EXECUTABLE UML AND MBSE What Executable UML does, how it is totally - - PowerPoint PPT Presentation

executable uml and mbse
SMART_READER_LITE
LIVE PREVIEW

EXECUTABLE UML AND MBSE What Executable UML does, how it is totally - - PowerPoint PPT Presentation

Mar 17, 2023 131 likes •530 views

EXECUTABLE UML AND MBSE What Executable UML does, how it is totally di ff erent from UML, and how it fits with other Executable languages Leon Starr leon_starr@modelint.com MODEL INTEGRATION LLC www.modelint.com 1 LiU Seminar xUML MBSE -

slide-1
SLIDE 1

EXECUTABLE UML AND MBSE

What Executable UML does, how it is totally different from UML, and how it fits with other Executable languages

leon_starr@modelint.com Leon Starr

MODEL INTEGRATION LLC

www.modelint.com

1 LiU Seminar xUML MBSE - November 16, 2017

slide-2
SLIDE 2

FUNDAMENTAL IDEA OF MODELING

A model isn’t the thing you are modeling. To be useful, a model must omit certain aspects

  • f the real world subject to focus on the details
  • f interest.

2-2 LiU Seminar xUML MBSE - November 16, 2017

slide-3
SLIDE 3

EXCLUDED DETAILS ARE STILL IMPORTANT

Just because a detail is systematically ignored, doesn’t mean that it is not important

Schematic Focuses on component properties and connectivity Excludes layout details Layout diagram Focuses on layout geometry Is applied to schematic

3-3 LiU Seminar xUML MBSE - November 16, 2017

slide-4
SLIDE 4

MODELING LANGUAGES, PURPOSES AND REQUIRED SKILLS

physical systems structure

(usage at SAAB)

Simulink

control electronics/optronics What about UML?

4-5 LiU Seminar xUML MBSE - November 16, 2017

slide-5
SLIDE 5

UML PURPOSE AND SKILLS

Requirements modeling High level code Lower level code Just sequences Use cases Lot’s of other uses Executable UML UML profiles

UML is not a modeling language. It is a standardized set of of object-oriented notations for many purposes.

5-4 LiU Seminar xUML MBSE - November 16, 2017

slide-6
SLIDE 6

EXECUTABLE UML

white papers (shlaer-mellor method) book

Modeling language and to separate these from the platform. Our purpose is to model requirements imposed by the real world: Rules and constraints Information Real world behavior Essential computation Mathematical, executable semantics for each model type Doesn’t presume object-oriented implementation

6-3 LiU Seminar xUML MBSE - November 16, 2017

slide-7
SLIDE 7

AN EXAMPLE XUML MODEL

7 LiU Seminar xUML MBSE - November 16, 2017

slide-8
SLIDE 8

AIR TRAFFIC CONTROL EXAMPLE

SJC18C SFO37B OAK21C Toshiko ATC53 Rating: A Login: 2013-9-27T15:00 (On Duty) Ianto ATC51 Rating: C Last shift ended: 2013-9-26T17:00 (Not logged in) Gwen ATC67 Rating: B Login: 2013-9-27T11:00 (On Duty) DS1 DS2 DS3 (not in use) Loc: Center Cap: 30 Loc: Front Cap: 45 Loc: Front Cap: 20

ATC Center

Subject matter (domain)

8 LiU Seminar xUML MBSE - November 16, 2017

slide-9
SLIDE 9

RULES / REQUIREMENTS

1) A controller can not direct air traffic while off duty. 2) An on duty controller must be logged into a duty station. 3) A duty station may or may not be available. 4) A control zone must have its traffic directed by one air traffic controller at all times. 5) An air traffic controller may not work a shift longer than two hours and fifteen minutes.

9-6 LiU Seminar xUML MBSE - November 16, 2017

slide-10
SLIDE 10

THE CLASS MODEL

0..1 0..*

10 LiU Seminar xUML MBSE - November 16, 2017

slide-11
SLIDE 11

POPULATION

Air Traffic Controllers On Duty Controllers Off Duty Controllers Name A 67 51 C B Rating Gwen Toshiko Ianto 53 ID {I} 51 Last shift ended ID {I, R1} 9-26-13 17:00 S1 S2 Duty Station {R2} 9/27/13 11:00 9/27/13 15:00 67 ID {I, R1} 53 Time logged in

Same object Superclass table Subclass tables

On Duty Controllers Off Duty Controllers ATC53 ATC67 ATC51 Air Traffic Controllers OAK21C SJC18C SFO37B 9-26-13 17:00 Last shift ended Time logged in 9/27/13 15:00 Time logged in 9/27/13 11:00

Duty Station

None User {R3} 53 67 Location 20 S3 S2 45 30 Capacity Center Front Front S1 Number {I} Traffic 9 CZ1 27 CZ3 ATC67 ATC53 ATC53 18 Name Controller CZ2

Control Zones DS2 DS1 DS1 DS2 DS3 OAK21C SJC18C SFO37B 30 25 15 ATC53 ATC67 ATC51 ATC53 ATC67 ATC51

11 LiU Seminar xUML MBSE - November 16, 2017

slide-12
SLIDE 12

LOGIC AND CONSTRAINTS

Off Duty ATC goes On Duty?

