Runtime Traceability Challenges in Systems of Systems Paul Grünbacher Johannes Kepler University Linz, Austria Christian Doppler Laboratory MEVSS paul.gruenbacher@jku.at http://mevss.jku.at Dagstuhl Seminar Software and Systems Traceability for Safety-Critical Project April 14, 2015
Development Runtime and Operation Artifacts Artifacts 2 April 14th, 2015 | CD-Lab MEVSS
This talk • Traceability between development and runtime artifacts deserves more attention Our RE’12 roadmap paper did not explicitly mention it … ;-) O. Gotel, J. Cleland-Huang, J. Hu ff man Hayes, A. Zisman, A. Egyed, P. Grünbacher, G. Antoniol: The quest for Ubiquity: A roadmap for software and systems traceability research. RE 2012: 71-80 • Shift “from model-driven software development to problem diagnoses at runtime” M. Salifu, Y. Yu, A.K. Bandara, B. Nuseibeh: Analysing monitoring and switching problems for adaptive systems. JSS 85(12): 2829-2839 (2012) • Specific focus: traceability in systems of systems 3 April 14th, 2015 | CD-Lab MEVSS
Context: Requirements Monitoring in a Safety-Critical System of Systems Steelmaking Continuous Casting Ironmaking 4 April 14th, 2015 | CD-Lab MEVSS
Requirements Monitoring in a SoS Level 3 (production planning systems) HMI Level 2 (process optimization) Database Customer I-‑HMI I-‑DB Iron Steel Casting and Third- S-‑HMI S-‑DB party Systems C-‑DB C-‑HMI Level 1 (process control) PLC PLC • Continuous evolution à checking compliance after upgrades • Multiple systems , multiple suppliers à V&V beyond individual systems • Full behavior emerges only at runtime à monitoring during commissioning and operation • Diverse requirements at many di ff erent levels à unified checking framework 5 April 14th, 2015 | CD-Lab MEVSS
Event-based Requirements Monitoring in SoS An optimization run multiple levels and layers of Component needs to finish within x Requirement Interaction seconds after triggered granularity by the HMI if event ” OptimizationRun_TRIGGERED ” occurs Constraint diverse types of constraints Postcondition = event ” OptimizationRun_FINISHED ” occurs within 5 seconds di ff erent types of events and OptimizationRun OptimizationRun Events _TRIGGERED _FINISHED data/structures Optimization di ff erent technologies for HMI Probes System instrumentation Probe Probe W.N. Robinson: A requirements monitoring framework for enterprise systems. RE Journal 11(1): 17-41 (2006) Y. Wang, S.A. McIlraith, Y. Yu, J. Mylopoulos: Monitoring and diagnosing software requirements. ASE J. 16(1): 3-35 (2009) 6 April 14th, 2015 | CD-Lab MEVSS
How can we consider SoS characteristics? • Vertical and horizontal scattering of requirements à allocate requirements to monitoring scopes (systems, components, connectors) • Diversity of requirements à DSL for checking constraints • Technological heterogeneity à event-based abstractions across systems 7 April 14th, 2015 | CD-Lab MEVSS
Requirements Monitoring Model for Primetals‘ Plant Automation System 8 April 14th, 2015 | CD-Lab MEVSS
Dashboard in Our Monitoring Infrastructure 9 April 14th, 2015 | CD-Lab MEVSS
Experiments with Manually Created Models 6h and 168h run of Primetals‘ Caster simulator PAS RMM Evaluation Runs Element: # Element 6h Run 168h Run 21 Monitoring Active scopes 5 5 Scopes 40 Requirements/ Checks performed 10,572 262,979 Constraints 109 Event types Observed events 12,484 363,491 22 Probes Active Probes 14 14 10 April 14th, 2015 | CD-Lab MEVSS
Monitoring Load of 2 Scopes (6h Evaluation Run) Emergeny simulated by disabling a component and turning it on again Number of constraint checks and violations per minute StrandOptimization StrandTracking 11 April 14th, 2015 | CD-Lab MEVSS
How can traceability research help? Manually building a requirements monitoring model is hard … Opportunity 1: Populating requirements monitoring models Relating requirements with runtime artifacts is hard … Opportunity 2: Better traceability between requirements and the SoS runtime architecture 12 April 14th, 2015 | CD-Lab MEVSS
(1) Populating requirements monitoring models Source: Requirements, features, … Target: Constraints Based on initial mappings between requirements and constraints: • Identify candidate requirements that could be monitored (defined as constraints) • Suggest the types of constraint, i.e., data, temporal, timing, etc. 13 April 14th, 2015 | CD-Lab MEVSS
(2) Better traceability between requirements and the SoS runtime architecture for diagnosing problems Source: Requirements, features Target: Events and runtime data, source code (e.g., probes) Determining the events/runtime data related with requirements Locating the code implementing a requirement 14 April 14th, 2015 | CD-Lab MEVSS
Summary • Requirements monitoring and runtime traceability in SoS • From model-driven software development processes to problem diagnoses at runtime • Opportunities for requirements monitoring • Populating models for requirements monitoring • Better traceability between requirements and the SoS runtime architecture for diagnosing problems I would like to thank my colleagues and our partners: Rick Rabiser (JKU) Klaus Seyerlehner (Primetals) Michael Vierhauser (JKU) Stefan Wallner (Primetals) Jürgen Thanhofer-Pilisch (JKU) Helmut Zeisel (Primetals) 15 April 14th, 2015 | CD-Lab MEVSS
References • M. Vierhauser, R. Rabiser, and P. Grünbacher, "A Case Study on Testing, Commissioning, and Operation of Very-Large-Scale Software Systems," Proc. of the 36th International Conference on Software Engineering, ICSE Companion, Hyderabad, India, ACM, 2014, pp. 125-134. • M. Vierhauser, R. Rabiser, P. Grünbacher, C. Danner, S. Wallner, and H. Zeisel, "A Flexible Framework for Runtime Monitoring of System-of-Systems Architectures," Proc. of the 11th Working IEEE/IFIP Conference on Software Architecture (WICSA 2014), Sydney, Australia, IEEE, 2014, pp. 57-66. 16 April 14th, 2015 | CD-Lab MEVSS
Recommend
More recommend