Gaetana Sapienza

Architectural Decisions for HW/SW Partitioning Based on Multiple Extra-Functional Properties

Growing advances in hardware technologies are enabling significant improvements in application performance by the deployment of components to dedicated executable units. This is particularly valid for Cyber Physical Systems in which the applications are partitioned in HW and SW execution units. The growing complexity of such systems, and increasing requirements, both project- and product-related, makes the partitioning decision process complex. Although different approaches to this decision process have been proposed during recent decades, they lack the ability to provide relevant decisions based on a larger number of requirements and project/business constraints. A sound approach to this problem is taking into account all relevant requirements and constraints and their relations to the properties of the components deployed either as HW or SW units. A typical approach for managing a large number of criteria is a multicriteria decision analysis. This, in its turn, requires uniform definitions of component properties and their realization in respect to their HW/SW deployment. The aim of this paper is twofold: a) to provide an architectural metamodel of component-based applications with specifications of their properties with respect to their partitioning, and b) to categorize component properties in relation to HW/SW deployment. The metamodel enables the transition of system requirements to system and component properties. The categorization provides support for architectural decisions. It is demonstrated through a property guideline for the partitioning of the System Automation and Control domain. The guideline is based on interviews with practitioners and researchers, the experts in this domain.

Partitioning Decision Process for Embedded Hardware and Software Deployment

Many types of embedded systems applications are implemented as a combination of software and hardware. For such systems the mapping of the application units into hardware and software, i.e. the partitioning process, is a key phase of the design. Although there exist techniques for partitioning, the entire process, in particular in relation to different application requirements and project constraints, is not properly supported. This leads to several unplanned iterations, redesigns and interruptions due to uncontrolled dependencies between hardware and software parts. In order to overcome these problems, we provide a design process that enables the partitioning based on a multiple criteria decision analysis in a late design phase. We illustrate the proposed approach and provide a proof-of concept on an industrial case study to validate the approach applicability.

Analyzing a wind turbine system: From simulation to formal verification

Abstract Many industrial systems are hybrid by nature, most often being made of a discrete controller that senses and regulates the execution of a plant characterized by continuous dynamics. Examples of such systems include wind turbines that convert wind energy into electrical energy. Designing industrial control systems is challenging, due to the mixed nature of requirements (functional, timing, etc.) as well as due to the complexity stemming from the interaction of the controller with the plant. Model-based techniques help in tackling the design challenges, whereas methods such as simulation with tools like MATLAB/Simulink can be employed for analysis. Although practical, these methods alone cannot ensure full predictability, due to the fact that they cannot guarantee system properties for all possible executions of the system model. In order to ensure that the system will behave as expected under any operational circumstance, formal verification and validation procedures need to be added to the actual development process. In this paper, we propose an extension of the iFEST (industrial Framework for Embedded Systems Tools) process and platform for embedded systems design with model-based testing using MaTeLo, and model checking time-dependent requirements with the Uppaal tool, as means of increasing the confidence in the systems behavior. To show the feasibility of the techniques on industrially-sized systems, we analyze a wind turbine industrial prototype model against functional and timing requirements. We capture the execution semantics of the plant and controller components of the wind turbine via logical clocks and constraints expressed in the clock constraint specification language (CCSL) of UML MARTE, after which we construct real-time models amenable to model checking, by mapping the timed behavior (expressed in CCSL) of the real-time components of the wind turbine, onto timed automata. Our work is a first application on an industrial wind turbine system of complementary methods for formal analysis, that is, model-based testing, and model checking a mathematically tractable system abstraction based on data obtained by simulating the system with MATLAB/Simulink. We also discuss relevant modeling and verification challenges encountered during our experiences with the wind turbine system.

Modelling for Hardware and Software Partitioning Based on Multiple Properties

In many embedded systems types the separation process for deploying the applications as software and hardware executable units, called partitioning is crucial. This is due to the fact that partitioning decisions impact the overall life cycle of the systems. In industry it is common practice to take partitioning decisions in an early stage of the design, based on hardware and software designers expertise. We propose a new methodology as a combination of model based and component-based approaches which enables a late partitioning decisions based on high level system requirements and project constrains. The final partitioning is decided based on a multi-property analysis approach. Here, we focus on the formalization of the overall process and in particular on the definition of a comprehensive system metamodel. This is meant to support modelling approaches suitable for enabling both the partitioning and reuse. An industrial case study is used to illustrate the approach.

