Post on 21-Jan-2017
AdaCore DirectionsWho are we? Where are we going?
Cyrille ComarParis, October 1st
Agenda of the talk- Mission
- Location & People
- Values
- Strategy: Strengthening & Opening
- Research Activities
- QGen
- Conclusion
We help people build
software that matters.
Ada
- Expertise on critical software development
- Maintain & evolve (Ada) compilation toolchain with pedigree
- Emphasis on customer support
Locations
Robert Dewar (1945-2015)
Some of us in the US
Hristian, frontend
Ben, newsletterSteve, static analysisTucker, qgen
Nicolas, gps Doug, cross
We actively and creatively evolve our product line, operations, and organization to help our customers and teammates. We are passionate about what we do and are committed to learning, researching and creating.
We build long-term relationships with our teammates, customers, and partners. Acting as a team, we debate, cooperate, and help each other grow.
We share our plans, practices and technologies with our teammates, partners and customers. This is strengthened by our participation in relevant open-source and professional communities, and the open-source licensing of our products.
We organize our work to meet all our commitments. We provide customers, partners and teammates unrestricted access to our expertise, making support our number one priority. Our rigor ensures that our products can be used to build the most demanding software systems.
Strengthening & Opening
- Enhance our Ada offering (new targets, new tools, new optims…)
- Make SPARK+CodePeer « the » best game in town for
- complementing testing with static verifications
- industrial use of program proving- higher level of reliability- lower cost of verification- stop (some) security attacks
Help people build software that matters… even more
Strengthening & Opening
- Unexplored markets
- Software that matters in C
- Code generation from “models” that matter
Help more people build software that matters…
Strengthening & Opening
Unexplored Markets
Software that matters in C- Toolset that can be used for critical development:
- Manage pedigree of the C compiler (e.g. KP entries)
- Active long term maintenance (e.g. sustained branches)
- Set of verification tools (e.g. gnatcov)
- Better controlled build system (gprbuild)
Research Activites- Dashboarding: AdaSquore (DGA-Rapid)
- Formal methods:
- ProofInUse (LabCom with INRIA): enhance proving capabilities
- Vecolib (ANR): loop invariants
- Soprano (ANR): improve SMT solvers
- CAP2018 (FUI) with Sogilis & Squadrone
- SPARK in legacy C for FFI
Code generation from “models” that matter
QGen
What is QGen?A qualifiable and
customizable code generator
from Simulink® and Stateflow® to SPARK and
MISRA C
A formal model verifier
for runtime errors and functional properties
An open and extensible frameworkto integrate
heterogeneous models
QGen Main Features- Support for a large subset of Simulink®
- Around 120 blocks, optional checks for MISRA Simulink®- Stateflow® also supported, since early 2015
QGen Main Features- Support for a large subset of Simulink®
- Code generation producing MISRA C and SPARK (formally provable language)
- Readable and traceable code, no performance penalty
QGen Main Features- Support for a large subset of Simulink®
- Code generation producing MISRA C and SPARK (formally provable language)
- Integrated with compilation and testing frameworks- Integration with GNAT Pro compiler for qualified, end-to-end tool chain- Integration with GNATemulator and GNATcoverage for structural coverage analysis (up to
MC/DC) without code instrumentation executing embedded object code
QGen Main Features- Support for a large subset of Simulink®
- Code generation producing MISRA C and SPARK (formally provable language)
- Integrated with compilation and testing frameworks
- Includes a static model verifier- Focus on safety-critical systems- Run-time errors (divisions by zero, overflows, …)- Logical errors (dead execution paths)- Functional/safety properties (Simulink® assertions blocks)
QGen Main Features- Support for a large subset of Simulink®
- Code generation producing MISRA C and SPARK (formally provable language)
- Integrated with compilation and testing frameworks
- Includes a static model verifier
- Qualification material- Including validation against Simulink® simulation- DO-178C, EN 50128, ISO-26262 TCL3
QGen An open and extensible framework
QGen An open and extensible framework
“The gcc for modeling languages”- QGen is designed to accept multiple languages in input, including in-house DSLs- A single code generation style/strategy for all of your modeling languages- XML-based model import at different abstraction levels- Design model: blocks, signals, states, transitions, ….- Code model: variables, statements
Selective model compilation- QGen is composed of multiple model compilation steps- It is possible to execute them selectively - It is possible to import/export XML at any step
RoadmapFeb 2015
QGen commercial availability
Spring 2015
Stateflow® support
2016
Tool Qualification Planning Documents
2017
QGen Debugger
2018
QGen TQL1 qualification completed
Conclusion- World of critical software development is evolving…
- You are the main source of AdaCore evolution
So let’s talk… even more