Presentation of the AADL: Architecture Analysis and Design Language

Similar documents
Presentation of the AADL: Architecture Analysis and Design Language

Scheduling analysis of AADL architecture models

UML&AADL 11 An Implementation of the Behavior Annex in the AADL-toolset OSATE2

AADL : about code generation

Query Language for AADLv2, Jérôme Hugues, ISAE Serban Gheorghe, Edgewater

AADL to build DRE systems, experiments with Ocarina. Jérôme Hugues, ENST

AADL Inspector Tutorial. ACVI Workshop, Valencia September 29th, Pierre Dissaux. Ellidiss. Technologies w w w. e l l i d i s s.

The Ocarina Tool Suite. Thomas Vergnaud

Institut Supérieur de l Aéronautique et de l Espace Ocarina: update and future directions

From MDD back to basic: Building DRE systems

An Implementation of the Behavior Annex in the AADL-toolset Osate2

Model Editing & Processing Tools. AADL Committee, San Diego February 4th, Pierre Dissaux. Ellidiss. Technologies w w w. e l l i d i s s.

AADL Simulation and Performance Analysis in SystemC

Generating high-integrity systems with AADL and Ocarina. Jérôme Hugues, ISAE/DMIA

To cite this document

MODELING OF MULTIPROCESSOR HARDWARE PLATFORMS FOR SCHEDULING ANALYSIS

AADL Tools & Technology. AADL committee 22 April Pierre Dissaux. Ellidiss. T e c h n o l o g i e s. w w w. e l l i d i s s.

Executable AADL. Real Time Simulation of AADL Models. Pierre Dissaux 1, Olivier Marc 2.

AADL Subsets Annex Update

AADL Generative Implementation Annex

Workshop 1: Specification for SystemC-AADL interoperability

Plug-in Development for the Open Source AADL Tool Environment Part 3: Generation & External Models

An Extensible Open Source AADL Tool Environment (OSATE)

Project Report. Using the AADL to support the ASSERT modeling process

RAMSES. Refinement of AADL Models for the Synthesis of Embedded Systems. Etienne Borde

This is an author-deposited version published in: Eprints ID: 3664

Modeling and verification of memory architectures with AADL and REAL

Learn AADL concepts in a pleasant way

AADL Graphical Editor Design

ADeS presentation. a simulator for AADL v Amélie Schyn Romain Sezestre Jean-François Tilman

Model-Driven Engineering Approach for Simulating Virtual Devices in the OSATE 2 Environment

An Information Model for High-Integrity Real Time Systems

Plug-in Development for the Open Source AADL Tool Environment Part 4: OSATE Infrastructure & Language Extensions

CSSE 490 Model-Based Software Engineering: Architecture Description Languages (ADL)

AADL committee, Valencia October 2 nd, Pierre Dissaux (Ellidiss) Maxime Perrotin (ESA)

Updates on the code generation annex. Jérôme Hugues, ISAE

AADL Meta Model & XML/XMI

Investigation of System Timing Concerns in Embedded Systems: Tool-based Analysis of AADL Models

AADS+: AADL Simulation including the Behavioral Annex

Rapid Prototyping of Distributed Real-Time Embedded Systems Using the AADL and Ocarina

SAE Architecture Analysis and Design Language. AS-2C AADL Subcommittee Meeting Feb 3-6, 2014 Toulouse, France

AEROSPACE STANDARD ARCHITECTURE ANALYSIS & DESIGN LANGUAGE (AADL) V2 PROGRAMMING LANGUAGE ANNEX DOCUMENT

Lab-STICC : Dominique BLOUIN Skander Turki Eric SENN Saâdia Dhouib 11/06/2009

Schedulability Analysis of AADL Models

Architecture Analysis and Design Language (AADL) Part 2

AADL performance analysis with Cheddar : a review

This is an author-deposited version published in: Eprints ID: 9287

AADL v2.1 errata AADL meeting Sept 2014

AADL Application modeling with MARTE Madeleine Faugère, Timothée Bourdeau THALES Research and Technology Robert de Simone INRIA Sébastien Gérard CEA

