SlideShare une entreprise Scribd logo

AADL: Architecture Analysis and Design Language

Ivano Malavolta
Ivano Malavolta

This presentation is about a lecture I gave within the "Software systems and services" immigration course at the Gran Sasso Science Institute, L'Aquila (Italy): http://cs.gssi.infn.it/. http://www.ivanomalavolta.com

Technologie
1  sur  112
Télécharger pour lire hors ligne
Lab on AADL Ivano Malavolta
Introduction
Real-Time, Critical, Embedded Systems « Real-time systems are defined as those systems in which the correctness of the system depends not only on the logical result of computation, but also on the time at which the results are produced » Stankovic, 1988. Properties we look for: – Functions must be predictable: the same data input will produce the same data output. – Timing behavior must be predictable: must meet temporal constraints (e.g. deadline).
Real-Time, Critical, Embedded Systems Critical (or hard) real-time systems: temporal constraints MUST be met, otherwise defects could have a dramatic impact on human life, on the environment, on the system Embedded systems: computing system designed for specific control functions within a larger system n Often with temporal constraints n Part of a complete device, often including hardware and mechanical parts n Limited amount of resources
Real-Time, Critical, Embedded Systems • Need to handle time. Concurrent applications. • May have dramatic impact on human life, on the system, ... • Do not allow software maintenance à difficult to correct erroneous software/bugs • High implementation cost – temporal constraints verification, safety, dedicated hardware/ software • Examples : aircraft, satellite, automotive, … 5
Embedded software system arch.
Real-Time, Critical, Embedded Systems Specific software engineering methods/models/tools to master quality and cost n Example : early verifications at design step
Advantages of early fault discovery
Objectives of this lecture • Issues – How to model/design a real-time critical embedded system that conforms to requirements? – How to verify the solution? – How to prototype/implement it? • One solution among others: use an architectural language • to model the system • to run various verification • and to automatically produce the system • Focus on the AADL2.1 SAE standard (2012)
Case study Goal: to model a simple radar system Let us suppose we have the following requirements: 1. System implementation is composed by physical devices (Hardware entity): antenna + processor + memory + bus 2. and software entities : running processes and threads + operating system functionalities (scheduling) implemented in the processor that represent a part of execution platform and physical devices in the same time 3. The main process is responsible for signals processing : general pattern: transmitter -> antenna -> receiver -> analyzer -> display 4. Analyzer is a periodic thread that compares transmitted and received signals to perform detection, localization and identification
Outline of this lecture Goal: introduce model-based description of embedded real-time critical systems using the AADLv2 architectural language • Part 1: Basics on AADLv2 core – Syntax, semantics of the language • Part 2: Case study – A radar illustrative case study
Basics on AADL
Outline 1. Quick overview 2. AADL key modeling constructs 1. Software components 2. Execution platform components 3. Properties 4. Modelling large scale systems 3. Tool support
Introduction AADL: AL for real-time critical embedded systems (Architecture Analysis and Design Language) – Goal : modeling software and hardware architectures • to master complexity • to perform analysis • to generate code • …. – Concepts : components, connections, deployments. – Many ALs : formal/non formal, application domain, …
AADL: Architecture Analysis & Design Language • International standard promoted by SAE, AS-2C committee, released as AS5506 family of standards • Version 1.0 (2004), version 2 (2009), 2.1 (2012) – Based on feedback from industry users, mostly from the space and avionics domain • Annex document to address specific needs – Behavior, data, error modeling, code generation, …
AADL capabilities
AADL for analysis
AADL in the process
AADL: Architecture Analysis & Design Language Based on the component-connector paradigm Key Elements: • Core AADL language standard – Textual & graphical, precise semantics, extensible • AADL Meta model & XMI/XML standard – Model interchange & tool interoperability • Annexes Error Model Annex as standardized extension – Error Model Annex addresses fault/reliability modeling, hazard analysis • UML 2.0 profile for AADL – Transition path for UML practitioners community
Different representations of an AADL model
The AADL language in one slide
AADL components • AADL model : hierarchy/tree of components • AADL component • Model a software or a hardware entity • May be organized in packages : reusable • Has a type/interface, one or several implementations • May have subcomponents • May combine/extend/refine others • May have properties : valued typed attributes (source code file name, priority, execution time, memory consumption, …) • Component interactions – Modeled by component connections – AADL features are connection points
AADL components • How to declare a component: – Component type: • name, category, properties, features => interface – Component implementation: internal structure (subcomponents), properties • Component categories: model real-time abstractions, close to the implementation space (ex : processor, task, …) • Each category has a well-defined semantics/behavior, refined through the property mechanism – Software components – Hardware components: execution platform – Systems : bounding box of a system • Model a deployment
Component type • AADLv2 distinguished type and implementation Component type = high-level specification of a component All component type declarations follow the same pattern: 24 <category> foo [extends <bar>] features -- list of features -- interface properties -- list of properties -- e.g. priority end foo; Inherit features and properties from parent Interface of the component: Exchange messages, access to data or call subprograms Some properties describing non-functional aspect of the component
Component type example -- model a sequential execution flow subprogram Spg -- Spg represents a C function, features -- in file "foo.c", that takes one in_param : in parameter foo_data; -- parameter as input properties Source_Language => C; Standard properties, one can Source_Text => ("foo.c"); define its own properties end Spg; -- model a schedulable flow of control thread bar_thread -- bar_thread is a sporadic thread : features -- dispatched whenever it in_data : in event data port foo_data; -- receives an event on its “in_data" properties -- port Dispatch_Protocol => Sporadic; end bar_thread;
Component implementation • Component Implementation completes the interface – Think spec/body package (Ada), interface/class (Java) <category> implementation foo.i [extends <bar>.i] subcomponents -- internal components foo.i implements foo calls -- called subprograms, -- only for threads or subprograms connections properties -- list of properties -- e.g. Deadline end foo.i;
Component implementation example subprogram Spg -- Spg represents a C function, features -- in file "foo.c", that takes one in_param : in parameter foo_data; -- parameter as input properties Source_Language => C; Source_Text => ("foo.c"); end Spg; thread bar_thread -- bar_thread is a sporadic thread, features -- it is dispatched whenever it in_data : in event data port foo_data; -- receives an event properties Dispatch_Protocol => Sporadic; end bar_thread; thread implementation bar_thread.impl -- in this implementation, at each -- dispatch we execute the "C" call calls -- sequence. We pass the dispatch C : { S : subprogram spg; }; -- parameter to the call sequence connections P1: parameter in_data -> S.in_param; end bar_thread.impl; Connect data/ parameter
AADL concepts • AADL introduces many other concepts: – Related to embedded real-time critical systems • AADL flows: capture high-level data + execution flows • AADL modes: model operational modes in the form of an alternative set of active components, connections, … – To ease models design/management • AADL packages (similar to Java, renames, private/ public) • AADL abstract component, component extensions, …
Outline 1. Quick overview 2. AADL key modeling constructs 1. Software components 2. Execution platform components 3. Properties 4. Modelling large scale systems 3. Tool support
Summary of AADL elements
Three levels of description • Category (predefined) • Type – specification of the external interface • Implementation – specification of the content • Instance – instantiation of a type or an implementation – this is done by the tool
Software components categories • Process : address space. It must hold at least one thread • Thread : schedulable execution flow, Ada or VxWorks task, Java or POSIX thread. Execute programs • Data : data placeholder, e.g. C struct, C++ class, Ada record • Subprogram : a sequential execution flow. Associated to a source code (C, Ada) or a model (SCADE, Simulink) • Thread group : hierarchy of threads
Software components Example of a process component composed of two threads thread receiver end receiver; thread implementation receiver.impl end receiver.impl; thread analyser end analyser; thread implementation analyser.impl end analyser.impl; process processing end processing; process implementation processing.others subcomponents receive : thread receiver.impl; analyse : thread analyser.impl; . . . end processing.others;
Software components Example of a thread component : a thread may call different subprograms thread receiver end receiver; thread implementation receiver.impl calls CS : { call1 : subprogram Receiver_Spg; call2 : subprogram ComputeCRC_Spg; }; end receiver.impl; subprogram Receiver_Spg end Receiver_Spg; subprogram ComputeCRC_Spg end ComputeCRC_Spg; . . .
Thread group A thread group represents an organizational component to logically group threads contained in a process Thread groups can be hierarchically nested
Subprogram A subprogram component represents an execution entry point in source text No component can contain subprogram subcomponents. Instances of subprogram don't exist A subprogram call in the implementation of a thread or another subprogram may be “seen as” the inclusion of a subprogram subcomponent A thread can have call sequences for its states: – initialization, finalization, activation, deactivation, computation, and recovery Each thread dispatch executes the computation call sequence once
States of a thread
Subprogram local call example
Subprogram remote call example
Data It represents static data (e.g., numerical data or source text) and data types within a system – (e.g., used as data types on ports and parameters) Components may have a shared access to a data component Good practice: to store data definitions in a separate file
Example of data
Component connection
Component connection Features of subcomponents are connected in the “connections” subclause of the enclosing component Example thread analyser features analyser_out : out data port Target_Position.Impl; end analyser; thread display_panel features display_in : in data port Target_Position.Impl; end display_panel; process implementation processing.others subcomponents display : thread display_panel.impl; analyse : thread analyser.impl; connections port analyse.analyser_out -> display.display_in; end processing.others;
