MDD4DRES Summer School

1-5 September, Aber-Wrac'h Registration

Program

5th International School on

Model-Driven Development for Distributed  Realtime Embedded Systems

1-5 September 2014, Aber-Wrach, France

 

 See also the programs of the Work In Progress Session and the Tools sessions

 

Monday September 1st

MDD overview and industrial feedbacks

14h00 – 14h15: Introduction by the organizers
14h15 – 14h30:”How do you like your models? Model Driven Development challenges and pitfalls ”, Robert France, Colorado State Univ., USA – Slides (pdf)
14h30 – 15h30: “Modeling Languages and System Architectures for Cyber-Physical Systems ”, Bran Selic, Malina SC., Canada – Slides (pdf)
15h30 – 16h00: Break
16h00 – 17h00: “ Feedbacks on System Engineering – ARCADIA, a model-based method for Architecture-centric Engineering ”, Jean Luc Voirin, Thales, France – Slides (pdf)
17h00 – 18h00: “ Future of mbe/MDE/mdd in the industry — Open source is the only solution! ”, Francis Bordeleau, Ericsson, Canada – Slides (pdf)
19h00 – 21H00: Welcome reception (Semaphore, Aber-Wrac'h)

 

Tuesday September 2nd

Modeling and Metamodeling Techniques (I)

09h00 – 10h30: “ Meta Modelling Survival kit ”, Pierre Alain Muller, Mulhouse Univ., France – Slides (pdf)
10h30 – 11h00: Break
11h00 – 12h30: " Multi-paradigm modeling ", Hans Vangheluwe, Antwerpen Univ and Mc Gill Univ., Canada – Slides (pdf)


Modeling and Metamodeling Techniques (II)

14h00 – 15h30: ”Model Driven Engineering for the Internet of Things ”, Jean Marc Jézéquel, IRISA, Rennes Univ., France – Slides (pdf)
15h30 – 16h00: Break
16h00 – 17h30: “ Variability Modeling and its standardization ”, Oystein Haugen, SINTEF, Norway  – Slides (pdf)
17h30 – 18h30: Panel session “On the multiplication of viewpoints, paradigms and domain-specific (modeling) languages" supported by the GEMOC initiative (chair: B. Combemale, INRIA Rennes)

 

Wednesday September 3rd

MDD Tooling

09h00 – 10h30: “ Introduction to the Eclipse Modeling Framework ”, Ed Merks, Itemis, Germany –  – Slides (pptx)
10h30 – 12h30:  Work in Progress and Tool Sessions

14h00 – 15h00:  Work in Progress and Tool Sessions

15h30 – 18h30: Social event – Sea tour

20h00 – …: Summer school banquet

 

Thursday September 4

Model-based Analysis

9h00 – 10h30: “ About model based testing of real-time systems in the frame of MDD ”, Arnaud Cuccuru and Christophe Gaston, CEA-LIST, France – Slides (pdf)

10h30 – 11h00: Break
11h00 – 12h30: “ Bridging the gap between functional and architecture models for time and resource analysis”, Marco Di Natale, Scuola Superiore Sant’Anna of Pisa, Italy

Security and Safety Modeling

14h00 – 15h30: “ Model Driven Security ”, Marina Egea, Atos Research & Innovation, SpainSlides (pdf)
15h30 – 16h00: Break
16h00 – 17h30: “ Model-Based Development of Safety-Critical Systems — Challenges and Potentials”, Bernhard Schaetz, Technical Univ. Munchen, Germany
17h30 – 18h30: Panel session on “MDE challenges for security and safety analysis”

 

Friday September 5

Multi-domain Modeling

09h00 – 10h30: “ Modeling Cyber-Physical Systems:Challenges and Recent Advances ”, Gabor Karsai, Vanderbilt Univ., Canada – Slides (pdf)
10h30 – 11h00: Break
11h00 – 12h30: " Principles of Object-Oriented Modeling and Simulation of Dynamic Systems with Modelica, Lena Buffoni, Linkoping Univ., Sweden – Slides (pdf)

 

Details  

  • Robert France, “How do you like your models? Model Driven Development challenges and pitfalls”

Abstract : In this talk I will present some MDD "meta"-challenges that I feel need to be addressed if MDD is to gain wider adoption. In particular, I emphasize the need for MDD technologists and researchers to more actively take into consideration how practicing software developers with a wide spectrum of modeling skills (from novice to expert modelers) can more effectively leverage the power of modeling through the use of usable technologies. Too often, we researchers and technologists tend to emphasize utility over usability when developing MDD technologies. It is time to make usability an important design consideration when developing MDD technologies. This leads to the notion of empathetic design of MDD technologies, which I promote in this talk.

