Slide 1 Software Engineering of Safety-Critical Adaptive Embedded Systems Copyright © Fraunhofer IESE 2007 Software Engineering of Safety-Critical Adaptive Embedded Systems Rasmus Adler [email protected] Tel.: 0631 - 6800 2172
Slide 1
Software Engineering of Safety-Critical Adaptive Embedded Systems
Copyright © Fraunhofer IESE 2007
Software Engineering of Safety-Critical Adaptive
Embedded Systems
Rasmus Adler
[email protected].: 0631 - 6800 2172
Slide 2
Software Engineering of Safety-Critical Adaptive Embedded Systems
Copyright © Fraunhofer IESE 2007
Overview
• Classification
• Constructive Modeling Methodology
• Software Engineering of Adaptive Systems
• Motivation for Dynamic Adaptation
Slide 3
Software Engineering of Safety-Critical Adaptive Embedded Systems
Copyright © Fraunhofer IESE 2007
Classification
dynamic adaptation
dynamicreconfiguration
dynamicbehavior adaptation
hardware-basedreconfiguration
(e.g. FPGA)
software-basedreconfiguration
predetermined reconfiguration (static decision)
on-line determined reconfiguration
(dynamic decision)
dynamic configuration of
collaboration
dynamic configuration of
behavior
dynamic configuration of
parameters
dynamic configuration of HW/SW binding
Slide 4
Software Engineering of Safety-Critical Adaptive Embedded Systems
Copyright © Fraunhofer IESE 2007
Motivation for Dynamic Adaptation
Quality levelQuality level Runtimeadaptation
Runtimeadaptation
• Driving situation• HW-Fault• SW-Fault
• Safety• Survivability• Adaptation to driving situation
MARS Adaptation: dynamic
configuration of collaboration
dynamic configuration of
behavior
dynamic configuration of
parameters
Slide 5
Software Engineering of Safety-Critical Adaptive Embedded Systems
Copyright © Fraunhofer IESE 2007
Modeling of Adaptation Behavior
esensorValuvYaw
2ch
2
v1vCar
l
vCarstAnglevYaw
stAngle
vCar
vYaw
Module vYawconfig. measured
config. vCar_stAngle
vYaw
Slide 6
Software Engineering of Safety-Critical Adaptive Embedded Systems
Copyright © Fraunhofer IESE 2007
data type semantics vYaw is the angular
speed of a vehicle around its z-axis.
Quality-Extended Datatypes for Adaptive Systems:Dative = <data type , semantic , quality type>
Modes: classes of variants that have the same semantics
quality type
Mode
Mode-Attributes: provide mode-specific description of the signal-quality
Mode-Attribute
Modeling of Adaptation Behavior
Slide 7
Software Engineering of Safety-Critical Adaptive Embedded Systems
Copyright © Fraunhofer IESE 2007
configuration 2
Module M1
configuration 1
configuration 2
configuration n
...
data quality
signal
parameter 1 … parameter n
qualityqualityqualityquality
qualityqualityqualityquality
data
data
Modeling of Adaptation Behavior
Slide 8
Software Engineering of Safety-Critical Adaptive Embedded Systems
Copyright © Fraunhofer IESE 2007
CodeCode
Behavior(Simulink)
Behavior(Simulink)Behavior
(Simulink)
Behavior(Simulink)
Architecure model(UML)
Architecure model(UML)
Architecture model(UML)
Behavior(e.g. Simulink)
CodeFunction
Adaptation
- Adaptation is indistinguishable part of functionality
- adaptation although developers do not know
- influence of adaptation on quality of provided services not considered
Software Engineering of Adaptive ES
Slide 9
Software Engineering of Safety-Critical Adaptive Embedded Systems
Copyright © Fraunhofer IESE 2007
FrameworkFramework
Behavior(Simulink)
Behavior(Simulink)Behavior(e.g. Simulink)
Behavior(e.g. Simulink)
Function
Adaptation
Adaptation Behavior SpecificationAdaptation Behavior Specification
- d. a. is explicitly considered in development
- dedicated runtime adaptation framework
- SOP, SOA
Complexity becomes visible
=> How to find adaptation behavior specification
Software Engineering of Adaptive ES
Slide 10
Software Engineering of Safety-Critical Adaptive Embedded Systems
Copyright © Fraunhofer IESE 2007
FrameworkFrameworkFunction
Adaptation
Adaptation Behavior SpecificationAdaptation Behavior Specification
Architecture model(MARS / UML)
Architecture model(MARS / UML)
Adaptation
Behavior(e.g. Simulink)
Behavior(e.g. Simulink)Behavior
(e.g. Simulink)
Behavior(e.g. Simulink)
Software Engineering of Adaptive ES
Slide 11
Software Engineering of Safety-Critical Adaptive Embedded Systems
Copyright © Fraunhofer IESE 2007
Testing
executable Model0
0,2
0,4
0,6
0,8
1
1,2
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
Ratio Config==Off
Ratio Config==forwarded
Ratio Config==slowStart
Ratio Config==On
Confidence
Module
Simulation-Step
ActiveConfiguration
Exchanged Signal-Quality
AdaptiveParameter
0
0,2
0,4
0,6
0,8
1
1,2
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
Ratio Config==Off
Ratio Config==forwarded
Ratio Config==slowStart
Ratio Config==On
Confidence
In 38% of all testcases at simulation step 5 Config. On was active
Software Engineering of Adaptive ES
Slide 12
Software Engineering of Safety-Critical Adaptive Embedded Systems
Copyright © Fraunhofer IESE 2007
Simulation/ Co-Simulation
Simulink
executable Model0
0,2
0,4
0,6
0,8
1
1,2
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23
Ratio Config==Off
Ratio Config==forwarded
Ratio Config==slowStart
Ratio Config==On
Confidence
TestingModel-transformation
Quarz
Model-Checking
hybrid-CFT
Probabilistic Analyses
SASState transition systemProperty preserving model red.
Software Engineering of Adaptive ES
Slide 13
Software Engineering of Safety-Critical Adaptive Embedded Systems
Copyright © Fraunhofer IESE 2007
FrameworkFramework
Behavior(Simulink)
Behavior(Simulink)Behavior(e.g. Simulink)
Behavior(e.g. Simulink)
Function
Adaptation
Adaptation Behavior SpecificationAdaptation Behavior Specification
SE includes:
Architecture model(MARS / UML)
Architecture model(MARS / UML)
Adaptation
Software Engineering of Adaptive ES
- constructive modeling methodology
- Analysis and Verification of adaptation behavior
- Quality prediction → control development
Slide 14
Software Engineering of Safety-Critical Adaptive Embedded Systems
Copyright © Fraunhofer IESE 2007
Demonstrator
Slide 15
Software Engineering of Safety-Critical Adaptive Embedded Systems
Copyright © Fraunhofer IESE 2007
Questions
Rasmus Adler
+49 (0) 631 / 6800 2172
Now
or
later: