High level modelling language for mission and safety-critical systems

21st February 2013

Matthew Hause looks at how a standard high level modelling language can help in the design and development of mission critical systems as they become standardised

 OMG SysML provides a standard modelling language for systems engineers to analyse, specify, design and verify complex systems through diagrams that can be used to specify system requirements, behaviour, structure and parametric relationships - the four pillars of SysML. This delivers an environment in which to design and develop mission and safety-critical systems through an inter-disciplinary approach by enhancing systems quality, improving the ability to exchange systems engineering information amongst tools and helping bridge the semantic gap between systems, software and other engineering disciplines.

In SysML the system structure is represented by block definition diagrams and internal block diagrams. A block definition diagram describes the system hierarchy and system/component classifications. The internal block diagram describes the internal structure of a system in terms of its parts, ports, and connectors while the package diagram is used to organise the model.

The behaviour diagrams include the use case diagram, activity diagram, sequence diagram and state machine diagram. A use-case diagram provides a high-level description of the system functionality. The activity diagram represents the flow of data and control between activities. A sequence diagram represents the interaction between collaborating parts of a system. The state machine diagram describes the state transitions and actions that a system or its parts performs in response to events. The requirement diagram captures requirements hierarchies and the derivation, satisfaction, verification and refinement relationships. The parametric diagram represents constraints on system parameter values such as performance, reliability and mass properties to support engineering analysis.

A comprehensive OMG SysML Profile tool not only supports the four pillars of SysML but also further core SysML elements including requirements, blocks, constraint blocks, value types, item flows and flow ports, adding appropriate new commands, explorer panes and toolbars to the menus. Importantly, the SysML implementation allows engineers to work with SysML elements and diagrams as new element types and not just as stereotyped UML types, resulting in faster recognition, better usability and ease-of-adoption without compromising compliance to the standard. SysML artefacts can be deployed on the development of mission and safety-critical applications to specify the requirements for solution spaces such as software and hardware to provide both traceability and handover.

Requirements traceability is an essential part of mission and safety-critical applications development. For DO-178B, for example, traceability must be provided between system requirements and high-level software requirements, high and low level requirements, low-level requirements and tests, tests and code for structural coverage, and from top down and bottom up. The requirements diagram is used to integrate the system models with text based requirements that are typically captured in requirements management tools, to facilitate the required traceability. The UML containment relationship is used to decompose a requirement into its constituent requirements.

Structure in OMG SysML

A clear description of the system and its environment is essential for mission and safety- critical applications. SysML provides block diagrams to support this. The SysML ®block¯ is a general purpose hierarchical structuring mechanism that abstracts away much of the software-specific detail implicit in UML structured classes. Blocks can represent any level of the system hierarchy including the top-level system, a subsystem, or logical or physical component of a system or environment. A SysML block describes a system as a collection of parts and connections between them that enable communication and other forms of interaction. Ports provide access to the internal structure of a block for use when the object is used within the context of a larger structure.

Two diagrams are used to describe block relationships. The Block Definition Diagram (bdd), similar to a traditional class diagram, is used to describe relationships that exist between blocks. The Internal Block Diagram (IBD) is used to describe block internals, which would see an avionics system represented as a block composed of other blocks, including several processing elements, 24 volt power, and two buses. The role names on the association ends correspond to the parts on the IBD.

Each of the components then has a number of flow ports that describe what can flow in and out, connected to other compatible ports to enable the required flows in this context.

The SysML allocation relationship allocate one model element to another. Allocation is the term used by systems engineers to denote the organised cross-association (mapping) of elements within the various structures or hierarchies of a user model. Often this is the allocation of function to form, such as the deployment of software on a hardware platform, or a use case to an organisation or system entity or a logical to a physical entity.

Allocations can be used early in the design as a precursor to more detailed rigorous specifications and implementations. The allocation relationship can provide an effective means for navigating the model by establishing cross relationships and ensuring the various parts of the model are properly integrated. The integration of the software and hardware models means that safety integrity levels (SIL) for the various parts can be assigned and verified to ensure a consistent implementation. Hardware/software interfaces can also be verified, as well as architectural constraints, thus ensuring traceability and change analysis.

Architectural frameworks are hugely important in defence procurement and a large proportion of mission and safety-critical applications are developed for military purposes using well-defined architectural frameworks, in particular the US Department of Defense Architecture Framework (DoDAF) and similarly the UK's Ministry of Defence Architecture Framework (MODAF), as the standard means for describing them in model-based design tools. A version of the tool responds directly to the architectural framework needs of the US DoD, its suppliers and DoDAF users. It provides all the modelling features design engineers need when applying DoDAF/MODAF. UML, SysML, Data Modelling and the DoDAF profile are all packaged in a single, enterprise-scale design architecture modeling tool. Its underlying repository ensures architectural consistency across the full range of DoDAF views.

Fortunately, the use of UML/SysML, as an underlying mechanism for these frameworks, has made it feasible to work towards a unified UML/SysML profile for DoDAF/MODAF which is being fast-tracked through the OMG by the UPDM Group. In September 2008, the draft specification 1.0, which defines an industry standard UML/SysML representation for DoDAF 1.5 and MODAF 1.2 compliant enterprise architectures was submitted on schedule to the OMG. The specification was strongly supported by both the DoD and MOD and was officially issued by the OMG in June 2009.

Matthew Hause is Chief Consultant at Artisan Software Tools in Cheltenham, UK, and Co-Chair of the UPDM Group.




twitter facebook linkedin © Setform Limited