EAST-ADL ECS2013 20131105 - KTH ICES PE_HV line PE_pilot line PE_phases PE_exictation EPF 2-4 AFFP_P...
Transcript of EAST-ADL ECS2013 20131105 - KTH ICES PE_HV line PE_pilot line PE_phases PE_exictation EPF 2-4 AFFP_P...
EAST-ADL An Architecture Description Language for Model based Development– An Architecture Description Language for Model-based Development
and Management of Automotive Embedded Systems
Dr. DeJiu Chen, KTH Royal Institute of Technology D H ik Lö V l T k T h lDr. Henrik Lönn, Volvo Trucks Technology
Embedded Conference Scandinavia 2013Ki S kh lKista, Stockholm
2013-11-05
What are the issues of concern?What are the issues of concern? EVC Cooling Unit
ITS ITS
MicroAut...
FPK Antenna-mo...
Mai...
PTC He...
CAN VEH
brake open
CAN ETS
brake closed
main relay
Pedal Position Sensor 1
gears
Pedal Position Sensor 2
-
- -
I-CAN
BA_Antenna-module_3
MR_Kl 87 -
Heat_400V in -
RF:K-Line
GPS:K Line
Li Ion Accu
charger
Power Elec...
AFFP
Electric Machine
HECU
RBS/SBA
ITS ITS
RLS
Front ...
Wind...
USM
Park aid
BCM
HMI-ECU
Gateway
Radio HVAC-...
eMotio...
DCM
Auto LinQ
Gears
Charging recept...
HVJB
SBW
Maintenance Switch
ev CAN
Accu_HV Accu_Interlock out
Accu_Interlock in
obc_P-CAN
obc_HV line
PE_P-CAN
PE_HV line
PE_pilot line
PE_phases
PE_exictation
EPF 2-4
AFFP_P CAN
AFFP_Pedal travel signal 2
AFFP_Pedal travel signal 1
HVIL conductor (Stator)
EMachine_phases
EMachine_HV in
EV EMR X61/L38
HECU_P-CAN
C-CAN
SBA_P CAN
pedal angle sensor
- -
LIN_1_D
LIN_1_E
LIN_2_D
Inter System-CAN - -
CF-CAN
I-CAN
CF-CAN
LIN_2_D
Inter System-CAN
LIN_1_D
LIN_1_E
-
Ethernet Cluster
Ethernet_AutoBoard_1
BA_AutoBoard_0
I-CAN
Inter System-CAN
C-CAN
I-CAN
M-CAN
P-CAN
D-CAN
D-Ethernet E1
M-CAN
-
I-CAN
BA_eMotion Skin_1 BA_eMotion Skin_1
CF-CAN
-
BA_Antenna-module_2
I-CAN
Ethernet
USB_eMotion Skin
-
P-R-N-D HMI
Three phases to obc -
HVJB_obc in
HVJB_Pilot signal out
HVJB_Pilot signal in
HVJB_Accu in
HVJB_Heater
HVJB_PE out
-
-
SBW_P CAN -
-
MSwitch_HV in
MSwitch_to HVJB
MSwitch_Pilot out
MSwitch_Pilot in -
-
GPS:K-Line
HMI:USB
HVJB - PE:HV line
Validation
SystemIntegration
System Requirements Analysis
System Concept
System
Real users, ’or’their stated needs
SystemTest
Acceptance test
Integration
Function Module
HW/SW U it
HW/SW.Unit TestSystem Concept
C lid ti
Function Module Concept Design
Function Module Requirements Analysis
Function ModuleIntegration
Function ModuleTest
SubsystemTest
y pDesign Verification
Mechanical Detailed Design
LayoutDes.
Implemen-tation
System Element
Prototyping/Production
LayoutOptimization
Proto-typ.
Software Integr.
HW/SW UnitIntegration
Consolidation
2013-11-05 ECS’13 2
Design Production
VDI 2206 - a process model of the system development process
State of practice Safety Safety Safety Functional & Technical SafetState of practice
Textual market requirement statements
Fine grained
Safety Engineer
Item goals Technical Safety Concepts
Fine‐grained traceability to All ?
Test caseTextual FRstatements
Models in SL, Textual Architecture
Fine‐grained traceability?
