CPSC 875 - Clemson University

CPSC 875 - Clemson University

CPSC 875 John D. McGregor Wrap-up Ultimate goal Encapsulate uncertainty, risk, and change We analyze and measure to determine where to form modules or to refactor modules Architecture definition

The software architecture of a program or computing system is the structure or structures of the system, which comprise software elements, the externally visible properties of those elements, and the relationships among them. Structure static Behavior Dynamic Relationships Flows and connections

constraints Types of architectures Software architecture System architecture

Reference architecture Enterprise architecture Logical/physical Definitional/operational Activities Analysis understanding problems

Design defining solutions Verification and validation Is the product correct? Is this the correct product? Requirements Functional Non-functional

Rationale Traceability Reqspec Use cases Scenarios Reqspec requirement speed_R1 : "throttle cannot exceed the maximum setting" [ description this " shall have a maximum reading that is less than or equal to maximum setting"

rationale "fly by wire may introduce an electrical error beyond the physical throttle setting" value predicate CurrentSpeed < MaximumSpeed mitigates "Invalid data sent by the speedometer" issues "need to recognize that physical subsystems can present issues for a digital system" see goal caccStakeholderGoals.g1 category cc acc cacc quality safety uncertainty[ volatility 2 impact 3

] ] Architecture Description Cartoons Languages Multi-scale Support analysis Strongly typed

Environment OSATE Performs analysis Flexible Process

Specify Design Implement Verify These phases are inter-related. Which techniques are used in one phase influence what can be used in another phase.

Specification Start with requirements Reqspec provides a machine readable model It has links into the AADL design model Also, languages such as Agree can be used to

both specify and verify assume "time greater than 0": left_toggle_enabled_at >= 0 and left_button_enabled_at >= 0 and right_button_enabled_at >= 0 and right_toggle_enabled_at >= 0;

guarantee "launch will not occur if either button is not active": launch = false or (launch = true and left_button_enabled = true and right_button_enabled = true); Quality attribute workshop Between requirements and design Prioritizes quality attributes Quality attribute scenarios Context Stakeholder input

State machine Engine off Recalculate pedal position CC On

Engine on CC off ed s ap Maintain l Set current E er

current speed speed tim initial resume engage Inactive speed set

Resume [setSpeed currentSpeed< 5mph]/accelerate apply brake Design Process Attribute-driven design Multiple alternatives can be compared Consider both definition

and instantiation Standard structures Module structures Which piece is responsible for what Component and connector structures How do the major pieces interact at runtime

Allocation structures Associates pieces of the architecture with pieces of the external environment Baldwins Modularity Operators Any system Splitting Substitution Assumes a modular system Augmenting

Excluding Inversion Porting Design, implementation and verification We used AADL partially because there is a modular, evolving environment An analyzable model scales well. Multi-scale models allow teams to work

asynchronously much of the time xText provides the ability to define languages such as Reqspec, Verify, and Assure Variation The goal of variability in a software product line is to maximize return on investment (ROI) for building and maintaining products over a specified period of time or number of products.

An instance of the architecture resolves certain variations Mechanisms One system definition extends another A system definition is included or excluded Subprograms have parameters Documentation Views and Beyond Viewpoint

View ViewPacket Views for all stakeholders Portions of the AADL model can eliminate the need for lots of text in the technical parts of the document Verification Resolute can verify that specified structure is

present It is linked to the Verify activities annex Resolute {**prove(instantiation_is_reachable(this, instances(EventHandler::button_event_threa d)))**}; Safety analysis Look for hazards Emerging from associated hardware

Propagated from upstream modules Mitigate hazards Manage flow (propagation) Define error handlers Safety and security System and software assurance focuses on the management of risk and assurance of safety, security, and dependability within the

context of system and software life cycles. Assured by checking explicitly how hazards are being handled. Reuse of error design information such as the hazards in the feedback control loop http://ocw.mit.edu/courses/aeronautics-and-astronautics/16-63j-system-safety-fall-2012/ lecture-notes/MIT16_63JF12_Class10STPA.pdf Error ontology

Security Security is the capability of a system to prevent malicious or accidental actions outside of the designed usage, and to prevent disclosure or loss of information. A secure system aims to protect assets and prevent unauthorized modification of information. Confidentiality Integrity

Availability Security Size of attack surface Technical debt The amount of less than perfect development artfacts grows if not explicitly addressed. Particularly in situations where certain quality requirements is difficult to meet techical debt can have a huge impact.