 


 

  • Bran Selic, “Modeling Languages and System Architectures for Cyber-Physical Systems”

Abstract : The characteristic that distinguishes cyber-physical systems from other types of software systems is that they are required to interact with the physical world in a timely (an, usually, reliable) manner. This seemingly minor twist can add orders of magnitude of complexity to software design. In this talk, we focus on two central themes involved in the design of software for cyber-physical systems.

We first examine the specific problems that come with the need for software to be aware of and to keep pace with the physical world. Based on this, we identify what additional capabilities are needed in our computer languages to properly support the design and implementation of software for these systems.

In the second part of the talk, we review some concrete design patterns for specifying the software architecture of cyber-physical systems, with a particular focus on component-based systems. We describe some of the most common patterns and conclude with a “universal” architectural pattern, which can be used to structure the software of practically any cyber-physical system.

 


 

  • Jean Luc Voirin, “Feedbacks on System Engineering – ARCADIA, a model-based method for Architecture-centric Engineering”

Abstract : this talk describes some common weaknesses in traditional requirement-based engineering, and introduces a new model-based method, named ARCADIA, to solve these issues. ARCADIA is a method devoted to systems, software, hardware architecture engineering. · to understand the real customer need, · define and share the system architecture among stakeholders, · early validate system design and justify it, · ease and master IVVQ (Integration, Validation, Verification, Qualification). Some noticeable features are: · Model-based and Tool-supported · Supporting Collaboration and co-engineering · Adopting user’s language, not the opposite · Open to domain-specific added value · Adapted to several lifecycles, workshares… · Dealing with complexity & size · Field-proven in real industrial situations · Soon in open access/open sourcing along with its modelling tool called CAPELLA.

 


 

  • Francis Bordeleau, “ Future of mbe/MDE/mdd in the industry — Open source is the only solution! ”

Abstract : Model-Based Engineering (MBE) has proven to be highly successful in many different contexts in large software organizations like Ericsson over the last decades. However, the broad adoption of MBE has been significantly limited by the fact that existing tools have failed to provide proper support for customizability and development of Domain-Specific Modeling Languages (DSML), and to deliver capabilities to cover for a broad range of key development aspects, such as testing, tracing and debugging, deployment analysis and validation, architectural exploration, variation points and product line management, and model and tool integrations. Moreover, the lack of evolution of commercial modeling tools in the recent years has led several development units to seriously re-consider the use of modeling tools. We believe that the emergence of Papyrus as an industrial-grade open source modeling UML tool has the potential to be a real game changer and provide the required cornerstone of a new MBE era that will enable collaboration between industry and the research community to develop a complete MBE integrated software development environment that will provide support for the broad set of capabilities required by end-users. In this presentation, we discuss: Ericsson's experience with MBE over the last 20 years using commercial proprietary tools; the main motivations and plan for the development of an industrial-strength open source modeling tool solution based on Papyrus; the key importance of establishing a vibrant community composed of end-users, commercial suppliers, and research/academia; the impact of open source on the business model of modeling tool providers; and current projects addressing different aspects of the overall open source modeling tool solution.

 


 

  • Pierre Alain Muller, “ Meta Modelling Survival kit ”

Abstract : This talk is about the essence of meta-modeling. It starts with a discussion about the process of modeling, the use of artifacts to represent things, and the need of activation of these artifacts in order to fulfill the promises of modeling. The discussion goes further with the notion of languages, and the ways to express the models. Metamodels are introduced and presented as models of languages. Language engineering is then presented, with a focus on human factors. Eventually various composition techniques are introduced, and the ideal vision of language design by metamodel composition is confronted with reality pitfalls. The talk concludes by a suggestion to focus on user perceived value, rather than technical capabilities.

 


 

  • Hans Vangheluwe, “ Multi-paradigm modeling ”

Abstract : The complexity of (in particular cyber-physical) systems we build as well as the demands that are put on quality, safety, and maintainability of these systems has grown drastically over the last decades. To tackle this complexity, Multi-Paradigm Modelling (MPM) treats models, in various formalisms, as first-class artifacts. MPM advocates the explicit modelling of all aspects (and relationships between them) of a problem and its solution. In an attempt to minimize "accidental complexity", the most appropriate modelling languages or formalisms are always used for each specific (sub-)problem and phase in the development process, at the most appropriate levels of abstraction. The development process, in all its complexity needs to be modelled too. Modelling language engineering, covering issues of syntax and semantics, of transformation, analysis, simulation and application synthesis, is seen as a key enabler for MPM. This talk will introduce MPM concepts and techniques as well as the research challenges these introduce.

