Index
Symbols
. (period)
use in component names, 114, 264
use in feature identifiers, 265
: (colon), use in declarations, 170, 174, 186, 309
:: (double colon)
in package names, 268
in property set names, 266
_ (underscore), in identifier syntax, 263
-- (double hyphen), in comment syntax, 289
-> (hyphen and angle bracket), directional connection, 189
<-> (hyphen between angle brackets), bidirectional connections, 189
=> (equal sign and angle bracket), property association, 292
+=> (plus sign, equal sign, and angle bracket), property additive association, 293
A
AADL (Architecture Analysis & Design Language)
binding software to hardware. see Software deployment
components. see Components
data modeling. see data modeling
declarative model, 26
design organization. see Design organization
as foundation for model-based engineering, 1–2
MBE (model-based engineering) and, 10–12
models. see Models
modes. see Modes
other modeling languages and, 14–15
powerboat autopilot system example. see PBA (powerboat autopilot) system
properties. see Properties
reserved words, 348
runtime services. see Runtime services
SAE AADL. see SAE AADL
system composition. see System composition
system flows. see Flows
AADL extensions. see also Annex sublanguages
declaring property constants, 311–312
declaring property sets, 304–305
declaring property types, 305–309
overview of, 303
AADL Inspector, 320
AADL Web, 435
aadlboolean property type, 308–310
aadlinteger property type, 308–309
AADLSimulink. see Simulink
Abort_Process, runtime executive service, 424
Abort_Processor, runtime executive service, 425
Abort_System, runtime executive service, 425
Abort_Virtual_Processor, runtime executive service, 425
constraints on, 168
employing in PBA system model, 58–61, 428
representation of, 167
for component interactions, 185
declaring, 226
Abstract flows
overview of, 54
Abstract implementation, in PBA system model, 61–63
Abstraction
conceptual modeling. see Conceptual modeling
principles for managing complexity in software, 6
transforming abstract representation into runtime representation, 63–65
Acceptable_Array_Size, modeling property, 409
Access
component feature category, 118–121
Access connections
bus access, 156
declaring remote calls as, 236–237
Access_Right, memory-related property, 391–392
Access_Time, memory-related property, 392
Actions, thread, 129
Activate_Deadline, timing property, 372
Activate_Entrypoint, programming property, 398
Activate_Entrypoint_Call_Sequence, programming property, 398–399
Activate_Entrypoint_Source_Text, programming property, 399
Activate_Execution_Time, timing property, 372
Active_Thread_Handling_Protocol, thread-related property, 369
Active_Thread_Queue_Handling_Protocol, thread-related property, 370
Actual_Connection_Binding, connection binding property, 260
Actual_Latency, communication property, 390
Actual_Memory_Binding, deployment property, 259, 352
Actual_Processor_Binding, deployment property, 257–259, 353
Actual_Subprogram_Call, deployment property, 355
Actual_Subprogram_Call_Binding, deployment property, 261, 356
Ada language, 152
Aggregate data communication, 207–209
Allowed_Connection_Binding, deployment property, 351
Allowed_Connection_Binding_Class, deployment property, 351
Allowed_Connection_Type, deployment property, 359–360
Allowed_Dispatch_Protocol, deployment property, 360
Allowed_Memory_Binding, deployment property, 352
Allowed_Memory_Binding_Class, deployment property, 353
Allowed_Message_Size, memory-related property, 393
Allowed_Period property, deployment property, 360–361
Allowed_Physical_Access, deployment property, 361
Allowed_Physical_Access_Class, deployment property, 361
Allowed_Processor_Binding, deployment property, 258, 354
Allowed_Processor_Binding_Class, deployment property, 354–355
Allowed_Subprogram_Call, deployment property, 355
Allowed_Subprogram_Call_Binding, deployment property, 261, 356
Analysis
in AADL model, 30
benefits of model-based approach to, 1
Analyzable architectural models, benefits of MBE, 8–10
declaring annex concepts in, 313–314
declaring classifiers, 312
annex reserved word, in component implementation declaration, 122
in AADL component declaration, 23–24
referencing annex classifiers, 312
using annex concepts in, 314–315
declaring annex concepts in libraries, 313–314
using annex concepts in subclauses, 314–315
AADL semantics and, 321
assigning property values, 292–294
comments and description properties, 289–290
contained property associations, 299–300
creating models and, 318
determining property values, 297–299, 300–302
empty component sections and, 290
overview of, 289
property types and values, 294–297
Aperiodic threads, 129
Application runtime architecture, in embedded software systems, 7
Get_Count, 420
Get_Value, 420
Next_Value, 420
Put_Value, 419
Receive_Input, 419
Send_Output, 418
Updated, 421
Application Specific I/O Integration Support Tool for Real-Time Bus Architecture Designs (ASIIST), 323, 436
Applications. see also Software components
application software component category, 19
case studies in modeling application systems, 430–433
applies to statement, for assigning property values, 265
Architecture
abstract component and, 166
analyzable architectural models as benefit of MBE, 8–10
application runtime architecture, 7
component use in system architecture, 6
modeling system architectures, 429–430
reference architectures. see Reference architectures
static vs. dynamic, 169
validating system architecture, 321–322
working with architectural descriptions in AADL, 17–18
Architecture-centric approach, to model-based engineering, 9–10
Ariane 5 Flight 501, 435
Arrays
connection properties, 230–231
declaring subcomponents as, 172–173
explicitly specified connections, 228
AS5506, 436
ASIIST (Application Specific I/O Integration Support Tool for Real-Time Bus Architecture Designs), 323, 436
Assign_Time, memory-related property, 393
Assignment operator, assigning property values, 292–293
Await_Dispatch, runtime executive service, 422–423
Await_Result, runtime executive service, 424
B
Background threads, 129
BAnnex (Behavior Annex)
describing thread behavior, 232
extensions to AADL, 11
modeling subprogram calls, 88
reference to, 436
for representing functional behavior of application components, 174