ISO 26262 - Functional Safety Road Vehicles IEC 61508 -> ISO 26262 IEC 61508 was not cancelled which means that users of 26262 need to be familiar with 61508 Some architecture styles Feedback/control loop cyberphysical systems Driver (controller)

CACC (controller) actuators sensors Vehicle speed and acceleration

Hazard (Hit vehicle) Message Bus-data production systems Service Oriented Architecture looselly coupled systems https://docs.oracle.com/cd/E18727_01/doc.121/e12064/T291171T509748.htm

N-tier architecture-distributed systems http://www.ibm.com/developerworks/rational/library/05/0816_Louis/ Event-driven when events are sporadic Blackboard planning or design

systems http://mupumb.com/blackboard-architectural-design-pattern/ Integrating Using basic tactics and operators, these basic styles are combined to form architectures AGREE contracts are checked for alignment Resolute constraints are evaluated to ensure Error propagations are checked for continuity

The end I hope this semester has helped you to better understand the issues about and the methods for structuring software-intensive systems. Watch for existing architectures that we did not have time to discuss and for new structures emerging in new types of systems.

Recently Viewed Presentations

  • e-handout To have these notes without taking notes

    e-handout To have these notes without taking notes

    Rev.14.9-12 Another angel, ... This love was a great and all-consuming fire that the torrent of life could not extinguish." The next step came when he was slipped a short volume of Hebrew grammar by his favorite Rabbi who had...
  • Diapositiva 1 - observatorioddhhmujeres.org

    Diapositiva 1 - observatorioddhhmujeres.org

    Las facilitadoras. Profa. Ofelia AlvarezCardier.. Lcda. en Educación. Mg Sc en Psicología Social-UCV. Investigadora en Violencias contra las Mujeres. Directora de Fundación para la Prevención de la Violencia Doméstica hacia la Mujer-FUNDAMUJER.
  • Budget Authority & Support Staff Training Human Resources

    Budget Authority & Support Staff Training Human Resources

    The dollar value of the donation will be included in the donor's income and UT Tyler will withhold taxes in accordance with IRS regulations. An employee may donate sick leave to another employee at UT Tyler if: The recipient meets...
  • Race in Hollywood Film

    Race in Hollywood Film

    Film Language As in the previous slide, be sure to use technical film language when analyzing shots, scenes and sequences. This includes how cinematography, editing, narrative, sound and mise-en-scene serve to convey meaning and support your thesis. Remember, form and...
  • Diapositive 1

    Diapositive 1

    Quels défis et remises en questions cela entraîne-t-il ? la démocratie TRAVAIL CONCLUSIF: L'Union Européenne et la démocratie En quoi le fonctionnement de l'UE obéit au double principe d'une démocratie représentative et d' une démocratie déléguée? Quels défis et remises...
  • Mathematical Physics Ii Fourier Series

    Mathematical Physics Ii Fourier Series

    The magnitude of this vector is the modulus of the complex number: Basics of complex algebra-7 complex conjugation For a given complex number we may define a conjugate number given by The complex variable and its conjugate are mirror images...
  • Invertebrates - Mount Gilead School District

    Invertebrates - Mount Gilead School District

    Antennae- are the feelers that arthropods use for touch, taste, and smell Insects 1. Largest group of arthropod 2. Insects live everywhere EXCEPT the ocean 3.Insects are beneficial when they A. pollinate 4. Insects are harmful when they A. eat...
  • Aboriginal Symbolism - Miss Hetu&#x27;s Native History

    Aboriginal Symbolism - Miss Hetu's Native History

    Aboriginal Symbolism. SYMBOLISM. Definition: The art or practice of using symbols. ... Animals in Aboriginal myth are usually anthropomorphic. Offence against an animal soul can lead to misfortune (ex. bad hunting [starvation] and bad weather).