cantabria Outline Motivations
More informationTOPCASED. Current status
TOPCASED Current status Current tasks & facts Definition of quality assurance & Control by the Quality Group Build the maintenance infrastructure for the already developped software : To fund architecture
More informationFormal Methods for Java
Formal Methods for Java Lecture 1: Introduction Jochen Hoenicke Software Engineering Albert-Ludwigs-University Freiburg October 26, 2011 Jochen Hoenicke (Software Engineering) Formal Methods for Java October
More informationThe Abstract Behavioral Specification Language
The Abstract Behavioral Specification Language Frank S. de Boer CWI frb@cwi.nl Scientific Meeting CWI, November 29, 2013 How It All Started? Simula (Ole Johan Dahl, Turing award 2001) Credo FP6 project
More information