as sublanguage, 313
system validation and generation tools, 323
Base_Address, memory-related property, 394
Base_Types package, DAnnex (Data Modeling Annex), 100
Behavioral Language for Embedded Systems with Software (BLESS), 323, 436
Bell LaPadula, 324
Bidirectional access connections, 210
Binary file, documenting, 48–49
Bindings
for component interactions, 185–186
connection bindings, 260
mapping software to execution platform, 81
processor bindings, 259
properties in declaration of, 257–259
remote calls declared as, 234–236
remote subprogram call bindings, 260–262
Binpacker tool, 322
BLESS (Behavioral Language for Embedded Systems with Software), 323, 436
Buses
access features, 156
adding hardware components for PBA system, 40–42
communication support in execution platform, 80–81
description of, 147
modeling execution platform resources, 78–80
overview of, 156
properties of, 157
working with hardware in AADL, 18
Byte_Count, memory-related property, 396
C
Call sequences
declaring for subprogram, 233–234
modes for specifying, 174, 182–183
symbol representing, 242
for component interactions, 185–186
declaring remote calls as access connections, 236–237
declaring remote calls as bindings, 234–236
declaring subprogram calls, 233–234
symbol representing, 242
calls reserved word, in component implementation declaration, 122
CAN bus, 199
Case studies, in modeling application systems, 430–433
Casteres 09, 437
CAT (Consumption Analysis Toolbox), 436
Categories
component categories, 19–20, 114–115
component feature categories, 118–121
Cheddar, 437
Chinese Wall, 324
Classifier_Matching_Rule, modeling property, 224–225, 409
Classifier_Substitution_Rule, modeling property, 277, 409–410
Classifiers
aliases, 272
constraints on data classifier declarations, 140–141
constraints on process classifier declarations, 138
constraints on subprogram classifier declarations, 144
constraints on subprogram group classifier declarations, 146
constraints on thread classifier declarations, 132
constraints on thread group classifier declarations, 135
declaring classifier extensions, 274
declaring subcomponents by omitting, 171–172
defining components and, 113
defining data types and, 97–98
naming and referencing, 264
organizing component classifiers into packages, 114
prototypes as classifier parameters, 281
providing prototype actuals, 284–287
referencing package elements, 269–270
Client_Subprogram_Execution_Time, timing property, 374
Clock_Jitter, timing property, 380
Clock_Period, timing property, 380–381
Clock_Period_Range, timing property, 381
Code artifacts
documenting source code and binary files, 48–49
documenting variable names, 49–50
modeling source code structure, 50–51
Collocated, deployment property, 357
Comments, in annotation of models, 289–290
Actual_Latency, 390
Connection_Pattern, 384
Connection_Set, 385
Fan_Out_Policy, 384
Input_Time, 388
Latency, 391
Output_Time, 389
Overflow_Handling_Protocol, 385
Queue_Processing_Protocol, 385–386
Queue_Size, 386
Required_Connection, 386
Subprogram_Call_Rate, 389
Transmission_Time, 390
Transmission_Type, 387
Communication protocols
bus support for, 156
processors supporting, 149
virtual bus representing, 158
COMPASS (Correctness, Modeling and Performance of Aerospace Systems), 324, 437
Component libraries
organizing classifiers into packages, 114
constraints on application software components, 342–347
declaring abstract components, 58–59
declaring abstract components in PBA system model, 58–61
declaring component types, 114–118
declaring external interfaces, 118–121
declaring implementations, 121–125
defining for PBA system, 32–35
detailing abstract implementations for PBA system, 61–63
dynamic reconfiguration of, 51–54
empty component sections, 290
execution platform. see Execution platform components
flow specification for, 245
modes for applying alternative component configurations, 177–179
overview of, 113
port communication timing and, 196
properties differing from mode to mode, 173
software. see Software components
subcomponents. see Subcomponents
transforming abstract representation into runtime representation, 63–65
Components, interactions
abstract features and connections, 225–226
aggregate data communication, 207–209
array connection patterns, 229–230
array connection properties, 230–231
arrays and connections, 227–228
bus access and connections, 213–217
combining port-based communication with shared data communication, 203–206
constraints on port to port connections, 193–196
data access and connections, 210–213
declaring abstract features, 226
declaring calls and call sequences, 233–234
declaring feature group connections, 221–225
declaring feature group types, 218–220
declaring feature groups, 220–221
declaring parameter connections, 241–243
declaring port to port connections, 189
declaring remote subprogram calls as access connections, 236–237
declaring remote subprogram calls as bindings, 234–236
deterministic sampling of data streams between ports, 199–203
explicitly specified array connections, 228
feature groups and connections, 217–218
interfacing to external world, 97
modeling directional exchange of data and control, 85–86
modeling local service requests or function invocation, 87–89
modeling object-oriented method calls, 92–95
modeling remote service requests or function invocation, 90–92
modeling shared data exchange, 86–87
modeling subprogram instances, 237–240
modeling subprogram parameters, 95–97
parameter connections, 240
ports as interfaces, 188
properties of port to port connections, 207
refining abstract features, 226–227
sampled processing of data streams between ports, 198–199
subprogram calls, access, and instances, 231–233
timing port to port connections, 196–198
using port to port connections, 189–193
Components, pattern reuse
overview of, 69
reference architectures, 72–75
Components, type declaration
interface declarations, 118–121
modal types and, 175
Composite components
component categories in AADL, 20
overview of, 163
system. see System component
Compute_Deadline, timing property, 372–373
Compute_Entrypoint, programming property, 399–400
Compute_Entrypoint_Call_Sequence, programming property, 400
Compute_Entrypoint_Source_Text, programming property, 400–401
Compute_Execution_Time, timing property, 373
