Embedded Software EngineeringPart 3: Analysis of Functional

Requirements

Prof. Dr.-Ing. Stefan Kowalewski

Chair “Informatik XI”, Embedded Software LaboratoryRWTH Aachen University

kowalewski@informatik.rwth-aachen.de

Summer term 2005

Reminder: V model

requirementsanalysis

specification

architecturedesign

modul/algorithmdesign

implementation

modul test

systemintegration

integrationtest

acceptancetest

How to do requirements analysis

Reminder:

� Requirements Elicitation- Collect the requirements from customers, marketing, system

engineers etc.

� Requirements Analysis- Analyse whether the requirements are actually what the

customers, marketing, system engineers etc. want.

• “Online”• Includes first

ad-hoc analysis

• “Offline”• Results will be presented to the customer

after analysis• Several iterations possible

technicallyoriented

businessoriented

requirementsanalysis

Two analysis paths

requirementselicitation

functional reqs(first version)

non-functionalrequirements(first version)

analysis of functional reqs

analysis ofqualities

functionalspecification

drivingqualities

architecturedesign

requirementsanalysis

Design viewed as an optimization problem

analysis of functional reqs

analysis ofqualities

functional spec= optimization

constraints

driving qualities= optimization

criteria

design= optimization

Find best or good enough solution (measured by qualities) among all admissible solutions (given by functional spec.)

Analysis of Functional Requirements

� Manifest your understanding of the elicitated requirements(make them clear to you).

� Structure and present them in different form to the customer (e.g., build models or derive test cases),such that the customer can then compare your understanding with his/her original intentions.

� Do not begin designing the system!

� Why?- Customer will discuss design issues with you.- Design solution will become part of specification

document and reduce degree of design freedom.

� How?- Regard system as black box (in this phase).

Analysis of Functional Requirements –First step: Define System Boundaries

� Interfaces between system and environment� What must be designed, what is given?→ Needed for agreement on content of the project

→ One possible model: Context diagram

Context diagram

Elements:

� System (Function)

� Partner in the environment(Interface)

� Flow/Exchange of- Data- Information- Energy- Mass- …

Context diagram: Example ACC

ACC

Driver

ESPsystem

Enginecontroller

select speed,activate,de-activate

indicate operation,selected speed,current speed ,

current distance

Radarsensor

activate

object distance,object velocity

brake force

car speed,lateral acceleration,yaw rate

acceleration/decelaration

What if sensorwould be partof system?

Analysis of Functional Requirements –Second Step: Understand „Black Box“ behavior

� Capture functional requirements as they manifest themselves at the interface between system and environment.

→ One possible tool: Use Cases

� Use case = A coherent piece of functionality of the system that is visible (in black-box form) from outside the system.

� Elements outside the system which are involved in the use case are called actors.

� In embedded systems, actors are mostly sensors and actuators(but also users).

� OOA Definition of use case (see OOSK, Prof. Lichter):A sequence of interactions between an actor/actors and a system triggered by a specific actor which produces a result for an actor. (applicable to continuous control functions?)

Use cases: Example ACC

Use cases:� Activation� De-activation� Keeping speed constant� Keeping distance to front object constant

Use case relations/ use case diagrams

� In OOA, use cases can have relations:- includes- extends- generalizes (with inheritance of interaction relations)

� This offers possibility to reuse use cases.� Aim: Structure functionality.� Use case diagrams:

System boundary

Use case 1

Use case 2relationActor 1 Actor 2

Use casediagramfor ACC example?

} Your opinion?

Textual description of use cases

� Several templates in literature.� From lecture OOSK by Prof. Lichter:

- Name- Aim- (Level)- Pre-condition- Post-condition- Post-condition in case of failures- Actors- Trigger- Standard sequence (steps, actions/events)- Alternatives/exceptions

Textual description of use cases:Example ACC activation

� Name: Activating ACC

� Aim: ACC must be operational

� Pre-condition: ACC is not activated; car is running; radar sensor is available; ESP, engine ECU are running; CAN is available; cruise speed is selected; current speed is in [30 ; 180 km/h]

� Post-condition: ACC operation is indicated to driver

� Post-condition in case of failures: failure to activate ACC is indicated to driver

� Actors: driver, radar sensor, ESP

� Trigger: driver operates ACC activation interface

Textual description of use cases:Example ACC activation /2

� Standard sequence (steps, actions/events):

1 Driver operates ACC activation interface2 ACC activates radar sensor3 radar sensor acknowledges availability4 ACC checks that current speed is in [30 ; 180 km/h]5 ACC indicates operability

� Alternatives/exceptions:

3a1 no response from radar sensor3a2 ACC indicates failure

4a1 current speed is not in [30 ; 180 km/h]4a2 ACC de-activates radar 4a3 ACC indicates failure

