Abstract
Developing and assuring safety- and security-critical real-time embedded systems is a challenging endeavor that requires many activities applied at multiple levels of abstraction. For these activities to be effective and trustworthy, they must be grounded in a common understanding of the system architecture and behavior.
We believe that these activities are best addressed in a unified framework of modeling and programming that enables developers, analysts, and auditors to freely move up and down layers of abstraction, shifting their viewpoints to suit the activities at hand, while maintaining strong traceability across the different layers and views. In this approach, the distinction between “models”, “specifications”, and “programs” is often blurred.
In this paper, we summarize an architecture-centric approach to critical system development and assurance that emphasizes the use of formally specified architectures as the “scaffolding” through which many different activities are organized and synchronized. We provide examples of: (a) analyses, behavioral constraints, and implementations, (b) important abstraction transitions, and (c) key traceability relationships within the framework. We discuss how these features are being used to develop systems on time and space partitioned execution and communication platforms for systems in the medical domain. We use an open-source medical device that we are developing – Patient-Controlled Analgesic (PCA) infusion pump as a concrete example.
This work is sponsored in part by US National Science Foundation Food and Drug Administration Scholar-in-Residence program (CNS 1238431, 1355778, 1446544, 1565544), the Department of Homeland Security (DHS) Science and Technology Directorate, Homeland Security Advanced Research Projects Agency (HSARPA), Cyber Security Division (DHS S&T/HSARPA/CDS) BAA HSHQDC- 14-R-B0005, the Government of Israel and the National Cyber Bureau in the Government of Israel via contract number D16PC00057.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Note that the breadth of AADL descriptions is much greater than CORBA IDL’s.
References
Amtoft, T., et al.: A certificate infrastructure for machine-checked proofs of conditional information flow. In: Degano, P., Guttman, J.D. (eds.) POST 2012. LNCS, vol. 7215, pp. 369–389. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28641-4_20
Amyot, D.: jUCMNav - Eclipse Plugin for the User Requirements Notation (2018). http://jucmnav.softwareengineering.ca/foswiki/ProjetSEG/WebHome
AVSI: System Architecture Virtual Integration (SAVI) Initiative (2012). https://wiki.sei.cmu.edu/aadl/index.php/Projects_and_Initiatives#AVSI_SAVI
Booch, G., Rumbaugh, J., Jacobson, I.: The Unified Modeling Language User Guide, 2nd edn. Addison-Wesley, Boston (2005)
Joint Commission: Preventing patient-controlled analgesia overdose. Joint Commission Perspectives on Patient Safety, p. 11, October 2005
US FDA Infusion Pump Improvement Initiative, April 2010
Feiler, P., Gluch, D.: Model-based engineering with AADL. In: An Introduction to the SAE Architecture Analysis and Design Language. Addison-Wesley, Boston (2013)
Feiler, P.H., Hansson, J., de Niz, D., Wrage, L.: System architecture virtual integration: an industrial case study. Technical Report CMU/SEI-2009-TR-017, CMU (2009)
Harp, S., Carpenter, T., Hatcliff, J.: A reference architecture for secure medical devices. Biomed. Instrum. Technol., September 2018. Association for the Advancement of Medical Instrumentation (AAMI)
Hatcliff, J., Vasserman, E.Y., Carpenter, T., Whillock, R.: Challenges of distributed risk management for medical application platforms. In: 2018 IEEE Symposium on Product Compliance Engineering (ISPCE), pp. 1–14, May 2018
Hatcliff, J., Larson, B., Carpenter, T., Jones, P., Zhang, Y., Jorgens, J.: The open PCA pump project: an exemplar open source medical device as a community resource. In: Proceedings of the 2018 Medical Cyber-Physical Systems (MedCPS) Workshop (2018)
Hatcliff, J., Leavens, G.T., Leino, K.R.M., Müller, P., Parkinson, M.: Behavioral interface specification languages. ACM Comput. Surv. 44(3), 16:1–16:58 (2012)
Hatcliff, J., Wassyng, A., Kelly, T., Comar, C., Jones, P.L.: Certifiably safe software-dependent systems: challenges and directions. In: Proceedings of the on Future of Software Engineering (ICSE FOSE), pp. 182–200 (2014)