Computer Architectures: Readings and Examples (Bell and Newell), 12
adding hardware components to specification, 67–68
adding runtime properties, 65–67
detailing abstract implementations, 61–63
employing abstract components, 58–61
overview of, 58
transforming abstract representation into runtime representation, 63–65
Concurrency control, for shared data access, 210
Concurrency_Control_Protocol property, thread-related property, 366
Configuration, modes for alternative component configuration, 173, 177–179
Connection_Pattern, communication property, 229–230, 384
Connection_Set, communication property, 385
Connections
bindings, 260
component interactions and, 185
working with connection instances in system instance models, 82–83
Connections, port to port
declaring, 189
deterministic sampling of data streams, 199–203
properties of, 207
sampled processing of data streams, 198–199
connections reserved word, in component implementation declaration, 122
Consistency checking, AADL standard and, 321
constant keyword, assigning property values with, 292
Constants
assigning property values, 292
declaring property constants, 311–312
project-specific, 410
Constructors, property type, 307–308
Consumption Analysis Toolbox (CAT), 436
Context-free syntax, in AADL language, 20–21
Control data, persistent data store for, 133
Controls
detailing control software for PBA System, 38–40
directional control system, 171
exchange of. see Exchange of control and data
modeling directional exchange of, 85–86
Correctness, Modeling and Performance of Aerospace Systems (COMPASS), 324, 437
Criticality property, thread-related property, 366
Current_System_Mode, runtime executive service, 424
D
defining data component properties, 291–292
reference to, 437
standard, 195
Data
component types, 99
description of, 127
exchange. see Exchange of control and data
overview of, 138
properties of, 140
sampled processing of data streams between ports, 198–199
working with runtime software abstractions in AADL, 18
Data Distribution Service (DDS), 208, 437
defining simple data types, 98–99
representing variants on data types, 99
Data Modeling Annex. see DAnnex (Data Modeling Annex)
data port reserved word, 186
Data ports
aggregate data communication and, 208–209
combining port-based communication with shared data communication, 203–206
description of, 188
port communication timing and, 197–198
port to port connections and, 194
properties of port to port connections, 207
Data types
modeling source code structure, 50–51
representing variants on, 99
Data_Representation, DAnnex property, 100
Data_Volume, project property, 415
DDS (Data Distribution Service), 208, 437
Deactivate_Deadline, timing property, 374
Deactivate_Entrypoint, programming property, 401
Deactivate_Entrypoint_Call_Sequence, programming property, 401
Deactivate_Entrypoint_Source_Text, programming property, 402
Deactivate_Execution_Time, timing property, 374–375
Deactivation_Policy property, thread-related property, 370
Deadline, timing property, 375
Declarations, summary of AADL declarations, 22–24
Declarative models
for component hierarchy, 77–78
for system composition, 77
Delayed connections, deterministic sampling and, 199–201
Deploying software on hardware. see Software deployment
Actual_Memory_Binding property, 352
Actual_Processor_Binding property, 353
Actual_Subprogram_Call property, 355
Actual_Subprogram_Call_Binding property, 356
Allowed_Connection_Binding property, 351
Allowed_Connection_Binding_Class property, 351
Allowed_Connection_Type property, 359–360
Allowed_Dispatch_Protocol property, 360
Allowed_Memory_Binding property, 352
Allowed_Memory_Binding_Class property, 353
Allowed_Period property, 360–361
Allowed_Physical_Access property, 361
Allowed_Physical_Access_Class property, 361
Allowed_Processor_Binding property, 354
Allowed_Processor_Binding_Class property, 354–355
Allowed_Subprogram_Call property, 355
Allowed_Subprogram_Call_Binding property, 356
Collocated property, 357
Memory_Protocol property, 362
Not_Collocated property, 356–357
Preemptive_Scheduler property, 362
Priority_Map property, 363
Priority_Range property, 363
Provided_Connection_Quality_Of_Service property, 358–359
Provided_Virtual_Bus_Class property, 358
Required_Connection_Quality_Of_Service property, 359
Required_Virtual_Bus_Class property, 358
Scheduling_Protocol property, 362
Thread_Limit property, 363
Dequeue_Protocol, thread-related property, 367–368
Dequeued_Items, thread-related property, 368
Description properties, 290
defining multiple extensions, 105–107
developing alternative implementations, 104–105
overview of, 101
Deterministic sampling, of data streams between ports, 199–203
Device_Register_Address, memory-related property, 394
Devices
bus access and, 213
communication support in execution platform, 80–81
defining components for PBA system, 33
defining connections for PBA system, 41–42
defining subcomponents for PBA system, 36
description of, 147
deterministic sampling of data streams between ports, 199–203
as interface to external world, 97
modeling execution platform resources, 78–80
overview of, 160
port communication timing and, 196
properties of, 161
sampled processing of data streams between ports, 198–199
working with hardware in AADL, 18
Dimensions, array specification and, 172
Directional access connections, 210
Directional control system, 171
Directional transfer, ports for, 186
Dispatch protocol
port communication timing and, 196–197
for threads, 129
Dispatch_Able, thread-related property, 367
Dispatch_Jitter, timing property, 375–376
Dispatch_Offset, timing property, 376
Dispatch_Protocol, thread-related property, 364
Dispatch_Trigger, thread-related property, 364
Dynamic architecture, 169. see also Modes
Dynamic reconfiguration, of systems or components, 51–54
E
as example of sublanguage, 312
extensions to AADL, 11
reference to, 438
as standard for sublanguages, 303
system validation and generation tools, 323
EDF (earliest deadline first), scheduling policy, 44
Embedded systems
applications of, 6
co-engineering with system engineering, 13
as engineering challenge, 1
Encapsulation, managing complexity in software, 6
end reserved word, in component implementation declaration, 122
Equivalence/complement rule, using with feature groups, 224
