- SPaCIFY project - Synoptic : Spacecraft Synchronous DSML - - PowerPoint PPT Presentation

spacify project synoptic spacecraft synchronous dsml
SMART_READER_LITE
LIVE PREVIEW

- SPaCIFY project - Synoptic : Spacecraft Synchronous DSML - - PowerPoint PPT Presentation

Dec 09, 2022 331 likes •626 views

Introduction Synoptic language Middleware/Synoptic Interaction Current works - SPaCIFY project - Synoptic : Spacecraft Synchronous DSML Alexandre Cortier Post-doc at IRIT/ACADIE rtrrtr IRIT - SPaCIFY project - ,

slide-1
SLIDE 1

Introduction Synoptic language Middleware/Synoptic Interaction Current works

  • SPaCIFY project -

Synoptic : Spacecraft Synchronous DSML

Alexandre Cortier

Post-doc at IRIT/ACADIE

❝♦rt✐❡r❅✐r✐t✳❢r

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

1/28

slide-2
SLIDE 2

Introduction Synoptic language Middleware/Synoptic Interaction Current works

  • 1. Introduction
  • 2. Synoptic language
  • 3. Middleware/Synoptic Interaction
  • 4. Current works

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

2/28

slide-3
SLIDE 3

Introduction Synoptic language Middleware/Synoptic Interaction Current works

SPaCIFY : ANR Project

Spacify ANR (French Research National Agency) Project End : September 2009 Aim :

◮ R&D project aiming at developing a design environment for

critical embedded software (Spacecraft System)

◮ Model-Driven Engineering and Formal Methods

  • model checking
  • formally-verified domain specific transformations

◮ multi-clock synchronous paradigm ◮ simulation and analysis tools ◮ scheduling analysis ◮ executive platform supporting distribution, partitionning and

dynamic adaptation (middleware)

Environment components will be built upon the Topcased toolkit. (The Open-Source Toolkit for Critical Systems)

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

3/28

slide-4
SLIDE 4

Introduction Synoptic language Middleware/Synoptic Interaction Current works

The SPaCIFY Project

Industrial Stakeholders :

◮ CNES, Thales Alenia Space, EADS Astrium

  • spacecraft system designers

◮ Anyware Technologies, GEENSYS

  • graphical design environment
  • configuration, versions and documentation management

Academic Stakeholders :

◮ IRIT-ACADIE (Toulouse): Synoptic language definition,

formally-verified model transformations

◮ ENSTB-CAMA (Brest) : middleware design ◮ IRISA-ESPRESSO (Rennes) : synchronous semantics ◮ LaBRI (Bordeaux) : model-checking IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

4/28

slide-5
SLIDE 5

Introduction Synoptic language Middleware/Synoptic Interaction Current works

Synoptic

Synoptic : DSML (Domain Specific Modeling Language) for spacecraft systems. Requirements : central language of the development environment support an iterative and incremental development process functional, architectural and dynamic views specifications modular design based on a synchronous semantics (functional part)

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

5/28

slide-6
SLIDE 6

Introduction Synoptic language Middleware/Synoptic Interaction Current works

Overview : SPaCIFY development process

"Functional" Synoptic model model Synoptic model Synoptic

Code Generation

MW Config. Source Code

MW Config.

Dynamic/Hardware Specification AADL models

Software function splitting Model Organisation Automata elicitation

Textual Requirement Simulink / Stateflow

(limited to functional behavior)

models S O F T W A R E D E V E L O P M E N T

  • Req. Analysis Design

Synoptic Transfo. pattern Dynamic analysis and design Automation / System Engineer Model Transformation Domain specific transfo. pattern

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

6/28

slide-7
SLIDE 7

Introduction Synoptic language Middleware/Synoptic Interaction Current works

Overview : SPaCIFY development process

"Functional" Synoptic model model Synoptic model Synoptic

Code Generation

MW Config. Source Code

MW Config.

Dynamic/Hardware Specification AADL models Textual Requirement Simulink / Stateflow

(limited to functional behavior)

models S O F T W A R E D E V E L O P M E N T

  • Req. Analysis Design

Dynamic analysis and design Automation / System Engineer Model Transformation

Synchronous World

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

7/28

slide-8
SLIDE 8

Introduction Synoptic language Middleware/Synoptic Interaction Current works

  • 1. Introduction
  • 2. Synoptic language
  • 3. Middleware/Synoptic Interaction
  • 4. Current works

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

8/28

slide-9
SLIDE 9

Introduction Synoptic language Middleware/Synoptic Interaction Current works

Synoptic

Synoptic : a graphical and textual DSML provides high-level constructions to handle

◮ multi-layers description (various modelling aspect) ◮ various granularity levels (iterative and refinement development) ◮ modular approach

based on a synchronous semantics.

