the system architecture virtual integration (savi) … system architecture virtual integration...

The System Architecture Virtual Integration

(SAVI) Project

An Integrated Modeling Environment for Improved Design of Complex Systems

David Redman, Aerospace Vehicle System Institute (AVSI)

Safe & Secure Systems & Software Symposium

10:30-11:00 June 17, 2010

Outline

• The Situation

• The AVSI Approach

• Proof of Concept Project I

• Proof of Concept Project II

• The SAVI Program

6/17/10 22010 Safe & Secure Systems & Software Symposium / © Texas Engineering Experiment Station

The Situation

6/17/10 2010 Safe & Secure Systems & Software Symposium / © Texas Engineering Experiment Station 3

High-level Req’s in RFP

High-level Design RFP Response

Req’s Changes

Aero

Avionics

Systems

Target CompletionPDR

Trades Req’s Defined Sys Design Sys Re-DesignDetailed Design

Aero

Avionics

Systems

CDR

System Integration Checks

Sys Development V&V

COST GROWTH

Sys Integration

SCHEDULEDELAY

SuppliersSuppliersSuppliers

Systems Are Becoming More Complex


Estimated Onboard SLOC Growth

6

8

10

12

14

16

18

20

1960 1970 1980 1990 2000 2010 2020

Year

Ln(O

nboa

rd S

LOC

)

Line FitBoeingAirbusUnaffordable

299M

27M

A330/340: 2M

A320: 800KA310: 400K

A300FF: 40K

A300B: 4..6K

INS: 0.8K

8M

Slope = 0.17718Intercept = -338.5Curve implies SLOC

doubles about every 4 years

134M

61M

B757, B767: 190KB747: 370K

B777: 4M

B737: 470K

The line fit is pegged at 27M SLOC because the projected SLOC sizes for 2010 through 2020 are unaffordable. The COCOMO II estimated costs to develop that much software are in excess of $10B.

$160 B

$7.8 B

$290 M

$81 M

$38 M

SoftwareBase CostCOCOMO II

AssumedAffordabilityLimit

Airbus data source: J.P. Potocki De Montalk, Computer Software in Civil Aircraft, Sixth Annual Conference on Computer Assurance (COMPASS ’91), Gaithersberg, MD, June 24-27, 1991.Boeing data source: John J. Chilenski. 2009. Private email.

…with complex Development Ecosystems


src: http://en.wikipedia.org/wiki/File:Gravis_UltraSound_PNP.jpg

… and constrained by dated SE methods

Silo’ed Organizations


Mismatched Assumptions

“pi”

3.14 3.141592653589793

Written

Requirements

7

Current means of managingcomplexity have issues

• Operational Models• System Models• Component Models• Functional/Behavior Model• Performance Model• Structural/Component Model• Cost Model• Safety Model• Security Model• Reliability Model• Maintainability Model• Structural Model• Mass Production Model• Manufacturing (Assembly)

Models

• Modeling Domains– Ops/Mission Analysis– System Design– Algorithm Development– Hardware Design– Software Design– Logistics Support– Manufacturing– Integration & Test– Performance Simulation– Engineering Analysis– Human System Integration

• System Architecture Model (Integration Framework)

– Analysis Models– Hardware Models– Software Models– Verification Models

MultipleTruths

Incompatible Abstractions

Indeterminate Change Impact

Common issues create common goals

• Minimize system requirements errors so we know system will integrate and work before we build it

• Know the full impact of changes

• Design flexibility

• Catch integration issues early when costs are lowest

• Improve systems


… suggesting a cooperative solution

• Integration complexity will continue to increase

• Individual companies cannot solve it alone

• Industry cannot afford to solve it multiple times

• We can’t afford not to solve


A coordinated, industry-wide effort is needed to solve this issue.

The Aerospace Vehicle Systems Institute

AVSI is a global cooperative of aerospace companies, government organizations, and academic institutions

The System Architecture Virtual Integration program is an AVSI program addressing virtual integration of systems.

Past AVSI projects have covered the breadth of aerospace systems

and current research includes projects in the areas of

reliability, certification, and virtual integration.

6/17/10 102010 Safe & Secure Systems & Software Symposium / © Texas Engineering Experiment Station

Boeing brought these issues to AVSI


2005 2006 2007 2008 2009

AFE 32 & 32S1 AFE 58AFE 57

BoeingGoodrichHoneywellRockwell Collins

AirbusBAE SystemsBoeingGE AerospaceHoneywellLockheed MartinRockwell CollinsFAADoD ArmyDoD Navy

BCA BR&T

AFE 59Plan

CMU/SEI

AirbusBAE SystemsBoeingGE AerospaceLockheed MartinRockwell CollinsFAADoD Army

CMU/SEI

DassaultGoodrichHoneywellNASA

6 L-Yrs (1.5) 16+ L-Yrs (2)9+ L-Yrs (1)

2010

AirbusBAE SystemsBoeingEmbraer (?)GoodrichHoneywell (?)Lockheed MartinRockwell CollinsThales (?)UTC (?)FAADoD ArmyNASASEI/CMU

AFE 59

? L-Yrs (?)