Error Model Annex. see EAnnex (Error Model Annex)
ErrorData subcomponent, in modeling object-oriented method calls, 93
ESA (European Space Agency), 320, 324
event data port reserved word, 186
combining port-based communication with shared data communication, 203
description of, 188
port communication timing and, 197
port to port connections and, 194
properties of port to port connections, 207
event port reserved word, 186
Event ports
description of, 188
port communication timing and, 197
port to port connections and, 193
properties of port to port connections, 207
consistency checks on port connections, 195
logical interactions between application components, 84
modeling directional exchange, 85–86
modeling shared data exchange, 86–87
Execution platform. see also Hardware
communication support in, 80–81
component categories in AADL, 20
mapping software to, 81
system abstraction for composite that includes, 163
Execution platform components. see also Hardware components
Execution_Time, timing property, 376
extends clause
declaring classifiers, 274
defining extension declaration, 63–64
prototype use as classifier parameters, 281
refining component categories, 280
extends reserved word
adding runtime properties, 66
in component implementation declaration, 122
Extensions. see also AADL extensions
declaring classifier extensions, 274
declaring model refinements, 275–277
defining multiple in design organization, 105–107
F
Failure Mode and Effect Analysis (FMEA), 323
Fan_Out_Policy, communication property, 384
Feature groups
aggregate data communication and, 208–209
in component declaration, 23–24
for component interactions, 185
declaring component features, 220–221
declaring connections, 221–225
declaring model refinements, 275
empty component sections and, 290
names, 264
Features section
in AADL component declaration, 22–24
declaring component interfaces, 118–121
Feiler 07 and 07A, 438
FHA (Functional Hazard Assessment), 323
Finalize_Deadline, timing property, 376
Finalize_Entrypoint, programming property, 402
Finalize_Entrypoint_Call_Sequence, programming property, 402–403
Finalize_Entrypoint_Source_Text, programming property, 403
Finalize_Execution_Time:Time, timing property, 377
First_Dispatch_Time, timing property, 375
Flow latency analysis tool, OSATE, 57
Flow path, 247
Flow sink, 247
Flow source, 247
declaring implementations, 249–253
declaring specifications, 246–248
specifying end-to-end, 57
working with end-to-end, 255
flows reserved word, in component implementation declaration, 122
flows section
in AADL component declaration, 22–24
component type declaration, 246
declaring end-to-end flows, 254–255
declaring flow implementations, 249–253
FMEA (Failure Mode and Effect Analysis), 323
Frame_Period, timing property, 383
Function invocation
Functional Hazard Assessment (FHA), 323
Functions, modeling source code structure and, 50–51
G
Generic components
abstract. see Abstract component
component categories in AADL, 20
overview of, 163
Generic features. see Abstract features
Get_Count, application runtime service, 420
Get_Error_Code, runtime executive service, 423
Get_Resource, runtime executive service, 421
Get_Value, application runtime service, 420
AADL as, 11
overview of, 17
SysML as, 15
Graphical representation
of abstract components, 167
comments included in, 289
of feature groups, 220
of models, 317
of parameters, 243
of subprograms, 143
of system components, 164
of threads, 130
H
Hansson 08, 438
Hardware, deploying software on hardware. see Software deployment
Hardware components. see also Execution platform components
adding to PBA system model, 40–41
binding to software in PBA system model, 43–45
bus access and, 213
bus and, 156
modeling execution platform resources, 78–80
Hardware_Description_Source_Text, programming property, 407–408
Hardware_Source_Language, programming property, 408
Hofmeister 00, 439
Hybrid threads, 129
I
Identifiers. see also Names
classifier, 264
property set, 304
subcomponent, 170
syntax of, 263
IEEE (Institute of Electrical and Electronics Engineers)
Systems and Software Engineering-Architecture Descriptions (42010), 5, 439
VHDL (VHSIC Hardware Description Language), 12
IMA (integrated modular avionics), 10
Immediate connections, deterministic sampling and, 202–203
Implementations
declaring component implementations, 121–125
declaring flow implementations, 249–253
declaring modal implementations, 175–177
detailing abstract implementations, 61–63
developing alternative implementations in design organization, 104–105
top-level model for PBA system, 36–37
Implemented_As, modeling property, 410
in binding statement, 293
in modes statement
assigning property values, 293
declaring subcomponents, 170
In ports
description of, 188
port to port connections and, 195
inherit reserved word, 310
Inheritance
property inheritance, 310
Initialize_Deadline, timing property, 377
Initialize_Entrypoint, programming property, 403
Initialize_Entrypoint_Call_Sequence, programming property, 403–404
Initialize_Entrypoint_Source_Text, programming property, 404
Initialize_Execution_Time, timing property, 377
Input_Rate, communication property, 387–388
Input_Time, communication property, 388
Instance models
modeling subprogram instances, 237–240
modeling system instances. see System instance models
Instances, subprogram, 231–233
Institute of Electrical and Electronics Engineers. see IEEE (Institute of Electrical and Electronics Engineers)
Integers, in property value summary, 296
Integrated modular avionics (IMA), 10
Interfaces
for components of PBA system, 34
declaring external component interfaces, 118–121
to outside application system, 97
ports as, 188
Inverse of statement, in declaring feature group types, 219
J
Java VM (virtual machine), 151
L
Languages
Ada language, 152
annex sublanguages. see Annex sublanguages
graphical. see Graphical languages
MDA. see MDA (model-driven architecture)
modeling languages. see Modeling languages
SysML. see SysML
textual, 11
UML. see UML (Unified Modeling Language)
Latency, communication property, 391
Libraries
annex libraries. see Annex libraries
modeling source code structure and, 50
Load_Deadline, timing property, 378
Load_Time, timing property, 378
Logical flows. see Flows
