TASTE: The ASSERT Set of Tools for Engineering
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
For a reliable
and scientific
approach
in system
and software
engineering
TASTE: The ASSERT Set of Tools for Engineering
The TASTE Toolset
assert-project - Dr Eric Conquet, Maxime Perrotin, Marie-Aude Esteve – European Space Agency
Statement of the problem
• Targeted domain: Real-Time, mission critical and
embedded systems
• SW dominant systems (but expandable to HW)
• Current development approach is mostly based on
paper work
– Few models,
– Tools: mainly MS office!
• Suppliers face difficulties to master design before
testing
• Customers find reviews not efficient enough
• Needs:
– Capture system model with associated properties,
– Verify early and continuously during design,
– Smoothly handle system heterogeneity,
– Use automatic code generation.
Those were addressed in ASSERT 2004/2007
The TASTE Toolset
2
assert-project - Dr Eric Conquet, Maxime Perrotin, Marie-Aude Esteve – European Space Agency
The ASSERT Requirement baseline
• System families: from market segments to property
oriented design
• Proofs: from an empirical to a scientific approach,
• New development process: from nice concepts to
actual steps
• Tools: From paper to models
• Heterogeneity handling: from multiple models to one
single and integrated SW
• Case studies: from toy examples to real applications.
ASSERT = an ambitious and pragmatic approach
to develop critical SW dominant RT systems.
The TASTE Toolset
3
assert-project - Dr Eric Conquet, Maxime Perrotin, Marie-Aude Esteve – European Space Agency
Future of ASSERT: a strategy around three main axis.
• Extend the process and toolset: ongoing studies
– Link with system modelling
– Integration of HW components
– Integration of space specific components (PUS, Spacewire, …)
– Connection to system simulators and schedulability analyser
• Market the toolset
– Create an ecosystem gathering innovative SMEs and research
centres into a network
– Each network node will lead a technical domain
– The network can be dynamically configured to address a
specific need (virtual company)
– To have ESA coordinating the network and protecting the
community investment
• Disseminate the technology
– Case study on formation flying experiment with space industry
– Preparation of case studies with space and non space industry
The TASTE Toolset
4
assert-project - Dr Eric Conquet, Maxime Perrotin, Marie-Aude Esteve – European Space Agency
For a reliable
and scientific
approach
in system
and software
engineering
From the ASSERT process to TASTE.
The TASTE Toolset
assert-project - Dr Eric Conquet, Maxime Perrotin, Marie-Aude Esteve – European Space Agency
What is the Assert process?
• The ASSERT process is based on simple observations
– a system – ANY system – is made of heterogeneous components,
that have to live and communicate together
– system builders have other concerns than software implementation details,
– and good software engineers are unhappy when they have to develop
application code: their skills are misused
• The Assert process proposes solutions to
– capture a system using user-friendly (yet formal) modeling techniques
– automate repetitive and error-prone software activities
– build an homogeneous system having heterogeneous components
• The toolset has been specified, designed, and
implemented by ESA together with some Assert
partners.
• It is unique on the market.
The TASTE Toolset
6
assert-project - Dr Eric Conquet, Maxime Perrotin, Marie-Aude Esteve – European Space Agency
Capture of the system : architecture, behaviour, data, real-time
attributes, and hardware platform.
AOCS Mode Management
to FDIR
Control law
10 Hz start
State Machine
status
FBY process ABB1
stop 1 false
idle wait_ABB2
sensor data PI1 PI2
Deadline: 3 ms
RI1
WCET: 1 ms (myData) idle
actuators SDL
Simulink wait_ABB2
LEON2
LEON2
FDIR-command ::= ENUMERATED {
safe-mode,
switch-to-redundant,
...
}
AOCS-tm ::= SEQUENCE {
AADL and ASN.1 attitude Attitude-ty,
are combined to provide a formal, orbit Orbit-ty,
precise, and complete description ...
