Your SlideShare is downloading. ×
0
Project P
Project P
Project P
Project P
Project P
Project P
Project P
Project P
Project P
Project P
Project P
Project P
Project P
Project P
Project P
Project P
Project P
Project P
Project P
Project P
Project P
Project P
Project P
Project P
Project P
Project P
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Project P

9,126

Published on

A presentation of Project P - Model compilers for safety-critical systems

A presentation of Project P - Model compilers for safety-critical systems

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
9,126
On Slideshare
0
From Embeds
0
Number of Embeds
9
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Model compiler for safety-critical systems PROJECT P Model Compilersfor Safety-Critical Systems Matteo Bordinbordin@adacore.com
  • 2. Model compiler for safety-critical systemsIndustrial context• A modern model-driven engineering process involves – Multiple departments & cultures: system, control, software – Multiple domain-specific languages (co-engineering)• Need for – Lightweight collaboration between departments – Assurance when translating models to source code – Model-based analysis taking into account multiple modeling view- points (co-verification) 2
  • 3. Model compiler for safety-critical systems Introducing Project P• Support the development of qualifiable model compilers – Models are precise/refined enough for code generation – From heterogeneous models (Simulink, UML, MARTE, …) – Qualifiable in DO-178 sense (development tool, TQL1) – Tunable with incremental certification support – With verification of model-based integration• Two R&D dimensions Improvements over – Model compilation state-of-the-art – Agile/lean qualification process 3
  • 4. Positioning the P toolset (DO-178C terminology) • ConformitySpecification • Verifiability Model • Accuracy & Consistency • Compatibility Design Model • Compliance • Traceability • Accuracy • Consistency • Compliance Src Code • Robustness Executable 4
  • 5. Model compiler for safety-critical systemsIntroducing Project P (II) User languages Pivot formalism An intermediate internal representation Code Verification Generation 5
  • 6. Model compiler for safety-critical systemsWhy a pivot formalism? Clear semantics & execution model No semantic variation point User languages Minimal No syntactic sugar Covers multiple viewpoints Pivot formalism (behavior, architecture, data, …) An intermediate internal Separation of concerns representation Optimized code generation Verification of consistency Code (integration/allocation of Verification heterogeneous models)Generation Support for scenario-based analysis A reference representation for code generation & verification 6
  • 7. Model compiler for safety-critical systemsTechnical approach: model compilation User languages (safe subsets, for each viewpoint: behavior, architecture, system, …) Design model (close to user languages abstraction) Two metamodels At different levels of abstraction … N refinement steps… To factorize representations independently of target platform Not visible to the final user Code model A set of intermediate refinement steps(close to imperative programming languages) Ada C VHDL 7
  • 8. Model compiler for safety-critical systemsDefining the Design Model language User languages MAKE CHOICES • Identify safe language subsets • Identify languages overlap • Not the union of all languages (not the UML way) State machines Design model Data flow Domain-independent component model Verification MAKE CHOICES Analysis theories/techniques • Identify relevant analysis methods • Ensure the relevant information is present Analysis tools • Tell how to represent it in user-visible languages 8
  • 9. Model compiler for safety-critical systemsDefining the Code Model language Datatypes Design model • Ranges (close to user languages abstraction) • Struct Expressions • Literals and constants Code model • Math expressions (+, -, *, /, abs, …) Statements • VariableDeclaration Ada C VHDL • AssignementStatement • IfStatement • WhileLoop • Factorizes model compilation independent of target language • Isolates location to insert target-specific transformations (OS calls) • Simplifies development of the model compilation chain 9
  • 10. Model compiler for safety-critical systemsNeed for iterative refinement Design model’ Design model’’ • (De)mangling Design model’’’ • Constant folding/propagation • Sequencing ... • Type inference • Flattening Code model’ • … Code model’’ ... 10
