Bjoern Annighoefer

Vanessa Tietz, Julian Schoepf, Andreas Waldvogel et al.

The development of cyber-physical systems can significantly benefit from domain-specific modeling and requires adequate (meta)-modeling frameworks. If such systems are designed for the safety-critical area, the systems must undergo qualification processes defined and monitored by a certification authority. To use the resulting artifacts of modeling tools without further qualification activities, the modeling tool must be additionally qualified. Tool qualification has to be conducted by the tool user and can be assisted by the tool developer by providing qualification artifacts. However, state-of-the-art domain-specific modeling frameworks barely support the user in the qualification process, which results in an extensive manual effort. To reduce this effort and to avoid modeling constructs that can hardly be implemented in a qualifiable way, we propose the development of an open source (meta)-modeling framework that inherently considers qualification issues. Based on the functionality of existing frameworks, we have identified components that necessarily need to be rethought or changed. This leads to the consideration of the following six cornerstones for our framework: (1) an essential meta-language, (2) a minimal runtime, (3) deterministic transformations, (4) a qualification artifact generation, (5) a sophisticated visualization, and (6) a decoupled interaction of framework components. All these cornerstones consider the aspect of a safety-critical (meta)-modeling framework in their own manner. This combination leads to a holistic framework usable in the safety-critical system development domain.

Bjoern Annighoefer, Johannes Reinhart, Matthias Brunner et al.

The self-* properties commonly associated with the concept of autonomic computing are capabilities desirable for avionics software platforms. They decrease the configuration effort and inherently provide new fault tolerance and resource savings possibilities. The rigid certification process and the requirements for a static and predetermined system behavior are, however, in contradiction with the adaptive and flexible nature of autonomic computing systems. We propose a partition-based architecture providing autonomic features for avionics software platforms while being compliant to regulations and accepted technologies, such as ARINC 653. The core is a platform consciousness based on a domain-specific model and a novel MAP-QE-K cycle. Moreover, we suggest a planning intelligence, a virtual qualification authority, and a minimized execution unit. For each component we define the required design assurance level and possible realization techniques. We discuss the overall feasibility and point out central challenges in the fields of runtime verification and models at runtime. These challenges need to be solved up to the realization of autonomic avionics, e.g. a virtual security assessment and a qualifiable domain-specific model database.