# ADEPT Workshop 2024 AADL Intro and News

Bruce Lewis, AADL Committee Chair

Galois, Inc. June 14, 2024

galois

#### Architecture Analysis & Design Language (AADL) History & Objectives

- Came out of 3 DARPA programs (9 years plus) developing Architecture Design Languages as MetaH (Steve Vestal PI)
- Experiments in Army Lab prove value so started SAE standard for AADL from MetaH
- System Architecture Virtual Integration (SAVI), an industry program, selected AADL after review of all competitors to deal with the high cost of system of aviation software integration.
- DARPA programs have since leveraged AADL (HACMS, CASE, PROVERS ...) combined with formal methods
- AADL Language Architect Peter Feiler -> Jerome Hugues
- Key concepts of AADL from the beginning Domain specific Language for RT embedded systems
  - Enable quantitative architectural analysis on virtually integrated systems.
  - Enable generative approaches to build compliant systems from verified models.
  - <u>Provide stable core concepts and language with well defined semantics</u>
  - Easy to understand engineering terms with textual and graphical expression
  - Incremental refinement to support the lifecycle with incremental analyzability
  - Flexibility to support new domains & analyses w annex sublanguages, property sets.

### Architecture Analysis & Design Language SecInternational AS-5506 STANDARD SUITE

- Core AADL language standard upgrades
- V1 [A) 2004, V2 (B) 2012, V2.2 (C) 2017, V2.3 (D) 2022
  - For embedded & cyber physical software system modeling, analysis, and generative integration
  - Strongly typed component based architecture language with well-defined, rich semantics for threads, processes on partitions, subprograms and processor, memory, bus, system and device components, sampled/queued, communication, modes, end-to-end flows
- Next standard will be joint SAE/OMG standard AADL library for SysMLv2

#### Standardized AADL Annex Extensions

- Error Model language for safety, reliability, security analysis [2006, 2015]
- ARINC653 extension for partitioned architectures [2011, 2015]
- Behavior Specification Language for components and interaction [2011, 2017]
- Data Modeling extension for interfacing with data models (UML, ASN.1, ...) [2011]
- AADL Runtime System & Code Generation [2006, 2015, RTS refined in Core in 2022]

### AADL SAE AS2C Committee Activities

- Current focus is developing a SysMLv2 library for AADL
  - It is planned to be a joint OMG/SAE standard
  - It will make AADL part of SysMLv2 as a supported library integrating system engineering and embedded system design.
  - Part of OMG's Systems Modeling Community (SMC)
  - Our SMC is "Real-Time Embedded Safety-Critical Systems Working Group (RTESCWG)
  - SAE and OMG working together to formalize the joint standardization process. Both parties working together well.
  - Involves coordinated upgrades to SysMLv2 to support real time systems
  - Jerome Hughes and Gene Shreve are co-chairs of the Real Time SMC
- OMG/SAE Joint meetings
  - Two virtual meetings per month
  - Typically every other Wed 9:00-10:00 CT, Next meeting June 19th
  - You can join the OMG Managed Communities or the SAE AADL committee to attend virtual meetings.
  - To attend SMC meetings at OMG standards meetings, you need to join the SMC.
  - Next OMG standards meeting, Chicago, USA, Sept 11-12
- Progress Static part of AADL prototyped, being used on PROVERS



#### AADL ANALYTICALLY DESCRIBES THE REAL-TIME SYSTEM ENABLING VIRTUAL INTEGRATION





Standardized AADL captures mission and safety critical embedded software system architectures in virtually integrated analyzable models



### **AADL Components**





### **Ports & Connections**

Ports: directional transfer of data & control

Data port: state, sampled data streams

Event port: Queued, thread dispatch & mode switch trigger

Event data port: queued messages

Port group: aggregation of ports into single connection point

Connection: connects ports in the direction of their flow



event port connection





### Flight Manager Bindings - 2





APPROVED FOR PUBLIC RELEASE



#### **ACVIP PROCESS APPLIES AADL INCREMENTALLY** TO CATCH INTEGRATION ISSUES EARLY







#### NEED FOR INTEGRATED ENGINEERING ANALYSIS OF EMBEDDED SOFTWARE SYSTEMS SIMILAR TO PHYSICAL



| <u>Virtual Integrated Physical System</u><br>Analysis Uses Computer Models (e.g. CAD)                                                                                                                                                                                                                        | Virtual Integrated Software System<br>Analysis Uses AADL Model                                                                                                                                                                                                                                                                                                                                                                                                              |
|--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Aerodynamics<br>Aero elastics<br>Stall and Compressibility<br>Acoustics<br>Structures<br>Static and Dynamic<br>Flutter and Vibration<br>Fatigue<br>Drive Systems<br>Power Transmission<br>Wear and Fatigue<br>Engine<br>Power Available<br>Fuel Required<br>Mission Performance<br>Payload<br>Range<br>Speed | Security<br>Intrusion<br>Integrity<br>Confidentiality<br>Resource Consumption<br>Bandwidth<br>CPU Time<br>Power Consumption<br>Real-Time Performance<br>Execution Time / Deadline<br>Deadlock / Starvation<br>Latency<br>Data Quality<br>Data Precision / Accuracy<br>Temporal Correctness<br>Confidence<br>Safety and Reliability<br>MTBF<br>FMEA<br>FMEA<br>Higher CPU demand<br>Increased latency<br>Affects temporal<br>correctness<br>Potential new<br>hazard Analysis |
| Auto code generation from AADL Virtual Model<br>is similar to<br>Automated fabrication from CAD Virtual Model                                                                                                                                                                                                |                                                                                                                                                                                                                                                                                                                                                                                                                                                                             |

APPROVED FOR PUBLIC RELEASE





#### COST REDUCTION POTENTIAL THROUGH VIRTUAL INTEGRATION OF EMBEDDED SOFTWARE SYSTEMS



## Summary

- AADL embedded system engineering benefits
  - Analyzable models drive development from requirements
  - Prediction of runtime characteristics at incremental fidelity levels
  - Ability to see side effects of change across RT architecture
  - Design tradespace analysis can be (and has been) automated
  - Critical design decisions are made explicit for reuse/update
  - Predictive analysis of runtime performance/effects early and throughout lifecycle greatly reduces integration and maintenance cost/risk/time
  - Early prototyping or trusted build through generative integration of components
  - Supports integration of multiple domains of analysis for RT systems on a common model with standard semantics and properties
  - Being developed to provide RT analysis capabilities for SysMLv2