0..1 0..*

12-2 LiU Seminar xUML MBSE - November 16, 2017

slide-13
SLIDE 13

LOGIC AND CONSTRAINTS

If there is only one On Duty Controller, can he or she go Off Duty?

0..1 0..*

12-3 LiU Seminar xUML MBSE - November 16, 2017

slide-14
SLIDE 14

LOGIC AND CONSTRAINTS

If every Control Zone is being directed, can another Off Duty Controller log in?

0..1 0..*

12-4 LiU Seminar xUML MBSE - November 16, 2017

slide-15
SLIDE 15

LOGIC AND CONSTRAINTS

Do we know when a shift should end?

0..1 0..*

12-5 LiU Seminar xUML MBSE - November 16, 2017

slide-16
SLIDE 16

LOGIC AND CONSTRAINTS

Do we know when a shift should end?

0..1 0..*

Shift Specification

Name {(} : Name Min break : Duration Max shift : Duration

{I}: 12-6 LiU Seminar xUML MBSE - November 16, 2017

slide-17
SLIDE 17

EXCLUDED DETAILS

States, algorithms, functions are filtered out Platform specific features are filtered out Implementation choices are filtered out

Lean modeling language – minimal symbols So you can define and evaluate the application logic without distraction

13-5 LiU Seminar xUML MBSE - November 16, 2017

slide-18
SLIDE 18

MODELING BEHAVIOR WITH STATES AND ACTIONS

State models Actions Class Model

migrate to On Duty Controller my station .= Duty Station( Number: in.Station ) link /R3/my station Time logged in = _now.HMS Logged in -> me In use -> my station

14 LiU Seminar xUML MBSE - November 16, 2017

slide-19
SLIDE 19 OFF DUTY Verifying Adequate Break the shift spec .= Shift Specification() // selects singleton if ( _now - Last shift ended < the shift spec.Min break ) Log in( in.Station ) -> me else Cannot go on duty -> me ON DUTY Ready for duty( Station ) Ready for a break Off duty Cannot go on duty Verifying Full Handoff if /R1/On Duty Controller/R2/Control Zone{ Must handoff zones -> me UI.Control Zones Active( ATC: ID ) } else Log out -> me Must hand off zones Logging Out User leaving -> /R3/Duty Station migrate to Off Duty Controller Last shift ended = _now.HMS Off duty -> me Log out Logging In migrate to On Duty Controller my station .= Duty Station( Number: in.Station ) & /R3/my station // link station Time logged in = _now.HMS Logged in -> me In use -> my station Log in( Station ) Logged in Handoff( Zone, Controller ) Handoff complete Handing off Control Zone hoff zone .= /R2/Control Zone( Name: in.Zone ) if in.Controller == ID UI.Cannot handoff to self( Controller: in.Controller ) else { new controller .= On Duty Controller( ID: in.Controller ) swap hoff zone/R2/On Duty Controller with new controller !new missing: UI.Unknown controller( Controller: in.Controller) !old missing: UI.Zone not handled by( Controller: ID) } // swaps controllers and checks for errors Handoff complete -> me

15 LiU Seminar xUML MBSE - November 16, 2017

slide-20
SLIDE 20

EXCLUDED DETAILS

How execution is implemented How synchronization is implemented Distribution across processes/processors

16-4 LiU Seminar xUML MBSE - November 16, 2017

slide-21
SLIDE 21

ACTIONS – EXCLUDED DETAILS

Non-essential ordering of computation Data access implementation

Logging In

migrate to On Duty Controller my station .= Duty Station( Number: in.Station ) & /R3/my station // link station Time logged in = _now.HMS Logged in -> me In use -> my station 17-3 LiU Seminar xUML MBSE - November 16, 2017

slide-22
SLIDE 22

FOUNDATION SEMANTICS

  • f the xUML language

18 LiU Seminar xUML MBSE - November 16, 2017

slide-23
SLIDE 23

CLASS MODEL SEMANTICS

have the same characteristics exhibit the same behavior are constrained by the same rules

A class is a set of things in the real world such that all things in the set:

Aircraft

Tail number {I} Altitude Speed Heading

Airspeed Heading Tail Number {I} Altitude

Aircraft

19-6 LiU Seminar xUML MBSE - November 16, 2017

slide-24
SLIDE 24

SET THEORY FUNCTIONS PREDICATE LOGIC

y = f(x) forall x such that …

RELATIONAL THEORY

20 LiU Seminar xUML MBSE - November 16, 2017

slide-25
SLIDE 25

A CLASS PREDICATE

➤ Each class in your model is an n-ary predicate where n is the

number of attributes

➤ An ATC has an ID i, a Name n and a Rating r ➤ We can turn this into a proposition (true/false statement) by

instantiating it

➤ ATC53 is named Ianto and has Rating B (true/false statement) ➤ If the instance does not exist, it is false

