Le projet AEE et la description UML des architectures ...
Transcript of Le projet AEE et la description UML des architectures ...
HAL Id: inria-00107542https://hal.inria.fr/inria-00107542
Submitted on 19 Oct 2006
HAL is a multi-disciplinary open accessarchive for the deposit and dissemination of sci-entific research documents, whether they are pub-lished or not. The documents may come fromteaching and research institutions in France orabroad, or from public or private research centers.
L’archive ouverte pluridisciplinaire HAL, estdestinée au dépôt et à la diffusion de documentsscientifiques de niveau recherche, publiés ou non,émanant des établissements d’enseignement et derecherche français ou étrangers, des laboratoirespublics ou privés.
Le projet AEE et la description UML des architecturesembarquées pour l’automobile.
Jean-Pierre Elloy, Françoise Simonot-Lion, Yvon Trinquet
To cite this version:Jean-Pierre Elloy, Françoise Simonot-Lion, Yvon Trinquet. Le projet AEE et la description UML desarchitectures embarquées pour l’automobile.. Workshop UML and TR 2001, 2001, Nantes/France, 68p. �inria-00107542�
�� ���
�3UpVHQWDWLRQ�JpQpUDOH�$,/�HW�GpYHORSSHPHQW�G¶XQH�DUFKLWHFWXUH�HPEDUTXpH�DYHF�$,/�2XWLOV�GH�GpYHORSSHPHQW�'pPRQVWUDWHXUV
Plan
�� ���
Plan
�3UpVHQWDWLRQ�JpQpUDOH�$,/�HW�GpYHORSSHPHQW�G¶XQH�DUFKLWHFWXUH�HPEDUTXpH�DYHF�$,/�2XWLOV�GH�GpYHORSSHPHQW�'pPRQVWUDWHXUV
�� ���
/DERUDWRLUHV
&RQVWUXFWHXUV eTXLSHPHQWLHUV
�� ($'6�/DXQFK�9HKLFOHV
/HV�SDUWHQDLUHVPrésentation générale
�� ���
XML
&RQVWUXFWHXUV(TXLSHPHQWLHUV
➭�'pILQLU�XQ�ODQJDJH�GH� GHVFULSWLRQ�DUFKLWHFWXUDOH ��$,/��SDUWDJp�SDU�OHVDFWHXUV�LPSOLTXpV��HQ�LQWHUQH�RX�HQ�VRXV� WUDLWDQFH��SRXU�OH�GpYHORSSHPHQWFRRSpUDWLI�G¶DUFKLWHFWXUHV�FRPSOqWHV��G¶DUFKLWHFWXUHV�SDUWLHOOHV�RX�GHPRGXOHV�HPEDUTXpV
6WUDWpJLH�GH�VROXWLRQPrésentation générale
�� ���
6WUDWpJLH�GH�VROXWLRQPrésentation générale
➭�'pILQLU�XQ� SURFHVVXV�G¶pFKDQJH �HQWUH�OHV�DFWHXUV�GH�VRXV�DUFKLWHFWXUHVHQ�FRXUV�GH�GpYHORSSHPHQW�RX�ILQDOLVpHV��HW�TXL�V¶DSSXLH�VXU�$,/
➭�'pILQLU��SURSRVHU��XWLOLVHU�XQ�HQVHPEOH�G¶ RXWLOV�DX[�LQWHUIDFHV�HW�IRQFWLRQV©�FRPSDWLEOHV�ª�DYHF�$,/�HW�TXL�VDWLVIDVVHQW�OHV�EHVRLQV�GH��VSpFLILFDWLRQ��FRQFHSWLRQ��FRGDJH��SODFHPHQW�FRQILJXUDWLRQ��LQWpJUDWLRQ��WHVWV��YpULILFDWLRQ�GRFXPHQWDWLRQ��JHVWLRQ�GH�YHUVLRQ��UpXWLOLVDWLRQQpFHVVDLUHV�DX�F\FOH�GH�GpYHORSSHPHQW�FRPSOHW�G¶XQH�DUFKLWHFWXUHHPEDUTXpH�HW�GH�VHV�YDULDQWHV�
�� ���
6WUDWpJLH�GH�VROXWLRQPrésentation générale
