Presentation is loading. Please wait.

Presentation is loading. Please wait.

6 th Framework Programme (IST-FP6-2004 004033) A Domain-Specific Metamodel for Reusable Object-Oriented High-Integrity Components Matteo Bordin and Tullio.

Published byVirginia Barton Modified over 9 years ago

Similar presentations

Presentation on theme: "6 th Framework Programme (IST-FP6-2004 004033) A Domain-Specific Metamodel for Reusable Object-Oriented High-Integrity Components Matteo Bordin and Tullio."— Presentation transcript:

1 6 th Framework Programme (IST-FP6-2004 004033) A Domain-Specific Metamodel for Reusable Object-Oriented High-Integrity Components Matteo Bordin and Tullio Vardanega University of Padua, Italy The 7 th OOPSLA Workshop on Domain-Specific Modeling Montreal, October 21-22, 2007

2 OOPSLA DSM Workshop 2007 - 2 / 16 - Contents 1.The domain 2.Model-driven engineering 3.Constrained object-oriented modeling 4.Implementation technologies 5.Conclusions

3 OOPSLA DSM Workshop 2007 - 3 / 16 - High-Integrity Systems The domain DO-178B MIL-STD 882B Def-Stan 0055 DO-178B MISRA IEC 880 IEC 61508 Up to 2/3 of development costs on V&V

4 OOPSLA DSM Workshop 2007 - 4 / 16 - High-integrity systems: a SW perspective The domain Pros: Abstraction, Automation (correctness by construction) Cons: Model-to-executable distance (difficult analysis) Pros: Adaptive reuse (and encapsulation, information hiding, …) Cons: Predictability, costly/complex run-time Object orientation Model-driven engineering (MDE) Object orientation MDE SCADE Common practice Our goal AADL (+ tools) Source-based approaches

5 OOPSLA DSM Workshop 2007 - 5 / 16 - MDE: a key question Model-Driven Engineering What determines the design semantics? Where is it fixed?  The generated software product must be statically analyzable  Its run-time behavior must be predictable and conform with the analysis  Static analysis of the software product should be anticipated by model-based analysis  What “reference universe” informs the metamodel?  The target programming language?  The target execution platform?  An underlying analysis theory?  The blue sky above?  Toward model-based analysis

6 OOPSLA DSM Workshop 2007 - 6 / 16 - Closing the gap between model and run-time (I)  Models as blueprints  To permit model-based analysis (timing, safety, security)  Bottom-up construction Model-Driven Engineering Ravenscar Profile Run-time kernel for High-integrity Real-Time Systems Warrants static analyzability Prescribes run-time semantics Identifies run-time metrics Ravenscar Computational Model To render language-neutral the semantics of the Ravenscar profile RCM Metamodel A high-level language to design systems compliant with Ravenscar restrictions by construction Ada Kernel, JVM Graphical/declarative language Higher-level abstraction same run-time semantics

7 OOPSLA DSM Workshop 2007 - 7 / 16 - Closing the gap between model and run-time (II) Model-Driven Engineering  Enable sound/complete model-based analysis  Models for V&V, not just for design/implementation Ravenscar Profile Ravenscar Computational Model RCM Metamodel PSM (not visible) Analysis Tool PIM Platform specification conformance Source Code traceability

8 OOPSLA DSM Workshop 2007 - 8 / 16 - Constrained Object-Oriented Modeling  Why object-orientation?  Adaptive reuse through inheritance and overriding  Reuse  decrease verification costs  Dispensed with by current industrial practice  Implementation issues  Dead inherited code  Larger-sized executables  More complex traceability  Requires dynamic binding  No static analysis  Far too costly path coverage Object orientation Advanced compilers address some of these problems (e.g., via ROM-able virtual tables) Main focus of the talk!