Logical interface, between embedded application software and physical systems, 7–8
M
MARTE (Modeling and Analysis of Real-time and Embedded Systems), 12–13, 439
Mathworks Simulink. see Simulink
Max_Aadlinteger, project property, 415
Max_Base_Address, project property, 415
Max_Byte_Count, project property, 417
Max_Memory_Size, project property, 416
Max_Queue_Size, project property, 416
Max_Target_Integer, project property, 415
Max_Thread_Limit, project property, 416
Max_Time, project property, 416
Max_Urgency, project property, 416
Max_Word_Space, project property, 417
AADL used with MDA and UML, 14–15
for embedded real-time systems, 6–8
overview of, 5
MCD (model-centered development), 5
MDA (model-driven architecture)
AADL used with MDA and UML, 14–15
OMG initiatives in model-based engineering, 12
reference to, 439
software applications of model-based engineering, 5
MDD (model-driven development), 5
Mean Time To Failure (MTTF), 323
adding hardware components for PBA system, 40–42
constraints on, 155
description of, 147
modeling execution platform resources, 78–80
overview of, 153
processor access to, 149
working with hardware in AADL, 18
Memory_Protocol property, deployment property, 362
Access_Time, 392
Allowed_Message_Size, 393
Assign_Time, 393
Base_Address, 394
Byte_Count, 396
Device_Register_Address, 394
Source_Code_Size, 395
Source_Data_Size, 395
Source_Stack_Size, 396
Word_Space, 397
Write_Time, 397
Meta models
annex sublanguages and, 312
limiting property ownership via Meta model class, 310
standardization of, 317
META toolset. see Rockwell Collins META toolset
MetaH, AADL patterned after, 10
Method calls, modeling object-oriented, 92–95
MIL-STD 1553 bus, 199
Mission Data System reference architecture, NASA, 319
Mode_Transition_Response property, thread-related property, 368–369
Model-based engineering. see MBE (model-based engineering)
Model-centered development (MCD), 5
Model-driven development (MDD), 5
Modelica, component models in, 14
Modeling and Analysis of Real-time and Embedded Systems (MARTE), 12–13, 439
AADL used with MDA and UML, 14–15
state-based languages for representing functional behavior of application components, 174
Acceptable_Array_Size, 409
Classifier_Matching_Rule, 409
Classifier_Substitution_Rule, 409–410
Implemented_As, 410
Prototype_Substitution_Rule, 410
Modeling system architectures, resources related to, 429–430
aliases for package and type references, 271–273
analysis of, 30
annotating. see Annotation, of models
case studies in modeling application systems, 430–433
classifier substitution rules for refining, 277–279
classifiers for naming and referencing elements in, 264
classifiers for refining, 273–274
component categories of, 19–20
declaring classifier extensions, 274
declaring refinements, 275–277
naming and referencing elements with packages, 263–264
naming and referencing elements with property sets, 266
property substitution and, 287
prototypes as classifier parameters, 280–281
providing prototype actuals, 284–287
referencing model elements, 265–266
referencing package elements, 269–271
system validation and generation tools, 322–324
validation of system architecture, 321–322
for alternative call sequences, 182–183
for alternative component configurations, 177–179
declaring component types and implementations, 175–177
declaring modes and mode transitions, 174–175
dynamic reconfiguration of PBA system with, 51–53
properties associated with, 181–182
modes reserved word, in component implementation declaration, 122
Modes section
in AADL component declaration, 22–24
mode transition declaration in, 175
MTTF (Mean Time To Failure), 323
N
aliases for package and type references, 271–273
classifier, 264
subcomponent, 170
Next_Value, application runtime service, 420
none statement, empty component sections and, 290
Not_Collocated property, deployment property, 356–357
N-Version redundancy, 282
O
Object Constraint Language (OCL), 313
Object-orientation, modeling object-oriented method calls, 92–95
OCL (Object Constraint Language), 313
OMG (Object Management Group)
DDS (Data Distribution Service), 208, 437
model-based engineering and, 12–13
One-dimensional arrays, 227–228
Open Source AADL Tool Environment. see OSATE (Open Source AADL Tool Environment)
Operational states, modes for representing, 173
OSATE (Open Source AADL Tool Environment)
downloading, 28
flow latency analysis tool, 57
generating instance models with, 27
graphical and textual representation with, 29
handling of packages and property sets by, 26
reference to, 439
resource allocation and scheduling plug-in, 44, 47
system validation and generation tools, 322
out feature command, 227
description of, 188
port to port connections and, 195
Output_Rate, communication property, 388–389
Output_Time, communication property, 389
Overflow_Handling_Protocol, communication property, 385
P
Packages
in component declaration, 23–24
in design organization, 102–104
empty component sections and, 290
in model organization, 266–267
modeling source code structure and, 50
for naming and referencing model elements, 263–264
organizing component classifiers into, 114
referencing elements in, 269–271
structure of AADL models and, 25–26
Parameters
component feature categories, 118–121
for component interactions, 185
connections, 240
declaring connections for, 241–243
modeling subprogram parameters, 95–97
Passing by reference, pseudocode, 95–97
Patterns
abstract component and, 166
array connection patterns, 229–230
component libraries and, 69–72
redundancy patterns, 282
reference architectures, 72–75
PBA (powerboat autopilot) system
with abstract components, 58–61, 428
abstract flows and, 54
adding hardware components, 40–41, 67–68
adding runtime properties, 65–67
binding software to hardware, 43–45
component libraries and, 69–72
conceptual modeling, 58
conducting scheduling analyses, 45–47
defining physical connections, 41–43
detailing abstract implementations, 61–63
detailing control software, 38–40
developing simple model, 31–32
developing top-level model, 36–37
documenting source code and binary files, 48–49
documenting variable names, 49–50
dynamic reconfiguration of, 51–54
modeling source code structure, 50–51
overview of, 425
reference architectures and, 72–75
representing code artifacts, 47–48
summary, 47