of the system architecture and data. }
The TASTE Toolset
7
assert-project - Dr Eric Conquet, Maxime Perrotin, Marie-Aude Esteve – European Space AgencyWhat ASSERT tools do with the models
Generate “application skeletons”
in Simulink, SDL, C, and Ada
s ys tem bas ic_fv
USE Datamodel;
SIGNAL basic totc (T_TM);
SIGNAL tcommand (T_HLTC_PLUS);
SIGNAL basic tocontrol (T_CONTROL_IN);
SIGNAL controldow ntobas ic (T_CONTROL_DOWN_OUT);
SIGNAL controluptobasic (T_CONTROL_UP_OUT);
SIGNAL cy clicac tivationimplementation;
pro ce du re aplc_basic_op COM M ENT '#c _predef ';FPAR
IN thrusters_opening T_THRUSTERS_OPENING, basic_f v
IN pf s _iw m_arming_relay_status_on T_PFS_IWM_ARMING_RELA Y _STATUS_ON,
IN pf s _hltc_red_button_is _on T_PFS_HLTC_RED_BUTTON_IS_ON,
IN msu_id T_MSU_ID,
IN pf s _ew m_msuy _msux_hs T_PFS_EWM_MSU_MSU_HS,
IN f tcp_health_status T_FTCP_HEALTH_STA TUS,
IN pf s _ew m_dtg12_msu T_PFS_EWM_DTG12_MSU,
IN hltc T_HLTC,
IN end_boost_is_reached T_END_BOOST_IS_REA CHED,
tcommand,
IN sun_is_aimed T_SUN_IS_A IMED,
controldowntobasic,
IN/OUT pf s_ew c_msu_pde_t T_PFS_EWC_MSU_PDE_T,
controluptob asic,
IN/OUT pde_cmd_a T_PDE_CMD_A,
cyclic activationimplementation
IN/OUT dpu_cmd T_DPU_CMD,
IN/OUT set_pf s_ew c_msu_dtg_mode_coarse T_ON_OFF_CMD,
IN/OUT hltm T_HLTM,
IN/OUT pf s_ew m_msux_msuy _hs T_PFS_EWM_MSU_MSU_HS,
IN/OUT cam_mode T_CA M_MODE,
IN/OUT controller_to_be_ac tivated T_CONTROLLER_TO_BE_A CTIV A TED,
c
IN/OUT navigation_output T_NA VIGATION_OUTPUT;
EXT ERNAL;
bas ictotc,
pro ce du re mysimulink COM M ENT '#c _predef ';FPAR bas ictoc ontrol
IN my_in T_FOR_SIMULINK_IN,
IN my_in2 T_control_in,
IN/OUT my_out T_FOR_SIMULINK_OUT,
IN/OUT my_out2 T_Control_in;
EXT ERNAL;
Generate a software Generate glue code
real-time architecture to put everything
(in AADL) Task 1
Task 2
together on a real-time
Task 2 Task 3
Task 1
Task 4
operating system
Task 3
The TASTE Toolset
8
assert-project - Dr Eric Conquet, Maxime Perrotin, Marie-Aude Esteve – European Space AgencyASSERT technology details
• The ASN.1 Space Certifiable Compiler
– Generation of compact binary encoders and decoders
for ASN.1 modules
– Integrated in the ASSERT tool-chain, can be used
standalone as well
– Targets embedded systems: no dynamic memory
allocation, no system calls
• The “virtual machine” (assert VM) – two options
– A real-time operating system based on the Ada runtime
with the Ravenscar profile and PolyORB-HI middleware.
– RTEMS standard operating system with PolyORB-HI-C
– Supported platforms: Leon, Native (Linux on Intel)
– Supported networks: Ethernet (for native platforms),
Spacewire, serial link
The TASTE Toolset
9
assert-project - Dr Eric Conquet, Maxime Perrotin, Marie-Aude Esteve – European Space AgencyIn addition - bonuses
• Rapid prototyping:
the toolchain generates
GUIs to quickly test
the system under
development
• Simulation and Analysis:
Data can be monitored
using real-time plotting.