AFE 32 - ADL’s

• There existed no Architecture Description Language that could capture a complete system definition

• There existed several candidate languages developed for various analytical domains:– UML

– SysML

– AADL

– Modelica

– …


Two Approaches to MBSE


Fault model

Security model

Timing model

Linked Models

Reference Model

The System Architecture Virtual Integration Program

• SAVI is– A research effort to define the standards and technologies

needed to effect virtual integration– A global collaboration– Integration of three emerging technologies

• Model-based,• Proof-Based, and• Component-Based engineering

– Structured/transformable data interfaces– A changed acquisition paradigm to facilitate systems integration

• SAVI is not– A software tool or a design tool– A continuation of current system development practices


“Integrate, Then Build”

The Situation


High-level Req’s in RFP

High-level Design RFP Response

Req’s Changes

Aero

Avionics

Systems

Target CompletionPDR

Trades Req’s Defined Sys Design Sys Re-DesignDetailed Design

Aero

Avionics

Systems

CDR

System Integration Checks

Sys Development V&V

COST GROWTH

Sys Integration

SCHEDULEDELAY

SAVI Program Impact

SuppliersSuppliersSuppliers

SAVI Program Scope

AFE 57 – SAVI High-Level Planning

• Identify the early (virtual) integration analyses we wish to perform– Includes gap analysis (on everything)

• Identify the information needed to support the analyses• Identify the tools necessary to produce and analyze the

information• Define the data structure needed for information storage

& analysis (Model Repository)• Define the data transforms needed for information

interchange (Data Exchange/Translation)– Working with tool vendors

• Build PoCs & perform pilots• Coordinate with Airworthiness Authorities• Participate on Standards Committees


Subset of these

performed during PoC I

AFE 58 – Proof of Concept I


Investigate Changes to Acquisition Model

Perform Proof-Of-Concept Experiment

Estimate ROI

Create SAVI Roadmap

Documented “as-is” and “to-be” acquisition models

Created representative models and acq. use case in AADL

Analysis shows favorable ROI using conservative assumptions

Created a more detailed roadmap for SAVI

development/implementation

Objectives Results

Architecture-Centric Engineering


Cyber SecurityAvailability

Authentication

Integrity

Confidentiality

No repudiation

Availability and Reliability

MTBF

FMEA

Hazard analysis

Real-timePerformance

Execution time/Deadline

Deadlock/starvation

Latency

ResourceConsumption

Bandwidth

CPU time

Power consumption

Data precision/accuracy

Temporal correctness

Confidence

Data Quality

AnnotatedArchitecture Model

Virtual Integration & Validation of System Architecture

Auto-generated analytical models

source: SEI

ModelRepository

ModelRepository

ModelRepository

ModelRepository

ModelRepository

Tool

s?

Other Info

Require/SpecifyToolsDescriptions

Suppliers Regulators

Airframers

Models Design/BuildTools

Data Integrate/V&VTools

AnalysisResults

?Other Tools

Users

Information: Virtual Integration Data

Model Bus

Define the data structure needed forinformation storageand analysis (ModelRepository)

Define the data transforms needed for information interchange (ModelBus)

Verification/ValidationRequirements

Integration/DeploymentDesign and Build

How Will SAVI Work?

Proof-of-Concept (PoC) Demonstration

• Three Models (Tiers 1, 2, and 3) Analyzed– Tier 1 (Aircraft level)

– Tier 2 (Aircraft system level)

– Tier 3 (Sub-system/LRU level)

• Analysis and Demonstration– Propagated requirements and constraints from higher-

level model down to suppliers' lower-level models

– Verified lower-level models satisfy higher-level requirements and constraints

• Evaluation Based on Quality Factors– Started with 19 (Criticality, Frequency, Difficulty, Cost,...)

– Video demonstrations available


Global Team Implemented PoC Demo

Distributed PoC Model Development

SEI

Rockwell CollinsBAE Systems

Subversion ModelRepository at AVSI

Airbus

A distributed, multi-party development team implemented the PoCdemo, reflecting current real-world development environments

Boeing

Lockheed-Martin

A Multi-Tiered Model Was Produced


Virtual Integration Throughout Life Cycle


SoftwareArchitectural

Design

SystemDesign

ComponentSoftwareDesign

CodeDevelopment

UnitTest

SystemTest

Integration Test

Acceptance Test

Sensitivity analysis for uncertainty

RequirementsEngineering

→ generation of test cases← updating models with actual data

Confidence in implementation

From Prediction to Validation

Top-Level Verification Items

High-levelAADL Model

DetailedAADL Model

Specify Model-Code Interfaces

SAVI Development Roadmap

24

2010 2011 2012 2013 2014 2015 2016

Full supply chain integration

SAVI DEPLOYMENT

COMMUNICATION

Partial Supply Chain integration (SAVI partners)

Tools Vendors Integration

Interfaces & existing models

2009

SAVI Tools pre-implementation

Encapsulation

SAVI PROJECT

Models

Architectural model

Analysis tools Safety, functions, weight

Functional at model level

Simulation tools Simulation app. gen.