transforming abstract representation into runtime representation, 63–65
PCI bus, 213
Period, timing property, 128, 378
Periodic threads, 129
Permanent storage, memory components and, 153
Persistent data store, for control data, 133
Physical connections, defining for PBA system, 41–43
Physical environment, logical interface with embedded application software, 7–8
Physical system components, modeling, 78–80
PIMs (platform independent models), 14–15
Platform independent models (PIMs), 14–15
Platform specific models (PSMs), 14–15
PMS (Processor Memory Switch), 12
Ports
aggregate data communication, 207–209
combining port-based communication with shared data communication, 203–206
component feature categories, 118–121
component interactions and, 185
constraints on port to port connections, 193–196
declaring port to port connections, 189
deterministic sampling of data streams between, 199–203
as interface, 188
properties of port to port connections, 207
sampled processing of data streams between, 198–199
timing port to port connections, 196–198
using port to port connections, 189–193
POSIX_Scheduling_Policy property, thread-related property, 365
Powerboat autopilot system. see PBA (powerboat autopilot) system
Predeclared properties, 291
Preemptive_Scheduler, deployment property, 362
Priority, thread-related property, 365
Priority_Map, deployment property, 363
Priority_Range, deployment property, 363
Private section, of packages, 266, 268
Process_Swap_Execution_Time, timing property, 381
Processes
in AADL, 11
defining components for PBA system, 33–34
description of, 127
detailing control software for PBA system, 39–40
properties of, 137
working with runtime software abstractions in AADL, 18
Processor Memory Switch (PMS), 12
Processors
communication support in execution platform, 80–81
constraints on, 150
defining execution characteristics, 45–46
description of, 147
modeling execution platform resources, 78–80
overview of, 148
properties of, 150
threads assigned to, 128
working with hardware in AADL, 18
Activate_Entrypoint, 398
Activate_Entrypoint_Call_Sequence, 398–399
Activate_Entrypoint_Source_Text, 399
Compute_Entrypoint_Call_Sequence, 400
Compute_Entrypoint_Source_Text, 400–401
Deactivate_Entrypoint, 401
Deactivate_Entrypoint_Call_Sequence, 401
Deactivate_Entrypoint_Source_Text, 402
Finalize_Entrypoint, 402
Finalize_Entrypoint_Call_Sequence, 402–403
Finalize_Entrypoint_Source_Text, 403
Hardware_Description_Source_Text, 407–408
Hardware_Source_Language, 408
Initialize_Entrypoint, 403
Initialize_Entrypoint_Call_Sequence, 403–404
Initialize_Entrypoint_Source_Text, 404
Recover_Entrypoint, 404
Recover_Entrypoint_Call_Sequence, 405
Recover_Entrypoint_Source_Text, 405
Source_Name, 406
Supported_Source_Language, 407
Data_Volume, 415
Max_Aadlinteger, 415
Max_Base_Address, 415
Max_Byte_Count, 417
Max_Memory_Size, 416
Max_Queue_Size, 416
Max_Target_Integer, 415
Max_Thread_Limit, 416
Max_Time, 416
Max_Urgency, 416
Max_Word_Space, 417
Size_Units, 417
Supported_Active_Thread_Handling_Protocols, 411
Supported_Classifier_Substitutions, 414
Supported_Concurrency_Control_Protocols, 412
Supported_Connection_Patterns, 411
Supported_Connection_QoS, 413
Supported_Dispatch_Protocols, 412
Supported_Distributions, 414
Supported_Hardware_Source_Languages, 413
Supported_Queue_Processing_Protocols, 412–413
Supported_Scheduling_Protocols, 413–414
Supported_Source_Languages, 414
Time_Units, 417
adding runtime properties, 65–67
in annotation of models, 289–292
assigning property values, 292–294
built-in property types, 306
bus properties, 157
communication properties. see communication properties
contained property associations, 299–300
of data components, 140
declaring bindings with, 257–259
declaring property constants, 311–312
declaring property sets, 304–305
declaring property types, 305–309
deployment properties. see deployment properties
description properties, 290
determining property values, 297–299
device, 161
example of determining property value, 300–302
list of AADL property types, 347–348
memory-related. see Memory-related properties
modeling properties. see Modeling properties
predeclared, 291
of processes, 137
of processors, 150
programming properties. see Programming properties
project-specific constants and property types. see Project properties
for source code documentation, 48
of subprogram groups, 146
of subprograms, 143
substitution in model organization, 287
system component, 165
of thread groups, 134
thread-related. see Thread-related properties
timing properties. see Timing properties
of virtual bus, 159
of virtual processor, 152
properties reserved word, in component implementation declaration, 122
Properties sections, in AADL component declaration, 22–24
Property associations
assigning property values, 292–293
Property sets
in AADL component declaration, 23–24
for naming and referencing elements, 266
structure of AADL models and, 25–26
prototype reserved word, in component implementation declaration, 122
Prototype_Substitution_Rule, modeling property, 287, 410
Prototypes
as classifier parameters, 280–281
libraries and archives and, 70
providing prototype actuals, 284–287
substitution rules, 287
Prototypes section, in AADL component declaration, 22–24
Provided_Connection_Quality_Of_Service, deployment property, 358–359
Provided_Virtual_Bus_Class, deployment property, 358
provides bus access feature, 81
provides data access feature, 137
provides subprogram access feature, 131, 232
Pseudocode, passing by reference, 95–97
PSMs (platform specific models), 14–15
Public section, of packages, 266, 268
Put_Value, application runtime service, 419
Q
Queue_Processing_Protocol, communication property, 385–386
Queue_Size, communication property, 386
R
Raise_Error, runtime executive service, 423
RAM (random access memory), 153. see also Memory
Rate monotonic (RM), types of scheduling policies, 44
RC META. see Rockwell Collins META toolset
Read_Time, memory-related property, 394–395
Read-only memory (ROM), 153. see also Memory
Real numeric values, property values, 296
Receive_Input, application runtime service, 419
Recover_Deadline, timing property, 379
Recover_Entrypoint, programming property, 404
Recover_Entrypoint_Call_Sequence, programming property, 405
Recover_Entrypoint_Source_Text, programming property, 405