➭�2EWHQLU�XQ� PRGqOH�j�O¶LVVXH�GH�OD�FRQFHSWLRQ�GpWDLOOpH�TXL�SHUPHWWH�ODYDOLGDWLRQ�D� SULRUL�G¶XQH�DUFKLWHFWXUH��HW�TXL�JpQqUH�OHV�YHFWHXUV�GH�WHVWV�jDSSOLTXHU�HQ�SKDVH�GH�WHVWV�G¶LQWpJUDWLRQ➭�'pILQLU�XQ� ODQJDJH�GH�FRGDJH �QRQ�DPELJX��DVVRUWL�GH�UqJOHV�G¶XVDJHV�SURSUH�DX[�DSSOLFDWLRQV�GH�WUDQVSRUW��&B7UDQVSRUW��HW�DXWRULVDQW�OD�SRUWDELOLWpGX�©�VRXUFH�ª�GHV�SURJUDPPHV� DSSOLFDWLIV➭�6SpFLILHU�XQH�ELEOLRWKqTXH�GH� ORJLFLHOV�GH�EDVH ��DLQVL�TXH�OHXUV�$3,�DXWRULVDQW�O¶LQGpSHQGDQFH�GX�GpYHORSSHPHQW�GHV�EULTXHV� DSSOLFDWLYHV� YLV�j�YLVGX�VXSSRUW�G¶H[pFXWLRQ�HW�GX�PDWpULHO�G¶LQVWUXPHQWDWLRQ➭�&RQFHYRLU�XQ�© �PLGGOHZDUH�ª�DXWRULVDQW�O¶LQGpSHQGDQFH�GHV�ORJLFLHOVG¶DSSOLFDWLRQV�YLV�j�YLV�GH�OHXU�ORFDOLVDWLRQ�GDQV�OH��OHV��UpVHDX�[��HW�OLEpUDQWDLQVL�OHXU�SODFHPHQW�GDQV�O¶DUFKLWHFWXUH
�� ����
ECU
OthersECU
Lib
rary
API
OSE
K-O
S A
PI
ICEM API
Driver API
OSEK-COM API
Lib
rary
Sof
twar
e C
ompo
nent
sL
-SC
Ope
rati
ng S
yste
mO
SEK
-OS
Application Software Components (A-SC)
Drivers (DRV-BSC)
Inter Component Exchange Manager (ICEM)
Local Devices(Actuator/Sensor)
Local Device Manager (LDM-SC)
Com Manager SC
OSEK-COM
Networks
##
####
##
$UFKLWHFWXUH�JpQpUDOH�G¶XQ�(&8Présentation générale
�� ����
(&8B�Sensor S1 Actuator A1
&RPSRVDQWV�ORJLFLHOVDSSOLFDWLIV
Inter Component SoftwareFlow
$ (Driver_Channel_DIO_OUT_1Dr iver_Channel_ADC_1
Device/Software ComponentCommunication Flow
ECU_1 Pin n°1 ECU_1 Pin n°2
/¶LQGpSHQGDQFH�PDWpULHO���ORJLFLHOPrésentation générale
�� ����
(&8B�Sensor S1
$
Actuator A1
Driver_Channel_ADC_1 Dr iver_Channel_DIO_OUT_1ECU_2 Pin n°12 ECU_2 Pin n°22
(
&RPSRVDQWV�ORJLFLHOVDSSOLFDWLIV
/¶LQGpSHQGDQFH�PDWpULHO���ORJLFLHOPrésentation générale
,QVWUXPHQWDWLRQ� LGHQWLTXH&RPSRVDQWV� DSSOLFDWLIV� LQFKDQJpV��VRXUFH�� LGHQWLTXH
3URFHVVHXU�PRGLILp,QWHUIDoDJH� FKDQJp
�� ����
(&8B�(&8B�Sensor S1
%
$
Actuator A1
F&
Device_Channel_S1-1 Device_Channel_A1-1
(
/¶LQGpSHQGDQFH�PDWpULHO���ORJLFLHOPrésentation générale
�� ����
(&8B�(&8B�Sensor S1 Actuator A1
F’
Device_Channel_S1-1 Device_Channel_A1-1
%
$
&
(
D
/¶LQGpSHQGDQFH�PDWpULHO���ORJLFLHOPrésentation générale
,QVWUXPHQWDWLRQ� LGHQWLTXH&RPSRVDQWV� DSSOLFDWLIV� LQFKDQJpV��VRXUFH�� LGHQWLTXH
3ODFHPHQW�PRGLILp6WUXFWXUDWLRQ�IRQFWLRQQHOOH�LQWHUQH� FKDQJpH
�� ����
/¶LQGpSHQGDQFH�IRQFWLRQ���IRXUQLWXUHPrésentation générale
&DSWHXUGH�SOXLH
0RWHXUEDOD\DJH
$VVW� EDOD\DJH
3DSLOORQPRWRULVp
&DSWHXU�GHYLWHVVH
&DSWHXUDX[LOLDLUH
5pJ�9LWHVVH
&DOFXODWHXU &DOFXODWHXU
)RQFWLRQFRQWU{OHPRWHXU
)RQFWLRQHVVX\DJH
�� ����
&DSWHXUGH�SOXLH
0RWHXUEDOD\DJH
&DSWHXU�GHYLWHVVH
/'$
/'%RVHN
&DSWHXUDX[LOLDLUH
3DSLOORQPRWRULVp
/'$
/'% RVHN FDQFDQ
/¶LQGpSHQGDQFH�IRQFWLRQ���IRXUQLWXUHPrésentation générale
�� ����
/¶LQGpSHQGDQFH�IRQFWLRQ���IRXUQLWXUHPrésentation générale
&DSWHXUGH�SOXLH
0RWHXUEDOD\DJH
$VVW� EDOD\DJH
/'%
3DSLOORQPRWRULVp
/'$
/'%
&DSWHXU�GHYLWHVVH
&DSWHXUDX[LOLDLUH
/'$5pJ�9LWHVVH
�� ����
�3UpVHQWDWLRQ�JpQpUDOH�$,/�HW�GpYHORSSHPHQW�G¶XQH�DUFKLWHFWXUH�HPEDUTXpH�DYHF�$,/�2XWLOV�GH�GpYHORSSHPHQW�'pPRQVWUDWHXUV
Plan
�� ����
Matériel LogicielApplicatif
Interfacesstandards
Contraintesmatérielles
Contraintestemporelles
Architecture FonctionnelleArchitecture LogicielleArchitecture Matérielle
Exigences
Placement
Validation par simulation(SdF, Tps Réel) Tests