Ports compatibility
Data connection policies Immediate receiver thread is immediately awaken, and will read data when emitter finished Delayed actual transmission is delayed to the next time frame
Port groups
Modes A mode represents an operational state of a system A mode of a component can influence: – property values – activation of specific subcomponents – existence of connections Example - Modes of a cruise controller: {initialize, disengaged, engaged}
Modes transitions Mode transitions represent configuration changes as reaction to events – Triggered through ports (from outside or from a subcomponent) – Triggered internally by implementation software – Triggered internally in an execution platform component or a device • Note: Modes are not intended for modeling detailed internal behavior of threads or subprograms (︎ AADL Behavior Annex)
Mode example
Internal mode transition example
Outline 1. Quick overview 2. AADL key modeling constructs 1. Software components 2. Execution platform components 3. Properties 4. Modelling large scale systems 3. Tool support
Hardware components categories • Processor/virtual processor – schedule component (combined CPU and RTOS scheduler). A processor may contain multiple virtual processors • memory – model data storage (memory, hard drive) • device – component that interacts with the environment. Internals (e.g. firmware) is not modeled. • bus/virtual bus – data exchange mechanism between components Device Memory bus Processor
Software/platform binding Maps application software elements to execution platform elements using binding properties
Software/platform binding • Actual_Processor_Binding – Specify which processor schedules and executes a thread or executes a (kernel mode) device driver • Actual_Memory_Binding – Specify the memory components in which executable code (process components) and data (data component) reside • Actual_Connection_Binding – Specify the communication channels that are used by logical connections (see next section)
Bus access Access to buses is declared explicitly in AADL
Outline 1. Quick overview 2. AADL key modeling constructs 1. Software components 2. Execution platform components 3. Properties 4. Modelling large scale systems 3. Tool support
AADL properties Property: – Typed attribute, associated to one or more components – Property = name + type + allowed components – Property association = property name + value Allowed types in properties: – aadlboolean, aadlinteger, aadlreal, aadlstring, enumeration, many others … Can be propagated to subcomponents: inherit Can override parent’s one, case of extends
Property types
AADL properties Properties are associated to a component type (1) or implementation (2), as part of a subcomponent instance (3), or a contained property association (4). process implementation processing.others subcomponents receive0 : thread receiver.impl; receive1 : thread receiver.impl; receive2 : thread receiver.impl {Deadline => 200 ms;}; -- (3) properties -- (4) Deadline => 300 ms applies to receive1; end processing.others; thread receiver properties -- (1) Compute_Execution_Time => 3 .. 4 ms; Deadline => 150 ms ; end receiver; thread implementation receiver.impl properties -- (2) Deadline => 160 ms; Compute_Execution_Time => 4 .. 10 ms; end receiver.impl;
Property sets Property sets : – Group property definitions – They can be either • part of the standard, e.g. Thread_Properties • or user-defined, e.g. for new analysis as power analysis Example : property set Thread_Properties is . . . Priority : aadlinteger applies to (thread, device, …); Source_Text : inherit list of aadlstring applies to (data, port, thread, …); . . . end Thread_Properties;
AADL predefined property sets
Measurement units Properties are typed with units to model physical systems, related to embedded real-time critical systems property set AADL_Projects is Time_Units: type units ( ps, ns => ps * 1000, us => ns * 1000, ms => us * 1000, sec => ms * 1000, min => sec * 60, hr => min * 60); -- … end AADL_Projects; property set Timing_Properties is Time: type aadlinteger 0ps .. Max_Time units Time_Units; Time_Range: type range of Time; Compute_Execution_Time: Time_Range applies to (thread, device, subprogram, event port, event data port); end Timing_Properties;
Outline 1. Quick overview 2. AADL key modeling constructs 1. Software components 2. Execution platform components 3. Properties 4. Modelling large scale systems 3. Tool support
AADL packages A package provides a means to organize the descriptions by the use of namespaces A package can contain: – component types – component implementations – port group types – annex libraries
AADL package example
AADL systems Help structuring an architecture, with its own hierarchy of subcomponents. A system can include one or several subsystems In an AADL specification there is always a root system component Bindings : model the deployment of components inside the component hierarchy System
AADL systems subprogram Receiver_Spg … thread receiver … thread implementation receiver.impl … call1 : subprobram Receiver_Spg; … end receiver.impl; process processing end processing; process implementation processing.others subcomponents receive : thread receiver.impl; analyse : thread analyser.impl; . . . end processing.others; device antenna end antenna; processor leon2 end leon2; system radar end radar; system implementation radar.simple subcomponents main : process processing.others; cpu : processor leon2; properties Actual_Processor_Binding => reference cpu applies to main; end radar.simple;
A full AADL system : a tree of component instances • Component types and implementations only define a library of entities (classifiers) • An AADL model is a set of component instances (of the classifiers) • System must be instantiated through a hierarchy of subcomponents, from root (system) to the leafs (subprograms, ..) • We must choose a system implementation component as the root system model ! Root System Sub System Process Processor Thread Data Subprogram
About subcomponents Some restrictions apply on subcomponents – A hardware cannot contain software, etc data data, subprogram thread data, subprogram thread group data, thread, thread group, subprogram process thread, thread group, data processor Memory, virtual processor, bus memory Memory, bus system ALL except subprogram, thread, and thread group 86
System instances Component types and instances are “only” blueprints System instances represents the runtime architecture of an operational physical system Composed of software components + execution platform XML for storing system instances
System instances 2 System instances are automatically generated by OSATE starting from complet system implementations
Components extension & refinement Extension: to define a new extended classifier based on an existing classifier Allows incremental refinement of a model • Component extension – Component types – Component implementations WHY extensions? – Add elements to a classifier • features, subcomponents, connections, flows, etc. – Refine existing elements in a component – Add or override properties
Why extension?
Extension example
Extension example 2
Subcomponents array
Feature arrays
Connecting arrays
Connection patterns
Outline 1. AADL a quick overview 2. AADL key modeling constructs 1. AADL components 2. Properties 3. Component connection 3. AADL: tool support
AADL & Tools • OSATE (SEI/CMU, http://aadl.info) – Eclipse-based tools. Reference implementation. AADLv1 and v2 – Textual editors + various plug-ins • STOOD, ADELE (Ellidiss, http://www.ellidiss.com ) – Graphical editors for AADLv1 and v2, code/documentation generation • Cheddar (UBO/Lab-STICC, http://beru.univ-brest.fr/~singhoff/cheddar/ ) – Performance analysis, AADLv1 only • AADLInspector (Ellidiss, http://www.ellidiss.com) – Lightweight tool to inspect AADL models. AADLv1 and v2 – Industrial version of Cheddar + Simulation Engine • Ocarina (ISAE, http://www.openaadl.org) – Command line tool, library to manipulate models. AADLV1 and V2 – AADL parser + code generation + analysis (Petri Net, WCET, …) • Others: RAMSES, PolyChrony, ASSIST, MASIW, MDCF, TASTE, …
Case study
Radar case study Hardware/Software breakdown: components PACKAGE radar PUBLIC PROCESS processing -- … END processing; DEVICE antenna -- … END antenna; END RADAR;
Radar case study Hardware/Software breakdown: features in/out ports bus access PROCESS processing FEATURES to_screen : OUT EVENT PORT; send_pulse : OUT EVENT PORT; receive_pulse : IN DATA PORT; get_angle : IN DATA PORT; END processing; DEVICE antenna FEATURES antenna_in : IN EVENT PORT; VME : REQUIRES BUS ACCESS VME; END antenna;
Radar case study Hardware/Software breakdown: connections Logical cnx Hardware cnx
Radar case study Hardware/Software breakdown: connections SYSTEM IMPLEMENTATION radar.simple SUBCOMPONENTS aerial : DEVICE antenna; rotor : DEVICE motor; monitor : DEVICE screen; main : PROCESS processing.others; cpu : PROCESSOR leon2; VME : BUS VME; RAM : MEMORY RAM; CONNECTIONS PORT aerial.antenna_out -> main.receive_pulse; PORT rotor.motor_out -> main.get_angle; PORT main.send_pulse -> aerial.antenna_in; PORT main.to_screen -> monitor.screen_in; BUS ACCESS VME -> aerial.VME; BUS ACCESS VME -> rotor.VME; BUS ACCESS VME -> monitor.VME; BUS ACCESS VME -> cpu.VME; BUS ACCESS VME -> RAM.VME;
Radar case study • Hardware/Software breakdown: bindings Bindings PROPERTIES Actual_Memory_Binding => reference (ram) applies to main; Actual_Processor_Binding => reference (cpu) applies to main; END radar.simple;
Radar case study • Software elements
On flow latency analysis…
On flow latency analysis…
What this lecture means to you? AADL = Architecture Analysis & Design Language AADL is for architectural description, period à Not to be compared with UML suites – Behavior, types, link with source code is not required Keep in mind models support an objective – In this lecture, it is just a high-level view of the design What is not covered by this lecture: flows, annexes, multidimensional arrays, virtual processors/buses, analyses with external tools
Suggested readings 1. The SAE Architecture Analysis & Design Language (AADL) Standard. Peter H. Feiler, January 2008. [Introduction to the language] 2. The Architecture Analysis & Design Language (AADL): An Introduction, Peter H. Feiler David P. Gluch John J. Hudak, February 2006. [Use this as reference manual] 3. OSATE plug­in: SEI validation plug­ins. SEI. [Analysis in general] 4. Developing AADL Models for Control Systems: A Practitioner’s Guide. John Hudak Peter Feiler. July 2007. [Flow latency analysis]
Links Tool: • http://www.aadl.info/aadl/osate/stable/2.0.8/products/ Example projects (other than the ones on Lore): 1. https://github.com/yoogx/AADLib 2. https://github.com/osate/examples 3. http://www.santoslab.org/pub/high-assurance/module-aadl/ slides/AADL-Isolette.pdf
Acknowledgements Parts of this lecture have been elaborated from: • AADLv2, a Domain Specific Language for the Modeling, the Analysis and the Generation of Real-Time Embedded Systems. Frank Singhoff and Jérôme Hugues, MODELS 2014 tutorial. • SAE AADL V2: An Overview. Peter Feiler. © 2010 Carnegie Mellon University • Overview of AADL Syntax. J-P. Rosen, J-F. Tilman. AADL Workshop 2005
Contact Ivano Malavolta | Post-doc researcher Gran Sasso Science Institute iivanoo ivano.malavolta@gssi.infn.it www.ivanomalavolta.com