◮ formal and deterministic analysis and verification ◮ refinement proof ◮ transformation proof IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

9/28

slide-10
SLIDE 10

Introduction Synoptic language Middleware/Synoptic Interaction Current works

Synoptic : multi-layers system specification

Synoptic is not fundamentally a new language but an integration of different sources and concepts. Synoptic is inspired by several approaches : Geneauto : safe subset of the Simulink/Stateflow modelling language used for the development of certified safety critical embedded real time systems AADL : Architecture Analysis & Design Language (formerly Avionics Architecture Description Language) Components Models : CCM, Fractal

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

10/28

slide-11
SLIDE 11

Introduction Synoptic language Middleware/Synoptic Interaction Current works

Synoptic : multi-layers system specification

Software Architecture : Geneauto approach

◮ structural feature : Dataflow models (“Blocks Diagrams”) ◮ behavioral feature : Control Flow models (“Finite States

Machines”)

◮ real-time constraints : clock properties

Dynamic/Hardware Architecture : AADL approach

◮ Threads description ◮ platform aspects (“components view”) ◮ mappings : which component execute which functional blocks ?

  • functional blocks → threads
  • threads → hardware components (processor)
  • signals → bus
  • variables → memory

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

11/28

slide-12
SLIDE 12

Introduction Synoptic language Middleware/Synoptic Interaction Current works

Synoptic : multi-layers system specification

Software architecture

Bus 10 Hz 50 Hz Threads + Properties

Hardware architecture Dynamic architecture

Hardware Design Processor Device_1 Functional and control design

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

12/28

slide-13
SLIDE 13

Introduction Synoptic language Middleware/Synoptic Interaction Current works

Synoptic : multi-layers system specification

Software architecture

Bus 10 Hz 50 Hz Threads + Properties

Hardware architecture Dynamic architecture

mappings mappings

Hardware Design Processor Device_1 Functional and control design

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

13/28

slide-14
SLIDE 14

Introduction Synoptic language Middleware/Synoptic Interaction Current works

Synoptic : multi-layers system specification

Software architecture

Bus 10 Hz 50 Hz Threads + Properties

Hardware architecture Dynamic architecture

mappings mappings

Hardware Design Processor Device_1 Functional and control design

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

14/28

slide-15
SLIDE 15

Introduction Synoptic language Middleware/Synoptic Interaction Current works

Synoptic : functional model

Software architecture = blocks/nodes hierarchy A node in a block diagram has :

◮ a type ◮ several implementations

a node type describes interaction ports (interface) different kinds of implementations :

◮ dataflow : describes functional part ◮ automaton : describes behavioral part (modes) ◮ external/primitive : “black box”

Dataflow and automaton blocks are mutually nested.

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

15/28

slide-16
SLIDE 16

Introduction Synoptic language Middleware/Synoptic Interaction Current works

Synoptic : functional model (block hierarchy)

transition Etat_1 Etat_2 Etat_1.1 Macro−état 1.3 Etat_1.2 AUTOMATON DATAFLOW AUTOMATON

Garde Action

MACRO−ETAT

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

16/28

slide-17
SLIDE 17

Introduction Synoptic language Middleware/Synoptic Interaction Current works

Synoptic : functional model (node type)

Node type example :

1 node type

❙✉♥P♦✐♥t✐♥❣

2 features 3 ■▼❯❴❉❛t❛✿

in data port array ✸ of double❀

4 ❙❚❘❴❉❛t❛✿

in data port array ✹ of double❀

5

❉❖❘❴❉❛t❛✿ in data port array ✹ of double❀

6

▼❚◗❴❈♠❞✿ out data port array ✸ of double❀

7

❘❲❴❈♠❞✿ out data port array ✸ of double❀

8

end ❙✉♥P♦✐♥t✐♥❣❀

Implicit ports : reset : re-initialization (boolean port) trigger : block activation (event port) enable : block activation control (boolean port)

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

17/28

slide-18
SLIDE 18

Introduction Synoptic language Middleware/Synoptic Interaction Current works

Synoptic : functional model (dataflow)

end int1.dtf ; int1 . dtf blocks signals sc2 : sc3 : sc4 : automaton aut ; data port ; s1 : s2 : event trigger

....

properties

....

