Upload
sabastian-channel
View
215
Download
0
Embed Size (px)
Citation preview
SIGAda 2001, Bloomington
Ship System 2000, a Stable Architecture under
Continuous Evolution
Björn Källberg and Rei Stråhle, © SaabTech Systems AB, Sweden
(formerly CelsiusTech Systems,
before that: NobelTech Systems,
before that: Bofors Electronics,
before that: Philips Elektronikindustrier)
4
• Ship more stable than primitive rock• Incorrect symbol shown in 0.3 sec is a
category 1 fault (which prevents delivery)• Operator response time is 10 sec from detection of
missile(s) until own ship might be hit• Safety critical
• System is different• Many common component technologies can not
directly be applied
Performance Examples
5
What is an architecture?To create a logical sea!
physical viewcpu 2cpu 1
cpu n
LAN with BS2000
logical view
7
• Layered structure
• Unit of distribution: Program
• Location independent
• Asynchronous messages
• Parametrised components
• MMI definition language
• COTS Operating system
• Ada (and some C, C++)
Software Architecture
10
Organisation then
Product line, Component development
Development projects
requirementsCsc:s
spr:s
RequirementsMMI-developmentIntegrationTesting
example: 8000 test cases. 15 man, 2 months
corrections
11
Organisation now
(Customer) project
Requirements
(Customer) project
Requirements
Product line, Component development, System backbone
(Customer) project
12
• Documentation
• Dead code
• Compartmentalisation
• Error corrections and releases
• Late system testing
• Parametrisation
• Complexity increase
• Not a trivial assembling process
Challenges
13
Reuse is not always appreciated by the customer
• Different shapes of not required code– Extra functionality that can be used– Functionality which can not be used– Code that executes, without any extra functionality– Code that is part of the system, but does not execute– Code that is removed before loading
• Disadvantages– Learning is difficult, risk of misuse– Performance is not optimal– Code may be excessively large– Maintenance problem
Dead Code
SIGAda 2001, Bloomington 14
Layered Structure
WCS, Weapons and sensors
C3, Command management system
MMI, Man machine interface
Base system, application support
Operating system, distributed system
Application interfaces
• Controlled
• Stable
• Documented
• Well known
Base for reuse
This part is OS dependent
15
Component Organisation
adinevha
adtyevhx
batyfddi
cocofise
dacoipco
ancoevpr
dbaijoco
dbarjocs
ditemath
dramnosu nosi
osfu ovpi posxopsy srma ssif stansyco syla syle taco tihasypa tipr
acco grpralhahaco
coobkema
ctpiloin
fomamaha
apsikeha
gcfumeha
grapmit
grenmmif
grmammiw
movi ppma rrsc sedt sortrrin surf surk tran tvco uitx vico wima
atdi gadeausu gaexcout gpsicrowhist
crypinpt
corr gposecsclora
ecsdlsnh
envimano matr
naai nade ospo ossi pattnase
pico
piut pldi plmapred rege sacc sati sddiresu sira syth tare tarp
brpoenco
bsco
guasdiirgula
dilagupa
diplraa6
diasguco
dirarasm
disushbo
ditr
twsm twtr
ditv
tipo trditrut velo vsbx xtcovisi
basesystem
MMI
sensorsand weapons
C3
unchanged
new / large modificationssmaller modifications
teha
removed
17
Library component
Library component
New componenta component is a set of Ada packages
Ada Component Structure (static)
SIGAda 2001, Bloomington 18
Program 2
Program 1 LAN messages
A message is always Within a component Between programs
Ada Program Structure
SIGAda 2001, Bloomington 19
Distributed MMIinterface database
P1P2 P..
Pn
General MMIprogram
Operator
Applicationprograms
MMI Architecture
20
Not an easy integration process
Blocks may be simple individually, but it takes a considerable skill and time to build a large system
• Parameter settings• Program allocation• Performance estimation• Complicated systems• Testing
21
Parametrisation
• Large number of parameters:– Parameterisation is used to adapt functionality– Versions not used– Also to set capacity, performance trimming– In place of understanding requirement,
deferring decisions
• Integration is difficult
22
• Error corrections can not be made directly
• Releases must be synchronised
• Working components may be changed
P1 P2 P3 Release
Release Handling
SIGAda 2001, Bloomington 23
Complexity: 200 70 400 7 200
• Assume: Total complexity ~ product of component complexity
Complexity Increase
24
• Ada development– Then: Rational hardware, Rational compilers– Now: PC and Unix based; Aonix, OC Systems, ACT
• Documentation– Then: VAX/VMS, – Now: Windows NT, RS6000 Aix, – Exco editor (hierarchy and links)– MS Word
• C-code– VAX/VMS and target– different compilers– PC and Unix
Development Environment
25
Education
• Since 1986 we have had >800 students in >120 courses (incl. basic Ada training, Ada95 & application)
• Only own employees or from company partners• Fundamental training in BaseSystem part of
ShipSystem starts with Error Handling, InterProgram Comm, Tactical Config, Parametrisation and MMI Programming
• Mandatory to follow Application Interface Standards• Ada Quality & Style is recommended• Deprogramming of C/C++ programmers is essential
27
Summary
• The cost is high• A product line development is not easy
– Software is different from hardware
– It is not a production process, it is a development process
• The difficulties can be overcome– with hard work
• The result can be very good– but the domain must be limited
• Stable architecture from start of new project