 


 

  • Jean-Marc Jezequel, Model Driven Engineering for the Internet of Things”

Abstract : Modern software applications for the Internet of Objects are by nature distributed and operate in dynamic contexts, where requirements, assumptions about the environment, and usage profiles continuously change. These changes are difficult to predict and to anticipate at design time. The running software system should thus be able to react on its own, by dynamically adapting its behavior, in order to sustain a required quality of service. A key challenge is to provide the system with the necessary flexibility to perform self-adaptation, without compromising dependability. Models@Runtime is an emerging paradigm aiming at transferring traditional modeling activities (focusing on quality, verification, and so on) performed by humans, to the running system. In this trend, Kevoree provides a models@runtime platform to design heterogeneous, distributed and adaptive applications based on the component based software engineering paradigm. This talk will present the models@runtime paradigm and its use in Kevoree to provide a common abstraction for automating the deployment of component based applications spanning IoT and IoS.

 


 

  • Øystein Haugen, “Variability Modeling and its standardization”

Abstract : The talk will be about the following issues:
1. What is a Product Line and how should its variability be described?
2. About CVL (Common Variability Language) its history and standardization effort.
3. Applying variability modeling to the testing of product lines
4. Understanding variability models – how easy is it?
5. Some thoughts about the future of variability modeling.

 


 

  • Marco DiNatale, “Bridging the gap between functional and architecture models for time and resource analysis”

Abstract : Model-based development of CPS is based on the capability of early verification of system properties on a model of the controls and the controlled physical system (or Plant) and the capability of producing automatically an implementation of the model.
In the development of complex distributed or highly concurrent systems, the scheduling and communication delays may significantly affect the behavior of the controls. These delays depend on the implementation of the functionality on a given execution platform, giving rise to a SW architecture.
The talk introduces methods for adding the model of schedulers, tasks and messages to functional models and to verify by simulation or worst-case analysis the impact of scheduling and execution times delays on the function performance.
The talk discusses possible ways to merge heterogeneous models and to leverage metamodeling capabilities to perform the integration and to build analysis models.

 


 

  • Ed Merks, “ Introduction to the Eclipse Modeling Framework ”

Abstract : The EMF project is a modeling framework and code generation facility for building tools and other applications based on a structured data model. From a model specification described in XMI, EMF provides tools and runtime support to produce a set of Java classes for the model, along with a set of adapter classes that enable viewing and command-based editing of the model, and a basic editor. This talk will review EMF's architecture and explore its various tools to provide you a good understanding of how to exploit this powerful technology in your own applications.

 


 

  • Arnaud Cuccuru and Christophe Gaston, “ About model based testing of real time systems in the frame of MDD ”

Abstract : More and more real time systems handle critical aspects of our lives. Therefore the level of confidence to reach about the behaviors of such systems is increasing. Eventhough proof based techniques are central to strengthen the correctness of such systems, testing remains unavoidable because the good working of such systems depends on constraints of the "real world", such as latency of communications or characteristics of physical or electronic devices in their environments. Assessing the impact of such constraints on the system behaviors requires analyzing real executions of the system (which means to test it).
Model based approaches are very interesting in this perspective since models may be used as references from which one may automatically compute test cases to be submitted to the system under test. Moreover such models can be used as references to automatically assess the correctness of the system executions resulting of the test case submissions. Such a process is usually qualified as a "model based testing" process.
In this lecture we will explore some issues to be taken into account in order to define a model based testing framework suitable to deal with real time constraints. We will base our presentation on a particular instance using a technique called symbolic execution and implemented in the DIVERSITY tool. As an illustration, we will show how this framework can be applied to test systems from models given as interaction scenarios specified by means of UML sequence diagrams. The prototype used for this illustration is the result of the first integration step of DIVERSITY in the Papyrus UML/SysML modeler.

 


 

  • Marco DiNatale, “ Bridging the gap between functional and architecture models for time and resource analysis ”

Abstract : Abstract : Model-based development of CPS is based on the capability of early verification of system properties on a model of the controls and the controlled physical system (or Plant) and the capability of producing automatically an implementation of the model.

