scade
play

SCADE 1 S E M I N A R I N S O F T W A R E E N G I N E E R I N G - PowerPoint PPT Presentation

Mar 19, 2023 •365 likes •828 views

SCADE 1 S E M I N A R I N S O F T W A R E E N G I N E E R I N G P R E S E N T E R A V N E R B A R R Introduction 2 What is SCADE? S oftware C ritical A pplication D evelopment E nvironment, a Lustre- based IDE for designing safety

  1. SCADE 1 S E M I N A R I N S O F T W A R E E N G I N E E R I N G P R E S E N T E R A V N E R B A R R

  2. Introduction 2  What is SCADE?  S oftware C ritical A pplication D evelopment E nvironment, a Lustre- based IDE for designing safety critical embedded software applications for reactive systems. Generates C-code  A product developed by Esterel Technologies. Scade includes a graphical interface to build formal models in the synchronous data-flow language Lustre  Algorithm Design  Architecture Design  Software Design and Verification  Code Generation  Code Deployment  Lustre is a formally defined, declarative, and synchronous dataflow programming language, for programming reactive systems. It began as a research project in the early 1980s

  3. Who uses SCADE 3  Civilian and military avionics  Airbus, Boeing, GE, Pratt & Whitney… Many more  Autopilots, Engine Control, Fuel Management, Cockpit Display…  Defense & space industries  Elbit , Lockheed, NASA….  Flight warning systems…  Energy and transportation  GM, Ford, Nuclear Reactors …  Controllers, Braking systems, Fuel Management, Rail control…

  4. SCADE 4  Scade (SCADE…) suite includes the following:  A graphical editor to build formal models and specify properties  The Scade Design Verifier, built on top of Prover SL DE (to be discussed in depth), to automatically verify that models satisfy all safety properties  A C code generator - Since the code is automatically generated from the formal model, it is correct by construction, assuming the formal model is correct  Scade Design Verifier ( Prover SL DE) Automatically extends Lustre models by injecting faults, using libraries of typical failures  Allows to perform Failure Mode and Effect Analysis, which consists of verifying whether systems remain safe when selected components fail  The tool can compute minimal combinations of failures breaking systems' safety, which is similar to Fault Tree Analysis

  5. Work Flow – Development Cycle 5  Tools to combine the activities of system engineering

  6. Work Flow – Development Cycle 6  Main Tools

  7. IDE 7 Main View Work Space Shortcuts Output

  8. Work Methodology 8  Designing systems with Scade involves these steps Model Capture   Initial stage of the workflow understand specifications of the model and capture them using modeling tools – Use Scade application to design models with graphical formalism  Modeling functional design with Data Flow  Modeling functional design with Control Flow • Safe State Machines (SSM)  Define the data structure of model using data types and constants that can be instantiated through SCADE graphical formalism Model Debugging   The second stage of the workflow is a three-stage process  Running coherence checks • SCADE models are automatically and thoroughly checked before simulation code or target code is generated but it is possible to check model semantics at any time  Simulation sessions • SCADE can run interactive simulation sessions to dynamically check the model, to read through the simulated code with the help of code highlights and to play simulation scenarios  Formal verification analysis Code Generation   The last stage of the workflow consists of generating target code. The SCADE model designed can be used to generate code automatically from a single source. Generated code is correct and optimized by SCADE KCG CODE GENERATOR

  9. Lustre Modeling Language 9 Lustre - Synchronous Data Flow Language  Operates on “Streams” or “Flows”  Overall idea is to generate correct-by-construction embeddable implementation from high-  level rigorous specifications A System is modeled as a node with sub-nodes  No recursive nodes - Enables flattening of nodes to sub nodes  Two ways to visualize nodes in SCADE GUI  Network View  State Machine View  Model Built from hierarchical block diagrams  Flexible and nested data blocks and safe state machines  Data blocks – Control Data flow  Safe state machines – Control System Flow  Design of a complete unambiguous system. SSM can be inserted inside a SCADE model as any other subsystem  A “Data Flow” or “Flow” – A variable whose value can change over time  All flows are synchronized – a global clock controlling when flows change – Discrete time  Flows are typed – Can be Boolean, integer or real  Source code development is based upon the SCADE graphical block-diagram notation  complemented by hierarchical Safe State Machines to describe state- or mode-oriented computations

