Runtime Traceability Challenges in Systems of Systems Paul Grnbacher - - PowerPoint PPT Presentation

Runtime Traceability Challenges in Systems of Systems

Paul Grünbacher

Johannes Kepler University Linz, Austria Christian Doppler Laboratory MEVSS paul.gruenbacher@jku.at http://mevss.jku.at

Dagstuhl Seminar Software and Systems Traceability for Safety-Critical Project
 April 14, 2015

April 14th, 2015 | CD-Lab MEVSS 2

Development
 Artifacts Runtime and Operation
 Artifacts

April 14th, 2015 | CD-Lab MEVSS

This talk

• Traceability between development and runtime artifacts

deserves more attention

Our RE’12 roadmap paper did not explicitly mention it … ;-)

• O. Gotel, J. Cleland-Huang, J. Huffman Hayes, A. Zisman, A. Egyed, 

• P. Grünbacher, G. Antoniol: The quest for Ubiquity: A roadmap for 


software and systems traceability research. RE 2012: 71-80

• Shift “from model-driven software development to

problem diagnoses at runtime”

• M. Salifu, Y. Yu, A.K. Bandara, B. Nuseibeh: Analysing monitoring and switching problems

for adaptive systems. JSS 85(12): 2829-2839 (2012)

• Specific focus: traceability in systems of systems

3

April 14th, 2015 | CD-Lab MEVSS

Context: Requirements Monitoring 
 in a Safety-Critical System of Systems

4

Ironmaking Steelmaking Continuous Casting

April 14th, 2015 | CD-Lab MEVSS

Requirements Monitoring in a SoS

5

Level 2 (process optimization) Level 1 (process control) Level 3 (production planning systems) HMI Database Customer and Third- party Systems

PLC Iron Steel Casting I-­‑HMI S-­‑HMI C-­‑HMI PLC I-­‑DB S-­‑DB C-­‑DB

• Continuous evolution à checking compliance after upgrades
• Multiple systems, multiple suppliers à V&V beyond individual systems
• Full behavior emerges only at runtime à monitoring during commissioning

and operation

• Diverse requirements at many different levels à unified checking framework

April 14th, 2015 | CD-Lab MEVSS

An optimization run needs to finish within x seconds after triggered by the HMI OptimizationRun _TRIGGERED Optimization System Probe Component Interaction if event ”OptimizationRun_TRIGGERED” occurs Postcondition = event ”OptimizationRun_FINISHED” occurs within 5 seconds OptimizationRun _FINISHED HMI Probe

6

Event-based Requirements Monitoring in SoS

Constraint Events Probes multiple levels and layers of granularity diverse types of constraints different types of events and data/structures different technologies for instrumentation Requirement

W.N. Robinson: A requirements monitoring framework for enterprise systems. RE Journal 11(1): 17-41 (2006)

• Y. Wang, S.A. McIlraith, Y. Yu, J. Mylopoulos: Monitoring and diagnosing software requirements. ASE J. 16(1): 3-35 (2009)

April 14th, 2015 | CD-Lab MEVSS

How can we consider SoS characteristics?

• Vertical and horizontal scattering of requirements à allocate requirements to

monitoring scopes (systems, components, connectors)

• Diversity of requirements à DSL for checking constraints
• Technological heterogeneity à event-based abstractions across systems

7

April 14th, 2015 | CD-Lab MEVSS

Requirements Monitoring Model for Primetals‘ Plant Automation System

8

April 14th, 2015 | CD-Lab MEVSS

Dashboard in Our Monitoring Infrastructure

9

April 14th, 2015 | CD-Lab MEVSS

Experiments with Manually Created Models

6h and 168h run of Primetals‘ Caster simulator

10

PAS RMM Evaluation Runs Element: # Element 6h Run 168h Run 21 Monitoring Scopes Active scopes 5 5 40 Requirements/ Constraints Checks performed 10,572 262,979 109 Event types Observed events 12,484 363,491 22 Probes Active Probes 14 14

April 14th, 2015 | CD-Lab MEVSS

Monitoring Load of 2 Scopes (6h Evaluation Run)

Emergeny simulated by disabling a component and turning it on again Number of constraint checks and violations per minute StrandOptimization StrandTracking

11

April 14th, 2015 | CD-Lab MEVSS

How can traceability research help?

Manually building a requirements monitoring model is hard … Opportunity 1: Populating requirements monitoring models Relating requirements with runtime artifacts is hard … Opportunity 2: Better traceability between requirements and the SoS runtime architecture

12

April 14th, 2015 | CD-Lab MEVSS

(1) Populating requirements monitoring models


Source: Requirements, features, … Target: Constraints Based on initial mappings between requirements and constraints:

• Identify candidate requirements that could be monitored (defined as

constraints)

• Suggest the types of constraint, i.e., data, temporal, timing, etc.


13

April 14th, 2015 | CD-Lab MEVSS

(2) Better traceability between requirements and the SoS runtime architecture for diagnosing problems

Source: Requirements, features Target: Events and runtime data, source code (e.g., probes) Determining the events/runtime data related with requirements Locating the code implementing a requirement 


14

April 14th, 2015 | CD-Lab MEVSS

Summary

• Requirements monitoring and runtime traceability in SoS
• From model-driven software development processes to problem

diagnoses at runtime

• Opportunities for requirements monitoring
• Populating models for requirements monitoring
• Better traceability between requirements and the SoS runtime architecture for

diagnosing problems

15

I would like to thank my colleagues and our partners: Rick Rabiser (JKU) Klaus Seyerlehner (Primetals) Michael Vierhauser (JKU) Stefan Wallner (Primetals) Jürgen Thanhofer-Pilisch (JKU) Helmut Zeisel (Primetals)

April 14th, 2015 | CD-Lab MEVSS

References

• M. Vierhauser, R. Rabiser, and P. Grünbacher, "A Case Study on Testing,

Commissioning, and Operation of Very-Large-Scale Software Systems,"

• Proc. of the 36th International Conference on Software Engineering, ICSE

Companion, Hyderabad, India, ACM, 2014, pp. 125-134.

• M. Vierhauser, R. Rabiser, P. Grünbacher, C. Danner, S. Wallner, and H.

Zeisel, "A Flexible Framework for Runtime Monitoring of System-of-Systems Architectures," Proc. of the 11th Working IEEE/IFIP Conference on Software Architecture (WICSA 2014), Sydney, Australia, IEEE, 2014, pp. 57-66.

16