STOOD AADL 1 and UML 2 Tony Elliston

STOOD – AADL 1 and UML 2 Tony Elliston SIGADA Atlanta Nov 2005

TNI Software Ellidiss Technologies Ellidiss Software www. ellidiss. com

STOOD • ‘State of the Art’ software modeling tool • Already deployed & supported on many critical projects (DO-178 B, ECSS-E 40, MIL-STD-498) • UML 2. 0 front end & AADL 1. 0 plug-in

AADL Architecture Analysis and Design Language • A textual notation • A graphical notation Data. Manager. File. Storage 20 store: file: acquire: • Ideal fit for critical system and software: DO-178 B ECSS-E 40 MIL-STD- 498. . .

AADL • Architecture Analysis & Design Language – new SAE standard – manages System and SW components – supports Real-Time and SW to HW binding – may carry non functional properties • Can be used as: – output for the System Design process – input for the Software design process Add such an output to System process to formalise System specification for SW

Using the AADL for critical SW development • AADL for Real Time System Modeling • combined HW & SW descriptions • explicit Real-Time constructs • use language extensions for specific domains • AADL specification as a blueprint for Software architecture • reduce the gap between System & Software • while preserving the benefits of current practices • and enforcing reuse of Components at high level • AADL as a communication language throughout the development process

Software Development software requirements system specification (AADL) reusable software SW design documentation source code SW design verification Use the System design model as a blueprint for SW architectural design

Recommendations for software methods and tools • Model based for better flexibility – as opposed to code based – more semantics: real-time abstractions, multilanguage, . . . – formal transformations (code generation, . . . ) • Component based to manage complexity – interfaces to control interactions – composition hierarchy to control the architecture – avoids "spaghetti-ware" • Strong methodological support – naming rules, visibility rules, . . . – to encourage effort at the early stages of the life cycle Need for hierarchical component based method and tool

STOOD 5 • AADL compliant commercial tool • well defined step-by-step modeling process: – – – capture of functional and non-functional requirements graphical design of the architecture (UML 2. 0 -HOOD-AADL) multi-language detailed design and coding (Ada, C, C++, . . . ) static design verifications code and documentation generators reverse engineering (i. e. Ada -> AADL) • ready for industrial projects: – multi-users, configuration management, requirements traceability – Unix-Windows interoperability – Complies with process standards: DO-178 B, ECSS-E 40, MIL-STD-498 Already in use in many large scale critical projects (including A 380)

inp GUI Data. Base model transformation plugins interchange AADL XML/SIF Conf. Management ut outp SW Requirements ---------Ada legacy code C legacy code ut STOOD 5 overview Req. Traceability Verification reports ---------Source files: -Ada 95 -Ada Ravenscar - C/C++ ---------Documentation: - Post. Script - PDF - Word - Frame. Maker - HTML kernel

AADL Model Transformations www. tni-world. com

Model transformations Generation Predicates transform ation engine AADL Generation Rules Stood analyser Stood Plugins Reverse Rules Stood Components repository SIF file transform ation engine Reverse Predicates AADL components repository

Use Case 1 AADL Modeler Stood AADL

Use case 1 AADL Modeler • UML 2. 0 structure diagrams front end • HOOD design rules: – visibility rules – information hiding (i. e. for ports) – immediate C, Ada, . . . and doc generation • AADL 1. 0 generator • AADL 1. 0 semantics checker • AADL 1. 0 code generation rules

Use case 2 "bridging the gap" AADL Stood Code

Use case 2 "bridging the gap" • using AADL as a System to Software bridger • importing AADL 1. 0 specifications – to be developed with other AADL compliant tools – preserving the System architecture • standard Software development process – SW architectural design refinement – SW detailed design and documentation – SW coding and round-trip engineering • using the AADL output again for V&V – checking System to Software compliancy – connecting to external Verification tools (i. e. Cheddar) – implementing the COTRE annex

Use case 3 reusing legacy systems Code Stood AADL

Use case 3 Reusing legacy systems • a three steps process: – Ada or C legacy code reverse engineering – architecture adjustments at SW design level – AADL generator • benefits: – let existing source code components be made visible for new systems at high level – building non proprietary format component libraries – facilitating reuse of specialized building blocks

STOOD 5 State of the Art approach • promotes Model Driven Engineering: « designing before coding » - advanced modeling solution - model transformations • promotes Component Based Architectures to ease: - team development - reuse - testing - maintenance • promotes Flexible Software Design practices: - incremental documentation - incremental coding and round-trip engineering - incremental requirements traceability - extensive tool customization capabilities

R&D • Software method projects • STOOD is used on many projects • Involved with Universities and colleges • Special offers for Academia

QSEE-Superlite • Integrated Meta-modeling environment • Supports many modeling techniques • UML, DFDs, ERDs, XML Schema models • Syntactic and Semantic rule enforcement • Code generation • Ideal for academia – low cost deal

Conclusion • AADL 1. 0 & UML 2. 0 compliant version of Stood 5. 0 is NOW available for industrial use • Download it: www. tni-world. com