> Power Supervison Desired Output level Source Diesel Valve Sink Diesel Valve > Valve Regulator Sink T = 40 ms Air Valve Predictable Assembly with SaveCCT Mikael Åkerholm MRTC, Mälardalen University, CC Systems AB,
Mikael Åkerholm, SaveCCT lecture CBSE Course Outline Background and motivation Central Concepts of Component Technologies SaveCCT - A Component Technology for Vehicular Systems Target Domain Technology Overview Component Model Tools Example application – Adaptive Crusie Controller (ACC)
Mikael Åkerholm, SaveCCT lecture CBSE Course Background: Save/Save++ (and progress) Save ( ) Enabling systematic development of component-based software for safety critical embedded systems. Component technologies -> SaveCCT MDH, UU, KTH, LiTH, (ABB, Bombardier, CC Systems, CR&T, Saab, Scania, Volvo Car and Volvo TD) Save++ ( ) integrates as a part of the progress project ( ) at MDH Improved theories, methods, technologies, and tools, based on Save and Save++, -> ( SaveCCT++ )
Mikael Åkerholm, SaveCCT lecture CBSE Course Motivation More Functionality Improve existing Functionality Lower price More Electronics With Software Software Crisis (1968): Error-Prone Late Expensive Promising, successful in the PC domain Component Technologies, target PC Applications Vehicular Software Different from PC Software Need Better Software Engineering Approaches! Component-Based Software Engineering Component Technology For Vehicular Applications!
Mikael Åkerholm, SaveCCT lecture CBSE Course Central Concepts Component Component Framework Platform Components Repository Supporting Tool
Mikael Åkerholm, SaveCCT lecture CBSE Course SaveCCT – For Vehicular Systems Characteristcs: Many suppliers Distributed applications Safety Reliability Resource efficiency (Hard) Real-Time requirements
Mikael Åkerholm, SaveCCT lecture CBSE Course SaveCCT Design Goals Efficient Development: Enable utilization of CBSE advantages, provide the necessary possibilities for the target domain Predictable Behavior: Need to be able to apply analysis of important run- time attributes during design-time, e.g., Timing, Safety, Reliability, Memory needs, Processor demands Run-Time Efficiency: Ideally enable CBSE without run-time cost, compared to C programming with RTOS
Mikael Åkerholm, SaveCCT lecture CBSE Course Process Overview SystemRequirements ComponentRequirements Select and Adapt ComponentVerification SystemVerification Need for component Develop or Buy VerifyComponent Repository SystemComposition SystemDecomposition Interface between Component developers And system developers
Mikael Åkerholm, SaveCCT lecture CBSE Course SaveCCT Technology Overview Repository
Mikael Åkerholm, SaveCCT lecture CBSE Course The SaveCCM component model Restictive in comparision to PC/Internet component models COM,.Net, EJB Enable analysis during design-time, and determinstic reproducable behaviour during run- time (test-time) Textual xml, and graphical UML influenced syntax
Mikael Åkerholm, SaveCCT lecture CBSE Course SaveCCM Syntax: Basic Component Ports Trigger, data, combined Behaviour Read Execute Write fixed_t error = Setpoint – Value; fixed_t u = fixed_mul(K, e); if (IntegrationEnabled) u += fixed_div(NewState, T_i); Control = LIMIT(u, 0, MAX_CONTROL); State = error;
Mikael Åkerholm, SaveCCT lecture CBSE Course SaveCCM Syntax: Basic Component Ports Trigger, data, combined Behaviour Read Execute Write fixed_t error = Setpoint – Value; fixed_t u = fixed_mul(K, e); if (IntegrationEnabled) u += fixed_div(NewState, T_i); Control = LIMIT(u, 0, MAX_CONTROL); State = error;
Mikael Åkerholm, SaveCCT lecture CBSE Course SaveCCM Syntax: Switch Ports Setports determine active configuration Connection patterns For static or dynamic reconfiguration
Mikael Åkerholm, SaveCCT lecture CBSE Course SaveCCM Syntax: Assembly Ports Internal components and connections Encapsulation of a “sub-system”