In the development of complex distributed or highly concurrent systems, the scheduling and communication delays may significantly affect the behavior of the controls. These delays depend on the implementation of the functionality on a given execution platform, giving rise to a SW architecture.

The talk introduces methods for adding the model of schedulers, tasks and messages to functional models and to verify by simulation or worst-case analysis the impact of scheduling and execution times delays on the function performance.
The talk discusses possible ways to merge heterogeneous models and to leverage metamodeling capabilities to perform the integration and to build analysis models.

 


 

  • Marina Egea, “ Topic: Model-driven security ”

Abstract : In this talk, we will provide an overview of Model Driven Security practices across the secure software development lifecycle. For this, we will discuss model driven solutions to problems that usually arise when going from requirements to secure systems.
More concretely, first we will introduce security design models with rigorous semantics for development of secure (cloud) applications. Second, we will discuss how CASE tools can help the development of applications and how formal methods supported by automatic tools (i.e. SMT/SAT solvers) can shorten this process and verify models and transformations.
Moreover, at implementation time we would like to automatically generate code from security design models. However, since such solution is not achievable in general, we will discuss a success case based on a novel approach to automatically generate code for secure data management applications. Also, we will report on our experience applying such methodology to develop industrial applications.
We will conclude the course describing the structure and functionality of a certification framework for security properties in a cloud environment. The framework is aimed to bring service users, providers and cloud suppliers to work together with certification authorities in order to ensure security properties and certificates validity in the continuously evolving cloud environment. For this purpose, the framework relies on multiple types of evidence gathering with respect to security, e.g., testing services, monitoring agents or trusted computing proofs. Here, we will focus only on the monitoring case to present a monitoring based certification model, a security assessment schema, and finally illustrate a certificate creation process in the e-Health domain.

 


 

  • Bernhard Schätz, “ Model-Based Development of Safety-Critical Systems — Challenges and Potentials”

Abstract : Current approaches to software certification (like the IEC61508 and derived standards) are often based on on either informal documents or on code resulting in several gaps in the development and certification process. Model-based development — which has become an accepted best-practice in several embedded domains like avionics and automotive — has demonstrated the potential of using models to provide precise specifications in early phases.
In the talk we show how integrated models can be exploited via tool support in certification-relevant activities, constructively by providing additional conciseness or expressiveness (e.g., formalized requirements, safety cases), analytically by adding automated checking mechanisms (e.g., tracing), as well generatively (e.g., redundancy mechanisms, correct deployments).
We report on the application of these techniques in the context of case studies from the medical and automotive domain.

 


 

  • Gabor Karsai, “Modeling Cyber-Physical Systems: Challenges and Recent Advances”

Abstract : Cyber-physical systems integrate physics with computation so that the resulting system is more than the sum of its parts. These systems offer unique capabilities that are not possible to get through a solely physical implementation. To give an example for a cyber-physical systems consider an unmanned aerial vehicle with active (fixed) wings. In such a UAV, an embedded controller monitors the airflow over the wing surface and modulates it through electromechanical actuators to ensure laminar flow, such that the vehicle is capable of extreme maneuvers. Such systems necessitate integrated modeling that covers both the physical and computational aspects of the system. As the computational part interacts with the physical system its dynamics matters.
The talk will focus on the challenges in such integrated modeling. We will review the main ideas for physical system modeling (that is typically acausal), for modeling computations and communication (that is typically causal), for modeling the platform (that establishes the connection between the physical world and the model of computation), and the model integration problem. We will discuss interesting research challenges as well as recent advances and tools that show promise in addressing these problems.

 


 

  • Lena Buffoni, “ Principles of Object-Oriented Modeling and Simulation of Dynamic Systems with Modelica”

Abstract : Object-Oriented modeling is a fast-growing area of modeling and simulation that provides a
structured, computer-supported way of doing mathematical and equation-based modeling.
Modelica is today the most promising modeling and simulation language in that it effectively
unifies and generalizes previous object-oriented modeling languages and provides a sound
basis for the basic concepts.
The lecture presents an object-oriented component-based approach to computer supported
mathematical modeling and simulation through the powerful Modelica language and its
associated technology. Modelica can be viewed as an almost universal approach to high level
computational modeling and simulation, by being able to represent a range of application
areas and providing general notation as well as powerful abstractions and efficient
implementations.
The lecture gives an introduction to the Modelica language to people who are familiar with
basic programming concepts. It gives a basic introduction to the concepts of modeling and
simulation, as well as the basics of object-oriented component-based modeling for the novice,
and a an overview of modeling and simulation in a number of application areas.