Foundations of Component Based Development

A BRIEF RATIONALE

Given the perceived range of advanced real-time systems as outlined in the introduction, there are many challenges ahead to lift the component technology from current capabilities to reaching the level of maturity of an engineering discipline.

Visions in Application Domains

The below paragraphs might be shortened

Within automotive industry, the recent mergers have further multiplied the number of platforms to be supported by car manufacturers. A vision for system development is that key functional "ingredients" of electronic control units (ECUs), sometimes called atoms or features, will be kept and maintained in a proprietary design repository, allowing model- and platform based variations to be constructed from such atoms using the above mentioned "drop & glue" approach. To support such a vision, component models must carry information for all system development processes: the system- design and possibly safety analysis process, for production and for maintenance. Let us consider concrete examples. To support power-management, component models must explicate operation modes which allow the system to be deactivated. To transition from an application independent model to deployment on a concrete network of ECUs, memory/CPU/bandwidth requirements of components must be known. Interfaces for diagnostic processes both integration testing, manufacturing, and maintenance must be visible. To support safety- analysis, component failure modes and failure rates must be accessible. These sample question highlight the need to maintain with each component an (application-specific) range of viewpoints, which jointly cover the life cycle of automotive applications. The elaboration of such an approach is further complicated by the need to support not only distributed development across multiple sites, but also various forms of interplay between manufactures and supplier companies, in particular allowing the integration of "atoms" from multiple sources (e.g. multiple suppliers) while protecting their IP. The need to ensure non-interference of such atoms when coming from multiple suppliers is obvious, taking into account legal issues such as liability. Hence strong encapsulation and rigid measures to assure this are a must in supporting component based design in this domain. It should be pointed that current industrial practice is far from this vision. We only begin to see today deployment of model-based development processes, and current methods and tool support are available for single ECU based implementations only. However, already the next generation development tools supporting distributed applications are in the pipeline, and companies are analyzing library based approaches.

The challenge for the telecommunication domain for the future is to enable the ubiquitous "anything, anytime, anywhere" concept. It means that a service should be seen for an end user as a black box respecting functional and non functional (Quality of Service) properties (or goals) independently of the underlying architecture. For that, we need innovative and consistent development methodology from high level specification towards design. Telecommunication applications, and similarly, new concepts such as VHE (Virtual Home Environment), are built from a set of service or service features (high level component), which could be new features but also existing features. Formal validation is necessary to obtain a consistent composition of such distributed components respecting their interface specification but also their properties as specified on the system view (user view for example). Real time aspects (performances for example) is also a critical problem, in particular, for the next mobile generation (UMTS), where quality of service is the subject of negotiation between the user terminal and the core network.

In factory automation the process of transformation from building monolith proprietary systems to component-based systems is already active several years. The process started from componentisation of applications in common platforms and additional components using software product-line approach. The second step, ongoing today, is decomposition of basic platform and further decomposition of different applications, using new component-based technologies, and mixing in-house developed components with COTS. These trends come from market requirements (reduced time-to-market, flexibility, lower development costs, and in the same time increase of Quality of Services, managing much larger amount of information, and finally integration with information and application from other domains). To be able to meet these requirements the automation industry is focusing on core-business, outsourcing, the reuse of components and buying COTS. However, there are many problems related to this approach that still remain to be solved, valid for component-based development in general and in particular in process automation (component technology, development processes, understanding system complexity, reliability of COTS and component-based systems, maintainability, flexibility, ability for integration, predictability of integration, trusted components etc.). A typical challenge of industrial process automation is integration. We can distinguish between vertical integration in which data and processes at different process levels are integrated, and horizontal integration in which similar types of data and processes from different domains are integrated. Typical examples of vertical and horizontal integration can be found in industrial process automation. At the lowest levels of management (Field Management), data collected from the process and controlled directly, is integrated on the plant level (Process Management), then is further processed for analysis and combination with data provided from the market and finally published on the Web (Business Management). To successfully obtain integration of different type of data and different type of application the integration process, as a part of the development process, must be seamless, reliable and predictive. Predictive integration is a challenge for itself. The main question of a predictive integration is if it is possible to predict the behaviour of component compositions from known behaviour of components (is. known functional and non-functional attributes). Automation industry is very well aware of advantages of component-based development approach, but also about the disadvantages. In many cases industry does not have solutions and is interested in finding them in collaboration with research.

CHALLENGES

• Life-cycle-complete component models
The identification and characterization of a set of component viewpoints supporting the full life cycle of components, and covering such viewpoints as e.g., timing, resource utilization, interface specifications, failure models, .... Demonstrators of such component models for selected application domains, including automotive and telecom.
• Verification and Validation
Of all viewpoints across all design steps against requirements. Both formal verification and testing. The challenge and the must here is for component based V&V.
• Component integration technology
To (automatically) propagate the impact across a component configuration across all viewpoints. To check consistency of viewpoints of a component configuration, analyzing potential interferences between conflicting viewpoints.
• Intelligent middleware
Encapsulating target architecture. Providing services supporting all viewpoints in making intelligent decisions for deployment architectures, optimizing the various cost-functions related to viewpoints. Providing strong encapsulation between safety- and non-safety related parts of the system. Supporting mix of soft- and hard real-time constraints. Automatic mapping of middleware based deployment architectures to executables on target.
• Synthesis and Deployment
Such as knowledge based component retrieval based on requirement specifications. Automatic "glue" synthesis. Automatic construction of deployment architectures. Architectural patterns.

