The development of a general framework for component-based engineering of complex heterogeneous embedded systems is a grand challenge which spans many research problems.

A key characteristic of component-based embedded systems is heterogeneity of component models. This heterogeneity concerns different execution models (synchronous, asynchronous, vs. timed), communication models (synchronous vs. asynchronous), as well as different scheduling paradigms. Technology must be provided to allow designing heterogeneous embedded systems from diverse types of components, and allow predicting and optimizing functional and non-functional properties of the designed systems. There are design tools, in which systems are designed by putting together pieces that might be termed components. Examples are MetaH, Ptolemy, and Metropolis. The functions of these tools are in some sense analogous to, e.g., MATLAB/Simulink. The advantage is that they support a variety of design notations. However, “components” can be assembled only in the supporting tool, meaning that different systems and components must all be developed in the same environment (tool) to stay compatible. Thus, these tools do not solve the problem of establishing a truly component based approach to system design.
One crucial issue to enable component based development is the need to develop a coherent theory for building complex heterogeneous systems which addresses, e.g., the issues of composability and compositionality. Such a comprehensive theory is missing today, thereby making it difficult to understand how to build systems that combine, e.g., synchronously and asynchronously executing components and reason about non-functional properties. First steps have been performed by the group (comprising RTC partners) consisting of A. Benveniste and B. Caillaud (INRIA), L. Carloni (Columbia University, New York), P. Caspi (Verimag), A. Sangiovanni-Vincentelli (PARADES and U.C. Berkeley), and S. Tripakis (Verimag and Berkeley Candence Labs.) with the work on Tag Systems, where systems executions are seen as partially ordered sets of events labelled with tags to capture the different aspects of design, both functional and extra-functional (series of papers at Emsoft conferences every year since 2002).

Another crucial issue is the challenge of handling non-functional properties (including real-time and QoS properties) in component-based development. This involves modelling, specification, prediction, tool support of such properties. It is widely recognized that such technology should be based on a rich component model (this concept used in [BBB+00]), which allows to model, specify, and predict timing, QoS, and resources properties of components and of systems composed from components. The OFFIS team has developed the Rich Component Model concept for embedded systems design into a framework allowing to specify and verify functional and non-functional requirements, their horizontal, vertical, and inter-viewpoint composition at different abstraction levels [DVMJ05]. This will allow to boost the level of re-use in electronic control unit design, while the proposed framework covers the complete development cycle, that is from high-level specification models to design models, allowing informed decisions to be made for the implementation phase.

Within the embedded systems domain, some specialized technologies have been developed, which provides some limited support for handling QoS and resource usage, but only in rather limited situations. A typical such technology can be exemplified by the Rubus component model [IN02]. Much effort is devoted to semantically founded formalisms specification of QoS properties. To specify timing properties, different variants of timed automata can be used, as in, e.g., the Omega component model [DJPV05], which has a semantics in terms of the IF language, supported by timed automata. For other types of properties, e.g., relating to queuing and performance, models based on queueing networks, Markov chains, etc. have been used. These approaches offer a precise mechanism for specifying and analysing QoS properties. A potential problem is that analysis may not always scale to systems with large numbers of components. For instance, standard schedulability analysis for simple fixed priority scheduled systems typically scales better to large numbers of components than does analysis of systems whose components are specified in detail by timed automata.
Designing components for reuse calls for a system of program annotations rich enough to ensure that the components will interact in a coherent manner when connected together. The dynamic information about the interactions of the component with its environment combines expectations of the component about its environment with guarantees offered in return by the component to its environment. L. De Alfaro and Th. Henzinger introduced for that purpose Interface Automata, viewed as enriched type systems (the so-called Behavioral Type Systems), which capture the temporal aspects of software component interaction. A component refines another component if it imposes less constraint about the environment and offers more guarantee in return. We obtain in this way a compositional semantics due to the fact that a component can be replaced with a more refined version in any environment compatible with the original component: The refined version may offer more services but both are equivalent in restriction to the set of services of the original component; this situation is reminiscent to the sub-class polymorphism in object-oriented programming. A first extension of this work to timing properties is the work of timed interfaces (de Alfaro, Henzinger, Stoelinga) [dAHS02].