  10. Lustre Modeling Language Cont‟d 10  Nodes – Combine flows to generate new flows  Nodes can be either graphical or textual  A node has inputs, outputs and its functionality  Basic provided Nodes:  Logic operators (AND, OR NOR… )  Operators ( +, - ….)  Timed Operators  Basic provided Nodes  Timed Operators:  Delays: PRE operator makes it possible to refer to the previous value of a flow. It can, for example, be used to memorize values A = PRE A  Initial value: The -> operator is used to specify the value of a flow during the first time step A = True ->NOT PRE A Defines flow A to be initially True. Afterwards the value is inverted every time step - square clock signal.

  11. Lustre Model Coherence 11  Semantic Checking – Check if the model conforms to SCADE language semantics  Model topology must be consistent  No orphan states or missing connections  Syntax Checking – Check if the model is syntactically correct with respect to the graphical and textual formalism used in SCADE  Cycle Detection – State Machines that may end up in loops

  12. Lustre Model Simulation 12  Run simulation sessions in SCADE  Dynamically check the model  Run simulation scenarios  Run through the simulated code (Debug)  Observe reactions graphically  Signals, outputs, inputs etc

  13. SCADE Formalism 13  Programs are implementations of control algorithms, with many parts acting concurrently but in a deterministic way  Two specification formalisms  Block diagrams for continuous control  State machines for discrete control

  14. Block Diagrams for Continuous Control 14  Continuous control – Sampling sensors at regular time intervals and performing computations on their values  Continuous control is depicted by block diagrams  Boxes compute mathematical functions, filters and delays  Arrows denote flows of data between boxes  Data flows continuously between blocks that continuously compute their outputs from their inputs  All blocks compute concurrently and the blocks only communicate through the flows  Some flows may carry Boolean or discrete values tested in computational blocks or acting on flow switches or multiplexors

  15. Block Diagrams for Continuous Control Cont‟d 15  SCADE blocks are fully hierarchical  Hierarchy makes it possible to break design complexity by a divide-and-conquer approach and to design reusable library blocks

  16. Safe State Machines for Discrete Control 16  Discrete control - changing behavior according to external events originating either from discrete sensors and user inputs or from internal program events (threshold detection etc.)  Adding mode-control Boolean flows to block diagrams becomes messy when discrete control is non-trivial -> resort to state machines

  17. Safe State Machines for Discrete Control 17

  18. Mixed Continuous / Discrete Control 18  SCADE allows to couple data flow and state machine styles  SSM included in block diagrams design to compute and propagate functioning modes. Discrete signals to which SSM reacts and sends back are transformed into Boolean data flows in the block diagram

  19. Computation Model 19  “Cycle Based” computation model  Once the input sensors are read, the programs starts computing the cycle outputs  In a SCADE block diagram specification, each block has a cycle and all blocks act concurrently  Blocks can all have the same cycle or they can have different cycles  At each of its cycle, a block reads its inputs and generates its outputs. If two connected blocks A and B have the same cycle, the outputs of A are used by B in the same cycle, unless an explicit delay is added between A and B  SSM have the very same notion of a cycle  Block diagrams and SSMs in the same design also communicate synchronously at each cycle

  20. Simple SCADE Lustre Program – Compute an Average 20  I,N,A – data flows  pre – delays a sequence by one cycle  pre(A) – (- ,A0,A1,…At…) where the first element is unintialized  „ - >‟ initialization operator returns its left operand at first cycle and its right operand at further cycles  The N symbol denotes the sequence (1,2,3….)  “A“ denotes the required sequence of average values

  21. Example 21  Elevator Controller Example: The Network View

  22. Example Cont‟d 22  Textual representation Var Name Node Def

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Software Analysis and Development Tools Gui Goretkin Senior Application Engineer ANSYS SCADE

