CS446 Notes 8: Luckham

CS 446 Fall Quarter 1995-1996 Notes 8

Taken by Gio Wiederhold
Experimental Seminar on Large Scale Software Construction.
Monday, Oct. 23
David Luckham, Prof., Stanford University EE CSL, with John Kenney
Heads PAVG (CSL) 1, prof., 3 postdocs, 1 visit.prof., 1 consultant, 6 raduate students, can use more (especially U.S.)
paper on: http://anna.stanford.edu/rapide/rapide.html
Interact with ARPA (composition, simulation (STOW), CAETI (education)), DMSO (Adv.Distr.simulation), NSA (security), TRW (FAA), Rational Software, Technology law firm, Research and Teaching.
Note that hardware RISC --> CISC
Software: many examples in distributed computing
Errors are frequent in large and complex SW:, and many communities are affected:

GC/PPCR by xerox, complex, used here
CORBA / OLE (SUN. microsoft)
ADS / STOW (DoD simulations, with man-in-the loop)
Secure networks DTP (NSA, financial, everybody)
FAA, AAS (advanced system, anyone who flies)
MUDs, MOOs (dungeons and dragons paradigm, OO Muds, used for next generation internet products)

Issues of

Cost (build, maintain, evolve)
Performance
Reliability
Correctness

Answers?

* Object-oriented Technology?
* Standards?
* More planning, modeling?
* Architecture?
* Systems/language Interoperation?

Topics for CS446:

o What is architecture
examples: Navy Aegis Geo server, DoD ADS-HLA, X-Open DTP sparc V9 64bit ISA

o New technology in modeling and simulation

o Case studies and Projects with Video oand demos Challenges

o Modeling and simulation experiments
o Timing and resource estimates by simulation
o Algorithms for constraint checking
o MUDs and MOOs architecture
o Animation of dynamic architecture

Example FAA TAAS Terminal Advaced Air Traffic System:

	Functional boxes
		Radar processing --> Tactical processing  ---v
 		             '---------------------> Common Console

Vertical view has three layers, with duplicate consoles
requirement .99999 up time = 1 year - 5 secs
Development took * years x ~ 800 programmers, then test!
Testing on an 18hour history. On multiple hosts, lacks, but needs interconnection with causal linkages.
Intent: Seamless transfer to operations from training version to backup to real.
Problems of deriving from an instance of an architecture the interfaces and connections, but cannot derive the princples or style of the archtecture type.
In 'Object architectures' Out Calls are not documented in the simple instance model, since they occur in the body.
In 'Module architecture', the interface spec also specifies what it requires, has strict interface visibility. Note that MUDs and MOOs adhere to that since they have defined entrances and exits.
Need als constriants.
Conformance to an architecture means

1. strict interface visibility
2. restricted parameter passing in connections

Disliked by C programmers..
Verify by checking duality:

v provides all the required features of a service
^ requires all the provided features of that service