Codeapplicatif
CompilationVérification desperformances
(SdF, Tps Réel)
Tests
Lot 3
Processus
Lot 2
Démonstrateurs
Lot 4Applications etL ivrables pour démonstration
Existant
Lot 1
Architecture Opérationnelle
Vecteurs de testtranscodés
Messager ie
Corrections
Corrections
Description
$,/
Modali tés d’échange
Bibliothèque
Performancestemporelles
Attr ibutsde SdF
Compor tementétat-transition
Modes defonctionnement
�� ����
$,/� GpILQLW� XQ�ORWV�GH�FODVVHV�GH���QDWXUHV� DSSOLFDWLYHV�GLIIpUHQWHV� ��
– Operational Architecture– OS Tasks– Network Frames
– Free Software Components– Dependent Software
Components– Software Flows– Software Architecture
– Operating Hardware Components(ECU, Networks)
– Instrumentation Hardware Components(Sensor, Actuator)
– Hardware architecture
– Vehicle project– Vehicle types– Vehicles– Services– Variants
– Functions– Functional Flows– Functional Architecture
3URMHFW�2EMHFWV )XQFWLRQDO�2EMHFWV 6RIWZDUH�2EMHFWV +DUGZDUH�2EMHFWV 2SHUDWLRQDO�2EMHFWV
/HV�JUDQGHV�FODVVHV�$,/Architecture AIL V2.4
�� ����
3URMHFW�2EMHFWV
2SHUDWLRQDO&RPSRQHQWV
VehicleProject
HardwareArchitecture
SoftwareArchitecture
FunctionalArchitecture
OperationalArchitecture
)UHH�6RIWZDUH&RPSRQHQWV'HSHQGHQW�6RIWZDUH&RPSRQHQWV
,QVWUXPHQWDWLRQ�+DUGZDUH2EMHFWV2SHUDWLQJ+DUGZDUH2EMHFWV
)XQFWLRQDO�2EMHFWV
/HV�FODVVHV�G¶DUFKLWHFWXUHV�$,/Architecture AIL V2.4
�� ����
VehicleProject
HardwareArchitecture
SoftwareArchitecture
FunctionalArchitecture
OperationalArchitecture
8QH�pWXGH�GH�FDVArchitecture AIL V2.4
�� ����
� /¶DUFKLWHFWXUH� j� GpYHORSSHU�GRLW�RIIULU� �� SUHVWDWLRQV��� $�GLVWUHVV��GLUHFWLRQ�FKDQJH�DQG�ORFDOL]DWLRQ�UHSRUWLQJ�� $Q�(QJLQH�6\VWHP�/2&.�81/2&.�� $�GRRUV�RSHQLQJ�PDQDJHPHQW
� /¶DUFKLWHFWXUH� j� GpYHORSSHU�GRLW �VH� GpFOLQHU�HQ� GHX[� YHUVLRQV��� $�EDVLF�YHUVLRQ�LQFOXGLQJ��
995�'5��W\SHG�(QJLQH�6\VWHP�/2&.�81/2&.9$�IL[HG�OLJKWLQJ�FHLOLQJ�OLJKW9$Q�RSWLRQDO�YHKLFOH�ORFDOL]DWLRQ
� $�OX[XU\�YHUVLRQ�LQFOXGLQJ��995�'5��W\SHG�(QJLQH�6\VWHP�/2&.�81/2&.97KH�YHKLFOH�ORFDOL]DWLRQ9$Q�RSWLRQDO�JUDGXDO�FHLOLQJ�OLJKW�PDQDJHPHQW
/H�SURMHW�YpKLFXOH�j�GpYHORSSHU
�� ����
Context Diagram
‘Case Study’
Warning Turning
Lights
TurningLights
Command
Turning
Lights
Indicator
CommandStart
Engine StateIndicator
transponder
Key
Ceiling light
PLIP
Command Doors
Contact
Opened
DoorsIndicator
'LDJUDPPH�GH�FRQWH[WHDVVRFLp
�� ����
Engine SystemLOCK/UNLOCK
Service
VR/DR1 EngineSystem LOCK/
UNLOCKVariant
VR/DR2 EngineSystem LOCK/
UNLOCKVariant
When the code has been identified, the lock/unlock state switches from ' Locked' to' Unlocked'
Requirement VR/DR1_001
When the code has been identified, the lock/unlock state switches from ' Locked' to' Unlocked'
Requirement VR/DR2_001
When the key has been identified, and theinformation ' system is ready to start' isavailable, then the authentication phase isstarted.
Requirement VR/DR2_002
%DVH�GH�GRQQpHV�FRQVWUXFWHXU���H[LJHQFHV�GHV�SUHVWDWLRQV
�� ����
Service
Label : String
Variant
Label : String
0..n
1
0RGpOLVDWLRQ�GHV�SUHVWDWLRQV�FODVVHV�80/Architecture AIL V2.4
�� ����
Vehicle ProjectEtude de cas
* VR/DR1 typed Engine System LOCK/UNLOCK* A fixed lighting ceiling light
* An optional vehicle localization
* VR/DR2 typed Engine System LOCK/UNLOCK* The vehicle localization* An optional gradual ceiling light
The vehicle project ‘Case Study’ shall propose two versions :
- A basic version including :
- A luxury version including :
Requirement VP_002
The vehicle project Case ‘Study’ shall propose three main services :- A distress, direction change and localization reporting.- An Engine System LOCK/UNLOCK.- A doors opening management.
Requirement VP_001
%DVH�GH�GRQQpHV�JDPPH�FRQVWUXFWHXU��H[LJHQFHV�YpKLFXOHV
�� ����
&{Wp�SURMHW�YpKLFXOH
‘Luxury‘
Vehicle Type
‘Engine System
LOCK/UNLOCK’
Service
‘VR/DR1 EngineSystem LOCK/
UNLOCK’
Variant
‘Doors openingmanagement’
Service
‘’winking ceilinglight (WCL)’
Variant
‘ fixed lighting ceilinglight (FLCL)’
VariantVehicle Project‘Case Study’
System LOCK/
UNLOCK’
Variant‘VR/DR2 Enginemass
product
&{Wp�PpWLHU�FRQVWUXFWHXU� HWpTXLSHPHQWLHUV
Choiceto make
Vehicle
‘ Luxury withFLCL ’
Choicemade
'pFOLQDLVRQV�YpKLFXOHV���SUHVWDWLRQV
�� ����
Vehicle_Project
Label : String
Vehicle_Type
Label : String
0..n
1
0..n
1
Vehicle
Label : String
0..n
1
0..n
1
Service
Label : String
Variant
Label : String
0..n
1
. : Service
0..n
1
+Serials
0..n
. : Service1..n
. : Service0..n 1..n+Alternatives0..n
. : Service
0..n. : Service
0..n
0..n
+Options
0..n
. : Service
0..10..1
. : Service
0..n+Option
0..n
. : Service
1
. : Service
0..n
+Alternative
1
'pFOLQDLVRQV�YpKLFXOHV���SUHVWDWLRQV�80/Architecture AIL V2.4
�� ����
The engine is in one of the three states :- Locked- Unlocked- In_rotation
Requirement FLCL_SYS_001
When the code has beenidentified, the lock/unlockstate switches from' Locked' to ' Unlocked'
Requirement VR/DR2_001
‘Vehicle Start-up’
Variant
When the vehicle startis authorized, theengine state switchesfrom ' Unlocked' to' In_rotation' .
Requirement VSU_003
+
‘=‘
The engine state lamp iswinking at a frequency of1 hz when the engine is inthe ' In_rotation' state
Requirement ESR_001
Data exchanged between‘Vehicle Start-up’ and‘Engine State Reporting’.
Requirement DATA_001
Variant‘Engine State
Reporting’
Variant‘Engine State’
‘Luxury withFLCL’
Vehicle
‘VR/DR2 EngineSystem LOCK/
UNLOCK’
Variant
'HV�H[LJHQFHV�YpKLFXOHV�DX[�H[LJHQFHVSUHVWDWLRQV
�� ����
8Q�³ FRQWHQHXU�G¶H[LJHQFHV �́ SHXW�rWUH�Q¶LPSRUWH�TXHO�REMHW �$,/�$UFKLWHFWXUH��)XQFWLRQ��)ORZ��(&8��'HYLFH��6RIWZDUH�&RPSRQHQW��«�
Requirement Holder
Requirement Equation
Label : String
Requirement Status
status : String0..n1 0..n1
Requirement
Label : String
1
0..n
1
+origin
0..n
1..n
0..n
1..n
+destination
0..n
10..n 10..n
/HV�H[LJHQFHV�GDQV�XQH�DUFKLWHFWXUH80/
Architecture AIL V2.4
�� ����
VehicleProject
HardwareArchitecture
SoftwareArchitecture
FunctionalArchitecture
OperationalArchitecture
8QH�pWXGH�GH�FDVArchitecture AIL V2.4
�� ����
Engine SystemLOCK/UNLOCK
Service
VR/DR2 EngineSystem LOCK/
UNLOCKVariant
When the code has been identified, the lock/unlock state switches from ' Locked' to' Unlocked'
Requirement VR/DR2_001
When the key has been identified, and theinformation ' system is ready to start' isavailable, then the authentication phase isstarted.