Recommandé

Spring Framework - Core
Spring Framework - CoreSpring Framework - Core
Spring Framework - Core
Dzmitry Naskou
 
Functional Application Logging : Code Examples Using Spring Boot and Logback
Functional Application Logging : Code Examples Using Spring Boot and LogbackFunctional Application Logging : Code Examples Using Spring Boot and Logback
Functional Application Logging : Code Examples Using Spring Boot and Logback
Mohammad Sabir Khan
 
Gradle - the Enterprise Automation Tool
Gradle - the Enterprise Automation ToolGradle - the Enterprise Automation Tool
Gradle - the Enterprise Automation Tool
Izzet Mustafaiev
 
Selenium ppt
Selenium pptSelenium ppt
Selenium ppt
Naga Dinesh
 
New features of Minimal APIs in .NET 7 -Muralidharan Deenathayalan.pptx
New features of Minimal APIs in .NET 7 -Muralidharan Deenathayalan.pptxNew features of Minimal APIs in .NET 7 -Muralidharan Deenathayalan.pptx
New features of Minimal APIs in .NET 7 -Muralidharan Deenathayalan.pptx
Muralidharan Deenathayalan
 
(알도개) GraalVM – 자바를 넘어선 새로운 시작의 서막
(알도개) GraalVM – 자바를 넘어선 새로운 시작의 서막(알도개) GraalVM – 자바를 넘어선 새로운 시작의 서막
(알도개) GraalVM – 자바를 넘어선 새로운 시작의 서막
Jay Park
 
Component Diagram
Component DiagramComponent Diagram
Component Diagram
Ahmed Yousef
 
Java Entreprise Edition
Java Entreprise EditionJava Entreprise Edition
Java Entreprise Edition
Sabri Bouchlema
 

Recommandé

Spring Framework - Core
Spring Framework - CoreSpring Framework - Core
Spring Framework - Core
Dzmitry Naskou
 
Functional Application Logging : Code Examples Using Spring Boot and Logback
Functional Application Logging : Code Examples Using Spring Boot and LogbackFunctional Application Logging : Code Examples Using Spring Boot and Logback
Functional Application Logging : Code Examples Using Spring Boot and Logback
Mohammad Sabir Khan
 
Gradle - the Enterprise Automation Tool
Gradle - the Enterprise Automation ToolGradle - the Enterprise Automation Tool
Gradle - the Enterprise Automation Tool
Izzet Mustafaiev
 
Selenium ppt
Selenium pptSelenium ppt
Selenium ppt
Naga Dinesh
 
New features of Minimal APIs in .NET 7 -Muralidharan Deenathayalan.pptx
New features of Minimal APIs in .NET 7 -Muralidharan Deenathayalan.pptxNew features of Minimal APIs in .NET 7 -Muralidharan Deenathayalan.pptx
New features of Minimal APIs in .NET 7 -Muralidharan Deenathayalan.pptx
Muralidharan Deenathayalan
 
(알도개) GraalVM – 자바를 넘어선 새로운 시작의 서막
(알도개) GraalVM – 자바를 넘어선 새로운 시작의 서막(알도개) GraalVM – 자바를 넘어선 새로운 시작의 서막
(알도개) GraalVM – 자바를 넘어선 새로운 시작의 서막
Jay Park
 
Component Diagram
Component DiagramComponent Diagram
Component Diagram
Ahmed Yousef
 
Java Entreprise Edition
Java Entreprise EditionJava Entreprise Edition
Java Entreprise Edition
Sabri Bouchlema
 
Interview preparation full_stack_java
Interview preparation full_stack_javaInterview preparation full_stack_java
Interview preparation full_stack_java
Mallikarjuna G D
 
Spring - Part 1 - IoC, Di and Beans
Spring - Part 1 - IoC, Di and Beans Spring - Part 1 - IoC, Di and Beans
Spring - Part 1 - IoC, Di and Beans
Hitesh-Java
 
