[aadl-modeling]: error propagation

[Peter Feiler]

Thanks for noticing. I had not realized we left out the error flow spec.

Emv2 lets you specify things at a couple levels of abstraction. One is use of error flows. Another is error behavior in terms of events states and transitions. You are allowed to use one or the other or both. If you use both they should be consistent with each other. If FG has an error source, then the error behavior should have an error event that triggers a state transition, which results in an out propagation.

In the first paper reference our focus was on illustrating  hazard analysis and fault impact analysis early on. In that case we introduced the error source. A hazard can be associated with either an error source or an error propagation. The fault impact analysis uses error sources as starting point for tracing forward to identify the impact.

In the second report the section showing FG focuses on illustrating composite state specifications and models involving modes rather than fault hazard and fault impact analysis. In this case the error source specification was not relevant. For completeness sake it would have been useful to keep it in.

Peter

From: aadl-modeling-bounces+phf=sei.cmu.edu at lists.sei.cmu.edu [mailto:aadl-modeling-bounces+phf=sei.cmu.edu at lists.sei.cmu.edu] On Behalf Of Luciana Burgareli
Sent: Wednesday, February 1, 2017 6:14 AM
To: aadl-modeling at lists.sei.cmu.edu
Subject: [aadl-modeling]: error propagation

Hello,


We have been studying EMV2. We have compared the FG system examples[1,2]. Why have lines 10 and 11 of the example 1 been deleted?

Example 1
1.     system FG
2.     features
3.     InPort : in data port ;
4.     OutPort : out data port ;
5.     annex emv2 {∗∗
6.     use types ErrorModelLibrary ;
7.     use behavior ErrorModelLibrary : : Simple ;
8.     error propagations
9.     OutPort : out propagation {NoValue};
10.  flows
11.  FGFail : error source outport{NoValue};
12.  end propagations ;
13.  component error behavior
14.  propagations
15.  Failed−[]−>Outport (NoValue ) ;
16.  end component ;
17.  ∗∗};
18.    end FG;

Example 2

1.  system FG
2.     features
3.  InPort: in data port;
4.  OutPort: out data port;
5.  annex emv2 {**
6.     use types ErrorModelLibrary;
7.     use behavior ErrorModelLibrary::Simple;
8.     error propagations
9.     OutPort: out propagation {NoValue};
10.   end propagations;
11.   component error behavior
12.   propagations
13.   Failed-[]->OutPort{NoValue};
14.   end component;
15. **};
16. end FG;



[1] Delange, J.,  Feiler, P.;  Architecture Fault Modeling with the AADL Error-Model Annex, 2014

[2] Feiler, P.; Hudak, J.; Delange, J.;  Gluch, P.;  Architecture Fault Modeling and Analysis with the Error Model Annex, Version 2, 2016


Best regards,

Luciana

-------------- next part --------------
HTML attachment scrubbed and removed