Abstract
This paper describes the High-Assurance Model-based Rapid engineering for embedded systems (HAMR) tool-kit that generates high-assurance software from standards-based system architecture models for embedded cyber-physical systems. HAMR’s computational model is based on standardized run-time services and communication models that together provide an abstract platform-independent realization which can be instantiated by back-end translations for different platforms. HAMR currently targets multiple platforms, including rapid prototyping targets such as Java Virtual Machines, Linux, as well as the formally verified seL4 space partitioned micro-kernel.
HAMR bridges the gap between architecture models and the system implementation by generating high assurance infrastructure components that satisfy the requirements specified in the model and preserving rigorous execution semantics. Based on the architecture model, including the components, their interfaces, run-time performance properties, and inter-component connections, the HAMR-generated code creates Application Programming Interfaces that provide developer-centric ease-of-use, as well as support automated verification.
HAMR currently interprets architecture models captured in the Architecture Analysis and Design Language (AADL). AADL is a rigorous standardized modeling language that has proven useful in the development of high assurance embedded systems. We describe using HAMR for building applications from safety and security-critical domains such as medical devices and avionics mission-systems.
Work supported in part by the US DARPA, US Air Force Research Lab, US Army, and the Software Engineering Institute.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Source code and supporting documentation available at https://github.com/santoslab/isola21-hamr-case-studies.
- 2.
The compute code shown above deviates from the AADL standard description slightly in that the for loop processes one queued message on each incoming event port. An alternate implementation aligned with the standard is available that only processes a single event and then releases its output and yields.
References
SAE Architecture Analysis and Design Language (AADL) Annex Volume 2: Annex B: Data Modeling AnnexAnnex D: Behavior Model AnnexAnnex F: ARINC653 Annex
Aerospace Vehicle Systems Institute: motivation for advancing the system architecture virtual integration program (2020). https://savi.avsi.aero/about-savi/savi-motivation/
AVSI: System Architecture Virtual Integration (SAVI) Initiative (2012)
Borde, E., Rahmoun, S., Cadoret, F., Pautet, L., Singhoff, F., Dissaux, P.: Architecture models refinement for fine grain timing analysis of embedded systems. In: 2014 25nd IEEE International Symposium on Rapid System Prototyping, pp. 44–50 (2014)
Burns, A., Wellings, A.: Analysable Real-Time Systems: Programmed in Ada. CreateSpace (2016)
Carpenter, T., Hatcliff, J., Vasserman, E.Y.: A reference separation architecture for mixed-criticality medical and IOT devices. In: Proceedings of the ACM Workshop on the Internet of Safe Things (SafeThings). ACM, November 2017
Cofer, D., et al.: A formal approach to constructing secure air vehicle software. Computer 51, 14–23 (2018). https://doi.org/10.1109/MC.2018.2876051
Feiler, P.H., Gluch, D.P.: Model-Based Engineering with AADL: An Introduction to the SAE Architecture Analysis & Design Language. Addison-Wesley, New York (2013)
Hatcliff, J., Larson, B., Carpenter, T., Jones, P., Zhang, Y., Jorgens, J.: The open PCA pump project: an exemplar open source medical device as a community resource. SIGBED Rev. 16(2), 8–13 (2019)
International, S.: SAE AS5506 Rev. C Architecture Analysis and Design Language (AADL). SAE International (2017)
Kuz, I., Liu, Y., Gorton, I., Heiser, G.: CAmkES: a component model for secure microkernel-based embedded systems. J. Syst. Softw. 80(5), 687–699 (2007)
Lasnier, G., Zalila, B., Pautet, L., Hugues, J.: Ocarina: an environment for AADL models analysis and automatic code generation for high integrity applications. In: Kordon, F., Kermarrec, Y. (eds.) Ada-Europe 2009. LNCS, vol. 5570, pp. 237–250. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01924-1_17
NICTA, Dynamics, G.: sel4 microkernel (2015). sel4.systems
Rushby, J.: The design and verification of secure systems. In: 8th ACM Symposium on Operating Systems Principles, vol. 15(5), pp. 12–21 (1981)
West, A.: Nasa study on flight software complexity, March 2009. https://www.nasa.gov/pdf/418878main_FSWC_Final_Report.pdf
Zalila, B., Pautet, L., Hugues, J.: Towards automatic middleware generation. In: 11th IEEE International Symposium on Object-Oriented Real-Time Distributed Computing (ISORC 2008), pp. 221–228 (2008)
Sireum Awas website. https://awas.sireum.org
DARPA CASE Vagrant. https://github.com/loonwerks/CASE/tree/master/TA5/case-env
Open PCA Pump Project website (2018). http://openpcapump.santoslab.org
Acknowledgement
The authors wish to thank other DARPA CASE team members from Collins Aerospace, Adventium Labs, and Data61 for their work on applications of HAMR and their inputs on HAMR design.
Author information
Authors and Affiliations
Corresponding authors
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Hatcliff, J., Belt, J., Robby, Carpenter, T. (2021). HAMR: An AADL Multi-platform Code Generation Toolset. In: Margaria, T., Steffen, B. (eds) Leveraging Applications of Formal Methods, Verification and Validation. ISoLA 2021. Lecture Notes in Computer Science(), vol 13036. Springer, Cham. https://doi.org/10.1007/978-3-030-89159-6_18
Download citation
DOI: https://doi.org/10.1007/978-3-030-89159-6_18
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-89158-9
Online ISBN: 978-3-030-89159-6
eBook Packages: Computer ScienceComputer Science (R0)