headers

STOOD²

DOWNLOAD TRIAL VERSIONS

Download a product trial now and start enjoying the benefits.

For Better Quality and Higher Productivity

The increasing complexity of software is a key issue for developing high quality critical systems, while mastering costs and delays. Higher levels of Quality are expected to comply with the most demanding development processes and products certification, and Productivity gains must be achieved to cope with increasing competition pressure.

5 top reasons for choosing STOOD 5:

  • ‘ State of the art’ real time software development with full software modeling.
  • Support for AADL – the new market standard
  • Legacy Ada and C code import
  • Industry standards compliance – including D0178B
  • Available on Unix, Windows and Linux

For a more detailed description of the STOOD product please refer to the Ellidiss Technologies website (www.ellidiss.fr).

² Copyright © 2004 by TNI Europe Limited. All rights reserved

Summary

Project management

  • Full Windows-Unix interoperability
  • Network distributed project bases
  • Integrated interface to remote Configuration Management Systems
  • Multi user management at system and subsystem level
  • SIF and XML design model interchange

Requirements traceability

  • Import of high level requirements
  • Incremental requirements coverage
  • Management of the derived requirements
  • Bidirectional interface with Reqtify™

Architectural Design

  • Components based approach with black-box and white-box views
  • UML 2.0 graphical notation
  • AADL 2.1 graphical notation and import/export
  • Support of HOOD and HRT-HOOD methodology
  • Built-in real-time model

Detailed Design & Coding

  • Customizable structured detailed design framework
  • Incremental documentation
  • Incremental coding and round-trip engineering
  • Incremental requirements coverage
  • Legacy Ada and C code reverse engineering

Verifications

  • Cross references table
  • Automatic calculation of the required interfaces of the components
  • Automatic generation of call trees and dataflow graphs
  • Requirements traceability matrix
  • HOOD design rules checker
  • Design metrics
  • AADL 2.1 analysis and simulation

Code & Doc generators

  • Ada95
  • C/C++
  • ODT (Open Office)
  • HTML
  • PostScript/PDF
  • RTF (Word™)
  • MIF (FrameMaker™)

Compliancy to Standards

  • DO-178B for embedded avionics
  • ECSS-E40 for space systems
  • EN-50128 for railway

² Copyright © 2004 by TNI Europe Limited. All rights reserved

STOOD is a Software design tool that complies to both AADL and HOOD standards. AADL models can be defined to specify the complete host system of the applicative Software. Each identified AADL Process can then be refined down to target source code thanks to the HOOD detailed design process.

Requirements Traceability

Stood includes a simple and efficient means to insure an up to date traceability between the System and Software models and the initial requirements, that can be imported from plain text files or remote tools.

Architectural Design

The Stood graphical editor is used to build architectural models of the Software and its environment (libraries, execution platform, …). Stood graphical models are not intended to show all the details of the System or Software being developed, but aim at focusing the design effort on architectural issues. In addition, the graphical modeling languages that are supported by stood are hierarchical, which allows use of this technology for designing the architecture of large scale applications.

Instance Models

Most Model Based Engineering tools enforce a graphical design of abstract entities, typically by means of UML Class Diagrams. For the purpose of analysis activities, and especially in the case of real-time systems, such abstract models need to be instantiated first before being processed. Stood offers the designer the capability to directly model an instantiated model, from which an abstract model can be derived if necessary. Such an approach dramatically increases the capabilities of interaction between architectural design and verification activities.

Detailed Design

As a graphical design cannot be used efficiently to express all the details of a large scale System and Software model, Stood offers a dedicated solution to enrich the architectural model with all the low level details that are required to perform proper model processing such as model verification, code and documentation generation. The Stood detailed design activity is based on the concept of the HOOD Object Description Skeleton (ODS), that has been made fully customizable in order to support AADL properties and user defined configurations. An ODS can be attached to each component of the architectural model. At the end of the detailed design activity, the Stood model is exhaustive and can become the reference for the application, from which consistent code and documentation can be automatically produced.

Stood Design Checkers

Stood encompasses a set of static model verification tools that are implemented with the LMP technology. These embedded tools make use of the cross reference tables that are automatically updated by Stood during the construction of the AADL and HOOD model. Available verification tools are:

  • Cross references
  • Call trees and data access graphs
  • HOOD design rules checker
  • AADL legality rules checker
  • Software design metrics
  • Schedulability analysis
  • Requirements coverage analysis

In addition, user customized verification tools can be added in a “plug and play” way, so that Stood can support project specific verification activities.