Spring - Part 2 - Autowiring, Annotations, Java based Configuration - slides
Spring - Part 2 - Autowiring, Annotations, Java based Configuration - slidesSpring - Part 2 - Autowiring, Annotations, Java based Configuration - slides
Spring - Part 2 - Autowiring, Annotations, Java based Configuration - slides
Hitesh-Java
 
Introduction To Eclipse RCP
Introduction To Eclipse RCPIntroduction To Eclipse RCP
Introduction To Eclipse RCP
whbath
 
Java EE vs Spring Framework
Java EE vs Spring Framework Java EE vs Spring Framework
Java EE vs Spring Framework
Rohit Kelapure
 
Testing Spring Boot Applications
Testing Spring Boot ApplicationsTesting Spring Boot Applications
Testing Spring Boot Applications
VMware Tanzu
 
Uml
UmlUml
Uml
Vishwa Mohan
 
Gradle
GradleGradle
Gradle
Jadson Santos
 
Red Hat OpenShift on Bare Metal and Containerized Storage
Red Hat OpenShift on Bare Metal and Containerized StorageRed Hat OpenShift on Bare Metal and Containerized Storage
Red Hat OpenShift on Bare Metal and Containerized Storage
Greg Hoelzer
 
Building RESTful applications using Spring MVC
Building RESTful applications using Spring MVCBuilding RESTful applications using Spring MVC
Building RESTful applications using Spring MVC
IndicThreads
 
Building with Gradle
Building with GradleBuilding with Gradle
Building with Gradle
Kaunas Java User Group
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101
Jacopo Nardiello
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
Eueung Mulyana
 
Kinh nghiệm triển khai Microservices tại Sapo.vn
Kinh nghiệm triển khai Microservices tại Sapo.vnKinh nghiệm triển khai Microservices tại Sapo.vn
Kinh nghiệm triển khai Microservices tại Sapo.vn
Dotnet Open Group
 
REST APIs with Spring
REST APIs with SpringREST APIs with Spring
REST APIs with Spring
Joshua Long
 
Reactive programming by spring webflux - DN Scrum Breakfast - Nov 2018
Reactive programming by spring webflux - DN Scrum Breakfast - Nov 2018Reactive programming by spring webflux - DN Scrum Breakfast - Nov 2018
Reactive programming by spring webflux - DN Scrum Breakfast - Nov 2018
Scrum Breakfast Vietnam
 
ITLC HN 14 - Bizweb Microservices Architecture
ITLC HN 14 - Bizweb Microservices ArchitectureITLC HN 14 - Bizweb Microservices Architecture
ITLC HN 14 - Bizweb Microservices Architecture
IT Expert Club
 
Docker Containers - Talk Linux Day 2015
Docker Containers - Talk Linux Day 2015Docker Containers - Talk Linux Day 2015
Docker Containers - Talk Linux Day 2015
Fabio Ferrari
 
Jakarta EE 8 on JDK17
Jakarta EE 8 on JDK17Jakarta EE 8 on JDK17
Jakarta EE 8 on JDK17
Rudy De Busscher
 
Maven 3 Overview
Maven 3 OverviewMaven 3 Overview
Maven 3 Overview
Mike Ensor
 
[2015/2016] AADL (Architecture Analysis and Design Language)
[2015/2016] AADL (Architecture Analysis and Design Language)[2015/2016] AADL (Architecture Analysis and Design Language)
[2015/2016] AADL (Architecture Analysis and Design Language)
Ivano Malavolta
 
AADL Module Analysis by means of Graphical Representation
AADL Module Analysis by means of Graphical RepresentationAADL Module Analysis by means of Graphical Representation
AADL Module Analysis by means of Graphical Representation
Iosif Itkin
 

Contenu connexe

Tendances

Kinh nghiệm triển khai Microservices tại Sapo.vn
Kinh nghiệm triển khai Microservices tại Sapo.vnKinh nghiệm triển khai Microservices tại Sapo.vn
Kinh nghiệm triển khai Microservices tại Sapo.vn
Dotnet Open Group
 
Reactive programming by spring webflux - DN Scrum Breakfast - Nov 2018
Reactive programming by spring webflux - DN Scrum Breakfast - Nov 2018Reactive programming by spring webflux - DN Scrum Breakfast - Nov 2018
Reactive programming by spring webflux - DN Scrum Breakfast - Nov 2018
Scrum Breakfast Vietnam
 

Tendances (20)

Interview preparation full_stack_java
Interview preparation full_stack_javaInterview preparation full_stack_java
Interview preparation full_stack_java
 
Spring - Part 1 - IoC, Di and Beans
Spring - Part 1 - IoC, Di and Beans Spring - Part 1 - IoC, Di and Beans
Spring - Part 1 - IoC, Di and Beans
 
Spring - Part 2 - Autowiring, Annotations, Java based Configuration - slides
Spring - Part 2 - Autowiring, Annotations, Java based Configuration - slidesSpring - Part 2 - Autowiring, Annotations, Java based Configuration - slides
Spring - Part 2 - Autowiring, Annotations, Java based Configuration - slides
 
Introduction To Eclipse RCP
Introduction To Eclipse RCPIntroduction To Eclipse RCP
Introduction To Eclipse RCP
 
Java EE vs Spring Framework
Java EE vs Spring Framework Java EE vs Spring Framework
Java EE vs Spring Framework
 
Testing Spring Boot Applications
Testing Spring Boot ApplicationsTesting Spring Boot Applications
Testing Spring Boot Applications
 
Uml
UmlUml
Uml
 
Gradle
GradleGradle
Gradle
 
Red Hat OpenShift on Bare Metal and Containerized Storage
Red Hat OpenShift on Bare Metal and Containerized StorageRed Hat OpenShift on Bare Metal and Containerized Storage
Red Hat OpenShift on Bare Metal and Containerized Storage
 
Building RESTful applications using Spring MVC
Building RESTful applications using Spring MVCBuilding RESTful applications using Spring MVC
Building RESTful applications using Spring MVC
 
Building with Gradle
Building with GradleBuilding with Gradle
Building with Gradle
 
Kubernetes 101
Kubernetes 101Kubernetes 101
Kubernetes 101
 
Kubernetes Basics
Kubernetes BasicsKubernetes Basics
Kubernetes Basics
 
Kinh nghiệm triển khai Microservices tại Sapo.vn
Kinh nghiệm triển khai Microservices tại Sapo.vnKinh nghiệm triển khai Microservices tại Sapo.vn
Kinh nghiệm triển khai Microservices tại Sapo.vn
 
REST APIs with Spring
REST APIs with SpringREST APIs with Spring
REST APIs with Spring
 
Reactive programming by spring webflux - DN Scrum Breakfast - Nov 2018
Reactive programming by spring webflux - DN Scrum Breakfast - Nov 2018Reactive programming by spring webflux - DN Scrum Breakfast - Nov 2018
Reactive programming by spring webflux - DN Scrum Breakfast - Nov 2018
 
ITLC HN 14 - Bizweb Microservices Architecture
ITLC HN 14 - Bizweb Microservices ArchitectureITLC HN 14 - Bizweb Microservices Architecture
ITLC HN 14 - Bizweb Microservices Architecture
 
Docker Containers - Talk Linux Day 2015
Docker Containers - Talk Linux Day 2015Docker Containers - Talk Linux Day 2015
Docker Containers - Talk Linux Day 2015
 
Jakarta EE 8 on JDK17
Jakarta EE 8 on JDK17Jakarta EE 8 on JDK17
Jakarta EE 8 on JDK17
 
Maven 3 Overview
Maven 3 OverviewMaven 3 Overview
Maven 3 Overview
 

En vedette

En vedette (9)

[2015/2016] AADL (Architecture Analysis and Design Language)
[2015/2016] AADL (Architecture Analysis and Design Language)[2015/2016] AADL (Architecture Analysis and Design Language)
[2015/2016] AADL (Architecture Analysis and Design Language)
 