9 OOPSLA DSM Workshop 2007 - 9 / 16 - Dynamic binding: state-of-the-art? Object orientation void m(){ // a dynamically bound invocation this.ptr.p(); } void m(){ if(this.ptr instaceof Impl1){ // issue a statically bound invocation (not possible in Java) } // now evaluate all types... } Code transformation (compiler tool)  use code analysis tools Full code coverage: O (#dispatching_calls ∙ #types) ptr …

10 OOPSLA DSM Workshop 2007 - 10 / 16 - The RCM approach: models for V&V Object orientation … o2 : Impl3 o1 : MyClass  Core idea: links fixed at model level  Common in the high-integrity domain (HOOD, HRT-HOOD, AADL, etc.)  Use the dynamic binding mechanism but permit static analysis  Execution paths are statically determined  Model-based analysis instead of code-based analysis ptr

11 OOPSLA DSM Workshop 2007 - 11 / 16 - Object-oriented modeling with RCM RCM metamodel Enforce design-by-contract m1 invokes ptr.p2() m2 invokes ptr.p1() and ptr.p2() Class view Component view m1 m2 m3 p1 p2 Determine possible intra-component paths MyClass ptr

12 OOPSLA DSM Workshop 2007 - 12 / 16 - Object-oriented modeling with RCM (II) m1 invokes ptr.p2() m2 invokes ptr.p1() and ptr.p2() Class view ptr Object view RCM metamodel m : MyClass i : Impl1 Dynamic binding! Statically determine possible inter-components paths Enforce constant links functional dependencies on properties only call setters just once

13 OOPSLA DSM Workshop 2007 - 13 / 16 - Node N2 PIM to PSM in RCM RCM metamodel PIM Object view (with deployment) m : MyClassi : Impl1 Node N1 PSM Object view (not visible) client task (m) stub Middleware skeleton task server (i) Middleware Dynamic binding with statically-fixed execution path(s)

14 OOPSLA DSM Workshop 2007 - 14 / 16 - Implementation technologies  Eclipse plug-in  Metamodeling: EMF  Model transformations: ATL, MOFscript  GUI: GMF Implementation Class/Object diagram Deployment diagram

15 OOPSLA DSM Workshop 2007 - 15 / 16 - Results & Conclusions (I)  Industrial pilot projects by and  Due for completion and demonstration by December 2007  Targeting real space-qualified hardware  With real-life system ambitions and demands!  Model-based analysis  Needs a suitable underlying computational model  The same philosophy as adopted by SCADE  Fundamental to formally reason on system properties  Before implementation  Easier and more solid what-if analysis  Needs full and accurate modeling of the system  Difficult to map the middleware in the PIM-to-PSM transformation  Difficult to evaluate sizing requirements  Permits to exploit a restricted form of dynamic binding Results

16 OOPSLA DSM Workshop 2007 - 16 / 16 - Release client when timeout expires Timing event (released by the invocation of the RI) Results & Conclusions (II)  MDE-enabled object orientation: a première in space software!  Adaptive reuse: software frameworks are a major advantage  Predictability: constrained dynamic binding is acceptable  Certifiable implementation: requires compiler support  Work in progress  To increase PIM expressive power while preserving RCM compliance i : Impl1 Client Sporadic Task (waiting for server reply) Server Evaluate the release event (timeout / server reply) Discard undesired release events Timed-out RI (declarative spec.) Results

17 OOPSLA DSM Workshop 2007 Questions? Thank you! Matteo Bordin, mbordin@math.unipd.itmbordin@math.unipd.it www.math.unipd.it/~mbordin

18 OOPSLA DSM Workshop 2007 : POS Overall Modeling Process RCM Modeling POS + Write + Read Protected Read Write POS_Component P : Pos IComputer Compute ??????? GNC + Compute + GNC_Op : IComputer Passive Compute GNC_Component G : GNC : GNC Passive Sporadic GNC_Op Compute ??????? : POS Write Read : IComputer Compute Functional specNon-functional spec

Download ppt "6 th Framework Programme (IST-FP6-2004 004033) A Domain-Specific Metamodel for Reusable Object-Oriented High-Integrity Components Matteo Bordin and Tullio."

Similar presentations

Guaranteed Component Assembly with Round Trip Analysis for Energy Efficient High-integrity Multi-core Systems Artemis-AAL day 7 May, Budapest 1BME and.

Guaranteed Component Assembly with Round Trip Analysis for Energy Efficient High-integrity Multi-core Systems Artemis-AAL day 7 May, Budapest 1BME and.
Professor John Hosking, Dean of Engineering and Computer Science Models, Modelling, MBSE.

