The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite...
Transcript of The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite...
![Page 1: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/1.jpg)
Julien Delange <julien dot delange at esa dot int>
The ASSERT Set of Tools for Engineering
(TASTE)
Julien Delange <[email protected]>
This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/3.0/ or
send a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA.
![Page 2: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/2.jpg)
Julien Delange <julien dot delange at esa dot int>
Overview
• Introduction, rationale & approach overview
• System & application modeling
• TASTE toolset
• Case studies
• Conclusion, perspectives
![Page 3: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/3.jpg)
Julien Delange <julien dot delange at esa dot int>
Overview
• Introduction, rationale & approach overview
• System & application modeling
• TASTE toolset
• Case studies
• Conclusion, perspectives
![Page 4: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/4.jpg)
Julien Delange <julien dot delange at esa dot int>
Introduction – identified issues
• Communication problems• How to synchronize teams ?
• System representation
• Technical issues• Correct implementation
• Integration
• Verification activities• Standards requirements
• Associated cost
![Page 5: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/5.jpg)
Julien Delange <julien dot delange at esa dot int>
Introduction – increasing issues
• System contain more functions• Communication through more teams
• More integration issues
• Functions complexity increase• Impossible to make bug-free system
• Involve large team, lead to management issues
• Verification are more and more restrictive• Cost is going bigger
• New tools and approaches required
![Page 6: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/6.jpg)
Julien Delange <julien dot delange at esa dot int>
Actual solutions
• Bruteforce approach• Increase the task force resource
• Spend more resources
• Software reuse• Take old components that works and are already verified …
• … tailoring for integration of new functions
• Modeling and code generation• Abstraction to cope with actual issues
• Integration issues still occur
• Cannot handle all system aspects
![Page 7: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/7.jpg)
Julien Delange <julien dot delange at esa dot int>
Limit of actual solutions
• Bruteforce approach: costly (time & money)
• Components reuse: still need to revalidate/certify
• Modeling: do not address all system aspects
![Page 8: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/8.jpg)
Julien Delange <julien dot delange at esa dot int>
TASTE toolchain
• Implementation of ASSERT process
• Abstract all system artifacts, from software to runtime
• Generate everything, build a“correct by construction” system
![Page 9: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/9.jpg)
Julien Delange <julien dot delange at esa dot int>
Overview
• Introduction, rationale & approach overview
• System & application modeling
• TASTE toolset
• Case studies
• Conclusion, perspectives
![Page 10: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/10.jpg)
Julien Delange <julien dot delange at esa dot int>
Modeling levels
• Data view• Types to be used by system functions
• Ex: TM/TC for a satellite
• Interface view• Functions to be executed by the system
• Implementation language independence
• Ex: mode change, TC handling
• Deployment view• Execution of functions by computers
• Describe execution constraints
![Page 11: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/11.jpg)
Julien Delange <julien dot delange at esa dot int>
Model processing
• Generate a single model• Vertical transformation approach
• Transform user models into AADL models
• Automatic generation from model• Generate all required code
• Automatic interface with application code
• Validation/verification activities• Validate/verify AADL models
• Reduce certification manual efforts
Data view
Interface view
Deployment view
Ver
tica
l tr
an
sfo
rma
tio
n
AADL model
Validation &verification
Automaticimplementation
![Page 12: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/12.jpg)
Julien Delange <julien dot delange at esa dot int>
Data view
• Rely on well-known technique: ASN.1
• Use in interface view functions• Description of data sent/received by system functions
• Auto-generate types and encoders• Automatic use by functions
• Ensure data consistency
![Page 13: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/13.jpg)
Julien Delange <julien dot delange at esa dot int>
Interface view: functions
• Define system functions and their properties• Implementation language, period, protection level, ...
• Ex: TC/TM management
• Interfaces for communication with other functions• Provided Interfaces (PI)
• Required Interfaces (RI)
• Interfaces characteristics• Interface parameters specification with ASN.1
• Active interface: executed in its own context
• Passive interface: executed in a caller context
• Interface property (inter-arrival time, …)
![Page 14: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/14.jpg)
Julien Delange <julien dot delange at esa dot int>
Interface view: supported languages
• Regular languages• Ada
• C
• Application-level models• SDL/RTDS
• Matlab/Simulink
• Hybrid languages• GUI
• Python interfaces
• Data exchanges based on ASN.1 !!!