Software Analysis and Development Tools Gui Goretkin Senior Application Engineer ANSYS SCADE

Model-Based System and Software Analysis and Development Tools Gui Goretkin Senior Application Engineer ANSYS SCADE guilherme.goretkin@ansys.com Thierry Le Sergent SCADE Architect Product Manager October 2019 Thierry.lesergent@ansys.com

390 views • 22 slides
Mo Modernizati dernization on of of Dri Drin n Ri River ver Ca Casca scade e Albanian

Mo Modernizati dernization on of of Dri Drin n Ri River ver Ca Casca scade e Albanian

Mo Modernizati dernization on of of Dri Drin n Ri River ver Ca Casca scade e Albanian Power Corporation by Erideta BASHi International Summit and Exhibition Podgorica, Montenegro Director, Strategic Management and Planning

745 views • 22 slides
SCADE Suite in Space Applications at EADS Astrium Space Transportation Astrium Space

SCADE Suite in Space Applications at EADS Astrium Space Transportation Astrium Space

SCADE Suite in Space Applications at EADS Astrium Space Transportation Astrium Space Transportation David Lesens 09/10/2008 Astrium Space Transportation Overview Introduction Historical use of SCADE at EADS Astrium ST Why using

608 views • 46 slides
Revisiting coverage criteria for Scade models Jean-Louis Cola co 7 December 2016 Context

Revisiting coverage criteria for Scade models Jean-Louis Cola co 7 December 2016 Context

Revisiting coverage criteria for Scade models Jean-Louis Cola co 7 December 2016 Context Code coverage is a measure that characterises how much a given test suite exercises a code , lots of criteria exist, avioncs standard (DO-178)

508 views • 48 slides
Systerel Smart Solver Forum Mthodes Formelles October 2014 S3 S3 for C Systerel Smart Solver

Systerel Smart Solver Forum Mthodes Formelles October 2014 S3 S3 for C Systerel Smart Solver

Systerel Smart Solver Forum Mthodes Formelles October 2014 S3 S3 for C Systerel Smart Solver S3 for Scade cS3 for Scade 2 Systerel Smart Solver Family of Model Checking solutions SAT based largely automatic

348 views • 6 slides
NICTA workshop, 29-31 May 2003 Sydney Australia, based on SEHAS, Portland OR 9 and 10 May 2003,

NICTA workshop, 29-31 May 2003 Sydney Australia, based on SEHAS, Portland OR 9 and 10 May 2003,

NICTA workshop, 29-31 May 2003 Sydney Australia, based on SEHAS, Portland OR 9 and 10 May 2003, and SCADE, Toulouse 19 May 2003. Challenge and Opportunity in Mechanized Formal Methods John Rushby Computer Science Laboratory SRI International

704 views • 38 slides
Towards a verified Lustre compiler with modular reset Timothy Bourke 1,2 Llio Brun 1,2 Marc

Towards a verified Lustre compiler with modular reset Timothy Bourke 1,2 Llio Brun 1,2 Marc

Towards a verified Lustre compiler with modular reset Timothy Bourke 1,2 Llio Brun 1,2 Marc Pouzet 3,2,1 1 Inria Paris 2 DI ENS 3 UPMC SCOPES 2018 May 30, 2018 Screenshot from ANSYS/Esterel Techologies SCADE Suite 1 / 14 Screenshot from

1.41k views • 92 slides
Frontiers of Automated Software Engineering, NASA Ames 30 June 2003, based on NICTA workshop,

Frontiers of Automated Software Engineering, NASA Ames 30 June 2003, based on NICTA workshop,

Frontiers of Automated Software Engineering, NASA Ames 30 June 2003, based on NICTA workshop, 29-31 May 2003 Sydney Australia, SEHAS, Portland OR 9 and 10 May 2003, and SCADE, Toulouse 19 May 2003. Challenge and Opportunity in Mechanized Formal

681 views • 38 slides
First-Order Logic Chapter 1 Sections 1-2 Aspects of Computational Semantics Prof. Dr. Kurt

First-Order Logic Chapter 1 Sections 1-2 Aspects of Computational Semantics Prof. Dr. Kurt

First-Order Logic Chapter 1 Sections 1-2 Aspects of Computational Semantics Prof. Dr. Kurt Eberle Summer Semester 2018 Julia Dobczynska & Zara Kolagar 1. First-Order Logic: Definition & General Overview Overview: 2.

