Embedded system design with ada as the system design language

Recent research in software engineering has produced a number of techniques for structuring an understanding of systems. Many of these techniques are applicable to the design of embedded computer systems and produce designs whose structures are easily expressible in the ada language. This language is itself structured so that the design of a system can be expressed independently of its implementation. Thus ada can be a useful system design language (SDL) with these techniques. This paper describes the software design problem in the development of embedded computer systems. It shows how ada can be used as an SDL, as well as a system implementation language. The essential point is that as an SDL ada encourages designers to use recent theory to develop better structures for their systems, and its subsequent use to implement the systems preserves those structures in the product.     

Foundations of a new software engineering method for real-time systems

The design of a fault-tolerant distributed, real-time, embedded system with safety-critical concerns requires the use of formal languages. In this paper, we present the foundations of a new software engineering method for real-time systems that enables the integration of semiformal and formal notations. This new software engineering method is mostly based upon the ”COntinuuM” co-modeling methodology that we have used to integrate architecture models of real-time systems (Perseil and Pautet in 12th International conference on engineering of complex computer systems, ICECCS, IEEE Computer Society, Auckland, pp 371–376, 2007) (so we call it “Method C”), and a model-driven development process (ISBN 978-0-387-39361-2 in: From model-driven design to resource management for distributed embedded systems, Springer, chap. MDE benefits for distributed, real time and embedded systems, 2006). The method will be tested in the design and development of integrated modular avionics (IMA) frameworks, with DO178, DO254, DO297, and MILS-CC requirements.     

Emotion on FPGA: Model driven approach

Implementation of intelligent and bio-inspired algorithms in industrial and real applications is arduous, time consuming and costly; in addition, many aspects of system from high level behavior of algorithm to energy consumption of targeted system must be considered simultaneously in the design process. Advancement of hardware platforms such as DSPs, FPGAs and ASICs in recent years has made it increasingly possible to implement computationally complex intelligent systems; on the other hand, however, the design and testing costs of these systems are high. Reusability and extendibility features of the developed models can decrease the total cost and time-to-market of an intelligent system. In this work, model driven development approach is utilized for implementation of emotional learning as a bio-inspired algorithm for embedded purposes. Recent studies show that emotion is a mechanism for fast decision making in human and other animals, and can be assumed as an expert system. Mathematical models have been developed for describing emotion in mammals from cognitive studies. Here brain emotional based learning intelligent controller (BELBIC), which is based on mammalian middle brain, is designed and implemented on FPGA and the obtained embedded emotional controller (E-BELBIC) is utilized for controlling real laboratorial overhead traveling crane in model-free and embedded manner. Short time-to-market, easy testing and error handling, separating concerns, improving reusability and extendibility of obtained models in similar applications are some benefits of the model driven development methodology.     

基于Web界面设计模式的复杂行为建模及其代码生成方法

目前基于模型的Web用户界面(UI)研究中缺乏对复杂行为的模型设计和开发方法,极大地限制了此类方法的工程化应用。针对此问题,提出了一种形式化的Web界面行为描述语言,对基于Web的用户界面中的复杂行为建模,实现了行为模型的代码自动生成。实验表明,本方法在Web用户界面设计的开发过程中具有极大的灵活性,提高了界面设计模式的复用性。     

Flex‐eWare: a flexible model driven solution for designing and implementing embedded distributed systems

The complexity of modern embedded systems increases as they incorporate new concerns such as distribution and mobility. These new features need to be considered as early as possible in the software development life cycle. Model driven engineering promotes an intensive use of models and is now widely seen as a solution to master the development of complex systems such as embedded ones. Component‐based software engineering is another major trend that gains acceptance in the embedded world because of its properties such as reuse, modularity, and flexibility. This article proposes the Flex‐eWare component model (FCM) for designing and implementing modern embedded systems. The FCM unifies model driven engineering and component‐based software engineering and has been evaluated in several application domains with different requirements: wireless sensor networks, distributed client/server applications, and control systems for electrical devices. This approach highlights a new concept: flexibility points that arise at several stages of the development process, that is, in the model (design phase), in the execution platform, and during the execution itself. This flexibility points are captured with model libraries that can extend the FCM. Copyright © 2011 John Wiley & Sons, Ltd.     