![Page 15: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/15.jpg)
Julien Delange <julien dot delange at esa dot int>
Interface view: functions interfaces
• Periodic (active)• No parameter
• Execution on a periodic basis
• Sporadic (active)• One input parameter, activated on data reception
• Execution constrained by a minimal inter-arrival time
• Protected (passive)• Several input/output parameters
• Lock other function interfaces
• Unprotected (passive)• Several input/output parameters
• No lock mechanisms
![Page 16: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/16.jpg)
Julien Delange <julien dot delange at esa dot int>
Interface viewexample
Function pingerFunction pingee
System specificationTwo functions: one that pings (sends a number)to the other on a periodic basis.
Function pinger● One provided periodic interface (activator) to activate
system function.● One required interface to the receive_number
interface of the pingee function
Function pingee● One provided sporadic interface (receive_number) to
receive numbers.● Interface to be triggered by the pinger function
receive_number(sporadic)
Activator (periodic)
![Page 17: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/17.jpg)
Julien Delange <julien dot delange at esa dot int>
Deployment view
• Capture execution environment• Processor: architecture and OS specification
• Bus : protocol specification
• Drivers : devices contained on a computer/board
• Allocate function to boards• Implicit description of distribution strategy
• High level representation of system
![Page 18: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/18.jpg)
Julien Delange <julien dot delange at esa dot int>
Deployment view example
Board x86
Function pinger
Board x86● Intel processor 64 bits, little endian● Run a regular Linux● Send data through ethernet using the TCP/IP protocol
Board PPC● PowerPC processor, 32 bits, big endian● Run RTEMS executive runtime● Receive data using the TCP/IP protocol
Bus ethernet
Board PPC
Function pingee
Driver eth Driver eth
CPU x86_64/OS Linux CPU PPC/OS RTEMS
![Page 19: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/19.jpg)
Julien Delange <julien dot delange at esa dot int>
Overview
• Introduction, rationale & approach overview
• System & application modeling
• TASTE toolset
• Case studies
• Conclusion, perspectives
![Page 20: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/20.jpg)
Julien Delange <julien dot delange at esa dot int>
Toolset overview
TASTE GUI
ASN.1 source
Interface View
Deployment View
Text Editor
TASTE-IV
TASTE-DV
Data View
Buildsupport
Ocarina
Functional code
asn1Scc
Concurrency View
Architecture code
Functional code
Data mgmtcode
Glue code
![Page 21: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/21.jpg)
Julien Delange <julien dot delange at esa dot int>
Toolset: ASN1Scc
• Convert ASN.1 description into AADL models• Used for functional blocks communication
• Integration of ASN.1 types into AADL models
• Convert ASN.1 source into source code• Types definition in C/Ada
• Generation of encoding functions
• Ensure safety-critical requirements
ASN.1 source
Data View(AADL)
asn1Scc
Data mgmtcode (Ada/C)
![Page 22: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/22.jpg)
Julien Delange <julien dot delange at esa dot int>
Toolset: TASTE-IV (Interface view)
• Capture system functions• Specify properties and requirements
• Output AADL models with software components
• Describe functions interfaces• Periodic/sporadic/protected/unprotected
• Specify timing properties (MIAT/period/)
• Connect functions using the provided/required interface mechanism
![Page 23: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/23.jpg)
Julien Delange <julien dot delange at esa dot int>
Toolset: TASTE-DV (Deployment view)
• Capture distributed architecture• Include all system nodes to be used
• Output AADL model with hardware components
• Describe system nodes• Architecture concerns
• Device drivers to be used
• Embedded functions
• Specify communication buses• e.g: spacewire, ethernet, 1553, etc.
