Skip to main content

Awas: AADL information flow and error propagation analysis framework


The continued maturation of industry standard architecture description languages is providing a foundation for more sophisticated analyses earlier in the system engineering process. The Architecture Analysis and Design Language (AADL) and its supporting annotation sub-languages provide the ability to model system hardware/software components as well as information flows within the system. Such flows include conventional notions of data/control flows, security-oriented information flows, and fault/error propagation paths supported by the AADL Error Modeling Annex (EMv2)—all of which are central to engineering safety/security-critical systems. In this paper, we describe Awas-an open-source framework for reachability analysis on AADL models annotated with flow annotations at varying degrees of detail. The framework provides highly scalable interactive flow visualizations with dynamic querying capabilities. To assist the user, we provide a simple domain-specific language to check safety and security properties. To evaluate Awas, we apply it to a collection of industrial models of safety/security-critical systems from the medical and avionics domains.

This is a preview of subscription content, access via your institution.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14


  1. 1.

    Awas means “caution” in Indonesian.

  2. 2.

    The simple UAS is adapted from an example used by the Collins Aerospace team on DARPA Cyber-Assured Systems Engineering (CASE) project—the authors are part of the Collins team on DARPA CASE.


  1. 1.

    Carpenter T, Hatcliff J, Vasserman EY (2017) A reference separation architecture for mixed-criticality medical and IOT devices. In: Proceedings of the ACM workshop on the internet of safe things (SafeThings). ACM

  2. 2.

    Delange J, Feiler P (2014) Architecture fault modeling with the AADL error-model annex. In: 2014 40th EUROMICRO conference on software engineering and advanced applications. IEEE, pp 361–368

  3. 3.

    Falessi D, Nejati S, Sabetzadeh M, Briand L, Messina A (2011) Safeslice: a model slicing and design safety inspection tool for sysml. In: Proceedings of the 19th ACM SIGSOFT symposium and the 13th European conference on Foundations of software engineering, pp 460–463

  4. 4.

    Gacek A, Backes J, Cofer D, Slind K, Whalen M (2014) Resolute: an assurance case language for architecture models. ACM SIGAda Ada Lett 34(3):19–28

    Article  Google Scholar 

  5. 5.

    Hatcliff J, Larson B, Carpenter T, Jones P, Zhang Y, Jorgens J (2019) The open PCA pump project: an exemplar open source medical device as a community resource. SIGBED Rev. pp 8–13

  6. 6.

    Hatcliff J, Wassyng A, Kelly T, Comar C, Jones PL (2014) Certifiably safe software-dependent systems: challenges and directions. In: Proceedings of the on future of software engineering (ICSE FOSE), pp 182–200 (2014)

  7. 7.

    Herrera D, Chen H, Lavoie E, Hendren L (2018) Webassembly and javascript challenge: numerical program performance using modern browser technologies and devices. Technical report. Technical report SABLE-TR-2018-2. Montréal, Québec, Canada

  8. 8.

    Horwitz S, Reps T, Binkley D (1990) Interprocedural slicing using dependence graphs. ACM Trans Program Lang Syst (TOPLAS) 12(1):26–60

    Article  Google Scholar 

  9. 9.

    Jackson D, Rollins EJ (1994) Chopping: a generalization of slicing. Carnegie-Mellon Univ pittsburgh pa Dept of Computer Science. Technical report

  10. 10.

    Kildall GA (1973) A unified approach to global program optimization. In: Proceedings of the 1st annual ACM SIGACT-SIGPLAN symposium on principles of programming languages. ACM, pp 194–206

  11. 11.

    Larson B, Chalin P, Hatcliff J (2013) BLESS: formal specification and verification of behaviors for embedded systems with software. In: Proceedings of the 2013 NASA formal methods conference. Lecture notes in computer science, vol 7871. Springer, pp 276–290

  12. 12.

    Larson B, Hatcliff J, Fowler K, Delange J (2013) Illustrating the AADL error modeling annex (v.2) using a simple safety-critical medical device. ACM SIGAda Ada Lett 33(3):65–84

    Article  Google Scholar 

  13. 13.

    Larson B, Jones P, Zhang Y, Hatcliff J (2017) Principles and benefits of explicitly designed medical device safety architecture. Biomed Inst Technol 51(5):380–389

    Article  Google Scholar 

  14. 14.

    Ranganath VP, Hatcliff J (2007) Slicing concurrent java programs using Indus and Kaveri. STTT 9(5–6):489–504

    Article  Google Scholar 

  15. 15.

    Rasmussen S, Kingston D, Humphrey LR (2018) A brief introduction to unmanned systems autonomy services (UXAS). In: 2018 international conference on unmanned aircraft systems (ICUAS), pp 257–268

  16. 16.

    Reps T, Horwitz S, Sagiv M (1995) Precise interprocedural dataflow analysis via graph reachability. In: Proceedings of the 22nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages. ACM, pp 49–61

  17. 17.

    Roudier Y, Apvrille L (2015) Sysml-sec: a model driven approach for designing safe and secure systems. In: 2015 3rd international conference on model-driven engineering and software development (MODELSWARD). IEEE, pp 655–664

  18. 18.

    SAE AS-2C architecture description language subcommittee: SAE architecture analysis and design language (AADL) annex volume 3: annex E: error model language. Technical report, SAE Aerospace

  19. 19.

    Thiagarajan H, Hatcliff J. Awas user documentation.

  20. 20.

    Thiagarajan H, Hatcliff J, Belt J, Robby (2012) Bakar Alir: supporting developers in construction of information flow contracts in SPARK. In: 2012 IEEE 12th international working conference on source code analysis and manipulation, pp 132–137

  21. 21.

    Thiagarajan H, Larson B, Hatcliff J, Zhang Y (2020) Model-based risk analysis for an open-source PCA pump using AADL error modeling. In: Proceedings of the international conference on model-based safety analysis (2020)

  22. 22.

    Wallace M (2005) Modular architectural representation and analysis of fault propagation and transformation. Electron Notes Theor Comput Sci 141(3):53–71

    Article  Google Scholar 

  23. 23.

    Weiser M (1981) Program slicing. In: Proceedings of the 5th international conference on Software engineering. IEEE Press, pp 439–449

Download references

Author information



Corresponding author

Correspondence to Hariharan Thiagarajan.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

This work is supported in part by the US Army, by the DARPA CASE program, and by Software Engineering Institute.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Thiagarajan, H., Hatcliff, J. & Robby Awas: AADL information flow and error propagation analysis framework. Innovations Syst Softw Eng (2021).

Download citation


  • Dependence analysis
  • Reachability analysis
  • Unmanned aerial vehicle
  • Model visualization
  • Error propagation
  • AADL
  • EMv2
  • Domain-specific query language