Architecture Modeling - SPES 2020

More documents

Recommendations

Info

Architecture Modeling context does not comply to a strong assumption, then this constitutes an ”illegal” out of specification usage of the corresponding component. Weak assumptions structure contracts according to cases wrt. the integration context. That means a strong assumption can be confined by a weak assumption and for that particular integration context a more precise guarantee may be given. If a component is used accordingly to its strong assumptions, it will guarantee the behavior specified by the guarantee, provided the weak assumption is fulfilled. TextuallyRepresentedElement + textualRepresentation: String Assertion ProcessRequirement +stronglyAssuming +weakAssumption 0..1 1 +strongAssumption 0..1 +guarantee +aspect SystemArtefact Aspect Requirement + rationale: String [0..*] SystemRequirement Stakeholder InformalAssertion FormalAssertion +assertion +formal BlockOccurrence +type BehaviorBlock 0..1 0..1 0..1 +weaklyAssuming 0..1 0..* +stakeholder 0..* 0..1 «isOfType» +guaranting Figure 3.27: Meta-model integration of the concept of Contracts In the meta-model the concept of contracts is represented by the meta-class SystemRequirement (see Figure 3.27). The naming difference is motivated by the existence of the concept ProcessRequirement. Both are requirements and we wish to emphasise that by name. However the concept of ProcessRequirement is out of the scope of this document and we will use the terms SystemRequirement and Contract interchangeably. A Contract associates an Assertion in three roles, which correspond to the elements of its constituting triple. An assertion can be either an InformalAssertion or a FormalAssertion. Apart from this, an assertion always is a specification of the dynamics exposed at the interface (InteractionPoints in all Ports) of a component with regard to a certain aspect. The loose coupling of SystemRequirement and RichComponent allows the reuse of a SystemRequirement and to associate it with different components via the Satisfy-trace link. Note that when specifying assumptions (strongAssumption and weakAssumption), they must not limit the output ports of the component. In turn the guarantee (guarantee) must not limit the input ports of the component. If an assumption (strong or weak) has not been specified for a contract, then they are assumed to be true. That means a component associated with that contract is not restricted with regard to any design context, which is most certainly not the case! The BlockOccurrence is typed by an HRC state machine, which is also defined in the meta-model but not described here (instead see [50]). Tracability of requirements is an important concept in order to be able to reason about refinement of them and to provide arguments to certification authorities how implementation require- 1 38/ 156
RichComponent Architecture Modeling Satisfy Refine 1..* +component +refinedBy 1..* 1 +refinedReq Requirement + rationale: String [0..*] +satisfies 1..* SystemRequirement +entailed 1 +entailing Figure 3.28: Meta-model integration of the tracing of requirements and contracts ments have been derived from initial product requirements. The meta-model supports tracability by different trace-links between Requirements and RichComponents (see Figure 3.28). The Satisfy concept links SystemRequirements to RichComponents, indicating the components that have to satisfy the aspect specifications defined by the SystemRequirements. The satisfaction relation is discussed detailed in Section 4.3. Note that RichComponents are linked to SystemRequirements and do not own them. This allows both of them to exist independently from each other, i. e. from the meta-model point of view it is not necessary to first create a RichComponent along with its syntactical interface in order to specify a SystemRequirement (contract). Indeed this loose coupling makes it possible to first specify a contract and to define a RichComponent at a later time and link it to that contract. The Refine concept links Requirements to other Requirements. The motivation is to express that a requirement referenced in the role refinedReq has been refined by a set of more detailed requirements referenced in the role refinedBy. One use-case for this trace-link is to document requirement formalizations. How requirements can be formalized is discussed in Section 4.1. The Entail concept links SystemRequirements to other SystemRequirements. The composition of the contracts referenced in the role entailing establish a refinement of the contract referenced in the role entailed. The role of Entail-trace link in design steps carried out during the development process is discussed in Section 4.2. In this document we consider a formal interpretation of contracts linked by the Entail concept and call it a refinement or entailment of contracts (see Section 6.3.2). 3.3.1.4 Requirement Specification Language In order to ease the specification of contracts we provide a pattern-based requirement specification language (RSL) (see Section 6.1), that can be used to specify the aspects of a RichComponent or specializations thereof. The RSL is basically a set of textual patterns, that can be instatiated in order to specify an Assertion. For example the syntax of the pattern F1 is defined as: 1..* Entail 39/ 156