AADL Module Analysis by means of Graphical Representation
AADL Module Analysis by means of Graphical RepresentationAADL Module Analysis by means of Graphical Representation
AADL Module Analysis by means of Graphical Representation
 
AADL Overview: Brief and Pointless
AADL Overview: Brief and PointlessAADL Overview: Brief and Pointless
AADL Overview: Brief and Pointless
 
Performance Verification for ESL Design Methodology from AADL Models
Performance Verification for ESL Design Methodology from AADL ModelsPerformance Verification for ESL Design Methodology from AADL Models
Performance Verification for ESL Design Methodology from AADL Models
 
Executable UML and SysML Workshop
Executable UML and SysML WorkshopExecutable UML and SysML Workshop
Executable UML and SysML Workshop
 
[2016/2017] AADL (Architecture Analysis and Design Language)
[2016/2017] AADL (Architecture Analysis and Design Language)[2016/2017] AADL (Architecture Analysis and Design Language)
[2016/2017] AADL (Architecture Analysis and Design Language)
 
[2016/2017] Architectural languages
[2016/2017] Architectural languages[2016/2017] Architectural languages
[2016/2017] Architectural languages
 
Software Architecture: Architecture Description Languages
Software Architecture: Architecture Description LanguagesSoftware Architecture: Architecture Description Languages
Software Architecture: Architecture Description Languages
 
Modeling objects interaction via UML sequence diagrams [Software Modeling] [...
Modeling objects interaction via UML sequence diagrams [Software Modeling] [...Modeling objects interaction via UML sequence diagrams [Software Modeling] [...
Modeling objects interaction via UML sequence diagrams [Software Modeling] [...
 

Similaire à AADL: Architecture Analysis and Design Language

HPC Application Profiling & Analysis
HPC Application Profiling & AnalysisHPC Application Profiling & Analysis
HPC Application Profiling & Analysis
Rishi Pathak
 
HPC Application Profiling and Analysis
HPC Application Profiling and AnalysisHPC Application Profiling and Analysis
HPC Application Profiling and Analysis
Rishi Pathak
 
OORPT Dynamic Analysis
OORPT Dynamic AnalysisOORPT Dynamic Analysis
OORPT Dynamic Analysis
lienhard
 
Web Template Mechanisms in SOC Verification - DVCon.pdf
Web Template Mechanisms in SOC Verification - DVCon.pdfWeb Template Mechanisms in SOC Verification - DVCon.pdf
Web Template Mechanisms in SOC Verification - DVCon.pdf
SamHoney6
 
Embedded 100912065920-phpapp02
Embedded 100912065920-phpapp02Embedded 100912065920-phpapp02
Embedded 100912065920-phpapp02
Atv Reddy
 

Similaire à AADL: Architecture Analysis and Design Language (20)

[2017/2018] AADL - Architecture Analysis and Design Language
[2017/2018] AADL - Architecture Analysis and Design Language[2017/2018] AADL - Architecture Analysis and Design Language
[2017/2018] AADL - Architecture Analysis and Design Language
 
Embedded 120206023739-phpapp02
Embedded 120206023739-phpapp02Embedded 120206023739-phpapp02
Embedded 120206023739-phpapp02
 
HPC Application Profiling & Analysis
HPC Application Profiling & AnalysisHPC Application Profiling & Analysis
HPC Application Profiling & Analysis
 
HPC Application Profiling and Analysis
HPC Application Profiling and AnalysisHPC Application Profiling and Analysis
HPC Application Profiling and Analysis
 
OORPT Dynamic Analysis
OORPT Dynamic AnalysisOORPT Dynamic Analysis
OORPT Dynamic Analysis
 
Embedded
EmbeddedEmbedded
Embedded
 
Embedded systems notes
Embedded systems notesEmbedded systems notes
Embedded systems notes
 
Web Template Mechanisms in SOC Verification - DVCon.pdf
Web Template Mechanisms in SOC Verification - DVCon.pdfWeb Template Mechanisms in SOC Verification - DVCon.pdf
Web Template Mechanisms in SOC Verification - DVCon.pdf
 
Embedded 100912065920-phpapp02
Embedded 100912065920-phpapp02Embedded 100912065920-phpapp02
Embedded 100912065920-phpapp02
 
Embedded 100912065920-phpapp02
Embedded 100912065920-phpapp02Embedded 100912065920-phpapp02
Embedded 100912065920-phpapp02
 
Embedded system
Embedded systemEmbedded system
Embedded system
 
Embedded 100912065920-phpapp02
Embedded 100912065920-phpapp02Embedded 100912065920-phpapp02
Embedded 100912065920-phpapp02
 
Chap 03.pdf
Chap 03.pdfChap 03.pdf
Chap 03.pdf
 
ASIC Design Flow | Physical Design | VLSI
ASIC Design Flow | Physical Design | VLSI ASIC Design Flow | Physical Design | VLSI
ASIC Design Flow | Physical Design | VLSI
 
Linux Device Driver,LDD,
Linux Device Driver,LDD,Linux Device Driver,LDD,
Linux Device Driver,LDD,
 
linux device driver
linux device driverlinux device driver
linux device driver
 
L06 Using Design Patterns
L06 Using Design PatternsL06 Using Design Patterns
L06 Using Design Patterns
 
Presentation on Behavioral Synthesis & SystemC
Presentation on Behavioral Synthesis & SystemCPresentation on Behavioral Synthesis & SystemC
Presentation on Behavioral Synthesis & SystemC
 
Bba i-introduction to computer-u-2- application and system software
Bba i-introduction to computer-u-2- application and system softwareBba i-introduction to computer-u-2- application and system software
Bba i-introduction to computer-u-2- application and system software
 
Bsc cs 1 fit u-2 application and system software
Bsc cs 1 fit u-2 application and system softwareBsc cs 1 fit u-2 application and system software
Bsc cs 1 fit u-2 application and system software
 

Plus de Ivano Malavolta

Conducting Experiments on the Software Architecture of Robotic Systems (QRARS...
Conducting Experiments on the Software Architecture of Robotic Systems (QRARS...Conducting Experiments on the Software Architecture of Robotic Systems (QRARS...
Conducting Experiments on the Software Architecture of Robotic Systems (QRARS...
Ivano Malavolta
 

Plus de Ivano Malavolta (20)

Conducting Experiments on the Software Architecture of Robotic Systems (QRARS...
Conducting Experiments on the Software Architecture of Robotic Systems (QRARS...Conducting Experiments on the Software Architecture of Robotic Systems (QRARS...
Conducting Experiments on the Software Architecture of Robotic Systems (QRARS...
 
The H2020 experience
The H2020 experienceThe H2020 experience
The H2020 experience
 
The Green Lab - Research cocktail @Vrije Universiteit Amsterdam (October 2020)
The Green Lab - Research cocktail @Vrije Universiteit Amsterdam (October 2020)The Green Lab - Research cocktail @Vrije Universiteit Amsterdam (October 2020)
The Green Lab - Research cocktail @Vrije Universiteit Amsterdam (October 2020)
 
Software sustainability and Green IT
Software sustainability and Green ITSoftware sustainability and Green IT
Software sustainability and Green IT
 
Navigation-aware and Personalized Prefetching of Network Requests in Android ...
Navigation-aware and Personalized Prefetching of Network Requests in Android ...Navigation-aware and Personalized Prefetching of Network Requests in Android ...
Navigation-aware and Personalized Prefetching of Network Requests in Android ...
 
How Maintainability Issues of Android Apps Evolve [ICSME 2018]
How Maintainability Issues of Android Apps Evolve [ICSME 2018]How Maintainability Issues of Android Apps Evolve [ICSME 2018]
How Maintainability Issues of Android Apps Evolve [ICSME 2018]
 
Collaborative Model-Driven Software Engineering: a Classification Framework a...
Collaborative Model-Driven Software Engineering: a Classification Framework a...Collaborative Model-Driven Software Engineering: a Classification Framework a...
Collaborative Model-Driven Software Engineering: a Classification Framework a...
 