Test Engineer
Architect
statements Modelica, UML…specification
Discussions/ Meetings
Fine‐grained
Function Owner/Developer Textual module
integration spec.Models in UML…Textual module
specification
Fine grained traceability?
Software Designer
2013-11-05 ECS’13 3
CodeSoftware
Programmer
AgendaAgenda
ScopeScopeMethodology supportModeling for system specificationModeling for system specificationModeling for system analysisConclusionConclusion
2013-11-05 ECS’13 4
EAST-ADLEAST ADLAn open domain-specific modeling framework and formalism for automotive EE system descriptionA common ontology for model-based development and management of automotive E&E systems
(Safety) Requirements
Refine, Introduce &
Validate Req.Create Solution
Attach Safety Req. to Solution
Create Safety Relevant Models
Analyze Safety Enhanced
Model
Safety Requirements
Verify Solution against Safety
Req.
Vehicle Phase
Specify & Validate
Safety Req.
Refine, Introduce &
Validate Req.Create Solution
Attach Safety Req. to Solution
Create Safety Relevant Models
Analyze Safety Enhanced
Model
Verify Solution against Safety
Req.
Specify & Validate
SafetyReq.
Analysis Phase
Design Phase
Validate Req. to Solution Models Model
Safety Requirements
Req. Safety Req.
Refine, Introduce &
Validate Req.Create
Solution
Attach Safety Req. to Solution
Create Safety Relevant Models
Analyze Safety Enhanced
Model
Safety Requirements
Verify Solution against Safety
Req.
Specify & Validate
Safety Req.
Refine, Introduce &
V lid t RCreate
Solution
Attach Safety Req. t S l ti
Create Safety Relevant M d l
Analyze Safety Enhanced
M d l
Verify Solution against Safety
R
Specify & Validate
S f t R
Implementation Phase
Validate Req. Solution to Solution Models Model
Safety Requirements
Req. Safety Req.
RQ Engineer
Safety Engineer
SoftwareEngineer
System Engineer …
Model based architecture development with EAST ADLModel-based architecture development with EAST-ADLStakeholders,
Organization, Process
EAST-ADL Language and Methodology
EAST-ADL Tools
System Spec
Req Spec
V&V Spec
EAST-ADL Model
Var Spec
External Tools
p
Analytical Models for behavior, dependability, performance…
Target System
6
Models &Documents: consolidated and managed according to the views of stakeholders
Short historyShort history
• Valeo• AUDI AG
• BMW AG
• Carmeq GmbH
• CRF
• Daimler AG
• ETAS GmbH
Valeo
• Vector
• Volvo Car Corporation
• Volvo Technology AB
• ZF
• CEA-LIST http://www.maenad.eu/• ETAS GmbH
• Mecel AB
• Mentor Graphics
• OPEL GmbH
• PSA
• Renault
• INRIA
• LORIA
• Paderborn Univerisity-C-LAB
• Technical University of Darmstadt
• Technische Universität Berlin
Th R l I tit t f T h l
http://www.east-adl.info/
2013-11-05 ECS’13 7
• Robert Bosch GmbH
• Siemens, Continental
• The Royal Institute of Technology
• The University of Hull
• …
The methodology concept overviewThe methodology – concept overview
Vehicle
AnalysisCorrect-by-construction
Design
y
&
Correct-by-testing !
Impl.
2013-11-05 ECS’13 8
Oper.
The methodology model a snapshotThe methodology model – a snapshotVehicle
Analysis
Design
I lImpl.
Oper.
2013-11-05 ECS’13 9
The language concept overviewThe language – concept overview
EVC Cooling Unit
ITS ITS
Mai...
CAN VEH
CAN ETS main relay
-
- -
MR_Kl 87 -
Li Ion Accu
charger
Power Elec...
AFFP
Electric Machine
HECU
RBS/SBA
ITS ITS
RLS
Front ...
Wind...
USM
Park aid
MicroAut...
BCM
HMI-ECU
Gateway
Radio HVAC-...
eMotio...
FPK
DCM
Antenna-mo...
Auto LinQ
Gears
Charging recept...
HVJB
SBW
PTC He...
