Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science

Describe the system logical architecture - Emits

advertisement 
Software Systems Division (TEC-SW)
ASSERT
process & toolchain
Maxime Perrotin, ESA
The ASSERT process in a glance
Capture of the
system properties

Modeling phase
Capture of the
hardware architecture

Model transformation
Software Systems Division (TEC-SW)

Feasibility analysis
System real-time
architecture
Run-time
environment

Automatic
code generation
Complete system

Describe the system logical architecture
Software Systems Division (TEC-SW)
Mode
Management
TMTC
AOCS
FDIR
Ground
First, identify all functional blocks…
Done at system level

Describe the system logical architecture
FDIR
AOCS
Attitude
calculation
Error handling
AOCS mode
management
Software Systems Division (TEC-SW)
Activation => CYCLIC
Period => 100 ms
WCET => 25 ms
Language => SCADE6
NON-FUNCTIONAL ATTRIBUTES
Start-param ::= SEQUENCE {
cmd-word T_COMMAND,
mode-flag BOOLEAN
}
T-COMMAND ::= ENUMERATED
{ switch-on, switch-off }
DATA MODEL IN ASN.1
Then connect them together
…describe the messages they exchange
and their non-functional attributes

Describe the system logical architecture
FDIR
AOCS
Mode Manager
safe
Functional view
go_op/
start
fdir
process ABB1
AOCS Calculation
start
Software Systems Division (TEC-SW)
w ait_ABB2
PI1
PI2
RI1
(myData)
idle
status
FBY
stop
idle
op
w ait_ABB2
1 false
Start-param ::= SEQUENCE {
cmd-word T_COMMAND,
mode-flag BOOLEAN
}
T-COMMAND ::= ENUMERATED
{ switch-on, switch-off }
DATA MODEL IN ASN.1
…and let system engineers fill the blocks:
they know what they want!
Keep them away from software issues!

Describe the system deployment
Partition 1
AOCS
>
>
mode
Mode Manager
safe
TC
step
AOCS
go_op/
start
fdir
>
TM
op
>
FDIR
>
Attitude Estimator
start
>
>
Error Detector
mode
mode
mode
Mode Manager
safe
TC
go_op/
start
fdir
TM
op
>
Mode Manager
safe
TC
go_op/
start
fdir
process ABB1
TM
op
>
>
step
Attitude Estimator
start
status
FBY
stop
1 false
status
FBY
stop
AOCS
>
>
idle
w ait_ABB2
1 false
>
alarm
PI1
PI2
RI1
(myData)
idle
fdir
>
>
step
Attitude Estimator
start
status
FBY
stop
1 false
w ait_ABB2
Partition 2
FDIR
>
Error Detector
mode
process ABB1
idle
>
alarm
w ait_ABB2
PI1
PI2
RI1
(myData)
idle
fdir
>
Software Systems Division (TEC-SW)
w ait_ABB2
LEON2
Spacewire,
1553,
CAN Bus…
ERC32
List the hardware (processors, memory, busses)
Group the functions into partitions
and map the partitions to the hardware

Transform and analyze the system
SYSTEM DESCRIPTION
Software Systems Division (TEC-SW)
All attributes and
properties are formally
captured in models
ASSERT Tool
Task 1
Task 3
Task 2
Task 4
Task 1
Task 2
Task 3
Generate a set of software tasks for each processor
Analyze the system and ensure its feasibility
(scheduling, safety, sizing and timing, bus load…)

Generate the software system
process ABB1
start
status
FBY
idle
w ait_ABB2
PI1
PI2
RI1
(myData)
stop
1 false
safe
Software Systems Division (TEC-SW)
go_op/
start
Task 1
op
Task 3
idle
fdir
w ait_ABB2
T-COMMAND ::= ENUMERATED
{ switch-on, switch-off }
Functional code
(C, Ada)
Task 2
Task 4
Task 1
Task 2
Task 3
Functional code Tailored run-time
containers
environment
1 executable per target, ready for download
In practice, how is it implemented?
Software Systems Division (TEC-SW)

The system models are captured with a
graphical tool that is targeted to system
engineers.
 The Data View is captured in ASN.1
 Functional blocks can be modeled using any
language: SDL, SCADE, Simulink, Ada, C.
Assert tools generate wrappers. Choose the
best!
 Verification is done using existing, off-theshelves tools (MAST+, Cheddar, AltaRica)
Toolchain elements (1)

Graphical front-end for assert systems
Software Systems Division (TEC-SW)
– “Interface and Deployment view editors”
Toolchain elements (2)
Software Systems Division (TEC-SW)