Mikael Åkerholm, SaveCCT lecture CBSE Course SaveCCM Syntax: Composite Component Ports Internal components and connections Restricted behaviour, read-execute-write
Mikael Åkerholm, SaveCCT lecture CBSE Course SaveCCM Formal Foundation Timed Automata with Tasks SaveCCM Core Building blocks for SaveCCM semantics: Basic Component Composite Component Conditional Connection Port: point of interaction Where connection meet component Transfer data or triggering Single data item, overwrite semantics On request, John may give a lecture ;o) Finite automata with Dense time clocks, manipulated on edges Tasks, released when a location is reached Dense time is possible by using a symbolic representation x 5 y := 0 T1T1 u! x 10
Mikael Åkerholm, SaveCCT lecture CBSE Course SaveCCT Glue Code Generator Motivation 2 GHz 256 MB RAM <1 GB OS Graphics, User Accounts run-time configuration Component Framework Run-time Binding DB Transactions, Web Thypical target platform For component technologies 20 MHz 256 kB RAM >1 MB OS Syncronisation, IPC, Timing static configuration
Mikael Åkerholm, SaveCCT lecture CBSE Course SaveCCT Glue Code Generator - Task Allocation Analysis Target Compiler RTOS Fully Automated Compile-Time Step SaveCCM Component Model Intermediate Task Models RTOS Execution Models CrossFire, RTXC PC/Win32, CCSimTech
Mikael Åkerholm, SaveCCT lecture CBSE Course SaveCCT Tools (under continous improvement) Save IDE (under continous improvement) Component composition Several existing prototypes for graphical composition from masters thesis projects, currently under major revision Automated connectivity to analysis tools through translations of SaveCCM XML to timed automata with tasks ->Times (Timing and much more) Finite State Processes -> LTSA (Control loop liveness) Test Automated test tools, e,g., test-complete and LabView, from CCSimTech Repository Under construction, will provide means for easy selection and specialisation of components through distingushing component versions, from component variants …
Mikael Åkerholm, SaveCCT lecture CBSE Course Example Application – SaveCCT in an industrial Environment Case Study at CC Systems Integrated our technology in a real industrial environment, i.e., selected development tools and hardware from the company’s repertoire CrossFire ECU, CCSimTech simulation technique, target compiler Implemented a “fictive” vehicular control application with the technology, and used as basis for evaluation
Mikael Åkerholm, SaveCCT lecture CBSE Course Road Signs Enabled Current Speed Road Sign Speed ACC Max Speed Distance ACC Enabled Brake Pedal Used > 50 Hz 10 Hz Brake Signal Throttle Brake Assist > Logger HMI Outputs > Object Recognition > Mode Switch > ACC Controller > Brake Assist ACC Max Speed ACC Application Speed Limit >
Mikael Åkerholm, SaveCCT lecture CBSE Course <<Assembly >> ACC Controllers <<Assembly>> Distance Controller <<Assembly>> Speed Controller Distance Control Relative Speed Max Speed <<Assembly>> Distance Controller <<SaveComp>> CalcOutput <<SaveComp>> UpdateState <<Assembly>> Speed Controller <<SaveComp>> CalcOutput <<SaveComp>> UpdateState Distance Relative Speed Max Speed Current Speed Current Speed Control <<Assembly >> ACC Controllers <<Assembly Distance Controller <<Assembly>> Speed Controller View, hiding low level information of data flow direction and triggering
Mikael Åkerholm, SaveCCT lecture CBSE Course Automated Analysis of The ACC Static WCET analysis through integration of the aiT Worst-Case Execution Time Analyser WCET ~ 3% over-estimation Context dependent WCET analysis preferable, but not yet achieved Timing and more through the underlying Timed Automata model The Times tool checks e.g., Schedulability and Response times for end-2-end transactions Liveness Finite State Processes (FSP), derived from SaveCCT Labeled Transition System Analyser (LTSA), is used to verify liveness
Mikael Åkerholm, SaveCCT lecture CBSE Course Questions