Maintenance Switch
ev CAN
Accu_HV Accu_Interlock out
Accu_Interlock in
obc_P-CAN
obc_HV line
PE_P-CAN
PE_HV line
PE_pilot line
PE_phases
PE_exictation
EPF 2-4
brake open
brake closed
Pedal Position Sensor 1
gears
Pedal Position Sensor 2
AFFP_P CAN
AFFP_Pedal travel signal 2
AFFP_Pedal travel signal 1
HVIL conductor (Stator)
EMachine_phases
EMachine_HV in
EV EMR X61/L38
HECU_P-CAN
C-CAN
SBA_P CAN
pedal angle sensor
- -
LIN_1_D
LIN_1_E
LIN_2_D
Inter System-CAN - -
CF-CAN
I-CAN
CF-CAN
LIN_2_D
Inter System-CAN
LIN_1_D
LIN_1_E
-
Ethernet Cluster
Ethernet_AutoBoard_1
BA_AutoBoard_0
I-CAN
Inter System-CAN
C-CAN
I-CAN
M-CAN
P-CAN
D-CAN
D-Ethernet E1
M-CAN
-
I-CAN
BA_eMotion Skin_1 BA_eMotion Skin_1
I-CAN
CF-CAN
-
BA_Antenna-module_2
BA_Antenna-module_3
I-CAN
Ethernet
USB_eMotion Skin
-
P-R-N-D HMI
Three phases to obc -
HVJB_obc in
HVJB_Pilot signal out
HVJB_Pilot signal in
HVJB_Accu in
HVJB_Heater
HVJB_PE out
-
-
SBW_P CAN -
-
Heat_400V in -
MSwitch_HV in
MSwitch_to HVJB
MSwitch_Pilot out
MSwitch_Pilot in -
-
RF:K-Line
GPS:K-Line
HMI:USB
HVJB - PE:HV line
The language scope Architecture specificationThe language scope – Architecture specification
Multi-leveled system specification (“Core”)y p ( )
VFM - Vehicle Feature Model
Abstracting
FAA - Functional Analysis ArchitectureFDA - Functional DesignFDA Functional Design Architecture
HWA - Hardware Architecture
Li Ion Accu
charger
Power Elec...
EVC
AFFP
Electric Machine
Cooling Unit
HECU
RBS/SBA
ITS ITS
RLS
Front ...
Wind...
USM
Park aid
MicroAut...
BCM
HMI-ECU
Gateway
Radio HVAC-...
eMotio...
FPK
Antenna-mo...
Auto LinQ
Gears
Mai...
HVJB
SBW
PTC He...
Maintenance Switch
ev CAN
Accu_HV Accu_Interlock out
Accu_Interlock in
obc_P-CAN
PE_P-CAN
PE HV line
PE_pilot line
PE phases
PE_exictation
EPF 2-4
CAN VEH
brake open
CAN ETS
brake closed
main relay
Pedal Position Sensor 1
gears
Pedal Position Sensor 2
-
AFFP_P CAN
AFFP_Pedal travel signal 2
AFFP_Pedal travel signal 1
HVIL conductor (Stator)
EMachine_phases
EMachine_HV in
EV EMR X61/L38
HECU_P-CAN
C-CAN
SBA_P CAN
pedal angle sensor
- -
LIN_1_D
LIN_1_E
LIN_2_D
Inter System-CAN - -
CF-CAN
I-CAN
CF-CAN
LIN_2_D
Inter System-CAN
LIN_1_D
LIN_1_E
-
Ethernet Cluster
Ethernet_AutoBoard_1
BA_AutoBoard_0
I-CAN
Inter System-CAN
C-CAN
I-CAN
M-CAN
P-CAN
D-CAN
D-Ethernet E1
M-CAN
-
I-CAN
BA_eMotion Skin_1 BA_eMotion Skin_1
I-CAN
BA_Antenna-module_2
BA_Antenna-module_3
I-CAN
Ethernet
USB_eMotion Skin
-
P-R-N-D HMI
MR_Kl 87 -
HVJB_obc in
HVJB_Pilot signal out
HVJB_Pilot signal in
HVJB_Accu in
HVJB_Heater
HVJB_PE out
-
-
SBW_P CAN -
-
Heat_400V in -
MSwitch_HV in
MSwitch_to HVJB
MSwitch_Pilot out
MSwitch_Pilot in -
-
RF:K-Line
GPS:K-Line
HMI:USB
HVJB - PE:HV line
Allocation - Binding of FDA to HWA
2013-11-05 ECS’13 11
ITS ITS DCM Charging recept...