Contract-based modeling and verification of timed safety requirements within SysML

In order to cope with the growing complexity of critical real-time embedded systems, systems engineering has adopted a component-based design technique driven by requirements. Yet, such an approach raises several issues since it does not explicitly prescribe how system requirements can be decomposed on components nor how components contribute to the satisfaction of requirements. The envisioned solution is to design, with respect to each requirement and for each involved component, an abstract specification, tractable at each design step, that models how the component is concerned by the satisfaction of the requirement and that can be further refined toward a correct implementation. In this paper, we consider such specifications in the form of contracts. A contract for a component consists in a pair (assumption, guarantee) where the assumption models an abstract behavior of the component’s environment and the guarantee models an abstract behavior of the component given that the environment behaves according to the assumption. Therefore, contracts are a valuable asset for the correct design of systems, but also for mapping and tracing requirements to components, for tracing the evolution of requirements during design and, most importantly, for compositional verification of requirements. The aim of this paper is to introduce contract-based reasoning for the design of critical real-time systems made of reactive components modeled with UML and/or SysML. We propose an extension of UML and SysML languages with a syntax and semantics for contracts and the refinement relations that they must satisfy. The semantics of components and contracts is formalized by a variant of timed input/output automata on top of which we build a formal contract-based theory. We prove that the contract-based theory is sound and can be applied for a relatively large class of SysML system models. Finally, we show on a case study extracted from the automated transfer vehicle (http://www.esa.int/ATV) that our contract-based theory allows to verify requirement satisfaction for previously intractable models.     

A development methodology for embedded systems based on RT-DEVS

This work is concerned with modelling, analysis and implementation of embedded control systems using RT-DEVS, i.e. a specialization of classic discrete event system specification (DEVS) for real-time. RT-DEVS favours model continuity, i.e. the possibility of using the same model for property analysis (by simulation or model checking) and for real time execution. Special case tools are reported in the literature for RT-DEVS model analysis and design. In this work, temporal analysis of a model exploits a translation in Uppaal timed automata for exhaustive verification. For large models a simulator was realized in Java which directly stems from RT-DEVS operational semantics. The same concerns are at the basis of a real-time executive. The paper describes the proposed RT-DEVS development methodology and clarifies its implementation status. The approach is demonstrated by applying it to an embedded system example which is analyzed through model checking and implemented in Java. Finally, research directions which deserve further work are indicated.     

Systems implementation languages and IRONMAN

The U.S. Department of Defense has recently issued a set of requirements, which it called IRONMAN, for the design of a programming language that it will use for embedded computer applications. To date four competing languages have been designed and, after considerable debate and scrutiny, these have been reduced to two. It is expected that the winning language will be selected during 1979. This report compares the IRONMAN requirements against the state-of-the-art in systems implementation language design in an attempt to see the extent to which IRONMAN can be met from existing technology. Particular emphasis is given to the areas of large-scale program structuring, parallel programming, exception handling and hardware interaction. Finally, Dijkstra's criticism of IRONMAN and the competing languages will be examined. It will be argued that he may be justified in doubting the viability of a language with such diverse features.     

A systematic approach to embedded biomedical decision making

An embedded decision making is a key feature for many biomedical systems. In most cases human life directly depends on correct decisions made by these systems, therefore they have to work reliably. This paper describes how we applied systems engineering principles to design a high performance embedded classification system in a systematic and well structured way. We introduce the structured design approach by discussing requirements capturing, specifications refinement, implementation and testing. Thereby, we follow systems engineering principles and execute each of these processes as formal as possible. The requirements, which motivate the system design, describe an automated decision making system for diagnostic support. These requirements are refined into the implementation of a support vector machine (SVM) algorithm which enables us to integrate automated decision making in embedded systems. With a formal model we establish functionality, stability and reliability of the system. Furthermore, we investigated different parallel processing configurations of this computationally complex algorithm. We found that, by adding SVM processes, an almost linear speedup is possible. Once we established these system properties, we translated the formal model into an implementation. The resulting implementation was tested using XMOS processors with both normal and failure cases, to build up trust in the implementation. Finally, we demonstrated that our parallel implementation achieves the speedup, predicted by the formal model.     