Experimenting on Mobile Apps Quality - a tale about Energy, Performance, and ...
Experimenting on Mobile Apps Quality - a tale about Energy, Performance, and ...Experimenting on Mobile Apps Quality - a tale about Energy, Performance, and ...
Experimenting on Mobile Apps Quality - a tale about Energy, Performance, and ...
 
Modeling objects interaction via UML sequence diagrams [Software Design] [Com...
Modeling objects interaction via UML sequence diagrams [Software Design] [Com...Modeling objects interaction via UML sequence diagrams [Software Design] [Com...
Modeling objects interaction via UML sequence diagrams [Software Design] [Com...
 
Modeling behaviour via UML state machines [Software Design] [Computer Science...
Modeling behaviour via UML state machines [Software Design] [Computer Science...Modeling behaviour via UML state machines [Software Design] [Computer Science...
Modeling behaviour via UML state machines [Software Design] [Computer Science...
 
Object-oriented design patterns in UML [Software Design] [Computer Science] [...
Object-oriented design patterns in UML [Software Design] [Computer Science] [...Object-oriented design patterns in UML [Software Design] [Computer Science] [...
Object-oriented design patterns in UML [Software Design] [Computer Science] [...
 
Structure modeling with UML [Software Design] [Computer Science] [Vrije Unive...
Structure modeling with UML [Software Design] [Computer Science] [Vrije Unive...Structure modeling with UML [Software Design] [Computer Science] [Vrije Unive...
Structure modeling with UML [Software Design] [Computer Science] [Vrije Unive...
 
Requirements engineering with UML [Software Design] [Computer Science] [Vrije...
Requirements engineering with UML [Software Design] [Computer Science] [Vrije...Requirements engineering with UML [Software Design] [Computer Science] [Vrije...
Requirements engineering with UML [Software Design] [Computer Science] [Vrije...
 
Modeling and abstraction, software development process [Software Design] [Com...
Modeling and abstraction, software development process [Software Design] [Com...Modeling and abstraction, software development process [Software Design] [Com...
Modeling and abstraction, software development process [Software Design] [Com...
 
[2017/2018] Agile development
[2017/2018] Agile development[2017/2018] Agile development
[2017/2018] Agile development
 
Reconstructing microservice-based architectures
Reconstructing microservice-based architecturesReconstructing microservice-based architectures
Reconstructing microservice-based architectures
 
[2017/2018] Architectural languages
[2017/2018] Architectural languages[2017/2018] Architectural languages
[2017/2018] Architectural languages
 
[2017/2018] Introduction to Software Architecture
[2017/2018] Introduction to Software Architecture[2017/2018] Introduction to Software Architecture
[2017/2018] Introduction to Software Architecture
 
[2017/2018] RESEARCH in software engineering
[2017/2018] RESEARCH in software engineering[2017/2018] RESEARCH in software engineering
[2017/2018] RESEARCH in software engineering
 
Mobile Apps quality - a tale about energy, performance, and users’ perception
Mobile Apps quality - a tale about energy, performance, and users’ perceptionMobile Apps quality - a tale about energy, performance, and users’ perception
Mobile Apps quality - a tale about energy, performance, and users’ perception
 

Dernier

Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 

Dernier (20)

Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Tech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdfTech Trends Report 2024 Future Today Institute.pdf
Tech Trends Report 2024 Future Today Institute.pdf
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 