obc_HV line PE_HV line PE_phases
- - CF-CAN
-
Three phases to obc -
HVJB PE:HV line
AUTOSAR
Example VFM for a vehicle feature specificationExample VFM for a vehicle feature specification
<<VehicleFeat re>> <<Feat reLinks>>
2013-11-05 ECS’13 12
<<VehicleFeature>> <<FeatureLinks>>
Example Analysis Architecture for an abstract function specification
<<PowerPort>> <<FlowPort>>
<<FunctionalDevice>>
<<AnalysisFunction>>
2013-11-05 ECS’13 13
Example Design Architecture for a more detailed function specification
<<LocalDeviceManager>>
<<DesignFunction>>
<<BasicSoftware>>
2013-11-05 ECS’13 14
<<HardwareFunction>>
The related specification of RealizationThe related specification of Realization
AnalysisAnalysis Architecture
<<Realisation>>
Design Architecture
2013-11-05 ECS’13 15
Example Realization MatrixesExample – Realization Matrixes<<Realisation>> VFM x AA
<<R li ti >> AA DA<<Realisation>> AA x DA
2013-11-05 ECS’13 16
Report for realization traceabilityReport for realization traceability
ABSBraking <VehicleFeature> is realized by pBrakePedalSensor: Generated report, a BrakePedalSensor <FunctionalDevice> <AnalysisFunctionPrototype>
BasicBraking <VehicleFeature> is realized by pBrakePedalSensor: BrakePedalSensor <FunctionalDevice> <AnalysisFunctionPrototype>
ABSBraking <VehicleFeature> is realized by pBrakePedalSensor:
p ,basis for systematic
- design contract creation,
impact assessment ABSBraking <VehicleFeature> is realized by pBrakePedalSensor: BrakePedalSensor <FunctionalDevice> <AnalysisFunctionPrototype>
PowerRegenByBraking <VehicleFeature> is realized by
pBrakePedalSensor: BrakePedalSensor <FunctionalDevice> <AnalysisFunctionPrototype>
- impact assessment for changes
- resolution of feature interference
<AnalysisFunctionPrototype>
pBrakePedalSensor: BrakePedalSensor <FunctionalDevice> <AnalysisFunctionPrototype> is realized by pBrakePedalSensor: P d lP E d <H d F i > <D i F i P >
…
PedalPosEncoder <HardwareFunction> <DesignFunctionPrototype>
pBrakePedalSensor: BrakePedalSensor <FunctionalDevice> <AnalysisFunctionPrototype> is realized by pBrakePedalIO: BrakePedalIO<BasicSoftware> <DesignFunctionPrototype>
2013-11-05 ECS’13 17
pBrakePedalSensor: BrakePedalSensor <FunctionalDevice> <AnalysisFunctionPrototype> is realized by pBrakePedalLDM: BrakePedalLDM <LocalDeviceManager> <DesignFunctionPrototype>
Example Func&HW binding specificationExample – Func&HW binding specification
<<FunctionAllocatoin>>
<<H d A hit t >><<HardwareArchitecture>>
2013-11-05 ECS’13 18
Example Allocation MatrixExample – Allocation MatrixAllocation Matrix
Resulted design
2013-11-05 ECS’13 19
The language scope – Modeling support forThe language scope Modeling support for requirements, analysis and V&V
Requirement modelProduct-line variability modelBehavior Model
Modes, triggering, external definition (Runnables)Temporal, quantification/ parametric, and computational constraints
Timing modelTiming events and timing-chain
Dependability modelItem, safety goals, functional and technical safety goalsFailure-modes and failure logics
V&V Model Li Ion Accu
charger
Power Elec...
EVC
AFFP
Electric Machine
Cooling Unit
HECU
RBS/SBA
ITS
ITS
ITS
ITS
RLS
Front ...