Professor John Hosking, Dean of Engineering and Computer Science Models, Modelling, MBSE.
Presented by: Thabet Kacem Spring 2010. Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.

Presented by: Thabet Kacem Spring Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.
Formal Methods in Software Engineering Credit Hours: 3+0 By: Qaisar Javaid Assistant Professor Formal Methods in Software Engineering1.

Formal Methods in Software Engineering Credit Hours: 3+0 By: Qaisar Javaid Assistant Professor Formal Methods in Software Engineering1.
Common Object Request Broker Architecture (CORBA) By: Sunil Gopinath David Watkins.

Common Object Request Broker Architecture (CORBA) By: Sunil Gopinath David Watkins.
Www.thalesgroup.com Filling the Gap Between System Design & Performance Verification Rafik HENIA, Laurent RIOUX, Nicolas SORDON Thales Research & Technology.

Filling the Gap Between System Design & Performance Verification Rafik HENIA, Laurent RIOUX, Nicolas SORDON Thales Research & Technology.
Model-Based Programming: Executable UML with Sequence Diagrams By Ruben Campos Cal State L.A. Computer Science Thesis Work Spring 2007.

Model-Based Programming: Executable UML with Sequence Diagrams By Ruben Campos Cal State L.A. Computer Science Thesis Work Spring 2007.
Matteo Bordin Component Development Component Based SW Engineering.

Matteo Bordin Component Development Component Based SW Engineering.
Transparent Environment for Replicated Ravenscar Applications Luís Miguel Pinho Francisco Vasques Ada-Europe 2002 Vienna, Austria 18-20 June 2002.

Transparent Environment for Replicated Ravenscar Applications Luís Miguel Pinho Francisco Vasques Ada-Europe 2002 Vienna, Austria June 2002.
MDA > Model Driven Architecture > Orçun Dayıbaş > December, 2006 > METU, Ankara.

MDA > Model Driven Architecture > Orçun Dayıbaş > December, 2006 > METU, Ankara.
Object-Oriented Analysis and Design

Object-Oriented Analysis and Design
Variability Oriented Programming – A programming abstraction for adaptive service orientation Prof. Umesh Bellur Dept. of Computer Science & Engg, IIT.

Variability Oriented Programming – A programming abstraction for adaptive service orientation Prof. Umesh Bellur Dept. of Computer Science & Engg, IIT.
Train Control Language Teaching Computers Interlocking By: J. Endresen, E. Carlson, T. Moen1, K. J. Alme, Haugen, G. K. Olsen & A. Svendsen Synthesizing.

Train Control Language Teaching Computers Interlocking By: J. Endresen, E. Carlson, T. Moen1, K. J. Alme, Haugen, G. K. Olsen & A. Svendsen Synthesizing.
Automated Analysis and Code Generation for Domain-Specific Models George Edwards Center for Systems and Software Engineering University of Southern California.

Automated Analysis and Code Generation for Domain-Specific Models George Edwards Center for Systems and Software Engineering University of Southern California.
1 © Wolfgang Pelz 2000-04UML3 UML 3 Notations describe how to use reusable software. Package Component Deployment Node.

1 © Wolfgang Pelz UML3 UML 3 Notations describe how to use reusable software. Package Component Deployment Node.
Object Oriented System Development with VB .NET

Object Oriented System Development with VB .NET
CS 501: Software Engineering Fall 2000 Lecture 16 System Architecture III Distributed Objects.

CS 501: Software Engineering Fall 2000 Lecture 16 System Architecture III Distributed Objects.
Programmability with Proof-Carrying Code George C. Necula University of California Berkeley Peter Lee Carnegie Mellon University.

Programmability with Proof-Carrying Code George C. Necula University of California Berkeley Peter Lee Carnegie Mellon University.
7 July 2003 MDA presentation Dennis Wagelaar 1 Model-Driven Architecture The current state of affairs.

7 July 2003 MDA presentation Dennis Wagelaar 1 Model-Driven Architecture The current state of affairs.
Java for High Performance Computing Jordi Garcia Almiñana 14 de Octubre de 1998 de la era post-internet.

Java for High Performance Computing Jordi Garcia Almiñana 14 de Octubre de 1998 de la era post-internet.

Similar presentations

Ads by Google