Recover_Execution_Time, timing property, 379
Redundancy patterns, 282
abstract component and, 166
Reference_Processor, timing property, 381–382
References
aliases for package and type references, 271–273
classifier, 264
refined to
adding runtime properties, 66
declaring model refinements, 275–277
refining abstract features, 227
refining component categories, 280
Refinements, model
abstract feature refinement, 227
adding runtime properties, 66
classifier substitution rules for, 277–279
Reflective memory, 153
Release_Resource, runtime executive service, 422
Remote calls
declaring as access connections, 236–237
declaring as bindings, 234–236
remote subprogram call bindings, 260–262
renames statement
for visibility declarations, 268
Required_Connection, communication property, 386
Required_Connection_Quality_Of_Service, deployment property, 359
Required_Virtual_Bus_Class, deployment property, 358
requires bus access feature, 215
requires data access (this) option, 93, 131
Requires modes section, mode inheritance and, 175
requires modes statement
mode inheritance and, 180
using modes for alternative component configurations, 178
requires subprogram access feature, 233
Reserved words, list of, 348–349
Resources, supporting this book
modeling system architectures, 429–430
Resumption_Policy property, thread-related property, 368–369
RM (rate monotonic), types of scheduling policies, 44
extending OSATE, 320
reference to, 439
system validation and generation tools, 324
ROM (read-only memory), 153. see also Memory
Round-robin (RR), types of scheduling policies, 44
RR (round-robin), types of scheduling policies, 44
Runtime components
adding runtime properties, 65–67
defining components for PBA system, 34
transforming abstract representation into runtime representation, 63–65
Abort_Process, 424
Abort_Processor, 425
Abort_System, 425
Abort_Virtual_Processor, 425
Await_Result, 424
Current_System_Mode, 424
Get_Error_Code, 423
Get_Resource, 421
Raise_Error, 423
Release_Resource, 422
Set_System_Mode, 424
Stop_Process, 424
Stop_Processor, 425
Stop_System, 425
Stop_Virtual_Processor, 425
application runtime services. see Application runtime services
overview of, 418
runtime executive services. see Runtime executive services
Runtime states, of threads, 129–130
Runtime_Protection, thread-related property, 370
S
model analysis, 30
models, 19
software, hardware, and architectural descriptions and operations, 17–18
summary of AADL declarations, 22–24
textual and graphical representation, 27–29
Sampling communication
deterministic sampling of data streams between ports, 199–203
processing data streams between ports, 198–199
SAVI (System Architecture Virtual Integration), 320–323, 438
Scaling_Factor, timing property, 382
Scheduler_Quantum, timing property, 382
Scheduling analyses
conducting for PBA system, 45–47
types of scheduling policies, 44
Scheduling threads, 150
Scheduling_Protocol property, deployment property, 362
Send_Output, application runtime service, 418
Service requests
Set_System_Mode, runtime executive service, 424
Shared data exchange
combining port-based communication with, 203–206
Shortest job first (SJF), types of scheduling policies, 44
component models in, 14
component use in system architecture, 6
documenting source code and binary files, 48–49
extracting AADL models from Simulink models, 320
modeling source code structure and, 50
modeling subprogram calls, 88
overview of, 12
reference to, 435
system validation and generation tools, 323
Size_Units, project property, 417
SJF (shortest job first), types of scheduling policies, 44
Slot_Time, timing property, 383
constraints on data components, 140–141
constraints on processes, 137–138
constraints on subprogram groups, 146
constraints on subprograms, 144
constraints on thread groups, 134–135
constraints on threads, 132–133
data component instances and, 138
mapping to memory, 154
properties of data components, 140
properties of processes, 137
properties of subprogram groups, 146
properties of subprograms, 143
properties of thread groups, 134
properties of threads, 131–132
representation of data components, 138–140
representation of processes, 136–137
representation of subprogram groups, 145–146
representation of subprograms, 143
representation of thread groups, 133–134
representation of threads, 130–131
scheduling and executing with virtual processors, 151
system abstraction for composite that includes, 163
thread groups, 133
binding to hardware in PBA system model, 43–45
connection bindings, 260
declaring bindings with properties, 257–259
processor bindings, 259
remote subprogram call bindings, 260–262
Source code, documenting, 48–51
Source_Code_Size, memory-related property, 395
Source_Data_Size, memory-related property, 395
Source_Heap_Size, memory-related property, 395–396
Source_Language, programming property, 405–406
Source_Name, programming property, 406
Source_Stack_Size, memory-related property, 396
Source_Text, programming property, 406–407
Sporadic threads, 129
Startup_Deadline, timing property, 379–380
Startup_Execution_Time, timing property, 380
State, modes and, 174
State-based modeling language, 174
Static architecture, 169. see also Subcomponents
Stop_Process, runtime executive service, 424
Stop_Processor, runtime executive service, 425
Stop_System, runtime executive service, 425
Stop_Virtual_Processor, runtime executive service, 425
Subclauses. see Annex subclauses
in component hierarchy, 77
declaring, 170
modes for defining alternative configurations of, 177–179
overview of, 169
port to port connections and, 194
using subcomponent declarations, 170–172
subcomponents reserved word, in component implementation declaration, 122
Sublanguages. see Annex sublanguages
Subprogram calls, modeling, 142
Subprogram groups
constraints on, 146
description of, 127
properties of, 146
Subprogram_Call_Rate, communication property, 389
Subprogram_Call_Type, thread-related property, 371
Subprograms
calls, access, and instances, 231–233
for component interactions, 186
constraints on, 144
declaring calls and call sequences, 233–234
declaring remote calls as access connections, 236–237
declaring remote calls as bindings, 234–236
description of, 127
modeling local service requests or function invocation, 87–89