667 views • 43 slides
Contract Administration for Work Zone Safety Barry Lacy, P.E. Work Zone Engineer LA DOTD

Contract Administration for Work Zone Safety Barry Lacy, P.E. Work Zone Engineer LA DOTD

Contract Administration for Work Zone Safety Barry Lacy, P.E. Work Zone Engineer LA DOTD Agenda Definitions Specifications Traffic Control Supervisor (TCS) Requirements Inspection of Traffic Control Traffic Control Diary

555 views • 29 slides
The University for Kentucky uky.edu/uk4ky FY 2016-17 Operating and Capital Budget AY 2016-17

The University for Kentucky uky.edu/uk4ky FY 2016-17 Operating and Capital Budget AY 2016-17

DRAFT The University for Kentucky uky.edu/uk4ky FY 2016-17 Operating and Capital Budget AY 2016-17 Tuition and Mandatory Fees uky.edu/uk4ky Budget Development Principles Maintain student access and a ff ordability Competitive pay for

483 views • 29 slides
Digital Books and Your Library - A Wiley Perspective A changing landscape Last year in the UK

Digital Books and Your Library - A Wiley Perspective A changing landscape Last year in the UK

Digital Books and Your Library - A Wiley Perspective A changing landscape Last year in the UK more than 400 bookshops closed down, seven times more than in 2011. There are now less than 2,000 bookshops left, less than half the number of

251 views • 21 slides
Decision Procedures and Verifjcation NAIL094 Petr Kuera Charles University 2019/20 (5th

Decision Procedures and Verifjcation NAIL094 Petr Kuera Charles University 2019/20 (5th

Decision Procedures and Verifjcation NAIL094 Petr Kuera Charles University 2019/20 (5th lecture) Petr Kuera (Charles University) Decision Procedures and Verifjcation 2019/20 (5th lecture) 1 / 47 Solvers based on stochastic (local)

1.25k views • 97 slides
Call-By-Push-Value from a Linear Logic point of view Thomas Ehrhard CNRS, IRIF, UMR 8243, Univ

Call-By-Push-Value from a Linear Logic point of view Thomas Ehrhard CNRS, IRIF, UMR 8243, Univ

Call-By-Push-Value from a Linear Logic point of view Thomas Ehrhard CNRS, IRIF, UMR 8243, Univ Paris Diderot, Sorbonne Paris Cit e, F-75205 Paris, France thomas.ehrhard@pps.univ-paris-diderot.fr Abstract. We present and study a simple

779 views • 32 slides
Symbolic Unfolding of Multi-adjoint Logic Programs es Moreno 1 Jaime Penabad 2 e Antonio Riaza 1

Symbolic Unfolding of Multi-adjoint Logic Programs es Moreno 1 Jaime Penabad 2 e Antonio Riaza 1

Multi-Adjoint Lattices and Programs Operational Semantics for sMALP Unfolding of sMALP Programs Conclusions and Further Research Symbolic Unfolding of Multi-adjoint Logic Programs es Moreno 1 Jaime Penabad 2 e Antonio Riaza 1 Gin Jos {

413 views • 27 slides
Neural Nets for Adaptive Filter and Adaptive Neural Nets as Adaptive Filters Pattern Recognition

Neural Nets for Adaptive Filter and Adaptive Neural Nets as Adaptive Filters Pattern Recognition

Neural Nets for Adaptive Filter and Adaptive Pattern Recognition Brian Young Article Context Neural Nets for Adaptive Filter and Adaptive Neural Nets as Adaptive Filters Pattern Recognition Adaptive Filters Min. Disturb. and LMS

976 views • 23 slides
relevant learning success. environment that inspires and creates pathways for student success.

relevant learning success. environment that inspires and creates pathways for student success.