Remote Analysis Tools

In addition to the design checkers that are included in Stood, remote model analysis tools can be easily connected to Stood using to its AADL interface. Currently such a connection has already been developed with Cheddar, a powerful real-time performance analysis tool developed by the University of Brest, and another one is in progress with a multi-agent real-time simulator that is developed in collaboration with Virtualys.

Automatic Code Generation

At any time during the modeling activities, it is possible to activate one of the provided automatic code generators to build a “ready to compile” set of source files and the corresponding makefile. Supported target languages are Ada, C and C++. However, support of real-time operating systems in C and C++ require some customization of the code generators that are developed with the LMP technology.

Round-trip Engineering and Reverse Engineering

When the detailed design activity has not been fully completed and the low level coding details are not present within the ODS sections, it is possible to generate annotated source files that can be enriched by usual textual editing outside of Stood, and then re-imported into the tool to update the design model. Additionally, legacy source code in Ada or C can be imported into Stood to create corresponding components in the design model.

Design Documentation

Production of documentation is an important and time-consuming activity for most projects. With Stood, it is possible to automatically generate full design documentation that is consistent by construction with the source code that has also been generated from the same design reference. The Stood documentation tool can generate documents in PDF, HTML, RTF and MIF formats. Some existing generators can be customized and additional ones can be developed using the LMP technology.

² Copyright © 2004 by TNI Europe Limited. All rights reserved

Airbus

airbus

SUCCESS STORY – STOOD for software development within Airbus A340 program

The HOOD method and the STOOD development tool have been selected to various design software applications for the Airbus A340

  • Embedded software: strategic systems software for A340 electrical flight control system (CDVE) and communication system (A.I.M.S.-F.A.N.S.).
  • Code generators: dedicated application to process formalized system requirements in order to produce corresponding embedded software.
  • Testing tools: software
    applications running in test cabs including advanced user interfaces for some of them.

High level constraints

These developments must comply with civilian aviation recommendation specified by DO178-B/ED12-B (related to software for certification of flight systems and equipments), at the levels A, B and C (highest criticity). In addition, these applications need to be divided into several sub systems for which development may be sub-contracted, and for which development may be sub-contracted, and for which maintenance will have to be done for several decades.

Consequently, design method and relevant tool must enforce:

  • A high level of quality for developed software
  • The ability to perform long term maintenance
  • A proper integration within an existing software development environment
  • An appropriate answer to requirements from various application areas.

Benefits for development process

HOOD for static design : a HOOD design process brings support for the basic principles of Object-Oriented methods and also provides a more general modular approach, based on abstract data types (to keep the application architecture stable) and control flows (to represent task and task interactions defined during dynamic design step), instead of functions only. This abstraction principle, associated with the encapsulation mechanism, is an efficient way of securing data access, to masterize changes and to localize and measure the effect of these modifications. The modular breakdown principle leads to a hierarchy of abstraction levels,bringing a better understanding and localization of design information, and highlighting key elements at each level. All these principles can be ensured regardless of the implementation language.

HOOD for dynamic design : although HOOD4 handles dynamic properties, they are not precise enough to show the overall view of real time behaviour, in terms of graphical description and for an early validation of the architecture. Due to the fact that no “ standardized” method provides a complete solution to this problem, we use a home made customized method, that is not supported by a tool. Consistency between static and dynamic design representations needs to be achieved.

STOOD CASE Tool : Thanks to its code and documentation generators, its coherence checking tools, its user interface (that is user friendly but is still being improved) and its batch command files interface, STOOD can be easily included within a general purpose development environment framework.

Benefits for final realizations

The use of the HOOD method with STOOD as its supporting tool ensures that a proper quality of software development is
given for static design and coding tasks. We can positively state that regardless of the target language outputs of these tasks are coherent. The main software engineering principles are thus enforced.

The reactivity and availability of STOOD tool helped Aerospatiale to find efficient solutions to fit actual projects requirements. Improved by positive feedback from various development contexts, and by its customization capabilities, the STOOD tool is now part of the standard software environment framework for Aerospatialethat is recommended for all the developments.