![Page 24: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/24.jpg)
Julien Delange <julien dot delange at esa dot int>
Toolset: TASTE-CV (Concurrency view)
• Edit Concurrency View
• Perform schedulability analysis/feasability tests (Cheddar)
• Simulate timing behavior (Marzhin)
![Page 25: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/25.jpg)
Julien Delange <julien dot delange at esa dot int>
Toolset: buildsupport
• Transform interfaces into resources• Task/data to be deployed on each system
• Output AADL models with hardware and software components
• Integration into the architecture• Separate functions and resources across nodes of the DV
• Assign configuration properties to AADL components
• Generate glue between architecture andapplication layers
• Inject data from/to architecture (drivers)to application code (C/Ada)
Interface View
Deployment View
Data View
Buildsupport
Concurrency View(AADL models)
Glue code (C/Ada)
![Page 26: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/26.jpg)
Julien Delange <julien dot delange at esa dot int>
Toolset: orchestrator
• Handle the development process• Input: interface/deployment views & ASN.1 source
• Output: system binaries
• Workflow• Call buildsupport, generate concurrency view & glue code
• Generate ASN.1 encoders & types definitions (ASN1Scc)
• Call Ocarina, generate architecture code
• Compile architecture code & functional code
• Python script• see. assert-builder-ocarina.py
![Page 27: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/27.jpg)
Julien Delange <julien dot delange at esa dot int>
Toolset: Ocarina
• AADL → C/Ada architecture code• Generate generic architecture code
• Avoid manual coding errors
• No useless resource or code due to the use of AADL descriptions
• Rely on µmiddleware for OS integration• Translate generic code into OS-specific request
• PolyORB-HI-C & PolyORB-HI-Ada
• Similar to OSAL from NASA
OcarinaConcurrency View
µmiddleware code
Generic code
OS/executive runtimeGen
era
t ed
bin
ary
![Page 28: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/28.jpg)
Julien Delange <julien dot delange at esa dot int>
Toolset: TASTEGUI
• Graphical interface to handle development process• Similar to orchestrator
• Assist users in system design• Code edition, generate skels
• Advanced functionalities• Timing analysis
• Memory analysis
• Automatic system deployment
• Function testing
![Page 29: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/29.jpg)
Julien Delange <julien dot delange at esa dot int>
Overview
• Introduction, rationale & approach overview
• System & application modeling
• TASTE toolset
• Case studies
• Conclusion, perspectives
![Page 30: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/30.jpg)
Julien Delange <julien dot delange at esa dot int>
Robotic example: exoarm
• Human movement acquisition
• Data processing using Simulink models
• Reproduction of movements on robots
Movement capture
Movement reproductionData processingData acquisition
![Page 31: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/31.jpg)
Julien Delange <julien dot delange at esa dot int>
Automotive domain: thermal control
• Thermal regulation control (e.g: motor temperature control)
• Assessment of TASTE regarding AUTOSAR requirements
![Page 32: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/32.jpg)
Julien Delange <julien dot delange at esa dot int>
Avionics domain: radar/GPS control
• Typical satellite system with TC/TM packets
• Configure TC/TM encryption• According to satellite position
• Avoid data transmission over unsafe area
• Evaluation with different deployment strategies• PC
• PC → <ethernet> → PC
• PC → <serial> LEON → <spw> → LEON → <serial> → PC
• Demonstrate deployment functionalities
![Page 33: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/33.jpg)
Julien Delange <julien dot delange at esa dot int>
Toy: unmanned drone
• Automatically control with wireless devices
• Integration of device drivers• Wireless drivers
• Serial communication with Arduino board
• Interface with Arduino platform• Handle electronic aspects
![Page 34: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/34.jpg)
Julien Delange <julien dot delange at esa dot int>
Overview
• Introduction, rationale & approach overview
• System & application modeling
• TASTE toolset
• Case studies
• Conclusion, perspectives
![Page 35: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/35.jpg)
Julien Delange <julien dot delange at esa dot int>
Conclusion
• Reduce the human factor• Avoid bugs !
• Reduce development cost• Time & money
• Verify, verify, verify !• As soon as possible
• Everywhere !