OBJECTIVES

WORK DIRECTIONS

• Task 1. Component Models: which includes the following.
• Identifying aspects, such as functional behaviour, timing, interfaces, resource utilization, mobility, etc. which must be expressed in a component model in order to capture the essentials of component dynamics, without constraining the details of its implementation, The work will consider the impact of constraints arising from selected application domains.
• Reviewing potential for formalization of these aspects, considering use of such formalization for component integration, verification and validation, middleware, deployment, etc. in different application domains.
• Component Models will be the focus during Year 1. Part of the work will be carried out by interaction and interviews with industrialists, an activity which is shared with WP1, Task 1.

Coordinator of Task 1: Jean-Marc Jezequel, IRISA
• Task 2. Component integration and Verification and Validation. This includes verification of a component against its specification, across all viewpoints as mentioned above, checking consistency for particular configurations, analyzing potential interferences between conflicting requirements, and compositional verification and testing of components integration. Attention should be given to assessing usability and scalability of potential techniques, including testing and formal verification.

Coordinator of Task 2: Ed Brinksma, U. of Twente
• Task 3. Soft Real Time, including the formalization and reasoning about soft real-time and Quality-of-Service requirements, and the combination of hard and soft real-time requirements. This task has strong links to actions 1 and 3.

Coordinator of Task 3: Gordon Blair, Lancaster U.
• Task 4. Link to Standardization. Particular attention will be to assess and give input to the current development of UML extensions for real time and component based engineering and to the new Model Driven Architecture approach pushed by the OMG.

Coordinator of Task 4: Andy Evans, York.

TYPES OF ACTIVITIES

Workshops The work package brings together experience and expertise from different backgrounds. At least 3 meetings of the technical group will be organized annually, with invitations given to prominent industrialists and contributors with other relevant expertise. The meetings will be organized in connection with other major conference events, such as FLOC02, ACM/IFIP Middleware, ETAPS and UML Conference series, FTRTFT 2002, etc.

DELIVERABLES

Year 1:

• Technical report which provides a report on the state of the art concerning

component models: (task 1) from a semantical viewpoint, considering
• What aspects (from a semantic point of view) are covered by current proposals for component models, including current standardization work (task 4)
• What aspects of the UML standard are relevant for defining Component models (Task 4)
• What are desiderata, from application perspectives, for life-cycle complete component models, in view of visions for future development technology?
• How useful is current technology, considered in Tasks 2 and 3 to cope with these models?
• Workshop Proceedings:, from one of the organized meetings.

Year 2:

• Technical report which provides
• a report on the state of the art concerning
• Component Integration, and Verification and Validation (Task 2) considering the findings in Task 1
• Soft Real Time (task 3) will also be assessed, considering also output from actions 1 and 3.
• Update on tasks 1 and 4 as compared with the report of year 1. This includes using the results of other tasks to identify overlap with existing UML component model and identify additional requirements.
• Workshop Proceedings:, from one of the organized meetings.

Year 3:

• Technical report which for all tasks provides
• Outline of potential research directions to advance the state of the art towards the vision outlined in the beginning of this document.
• For Task 4, the report will outline a skeleton of metamodel for components.
• Workshop:, summarizing results of the action.

BACKGROUND

• Modeling and Specification of Components in Real-Time Systems. There is a large body of work on the specification of components, modules, processes, objects, or other units of software in real-time systems.

Contracts as a specification paradigm is promoted, among others, by the Trusted Components initiative, in which the Triskell Group of Jean-Marc Jezequel at IRISA participate http://www.irisa.fr/triskell/
Real-Time Object based modeling as support of high level specification and rapid prototyping methods as proposed by ACCORD development platform developed by the LLSP team at CEA, http://wooddes.intranet.gr, http://www.acotris.c-s.fr
The semantics group at OFFIS develops different forms of formal semantics for parallel and distributed systems, together with integration of specification techniques for different viewpoints. http://semantik.informatik.uni-oldenburg.de, http://ca.informatik.uni-oldenburg.de.
VERIMAG develops a tool box supporting component based development of real time systems, based on the modeling language IF http://www-verimag.imag.fr/PEOPLE/async/IF/
The Uppaal toolbox supports modeling and verification of control and timing properties of parallel systems http://www.uppaal.com
• Formal Verification and Checking of consistency between component models.

