Abstract
The Architecture and Analysis Definition Language (AADL) is an industry standard modeling language distinguished by its emphasis on strong semantics for modeling real-time embedded systems. These features have led to AADL being used in many formal-methods-oriented projects addressing critical systems. With regard to future directions in programming and systems engineering in general, questions naturally arise regarding how modeling language definitions should be documented so that the meaning of modeled systems can be made clear to all stakeholders. For example, the AADL standard describes Run-Time Services (RTS) that code generation frameworks can implement to realize AADL’s standards-based semantics for thread dispatch and port-based communication. The documentation of these semantics in the AADL standard is semi-formal, allowing for divergent interpretations and thus contradictions when implementing analysis or code generation capabilities.
In this paper, we illustrate how key semantic elements of the AADL standard may be documented via a rule-based formalization of key aspects of the AADL RTS as well as additional services and support functions for realistic, interoperable, and assurable implementations. This contribution provides a basis for (a) a more rigorous semantic presentation in upcoming versions of the standard, (b) a common approach to assess compliance of AADL code generation and analysis tools, (c) a foundation for further formalization and mechanization of AADL’s semantics, and (d) a more intuitive documentation of a system’s AADL description via simulation and automatically generated execution scenarios.
This work is supported in part by Collins Aerospace, the U.S. Army Combat Capabilities Development Command, Aviation and Missile Center under Contract No. W911W6-20-C-2020, and the US Department of Defense under Contract No. FA8702-15-D-0002 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center. See the acknowledgements section for full details.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
The AADL standard uses the term port variable to refer to the APS concept; “variable” suggests an application programming view of the port state. However, the port variable concept is somewhat ambigiously presented in the current standard and is intertwined with the binding to a particular programming language. For these reasons, we use a more mathematically oriented presentation of the concept in this paper and suggest that upcoming versions of the standard allow different programming language bindings to specify how they realize the concept in a particular language.
- 2.
AADL other categories of features denote either abstract features or access to resources. They do not directly participate in the semantics of a thread and are omitted in this paper.
References
SAE AS5506/2. AADL annex volume 2
Backes, J., Cofer, D., Miller, S., Whalen, M.W.: Requirements analysis of a quad-redundant flight control system. In: Havelund, K., Holzmann, G., Joshi, R. (eds.) NFM 2015. LNCS, vol. 9058, pp. 82–96. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-17524-9_7
Barnes, J.G.: Programming in ADA. Addison-Wesley Longman Publishing Co., Inc, London (1984)
Berthomieu, B., Bodeveix, J.-P., Chaudet, C., Dal Zilio, S., Filali, M., Vernadat, F.: Formal verification of AADL specifications in the topcased environment. In: Kordon, F., Kermarrec, Y. (eds.) Ada-Europe 2009. LNCS, vol. 5570, pp. 207–221. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01924-1_15
Berthomieu, B., et al.: Formal verification of AADL models with Fiacre and Tina. In: ERTSS 2010-Embedded Real-Time Software and Systems, pp. 1–9 (2010)
Besnard, L., et al.: Formal semantics of behavior specifications in the architecture analysis and design language standard. In: Nakajima, S., Talpin, J.-P., Toyoshima, M., Yu, H. (eds.) Cyber-Physical System Design from an Architecture Analysis Viewpoint, pp. 53–79. Springer, Singapore (2017). https://doi.org/10.1007/978-981-10-4436-6_3
Borde, E., Rahmoun, S., Cadoret, F., Pautet, L., Singhoff, F., Dissaux, P.: Architecture models refinement for fine grain timing analysis of embedded systems. In: 2014 25nd IEEE International Symposium on Rapid System Prototyping, pp. 44–50 (2014)
Burns, A., Wellings, A.: Analysable real-time systems: programmed in Ada. CreateSpace (2016)
Carré, B., Garnsworthy, J.: SPARK - an annotated Ada subset for safety-critical programming. In: Proceedings of the Conference on TRI-ADA 1990, pp. 392–402 (1990)
Chkouri, M.Y., Robert, A., Bozga, M., Sifakis, J.: Translating AADL into BIP - application to the verification of real-time systems. In: Chaudron, M.R.V. (ed.) MODELS 2008. LNCS, vol. 5421, pp. 5–19. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01648-6_2
Cofer, D., et al.: Cyber-assured systems engineering at scale. IEEE Secur. Priv. 01, 2–14 (2022)
Cofer, D., Gacek, A., Miller, S., Whalen, M.W., LaValley, B., Sha, L.: Compositional verification of architectural models. In: Goodloe, A.E., Person, S. (eds.) NFM 2012. LNCS, vol. 7226, pp. 126–140. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-28891-3_13
Feiler, P., Rugina, A.: Dependability modeling with the architecture analysis and design language (AADL). Technical report, Software Engineering INST, Carnegie-Mellon University, Pittsburgh, PA (2007)
Feiler, P.H.: Efficient embedded runtime systems through port communication optimization. In: 13th IEEE International Conference on Engineering of Complex Computer Systems (ICECCS 2008), pp. 294–300 (2008)
Feiler, P.H., Gluch, D.P.: Model-Based Engineering with AADL: An Introduction to the SAE Architecture Analysis and Design Language. Addison-Wesley, Reading (2013)