Wind...
USM
Park aid
MicroAut...
BCM
HMI-ECU
Gateway
Radio HVAC-...
eMotio...
FPK
DCM
Antenna-mo...
Auto LinQ
Gears
Mai...
Charging recept...
HVJB
SBW
PTC He...
Maintenance Switch
ev CAN
Accu_HV Accu_Interlock out
Accu_Interlock in
obc_P-CAN
obc_HV line
PE_P-CAN
PE_HV line
PE_pilot line
PE_phases
PE_exictation
EPF 2-4
CAN VEH
brake open
CAN ETS
brake closed
main relay
Pedal Position Sensor 1
gears
Pedal Position Sensor 2
-
AFFP_P CAN
AFFP_Pedal travel signal 2
AFFP_Pedal travel signal 1
HVIL conductor (Stator)
EMachine_phases
EMachine_HV in
EV EMR X61/L38
HECU_P-CAN
C-CAN
SBA_P CAN
pedal angle sensor
-
-
-
-
LIN_1_D
LIN_1_E
LIN_2_D
Inter System-CAN - -
CF-CAN
I-CAN
CF-CAN
LIN_2_D
Inter System-CAN
LIN_1_D
LIN_1_E
-
Ethernet Cluster
Ethernet_AutoBoard_1
BA_AutoBoard_0
I-CAN
Inter System-CAN
C-CAN
I-CAN
M-CAN
P-CAN
D-CAN
D-Ethernet E1
M-CAN
-
I-CAN
BA_eMotion Skin_1 BA_eMotion Skin_1
I-CAN
CF-CAN
-
BA_Antenna-module_2
BA_Antenna-module_3
I-CAN
Ethernet
USB_eMotion Skin
-
P-R-N-D HMI
MR_Kl 87 -
Three phases to obc -
HVJB_obc in
HVJB_Pilot signal out
HVJB_Pilot signal in
HVJB_Accu in
HVJB_Heater
HVJB_PE out
-
-
SBW_P CAN -
-
Heat_400V in -
MSwitch_HV in
MSwitch_to HVJB
MSwitch_Pilot out
MSwitch_Pilot in -
-
RF:K-Line
GPS:K-Line
HMI:USB
HVJB - PE:HV line
2013-11-05 ECS’13 20
Dependability ModelingDependability Modeling
Support for ISO26262 Safety Lifecycle, SEooCpp y y ,
2013-11-05 ECS’13 21
Example Dependability model for PHAExample Dependability model for PHA
<<Item>>
<<Hazard>>
<<Hazard
<<Safety G l
<<Hazard Event>>
Goal>>
2013-11-05 ECS’13 22
Example Error Model for FTA AnalysisExample Error Model for FTA Analysis<<ErrorModel>>
<<Anomaly>>
<<ErrorPropagation>>
2013-11-05 ECS’13 23
Example error logic definitionExample error logic definition
contain
2013-11-05 ECS’13 24
Behavior Constraint SpecificationBehavior Constraint Specification
RolesRolesRequirement refinements, elicitation, validationSystem compositionality, component composabilityError modelingError modelingTest case generation
2013-11-05 ECS’13 25
Example ABS behaviorExample – ABS behavior<<AttributeQuantificationConstraint>>
<<TemporalConstraint>>
2013-11-05 ECS’13 26
Language designLanguage design
Metamodel defined in UML (Enterprise Architect)( p )Documentation autogenerated from modelExchange format based on AUTOSAR schema
2013-11-05 ECS’13 27
Language implementationLanguage implementation
2013-11-05 ECS’13 28
ConclusionConclusionEAST-ADL provides a language and a methodology support for consistency enforcement, analysis,support for consistency enforcement, analysis, automated handling of information, and view generation in a multi-disciplinary engineering context.
Compatible with industrial standards and state-of-the-art technologies:
ISO 26262, AUTOSAR….Various formal techniques
http://www.maenad.eu/Various formal techniques
Flexible adoption.Conceptual
http://www.east-adl.info/
http://www.linkedin.com/groups/EASTADLpLanguageTool
-4639096
http://www.youtube.com/user/EASTADL
2013-11-05 ECS’13 32