Model Verification: Return of experience

Update on AADLInspector and Cheddar : new interface and multiprocessors analysis

AADL resource requirements analysis with Cheddar F. Singhoff, J. Legrand, L. Nana University of Brest, France LYSIC/EA 3883

OSATE Analysis Support

Understanding the Relationship between AADL and Real-Time Embedded Systems Operating Systems

System Configurations

Introduction to AADL analysis and modeling with FACE Units of Conformance

From the Prototype to the Final Embedded System Using the Ocarina AADL Tool Suite

The TASTE MBE development toolchain - update & case-studies

An Extensible Open Source AADL Tool Environment (OSATE)

Architecture Description Languages. Peter H. Feiler 1, Bruce Lewis 2, Steve Vestal 3 and Ed Colbert 4

Translating AADL into BIP Application to the Verification of Real time Systems

Automatically adapt Cheddar to users need

Copyright 2018 Adventium Labs. 1

An implementation of the AADL-BA Behavior Annex front-end: an OSATE2 Eclipse plug-in

The Montana Toolset: OSATE Plugins for Analysis and Code Generation

Ocarina. A Compiler for the AADL for Ocarina 2.0w, 11 November Jér^ome Hugues, Thomas Vergnaud, Bechir Zalila

ARINC653 AADL Annex. Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Julien Delange 07/08/2013

Generating Petri Nets from AADL descriptions. Thomas Vergnaud

Architecture Modeling and Analysis for Embedded Systems

Flow Latency Analysis with the Architecture Analysis and Design Language (AADL)

HIERARCHICAL DESIGN. RTL Hardware Design by P. Chu. Chapter 13 1

Outline HIERARCHICAL DESIGN. 1. Introduction. Benefits of hierarchical design

ARINC653 and AADL. Julien Delange Laurent Pautet

Error Model Meta Model and Plug-in

AEROSPACE STANDARD. SAE Architecture Analysis and Design Language (AADL) Annex Volume 3: Annex E: Error Model Annex RATIONALE

Involved subjects in this presentation Security and safety in real-time embedded systems Architectural description, AADL Partitioned architectures

Institut Supérieur de l Aéronautique et de l Espace Constraints Annex Implementation Approach

Plug-in Development for the Open Source AADL Tool Environment Part 2: Plug-in Development Process

AADL Requirements Annex Review

A DSL for AADL Subsets Specification

This is an author-deposited version published in: Eprints ID: 13515

SAE Architecture Analysis and Design Language. AS-2C AADL Subcommittee Meeting Sept 29-Oct 2, 2014 Valencia, Spain

AADL Core Questions Denis Buzdalov Alexey Khoroshilov Alexander Ugnenko SAE AS-2C AADL Winter Meeting 2014

Update on AADL Requirements Annex

TigerPrints. Clemson University. Hung Vo Clemson University,

A Comparison and Evaluation of Real-Time Software Systems Modeling Languages

How to Use the BLESS Plug-in to OSATE

Modelling Avionics Architectures

Update on Behavior Language for Embedded Systems with Software for Proof Based Analysis of Behavior

SAE Architecture Analysis and Design Language. AS-2C AADL Subcommittee Meeting Feb 2-5, 2015 San Diego, USA

COTRE as an AADL profile

SAE Architecture Analysis and Design Language. AS-2C ADL Subcommittee Meeting June 6-9, 2011 Paris, France

Analysis and Design Language (AADL) for Quantitative System Reliability and Availability Modeling

The AADL Behavioural annex 1

PragmaDev. change request. Emmanuel Gaudin. PragmaDev ITU-T SG17 change request Grimstad June 24,

Developing Dependable Software-Intensive Systems: AADL vs. EAST-ADL

MODELING SHARED- MEMORY MULTIPROCESSOR SYSTEMS WITH AADL

The Architecture Analysis and Design Language and the Behavior Annex: A Denotational Semantics

Model-Based Engineering for the Development of ARINC653 Architectures

Formal Verification of AADL models with Fiacre and Tina

Transcription:

Presentation of the AADL: Architecture Analysis and Design Language

Outline 1. AADL a quick overview 2. AADL key modeling constructs 1. AADL components 2. Properties 3. Component connection 3. AADL: tool support 2