![Page 36: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/36.jpg)
Julien Delange <julien dot delange at esa dot int>
Perspectives
• Enhance toolchains• Flexible vertical transformation
• Extend application models• Support other modeling approaches
• More than validation: certification !• Automatic certification (DO178B, ECSS)
• To be discussed … (very costly !)
![Page 37: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/37.jpg)
Julien Delange <julien dot delange at esa dot int>The ASSERT Set of Tools for Engineering(TASTE)Julien Delange <[email protected]>This work is licensed under the Creative Commons Attribution-NonCommercial-ShareAlike 3.0 Unported License.To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/3.0/ or send a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA.
![Page 38: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/38.jpg)
Julien Delange <julien dot delange at esa dot int>Overview•Introduction, rationale & approach overview•System & application modeling•TASTE toolset•Case studies•Conclusion, perspectives
![Page 39: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/39.jpg)
Julien Delange <julien dot delange at esa dot int>Overview•Introduction, rationale & approach overview•System & application modeling•TASTE toolset•Case studies•Conclusion, perspectives
![Page 40: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/40.jpg)
Julien Delange <julien dot delange at esa dot int>Introduction – identified issues•Communication problems•How to synchronize teams ?•System representation•Technical issues•Correct implementation•Integration•Verification activities•Standards requirements•Associated cost
![Page 41: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/41.jpg)
Julien Delange <julien dot delange at esa dot int>Introduction – increasing issues•System contain more functions•Communication through more teams•More integration issues•Functions complexity increase•Impossible to make bug-free system•Involve large team, lead to management issues•Verification are more and more restrictive•Cost is going bigger•New tools and approaches required
![Page 42: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/42.jpg)
Julien Delange <julien dot delange at esa dot int>Actual solutions•Bruteforce approach•Increase the task force resource•Spend more resources•Software reuse•Take old components that works and are already verified …•… tailoring for integration of new functions•Modeling and code generation•Abstraction to cope with actual issues•Integration issues still occur•Cannot handle all system aspects
![Page 43: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/43.jpg)
Julien Delange <julien dot delange at esa dot int>Limit of actual solutions•Bruteforce approach: costly (time & money)•Components reuse: still need to revalidate/certify•Modeling: do not address all system aspects
![Page 44: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/44.jpg)
Julien Delange <julien dot delange at esa dot int>TASTE toolchain•Implementation of ASSERT process•Abstract all system artifacts, from software to runtime•Generate everything, build a“correct by construction” system
![Page 45: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/45.jpg)
Julien Delange <julien dot delange at esa dot int>Overview•Introduction, rationale & approach overview•System & application modeling•TASTE toolset•Case studies•Conclusion, perspectives
![Page 46: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/46.jpg)
Julien Delange <julien dot delange at esa dot int>Modeling levels•Data view•Types to be used by system functions•Ex: TM/TC for a satellite•Interface view•Functions to be executed by the system•Implementation language independence•Ex: mode change, TC handling•Deployment view•Execution of functions by computers•Describe execution constraints
![Page 47: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/47.jpg)
Julien Delange <julien dot delange at esa dot int>Model processing•Generate a single model•Vertical transformation approach•Transform user models into AADL models•Automatic generation from model•Generate all required code•Automatic interface with application code•Validation/verification activities•Validate/verify AADL models•Reduce certification manual effortsData viewInterface viewDeployment viewVertical transformationAADL modelValidation &verificationAutomaticimplementation
![Page 48: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/48.jpg)
Julien Delange <julien dot delange at esa dot int>Data view•Rely on well-known technique: ASN.1•Use in interface view functions•Description of data sent/received by system functions•Auto-generate types and encoders•Automatic use by functions•Ensure data consistency
![Page 49: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/49.jpg)
Julien Delange <julien dot delange at esa dot int>Interface view: functions•Define system functions and their properties•Implementation language, period, protection level, ...•Ex: TC/TM management•Interfaces for communication with other functions•Provided Interfaces (PI)•Required Interfaces (RI)•Interfaces characteristics•Interface parameters specification with ASN.1•Active interface: executed in its own context•Passive interface: executed in a caller context•Interface property (inter-arrival time, …)
![Page 50: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/50.jpg)
Julien Delange <julien dot delange at esa dot int>Interface view: supported languages•Regular languages•Ada•C•Application-level models•SDL/RTDS•Matlab/Simulink•Hybrid languages•GUI•Python interfaces•Data exchanges based on ASN.1 !!!