Automatic “ICD” Generation
Toolchain elements (3)
Software Systems Division (TEC-SW)

ASN.1 Space Certifiable Compiler
– Generation of compact binary encoders and
decoders for ASN.1 modules
– Integrated in the ASSERT tool-chain, can be used
standalone as well
– Targets embedded systems: no dynamic memory
allocation, no system calls
Toolchain elements (4)
Software Systems Division (TEC-SW)

The “virtual machine” (assert VM)
– First version based on the Ada runtime with the
Ravenscar kernel and PolyORB-HI middleware.
– Supported platforms: Leon (gnatforleon), Native
(can run on top of Windows or Linux on Intel
processors – without real-time)
– Supported network: Ethernet (for native platforms),
Spacewire (prototype only, full version within 6
months)
– Ongoing: porting to RTEMS
step by step demonstration
Make the “interface”, “deployment”, and
“data” views
2. Prepare the field to implement the functions:
1.
Software Systems Division (TEC-SW)
 Convert “data view” to target languages
 Generate application skeletons
Implement the functions, generate the code
(don’t modify the generated code!)
4. Generate the glue code and build the
system
5. Run the system
3.
Software Systems Division (TEC-SW)
application skeleton: simulink
application skeleton: SDL
system basic_fv
USE Datamodel;
SIGNAL basictotc (T_TM);
SIGNAL tcommand (T_HLTC_PLUS);
SIGNAL basictocontrol (T_CONTROL_IN);
SIGNAL controldow ntobasic (T_CONTROL_DOWN_OUT);
SIGNAL controluptobasic (T_CONTROL_UP_OUT);
Software Systems Division (TEC-SW)
SIGNAL cyclicactivationimplementation;
procedure aplc_basic_op COMMENT '#c_predef';FPAR
IN thrusters_opening T_THRUSTERS_OPENING,
IN pfs_iw m_arming_relay_status_on T_PFS_IWM_ARMING_RELAY_STATUS_ON,
IN pfs_hltc_red_button_is_on T_PFS_HLTC_RED_BUTTON_IS_ON,
IN msu_id T_MSU_ID,
IN pfs_ew m_msuy_msux_hs T_PFS_EWM_MSU_MSU_HS,
IN ftcp_health_status T_FTCP_HEALTH_STATUS,
IN pfs_ew m_dtg12_msu T_PFS_EWM_DTG12_MSU,
IN hltc T_HLTC,
IN end_boost_is_reached T_END_BOOST_IS_REACHED,
IN sun_is_aimed T_SUN_IS_AIMED,
IN/OUT pfs_ew c_msu_pde_t T_PFS_EWC_MSU_PDE_T,
IN/OUT pde_cmd_a T_PDE_CMD_A,
IN/OUT dpu_cmd T_DPU_CMD,
IN/OUT set_pfs_ew c_msu_dtg_mode_coarse T_ON_OFF_CMD,
IN/OUT hltm T_HLTM,
IN/OUT pfs_ew m_msux_msuy_hs T_PFS_EWM_MSU_MSU_HS,
IN/OUT cam_mode T_CAM_MODE,
IN/OUT controller_to_be_activated T_CONTROLLER_TO_BE_ACTIVATED,
IN/OUT navigation_output T_NAVIGATION_OUTPUT;
EXTERNAL;
procedure mysimulink COMMENT '#c_predef';FPAR
IN my_in T_FOR_SIMULINK_IN,
IN my_in2 T_control_in,
IN/OUT my_out T_FOR_SIMULINK_OUT,
IN/OUT my_out2 T_Control_in;
EXTERNAL;
basic_fv
tcommand,
controldowntobasic,
controluptobasic,
cyclicactivationimplementation
c
basictotc,
basictocontrol
Software Systems Division (TEC-SW)
application skeleton: C
Related documents
Session 7
Session 7
Pastoral field schools and proximity learning a
Pastoral field schools and proximity learning a
Financial Planning and the Tax Return
Financial Planning and the Tax Return
Taiwan`s space programs and Introduction to Spacecraft Attitude
Taiwan`s space programs and Introduction to Spacecraft Attitude
Web Accessibiliy and Sensitive Data Considerations
Web Accessibiliy and Sensitive Data Considerations
Office 365 update
Office 365 update
Wednesday, April 4, 2012 MSU College of Law
Wednesday, April 4, 2012 MSU College of Law
powerpoint - Mississippi State University
powerpoint - Mississippi State University
EBS System at MSU How to get to your Action List
EBS System at MSU How to get to your Action List
Unpacking your Study Abroad Experience
Unpacking your Study Abroad Experience
Download
advertisement