[aadl]: [AADL Forum] Some issues on error propagation paths in EMV2

Denis Buzdalov buzdalov at ispras.ru
Mon Jan 9 06:23:17 EST 2017 

Brian,

> Distinguish error propagations within components from between
> components (along connections, bindings, or arbitrary).

Any connection, binding or arbitrary relation between components
belongs to some component (thus, any error propagation is actually
within some component). So, your distinguishing is not clear.

Did you mean to distinguish error propagations between sibling
components from hierarchical propagation (i.e., for example, from
a subcomponent to outside through a port)?

> The unspecified error types (universum) do not seem useful.

One of the questions to discuss in the whitepaper was how unspecified
error types relates to universum. I may agree on possible uselessness of
universum notion here, but unspecified error types notion may be useful
(depending on whether or not you want to express some additional
consistency rules).

But, yes: if we agree on proposed fourth (consistent and "simple")
definition of unspecified error types (as it was said in the
whitepaper) the notion of unspecified error types becomes completely
useless because no essential rule uses this notion.

> Do you mean something like propagation points that only model value
> errors, and they should have modeled early service termination too?

Sorry, I didn't catch the idea you are talking about.

> The error type system allows flexible definition of sets of error
> types, with clear rules for testing containment.  (See E.5 (28)-(35))
> Perhaps I'm testy because early drafts had a much more complex way of
> specifying error types, so I created the error type system adopted in
> the standard.  The adopted grammar has less then half the productions
> of the original; type inferencing rules are clear and concise.
> 
> There's already plenty of formalism defined for error types.  The
> white paper makes no mention, nor gives examples, of any
> contradictions in the formalism of the adopted error type system.

Here you are talking about error type system itself, i.e. about what is
a type and how different types are related to each other.

The whitepaper talks about type sets on the corner of a single error
propagation path. So, it is about the other things.

Contradictions we are talking about do not involve error type system
itself. The section "Error Propagation Paths and User-defined
Propagation Points and Paths" (it seems to be E.7.3) is contradictory
itself, not considering E.5. That's why, I'm puzzled why did you expect
mention or examples of contradictions of the formalism of the error type
system defined in E.5.

> I see no problems, and no use for an error type universum.

So, do you mean that E.7.3 has no problems or you see no problems in
propositions we are saying about formalization of E.7.3?

P.S. By the way, it seems that aadl-forum list has gone.

--
Denis Buzdalov
Software Engineering Department, ISPRAS

More information about the sae-aadl-users mailing list