AADL: Architecture Analysis and Design Language

  • 1. Lab on AADL Ivano Malavolta
  • 3. Real-Time, Critical, Embedded Systems « Real-time systems are defined as those systems in which the correctness of the system depends not only on the logical result of computation, but also on the time at which the results are produced » Stankovic, 1988. Properties we look for: – Functions must be predictable: the same data input will produce the same data output. – Timing behavior must be predictable: must meet temporal constraints (e.g. deadline).
  • 4. Real-Time, Critical, Embedded Systems Critical (or hard) real-time systems: temporal constraints MUST be met, otherwise defects could have a dramatic impact on human life, on the environment, on the system Embedded systems: computing system designed for specific control functions within a larger system n Often with temporal constraints n Part of a complete device, often including hardware and mechanical parts n Limited amount of resources
  • 5. Real-Time, Critical, Embedded Systems • Need to handle time. Concurrent applications. • May have dramatic impact on human life, on the system, ... • Do not allow software maintenance à difficult to correct erroneous software/bugs • High implementation cost – temporal constraints verification, safety, dedicated hardware/ software • Examples : aircraft, satellite, automotive, … 5
  • 7. Real-Time, Critical, Embedded Systems Specific software engineering methods/models/tools to master quality and cost n Example : early verifications at design step
  • 8. Advantages of early fault discovery
  • 9. Objectives of this lecture • Issues – How to model/design a real-time critical embedded system that conforms to requirements? – How to verify the solution? – How to prototype/implement it? • One solution among others: use an architectural language • to model the system • to run various verification • and to automatically produce the system • Focus on the AADL2.1 SAE standard (2012)
  • 10. Case study Goal: to model a simple radar system Let us suppose we have the following requirements: 1. System implementation is composed by physical devices (Hardware entity): antenna + processor + memory + bus 2. and software entities : running processes and threads + operating system functionalities (scheduling) implemented in the processor that represent a part of execution platform and physical devices in the same time 3. The main process is responsible for signals processing : general pattern: transmitter -> antenna -> receiver -> analyzer -> display 4. Analyzer is a periodic thread that compares transmitted and received signals to perform detection, localization and identification
  • 11. Outline of this lecture Goal: introduce model-based description of embedded real-time critical systems using the AADLv2 architectural language • Part 1: Basics on AADLv2 core – Syntax, semantics of the language • Part 2: Case study – A radar illustrative case study
  • 13. Outline 1. Quick overview 2. AADL key modeling constructs 1. Software components 2. Execution platform components 3. Properties 4. Modelling large scale systems 3. Tool support
  • 14. Introduction AADL: AL for real-time critical embedded systems (Architecture Analysis and Design Language) – Goal : modeling software and hardware architectures • to master complexity • to perform analysis • to generate code • …. – Concepts : components, connections, deployments. – Many ALs : formal/non formal, application domain, …
  • 15. AADL: Architecture Analysis & Design Language • International standard promoted by SAE, AS-2C committee, released as AS5506 family of standards • Version 1.0 (2004), version 2 (2009), 2.1 (2012) – Based on feedback from industry users, mostly from the space and avionics domain • Annex document to address specific needs – Behavior, data, error modeling, code generation, …
  • 18. AADL in the process
  • 19. AADL: Architecture Analysis & Design Language Based on the component-connector paradigm Key Elements: • Core AADL language standard – Textual & graphical, precise semantics, extensible • AADL Meta model & XMI/XML standard – Model interchange & tool interoperability • Annexes Error Model Annex as standardized extension – Error Model Annex addresses fault/reliability modeling, hazard analysis • UML 2.0 profile for AADL – Transition path for UML practitioners community
  • 21. The AADL language in one slide
  • 22. AADL components • AADL model : hierarchy/tree of components • AADL component • Model a software or a hardware entity • May be organized in packages : reusable • Has a type/interface, one or several implementations • May have subcomponents • May combine/extend/refine others • May have properties : valued typed attributes (source code file name, priority, execution time, memory consumption, …) • Component interactions – Modeled by component connections – AADL features are connection points
  • 23. AADL components • How to declare a component: – Component type: • name, category, properties, features => interface – Component implementation: internal structure (subcomponents), properties • Component categories: model real-time abstractions, close to the implementation space (ex : processor, task, …) • Each category has a well-defined semantics/behavior, refined through the property mechanism – Software components – Hardware components: execution platform – Systems : bounding box of a system • Model a deployment
  • 24. Component type • AADLv2 distinguished type and implementation Component type = high-level specification of a component All component type declarations follow the same pattern: 24 <category> foo [extends <bar>] features -- list of features -- interface properties -- list of properties -- e.g. priority end foo; Inherit features and properties from parent Interface of the component: Exchange messages, access to data or call subprograms Some properties describing non-functional aspect of the component
  • 25. Component type example -- model a sequential execution flow subprogram Spg -- Spg represents a C function, features -- in file "foo.c", that takes one in_param : in parameter foo_data; -- parameter as input properties Source_Language => C; Standard properties, one can Source_Text => ("foo.c"); define its own properties end Spg; -- model a schedulable flow of control thread bar_thread -- bar_thread is a sporadic thread : features -- dispatched whenever it in_data : in event data port foo_data; -- receives an event on its “in_data" properties -- port Dispatch_Protocol => Sporadic; end bar_thread;
  • 26. Component implementation • Component Implementation completes the interface – Think spec/body package (Ada), interface/class (Java) <category> implementation foo.i [extends <bar>.i] subcomponents -- internal components foo.i implements foo calls -- called subprograms, -- only for threads or subprograms connections properties -- list of properties -- e.g. Deadline end foo.i;
  • 27. Component implementation example subprogram Spg -- Spg represents a C function, features -- in file "foo.c", that takes one in_param : in parameter foo_data; -- parameter as input properties Source_Language => C; Source_Text => ("foo.c"); end Spg; thread bar_thread -- bar_thread is a sporadic thread, features -- it is dispatched whenever it in_data : in event data port foo_data; -- receives an event properties Dispatch_Protocol => Sporadic; end bar_thread; thread implementation bar_thread.impl -- in this implementation, at each -- dispatch we execute the "C" call calls -- sequence. We pass the dispatch C : { S : subprogram spg; }; -- parameter to the call sequence connections P1: parameter in_data -> S.in_param; end bar_thread.impl; Connect data/ parameter
  • 28. AADL concepts • AADL introduces many other concepts: – Related to embedded real-time critical systems • AADL flows: capture high-level data + execution flows • AADL modes: model operational modes in the form of an alternative set of active components, connections, … – To ease models design/management • AADL packages (similar to Java, renames, private/ public) • AADL abstract component, component extensions, …
  • 29. Outline 1. Quick overview 2. AADL key modeling constructs 1. Software components 2. Execution platform components 3. Properties 4. Modelling large scale systems 3. Tool support
  • 30. Summary of AADL elements
  • 31. Three levels of description • Category (predefined) • Type – specification of the external interface • Implementation – specification of the content • Instance – instantiation of a type or an implementation – this is done by the tool
  • 32. Software components categories • Process : address space. It must hold at least one thread • Thread : schedulable execution flow, Ada or VxWorks task, Java or POSIX thread. Execute programs • Data : data placeholder, e.g. C struct, C++ class, Ada record • Subprogram : a sequential execution flow. Associated to a source code (C, Ada) or a model (SCADE, Simulink) • Thread group : hierarchy of threads
  • 33. Software components Example of a process component composed of two threads thread receiver end receiver; thread implementation receiver.impl end receiver.impl; thread analyser end analyser; thread implementation analyser.impl end analyser.impl; process processing end processing; process implementation processing.others subcomponents receive : thread receiver.impl; analyse : thread analyser.impl; . . . end processing.others;
  • 34. Software components Example of a thread component : a thread may call different subprograms thread receiver end receiver; thread implementation receiver.impl calls CS : { call1 : subprogram Receiver_Spg; call2 : subprogram ComputeCRC_Spg; }; end receiver.impl; subprogram Receiver_Spg end Receiver_Spg; subprogram ComputeCRC_Spg end ComputeCRC_Spg; . . .
  • 35.
  • 36.
  • 37.
  • 38.
  • 39.
  • 40.
  • 41. Thread group A thread group represents an organizational component to logically group threads contained in a process Thread groups can be hierarchically nested
  • 42.
  • 43. Subprogram A subprogram component represents an execution entry point in source text No component can contain subprogram subcomponents. Instances of subprogram don't exist A subprogram call in the implementation of a thread or another subprogram may be “seen as” the inclusion of a subprogram subcomponent A thread can have call sequences for its states: – initialization, finalization, activation, deactivation, computation, and recovery Each thread dispatch executes the computation call sequence once
  • 44. States of a thread
  • 47. Data It represents static data (e.g., numerical data or source text) and data types within a system – (e.g., used as data types on ports and parameters) Components may have a shared access to a data component Good practice: to store data definitions in a separate file
  • 50.
  • 51. Component connection Features of subcomponents are connected in the “connections” subclause of the enclosing component Example thread analyser features analyser_out : out data port Target_Position.Impl; end analyser; thread display_panel features display_in : in data port Target_Position.Impl; end display_panel; process implementation processing.others subcomponents display : thread display_panel.impl; analyse : thread analyser.impl; connections port analyse.analyser_out -> display.display_in; end processing.others;
  • 52.
