1. Guaranteed Component Assembly with Round Trip Analysis for Energy Efficient High-integrity Multi-core Systems Artemis-AAL day 7 May, Budapest 1BME and AENSys

2. CONCERTO A direct continuation of the CHESS project  further enhance MDE based design and analysis techniues for multiple domains Partners: 2Presentation Title and/or Meeting ReferenceBME and AENSys

3. What domains are we aiming? Original CHESS domains  mainly safety critical  Telecom Ethernet Microwave system  AeroSpace Avionics – AIRBUS case study Space – ATRIUM satelite  Automotive AUTOSAR New domains  would benefit from verification  Petroleum Safety/Risk management system  Medical Telecare 3Presentation Title and/or Meeting ReferenceBME and AENSys

4. Building Upon CHESS A chievements Definition of a Multi-Concern Component Methodology and Toolset  Provide a Multi-Concern Component Modeling Language and a Graphical Modelling Environment that fits multiple industrial domains  Enable the specification of extra-functional properties of software components  Integrate tools for the verification of extra-functional properties  Preserve verified properties at run time Adaptation of standards and open sources  OMG modeling languages  Eclipse Environment ARTEMIS4 CONCERTO Project Overview

5. The CHESS approach Model-driven engineering  Models as the central development artifacts  Tool assisted automated development Component based development  Specialized to capture the extra-functional requirements of components Extra-functional properties of interest  Real Time  Dependability and Safety ARTEMIS5 CONCERTO Project Overview

6. Initial vision: MDA with separation of concerns and back-propagation PIM Platform description Deployment information PSM Design space Implementation / analysis space 1. You construct a PIM to represent your solution to your problem, independent of any specific implementation 2. You complement the PIM with information on the target platform and the deployment plan 3. The design environment generates a PSM automatically via model transformation 5. The back-end tool reports the analysis results back on to the PSM and attaches them to the corresponding entities in the PIM 6. You change entities’ attributes in the PIM as needed and iterate the analysis until the system is satisfactory in all the functional and extra- functional dimensions of interest Analysis tool 4. A back-end tool extracts information from the PSM to feed specialized analysis tools (schedulability, dependability, etc…) The PSM is read-only! - This assures the relative consistency of PIM and PSM - And it shifts the responsibility of correctness from the designer to the transformation designer ARTEMIS6 CONCERTO Project Overview

7. CONCERTO Advancements and Objectives 7Presentation Title and/or Meeting ReferenceBME and AENSys

8. Execution environ ment Implement ation space Property – preserving Implementation Execution platforms Design space User model PIM HW Description Resources, #nodes, #cores, … Read-only PSM Model Transformation Model validation Analysis tools Model Transformation source code parsing monitoring Back-propagation Methodology executes on Modeling language Component model UML MARTE SysML CONCERTO Profile defines Code generation A A B B E E C C D D

9. Cross-domain challenges Furthering separation of concerns enacted by design views Enriching the component model at the center of the software architecture  Support for component hierarchies  Support for event-based integration with platform middleware  Support for modeling (and analysing) operation modes Augmenting back-propagation capabilities from run-time observations  What run-time information is useful to capture  How to back propagate it to the user model space for model assessment ARTEMIS9 CONCERTO Project Overview

10. Specialized needs Enriching safety modeling and analysis  Support for error simulation and enrichment of behavioral models  Support for instance-level safety modeling and refinement of metamodel Model execution  Provision of a PIM-level environment for the verification of model behavior Bridging the gap to system level  Essential to increase take up of CONCERTO solutions in production ARTEMIS10 CONCERTO Project Overview

11. Platform-specific challenges Support for multicore targets  How should the user be aware of multicore platforms  What code to generate for multicores What solutions for multicore scheduling and analysis  Run-time monitoring For property preservation (enforcement) Support for isolation via resource partitioning  Directly on model level ARTEMIS11 CONCERTO Project Overview

12. Telecare 12Presentation Title and/or Meeting ReferenceBME and AENSys

13. Overview – Telecare demonstrator 13 Sensor 1 – 3rd party Sensor 2 - Android Sensor 3 – own constr. Middleware – ODroid Sever – Drools Sensor 4 – prop. 3rd party – Smart home ANT+ MQTT BT - HDP Prop. HL7 BME and AENSys

14. Overview – Telecare demonstrator 14 Sensor 1 Sensor 2 Sensor 3 Middleware – ODroid Sever – Drools Sensor 4 Alarmmannen – Smart home M2M Data Server ANT+ MQTT BT - HDP Prop. HL7 Common interface from sensor data to manipulation Data migration and conversion Sensor 1 – 3rd party Sensor 2 - Android Sensor 3 – own constr. Sensor 4 – prop. BME and AENSys

15. Our goals First steps to a round-trip model based design and analysis approach for telecare  Availablity/Timing analysis WCRT execution time estimation  MAST Safety-barrier analysis Back-annotation using query-driven traceability  Allocation and reconfiguration of components  run-time reallocation of tasks Domain Specific Language for the telecare domain  Direct code and configuration generation CONCERTO Tooling  Workflow based transformation chains 15BME and AENSys