Requirement VR/DR2_002
Key_Position
Lock_Unlock_State
Input
Output
VR/DR2 EngineSystem LOCK/
UNLOCKFunction
For security reasons, the authentication phaseshall be processed simultaneously on twodifferent ECUs
Requirement VR/DR2_003
Transponder_CodeInput
/H�VDYRLU�IDLUH�FRQVWUXFWHXU��GHV�SUHVWDWLRQV�DX[�IRQFWLRQV
�� ����
.H\B3RVLWLRQ/RFNB8QORFNB6WDWH
95�'5�� (QJLQH� 6\VWHP/2&.�81/2&.� )XQFWLRQ
7UDQVSRQGHUB&RGH
.H\,GHQWLIL�FDWLRQ
$XWKHQ�WLILFDWLRQ
8QORFN
/H�VDYRLU�IDLUH�FRQVWUXFWHXU��OD�GpFRPSRVLWLRQ�IRQFWLRQQHOOH
�� ����
VR/DR2 EngineSystem LOCK/
UNLOCKFunction
Validity Domain : NOT_PRESENT|PRESENT|ACC|APC
Type : enumerationKey_Position
Key_Identification_OK
Input
Output
KeyIdentification
Function
Validity Domain : TRUE|FALSE
Type : enumeration
The key shall be identified
Requirement IDENT_001
SystemAuthentication
Function
Validity Domain : 0 to 16.000.000
Type : integerTransponder_CodeInput
/H�VDYRLU�IDLUH�FRQVWUXFWHXU��OD�VWUXFWXUH�GHV�IRQFWLRQV
�� ����
Service
Label : String
Variant
Label : String
1
0..n
1
0..n
Function
Label : String(f rom fun ct iona l la yer)
0..1
0..n
0..1
0..n
0..n
0..1
0..n
0..1
is decomposed in
Functional Flow
Label : StringValidityDomain : StringType : String0..n
0..1
0..n
0..1
is decomposed in
Functional Output
0. .n
1
0. .n
1
Functional Input
0..n
1
0..n
1
Function
Label : String
1..n
0..n
0. .n
0..n
0. .n
0..n
0..n
0..n
0..n
0..n
0..10..1
is decomposed in
/D�GpFRPSRVLWLRQ�IRQFWLRQQHOOH80/
Architecture AIL V2.4
�� ����
+
‘=‘
When the key has been identified, and theinformation ' system is ready to start' isavailable, then the authentication phase isstarted.
Requirement VR/DR2_002
VR/DR2 EngineSystem LOCK/
UNLOCKFunction
KeyIdentification
Function
The key shall be identified
Requirement IDENT_001
SystemAuthentification
Function
When the key has been identified, and theinformation ' system is ready to start' isavailable, then the authentication phase isstarted.
Requirement AUTHEN_002
/HV�H[LJHQFHV�GDQV�OD�GpFRPSRVLWLRQIRQFWLRQQHOOHArchitecture AIL V2.4
�� ����
Function
Label : String
(from functional layer)
0..10..n
0..1
is decomposed in
0..n
Functional Architecture
Label : String
(from functional layer)
0..n
1..n
0..n
1..n
Variant
Label : String0..1 0..n0..1 0..n
Vehicle
Label : String1 0..n1 0..n
Functional Flow
Label : StringValidityDomain : StringType : String0..n
0..1
0..n
0..1
is decomposed in
Functional Output
0. .n
1
0. .n
1
Functional Input
0..n
1
0..n
1
Function
Label : String
1..n
0..n
0. .n
0..n
0. .n
0..n
0..n
0..n
0..n
0..n
0..10..1
is decomposed in
/¶DUFKLWHFWXUH�IRQFWLRQQHOOH80/
Architecture AIL V2.4
�� ����
‘Case Study‘FA1
FunctionalArchitecture
Lock_Unlock_StateOutput
VR/DR2 EngineSystem LOCK/
UNLOCKFunction
Validity Domain : LOCKED|UNLOCKED
Type : enumeration
Validity Domain : LOCKED|UNLOCKED
Type : enumerationLock_Unlock_State
Engine_State
Input
Output
Vehicle Start-up
Function
Validity Domain : LOCKED|UNLOCKED|IN_ROTATION
Type : enumeration
Engine_StateInput
Engine StatusReportingFunction
Validity Domain : LOCKED|UNLOCKED|IN_ROTATION
Type : enumeration
2EMHWV�LGHQWLTXHV� �OLHQV�LPSOLFLWHV
/HV�GRQQpHV�GDQV�OD�GpFRPSRVLWLRQIRQFWLRQQHOOHArchitecture AIL V2.4
�� ����
VehicleProject
HardwareArchitecture
SoftwareArchitecture
FunctionalArchitecture
OperationalArchitecture
8QH�pWXGH�GH�FDVArchitecture AIL V2.4
�� ����
ASC
Label : String
LDM
Label : String