UML emerged in recent years as a modelling standard for software, including also software for embedded systems for which specific UML profiles have been developed. Since several years, the Object Management Group (OMG) has adopted the UML Profile for Schedulability, Performance, and Time (SPT) to model real-time concerns [MHD04]. However, the SPT profile has several shortcomings, and there is a need for modifications to comply with the evolution of other OMG standards, and to have a profile with a broader scope. This has resulted in a Request For Proposals (RFP) for a new UML Profile named MARTE (Modeling and Analysis of Real-Time and Embedded systems, which should address issues such as compliance with the UML Profile for Quality of Service and Fault Tolerance (QoS & FT), specification of not only real-time constraints but also other embedded QoS char-acteristics such as memory and power consumption, modelling and analysis of component-based architectures, and the capability to model systems in different modelling paradigms (asynchronous, synchronous, and timed).

The situation concerning tools to analyse systems modelled in UML is not satisfactory. In contrast to the situation for environments adopting the “synchronous approach” where for development tools, such as SCADE or Esterel Studio, there exist tightly integrated verification tools, it is more difficult to provide verification support in tools for modelling languages based on asynchronous communication, such as Rhapsody.
There exist a number of tools for the analysis and verification of functional and timing properties of system models, such as as the Kronos and IF tools (developed at Verimag), Uppaal (developed at Aalborg and Uppsala), Hytech (developed at Cornell and Berkeley), the Metropolis tool (developed at Parades and Berkeley) and several others.

The effort made in some recent projects, such as OMEGA, has lead to some encouraging results concerning validation of UML designs [GBC05,GOO06]. The newly started SPEEDS project gathers as core members academic partners with an important back ground in validation and modelling (INRIA, OFFIS, PARADES, and Verimag), industrial partners developing software modelling and development environments (Esterel Technologies, Telelogic, TNI, and Extessy) as well as important users from the embedded systems domain (such as Airbus, Daimler-Chrysler, Saab, and Bosch). The aim of this project is to improve the current situation with respect to verification and validation.


[BBB+00] F. Bachmann, L. Bass, C. Buhman, S. Comella-Dorda, F. Long, J. Robert, R. Seacord, and K. Wallnau. Technical Concepts of Component-Based Software Engineering, Volume II. Technical Report CMU/SEI-2000-TR-008, Software Engineering Institute, Carnegie-Mellon University, May 2000.
[DJPV05] Werner Damm, Bernhard Josko, Amir Pnueli, Angelika Votintseva A discrete-time UML semantics for concurrency and communication in safety-critical applications. In Science of Computer Programming, 2005
[DVMJ05] W. Damm, A. Votintseva, A. Metzner, B. Josko, T. Peikenkamp und E. Böde. Boosting Re-use of Embedded Automotive Applications through Rich Components. In: FIT 2005 - Foundations of Interface Technologies 2005.
[dAHS02] L. de Alfaro, T.A. Henzinger, M. Stoelinga. Timed Interfaces, in Proc. EMSOFT 2002. LNCS 2491, pp. 108-122.
[GBC05] S. Graf, F. de Boer, P. Combes, J. Hooman, H. Kugler, M. Kyas, D. Lesens, I. Ober, A. Votintseva, Y. Yushtein, M. Zenou, “Omega Final Project Report”, Deliverable of the Omega IST project, 2005, 60 pages (see also )
[GOO05] S. Graf, I. Ober, I. Ober, “Validating Timed UML models by simulation and verification”, STTT, Software Tools for Technology Transfer, vol. 8 (2) April 2006
[IN02] D. Isovic and C. Norström. Components in real-time systems. In Proc. RTCSA 2002, 8th International Conference on Real-Time Computing Systems and Applications, Tokyo, Japan, March 2002.
[MHD04] J. L. Medina, M. G. Harbour and J. M. Drake: The “UML Profile for Schedulability, Per-formance and Time” in the Schedulability Analysis and Modeling of Real-Time Distributed Systems. SIVOES-SPT Workshop. Toronto (Canada). May, 2004.

(c) Artist Consortium, All Rights Reserved - 2006, 2007, 2008, 2009

Réalisation Axome - Création de sites Internet