modeling object-oriented method calls, 92–95
modeling remote service requests or function invocation, 90–92
modeling subprogram instances, 237–240
modeling subprogram parameters, 95–97
properties of, 143
remote subprogram call bindings, 260–262
representation of, 143
symbol representing subprogram calls, 242
Subset rule, using with feature groups, 224–225
Substitution rules
prototypes, 287
Supported_Active_Thread_Handling_Protocols, project property, 411
Supported_Classifier_Substitutions, project property, 414
Supported_Concurrency_Control_Protocols, project property, 412
Supported_Connection_Patterns, project property, 411
Supported_Connection_QoS, project property, 413
Supported_Dispatch_Protocols, project property, 412
Supported_Distributions, project property, 414
Supported_Hardware_Source_Languages, project property, 413
Supported_Queue_Processing_Protocols, project property, 412–413
Supported_Scheduling_Protocols, project property, 413–414
Supported_Source_Language, programming property, 407
Supported_Source_Languages, project property, 414
Synchronized_Component, thread-related property, 371
Syntax, AADL language, 20–21, 327–342
SysML (System Modeling Language)
component use in system architecture, 6
model creation tools, 320
OMG initiatives in model-based engineering, 12–14
reference to, 438
System architecture
component use in, 6
System Architecture Virtual Integration (SAVI), 320, 321–323, 438
overview of, 163
properties of, 165
representation of, 164
system abstraction for composite that includes, 163
communication support in execution platform, 80–81
creating system instance model, 81
modeling execution platform resources, 78–80
overview of, 77
system hierarchy in, 81
working with connections in system instance model, 82–83
working with system instance model, 83–84
System engineering, 13
System flows. see Flows
System hierarchy, 81
overview of, 26
System Modeling Language. see SysML (System Modeling Language)
Systems, dynamic reconfiguration of, 51–54
Systems and Software Engineering-Architecture Descriptions (IEEE 42010), 5, 439
T
TASTE (The ASSERT Set of Tools for Engineering), 320, 324, 438
Templates, abstract component and, 166
Textual languages, AADL as, 11
Textual representation
of abstract components, 167
comments included in, 289
of models, 317
of parameters, 243
of subprograms, 143
of system components, 164
of threads, 130
of virtual processors, 151–152
The ASSERT Set of Tools for Engineering (TASTE), 320, 324, 438
Thread groups
description of, 127
overview of, 133
properties of, 134
Thread_Limit property, deployment property, 363
Thread_Swap_Execution_Time, timing property, 382–383
Active_Thread_Handling_Protocol property, 369
Active_Thread_Queue_Handling_Protocol property, 370
Concurrency_Control_Protocol property, 366
Criticality property, 366
Deactivation_Policy property, 370
Dequeue_Protocol property, 367–368
Dequeued_Items property, 368
Dispatch_Able property, 367
Dispatch_Protocol property, 364
Dispatch_Trigger property, 364
Mode_Transition_Response property, 368–369
POSIX_Scheduling_Policy property, 365
Priority property, 365
Resumption_Policy property, 368–369
Runtime_Protection property, 370
Subprogram_Call_Type property, 371
Synchronized_Component property, 371
Time_Slot property, 366
Urgency property, 367
Threads
in AADL, 11
binding software to hardware in PBA system model, 44
defining execution characteristics, 45–46
describing behavior using BAnnex, 232
description of, 127
detailing control software for PBA system, 38–39
deterministic sampling of data streams between ports, 199–203
mapping software to execution platform, 81
modeling directional exchange of data and control, 85–86
port communication timing and, 196–197
port to port connections and, 192–193
properties of, 131–132, 364–371
sampled processing of data streams between ports, 198–199
scheduling, 150
virtual processors representing, 152
working with connections in system instance model, 82–83
working with runtime software abstractions in AADL, 18
Time_Slot property, thread-related property, 366
Time_Units, project property, 417
Timed threads, 129
Time-deterministic data exchange, 85
Timing, communication property, 386–387
Activate_Deadline, 372
Activate_Execution_Time, 372
Client_Subprogram_Execution_Time, 374
Clock_Jitter, 380
Clock_Period_Range, 381
Compute_Execution_Time, 373
Deactivate_Deadline, 374
Deactivate_Execution_Time, 374–375
Deadline, 375
Dispatch_Offset, 376
Execution_Time, 376
Finalize_Deadline, 376
Finalize_Execution_Time:Time, 377
First_Dispatch_Time, 375
Frame_Period, 383
Initialize_Deadline, 377
Initialize_Execution_Time, 377
Load_Deadline, 378
Load_Time, 378
Period, 378
Process_Swap_Execution_Time, 381
Recover_Deadline, 379
Recover_Execution_Time, 379
Scaling_Factor, 382
Scheduler_Quantum, 382
Slot_Time, 383
Startup_Execution_Time, 380
Thread_Swap_Execution_Time, 382–383
Transmission_Time, communication property, 390
Transmission_Type, communication property, 387
U
UML (Unified Modeling Language)
AADL used with MDA and UML, 14–15
component use in system architecture, 6
MARTE (Modeling and Analysis of Real-time and Embedded Systems), 12
model creation tools, 320
OMG initiatives in model-based engineering, 12–13
reference to, 438
Updated, application runtime service, 421
Urgency, thread-related property, 367
USB bus, communicating with camera via, 157
User interface, OSATE, 317–318
V
Validation
of system architecture, 321–322
Values
assigning property values, 292–294
example of determining property value, 300–302
rules for determining property values, 297–299
summary of property values, 294–296
Variables
VHDL (VHSIC Hardware Description Language), 12, 14
VHSICs (Very High Speed Integrated Circuits), 12
Virtual bus
constraints on, 159
description of, 147
overview of, 158
properties of, 159
Virtual channels, virtual bus representing, 158
Virtual processors
description of, 147
overview of, 151
properties of, 152
threads assigned to, 128
W
W3C 04, 438
with statement
accessing property sets, 304
for visibility declarations, 268
Word_Size, memory-related property, 396–397
Word_Space, memory-related property, 397
Write_Time, memory-related property, 397
X
XMI (XML interchange)
format specification for AADL, 317
included in AADL standard, 12