In previous articles about model-oriented design How not to repeat Chernobyl , an electric drive with a brushless DC motor , and Creating a reliable model, using the example of an aviation heat exchanger , I showed with examples that not all methods of model-oriented design (MOS) are equally useful.
Starting my engineering activity in the nuclear industry, I’m used to the fact that the first stage of design is the creation of an object model. The model of the facility in the nuclear industry is a mandatory part of the project. Simulation tools for nuclear power plants undergo certification, where the examination determines their applicability for computational modeling of nuclear power plant processes. And if there is a model of the object, then the model of the control system is naturally developed together as a complex model. That is exactly what is in my view a model-oriented design method.
In my opinion, modeling a control system alone without creating an object model is flawed. Therefore, when you listen to the stories of modeling software vendors for software development, you need to understand what it is about: new advanced systems development techniques or model-oriented design in the understanding of the aviation standard DO-331.
It must be remembered that MOS in aviation standards reflects an outdated and conservative approach to model-oriented software development. And in this approach, even if your model is just a set of UML diagrams where software requirements are collected, it will still be model-oriented design in terms of DO-331.
«DO-331 Model based development for engineer and manager», Vance Hilderman (vance.hilderman@afuzion.com) Vance Hilderman www.afuzion.com
DO-331, , .
«DO-331 - », DO-178C DO-278A 125 - (odel_Based Development (MBD)) . , DO-331 : , - ?
: « ?» : « 100% .» ( , ). , , 100% . , , , , .
: , . , , . BD « » , .
, . , . , , , . , DO-331 MBD
?
, . NASA. , , . «» , , , , «» (hardware) . ( «hardware» , , «firmware», «complex electronic hardware» via DO-254). , , . , , , , , , . «-».
, DO-331 2011 ? . :
- . .
- . , .
- . .
- . Simulink SysML.
- = . .
- . .
- . .
, . , , , . . , , . , , . , ? , :
- DO-331 ;
- C ;
- ;
- DO-330;
- , , ;
- -;
- ;
- , .
? , – « ». .
-, DO-331 . , , .
-, , . IBM’s Rhapsody and Magic Draw .
-, , , – , , .
-, . ( , , ), , .
-, , .
, . , IBM’s Rhapsody, 20- , .
, , .
.
DO-178C, , : (high level requirements (HLR’s), (low-level requirements (LLR’s) . HLR’s LLR’s . DO-331 – , :
, HLR’s LLR’s. : – , . , . , , .
UML (user cases) , – UNL ( , ) . (LLR’s) . , .
DO-178C DO-331, , , , . «Harmony Process for Embedded Software» ( Real-Time Agility Real-Time UML Workshop for Embedded Systems 2nd Edition, Bruce Powel Powel Douglass). .
user case ( Dr. Bruce Douglass, IBM)
( Dr. Bruce Douglass, IBM)
( Dr. Bruce Douglass, IBM)
Simulink ( c Mr Eric Dillaber, Simulink Certification Manager)
, , , . DO-331 5 . 5 MB1 MB5.
, , . , , .
:
MB1 — , :
+ , .
- . (HLR) .
MB2 – :
+ , .
- .
MB3 – :
+ (HLR)
- , .
MB4 – . :
+ . .
- .
MB5 – . :
+ - (HLR), , .
- .
. .
. «, »: , . . ? . , :
? , .. , . , – , ( ), .
, , . UML , . «», /, , . - Test Conductor IBM Rhapsody’s .
– , . , DO-333 ( DO-178C DO-278A). , « » .
. ( )
– . . :
- ( )
- ( )
- Accuracy and completeness
- Verifiability
- Work algorithms
However, modeling is not intended to verify the following aspects:- Target Computing Compatibility
- Compliance
- Traceability
- Parts integrity
Model and code verification.
The UML Testing Profile (www.omg.org) offers a standard approach for defining, executing, and analyzing test scripts in the UML language. This means that all the advantages of modeling can be obtained not only from the specification model and design model, but also from the verification tools of these models.
Test Conductor IBM Rhapsody’s DO-178. , , .
.
, , . , , . , .
() , . :
Of course, model traceability can be done manually, but modeling tools have built-in features to support and ensure traceability
Conclusion
Modeling is a powerful tool that is more and more used in avionics. The DO-331 standard provides a basis for understanding the principles of modeling, using the full power of modeling technologies and describes ways to prove the correctness of the model.