Page 1 and 2: Architecture Modeling ∗ Andreas B
Page 3 and 4: Contents 1 Introduction 1 2 Quick-T
Page 5 and 6: 1 Introduction This document propos
Page 7 and 8: Architecture Modeling allowing to m
Page 9 and 10: Architecture Modeling creating a vi
Page 11 and 12: Architecture Modeling the design it
Page 13 and 14: Architecture Modeling of the logica
Page 15 and 16: Architecture Modeling realization o
Page 17 and 18: Architecture Modeling can usually o
Page 19 and 20: 3 The Architecture Meta-Model In Se
Page 21 and 22: Abstraction-Levels (detail increase
Page 23 and 24: 3.2.2 Functional Perspective Archit
Page 25 and 26: Architecture Modeling The semantics
Page 27 and 28: Architecture Modeling expressed by
Page 29 and 30: Architecture Modeling computing cap
Page 31 and 32: 3.2.5 Geometrical Perspective Archi
Page 33 and 34: ShapeCompositionOperator intersecti
Page 35 and 36: Architecture Modeling The constrain
Page 37 and 38: Architecture Modeling of particular
Page 39 and 40: Architecture Modeling Shape that de
Page 41: Architecture Modeling Conjugation o
Page 45 and 46: MultiplicityElement +part 0..* Rich
Page 47 and 48: ComponentC Architecture Modeling pa
Page 49 and 50: 4 Steps in Component-Based Design T
Page 51 and 52: Architecture Modeling Assume/guaran
Page 53 and 54: Architecture Modeling When specifyi
Page 55 and 56: Architecture Modeling next selectio
Page 57 and 58: Architecture Modeling ports must ha
Page 59 and 60: established if (and only if): Archi
Page 61 and 62: 12°C < tempSelect < 35°C actTemp
Page 63 and 64: Architecture Modeling The component
Page 65 and 66: Architecture Modeling 4.3.2 Establi
Page 67 and 68: Architecture Modeling a mapping is
Page 69 and 70: Architecture Modeling Another impor
Page 71 and 72: 5 Using the Architecture Meta-Model
Page 73 and 74: Architecture Modeling Design proces
Page 75 and 76: Architecture Modeling abstraction l
Page 77 and 78: Pwr1 Pedal_Pos1 Pwr2 Pedal_Pos2 CMD
Page 79 and 80: Architecture Modeling Figure 5.4: O
Page 81 and 82: Architecture Modeling Figure 5.7: L
Page 83 and 84: Architecture Modeling Figure 5.9: T
Page 85 and 86: Architecture Modeling Figure 5.12:
Page 87 and 88: Architecture Modeling Figure 5.14:
Page 89 and 90: Architecture Modeling However this
Page 91 and 92: Architecture Modeling The considera
Page 93 and 94:
Architecture Modeling Figure 5.18:
Page 95 and 96:
Page 97 and 98:
Architecture Modeling tasks Command
Page 99 and 100:
Architecture Modeling of the V, suc
Page 101 and 102:
Architecture Modeling thus decorate
Page 103 and 104:
Architecture Modeling In summary, P
Page 105 and 106:
Architecture Modeling OEMs are incr
Page 107 and 108:
Architecture Modeling provide effec
Page 109 and 110:
Page 111 and 112:
Architecture Modeling patterns, cap
Page 113 and 114:
Architecture Modeling 6.1 Syntax an
Page 115 and 116:
6.1.1.1.1 Attribuute Definit tion a
Page 117 and 118:
Constrrain Eventts with Co ondition
Page 119 and 120:
These events used in the “and the
Page 121 and 122:
Formalization: whenever StartButton
Page 123 and 124:
Architecture Modeling Basic bloock
Page 125 and 126:
6.1.1.1.1.3 Conditions Conditions c
Page 127 and 128:
6.1.1.1.2.2 Seammless Con ncatenati
Page 129 and 130:
e3 && (clk==0) e1 idle pre e1 idle
Page 131 and 132:
Pattern whenever event occurs condi
Page 133 and 134:
If the brake force is above 80% for
Page 135 and 136:
Pattern S3: Failure shall not be ca
Page 137 and 138:
Pattern S9: failureCondition failur
Page 139 and 140:
Pattern R2: Event occurs each perio
Page 141 and 142:
idle e1 |clk:=0 e2 && (l
Page 143 and 144:
The function : allocates a singl
Page 145 and 146:
Examplees of clocks: • Run: {c=0@
Page 147 and 148:
Architecture Modeling 1. For σ ∈
Page 149 and 150:
Architecture Modeling Traces accord
Page 151 and 152:
Architecture Modeling Definition 6.
Page 153 and 154:
Architecture Modeling the one given
Page 155 and 156:
Architecture Modeling Decomposition
Page 157 and 158:
Bibliography [1] ARINC 653 - Avioni
Page 159 and 160:
Architecture Modeling [26] Holger G
show all

Architecture Modeling - SPES 2020

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?