Hadad, A.S.A., Ma, C., Ahmed, A.A.O.: Formal verification of AADL models by Event-B. IEEE Access 8, 72814–72834 (2020)
Hatcliff, J., Belt, J., Robby, Carpenter, T.: HAMR: an AADL multi-platform code generation toolset. In: Margaria, T., Steffen, B. (eds.) ISoLA 2021. LNCS, vol. 13036, pp. 274–295. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-89159-6_18
Hatcliff, J., Hugues, J., Stewart, D., Wrage, L.: Formalization of the AADL run-time services (extended version) (2021)
Hugues, J.: A correct-by-construction AADL runtime for the Ravenscar profile using SPARK2014. J. Syst. Archit., 102376 (2022). https://www.sciencedirect.com/science/article/pii/S1383762121002599
Hugues, J., Zalila, B., Pautet, L., Kordon, F.: Rapid prototyping of distributed real-time embedded systems using the AADL and Ocarina. In: IEEE International Workshop on Rapid System Prototyping, vol. 7 (2007)
SAE International: SAE AS5506/1, AADL Annex E: Error Model Annex. SAE International (2015). http://www.sae.org
SAE International: SAE AS5506 Rev. C Architecture Analysis and Design Language (AADL). SAE International (2017)
Klein, G., et al.: seL4: formal verification of an OS kernel. In: Proceedings of the ACM SIGOPS 22nd Symposium on Operating Systems Principles, pp. 207–220 (2009)
Larson, B., Hatcliff, J., Fowler, K., Delange, J.: Illustrating the AADL error modeling annex (v.2) using a simple safety-critical medical device. In: Proceedings of the 2013 ACM SIGAda Annual Conference on High Integrity Language Technology, HILT 2013, pp. 65–84. ACM, New York (2013)
Larson, B.R., Chalin, P., Hatcliff, J.: BLESS: formal specification and verification of behaviors for embedded systems with software. In: Brat, G., Rungta, N., Venet, A. (eds.) NFM 2013. LNCS, vol. 7871, pp. 276–290. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-38088-4_19
Lasnier, G., Zalila, B., Pautet, L., Hugues, J.: Ocarina: an environment for AADL models analysis and automatic code generation for high integrity applications. In: Kordon, F., Kermarrec, Y. (eds.) Ada-Europe 2009. LNCS, vol. 5570, pp. 237–250. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-01924-1_17
Merz, S.: The specification language TLA+. In: Bjørner, D., Henson, M.C. (eds.) Logics of Specification Languages, pp. 401–451. Springer, Heidelberg (2008). https://doi.org/10.1007/978-3-540-74107-7_8
Mkaouar, H., Zalila, B., Hugues, J., Jmaiel, M.: A formal approach to AADL model-based software engineering. Int. J. Softw. Tools Technol. Transf. 22(2), 219–247 (2019). https://doi.org/10.1007/s10009-019-00513-7
Perrotin, M., Conquet, E., Delange, J., Schiele, A., Tsiodras, T.: TASTE: a real-time software engineering tool-chain overview, status, and future, pp. 26–37, January 2011
Robby, Hatcliff, J.: Slang: the Sireum programming language. In: Margaria, T., Steffen, B. (eds.) ISoLA 2021. LNCS, vol. 13036, pp. 253–273. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-89159-6_17
Rolland, J.F., Bodeveix, J.P., Chemouil, D., Filali, M., Thomas, D.: Towards a formal semantics for AADL execution model. In: Embedded Real Time Software and Systems (ERTS 2008) (2008)
Sokolsky, O., Lee, I., Clarke, D.: Schedulability analysis of AADL models. In: Proceedings 20th IEEE International Parallel and Distributed Processing Symposium, p. 8. IEEE (2006)
Stewart, D., Liu, J.J., Cofer, D., Heimdahl, M., Whalen, M.W., Peterson, M.: AADL-based safety analysis using formal methods applied to aircraft digital systems. Reliab. Eng. Syst. Saf. 213, 107649 (2021)
Stewart, D., Liu, J.J., Whalen, M., Cofer, D., Peterson, M.: Safety annex for architecture analysis design and analysis language. In: ERTS 2020: 10th European Conference Embedded Real Time Systems (2020)
Tan, Y., Zhao, Y., Ma, D., Zhang, X.: A comprehensive formalization of AADL with behavior annex. Sci. Program. 2022 (2022)
VanderLeest, S.H.: ARINC 653 hypervisor. In: 29th Digital Avionics Systems Conference, pp. 5-E. IEEE (2010)
Yang, Z., Hu, K., Ma, D., Bodeveix, J.P., Pi, L., Talpin, J.P.: From AADL to timed abstract state machines: a verified model transformation. J. Syst. Softw. 93, 42–68 (2014)
Yuan, C., Wu, K., Chen, G., Mo, Y.: An automatic transformation method from AADL reliability model to CTMC. In: 2021 IEEE International Conference on Information Communication and Software Engineering (ICICSE), pp. 322–326 (2021). https://doi.org/10.1109/ICICSE52190.2021.9404135
Acknowledgements
Copyright 2022 Carnegie Mellon University, Adventium Labs and Kansas State University. This material is based upon work funded and supported by the Department of Defense under Contract No. FA8702-15-D-0002 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center. NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN “AS-IS” BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT. [DISTRIBUTION STATEMENT A] This material has been approved for public release and unlimited distribution. Please see Copyright notice for non-US Government use and distribution. DM22-0764.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Hatcliff, J., Hugues, J., Stewart, D., Wrage, L. (2022). Formalization of the AADL Run-Time Services. In: Margaria, T., Steffen, B. (eds) Leveraging Applications of Formal Methods, Verification and Validation. Software Engineering. ISoLA 2022. Lecture Notes in Computer Science, vol 13702. Springer, Cham. https://doi.org/10.1007/978-3-031-19756-7_7
Download citation
DOI: https://doi.org/10.1007/978-3-031-19756-7_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-19755-0
Online ISBN: 978-3-031-19756-7
eBook Packages: Computer ScienceComputer Science (R0)