LSV conducts a number of approaches to the formal verification of real-time and embedded systems http://www.lsv.ens-cachan.fr/index-en.html
OFFIS is developing formal verification techniques for UML within the Wooddes project http://wooddes.intranet.gr
The UPPAAL, Kronos, and IF toolboxes support automated verification. http://www.uppaal.comhttp://www-verimag.imag.fr/PEOPLE/async/IF/http://www-verimag.imag.fr/TEMPORISE/kronos/
Approaches that focus on finding inconsistencies between different descriptions of a component include
The UMLAUT tool http://www.irisa.fr/UMLAUT/ and work on Feature interaction http://www.docs.uu.se/docs/fi/
• Testing of RealTime/Embedded systems

The teams of Twente and Aalborg are developing techniques for model based testing and conformance testing of real-time systems. http://fmt.cs.utwente.nl/projects/CdR-html/
The team LLSP of CEA is adapting the AGATHA tool box for automatic test generation from UML specifications, http://wooddes.intranet.gr
• Soft Real Time.

The distributed multimedia group at Lancaster has an extensive experience in the area of managing resources on behalf of the component to provide the necessary (soft) real-time guarantees. http://www.comp.lancs.ac.uk/computing/research/mpg/
The group at Twente has extended approaches to verification of real-time systems to handle soft real-time properties http://fmt.cs.utwente.nl/projects/HaaST-html/
• semantics of the emerging UML standards.

The pUML group http://www.cs.york.ac.uk/puml/ is concerned with clarifying and making precise the semantics of UML. Contributorsparticipants the action includes key partners of the pUML (precise UML) group, as well as partners involved in developing RT profiles of the UML standard.

PARTNERS AND KEY PERSONS

• Aalborg University (or Brics group)

Research Prof. Dr. Anders Peter Ravn, BRICS, Deparment of Computer Science, Aalborg University, Fredrik Bajersvej 7E, 9220 Aalborg, Denmark. Phone: +4596358887, Fax: +4598159889, E-mail apr@cs.auc.dk. http://www.cs.auc.dk/~apr
• CEA/Saclay, DRT/LIST/DTSI/SLA, F-91191 GIF sur Yvette Cedex France

Francois Terrier, Phone/Fax: +33 (0)1 69 08 62 59 / 20 82, E-Mail: Francois.Terrier@cea.fr
• INRIA, BP 105, 78153 Le Chesnay Cedex, France

Benoit Caillaud, IRISA, Campus de Beaulieu 35042 RENNES Cedex, FRANCE, Tel +33 (0)2 99 84 74 07, Fax +33 (0)2 99 84 25 32, email: Benoit.Caillaud@irisa.fr, http://www.irisa.fr/pampa/perso/bcaillau/
• VERIMAG, Centre Equation, 2 avenue de Vignate, F-38610 GIERES, France

Susanne Graf, E-mail: susanne.graf@imag.fr, Tel : +33 - 4 76 63 48 52, Fax : +33 - 4 76 63 48 50, http://www-verimag.imag.fr/~graf
• Distributed Multimedia Group, Lancaster University, Lancaster

Gordon Blair, E-mail: gordon@comp.lancs.ac.uk Tel : +44 - 1524 593809 Fax : +44 - 1524 593608, http://www.comp.lancs.ac.uk/computing/research/mpg/
• LSV, CNRS UMR 8643, Ecole Normal Superieure de Cachan, 61, Avenue du President Wilson, 94235 Cachan Cedex, France,

Michel Bidoit, Tel: +33 - 1 47 40 28 68 Fax: +33 - 1 47 40 24 64, E-mail: Michel.Bidoit@lsv.ens-cachan.fr
• Univ. of Twente, PO Box 217, 7500 AE Enschede, The Netherlands, VERIMAG, Centre Equation, 2 avenue de Vignate, F-38610 GIERES, France

Ed Brinksma, E-mail: brinksma@cs.utwente.nl, Tel : +31 - 53 489 3676 Fax : +31 - 53 489 3247, http://fmt.cs.utwente.nl/~brinksma
• Uppsala University, Department of Computer Systems. Box 325, S-751 05 Uppsala, Sweden

Bengt Jonsson, bengt@docs.uu.se , Phone: office: +46 18 4713157. mobile: +46 70 4 250 240 Fax: +46 18 550225. Email: bengt@docs.uu.se, http://www.docs.uu.se/~bengt/
• OFFIS R&D Division of Embedded Systems, Escherweg 2, D-26121 Oldenburg, Germany

Prof.Dr.Werner Damm, Department of Computer Science, Carl von Ossietzky Universität Oldenburg, Ammerländer Heerstraße 114-118, D-26129 Oldenburg, Phone +49-441-798-4502, e-mail damm@informatik.uni-oldenburg.de,  and damm@offis.de, http://ca..informatik.uni-oldenburg.de
• Mälardalen University, Västerås, Sweden.

p Ivica Crnkovic, Tel: +46 - 21 103183, Fax: +46 - 21 101460, E-mail: ivica.crnkovic@mdh.se, http://www.idg.mdh.se/personal/icc/
• Department of Computer Science, University of York, Heslington, York, UK, YO10 5DD

Andy Evans: andye@cs.york.ac.uk, http://www.cs.york.ac.uk/~andye/