Free Software Component
Software ComponentLanguage_CC : StringOS_CC : String
/HV�FRPSRVDQWV�OLEUHV�GH�SODFHPHQW80/
Architecture AIL V2.4
/RJLFLHOV�G¶$SSOLFDWLRQHW*HVWLRQ�GH�O¶LQVWUXPHQWDWLRQ
�� ����
Synchro TaskLabel : String
Synchro Event
Label : StringMask : String
CallBackLabel : String
Synchro Element
0..1
0..n
0..1
0..n
Software Input
Label : String
Software Output
Label : StringPublication : String
Logical Task
Label : StringPriority : intSchedule : booleanAutostart : booleanPeriod : intExecution_Time : int
1
0..n
1
0..n
1
0..n
1
0..n
1
1..n
1
1..n
1
0..n
1
0..n
1
0..n
1
0..n
Software ComponentLanguage_CC : StringOS_CC : String
Software Flow0..n
0..n0..n
+input
0..n
0..n0..n
0..n
+output0..n
/HV�FRPSRVDQWV�OLEUHV�GH�SODFHPHQW80/
Architecture AIL V2.4
/RJLFLHOV�G¶$SSOLFDWLRQ
�� ����
DEVICE_TYPE
Device_Name : String(from Enumeration)
Device
Label(from hardware layer)
0..n
1
0..n
1
LDMLabel : String
Device Channel
Label : String(from hardware layer)
1
0..n
1
0..n
0..10..1 0..10..1
DRIVER_TYPE
Label : String(from Enumeration)
Channel Requirement
Label : String(from hardware layer)
0..1
0..1
0..1
0..1
0..n
1
0..n
1
Software Component
Language_CC : StringOS_CC : String
Software Flow
0..n
0..n
+input
0..n
0..n
+output
0..n
0..n
0..n
0..n
Free Software Component
/HV�FRPSRVDQWV�OLEUHV�GH�SODFHPHQW80/
Architecture AIL V2.4
*HVWLRQ�GHO¶LQVWUXPHQWDWLRQ
�� ����
Free Software Component
Software Architecture
Label : String
1..n
0..n
1..n
0..n
Software Component
Language_CC : StringOS_CC : String
Software Flow0..n
0..n
+input
0..n
0..n
+output
0..n
0..n
0..n
0..n
/¶DUFKLWHFWXUH�ORJLFLHOOH80/
Architecture AIL V2.4
�� ����
‘Case Study‘SA1
SoftwareArchitecture
Validity Domain : TRUE|FALSE
Type : enumerationKeyInsertDetectionInput
TransponderIdentification
ASC
GetKeyPosition
LDMValidity Domain : TRUE|FALSE
Type : enumerationKeyInsertDetectionOutput
/HV�GRQQpHV�GDQV�OD�VWUXFWXUDWLRQORJLFLHOOHArchitecture AIL V2.4
�� ����
KeyIdentification
Function
The key shall be identified
Requirement IDENT_001
GetKeyPosition
LDM
Acquire the key position
Requirement GetKeyPosition_001
TransponderIdentification
ASC
The key shall be identified when inserted.
Requirement TransponderIdentification_001
+
‘=‘ )XQFWLRQDO�$UFKLWHFWXUH6RIWZDUH�$UFKLWHFWXUH
/HV�H[LJHQFHV�GDQV�OD�GpFRPSRVLWLRQORJLFLHOOHArchitecture AIL V2.4
�� ����
VehicleProject
HardwareArchitecture
SoftwareArchitecture
FunctionalArchitecture
OperationalArchitecture
8QH�pWXGH�GH�FDVArchitecture AIL V2.4
�� ����
(&8��ICEM
OSEKOS
OSEKCOMDrivers
(&8��OSEK
OSOSEKCOMDrivers
ICEM
2SHUDWLQJ�+DUGZDUH� 2EMHFWV'HSHQGHQW�6RIWZDUH�&RPSRQHQWV
$UFKLWHFWXUHPDWpULHOOH =+
/HV�FRPSRVDQWV�PDWpULHOVArchitecture AIL V2.4
1HWZRUN
�� ����
Hardware ArchitectureLabel : String
ECULabel : StringCost : intFrequency : floatROM_Size : intRAM_Size : intEEPROM : intFlash : int
1..n
0..n
1..n
0..n
NETWORK_PROTOCOL
Protocol : String
(from Enumeration)
Network TypeLabel : StringPhysical_Layer : StringNetwork_Specification : String
1
0..n
1
0..nNetwork
ConnectionLabel : String
1 0..n1 0..n
1..n
0..n
1..n
0..n
NetworkLabel : String
1
0..n
1
0..n
Hardware Architecture
10..n
10..n1..n0..n 1..n0..n
Driver BSC
Label : String(from software layer)
DriverLayerLabel : String
0..n
0..n
0..n
0..n
OS BSC
Label : String(from software layer)
COM BSC
Label(from software layer)
0..1
0..1
0..1
0..10..n
0..n
