Julien Delange

Validate, simulate, and implement ARINC653 systems using the AADL

Safety-critical systems are widely used in different domains and lead to an increasing complexity. Such systems rely on specific services such space and time isolation as in the ARINC653 avionics standard. Their criticality requires a carefully driven design based on an appropriate development process and dedicated tools to detect and avoid problems as early as possible. Model Driven Engineering (MDE) approaches are now considered as valuable approach for building safety-critical systems. The Architecture Analysis and Design Language (AADL) proposes a component-based language suitable to operate MDE that fits with safety-critical systems needs. This paper presents an approach for the modeling, verification and implementation of ARINC653 systems using AADL. It details a modeling approach exploiting the new features of AADL version 2 for the design of ARINC653 architectures. It also proposes modeling patterns to represent other safety mechanisms such as the use of Ravenscar for critical applications. This approach is fully backed by tools with Ocarina (AADL toolsuite), POK (AADL/ARINC653 runtime) and Cheddar (scheduling verification). Thus, it assists system engineers to simulate and validate non functional requirements such as scheduling or resources dimensioning.

Validating Safety and Security Requirements for Partitioned Architectures

Design and validation of safety-critical systems are crucial because faults or security issues could have significant impacts (loss of life, mission failure, etc.). Each year, millions of dollars are lost due to these kinds of issues. Consequently, safety and security requirements must be enforced. Systems must be validated against these requirements to improve safety and security and to make them more reliable and robust. We present our approach to avoid such issues by modeling safe and secure systems with both safety and security requirements. We rely on a modeling language (AADL) to model and design partitioned systems with their requirements and constraints. We then validate these models to ensure security and safety enforcement. We also discuss how this approach can be used to automatically generate and build safe and secure partitioned systems.

An MDE-Based Process for the Design, Implementation and Validation of Safety-Critical Systems

Distributed Real-Time Embedded (DRE) systems have critical requirements that need to be verified. They are either related to functional (e. g. stability of a furnace controller) or non-functional (e. g. meeting deadlines) aspects. Model-Driven Engineering (MDE) tools have emerged to ease DRE systems design. These tools are also capable of generating code. However, these tools either focus on the functional aspects or on the runtime architecture. Hence, the development cycle is partitioned into pieces with heterogeneous modeling notations and poor coordination. In this paper, we propose a MDE-based process to create DRE systems without manual coding. We show how to integrate functional and architecture concerns in a unified process. We use industry-proven modeling languages to design functional elements of the system, and automatically integrate them using our AADL toolchain.

{Design, implementation and verification of MILS systems}

Safety‐critical systems are used in many domains (military, avionics, aerospace, etc.) and handle critical data in hostile environments. To prevent data access by unauthorized subjects, they must protect and isolate information so that only allowed entities can read or write information. However, because of their increased number of functionalities, safety‐critical systems design becomes more complex; this increases difficulties in the design and the verification of security functions and potential error in their implementation. The multiple independent levels of security (MILS) approach introduces rules and guidelines for the design of secure systems. It isolates data according to their security levels, reducing system complexity to ease development. However, there is no approach addressing the whole development of MILS systems from high‐level specification (application components with their security levels) to the final implementation (code that executes application functions and provide security mechanisms). This paper presents a complete development approach for the design, verification and implementation of MILS architectures. It aims at providing a complete framework to build secure applications based on MILS guidelines. We describe security concerns using a modeling language, verify security requirements and automatically implement the system code generation techniques and a MILS‐compliant operating system that provides security functions. Copyright