SAVI Processdescription v1.0

Model Bus &Model Repository

Specs

ADL Selected

Full simulation capabilities

ADL based & Multi-level

SAVI v1.0 SAVI v2.0

Performances analyses

Full data

SAVI Processdescription v1.1

Model Bus &Model Repository

Specs v2.0

SAVI v3.0

Full analyses

Full SAVI systems scope

FunctionalInterfaces Functional & types Aircraft signals

Requirements Func. at ADL component

Configuration mgt. Version mgt Full services

Basic productionDocumentation prod. Full internal prod. Full external prod.

ADL visualizationRepository MMI Analysis & Simul. Integ.

ADL & models exchangesI/O services IP / security / IS integ.

SAVI Tools & Process

Tools Vendors (partners)

AIRCRAFT APPLICATIONS

Architecture design Prelim. system design Aircraft programSAVI partners All suppliers

AirframerSuppliers

AFE 59AFE 58

TRL 5DEC 2011

TRL 7JUN 2013

TRL 9DEC 2014

AFE 59 – Proof of Concept II


Data Exchange and Repository Development

• Collect and prioritize early integration use cases to form an initial requirements set for SAVI 1.0.

• Expand the Proof of Concept demonstration to implement a specific subset of the collected use cases. This expansion will include subsystems without software content.

Address Questions With Current SAVI Approach

• Survey existing Architecture Description Languages (ADLs) / Interface Description Languages (IDLs) against the collected early integration use cases.

• Investigate multi-language-model approaches to the Model Repository

Improved ROI

• Refine and Expand Return on Investment (ROI) Analysis Framework developed during AFE 58.

Develop SAVI 1.0 Program Plan

Objectives

Outreach

Mechatronics Architecture


PoC IIPoC I

Sensors

Actuators

ElectronicControl

Unit (ECU)

Communications Bus

Electronics

Mechanical Systems•Kinematics•Dynamics•Powertrain•Thermal•Fluids•Electric Power•…

Interface•Displays•User Controls•Haptics•Remote Links•…

Software•Functions•States•Modes•…

•Libraries•Modules•Messages•Protocols•Code•…

Define SAVI Use Cases

• Use cases reflect modes of interaction in SAVI framework

• Identify initial high-level requirements

• Will help identify technology gaps

• Use cases will be used to exercise PoCmodels


Program

Outreach

6/17/102010 Safe & Secure Systems & Software Symposium / © Texas Engineering Experiment Station

A coordinated, industry-wide effort is needed to solve this issue.

SAE AADL Standard2004/2009

OSATE Toolset | STOODSEI | ElliDiss

AADL Meta Model & XMIJune 2006

AADL Error Annex StandardJune 2006

AADL UML MARTE Profile 2009

AADL Behavior Annex2009

AADL ARINC653 Annex2009

AADL Data Modeling Annex2009

TOPCASED

ITEA SPICES

ISTARTIST2

EAST ADLAutoSAR

OpenGroupReal-Time Forum ESA ASSERT

DARPAMETA-II

Tool Vendor

Tool Vendor

Std’s Body

Std’s Body

ProgramProgram

ProgramProgramProgram

http://images.google.com/imgres?imgurl=http://www.uib.no/bot/bilder/eu-flag.gif&imgrefurl=http://www.uib.no/bot/mcts/index.htm&h=349&w=519&sz=4&hl=en&start=1&tbnid=hVHHnfoBEKOrbM:&tbnh=88&tbnw=131&prev=/images?q=European+Union+flag&gbv=2&svnum=10&hl=en&sa=G�




http://images.google.com/imgres?imgurl=http://www.united-states-map.org/images/american-flag.gif&imgrefurl=http://www.united-states-map.org/american-flag.htm&h=352&w=560&sz=37&hl=en&start=1&tbnid=Ej2l_hUHOf-YOM:&tbnh=84&tbnw=133&prev=/images?q=american+flag&gbv=2&svnum=10&hl=en�














Conclusion

• Standard data storage and exchange constructs enable early virtual integration of models distributed across the supply chain. A monolithic solution is not practicable.

• The AVSI SAVI Program represents an industry-based effort to address the common issue of cost and schedule growth due to the growth of system complexity.

• SAVI is just one of several efforts in this problem space. We cannot afford to solve this problem multiple times.


Questions?

Contacts:

Dr. Don WardPhone: (254) 842-5021

Mobile: (903) 818-3381

[email protected]

Dr. Dave Redman Office: (979) 862-2316

Mobile: (979) 218-2272

[email protected]


the system architecture virtual integration (savi) … system architecture virtual integration...

Documents