Safety-critical systems, such as those used in avionics and the medical and aerospace domains, are becoming increasingly reliant on software. Malfunctions in these systems can have significant consequences, including mission failure and loss of life. As a result, they must be designed, verified, and validated carefully to ensure that they comply with system specifications and requirements. A car contains many electronic control units (ECUs)—today’s standard vehicles can contain up to 30 ECUs—that communicate to control systems such as airbag deployment, antilock brakes, and power steering. The design of tightly coupled software components distributed across so many nodes may introduce problems, such as early or late data delivery, loss of operation, or concurrent control of the same resource. In addition, errors introduced during the software design phase, such as mismatched timing requirements and values beyond boundaries, are propagated in the implementation and may not be caught by testing efforts. If these problems escape detection during testing, they can lead to serious errors and injuries. Also, because such systems are designed to be operational for many years, errors are often found when reviewing code from legacy systems designed and built more than 20 years ago and still operating, as in the avionics and aerospace domains. Unfortunately, late discovery of errors leads to major rework efforts and often postpones product delivery. Such issues are not specific to a particular domain and may occur in all in safety-critical systems.
During the last 10 years, SEI researchers have been working on methods, languages, and tools to design safety-critical systems, find potential issues at the earliest phase in the development process, and avoid potential re-engineering efforts. Our techniques help system architects design the system and check requirements enforcement without having to implement the system. This webinar introduces the Architecture Analysis and Design Language (AADL), the architecture modeling language used to specify safety-critical systems. We show its use in the Open Source AADL Tool Environment (OSATE) to design and validate a generic automotive application—a speed-regulation system. In particular, this webinar will demonstrate analysis capabilities of the tool for different perspectives, including resources budgets, performance/latency, and safety.