  • 54. Data connection policies Immediate receiver thread is immediately awaken, and will read data when emitter finished Delayed actual transmission is delayed to the next time frame
  • 56. Modes A mode represents an operational state of a system A mode of a component can influence: – property values – activation of specific subcomponents – existence of connections Example - Modes of a cruise controller: {initialize, disengaged, engaged}
  • 57. Modes transitions Mode transitions represent configuration changes as reaction to events – Triggered through ports (from outside or from a subcomponent) – Triggered internally by implementation software – Triggered internally in an execution platform component or a device • Note: Modes are not intended for modeling detailed internal behavior of threads or subprograms (︎ AADL Behavior Annex)
  • 60. Outline 1. Quick overview 2. AADL key modeling constructs 1. Software components 2. Execution platform components 3. Properties 4. Modelling large scale systems 3. Tool support
  • 61. Hardware components categories • Processor/virtual processor – schedule component (combined CPU and RTOS scheduler). A processor may contain multiple virtual processors • memory – model data storage (memory, hard drive) • device – component that interacts with the environment. Internals (e.g. firmware) is not modeled. • bus/virtual bus – data exchange mechanism between components Device Memory bus Processor
  • 62.
  • 63.
  • 64.
  • 65.
  • 66.
  • 67.
  • 68.
  • 69. Software/platform binding Maps application software elements to execution platform elements using binding properties
  • 70. Software/platform binding • Actual_Processor_Binding – Specify which processor schedules and executes a thread or executes a (kernel mode) device driver • Actual_Memory_Binding – Specify the memory components in which executable code (process components) and data (data component) reside • Actual_Connection_Binding – Specify the communication channels that are used by logical connections (see next section)
  • 71. Bus access Access to buses is declared explicitly in AADL
  • 72.
  • 73. Outline 1. Quick overview 2. AADL key modeling constructs 1. Software components 2. Execution platform components 3. Properties 4. Modelling large scale systems 3. Tool support
  • 74. AADL properties Property: – Typed attribute, associated to one or more components – Property = name + type + allowed components – Property association = property name + value Allowed types in properties: – aadlboolean, aadlinteger, aadlreal, aadlstring, enumeration, many others … Can be propagated to subcomponents: inherit Can override parent’s one, case of extends
  • 76. AADL properties Properties are associated to a component type (1) or implementation (2), as part of a subcomponent instance (3), or a contained property association (4). process implementation processing.others subcomponents receive0 : thread receiver.impl; receive1 : thread receiver.impl; receive2 : thread receiver.impl {Deadline => 200 ms;}; -- (3) properties -- (4) Deadline => 300 ms applies to receive1; end processing.others; thread receiver properties -- (1) Compute_Execution_Time => 3 .. 4 ms; Deadline => 150 ms ; end receiver; thread implementation receiver.impl properties -- (2) Deadline => 160 ms; Compute_Execution_Time => 4 .. 10 ms; end receiver.impl;
  • 77. Property sets Property sets : – Group property definitions – They can be either • part of the standard, e.g. Thread_Properties • or user-defined, e.g. for new analysis as power analysis Example : property set Thread_Properties is . . . Priority : aadlinteger applies to (thread, device, …); Source_Text : inherit list of aadlstring applies to (data, port, thread, …); . . . end Thread_Properties;
  • 79. Measurement units Properties are typed with units to model physical systems, related to embedded real-time critical systems property set AADL_Projects is Time_Units: type units ( ps, ns => ps * 1000, us => ns * 1000, ms => us * 1000, sec => ms * 1000, min => sec * 60, hr => min * 60); -- … end AADL_Projects; property set Timing_Properties is Time: type aadlinteger 0ps .. Max_Time units Time_Units; Time_Range: type range of Time; Compute_Execution_Time: Time_Range applies to (thread, device, subprogram, event port, event data port); end Timing_Properties;
  • 80. Outline 1. Quick overview 2. AADL key modeling constructs 1. Software components 2. Execution platform components 3. Properties 4. Modelling large scale systems 3. Tool support
  • 81. AADL packages A package provides a means to organize the descriptions by the use of namespaces A package can contain: – component types – component implementations – port group types – annex libraries
  • 83. AADL systems Help structuring an architecture, with its own hierarchy of subcomponents. A system can include one or several subsystems In an AADL specification there is always a root system component Bindings : model the deployment of components inside the component hierarchy System
  • 84. AADL systems subprogram Receiver_Spg … thread receiver … thread implementation receiver.impl … call1 : subprobram Receiver_Spg; … end receiver.impl; process processing end processing; process implementation processing.others subcomponents receive : thread receiver.impl; analyse : thread analyser.impl; . . . end processing.others; device antenna end antenna; processor leon2 end leon2; system radar end radar; system implementation radar.simple subcomponents main : process processing.others; cpu : processor leon2; properties Actual_Processor_Binding => reference cpu applies to main; end radar.simple;
  • 85. A full AADL system : a tree of component instances • Component types and implementations only define a library of entities (classifiers) • An AADL model is a set of component instances (of the classifiers) • System must be instantiated through a hierarchy of subcomponents, from root (system) to the leafs (subprograms, ..) • We must choose a system implementation component as the root system model ! Root System Sub System Process Processor Thread Data Subprogram
  • 86. About subcomponents Some restrictions apply on subcomponents – A hardware cannot contain software, etc data data, subprogram thread data, subprogram thread group data, thread, thread group, subprogram process thread, thread group, data processor Memory, virtual processor, bus memory Memory, bus system ALL except subprogram, thread, and thread group 86
  • 87. System instances Component types and instances are “only” blueprints System instances represents the runtime architecture of an operational physical system Composed of software components + execution platform XML for storing system instances
  • 88. System instances 2 System instances are automatically generated by OSATE starting from complet system implementations
  • 89. Components extension & refinement Extension: to define a new extended classifier based on an existing classifier Allows incremental refinement of a model • Component extension – Component types – Component implementations WHY extensions? – Add elements to a classifier • features, subcomponents, connections, flows, etc. – Refine existing elements in a component – Add or override properties
  • 97. Outline 1. AADL a quick overview 2. AADL key modeling constructs 1. AADL components 2. Properties 3. Component connection 3. AADL: tool support
  • 98. AADL & Tools • OSATE (SEI/CMU, http://aadl.info) – Eclipse-based tools. Reference implementation. AADLv1 and v2 – Textual editors + various plug-ins • STOOD, ADELE (Ellidiss, http://www.ellidiss.com ) – Graphical editors for AADLv1 and v2, code/documentation generation • Cheddar (UBO/Lab-STICC, http://beru.univ-brest.fr/~singhoff/cheddar/ ) – Performance analysis, AADLv1 only • AADLInspector (Ellidiss, http://www.ellidiss.com) – Lightweight tool to inspect AADL models. AADLv1 and v2 – Industrial version of Cheddar + Simulation Engine • Ocarina (ISAE, http://www.openaadl.org) – Command line tool, library to manipulate models. AADLV1 and V2 – AADL parser + code generation + analysis (Petri Net, WCET, …) • Others: RAMSES, PolyChrony, ASSIST, MASIW, MDCF, TASTE, …
  • 100. Radar case study Hardware/Software breakdown: components PACKAGE radar PUBLIC PROCESS processing -- … END processing; DEVICE antenna -- … END antenna; END RADAR;
  • 101. Radar case study Hardware/Software breakdown: features in/out ports bus access PROCESS processing FEATURES to_screen : OUT EVENT PORT; send_pulse : OUT EVENT PORT; receive_pulse : IN DATA PORT; get_angle : IN DATA PORT; END processing; DEVICE antenna FEATURES antenna_in : IN EVENT PORT; VME : REQUIRES BUS ACCESS VME; END antenna;
  • 102. Radar case study Hardware/Software breakdown: connections Logical cnx Hardware cnx
  • 103. Radar case study Hardware/Software breakdown: connections SYSTEM IMPLEMENTATION radar.simple SUBCOMPONENTS aerial : DEVICE antenna; rotor : DEVICE motor; monitor : DEVICE screen; main : PROCESS processing.others; cpu : PROCESSOR leon2; VME : BUS VME; RAM : MEMORY RAM; CONNECTIONS PORT aerial.antenna_out -> main.receive_pulse; PORT rotor.motor_out -> main.get_angle; PORT main.send_pulse -> aerial.antenna_in; PORT main.to_screen -> monitor.screen_in; BUS ACCESS VME -> aerial.VME; BUS ACCESS VME -> rotor.VME; BUS ACCESS VME -> monitor.VME; BUS ACCESS VME -> cpu.VME; BUS ACCESS VME -> RAM.VME;
  • 104. Radar case study • Hardware/Software breakdown: bindings Bindings PROPERTIES Actual_Memory_Binding => reference (ram) applies to main; Actual_Processor_Binding => reference (cpu) applies to main; END radar.simple;
  • 105. Radar case study • Software elements
  • 106. On flow latency analysis…
  • 107. On flow latency analysis…
  • 108. What this lecture means to you? AADL = Architecture Analysis & Design Language AADL is for architectural description, period à Not to be compared with UML suites – Behavior, types, link with source code is not required Keep in mind models support an objective – In this lecture, it is just a high-level view of the design What is not covered by this lecture: flows, annexes, multidimensional arrays, virtual processors/buses, analyses with external tools
  • 109. Suggested readings 1. The SAE Architecture Analysis & Design Language (AADL) Standard. Peter H. Feiler, January 2008. [Introduction to the language] 2. The Architecture Analysis & Design Language (AADL): An Introduction, Peter H. Feiler David P. Gluch John J. Hudak, February 2006. [Use this as reference manual] 3. OSATE plug­in: SEI validation plug­ins. SEI. [Analysis in general] 4. Developing AADL Models for Control Systems: A Practitioner’s Guide. John Hudak Peter Feiler. July 2007. [Flow latency analysis]
  • 110. Links Tool: • http://www.aadl.info/aadl/osate/stable/2.0.8/products/ Example projects (other than the ones on Lore): 1. https://github.com/yoogx/AADLib 2. https://github.com/osate/examples 3. http://www.santoslab.org/pub/high-assurance/module-aadl/ slides/AADL-Isolette.pdf
  • 111. Acknowledgements Parts of this lecture have been elaborated from: • AADLv2, a Domain Specific Language for the Modeling, the Analysis and the Generation of Real-Time Embedded Systems. Frank Singhoff and Jérôme Hugues, MODELS 2014 tutorial. • SAE AADL V2: An Overview. Peter Feiler. © 2010 Carnegie Mellon University • Overview of AADL Syntax. J-P. Rosen, J-F. Tilman. AADL Workshop 2005
  • 112. Contact Ivano Malavolta | Post-doc researcher Gran Sasso Science Institute iivanoo ivano.malavolta@gssi.infn.it www.ivanomalavolta.com