Model-Based Design and Automated Validation of ARINC653 Architectures Using the AADL
Safety-Critical Systems as used in avionics systems are now extremely software-reliant. As these systems are life- or mission-critical, software must be carefully designed and certified according to stringent standards. One typical pitfall of corresponding development project is the late detection of safety issues or bugs at integration time that impose to redo development steps. Model-Based Engineering aims at capturing system concerns with specific notations and use models to drive the development process through all its phases—design, validation, implementation and ultimately, certification. Through a single consistent notation, such an approach would avoid undefined assumptions and traditional hurdles due to informal, text-based, specifications. In this chapter, we present recent contributions we pushed forward in the AADL architecture description language for the design and validation of Integrated Modular Avionics systems. First, we review modeling patterns to support abstractions for Integrated Modular Avionics systems. We then introduce capabilities to check all ARINC653 patterns are enforced at model-level. In addition, we review error modeling and safety analysis capabilities towards the production of safety reports conforming to ARP4761 recommendations, along with code generation strategies to map model elements to code. All these contributions are integrated in one uniform modeling process based on the AADL.
KeywordsAADL EMV2 Safety analysis Code generation ARINC653
Copyright 2016 Carnegie Mellon University. This material is based upon work funded and supported by the Department of Defense under Contract No. FA8721-05-C-0003 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center.
No warranty. This Carnegie Mellon University and Software Engineering Institute Material is furnished on an as-is basis. Carnegie Mellon University makes no warranties of any kind, either expressed or implied, as to any matter including, but not limited to, warranty of fitness for purpose or merchantability, exclusivity, or results obtained from use of the material. Carnegie Mellon University does not make any warranty of any kind with respect to freedom from patent, trademark, or copyright infringement.
[Distribution Statement A] This material has been approved for public release and unlimited distribution. Please see Copyright notice for non-US Government use and distribution.
- 1.Airlines Electronic Engineering, Avionics application software standard interface—ARINC653. Technical Report (ARINC—Aeronautical Radio, Inc., 1997)Google Scholar
- 2.ATSB Transport Safety Investigation Report, In-flight upset event 240 km north-west of Perth, WA Boeing Company 777-200, 9M-MRG. Technical Report Aviation Occurrence Report 200503722 (ATSB, 2005)Google Scholar
- 4.J. Cabot, R. Clarisó, UML/OCL verification in practice, in ChaMDE 2008 Workshop Proceedings: International Workshop on Challenges in Model-Driven Software Engineering (2008), pp. 31–35Google Scholar
- 5.Carnegie Mellon Software Engineering Institute: OSATE—Open Source AADL Tool Environment. Technical report (2016), http://www.aadl.info
- 6.R.N. Charette, This car runs on code, in IEEE Spectrum, Feb 2009Google Scholar
- 7.B. Clark, R. Madachy, Software Cost Estimation Metrics Manual for Defense Systems (Software Metrics Inc., Haymarket, 2015)Google Scholar
- 9.J. Delange, P. Feiler, D. Gluch, J.J. Hudak, AADL fault modeling and analysis within an ARP4761 safety assessment. Technical Report (2014)Google Scholar
- 10.J. Delange, P.H. Feiler, Architecture fault modeling with the AADL error-model annex, in 40th EUROMICRO Conference on Software Engineering and Advanced Applications, EUROMICRO-SEAA 2014, Verona, Italy, 27–29 Aug 2014 (2014), pp. 361–368Google Scholar
- 11.J. Delange, P.H. Feiler, Incremental latency analysis of heterogeneous cyber-physical systems, in Proceedings of 3rd IEEE International Workshop on Real-Time and Distributed Computing in Emerging Applications, REACTION 2014, Rome, Italy, 2 Dec 2014 (2014)Google Scholar
- 13.E. Denney, G. Pai, J. Pohl., Advocate: an assurance case automation toolset, in Proceedings of the 2012 International Conference on Computer Safety, Reliability, and Security, SAFECOMP 2012 (Springer, Berlin, Heidelberg, 2012), pp. 8–21Google Scholar
- 14.R. Frana, J.-P. Bodeveix, M. Filali, J.-F. Rolland., The AADL behaviour annex – experiments and roadmap, in Engineering Complex Computer Systems (2007), pp. 377–382Google Scholar
- 15.A. Gacek, J. Backes, D. Cofer, K. Slind, M. Whalen, Resolute: an assurance case language for architecture models, in Proceedings of the 2014 ACM SIGAda Annual Conference on High Integrity Language Technology (ACM, 2014), pp. 19–28Google Scholar
- 16.C. Hagen, J. Sorensen, Delivering military software affordably, in Defense AT&L (2013), pp. 30–34Google Scholar
- 17.A.V. Khoroshilov, I. Koverninskiy, A. Petrenko, A. Ugnenko, Integrating AADL-based tool chain into existing industrial processes, in ICECCS (2011), pp. 367–371Google Scholar
- 18.N. Mahadevan, A. Dubey, G. Karsai, A case study on the application of software health management techniques. ISIS-11-101, Jan 2011 (2011)Google Scholar
- 19.Military Aerospace, DO-178C nears finish line with credit for modern tools and technologies, May 2010Google Scholar
- 20.OMG, UML 2.0 Specification (Object Management Group, Final Adopted Specification, 2005)Google Scholar
- 21.SAE International, AS5506B—Architecture Analysis and Design Language (AADL), Sept 2012Google Scholar
- 22.SAE International, AS55061/A—SAE Architecture Analysis and Design Language (AADL) Annex Volume 1, Oct 2015Google Scholar
- 23.B. Zalila, I. Hamid, J. Hugues, L. Pautet, Generating distributed high integrity applications from their architectural descriptionGoogle Scholar