![Page 51: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/51.jpg)
Julien Delange <julien dot delange at esa dot int>Interface view: functions interfaces•Periodic (active)•No parameter•Execution on a periodic basis•Sporadic (active)•One input parameter, activated on data reception•Execution constrained by a minimal inter-arrival time•Protected (passive)•Several input/output parameters•Lock other function interfaces•Unprotected (passive)•Several input/output parameters•No lock mechanisms
![Page 52: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/52.jpg)
Julien Delange <julien dot delange at esa dot int>Interface viewexampleFunction pingerFunction pingeeSystem specificationTwo functions: one that pings (sends a number)to the other on a periodic basis.Function pinger●One provided periodic interface (activator) to activate system function.●One required interface to the receive_number interface of the pingee function Function pingee●One provided sporadic interface (receive_number) to receive numbers.●Interface to be triggered by the pinger functionreceive_number(sporadic)Activator (periodic)
![Page 53: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/53.jpg)
Julien Delange <julien dot delange at esa dot int>Deployment view•Capture execution environment•Processor: architecture and OS specification•Bus : protocol specification•Drivers : devices contained on a computer/board•Allocate function to boards•Implicit description of distribution strategy•High level representation of system
![Page 54: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/54.jpg)
Julien Delange <julien dot delange at esa dot int>Deployment view exampleBoard x86Function pingerBoard x86●Intel processor 64 bits, little endian●Run a regular Linux●Send data through ethernet using the TCP/IP protocolBoard PPC●PowerPC processor, 32 bits, big endian●Run RTEMS executive runtime●Receive data using the TCP/IP protocolBus ethernetBoard PPCFunction pingeeDriver ethDriver ethCPU x86_64/OS LinuxCPU PPC/OS RTEMS
![Page 55: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/55.jpg)
Julien Delange <julien dot delange at esa dot int>Overview•Introduction, rationale & approach overview•System & application modeling•TASTE toolset•Case studies•Conclusion, perspectives
![Page 56: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/56.jpg)
Julien Delange <julien dot delange at esa dot int>Toolset overviewTASTE GUIASN.1 sourceInterface ViewDeployment ViewText EditorTASTE-IVTASTE-DVData ViewBuildsupportOcarinaFunctional codeasn1SccConcurrency ViewArchitecture codeFunctional codeData mgmtcodeGlue code
![Page 57: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/57.jpg)
Julien Delange <julien dot delange at esa dot int>Toolset: ASN1Scc•Convert ASN.1 description into AADL models•Used for functional blocks communication•Integration of ASN.1 types into AADL models•Convert ASN.1 source into source code•Types definition in C/Ada•Generation of encoding functions•Ensure safety-critical requirementsASN.1 sourceData View(AADL)asn1SccData mgmtcode (Ada/C)
![Page 58: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/58.jpg)
Julien Delange <julien dot delange at esa dot int>Toolset: TASTE-IV (Interface view)•Capture system functions•Specify properties and requirements•Output AADL models with software components•Describe functions interfaces•Periodic/sporadic/protected/unprotected•Specify timing properties (MIAT/period/)•Connect functions using the provided/required interface mechanism
![Page 59: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/59.jpg)
Julien Delange <julien dot delange at esa dot int>Toolset: TASTE-DV (Deployment view)•Capture distributed architecture•Include all system nodes to be used•Output AADL model with hardware components•Describe system nodes•Architecture concerns•Device drivers to be used•Embedded functions•Specify communication buses•e.g: spacewire, ethernet, 1553, etc.
