Architecture Modeling - SPES 2020
Architecture Modeling - SPES 2020
Architecture Modeling - SPES 2020
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
<strong>Architecture</strong> <strong>Modeling</strong><br />
context does not comply to a strong assumption, then this constitutes an ”illegal” out of specification<br />
usage of the corresponding component. Weak assumptions structure contracts according<br />
to cases wrt. the integration context. That means a strong assumption can be confined by a weak<br />
assumption and for that particular integration context a more precise guarantee may be given.<br />
If a component is used accordingly to its strong assumptions, it will guarantee the behavior<br />
specified by the guarantee, provided the weak assumption is fulfilled.<br />
TextuallyRepresentedElement<br />
+ textualRepresentation: String<br />
Assertion<br />
ProcessRequirement<br />
+stronglyAssuming<br />
+weakAssumption<br />
0..1<br />
1<br />
+strongAssumption<br />
0..1<br />
+guarantee<br />
+aspect<br />
SystemArtefact Aspect<br />
Requirement<br />
+ rationale: String [0..*]<br />
SystemRequirement<br />
Stakeholder<br />
InformalAssertion FormalAssertion +assertion +formal BlockOccurrence<br />
+type<br />
BehaviorBlock<br />
0..1<br />
0..1<br />
0..1<br />
+weaklyAssuming 0..1<br />
0..*<br />
+stakeholder<br />
0..*<br />
0..1<br />
«isOfType»<br />
+guaranting<br />
Figure 3.27: Meta-model integration of the concept of Contracts<br />
In the meta-model the concept of contracts is represented by the meta-class<br />
SystemRequirement (see Figure 3.27). The naming difference is motivated by the existence<br />
of the concept ProcessRequirement. Both are requirements and we wish to emphasise<br />
that by name. However the concept of ProcessRequirement is out of the scope of this<br />
document and we will use the terms SystemRequirement and Contract interchangeably.<br />
A Contract associates an Assertion in three roles, which correspond to the elements<br />
of its constituting triple. An assertion can be either an InformalAssertion or a<br />
FormalAssertion. Apart from this, an assertion always is a specification of the dynamics<br />
exposed at the interface (InteractionPoints in all Ports) of a component with regard<br />
to a certain aspect. The loose coupling of SystemRequirement and RichComponent<br />
allows the reuse of a SystemRequirement and to associate it with different components via<br />
the Satisfy-trace link. Note that when specifying assumptions (strongAssumption and<br />
weakAssumption), they must not limit the output ports of the component. In turn the guarantee<br />
(guarantee) must not limit the input ports of the component. If an assumption (strong<br />
or weak) has not been specified for a contract, then they are assumed to be true. That means<br />
a component associated with that contract is not restricted with regard to any design context,<br />
which is most certainly not the case!<br />
The BlockOccurrence is typed by an HRC state machine, which is also defined in the<br />
meta-model but not described here (instead see [50]).<br />
Tracability of requirements is an important concept in order to be able to reason about refinement<br />
of them and to provide arguments to certification authorities how implementation require-<br />
1<br />
38/ 156