21-6 LiU Seminar xUML MBSE - November 16, 2017

slide-26
SLIDE 26

STATE MODEL SEMANTICS

Aircraft

Tail number {I} Altitude Airspeed Heading Position

abstraction abstraction

Same characteristics, rules, behavior Common lifecycle

22-2 LiU Seminar xUML MBSE - November 16, 2017

slide-27
SLIDE 27

THE THEORY

Video animation

  • f the platform

independent synchronization rules Moore state machine Leslie Lamport Time, Clocks, and the Ordering of Events in a Distributed System Also described here

23-4 LiU Seminar xUML MBSE - November 16, 2017

slide-28
SLIDE 28

PLATFORM INDEPENDENT EXECUTION RULES

What happens when event occurs while instance is executing a state activity? Are events prioritized? What is the duration of an activity? Can event arrival order be guaranteed?

24 LiU Seminar xUML MBSE - November 16, 2017

slide-29
SLIDE 29

ACTION SEMANTICS

➤ Access data from class model ➤ Based on relational semantics ➤ Send/receive event data on state model ➤ Follows state machine execution rules ➤ Perform computations ➤ Essential sequence only ➤ No data implementation assumptions

25 LiU Seminar xUML MBSE - November 16, 2017

slide-30
SLIDE 30

THE THEORY

Migrate me On Duty Controller R1 On Duty Controller Off Duty Controller Link me R3 Duty Station Select in.Station id my station Write Time logged in Signal Signal me Logged in In use Now (system variable)

Sequencing: Data flow semantics Data access: Relational operations Data types: Type theory

26 LiU Seminar xUML MBSE - November 16, 2017

slide-31
SLIDE 31

DOMAINS

27 LiU Seminar xUML MBSE - November 16, 2017

slide-32
SLIDE 32

DOMAIN DEFINITION

A domain is a distinct subject matter with its own vocabulary, rules, constraints and behavior. Example: Linear Algebra Not a domain: “Stuff that runs on processor X”, “Stuff in library Y”, “Stuff dept Z is coding up” Domain partition of a system excludes details of deployment onto any particular platform features.

28-5 LiU Seminar xUML MBSE - November 16, 2017

slide-33
SLIDE 33

Elevator Management

EXAMPLE DOMAIN SEPARATION

! Floor selection ! Cabin dispatching ! Door open/close timing

Door Bank Cabin Shaft

! Safe acceleration ! Precise transport

Motor Axis of Motion Acceleration Profile

gotoFloor (Cabin 3, Floor 6) cabinArrived ()

Load

moveCompleted ()

move (Load 14, Position 334.25, Ramp 3B) Elevator uses Transport Bridge between domains

29-3 LiU Seminar xUML MBSE - November 16, 2017

slide-34
SLIDE 34

A COMPLETE DOMAIN CHART

Elevator Management Transport UI Signal I/O Model Execution Architecture C

xtUML Hand coded Existing

xUML

30 LiU Seminar xUML MBSE - November 16, 2017

slide-35
SLIDE 35

CODE GENERATION

31 LiU Seminar xUML MBSE - November 16, 2017

slide-36
SLIDE 36

TRANSLATION PRINCIPLES

➤ Models are not modified by translation process ➤ Information is added, usually via some DSL (domain specific

language / model markup)

➤ A runtime MX (model execution) platform is supplied ➤ A code generator which populates this platform (from the

DSL) is provided

➤ The MX and code generator work for a class of platforms, e.g. ➤ Embedded microcontroller ➤ Cloud ➤ Fault tolerant distributed

32-9 LiU Seminar xUML MBSE - November 16, 2017

slide-37
SLIDE 37

EXAMPLE APPROACH FOR A MICROCONTROLLER

Use any model draw and text editing tools Platform Model Non-Model Code Model Code ST/MX Runtime System Executable Model Object Code Non-Model Object Code Spreadsheets Text Editor

Identify Domains Build & Document Models Populate Models Create Pycca Script Platform Independent Platform Specific Link Transform and Populate

Pycca Translation Workflow

Specify Domain Mapping Populate Mappings Generate Coded by hand Provided Provided Compile Code / Provide Non-Modeled Domains Write Bridge Code Pass along

33 LiU Seminar xUML MBSE - November 16, 2017

slide-38
SLIDE 38

SUMMARY

➤ Executable UML is a complete modeling language ➤ Concrete, unambiguous models of application requirements ➤ Executable, platform independent modeling ➤ Mathematical foundations ➤ Does not presume an OO implementation ➤ Domains accommodate other MBSE languages ➤ Model Translation ➤ Models are not modified to generate code ➤ So models can be reused and redeployed ➤ Models are stable while platform details change

34 LiU Seminar xUML MBSE - November 16, 2017

slide-39
SLIDE 39

MORE RESOURCES

facebook.com/modelint twitter.com/leon_starr

executableuml.org modelstocode.com leon_starr@modelint.com Leon Starr

MODEL INTEGRATION LLC

www.modelint.com

BOOKS SITES SOCIAL EMAIL

35 LiU Seminar xUML MBSE - November 16, 2017