Hicks, R.W., Sikirica, V., Nelson, W., Schein, J.R., Cousins, D.D.: Medication errors involving patient-controlled analgesia. Am. J. Health-Syst. Pharm. 65(5), 429–440 (2008)
SAE International: SAE AS5506/1, AADL Annex E: Error Model Annex. SAE International (2015). http://www.sae.org
SAE International: SAE AS5506 Rev. C Architecture Analysis and Design Language (AADL). SAE International (2017). http://www.sae.org
Larson, B., Hatcliff, J., Fowler, K., Delange, J.: Illustrating the AADL error modeling annex (v.2) using a simple safety-critical medical device. In: Proceedings of the 2013 ACM SIGAda Annual Conference on High Integrity Language Technology, HILT 2013, pp. 65–84. ACM, New York (2013)
Larson, B.: Behavior language for embedded systems with software (BLESS). http://bless.santoslab.org
Larson, B.R., Chalin, P., Hatcliff, J.: BLESS: formal specification and verification of behaviors for embedded systems with software. In: Brat, G., Rungta, N., Venet, A. (eds.) NFM 2013. LNCS, vol. 7871, pp. 276–290. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38088-4_19
Larson, B., Jones, P., Zhang, Y., Hatcliff, J.: Principles and benefits of explicitly designed medical device safety architecture. Biomed. Instrum. Technol., September 2018. Association for the Advancement of Medical Instrumentation (AAMI)
Larson, B.R., Hatcliff, J., Chalin, P.: Open source patient-controlled analgesic pump requirements documentation. In: Proceedings of the 5th International Workshop on Software Engineering in Health Care, pp. 28–34. IEEE, Piscataway (2013)
Lasnier, G., Zalila, B., Pautet, L., Hugues, J.: Ocarina: An environment for AADL models analysis and automatic code generation for high integrity applications. In: Kordon, F., Kermarrec, Y. (eds.) Ada-Europe 2009. LNCS, vol. 5570, pp. 237–250. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01924-1_17
Lempia, D., Miller, S.: Requirement engineering management handbook. Technical Report DOT/FAA/AR-08/32, US Federal Aviation Administration (2009)
Medvidovic, N., Taylor, R.N.: A classification and comparison framework for software architecture description languages. IEEE Trans. Softw. Eng. 26(1), 70–93 (2000)
Gdansk University of Technology: NOR-STA: Support for achieving and assessing conformance to norms and standards (2018). http://www.nor-sta.eu/en
Procter, S., Hatcliff, J.: An architecturally-integrated, systems-based hazard analysis for medical applications. In: 2014 Twelfth ACM/IEEE International Conference on Formal Methods and Models for Codesign (MEMOCODE), pp. 124–133. IEEE (2014)
Ranganath, V.P., Hatcliff, J.: Pruning interference and ready dependence for slicing concurrent java programs. In: Duesterwald, E. (ed.) CC 2004. LNCS, vol. 2985, pp. 39–56. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24723-4_4
Ranganath, V.P., Hatcliff, J.: Slicing concurrent Java programs using Indus and Kaveri. Int. J. Softw. Tools Technol. Transf. 9(5), 489–504 (2007)
Ray, A., Cleaveland, R.: Architectural interaction diagrams: Aids for system modeling. In: Proceedings of the 25th International Conference on Software Engineering, ICSE 2003, pp. 396–406 (2003)
SAE International: SAE AS5506/2. Architecture Analysis & Design Language (AADL) Annex, vol. 2 (2011)
Thiagarajan, H., Hatcliff, J., Belt, J., Robby, R.: Bakar Alir: supporting developers in construction of information flow contracts in SPARK. In: 2012 IEEE 12th International Working Conference on Source Code Analysis and Manipulation, pp. 132–137 (2012)
Kansas State University: Open PCA pump project (2018). http://openpcapump.santoslab.org
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Hatcliff, J., Larson, B.R., Belt, J., Robby, Zhang, Y. (2018). A Unified Approach for Modeling, Developing, and Assuring Critical Systems. In: Margaria, T., Steffen, B. (eds) Leveraging Applications of Formal Methods, Verification and Validation. Modeling. ISoLA 2018. Lecture Notes in Computer Science(), vol 11244. Springer, Cham. https://doi.org/10.1007/978-3-030-03418-4_14
Download citation
DOI: https://doi.org/10.1007/978-3-030-03418-4_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-03417-7
Online ISBN: 978-3-030-03418-4
eBook Packages: Computer ScienceComputer Science (R0)