  • 11. Model compiler for safety-critical systemsImporters and the P formalismImporters may work at any refinement levelThis is to allow some refinement outside the framework: • Sequencing produced by Simulink with slist/elist • Normalization of UML activity diagrams (resolution of concurrency) • …. Design model’ Design model’’ Design model’’’ ... 11
  • 12. Model compiler for safety-critical systemsImporters and the P formalism (II)Importers may even connect directly to the code modelUseful for action languages: • (Embedded) Matlab • Action Language for fUML (ALF) • …. Code model’ Code model’’ ... 12
  • 13. Model compiler for safety-critical systemsTechnical approach: a generic framework User languages (safe subsets, for each viewpoint: behavior, architecture, system, …) Importers Resolution of semantic variation points New input languages (DSLs) Design model (close to user languages abstraction) Tuning/addition/removal of model … N refinement steps… transformation steps from a library Code model Tuning of code generation(close to imperative programming languages) Ada C VHDL 13
  • 14. Model compiler for safety-critical systems P model compiler instantiation1. Identify safe subset of input language2. Define a mapping to the P formalism – Most likely at the design model level3. Identify the set of transformations to apply – Develop new transformation components – Select and integrate existing ones4. Package new qualification data with reused data 14
  • 15. Model compiler for safety-critical systemsInstantiations of model compilation chain Behavior Architecture Design model … N refinement steps… … N refinement steps… Code model Ada C VHDL 15
  • 16. Model compiler for safety-critical systemsBehavioral modeling: GeneAuto NEW Subset of user languages State machines Design model Data flow … N refinement steps… Code model Generation of sequential code Ada C VHDL 16
  • 17. Model compiler for safety-critical systemsConvergence of behavioral models Formalism 17
  • 18. Model compiler for safety-critical systemsArchitectural modeling: CHESS & VERDE? Subset of user languages Design model Domain-independent component model … N refinement steps… Generation of concurrent code Code model Last compilation step may be too company-dependent to be factorized Ada C 18
  • 19. Model compiler for safety-critical systemsSupport for scenario-based analysis• Real-time analysis is done on scenarios – To limit pessimism (unlikely that ALL tasks are ready at the same instant…) – Scenarios stem from requirements – Are they consistent/complete w.r.t the application model?• The design model could help – It covers multiple views: impact of behavior on scenario identification – Generation of analysis scenarii from the architecture by taking into account the functional behavior 19
  • 20. Model compiler for safety-critical systemsAgile/Lean qualification• Final user needs to tune the model compiler – Support new input languages (DSLs) – Support new output languages – Tune code generation strategy• Definition of an integrated, generic process model – Integrated: Development & Verification & Qualification – Generic: usable for any instantiation of the model compilation chain – Developer POV – User POV 20
  • 21. Model compiler for safety-critical systemsAgile/Lean qualification (II)• Process models in EPF (Eclipse Process Framework) – Tool Qualification Plan – Tool Development Plan• Deployment of an agile/lean process – Short-term planning via Kanban charts – Continuous integration including qualification-oriented activities Structural coverage Coding standard Traceability/consistency of lifecycle artifacts 21
  • 22. Model compiler for safety-critical systemsAgile/Lean qualification (III)• Minimize re-qualification cost – Transformations ship with qualification data – Reuse of qualification evidence – Iterative process taken into account on the qualification plans 22
  • 23. Model compiler for safety-critical systemsMain contact points• Matteo Bordin, bordin@adacore.com• Marc Pantel, marc.pantel@enseeiht.fr• www.open-do.org/projects/p 23
  • 24. Model compiler for safety-critical systems PROJECT P Model Compilersfor Safety-Critical SystemsAdditional information 24
  • 25. Model compiler for safety-critical systemsProject information• Started in October 2011• 3 years• 10M budget, ~5M funding, FUI financing (France)• 19 partners + observers• Administrative leader: Continental Automotive• Technical leader: AdaCore• Scientific leader: IRIT 25
  • 26. avioncis Industrial users automotive spaceTech providers Academia 26

×