![Page 60: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/60.jpg)
Julien Delange <julien dot delange at esa dot int>Toolset: TASTE-CV (Concurrency view)•Edit Concurrency View•Perform schedulability analysis/feasability tests (Cheddar)•Simulate timing behavior (Marzhin)
![Page 61: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/61.jpg)
Julien Delange <julien dot delange at esa dot int>Toolset: buildsupport•Transform interfaces into resources•Task/data to be deployed on each system•Output AADL models with hardware and software components•Integration into the architecture•Separate functions and resources across nodes of the DV•Assign configuration properties to AADL components•Generate glue between architecture andapplication layers•Inject data from/to architecture (drivers)to application code (C/Ada)Interface ViewDeployment ViewData ViewBuildsupportConcurrency View(AADL models)Glue code (C/Ada)
![Page 62: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/62.jpg)
Julien Delange <julien dot delange at esa dot int>Toolset: orchestrator•Handle the development process•Input: interface/deployment views & ASN.1 source•Output: system binaries•Workflow•Call buildsupport, generate concurrency view & glue code•Generate ASN.1 encoders & types definitions (ASN1Scc)•Call Ocarina, generate architecture code•Compile architecture code & functional code•Python script•see. assert-builder-ocarina.py
![Page 63: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/63.jpg)
Julien Delange <julien dot delange at esa dot int>Toolset: Ocarina•AADL → C/Ada architecture code•Generate generic architecture code•Avoid manual coding errors•No useless resource or code due to the use of AADL descriptions•Rely on µmiddleware for OS integration•Translate generic code into OS-specific request•PolyORB-HI-C & PolyORB-HI-Ada•Similar to OSAL from NASAOcarinaConcurrency Viewµmiddleware codeGeneric codeOS/executive runtimeGeneratedbinary
![Page 64: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/64.jpg)
Julien Delange <julien dot delange at esa dot int>Toolset: TASTEGUI•Graphical interface to handle development process•Similar to orchestrator•Assist users in system design•Code edition, generate skels•Advanced functionalities•Timing analysis•Memory analysis•Automatic system deployment•Function testing
![Page 65: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/65.jpg)
Julien Delange <julien dot delange at esa dot int>Overview•Introduction, rationale & approach overview•System & application modeling•TASTE toolset•Case studies•Conclusion, perspectives
![Page 66: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/66.jpg)
Julien Delange <julien dot delange at esa dot int>Robotic example: exoarm•Human movement acquisition•Data processing using Simulink models•Reproduction of movements on robotsMovement captureMovement reproductionData processingData acquisition
![Page 67: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/67.jpg)
Julien Delange <julien dot delange at esa dot int>Automotive domain: thermal control•Thermal regulation control (e.g: motor temperature control)•Assessment of TASTE regarding AUTOSAR requirements
![Page 68: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/68.jpg)
Julien Delange <julien dot delange at esa dot int>Avionics domain: radar/GPS control•Typical satellite system with TC/TM packets•Configure TC/TM encryption•According to satellite position•Avoid data transmission over unsafe area•Evaluation with different deployment strategies•PC•PC → <ethernet> → PC•PC → <serial> LEON → <spw> → LEON → <serial> → PC•Demonstrate deployment functionalities
![Page 69: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/69.jpg)
Julien Delange <julien dot delange at esa dot int>Toy: unmanned drone•Automatically control with wireless devices•Integration of device drivers•Wireless drivers•Serial communication with Arduino board•Interface with Arduino platform•Handle electronic aspects
![Page 70: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/70.jpg)
Julien Delange <julien dot delange at esa dot int>Overview•Introduction, rationale & approach overview•System & application modeling•TASTE toolset•Case studies•Conclusion, perspectives
![Page 71: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/71.jpg)
Julien Delange <julien dot delange at esa dot int>Conclusion•Reduce the human factor•Avoid bugs !•Reduce development cost•Time & money•Verify, verify, verify !•As soon as possible•Everywhere !
![Page 72: The ASSERT Set of Tools for Engineeringsend a letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA. Julien Delange](https://reader034.fdocuments.in/reader034/viewer/2022043023/5f3ecdc7c6d6830ba8161ada/html5/thumbnails/72.jpg)
Julien Delange <julien dot delange at esa dot int>Perspectives•Enhance toolchains•Flexible vertical transformation•Extend application models•Support other modeling approaches•More than validation: certification !•Automatic certification (DO178B, ECSS)•To be discussed … (very costly !)