|
A
high quality toolset for the development of distributed automotive
applications will be set up to address the following phases:
- Design,
- Formal verification,
- and Automatic code
generation,
while
allowing for a high degree of traceability between the various steps
together with versions and configurations management of the applications
that are developed with the toolset.
The
toolset will rely on:
- TTA (Time-Triggered
Architecture) or OSEK/VDX for distribution of the code,
- The SCADE Suite of
tools for design, formal verification of safety properties and
automatic code generation,
- Simulink/Stateflow for the design of control laws
and algorithms.
The
toolset backbone is described in the following Figure:
We
mainly distinguish three phases:
- System Engineering, a phase where the
requirements of the system are designed. Control laws and algorithms
may be studied using a tool such as SimulinkTM. In depth
analysis of the toolset requirements has shown the following new functionalities
had to be provided in the course of the RISE project:
o
taking
into account the discrete control descriptions often done using StateflowTM
, a companion tool to Simulink,
o
ensuring traceability throughout the design
flow, starting from the textual and Simulink requirements descriptions of
this phase,
o
allowing for modular translations of Simulink
models so that one can import and re-import algorithms into SCADE from
various places of the original Simulink model independently.
- SCADE Specification, a first Software
Engineering phase where the SCADE tool is used as the basis for
describing a software model, taking various pieces from Simulink
descriptions, together with the specification of the distribution of
this model, either onto several OSEK tasks or on a TTA architecture.
Both SCADE OSEK and SCADE TTA distribution will be developed within
the RISE project. With respect to distribution over a TTA
architecture, all the necessary information will be obtained by
connecting the SCADE Editor to the TTPplanTM and TTPbuildTM
tools.
- SCADE Implementation, a phase where the
initial SCADE model is implemented using Fixed-point data in order to
ensure the required efficiency on current processors used in the
automotive domain. Also, the code is generated either onto several
OSEK tasks or onto the processors of a TTA cluster.
Implementation using Fixed-point data is obtained using a
semi-automatic method relying on the SCADE Implementer tool that will
be specified in this document.
In this phase, code can be generated using ether the standard SCADE
Code Generator (CG) or the qualified code generator (KCG).
Qualification of the code generator is under way with respect to the
IEC 61508 regulations. This qualification is outside the scope of the
RISE project.
Implementation on the TTA cluster will be achieved by wrapping normal
SCADE generated code with specific TTP code.
Besides
the general goals agreed upon between the project partners, the
construction of seamless workflows, the creations of guidelines and the
test of these workflows and guidelines in concrete automotive projects it
is the declared will of the partners to turn distinctive work results of
the project into concrete industrially usable tools.
Project Consortium Partners
Audi: Audi, the premium car manufacturer of Germany, is
committed to deploy SCADE and the TTA architecture in “X-by-wire”
applications of future cars. Audi’s role in the project is to provide the
automotive requirements for the new TTA services and tools, to participate
in the design of the man-machine interfaces of the tools and to ensure that
the tools will fit into the Audi automotive tool environment. Furthermore
Audi will test the deliverables of the project and industrialize the prototypes
for the series production.
Esterel Technologies: Esterel Technologies is the leading supplier of
CASE tools for critical real time systems. Esterel develops and distributes
the SCADE toolset, based on the LUSTRE semantics. SCADE is used in aerospace,
automotive, energy and ground transportation for the development of safety
critical software. Esterel Technologies will adapt and extend SCADE to
manage also Event Triggered behavior and target the Time Triggered
Architecture. Esterel Technologies Toulouse is also the project
coordinator.
TTTech: TTTech is the high-tech spin-off company from the
TU Vienna and has the mission to further develop and market the
time-triggered technology. At the moment, TTTech has a staff of about 60
people. TTTech is responsible for TTA part. TTTech will exploit the results
of the project on the worldwide market.
Verimag: Over the past decade, VERIMAG has developed the
LUSTRE synchronous programming language that is used in safety critical
applications in the aerospace industry. VERIMAG will be responsible for the
integration of the Event Triggered behavior with Time Triggered behavior
into the Lustre formalism. VERIMAG will also be involved in the
exploitation of the resulting concepts and their formalization.
The milestones are
described in yearly quarters with respect to the start of the project
·
User Requirements Specification: Q2
·
Tools Specification: Q3
·
Tools Integrated and ready for deployment: Q8
·
Experiments defined: Q4
·
Experiments Finished: Q9
·
Conclusions on Experiments: Q10
·
Project End: Q10
|