Project summary

Projects: Ground and embedded software for Airbus A340
Customer : Aerospatiale Matra Airbus
Planning: 1989 to 20×0
Size: 150 000 lines of code
Development company: Aerospatiale Matra Airbus
Development platforms: Sun/Solaris, Vax/VMS and Windows/NT
Development team : 50 STOOD users
Technical choices :
Dynamic design : no tool
Static design : HOOD method and STOOD tool
Target Languages :

-Ada83 and Ada95 for 680×0 and Sun/Solaris targets
-C and assembler for Lynx
-OS/80486, Coldfire, 80×86, DSP targets
-Pascal, C++, and C for Windows 3.1 and NT targets

TNI-Valiosys

Email :
stood@tni-valiosys.com

Aerospatiale Matra Airbus

Mr Patrick Farail -Methods Development Engineer

Email : patrick.farail@airbus.aeromatra.com

Phone : +33 5 61 93 66 28 – Fax : +33 5 61 93 03 54

Tiger

tiger helicopter

SUCCESS STORY – STOOD for the development of helicopter mission computer software for TIGER helicopter

The HOOD method and the STOOD development tool have been selected to design embedded software applications for TIGER mission computers. TIGER is a military helicopter ordered by French and German armies. Since 1989 software development has been ensured by the embedded software department of the Franco-German group Eurocopter, specialized in the design and manufacture of helicopters.

Computer functions

Mission computers cover five main functions:

  • Supervise and implement arms systems
  • Display shooting and piloting symbologies
  • Calculate the shooting line algorithms
  • Check vision systems
  • Manage reconfiguration and inputs/outputs (military 1553B bus, ARINC lines, discretes I/O).

Main technical constraints and choices

To choose software applications, Eurocopter had to respect a few constraints:

  • DOD2167A Standard for the development and documentation cycle,
  • DO178A Standard for testing,
  • the use of Ada 83 language in the development.

The development tool used in the project was Rational APEX on SUN.

Requirement Analysis was carried out with a functional approach using Teamwork tool formalism or a structured textual specification. All the external interface data was formally defined in a database. During the transition to the HOOD method, the description of input/output services and associated data was all as Ada code required for data acquisition and reception circulating on the various physical supports was produced by a code generator.

After having evaluated the HOOD method on an existing project, Eurocopter decided to integrate this method into the TIGER project. Indeed, HOOD meets the requirements for a successful development: It is a standardized method, well adapted to the Ada language, it supports a formalized design approach, better abstraction of information, and enables design of large-scale real-time software applications.

Benefits brought by STOOD for the project

After having compared existing tools on the market, the STOOD tool was selected for three main reasons:

  • easy to use : not much training needed
  • easy to customize : possibility to add or delete a heading
  • rapid prototyping.

A great effort was made to create HOOD/STOOD user guides (in order to formalize the contents of the headings and make the preliminary design model uniform). It helped to develop other tools, it facilitated maintenance and the training of new developers. STOOD users particularly appreciated the ease with which the HOOD method and STOOD tool can be implemented and understood.

The HOOD design process, based on an iterative graphical approach rapidly leads to a prototype of the application architecture. Textual headings may then be progressively added in a controlled way. HOOD decomposition has proven its durability: no major architectural change has been required all along project development !

Unfortunately, this development used an early version of the HOOD method, for which real-time modeling support was too weak. The use of a functional approach for the requirements analysis phase and of an Object Oriented approach for the design phase was also a source of difficulties.

The overall level of appreciation of HOOD/STOOD remains very positive.

TIGER project summary

TIGER project: anti-tank and protection missions management software

Customers: German and French armies

Planning: 1989-200X

Project size:

anti-tank version: 100 000 Ada code lines

protection version: 100 000 Ada code lines

Development company: Eurocopter

Platforms: VAX/VMS and UNIX (HP and SUN)

Technical choices:

-Analysis : functional decomposition

-Design : HOOD 3.0/3.1method et STOOD 1.83/2.1 tool

-Coding : Rational Apex

-Languages: Ada 83 and C

-Compilers: Ada: Alsys, C: Microtec
TNI-Valiosys

Email : stood@tni-valiosys.com

Eurocopter

Mr. Michel Mougey

Email: michel.mougey@eurocopter.fr

What does AADL offer more than UML ?

What does AADL offer more than UML ?

Standard definition of UML 1.x or 2.0 provides very powerful general purpose Object-Oriented modelling constructs. However, the core of this language doesn’t provide direct support for real-time applications. Such a support may be found in specialised profiles which status regarding the official standard is not always easy to define. Moreover, there is an action that aims at defining the AADL as a new UML profile.

Learn More about AADL

What about SysML ?

What about SysML ?

SysML is a domain specific language for systems engineering applications. It is specified as a UML 2.0 profile. It currently doesn’t directly focus on the specific issues of real-time embedded systems that are addressed by the AADL.

Learn more about AADL

DOWNLOAD TRIAL VERSIONS

Download a product trial now and start enjoying the benefits.