Your try

Use cases:� Activation� De-activation� Keeping speed constant� Keeping distance to front object constant

Textual description of use cases:Example Keeping distance to front object constant

� Name:- Keeping distance to front object constant

� Aim: - Keeping distance constant without driver interaction

� Pre-condition:- ACC is active

� Post-condition:- current distance is displayed, distance is as specified, in

speed control if necessary � Post-condition in case of failures:

- indication of failure, de-activate ACC � Actors:

- engine CU, ESP, driver, sensor� Trigger:

- detection of a front object

Textual description of use cases:Example Keeping distance to front object constant /2

� Standard sequence (steps, actions/events):

1 Get distance and object speed2 Get own speed, lateral acceleration, yaw rate3 Compare current with desired distance4 Adjust speed accordingly5 Display distance6 Go back to 1 as long as object is in front

� Alternatives/exceptions:Your turn!

Sequence of actions/events in use cases can berepresented graphically by Sequence diagrams/MSCs

� Basic idea:Represent interaction between system and actors by a temporally ordered exchange of messages

� Fundamental elements:- System, actors: vertical lines- Message exchange: horizontal arrows

SystemActor

MessageTemporalorder(qualitative)

� Sequences are only possible, not a complete behavioral specification!

Graphical representation of use cases:Sequence diagrams/MSCs /2

� Origin:- OSI Time Sequence Diagrams (standardized 1991!)- ITU-T SG 10: Message Sequence Charts, 2000- ITU-T SG 10: Algebraic semantics of MSCs, 1996

� UML adopted MSCs, renamed them to sequence diagramsand changed/added some elements/representations- Examples:Lifelines for objects stimulus and response

SystemActorstimulus

response

SystemActor

MSC Example: production plant(from Kowalewski, at-Automatisierungstechnik, 9/2001)

B B BA A A

D

D

D

DD D

C

C

C

C

C C

C

ProduktionC-Teile

ProduktionD-Teile

LagerC-Teile

LagerD-Teile

GreifplatzC-Teile

Diskriminator

Roboter

Förderband

GreifplatzD-Teile

Ortsschalter

MSC Example /2: basic MSC

(from Grabowski et al, at-Automatisierungstechnik, 12/2001)

Initialzustand

C-Teil greifen

A-Teil erkennenund

Produkt

ausliefernmontieren und

Produktion

C-Teilseines neuen

Initialzustand

FabrikFürC Produktionszelle FabrikFürD

Roboterplatz

Produkt

(AC)

NächstesTeil

Gegriffen

T

ProdZeit

(C)

Vorhanden

(A)

NeuesTeil

MSC ProduktionAC

MSC Example /3: inline expressions

(from Grabowski et al, at-Automatisierungstechnik, 12/2001)

FabrikFürC

Initialisierungsphase

Gegriffen

NächstesTeil

(A)

NeuesTeil

(C)

Vorhanden

Produkt

(AC)

NeuesTeil

Produktionszelle FabrikFürD

Roboterplatz

alt

(B)

NächstesTeil

Gegriffen

(D)

Vorhanden

(C)

Vorhanden

Produkt

(BDC)

Gegriffen

MSC AlternativeProdukte

MSC Example /4: High level MSCs

(from Grabowski et al, at-Automatisierungstechnik, 12/2001)

Initialzustand

Initialisierungsphase

MSC Produktionszyklus

ProduktionAC ProduktionBDC

Example for sequence diagram:Use case ACC activation

� Name: Activating ACC

� Aim: ACC must be operational

� Pre-condition: ACC is not activated; car is running; radar sensor is available; ESP, engine ECU are running; CAN is available; cruise speed is selected; current speed is in [30 ; 180 km/h]

� Post-condition: ACC operation is indicated to driver

� Post-condition in case of failures: failure to activate ACC is indicated to driver

� Actors: driver, radar sensor, ESP

� Trigger: driver operates ACC activation interface

Example for sequence diagram:Use case ACC activation (2)

� Standard sequence (steps, actions/events):

1 Driver operates ACC activation interface2 ACC activates radar sensor3 radar sensor acknowledges availability4 ACC checks that current speed is in [30 ; 180 km/h]5 ACC indicates operability

� Alternatives/exceptions:

3a1 no response from radar sensor3a2 ACC indicates failure

4a1 current speed is not in [30 ; 180 km/h]4a2 ACC de-activates radar 4a3 ACC indicates failure

MSC for use case „ACC activation“

driver sensor ACC ESP

driver wants to activate ACCactivate

acknowledgementget speed

speed in [30,180] km/hindicate operability

alt

driver wants to activate ACCactivate

acknowledgementget speed

speed not in [30,180]indicate failure

driver wants to activate ACCactivate

not availableindicate failure

Outlook

Next part:

Analysis of qualitative (non-functional) requirements