Introduction ADL, Architecture Description Language: Goal : modeling software and hardware architectures to master complexity to perform analysis Concepts : components, connections, deployments. Many ADLs : formal/non formal, application domain, ADL for real-time critical embedded systems: AADL (Architecture Analysis and Design Language). 3

AADL: Architecture Analysis & Design Language International standard promoted by SAE, AS-2C committee, released as AS5506 family of standards Version 1.0 (2004), version 2 (2009), 2.1 (2012) Based on feedback from industry users, mostly from the space and avionics domain Annex document to address specific needs Behavior, data, error modeling, code generation, 4

A is for Analysis AADL objectives are to model a system With analysis in mind (different analysis) To ease transition from well-defined requirements to the final system : code production Require semantics => any AADL entity has a semantics (natural language or formal methods). 5

AADL: Architecture Analysis & Design Language Different representations : Graphical (high-level view of the system), Textual (to view all details), XML (to ease processing by 3rd party tool) Today : from textual to graphical 6

AADL components AADL model : hierarchy/tree of components AADL component: Model a software or a hardware entity Organized in packages : reusable Has a type/interface, one or several implementations May have subcomponents May combine/extend/refine others May have properties : valued typed attributes (source code file name, priority, execution time, memory consumption, ) Component interactions : Modeled by component connections AADL features are connection points 7

AADL components How to declare a component: Component type: name, category, properties, features => interface Component implementation: internal structure (subcomponents), properties Component categories: model real-time abstractions, close to the implementation space. Ex : processor, task, Each category has a well-defined semantics/behavior, refined through the property mechanism Hardware components: execution platform Software components Systems : bounding box of a system. Model a deployment. 8

Component type AADLv2 distinguishes type and implementation Component type = high-level specification of a component All component type declarations follow the same pattern: <category> foo [extends <bar>] features -- list of features -- interface properties -- list of properties -- e.g. priority end foo; Inherit features and properties from parent Interface of the component: Exchange messages, access to data Some or call properties subprograms describing non-functional aspect of the component AADL Tutorial -- HILT'14 9

Component type Example: --- model a sequential execution flow subprogram Spg -- Spg represents a C function, features -- in file "foo.c", that takes one in_param : in parameter foo_data; -- parameter as input properties Source_Language => C; Source_Text => ("foo.c"); end Spg; Standard properties, one can define its own properties -- model a schedulable flow of control thread bar_thread -- bar_thread is a sporadic thread : features -- dispatched whenever it in_data : in event data port foo_data; -- receives an event on its in_data" properties -- port Dispatch_Protocol => Sporadic; end bar_thread; 10

Component implementation AADLv2 distinguishes type from implementation Component Implementation complete the interface Think spec/body package (Ada), interface/class (Java) <category> implementation foo.i [extends <bar>.i] subcomponents -- foo.i implements foo calls -- subprogram subcomponents -- called, only for threads or subprograms connections properties -- list of properties -- e.g. Deadline end foo.i; 11

Component implementation Example: subprogram Spg -- Spg represents a C function, features -- in file "foo.c", that takes one in_param : in parameter foo_data; -- parameter as input properties Source_Language => C; Source_Text => ("foo.c"); end Spg; thread bar_thread -- bar_thread is a sporadic thread, features -- it is dispatched whenever it in_data : in event data port foo_data; -- receives an event on its "in_data" properties -- port Dispatch_Protocol => Sporadic; end bar_thread; thread implementation bar_thread.impl -- in this implementation, at each calls -- dispatch we execute the "C" call C : { S : subprogram spg; }; -- sequence. We pass the dispatch connections -- parameter to the call sequence parameter in_data -> S.in_param; end bar_thread.impl; Connect data/parameter 12

AADL concepts AADL introduces many other concepts: Related to embedded real-time critical systems : AADL flows: capture high-level data+execution flows AADL modes: model operational modes in the form of an alternative set of active components/connections/ To ease models design/management: AADL packages (similar to Ada/Java, renames, private/public) AADL abstract component, component extension AADL is a rich language : 200+ entities in the meta-model BNF has 185 syntax rules Around 250 legality rules and more than 500 semantics rules 400 pages core document + various annex documents 13