A novel object-oriented environment for distributed process control systems

This paper addresses the design, development and implementation of distributed process control systems. A novel object-oriented environment is presented that supports the development lifecycle phases. The core of this environment is the integrated design notation (IDN), which is based on the unified modelling language (UML). Its emphasis is on open architectures and thus it uses open standards such as UML (for software engineering), IEC 61131-3 (for process control) and SIMULINK (for control engineering). Automated translation of models and languages across the different disciplines is created with the IDN. Also, the source code implementation phase is produced in Java, thus achieving greater portability for control systems.     

A metamodel for the design of polychronous systems

This article presents the development of a metamodel and an open-source design environment for the synchronous language Signal in the Gme and Eclipse frameworks. This environment is intended to be used as a pivot modeling tool for a customized, aspect-oriented and application-driven, computer-aided engineering of embedded systems starting from multiple and heterogeneous initial specifications. The metamodel, called SignalMeta, is defined on top of the design workbench Polychrony, which is dedicated to Signal programming. Automated transformations are defined and implemented in order to produce, analyze, statically verify and model-check programs obtained from high-level models.The proposed approach promotes model-driven engineering within a framework that strongly favors formal validation. It aims at significantly decreasing design costs while improving the quality of systems. We demonstrate the agility of this approach by considering the design of both control-oriented and avionic systems. We start with an implementation of core polychronous¹ data-flow concepts in Gme and show the ease of its modular extension with application-specific concepts such as mode automata or integrated modular avionics concepts. This work is the first attempt to generalize the formal model of computation and the design philosophy of Polychrony.     

Formal methods integration in software engineering

This paper presents an extract from our works on a software engineering method for avionic real-time systems [3], the C-Method, which covers the whole software lifecycle thanks to a seamless process, and integrates formal methods in its process. Because distributed, real-time and embedded (DRE) systems have safety critical concerns, they require the use of formal languages (that allow non-ambiguous and rigorous specifications) in order to be able to prove their non-functional properties. Therefore, the “C-Method” relies on the use of formal languages in the earliest steps of the system specification and on the use of semi-formal languages in the analysis, design and programming steps. The fundamental question is how to integrate several languages with different levels of formalization and abstraction. The previous software engineering methods were based on a single language or notation, so they did not address this issue. In order to make the transitions more continuous between semi-formal and formal specifications, we have introduced in the development process what we call “intermediate” languages (+CAL and Why), that are easy to manipulate but directly linked to a formal language (TLA+ for +CAL, Why for PVS).     

Verification and analysis of domain-specific models of physical characteristics in embedded control software

ContextA considerable portion of the software systems today are adopted in the embedded control domain. Embedded control software deals with controlling a physical system, and as such models of physical characteristics become part of the embedded control software.ObjectiveDue to the evolution of system properties and increasing complexity, faults can be left undetected in these models of physical characteristics. Therefore, their accuracy must be verified at runtime. Traditional runtime verification techniques that are based on states/events in software execution are inadequate in this case. The behavior suggested by models of physical characteristics cannot be mapped to behavioral properties of software. Moreover, implementation in a general-purpose programming language makes these models hard to locate and verify. Therefore, this paper proposes a novel approach to perform runtime verification of models of physical characteristics in embedded control software.MethodThe development of an approach for runtime verification of models of physical characteristics and the application of the approach to two industrial case studies from the printing systems domain.ResultsThis paper presents a novel approach to specify models of physical characteristics using a domain-specific language, to define monitors that detect inconsistencies by exploiting redundancy in these models, and to realize these monitors using an aspect-oriented approach. We complement runtime verification with static analysis to verify the composition of domain-specific models with the control software written in a general-purpose language.ConclusionsThe presented approach enables runtime verification of implemented models of physical characteristics to detect inconsistencies in these models, as well as broken hardware components and wear and tear of hardware in the physical system. The application of declarative aspect-oriented techniques to realize runtime verification monitors increases modularity and provides the ability to statically verify this realization. The complementary static and runtime verification techniques increase the reliability of embedded control software.     