Wind Turbine System: An Industrial Case Study in Formal Modeling and Verification

In the development of embedded systems, the formal analysis of system artifacts, such as structural and behavioral models, helps the system engineers to understand the overall functional and timing behavior of the system. In this case study paper, we present our experience in applying formal verification and validation (V&V) techniques, we had earlier proposed, for an industrial wind turbine system (WTS). We demonstrate the complementary benefits of formal verification in the context of existing V&V practices largely based on simulation and testing. We also discuss some modeling trade-offs and challenges we have identified with the case-study, which are worth being emphasized. One issue is related, for instance, to the expressiveness of the system artifacts, in view of the known limitations of rigorous verification, e.g. model-checking, of industrial systems.

Inclusion of Ethical Aspects in Multi-criteria Decision Analysis

Decision process is often based on multi-faceted and mutually opposing criteria. In order to provide rigorous techniques for problem structuring and criteria aggregation used for classification and ranking of alternatives, Multiple Criteria Decision Analysis (MCDA) has been used as a method to achieve architectural decisions. Even though it has already been argued in literature that MCDA essentially depends on value systems of decision-makers, it is a question how the decision result reflects a particular criterion, requirement or a particular decision. This is especially true if a criterion is not precisely specified. In this paper we analyse the ethical aspects of MCDA. In our analysis we argue that it is in the long run necessary to make value basis of decision-making and ethical considerations explicit and subject for scrutiny. As a support to encourage introduction of transparent value-based deliberation we propose an extended MCDA scheme that would explicitly take into account ethical analysis. As an illustration, we present an industrial case study for the Software (SW)/Hardware (HW) partitioning of a wind turbine application in which different decisions can be taken, depending on the ethical aspects.

On applying multiple criteria decision analysis in embedded systems design

We focus here on the application of multi critera decision analysis (MCDA) techniques in hardware/software partitioning activities to be used in the design and deployment of embedded systems. Our goal is to identify the best existing methods and tools suitable to support the approach we have taken for the partitioning process. We provide this via a survey of the most well-known MCDA methods and tools (for a specific class of MCDA methods called multi attribute decision making. We identify a set of criteria that need to be addressed, in some way, by the methods, and implemented by related tools. These “11-suitability criteria” help us in deciding the appropriateness of the analysed methods and tools for the envisaged partitioning approach. In brief, we are interested that the MCDA methods are taking into account multiple extra-functional properties, expressed by a variety of types, with possible missing values, should enable dependency handling, decision traceability, etc. The conclusion is that there are criteria that are not fulfilled by any of the methods, and hence there is no method or tool that can directly used for the partitioning. However, the results shows the potential of using MCDA in the partitioning process and provide a good starting point for future research activities.

System Level Partitioning for Embedded Systems

Platforms with different computation resource, e.g. CPUs and FPGAs, become one of the first choices to deploy performance-requiring embedded applications. On this technology, functionalities can be implemented either as hardware (HW) or software (SW) components. Here, we extend the MultiPar methodology to support the selection of optimal partitioning solutions with respect to system properties. We show the feasibility of the proposed methodology and validate the composition rules for properties used in the partitioning decision process.

Integrating Version Control in a Standardized Service-Oriented Tool Chain

The complexity of modern embedded systems most often requires multiple specialized tools to be used during the development process. These tools are commonly integrated into tool chains. An efficient way of achieving such integration is through the use of an tool integration framework, with one of the most prominent of such frameworks being Open Services for Lifecycle Collaboration (OSLC). However, at present time OSLC does not provide an established way for fully integrating version control systems. This paper presents how version control systems can be integrated into a tool chain based on OSLC. The integration is enabled by defining a version control domain based on the OSLC core specification, describing how to represent versioned artifacts and perform version control operations. The proposed approach is implemented and its feasibility is proven on a case study tool chain, which integrates the Team Foundation Server version control system and an industrial design tool for the power distribution domain.