Appendix B. Additional Resources

In this book, you have learned how to create architecture models of systems. Such models represent your software architectural design (i.e., the application source code organized into modules or packages as functional libraries or collections of classes and associated methods), your runtime architecture in terms of communicating tasks, your computer hardware architecture in terms of processors, memory, and buses (networks), and possibly a physical system with which your software system interfaces.

B.1. Modeling System Architectures

Here are some additional resources that can help you to become more proficient in modeling system architectures.

• Behjati, R., Yue, T., Nejati, S., Briand, L., and Selic, B. An AADL-Based SysML Profile for Architecture Level Systems Engineering: Approach, Metamodels, and Experiments, Simula Research Laboratory, ModelME Technical Report 2011-03, Feb 2011.

This report discusses a UML profile that extends SysML with AADL concepts, which was implemented in Rhapsody.

• Feiler, P. H. Modeling of System Families (CMU/SEI-2007-TN-047). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2007.

This report discusses how you can go about representing a family of systems in AADL. It discusses multiple dimensions of variability in such a system family and how each is best expressed in AADL.

• Feiler, P. H. and Hansson, J. Flow Latency Analysis with the Architecture Analysis and Design Language (AADL) (CMU/SEI-2007-TN-010). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2007.

This report goes into depth in modeling end-to-end flows and performing end-to-end latency analysis. This analysis can provide a lower bound for worst-case latency at different levels of fidelity. It takes into account a range of runtime system contributors to latency and latency jitter.

• Feiler, P. H. and Hansson, J. Impact of Runtime Architectures on Control System Stability, 4th International Embedded Real-Time Systems Conference (ERTS), Toulouse, France, Jan 2008.

This article discusses the criticality of managing end-to-end latency jitter by minimizing non-deterministic sampling of the data stream, as such jitter potentially leads to controller instability.

• Feiler, P. H. and Rugina, A. Dependability Modeling with the Architecture Analysis and Design Language (AADL) (CMU/SEI-2007-TN-043). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2007.

This report introduces you to the Error Model Annex standard for AADL and its use to capture intrinsic fault behavior as well as fault propagation behavior of your system, such that stochastic analytical models can be generated for reliability and availability analysis as well as fault tree analysis.

• Hudak, J. and Feiler, P.H. Developing AADL Models for Control Systems: A Practitioner’s Guide (CMU/SEI-2007-TR-014). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2007.

This report introduces you to creating a control system model.

B.2. Cases Studies

The authors and other members of the SEI AADL team have performed a number of case studies in modeling application systems.

• Barott, J. B., Gluch, D. P., and Kirby, S. L. “Predictive engineering of an unmanned aerial system (UAS) using the Architecture Analysis and Design Language (AADL),” Systems Conference (SysCon), 2011 IEEE International, pp. 569–573, 4–7 April 2011.

This paper presents the results of applying predictive software-dependent system engineering practices using the SAE International Architectural Analysis and Design Language (AADL) in the modeling and analysis of an unmanned aerial system (UAS), part of a search and rescue (SAR) system. The SAR system embodies many of the challenges associated with engineering complex software-dependent systems, such as achieving stringent performance requirements and ensuring effective resource utilization. The results of this work demonstrated that model-based software system engineering practices employing the AADL can be used to analyze important system aspects early in architectural development, and can be an integral element in making informed decisions throughout an engineering effort

• Feiler, P. H., Lewis, B. (US Army AMCOM), and Vestal, S. (Honeywell Technology Center). Improving Predictability in Embedded Real-Time Systems, Special Report CMU/SEI-2000-SR-011 December 2000.

This paper discusses an early case study in using an architecture modeling language for embedded systems to improve predictability of performance in embedded real-time systems. This approach uses MetaH, the language AADL is based on. It utilizes automated analysis of task and communication architectures to provide insight into schedulability and reliability during design and automatic code generation to produce a complete system. The approach has been applied to a missile guidance system. A port from a single processor system to a dual processor system was accomplished in three weeks and the missile flew correctly in a simulation test.

• Feiler, P. H., Gluch, D., Hudak, J., and Lewis, B. Embedded System Architecture Analysis using SAE AADL, Technical Note CMU/SEI-2004-TN-005, 2004.

This report discusses a pattern-based approach we used to analyze an avionics architecture that is migrating from a federated approach to an integrated modular avionics (IMA) approach.

• Feiler, P. H., Hansson, J., de Niz, D., and Wrage, L. System Architecture Virtual Integration: An Industrial Case Study, Technical Report CMU/SEI-2009-TR-017, November 2009.

This report discusses the proof of concept phase of an aerospace industry initiative to improve its practice to become more technology intensive and architecture centric. Under the umbrella of the Aerospace Vehicle Systems Institute (AVSI) the System Architecture Virtual Integration project in this first phase has defined the to-be process, a return on investment (ROI) model, and a proof of concept demonstration of architecture modeling and analysis of multiple quality attributes at different levels of fidelity early and throughout the development process. The demonstration scenario included the use of a model repository and model bus starting with an aircraft model to illustrate dealing with system engineering and embedded software system engineering as well as supporting model-based interaction between system integrators and suppliers.

• Feiler, P. H., Gluch, D. P., and Woodham, K. Case Study: Model-based Analysis of the Mission Data System Reference Architecture, Technical Report CMU/SEI-2010-TR-003, May 2010.

This report presents the results of a case study applying the Architecture Analysis & Design Language (AADL) to the Mission Data System (MDS) architecture. This work is part of the NASA Software Assurance Research Program (SARP) research project: “Model-Based Software Assurance with the SAE Architecture Analysis & Design Language (AADL).” In this report, we discuss modeling and analyzing the MDS reference architecture. In particular, we focus on modeling aspects of state-based system behavior in MDS for quantitative analysis. Three different types of state-based system model are being considered: closed loop control, goal-oriented plan execution, and fault tolerance through replanning.

• Hansson, J., Lewis, B., Hugues, J., Wrage, L., Feiler, P., and Morley, J. Model-Based Verification of Security and Non-Functional Behavior using AADL, IEEE Security & Privacy, Page: 1-1, Jan 2010.

Modeling of system quality attributes, including security, is often done with low fidelity software models and disjointed architectural specifications by various engineers using their own specialized notations. These models are typically not maintained or documented throughout the life cycle and make it difficult to obtain a system view. However, a single-source architecture model of the system that is annotated with analysis-specific information allows changes to the architecture to be reflected in the various analysis models with little effort. We describe how model-based development using the Architecture Analysis and Design Language (AADL) and compatible analysis tools provides the platform for multidimensional, multifidelity analysis, and verification. A special emphasis is given to analysis approaches using Bell-LaPadula, Biba, and MILS approaches to security and that enable a system designer to exercise various architectural design options for confidentiality and data integrity prior to system realization.

For additional papers on the use of AADL by the community, please see the AADL Related Publications section of the public AADL Wiki [AADL Web].