Mission Statement Vision Statement Provide a safe, Inspiring and creating challenging and pathways for student relevant learning success. environment that inspires and creates pathways for student success. We believe that post-secondary

443 views • 17 slides
HOUSING AUTHORITY REENTRY: REDUCING THE RISK OF RECIDIVISM THROUGH HOUSING STABILITY IN UNION

HOUSING AUTHORITY REENTRY: REDUCING THE RISK OF RECIDIVISM THROUGH HOUSING STABILITY IN UNION

HOUSING AUTHORITY REENTRY: REDUCING THE RISK OF RECIDIVISM THROUGH HOUSING STABILITY IN UNION COUNTY, PENNSYLVANIA A Literature Review and Evaluation of JUSTICE BRIDGE HOUSING PROGRAM, UNION COUNTY, PA prepared for the Union County Housing

421 views • 28 slides
ISPN 2018 IN TEL AVIV! ISPN 2018 IN TEL AVIV! Innovation and inspiration Innovation and

ISPN 2018 IN TEL AVIV! ISPN 2018 IN TEL AVIV! Innovation and inspiration Innovation and

ISPN ISPN invites You invites You to join.. to join.. ISPN 2018 IN TEL AVIV! ISPN 2018 IN TEL AVIV! Innovation and inspiration Innovation and inspiration Innovation and inspiration Innovation and inspiration 7 7 11 11 October,

246 views • 7 slides
IANA ccNSO Update Kim Davies ICANN 55, 8 March 2016 Agenda Introduction to IANA

IANA ccNSO Update Kim Davies ICANN 55, 8 March 2016 Agenda Introduction to IANA

IANA ccNSO Update Kim Davies ICANN 55, 8 March 2016 Agenda Introduction to IANA Performance Overview Implementing new post-transition performance metrics Framework of Interpretation RDAP Update Other Work in Progress | 2 A

290 views • 13 slides
Dawes Reunion 2014 Healdsburg CA 1 Dawes Coat of Arms Silver: three gold swans on a blue

Dawes Reunion 2014 Healdsburg CA 1 Dawes Coat of Arms Silver: three gold swans on a blue

Dawes Reunion 2014 Healdsburg CA 1 Dawes Coat of Arms Silver: three gold swans on a blue diagonal bend between two narrow red diagonal bends, accompanied by six black battle axes. Above the shield and helmet is the crest which is

643 views • 61 slides
DAVID MACH By Jack Haxley BIOGRAPHY David Mach was born in a town called Methil on the

DAVID MACH By Jack Haxley BIOGRAPHY David Mach was born in a town called Methil on the

DAVID MACH By Jack Haxley BIOGRAPHY David Mach was born in a town called Methil on the eastern coast of Scotland on the 18 th of March 1956. He is a Scottish sculptor and installation artist, mainly known for his work with coat

350 views • 8 slides
Gifted Update Dr. Thomas W. Taylor, Chief Academic Officer George C. Fohl, Gifted Education

Gifted Update Dr. Thomas W. Taylor, Chief Academic Officer George C. Fohl, Gifted Education

Gifted Update Dr. Thomas W. Taylor, Chief Academic Officer George C. Fohl, Gifted Education Coordinator Presented to School Board * March 13, 2018 Gifted Update Expanding Gifted Education Rationale for Changes to the Identification Process

545 views • 18 slides
Wilh. Wilhelmsen Holding ASA Fourth quarter and full year 2019 February 2020 Classified as

Wilh. Wilhelmsen Holding ASA Fourth quarter and full year 2019 February 2020 Classified as

Wilh. Wilhelmsen Holding ASA Fourth quarter and full year 2019 February 2020 Classified as Internal Business update and outlook Thomas Wilhelmsen, group CEO Classified as Internal The year 2019 Mixed markets Global trade headwinds

581 views • 27 slides

More recommend