Contract-based design with the CHESS toolset Silvia Mazzini, - - PowerPoint PPT Presentation

contract based design with the chess toolset
SMART_READER_LITE
LIVE PREVIEW

Contract-based design with the CHESS toolset Silvia Mazzini, - - PowerPoint PPT Presentation

Mar 18, 2023 45 likes •211 views

Contract-based design with the CHESS toolset Silvia Mazzini, Stefano Puri Intecs Credits to University of Padua, University of Florence, Fondazione Bruno Kessler, Mlardalen University Sweden The CHESS Open Source Toolset Composition with

slide-1
SLIDE 1

Silvia Mazzini, Stefano Puri Intecs

Credits to University of Padua, University of Florence, Fondazione Bruno Kessler, Mälardalen University Sweden

Contract-based design with the CHESS toolset

slide-2
SLIDE 2

The CHESS Open Source Toolset

 Model based engineering

 CHESS Modelling Language  Based upon Eclipse, UMLPapyrus

 Separation of concerns

 Functional vs non functional  Among design views

 Component based development

 Specialized to capture the non functional properties of components

  • Real Time
  • Dependability/Safety

 Correctness by construction

 Extra functional properties are:

  • asserted and verified at design

time

  • preserved/guaranteed at run

time

2

Composition with guarantees for high- integrity embedded software component assembly

CHESS is available as Eclipse Polarsys Project https://www.polarsys.org/chess/

slide-3
SLIDE 3

Main R&D pojects

3

AMASS

Architecture-driven, Multi-concern and Seamless Assurance and Certification of Cyber-Physical Systems

slide-4
SLIDE 4

The CHESS Modeling Language

In addition, it provides a profile for Dependability and Contract-based modelling Imports subsets of standard languages  avoid redundancy fix semantic variation points

Standard profile for Modeling and Analysis of Real-Time and Embedded Systems Standard Unified Modeling Language Standard profile for System (and Requirements) Modeling

Integrates and extends standard OMG languages

4

slide-5
SLIDE 5

The CHESS methodology– high level view

5 Contract-based analysis Dependability analysis Real-time analysis Iteration on the model: Feasibility, composition propositions…

System Model using the CHESS modelling language

Model transformations Model transformations

slide-6
SLIDE 6

Major Capabilities and Analysis Tools

 Model consistency checks  Failure Propagation Analysis and FMEA/FMECA generation  State-based Dependability Analysis (by DEEM integration)  Contract-based Design and Analysis (by OCRA, nuXmv and XSAP integration)  Safety case generation (by OpenCert integration)  Real time analysis (by MAST integration)

  • Schedulability and end-to-end response time analysis (with

multi-core support)

  • Back propagation of analysis results

 Domain specific needs

  • IMA support
  • AUTOSAR support

 Code generation for Ada (and C)  Support for run-time monitoring

6

slide-7
SLIDE 7

CHESS Design Views

7

SystemView SoftwareView (PIM) DeploymentView PSMView

Real Time View

AnalysisView RequirementView

Contract- based View Dependability View

slide-8
SLIDE 8

Bird Flight on Views

System Model SW Model - static Requirements Deployment SW Model - dynamic Analysis View

8

slide-9
SLIDE 9

Software View - CHESS component model

 Component

 Reusable functional unit, decorated with extra-functional constraints  Platform Independent

 Container and Connector

 Implementation of the extra-functional properties of components  Factorized implementation  Platform Specific (PSM View)

9

slide-10
SLIDE 10

Using Contracts in CHESS

10

 Use Contracts for System Engineering  for lower levels of decomposition to be consistent with the higher ones  to formalize conditions for element verification and integration  for reuse of abstractions of available components  Contract-based design benefits

 compositional reasoning  co-engineering  separation of concerns  systematic virtual integration and verification  protection of intellectual property

Reusable component

slide-11
SLIDE 11

Contracts-based approach

11

 Contracts composed of Assumptions and Guarantees  Assumptions are properties expected to be satisfied by the environment  Guarantee is a statement that holds as long as the environment satisfies the assumption

Contract Assumption Guarantee

The conceptual models System Functional Architecture System Logical Architecture System Physical Architecture Software Architecture

Step-wise (vertical) refinement process with formal verification of contract refinement within each conceptual model and trace relation between corresponding entities at different conceptual levels

slide-12
SLIDE 12

Step-wise refinement

12

Formal verification If the refinement steps are proven correct, then any implementation of the leaf components that satisfies the component contracts can be used to implement the system

A B C D E

… it is a top-down process

Reusable component

… but is also enables

bottom-up exploitation of libraries

  • f reusable certified

components

slide-13
SLIDE 13

Contract-based View

 Requirements formalization

 Usage of LTL

 Collect formalized requirements as contracts

 Assumption and guarantee properties

 Assign contracts to system/software/HW platform components  Enable contract-based analysis

13

slide-14
SLIDE 14

Contracts modelling support

14

Requirements Definition Contracts Definition Design Verification

Contracts modelled as a special kind of constraint,

  • wning

assumptions and guarantees constraints 14

AMASS

slide-15
SLIDE 15

15

Requirements Definition Contracts Definition Design Verification

 Seamless integration with OCRA, nuXmv and XSAP tools from FBK

 Verification of contracts refinements  Verification of contracts composition  FTA from contracts specification  Verification of contracts against component behavior specification

Contract-based analysis support

slide-16
SLIDE 16

QUESTIONS?

Thank you for your attention