0..n
0..n
ICEM
LabelCOM_CC
(from software layer)
0..1
0..n
0..1
0..n 0..n
0..n
0..n
0..n
Dependent Software Component(from software layer)
/HV�FRPSRVDQWV�PDWpULHOV80/
Architecture AIL V2.4
�� ����
VehicleProject
HardwareArchitecture
SoftwareArchitecture
FunctionalArchitecture
OperationalArchitecture
8QH�pWXGH�GH�FDVArchitecture AIL V2.4
�� ����
ECU #2
OSEKOS
OSEKCOM
Drivers
ICEM
ECU #1
OSEKOS
OSEKCOM
Drivers
ICEM
&$1�1HWZRUNS AAS
ASCLDM
ASCASC
LDMLDM
ASCLDM
ASCASC
LDMLDM
HardwareArchitecture
SoftwareArchitecture
OperationalArchitecture
/HV�FRPSRVDQWV�RSpUDWLRQQHOVArchitecture AIL V2.4
�� ����
OS TaskLabel : StringType : String
10..n 1
Operational Architecture
0..n
Logical Task
Label : StringPriority : intSchedule : booleanAutostart : booleanPeriod : intExecution_Time : int
(from software layer)
1 1..n1 1..n
Software Component
Language_CC : StringOS_CC : String
(from software layer)
ECU
Label : StringCost : intFrequency : floatROM_Size : intRAM_Size : intEEPROM : intFlash : int
(from hardware layer)
0..n1..n 0..n1..n
ASC
Label : String(from software layer)
LDM
Label : String(from software layer)
Free Software Component(from software layer)
0..n1..n 0..n1..n
Software Architecture
Label : String
(from software layer)
Operat ional Archi tecture
Label : StringA lgorythm : String
1
0..n
Hardware Architecture
Label : String
(from hardware layer)
1
0..n
1
0..n
1
0..n
Operational Architecture
Operational Architecture
/HV�FRPSRVDQWV�RSpUDWLRQQHOV80/
Architecture AIL V2.4
�� ����
Multiplexed Flow
Label : StringIn_Byte : intAt_Bit : int
0..n0..1 0..n0..1
Messaging
Label : String
Network
Label : String(from hardware layer)
Frame
Label : StringSize : intFrameID : String
0..n
0..n
0..n
0..n
0..n
. : Operational Architecture
0..n
0..n
0..n
. : Operational Architecture
Operational Flow
Software Flow(from software layer)
0..1
0..n
. : Operational Architecture. : Operational Architecture
0..1
0..n
/D�PHVVDJHULH�RSpUDWLRQQHOOH80/
Architecture AIL V2.4
�� ����
ECULabel : StringCost : intFrequency : floatROM_Size : intRAM_Size : intEEPROM : intFlash : int
. : Operational Architecture
0..n
. : Operational Architecture
1
0..n
. : Operational Architecture
1
. : Operational Architecture
Free Software Component(from software layer)
LDM
Label : String(from software layer) 0..n1 0..n1
Device ChannelLabel : String
0..1
0..1
0..1
0..1
DeviceLabel
Device PinLabel : StringType : String
0..n0..n
11 0..n
ECU PinLabel : String
1
. : Operational Architecture
1
1
1
. : Operational Architecture
. : Operational Architecture. : Operational Architecture
1
. : Operational Architecture
1
DriverLayerLabel : String
0..1
0..1
0..1
0..1Driver BSC
Label : String(from software layer)
0..n 0..n0..n 0..n
Driver_Channel
Label : String(from software layer)1 1..n1 1..n
1
. : Operational Architecture. : Operational Architecture
1
. : Operational Architecture
%UDQFKHU�OHV�pTXLSHPHQWV�DX[�(&880/
Architecture AIL V2.4
�� ����
VehicleProject
HardwareArchitecture
SoftwareArchitecture
FunctionalArchitecture
OperationalArchitecture
Project Objects
Functional Objects
Software Objects
Hardware Objects
Operational Objects
Architecture AIL V2.4
�� ����
�3UpVHQWDWLRQ�JpQpUDOH�$,/�HW�GpYHORSSHPHQW�G¶XQH�DUFKLWHFWXUH�HPEDUTXpH�DYHF�$,/�2XWLOV�GH�GpYHORSSHPHQW�'pPRQVWUDWHXUV
Plan
�� ����
Validation tool
Test generator tool
Specification tool(Statemate, ...)