(ev1? and (dp>3)^) −> sc1. sc2.odp −> sc1.idp ; Hierarchy Logical Expression Port identifier sc1 : algo << when evt1 >> sc1 : dataflow dtf2 << period = 10 ms >> Dataflow implementation name Node type identifier node body is dataflow extern var tc1; −− MW/Synoptic interaction external node type −− to refine int2 ;

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

18/28

slide-19
SLIDE 19

Introduction Synoptic language Middleware/Synoptic Interaction Current works

Synoptic : functional model (automaton)

1 automaton ■◆■❚❴❝❛❧❝✉❧❛t❡✉r ✳❛✉t 2

states

3

P▼❴❘❊❙❊❚✿ state ❞t❢ ✱ ✴✯ ❞t❢ ❂ ❞❛t❢❛❧♦✇ ✐♠♣❧❡♠❡♥t❛t✐♦♥ ✯✴

4

❇♦♦str❛♣✿ state ✱

5

❖❇❙❲❴r✉♥♥✐♥❣ ✿ state ✱

6

❋✐r♠✇❛r❡✿ macro state

7

states

8

P▼❴❇✉✐❧t❴■◆❴❚❊❙❚❙ ✿ state ✱

9

❖❇❙❲❴❝❤❡❝❦❡rs✿ state ❀

10

i n i t i a l state P▼❴❇✉✐❧t❴■◆❴❚❊❙❚❙ ❀

11

t r a n s i t i o n s

12

tr✶✿P▼❴❇✉✐❧t❴■◆❴❚❊❙❚❙ ✲❬ ❪→❖❇❙❲❴❝❤❡❝❦❡rs❀

13

end ❋✐r♠✇❛r❡ ✱

14

❘❆▼✿ macro state ❬✳✳✳❪ end ❘❆▼❀

15

i n i t i a l state P▼❴❘❊❙❊❚❀

16

t r a n s i t i o n s

17

t✶ ✿ P▼❴❘❊❙❊❚ ✲❬on ● do ❆ ❪→ ❋✐r♠✇❛r❡✳ P▼❴❇✉✐❧t❴■◆❴❚❊❙❚❙ ❀

18

t✷ ✿ ❋✐r♠✇❛r❡✳P▼❴❇✉✐❧t❴■◆❴❚❊❙❚❙ ✲❬ ❪→❋✐r♠✇❛r❡✳❖❇❙❲❴❝❤❡❝❦❡rs❀

19

❬✳✳✳❪

20 end ■◆■❚❴❝❛❧❝✉❧❛t❡✉r ✳❛✉t❀

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

19/28

slide-20
SLIDE 20

Introduction Synoptic language Middleware/Synoptic Interaction Current works

  • 1. Introduction
  • 2. Synoptic language
  • 3. Middleware/Synoptic Interaction
  • 4. Current works

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

20/28

slide-21
SLIDE 21

Introduction Synoptic language Middleware/Synoptic Interaction Current works

Synoptic/MW : external variables

The Middleware has to abstract the asynchronous behavior of the system (bufferisation,...) Interactions between MW and Synoptic models are handled using external variables concept. external variables = sources / sinks of signals external variables types :

◮ constants, TM, TC, global variables,

external variables contracts

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

21/28

slide-22
SLIDE 22

Introduction Synoptic language Middleware/Synoptic Interaction Current works

Synoptic/MW : external variables

Client 1 Variable

Persistence contract Syntactic Contract

Client 2

Usage contract Synchronisation contract Remote access contract

External variables and associated contracts are used to configure the MW

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

22/28

slide-23
SLIDE 23

Introduction Synoptic language Middleware/Synoptic Interaction Current works

  • 1. Introduction
  • 2. Synoptic language
  • 3. Middleware/Synoptic Interaction
  • 4. Current works

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

23/28

slide-24
SLIDE 24

Introduction Synoptic language Middleware/Synoptic Interaction Current works

Synoptic Language Definition

Synoptic Language Definition

◮ Meta-Model definition (last steps) ◮ concrete textual syntax

Synoptic Semantics ?

◮ in progress... ◮ semantics by traduction (IRISA-ESPRESSO) : Signal

(Polychrony)

◮ we need to define a semantics for the language core

  • works on transformations proof (Martin Streker)

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

24/28

slide-25
SLIDE 25

Introduction Synoptic language Middleware/Synoptic Interaction Current works

Meta-Model Ecore

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

25/28

slide-26
SLIDE 26

Introduction Synoptic language Middleware/Synoptic Interaction Current works

Textual Syntax and Edition tool (Topcased)

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

26/28

slide-27
SLIDE 27

Introduction Synoptic language Middleware/Synoptic Interaction Current works

Transformations Validation

Automatic mappings : blocks → threads

◮ to assist the developper ◮ need a formalisation of current pragmatic rules used by system

engineers

Blocks and Signals Refinements :

◮ automatic refinement (patterns : validated transformation) ◮ Proof Obligation (PO) generation for manual refinements

Edition transformations :

◮ ex : Model organisation, Software function splitting ◮ Automatic and validated transformations IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

27/28

slide-28
SLIDE 28

Introduction Synoptic language Middleware/Synoptic Interaction Current works

Questions ?

Questions ?

IRIT

  • SPaCIFY project - , Synoptic : Spacecraft Synchronous DSML

28/28