rCOS: a formal model-driven engineering method for component-based software

Model-driven architecture (MDA) has become a main stream technology for software-intensive system design. The main engineering principle behind it is that the inherent complexity of software development can only be mastered by building, analyzing and manipulating system models. MDA also deals with system complexity by providing component-based design techniques, allowing independent component design, implementation and deployment, and then system integration and reconfiguration based on component interfaces. The model of a system in any stage is an integration of models of different viewpoints. Therefore, for a model-driven method to be applied effectively, it must provide a body of techniques and an integrated suite of tools for model construction, validation, and transformation. This requires a number of modeling notations for the specification of different concerns and viewpoints of the system. These notations should have formally defined syntaxes and a unified theory of semantics. The underlying theory of the method is needed to underpin the development of tools and correct use of tools in software development, as well as to formally verify and reason about properties of systems in mission-critical applications. The modeling notations, techniques, and tools must be designed so that they can be used seamlessly in supporting development activities and documentation of artifacts in software design processes. This article presents such a method, called the rCOS, focusing on the models of a system at different stages in a software development process, their semantic integration, and how they are constructed, analyzed, transformed, validated, and verified.     

Object analysis patterns for embedded systems

Some of the most challenging tasks in building a software system are capturing, refining, and analyzing requirements. How well these tasks are performed significantly impacts the quality of the developed software system. The difficulty of these tasks is greatly exacerbated for the software of embedded systems as these systems are commonly used for critical applications, have to operate reliably for long periods of time, and usually have a high degree of complexity. Current embedded systems software development practice, however, often deals with the (requirements) analysis phase in a superficial manner, instead emphasizing design and implementation. This research investigates how an approach similar to the well-known design patterns, termed object analysis patterns, can be applied in the analysis phase of embedded systems development, prior to design and coding. Specifically, our research explores how object-oriented modeling notations, such as the Unified Modeling Language (UML), can be used to represent structural and behavioral information as part of commonly occurring object analysis patterns. This work also investigates how UML-based conceptual models of embedded systems, based on the diagram templates in the object analysis patterns, can be automatically analyzed using the Spin model checker for adherence to properties specified in linear-time temporal logic (LTL) using a previously developed UML formalization framework. We have applied these patterns to several embedded systems applications obtained from the automotive industry. This paper describes one of our case studies and illustrates how our approach facilitates the construction of UML-based conceptual models of embedded systems and the analysis of these models for adherence to functional requirements.     

An experimental evaluation of a higher-ordered-typed-functional specification-based test-generation technique

HOTTest is a model based test automation technique of software systems based on models of the system described using HaskellDB. HaskellDB is an embedded domain specific language derived from Haskell. HOTTest enforces a systematic abstraction process and exploits system invariants for automatically producing test cases for domain specific requirements. Use of functional languages for system modeling is a new concept and hence HOTTest is subject to concerns of usability, like any other new technique. Also, the syntax and the declarative style of Haskell based languages make them difficult to learn. Similar concerns can be raised for HOTTest as it shares the same syntax with Haskell. In this paper we describe an experiment designed to study the usability of HOTTest and to compare it with existing model based test design techniques. The results show that HOTTest is more usable than the traditional technique and demonstrate that the test suites produced by HOTTest are more effective and efficient than those generated using the traditional model based test design technique. Editor: James Miller