Runtime Traceability Challenges in Systems of Systems Paul Grnbacher - PowerPoint PPT Presentation

Runtime Traceability Challenges in Systems of Systems Paul Grünbacher Johannes Kepler University Linz, Austria Christian Doppler Laboratory MEVSS paul.gruenbacher@jku.at http://mevss.jku.at Dagstuhl Seminar Software and Systems Traceability for Safety-Critical Project 
 April 14, 2015

Development 
 Runtime and Operation 
 Artifacts Artifacts 2 April 14th, 2015 | CD-Lab MEVSS

This talk • Traceability between development and runtime artifacts deserves more attention Our RE’12 roadmap paper did not explicitly mention it … ;-) O. Gotel, J. Cleland-Huang, J. Hu ff man Hayes, A. Zisman, A. Egyed, 
 P. Grünbacher, G. Antoniol: The quest for Ubiquity: A roadmap for 
 software and systems traceability research. RE 2012: 71-80 • Shift “from model-driven software development to problem diagnoses at runtime” M. Salifu, Y. Yu, A.K. Bandara, B. Nuseibeh: Analysing monitoring and switching problems for adaptive systems. JSS 85(12): 2829-2839 (2012) • Specific focus: traceability in systems of systems 3 April 14th, 2015 | CD-Lab MEVSS

Context: Requirements Monitoring 
 in a Safety-Critical System of Systems Steelmaking Continuous Casting Ironmaking 4 April 14th, 2015 | CD-Lab MEVSS

Requirements Monitoring in a SoS Level 3 (production planning systems) HMI Level 2 (process optimization) Database Customer I-­‑HMI I-­‑DB Iron Steel Casting and Third- S-­‑HMI S-­‑DB party Systems C-­‑DB C-­‑HMI Level 1 (process control) PLC PLC • Continuous evolution à checking compliance after upgrades • Multiple systems , multiple suppliers à V&V beyond individual systems • Full behavior emerges only at runtime à monitoring during commissioning and operation • Diverse requirements at many di ff erent levels à unified checking framework 5 April 14th, 2015 | CD-Lab MEVSS

Event-based Requirements Monitoring in SoS An optimization run multiple levels and layers of Component needs to finish within x Requirement Interaction seconds after triggered granularity by the HMI if event ” OptimizationRun_TRIGGERED ” occurs Constraint diverse types of constraints Postcondition = event ” OptimizationRun_FINISHED ” occurs within 5 seconds di ff erent types of events and OptimizationRun OptimizationRun Events _TRIGGERED _FINISHED data/structures Optimization di ff erent technologies for HMI Probes System instrumentation Probe Probe W.N. Robinson: A requirements monitoring framework for enterprise systems. RE Journal 11(1): 17-41 (2006) Y. Wang, S.A. McIlraith, Y. Yu, J. Mylopoulos: Monitoring and diagnosing software requirements. ASE J. 16(1): 3-35 (2009) 6 April 14th, 2015 | CD-Lab MEVSS

How can we consider SoS characteristics? • Vertical and horizontal scattering of requirements à allocate requirements to monitoring scopes (systems, components, connectors) • Diversity of requirements à DSL for checking constraints • Technological heterogeneity à event-based abstractions across systems 7 April 14th, 2015 | CD-Lab MEVSS

Requirements Monitoring Model for Primetals‘ Plant Automation System 8 April 14th, 2015 | CD-Lab MEVSS

Dashboard in Our Monitoring Infrastructure 9 April 14th, 2015 | CD-Lab MEVSS

Experiments with Manually Created Models 6h and 168h run of Primetals‘ Caster simulator PAS RMM Evaluation Runs Element: # Element 6h Run 168h Run 21 Monitoring Active scopes 5 5 Scopes 40 Requirements/ Checks performed 10,572 262,979 Constraints 109 Event types Observed events 12,484 363,491 22 Probes Active Probes 14 14 10 April 14th, 2015 | CD-Lab MEVSS

Monitoring Load of 2 Scopes (6h Evaluation Run) Emergeny simulated by disabling a component and turning it on again Number of constraint checks and violations per minute StrandOptimization StrandTracking 11 April 14th, 2015 | CD-Lab MEVSS

How can traceability research help? Manually building a requirements monitoring model is hard … Opportunity 1: Populating requirements monitoring models Relating requirements with runtime artifacts is hard … Opportunity 2: Better traceability between requirements and the SoS runtime architecture 12 April 14th, 2015 | CD-Lab MEVSS

(1) Populating requirements monitoring models 
 Source: Requirements, features, … Target: Constraints Based on initial mappings between requirements and constraints: • Identify candidate requirements that could be monitored (defined as constraints) • Suggest the types of constraint, i.e., data, temporal, timing, etc. 
 13 April 14th, 2015 | CD-Lab MEVSS


 (2) Better traceability between requirements and the SoS runtime architecture for diagnosing problems Source: Requirements, features Target: Events and runtime data, source code (e.g., probes) Determining the events/runtime data related with requirements Locating the code implementing a requirement 14 April 14th, 2015 | CD-Lab MEVSS

Summary • Requirements monitoring and runtime traceability in SoS • From model-driven software development processes to problem diagnoses at runtime • Opportunities for requirements monitoring • Populating models for requirements monitoring • Better traceability between requirements and the SoS runtime architecture for diagnosing problems I would like to thank my colleagues and our partners: Rick Rabiser (JKU) Klaus Seyerlehner (Primetals) Michael Vierhauser (JKU) Stefan Wallner (Primetals) Jürgen Thanhofer-Pilisch (JKU) Helmut Zeisel (Primetals) 15 April 14th, 2015 | CD-Lab MEVSS

References • M. Vierhauser, R. Rabiser, and P. Grünbacher, "A Case Study on Testing, Commissioning, and Operation of Very-Large-Scale Software Systems," Proc. of the 36th International Conference on Software Engineering, ICSE Companion, Hyderabad, India, ACM, 2014, pp. 125-134. • M. Vierhauser, R. Rabiser, P. Grünbacher, C. Danner, S. Wallner, and H. Zeisel, "A Flexible Framework for Runtime Monitoring of System-of-Systems Architectures," Proc. of the 11th Working IEEE/IFIP Conference on Software Architecture (WICSA 2014), Sydney, Australia, IEEE, 2014, pp. 57-66. 16 April 14th, 2015 | CD-Lab MEVSS