development
System specification
System design
Systemvalidation
SystemintegrationValidation tool
Mapping tool
Performance evaluation tool
Tester
calibration tool
CodeCode analyser
Code generator
Descriptionde l’ architecture
3ULQFLSH�GH�FRQQH[LRQ�GHV�RXWLOVj�$,/Outils
%'�$,/
�� ����
+ Interface AIL-Extension 1
AIL-Extension1
API -ext1
DB1Data Base
AIL-compliant
Documentationgenerator tool
OPNET tool(performanceevaluation)
SYNDEX tool(mapping)
Configurationtool
AIL Editors
(Architectures,Components)
Extension1-Specific tool
Standard InterfaceAPI implementation -- for DB1
%'�$,/
,QWHUIDoDJH�GHV�RXWLOVj�$,/Outils
�� ����
DB1Data Base
AIL-compliant
Designtool
Config.tool
AILEditors
API implementation -DB1
AIL.xml
ExchangeManagement
ExchangeManagement
DB2Data Base
AIL-compliant
Config.tool
AILEditors
Designtool
API implementation -DB2
(FKDQJH� HW�LQWpJUDWLRQ�G¶DUFKLWHFWXUHV$,/Outils
�� ����
AIML.DTD
API implementation -DBi
API implementation -XML
XML FileAIL-compliant
DBiData Base
AIL-compliant
Exchange file
AIL.xml
Table structure
DTD
AIML.xml
DTDGenerators
DBi structureGenerators
DBi APIimplementation
generators
XML APIimplementation
generators
API interface generator
APIAIML Editor
AIML referencemanual generator
AIML.xml+ ✩✩ (Extension j)
✩✩
✩✩
✩✩
✩✩
*pQpUDWLRQ�DXWRPDWLTXHOutils
�� ����
�3UpVHQWDWLRQ�JpQpUDOH�$,/�HW�GpYHORSSHPHQW�G¶XQH�DUFKLWHFWXUH�HPEDUTXpH�DYHF�$,/�2XWLOV�GH�GpYHORSSHPHQW�'pPRQVWUDWHXUV
Plan
�� ����
Gestion_Etats_et_modes_ Système
2.3.15
Informer_les_ autres_véhicule_e
n_détresse 2.3.1
Localisation_véhicule 2.3.6
Informer_ utili sateur_véhicule
_en_détresse 2.3.7
Informer_les_ autres_changement
_direction 2.3.2
Informer_ utili sateur_changement
_direction
2.3.3
Informer_ utili sateur_porte_
ouverte 2.3.4
identification_cle_0
2.3.8
Informer_ utili sateur_état_
moteur 2.3.5
Plafonnier_Alfix 2.3.12
ou Plafonnier_Alpro
2.3.13
Démarrage
2.3.14
Plafonnier
Clé de contact
Voyant témoin « état moteur »
Push PLIP
transpondeur
Voyant témoin indicateur de
feux de direction
Commande changement de
direction
Bouton Warning
Voyant témoin
« porte ouverte »
Feux
indicateurs de direction
Push
Démarrage
CPO 2
CPO 1
Voyant témoin indicateur de
feux de direction
Feux
indicateurs de direction
Feux
indicateurs de direction
Etat_commande_direction
Etat_Système
Action_porte
Detection_présence_clé
Etat_ver_dever_moteur
Periodicité_feux_direction
Etat_Système Etat_Mode
Etat_Système
Etat_une_porte_ouverte
Etat_Système
Véhicule_détresse
Action_Plip
Etat_Moteur
Action_bouton_Warning
Périodicité_warning
Identification_Clé_OK
De_verrouill age_1
2.3.11
Etat_Moteur
Authentification_systeme_0
2.3.10
Activation_Déverrouil lage
Version luxe
$SSOLFDWLRQ�VRXV�HQVHPEOH�KDELWDFOH36$�� 6DJHP��6LHPHQV�� 9DOHR
Démonstrateur
([WUDLW�GH�O¶DUFKLWHFWXUHIRQFWLRQQHOOH
�� ����
LDM-SC
Transpondeur
Recherche_Code
Code_Transp
Gestion_evenement_transpondeur
ASC
Identification_Cle_Ok
Comparer_code_transpondeur
ASC
Etat_Systeme
De_Verrouillage_1
ASC
Etat_Ver_Dever_Moteur
Demarrer
ASC
LDM-SC
Bouton_DemarragePush_Dem
Gestion_etats_et_modes_systeme
ASC
Insertion_cle
Position_cleEtat_Systeme
Mode_systeme
LDM-SC
Lecture_position_clef_de_contact
LDM-SC
Voyant_Etat_Moteur
Etat_Moteur
LDM-SC
Plaf_AlproPlafonnier
Mode_systeme
Etat_Systeme
Dem_Autentification
ASC
Calcul_Code_0
ASC
Calcul_Code_0
ASC
Dem_Autentification
ASC
Etat_Systeme
Géné_Code_Al
Fin_Authentification
ASC
Code_Aleatoire
Fin_Calcul_1
Fin_Calcul_0Code_1Code_0
Activation_Deverouillage
$SSOLFDWLRQ�VRXV�HQVHPEOH�KDELWDFOH36$�� 6DJHP��6LHPHQV�� 9DOHR
Démonstrateur
([WUDLW�GH�O¶DUFKLWHFWXUHORJLFLHOOH
�� ����
Sagem ECU
CAN Network
Local A/S Devices Local A/S Devices Local A/S Devices
OSEK-OSOSEK COM
I/O Drivers
Siemens ECU
OSEK-OSOSEK COM
I/O Drivers
Valeo ECU
OSEK-OSOSEK COM
I/O Drivers
LDM
ICEM
ASC
LDM
ICEM
ASC
LDM
ICEM
ASC
$SSOLFDWLRQ�VRXV�HQVHPEOH�KDELWDFOH36$�� 6DJHP��6LHPHQV�� 9DOHR
Démonstrateur
$UFKLWHFWXUH�PDWpULHOOH
�� ����
Access DBData Base
AIL-compliant
SimpleMessaging tool
(manual)
Configurationtool
(automatic)
AIL Editors(Architectures,Components)
EmbeddedSoftwareStructure
ConfigurationFiles
SimpleScheduling tool
(automatic)
API implementation -- for our Access DB mock-up
ICEM configurations,
LDM configurations,
OIL files,
Makefiles,
OSEK “main” files
$SSOLFDWLRQ�VRXV�HQVHPEOH�KDELWDFOH36$�� 6DJHP��6LHPHQV�� 9DOHR
Démonstrateur
2XWLO