Outline 1. AADL a quick overview 2. AADL key modeling constructs 1. AADL components 2. Properties 3. Component connection 3. AADL: tool support 14

A full AADL system : a tree of component instances Component types and implementations only define a library of entities (classifiers) An AADL model is a set of component instances (of the classifiers) System must be instantiated through a hierarchy of subcomponents, from root (system) to the leafs (subprograms,..) We must choose a system implementation component as the root system model! System Sub System Process Processor Thread Data Subprogram 15

Software components categories thread : schedulable execution flow, Ada or VxWorks task, Java or POSIX thread. Execute programs data : data placeholder, e.g. C struct, C++ class, Ada record process : address space. It must hold at least one thread subprogram : a sequential execution flow. Associated to a source code (C, Ada) or a model (SCADE, Simulink) thread group : hierarchy of threads Thread data subprogram Threadgroup process 16

Software components Example of a process component : composed of two threads thread receiver end receiver; thread implementation receiver.impl end receiver.impl; thread analyser end analyser; thread implementation analyser.impl end analyser.impl; process processing end processing; process implementation processing.others subcomponents receive : thread receiver.impl; analyse : thread analyser.impl;... end processing.others; 17

Software components Example of a thread component : a thread may call different subprograms subprogram Receiver_Spg end Receiver_Spg; subprogram ComputeCRC_Spg end Compute_CRC_Spg;... thread receiver end receiver; thread implementation receiver.impl CS : calls { call1 : subprogram Receiver_Spg; call2 : subprogram ComputeCRC_Spg; }; end receiver.impl; 18

Hardware components categories processor/virtual processor : schedule component (combined CPU and OS scheduler). A processor may contain multiple virtual processors. memory : model data storage (memory, hard drive) device : component that interacts with the environment. Internals (e.g. firmware) is not modeled. bus/virtual bus : data exchange mechanism between components Device Memory bus Processor 19

«system» category system : 1. Help structuring an architecture, with its own hierarchy of subcomponents. A system can include one or several subsystems. 2. Root system component. 3. Bindings : model the deployment of components inside the component hierarchy. System 20

«system» category subprogram Receiver_Spg thread receiver thread implementation receiver.impl call1 : subprogram Receiver_Spg; end receiver.impl; process processing end processing; process implementation processing.others subcomponents receive : thread receiver.impl; analyse : thread analyser.impl;... end processing.others; device antenna end antenna; processor leon2 end leon2; system radar end radar; system implementation radar.simple subcomponents main : process processing.others; cpu : processor leon2; properties Actual_Processor_Binding => reference cpu applies to main; end radar.simple; 21

About subcomponents Semantics: some restrictions apply on subcomponents A hardware cannot contain software, etc data thread thread group process processor memory system data, subprogram data, subprogram data, thread, thread group, subprogram thread, thread group, data Memory, virtual processor, bus, Memory, bus All except subprogram, thread et thread group 22

Outline 1. AADL a quick overview 2. AADL key modeling constructs 1. AADL components 2. Properties 3. Component connection 3. AADL: tool support 23

AADL properties Property: Typed attribute, associated to one or more components Property = name + type + allowed components Property association to a component = property name + value Can be propagated to subcomponents: inherit Can override parent s one, case of extends Allowed types in properties: aadlboolean, aadlinteger, aadlreal, aadlstring, enumeration, many others 24

AADL properties Property sets : Group property definitions. Property sets part of the standard, e.g. Thread_Properties. Or user-defined, e.g. for new analysis as power analysis Example : property set Thread_Properties is... Priority : aadlinteger applies to (thread, device, ); Source_Text : inherit list of aadlstring applies to (data, port, thread, );... end Thread_Properties; 25

AADL properties Properties are typed with units to model physical systems, related to embedded real-time critical systems. property set AADL_Projects is Time_Units: type units ( ps, ns => ps * 1000, us => ns * 1000, ms => us * 1000, sec => ms * 1000, min => sec * 60, hr => min * 60); -- end AADL_Projects; property set Timing_Properties is Time: type aadlinteger 0 ps.. Max_Time units Time_Units; Time_Range: type range of Time; Compute_Execution_Time: Time_Range applies to (thread, device, subprogram, event port, event data port); end Timing_Properties; 26