• Documentation: ICDs are generated automatically
with a description of the data binary encodings
(ASN.1 uPER Encodings)
MY-MODULE DEFINITIONS ::= BEGIN
MySequence ::= SEQUENCE {
field1 INTEGER (5..4294967295),
field2 INTEGER (5..4096) OPTIONAL,
field3 BOOLEAN ,
field4 MyChoice,
The TASTE Toolset
10
assert-project - Dr Eric Conquet, Maxime Perrotin, Marie-Aude Esteve – European Space AgencyA few screenshots of the toolset (1)
• Interface and deployment view editors
The TASTE Toolset
11
assert-project - Dr Eric Conquet, Maxime Perrotin, Marie-Aude Esteve – European Space AgencyA few screenshots of the toolset (2)
• Generation of Simulink “skeletons”
The TASTE Toolset
12
assert-project - Dr Eric Conquet, Maxime Perrotin, Marie-Aude Esteve – European Space AgencyA few screenshots of the toolset (3)
• Generation of SDL “skeletons”
s ys te m basic_f v
USE Datamodel;
SIGNAL basictotc (T_TM);
SIGNAL tcommand (T_HLTC_PLUS);
SIGNAL basictocontrol (T_CONTROL_IN);
SIGNAL controldow ntobasic (T_CONTROL_DOWN_OUT);
SIGNAL controluptobasic (T_CONTROL_UP_OUT);
SIGNAL cyclicactivationimplementation;
pr oce dur e aplc_basic_op COM M ENT '#c_predef ';FPAR
IN thrusters_opening T_THRUSTERS_OPENING, basic_f v
IN pf s_iw m_arming_relay_status_on T_PFS_IWM_A RMING_RELA Y _STA TUS_ON,
IN pf s_hltc_red_button_is_on T_PFS_HLTC_RED_BUTTON_IS_ON,
IN msu_id T_MSU_ID,
IN pf s_ew m_msuy_msux_hs T_PFS_EWM_MSU_MSU_HS,
IN f tcp_health_status T_FTCP_HEA LTH_STA TUS,
IN pf s_ew m_dtg12_msu T_PFS_EWM_DTG12_MSU,
IN hltc T_HLTC,
IN end_boost_is_reached T_END_BOOST_IS_REA CHED,
tcommand,
IN sun_is_aimed T_SUN_IS_A IMED,
controldowntob asic,
IN/OUT pf s_ew c_msu_pde_t T_PFS_EWC_MSU_PDE_T,
controluptob asic,
IN/OUT pde_cmd_a T_PDE_CMD_A ,
cyclicactivationimplementation
IN/OUT dpu_cmd T_DPU_CMD,
IN/OUT set_pf s_ew c_msu_dtg_mode_coarse T_ON_OFF_CMD,
IN/OUT hltm T_HLTM,
IN/OUT pf s_ew m_msux_msuy_hs T_PFS_EWM_MSU_MSU_HS,
IN/OUT cam_mode T_CA M_MODE,
IN/OUT controller_to_be_activated T_CONTROLLER_TO_BE_A CTIV A TED,
c
IN/OUT navigation_output T_NA V IGA TION_OUTPUT;
EXTERNAL;
b asictotc,
pr oce dur e mysimulink COM M ENT '#c_predef ';FPAR b asictocontrol
IN my_in T_FOR_SIMULINK_IN,
IN my_in2 T_control_in,
IN/OUT my_out T_FOR_SIMULINK_OUT,
IN/OUT my_out2 T_Control_in;
The TASTE Toolset
EXTERNAL;
13
assert-project - Dr Eric Conquet, Maxime Perrotin, Marie-Aude Esteve – European Space AgencyA few screenshots of the toolset (4)
• C “skeletons”
The TASTE Toolset
14
assert-project - Dr Eric Conquet, Maxime Perrotin, Marie-Aude Esteve – European Space AgencyA few screenshots of the toolset (5)
• Ada “skeletons”
The TASTE Toolset
15
assert-project - Dr Eric Conquet, Maxime Perrotin, Marie-Aude Esteve – European Space AgencyA few screenshots of the toolset (5) - Data types in Ada
The TASTE Toolset
16
assert-project - Dr Eric Conquet, Maxime Perrotin, Marie-Aude Esteve – European Space AgencyTASTE - Credits
Interface View LabASSERT (Ellidiss)
Model Transformation Buildsupport (ESA)
ASN.1 tools
Data Modeling
(Semantix)
Ada, C
Functional View Matlab - Simulink
SDL
Ocarina (ENST)
Automatic Code
Assert builder
generation
(Semantix,ESA)
PolyORB-HI (ENST)
Virtual Machine
GnatForLeon (UPM)
The TASTE Toolset
17
assert-project - Dr Eric Conquet, Maxime Perrotin, Marie-Aude Esteve – European Space AgencyThe after TASTE story
• Extensions to TASTE:
– HW/SW co engineering: study in progress with GMV
(Spain) to extend TASTE with HW (FPGA) components
handling.
– System modelling: study in progress with ASTRIUM
(France) to extend TASTE with system modelling
(SysML) and Spark Ada generation.
• Demonstrators:
– FDIR (Failure Detection Isolation and Recovery)
modelling: study almost finished with SpaceBel
(Belgium) to model FDIR layers for formation flying.
– Galileo/GPS receiver on a satellite platform: study with
M3S (France) with THALES and ASTRIUM (includes a
prototype to support HWSW co-design developed by
SEMANTIX (Greece)).
The TASTE Toolset
18
assert-project - Dr Eric Conquet, Maxime Perrotin, Marie-Aude Esteve – European Space AgencyThe TASTE Toolset
19
assert-project - Dr Eric Conquet, Maxime Perrotin, Marie-Aude Esteve – European Space AgencyYou can also read