AADL properties Properties are associated to a component type (1) or implementation (2), as part of a subcomponent instance (3), or a contained property association (4). thread receiver properties -- (1) Compute_Execution_Time => 3 ms.. 4 ms; Deadline => 150 ms ; end receiver; thread implementation receiver.impl properties -- (2) Deadline => 160 ms; end receiver.impl; process implementation processing.others subcomponents receive0 : thread receiver.impl; receive1 : thread receiver.impl; receive2 : thread receiver.impl {Deadline => 200 ms;}; -- (3) properties -- (4) Deadline => 300 ms applies to receive1; end processing.others; 27

Outline 1. AADL a quick overview 2. AADL key modeling constructs 1. AADL components 2. Properties 3. Component connection 3. AADL: tool support 28

Component connection Component connection: model component interactions, control flow and/or data flow. E.g. exchange of messages, access to shared data, remote subprogram call (RPC), features : component point part of the interface. Each feature has a name, a direction, and a category Features category: specification of the type of interaction event port : event exchange (e.g. alarm, interruption) data port/event data port : synchronous/asynchronous exchange of data/message subprogram parameter data access : access to a data, possibly shared subprogram access : RPC or rendez-vous Features direction for port and parameter: input (in), output (out), both (in out). 29

Component connection Features of subcomponents are connected in the connections subclause of the enclosing component Ex: threads & thread connection on data port thread analyser features analyser_out : out data port Target_Position.Impl; end analyser; thread display_panel features display_in : in data port Target_Position.Impl; end display_panel; process implementation processing.others subcomponents display : thread display_panel.impl; analyse : thread analyser.impl; connections port analyse.analyser_out -> display.display_in; end processing.others; 30

Data connection policies Allow deterministic communications Multiple policies exist to control production and consumption of data by threads: 1. Sampling: takes the latest value Problem: data consistency (lost or read twice)! 31

Data connection policies 2. Immediate: receiver thread is immediately awaken, and will read data when emitter finished 3. Delayed: actual transmission is delayed to the next time frame 32

Component connection Connection between thread and subprogram : thread implementation receiver.impl calls { RS: subprogram Receiver_Spg; }; connections parameter RS.receiver_out -> receiver_out; parameter receiver_in -> RS.receiver_in; end receiver.impl; 33 subprogram Receiver_Spg features receiver_out : out parameter radar_types::target_distance; receiver_in : in parameter radar_types::target_distance; end Receiver_Spg; thread receiver features receiver_out : out data port radar_types::target_distance; receiver_in : in data port radar_types::target_distance; end receiver;

Component connection Connection for shared data : data shared_var end shared_var; process implementation processing.others subcomponents analyse : thread analyser.impl; display : thread display_panel.impl; a_data : data shared_var.impl; connections cx1 : data a_data -> display.share; cx2 : data a_data -> analyse.share; end processing.others; 34 data implementation shared_var.impl end shared_var.impl; thread analyser features share : requires data access shared_var.impl; end analyser; thread display_panel features share : requires data access shared_var.impl; end display_panel;

Outline 1. AADL a quick overview 2. AADL key modeling constructs 1. AADL components 2. Properties 3. Component connection 3. AADL: tool support 35

AADL & Tools OSATE (SEI/CMU, http://aadl.info) Eclipse-based tools. Reference implementation. AADLv1 and v2 Textual editors + various plug-ins STOOD, ADELE (Ellidiss, http://www.ellidiss.com ) Graphical editors for AADLv1 and v2, code/documentation generation Cheddar (UBO/Lab-STICC, http://beru.univ-brest.fr/~singhoff/cheddar/ ) Performance analysis, AADLv1 only AADLInspector (Ellidiss, http://www.ellidiss.com) Lightweight tool to inspect AADL models. AADLv1 and v2 Industrial version of Cheddar + Simulation Engine Ocarina (ISAE, http://www.openaadl.org) Command line tool, library to manipulate models. AADLV1 and V2 AADL parser + code generation + analysis (Petri Net, WCET, ) Others: RAMSES, PolyChrony, ASSIST, MASIW, MDCF, TASTE, 36

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback