Tutorials
Tutorials of the International Conference on Reliable Software Technologies, June
8 - 12, 1998.
SPARK, John Barnes, Peter Amey
Michael B. Feldman
mfeldman@seas.gwu.edu
http://www.seas.gwu.edu/faculty/mfeldman
Audience background
Attendees should have interest and experience in teaching undergraduate academic
courses in computing. No extensive familiarity with Ada is assumed.
Particpants will leave the tutorial armed with materials, references, and knowledge
sufficient to make an informed choice for Ada 95 in undergraduate curricula, as well as
"ammunition" they will find useful in persuading colleagues to choose Ada as
well.
Abstract
This tutorial will present the advantages of Ada 95 as a foundation - introductory -
programming language for undergraduate computing curricula, including details of
prototypical first- and second-level courses. Ada 95 combines the clear syntax and
programming discipline of Pascal with a range of standard, industrial-strength features
for encapsulation, template- and inheritance-based object-oriented programming, and
language-defined multitasking.
Summary
Ada is currently the foundation language in over 100 institutions worldwide. Teachers
of Ada 95 are building on a ten-year base of experience with Ada 83 as a foundation
language; moreover, Ada 95 is supported by a range of undergraduate textbooks (including
at least five at introductory level), as well as several stable and inexpensive compilers
and toolsets for the most popular academic computing platforms.
Biography
 |
Michael Feldman is a Professor in the Department of Electrical Engineering and
Computer Science at The George Washington University, Washington, DC, where he has been a
faculty member since 1975. He has taught a CS2-level course with Ada every year since
1985, and a CS1-level course with Ada every year since 1991. Both courses are now in their
third academic year using Ada 95.
Prof. Feldman also teaches File Structures using Ada 95, and is now offering Real-Time
Systems with Ada 95. The real-time course is built around a scale model of the Washington,
D.C. rapid transit (metro) system, with Ada 95 controls.
Prof. Feldman has published numerous articles on Ada in undergraduate courses and related
issues. He is the author of two well-received 1996 textbooks, "Ada 95 Problem Solving
and Program Design (with Elliot Koffman)" and "Software Construction and Data
Structures with Ada 95". These are texts at CS1 and CS2 level, respectively. |
Schedule:
Monday, June 8, full day, 8h30-12h00 and 13h30-17h00 with two half hour breaks.
Ben Brosgol
brosgol@aonix.com
Audience background
Some knowledge of Ada 83 is necessary. Exposure to Object Orientation is quite helpful
but is not strictly required. Exposure to Ada 95 is likewise helpful but is not required.
Abstract
This tutorial presents the Java language through examples and by comparison with Ada.
It describes Java's approach to Object Orientation, summarizes some of the principal sets
of classes in the Application Program Interface, and presents the main elements of the
Abstract Windowing Toolkit, including applets.
Biography
 |
Ben Brosgol is chief Ada technologist with Aonix, in
Burlington, Massachusetts (USA). A well-known figure in the international Ada community,
Dr. Brosgol has been directly involved with the Ada effort since its inception, as a
language designer, implementor, user, and teacher. He participated in the Ada 95 language
revision, where he was responsible for the Information Systems facilities. He has
conducted Ada-related courses since 1982, and has delivered tutorials at Ada Europe,
Tri-Ada, and WAdaS. He has long been active in the Ada professional community and is
currently the chairman of ACM’s SIGAda (Special Interest Group on Ada).
Dr. Brosgol delivered the tutorial "Java for Ada Programmers" at the Tri-Ada
’97 conference, where it received high acclaim. |
Schedule
Monday, June 8, full day, 8h30-12h00 and 13h30-17h00 with two half hour breaks.
David Emery, Rich Hilliard, Timothy Rice
rh@mitre.org
Audience background
This tutorial is aimed at people who have an inerest in and experience with very large
software systems development, where an architectural approach is critical.
Abstract
Abstract For the last five years, we have been applying a
practical architecture approach to a variety of software-intensive systems, with
considerable success [1]. Drawing upon our experiences to date, this tutorial introduces
our approach, and relates it to other software and systems architectural approaches.
Keywords: architecture, software-intensive systems, views and viewpoints. Description:
The forthcoming IEEE Recommended Practice for Architectural Description defines
architecture this way [2]:
An architecture is the highest level concept of a system in its environment. What
differentiates architecture from design is that architecture is outward looking, viewing
the system in context, while design concentrates on the inward structure of the system
itself. Thus, while all systems have an architecture, the challenge for systems
development is to articulate a "good" architecture for the target system.
The tutorial begins with an overview of architecture as a major part of the system life
cycle. Within this framework, we describe the steps in developing an architecture, showing
the responsibilities of system architects, acquisition authorities, user representatives,
design engineers and maintainers, and the resulting architectural products. Our approach
designates some architectural products as the responsibility of the client; this ensures
that the system can meet client needs.
We then present an approach to architectural description, based on a
"architectural metamodel," allowing an architecture to be described as a set of
interrelated views, where each view is composed of components, connections and
constraints.
We demonstrate the selection and definition of architectural views from case studies
based on existing systems from the domains of Command and Control and Information Systems.
The tutorial concludes with a look at related work, including ISO's Reference Model for
Open Distributed Processing, IEEE's Recommended Practice for Architectural Description and
the US DOD's C4ISR Architecture Framework.
Course Outline: The tutorial is organized into the following parts. The Architectural
Metaphor In this part, we motivate the discipline of software systems architecture with
reference
to architecture in other fields, particularly traditional building architecture. We
contrast this sense of architecture with "Software Architecture" as currently
being investigated.
The Architect's Job We locate architecture as an activity within the system life cycle,
and the architect's role relative
to those of other system stakeholders (users, the client, acquisition agents,
designers, maintainers, etc.).
The Practical Architecture Method In this part, we outline an approach we have used to
analyze, evaluate and
develop software systems architectures within a life cycle setting. It is a
multi-phased approach, as follows:
1. System of Systems Analysis - Articulation of vision, goals, needs, scenarios for the
system. \Lambda Person to contact about this submission.
2. Viewpoint Analysis - Selection and definition of architectural viewpoints.
Development of architectural models ("views") satisfying those viewpoints.
3. Architecture Integration - Establishment of traceability between architectural views
and coverage of all needs by the architecture.
4. Overseeing System Construction - Role of the architect during the development phase.
5. System Acceptance - Role of the architect at system delivery.
6. Architecture Maintenance - Evolution of the architecture.
System of Systems Analysis The architect's job begins with a thorough understanding of
the needs for a system. This involves identifying the key stakeholders of that system
(users, the client, maintainers, acquisition agents, etc.) and working with them to
articulate their immediate needs, larger goals, and long-term vision for the system.
Analysis techniques and tools for this phase will be presented. Needs analysis will be
contrasted with traditional system requirements analysis.
Architecture Descriptions The next part focuses on the foundations of representation
and documentation of archi
tectural decisions through modeling. We introduce a "metamodel" of
architectural description which defines viewpoints and views, and their constituents:
components, connections and constraints.
Architectural Modeling We work through the process of creating an architectural
description from the selection and definition of viewpoints, through their modeling and
integration. We provide techniques for view selection and definition, choice of modeling
languages appropriate to different views, and techniques for model checking and
integration for consistency and traceability.
Architecture Assessment In this part, we show how the architectural approach we have
introduced can also be applied to the assessment of architectures. We provide an overview
of the Architecture Quality Assessment technique [3] and compare it with other approaches
to architectural evaluation. This technique plays a role not only in independent analyses
of architectures, but in the life cycle activities of Overseeing System Construction and
System Acceptance.
Case Studies Throughout the tutorial, examples will be given to motivate key concepts
and approaches based on actual systems we have developed.
Wrap Up In the final section we will contrast the presented
approach with other contemporary approaches to software and systems architecture,
including other architectural frameworks and methods, Architecture Description Languages,
and other technologies for the architect.
Biography
David Emery is a Principal Engineer with The MITRE Corporation in Washington, DC, where
he is currently applying this architectural method to the U.S. Army's Distance Learning
program. Prior to his return to MITRE, he worked for Hughes Aircraft of Canada on the
Canadian Automated Air Traffic System (CAATS). CAATS is one of the primary applications of
the "4 + 1" architectural approach described by P. Kruchten. Previously, Emery
worked for The MITRE Corporation in Bedford, MA, on software architecture, Ada and Ada
bindings. He was Technical Editor for IEEE Std 1003.5-1992, The Ada Binding to POSIX
System Services, has served as ACM SIGAda Secretary and Treasurer, and is a member of the
ACM Technical Standards Committee. Emery received a B.S. in Mathematics from Norwich
University, Northfield, VT. He is a member of the IEEE, IEEE CS and ACM. Address: The
MITRE Corporation, MS W538, 1820 Dolley Madison Blvd, McLean, VA 22102
Email:emery@mitre.org Phone: +1 703 883 7606 Fax: +1 703 8783 6143
Rich Hilliard is Lead Architect at The MITRE Corporation, assigned to the Air Force's
Chief Architects' Office. He is Secretary and Technical Editor for the IEEE's Architecture
Working Group, which is developing a Recommended Practice for Architectural Description.
He was a member of the Ada 9X Mapping/Revision Team that defined the Ada 95 revision to
the Ada language. Address: DII-AF Chief Architects' Office, The MITRE Corporation, Mail
Stop X073, Bedford, MA 01730 Email: rh@mitre.org Phone: +1 781 377 6856 Voicemail: +1 781
271 2724
FAX: +1 781 862 8429
Timothy B. Rice is vice-president for Software Engineering, at ISIS 2000. He has been
applying the practical architecture method to developing software systems for several
years. Prior to joining ISIS 2000, he was Lead Architect in the Air Force's Chief
Architects' Office, where he was the team leader of the Air Force's Command and Control
System Target Architecture. He also managed the MITRE Software Center Open Systems
Engineering group, focusing on the application of standards to the development of software
systems. He received an MS in Applied Mathematics from Northeastern University and a BA in
Mathematics from Bates College. Address: 5151 E Broadway, Suite 1400 Tucson, AZ 85711
Email: tim.rice@isis2000.com Phone: +1 520 745 3999 Fax: +1 520 745 3775
References
[1] David E. Emery, Richard F. Hilliard, and Timothy B. Rice.
Experiences applying a practical architectural method. In Alfred Strohmeier, editor,
Reliable Software Technologies - Ada-Europe '96, number 1088 in Lecture Notes in Computer
Science. Springer, 1996.
[2] Walter J. Ellis, Richard F. Hilliard, Peter T. Poon, David Rayford, Thomas F.
Saunders, Basil Sherlund, and Ronald L. Wade. Toward a recommended practice for
architectural description. In Proceedings of 2nd IEEE International Conference on
Engineering of Complex Computer Systems, Montreal, Quebec, Canada, October 21- 5, 1996,
1996.
[3] Richard F. Hilliard, Michael J. Kurland, and Steven D. Litvintchouk. MITRE's
Architecture Quality Assessment. In 1997 MITRE Software Engineering and Economics
Conference, April 2-3, 1997, 1997.
Schedule
Monday, June 8, half day, 13h30-17h00 with one half hour break.
Laurent Pautet (Télécom Paris University), and Samuel Tardieu (Télécom
Paris University)
pautet@inf.enst.fr
http://www-inf.enst.fr/~pautet
Audience background
This tutorial is intended for designers and programmers of Ada applications that will
be executed on a distributed system. Attendees should have experience or concerns in
programming distributed applications, or be familiar with classical approaches (UNIX
network programming, client/server model).
Abstract
Ada 95 presents an approach for programming distributed systems which is quite
complete. Nevertheless, the potentials of the language are not immediate and the reader of
the Reference Manual might become puzzled with the number of restrictions which are
stated.
The first part of the tutorial is devoted to the benefits of Ada 95 and to its paradigms:
client/server, distributed objects and shared memory. Our aim is to present a programmer's
view of distributed applications.
The second part of the tutorial will be devoted to a presentation of GLADE which is our
approach for configuring distributed applications, and to the current implementation of
the Distributed Systems Annex in GNAT. This will give the attendees the opportunity to
experiment with the paradigms studied in the first part.
The information will also be of practical interest for those who need to incorporate
additional features in our current implementation.
Biography
 |
Dr. Laurent Pautet is assistant Professor at ENST, Paris and member of the GNAT team.
His research interests include software engineering, distributed systems, and realtime
systems. He is one of the main architects of the Ada 95 Distributed System Annex
implementation for GNAT (called GLADE). He is one of the principals of the Ada-France
association and the authors of several freely available communication packages in Ada and
other programming languages. |
Samuel Tardieu is a PhD student at ENST, Paris and member of the GNAT team. His
research areas include distributed, embedded and real-time systems. He is participating in
the implementation of the Ada 95 Distributed System Annex for GNAT (called GLADE) and is
currently adding strong fault tolerancy support to this implementation for his PhD work.
He is one of the principals of the Ada-France association, and the authors of several
freely available communication packages in Ada and other programming languages.
Richard T. Dué
70544.3665@compuserve.com
Audience background
Senior Analysts, Project Mangers, and Mangers with some background and experience in
Object Technology application development projects who are looking for fundamentally new
approaches to Object-Oriented Analysis and Design and project organization.
Abstract
An interactive tutorial based upon Richard T. Dué's article in the July 1997 issue of
Ed Yourdon's American Programmer. The "End of the Age of Miracles" is a systems
development approach which allows end users, analysts, and designers to independently
develop integrated systems.
The tutorial will explore the use of Proxy and Broker patterns in a new approach to the
project management and architecture of Object Technology application systems. The tutorial
will also explore the use of these patterns with the "software piranha" and
"duck" design philosophies. The "software piranha" philosophy uses
event-driven design to stimulate the behaviors and responsibilities of independent
objects. The "duck" philosophy places all interpretation of behavior into
separate observing objects. The goal of the "End of the Age of Miracles" is the
elimination of the "miracles" that are required to transform analysis to design
and design to code in traditional software engineering approaches.
The exploration, evaluation, and improvement of the "End of the Age of Miracles"
approach and the "piranha" and "duck" philosophies. Ed Yourdon calls
the "End of the Age of Miracles" approach, "novel and intriguing", but
wonders how it will fare in the marketplace over the next few years. The prime objectives
of this session will be to critique and enhance the approach.
Biography
 |
Richard T. Dué has 33 years of Information Technology experience as a
programmer, analyst, manager, consultant, university professor, author, and expert
witness. He is a frequent speaker at many international conferences including OOPSLA,
ECOOP, CAiSE, TOOLS, and Software Development. His Object Technology articles have
appeared in Object Magazine, Database Programming and Design, American Programmer,
Datamation, and Object Expert. Since 1989, he has been the Information Economics columnist
for the journal, Information Systems Management. Richard has organized and conducted
seminars in over 25 countries in North and South America, Asia, and Europe since 1986.
Richard is a member of the OPEN methodology consortium. |
Schedule
Monday, June 8, half day, 13h30-17h00 with one half hour break.
Ingmar Ögren
iog@romet.se
http://www.romet.se
Audience background
Expected audience is Ada software engineers interested in knowing more about how to
apply their Ada knowledge on the system level.
Abstract
Systems Engineering concerns update and new production of complex systems, where
operators cooperate with software and hardware components to complete missions. In this
session it is shown how Ada 95 is used by the method O4S (Objects For Systems) as a basis
to create system descriptions, which are reasonably formal and still understandable to end
users.
The session demonstrates how to use O4S to analyze a system in its context with
"Universe Of Discourse" entity-relationship graphs. It also explains how to
continue from analysis into object identification. It covers the development process,
design with requirements and problem management, and prototyping. It further discusses how
O4S can help its users to produce compact system documentation, which complies with
standards, such as EIA 12207 and how to manage quality and configuration management. It is
also shown how formalized system descriptions, based on Ada 95, can be used to analyze
dependability for critical systems with Fault Tree Analysis and Failure Mode Effects
Analysis. The tutorial explains some important principles for efficient systems
development work, such as the "developer corral" and the "hard and easy
meeting".
Through the tutorial, examples are given from real applications in aerospace and
automobile systems visualized with the tool kit Tofs (Tool For Systems).
Biography
 |
Ingmar Ögren was graduated from the Royal Technical University in
Stockholm in 1966, with a graduation work concerning integration of a military flight
simulator with a Sector Operation Center. From then he has been active in systems
engineering of military and industrial systems. He now leads Romet, a method and tools
company, located on a seaside farm some 100 kilometers north of Stockholm. He has given
multiple presentations and tutorials on Ada-based systems engineering with TRI-Ada, Ada
Europe, INCOSE and STC. He also does regular teaching at the Swedish
"Försvarshögskolan" (Defense University). |
Cyrille Comar, Sergey Rybin
rybin@gnat.com
http://www.act-europe.fr
Audience background
Participants should have a good understanding of Ada semantics. Basic experience on
programming with GNAT is helpful, but not required.
Abstract
The tutorial will explain, how you can build your own development and program analysis
tools when working with GNAT. The existing GNAT toolset and different approaches to tool
development will be presented. Using ASIS (the Ada Semantic Interface Specification) as
the effective technology for building the wide range of useful tools will be discussed in
details. The discussion will include presenting of concrete ASIS-based tools and of the
ASIS implementation for GNAT.
GNAT is the fully-validated multi-platform industrial-strength Ada 95 implementation. ASIS
is an interface between an Ada environment and any tool requiring information from it.
ASIS has been designed to be independent of the underlying Ada environment implementation,
thus supporting portability of software engineering tools. The tools to be considered at
the tutorial include, but are not limited to, library management tools, metric tools,
style checkers, code optimization tools etc.
Biography
Cyrille Comar (comar@gnat.com) is a member of Ada Core Technologies (ACT) and a founder
of ACT Europe. He is one of the key architects of GNAT, he has implemented the Ada 95
object-oriented features and the GNAT library model.
 |
Sergey Rybin (rybin@gnat.com) is a Senior Researcher at the Moscow State
University, and he also works as a consultant for ACT. He is the principal architect and
the main developer of the ASIS implementation for GNAT. He is an active member of the ISO
ASIS Working Group and ASIS Rapporteur Group. |
Schedule
Friday, June 12, half day, 13h30-17h00 with one half hour break.
Franco Gasperoni, Edmond Schonberg
gasperon@inf.enst.fr, schonberg@gnat.com
http://www.gnat.com
Audience background
Any manager, project leader, software engineer or programmer that is interested in
understanding the Java technology, its opportunities and how Ada can be used on this
platform.
Abstract
The objectives of this tutorial are:
* Help participants demistify the Java technology and by that token go beyond the hype
that surrounds it. Aspects of the technology that will be adressed in various degrees of
depth include:
The Java virtual machine, the Java API, JavaBeans (the Java software component model), JNI
(the interface that allows native aplications to interface with Java).
* Help managers and developers understand the opportunities represented by this emerging
technology which spans applications ranging from internet applets to fully featured
information systems running on mainframes, PCs or workstations to embedded systems such as
intelligent automobiles, smart cards, telephones with built-in Web browsers and
state-of-the-art cellular telephones.
* Provide a roadmap for project managers & software engineers to help them understand
where Ada fits in the world of Java and how companies can take advantage of their Ada
investments for the Java platform. More important, this tutorial will illustrate how the
use of Ada can provide a competitive advantage on this emerging platform.
* Explain how one can write Ada applications for the Java platform using the GNAT compiler
which has recently been targeted to this platform. This includes writing new Ada
applications as well as porting existing Ada code. Seamless interoperability between Ada
and the Java programming language as well as the use of the Java API (Application
Programming Interface) from Ada will be discussed in depth.
The tutorial will contain down to earth examples and a large number of demos to help
participants acquire a concrete grasp of the concepts presented.
Biography
 |
Franco Gasperoni is a professor of Computer Science at Telecom Paris, in
France and is one of the founders of ACT Europe. Franco has taught courses in various
areas of computer science: programming languages, compiler design, computer architecture
and operating systems at Telecom Paris and New York University. In addition, the presenter
is one of the main architects of the GNAT to Java effort that is currently underway. |
Edmond Schonberg is professor of Computer Sciences at New York University, and
vice-president of Ada Core Technologies. He has been involved in the implementation of Ada
compilers for 15 years. He has taught courses in programming languages, compilers,
object-oriented languages, algorithms, and software engineering for 25 years. Most
recently he has introduced a Java-based Honors course for CS101 students at NYU.
Schedule
Friday, June 12, half day, 8h30-12h00 with one half hour break.
Michael Gonzalez Harbour
mgh@ctr.unican.es
Audience background
The audience should be familiar with the development of real-time applications, in
order to understand the different concepts. Knowledge on the Ada tasking model is desired,
since most of the examples will refer to systems that are built in Ada. Some experience
with using UNIX or another operating system to program applications is desirable.
Abstract
The Real-Time Annex of the Ada 95 language provides a very good support for developing
both hard and soft real-time applications under highly predictable scheduling and
synchronization mechanisms. In addition to the facilities provided by the Ada language,
many real-time systems built today require operating systems services such as network
communications, graphical user interfaces, or file systems. In this context, it is
extremely important that the underlying operating system provides bounded response time
services, to be able to guarantee that the timing requirements of the application will be
met.
This tutorial focuses on design and analysis techniques for guaranteeing the timing
requirements of applications built in Ada and under a real-time POSIX operating system.
The tutorial is divided in two parts. The first part is a review of the techniques that
can be used to design and analyze a real-time application, so that we can predict if it is
going to meet all of its timing requirements. This part of the tutorial is based on the
collection of methods known as rate monotonic analysis.
The second part of the tutorial discusses the main real-time operating system services
defined in the POSIX standards. These services allow application developers to write
portable applications that meet their real-time requirements. The tutorial reviews the
different services from the perspective of an Ada application, and discusses which of the
different options and services are more suitable for developing real-time applications in
Ada.
Biography
 |
Michael Gonzalez Harbour is an Associate Professor in the Department of Electronics
and Computers at the University of Cantabria. He works in software engineering for
real-time systems, and particularly in the analysis of distributed real-time systems using
rate monotonic analysis. He is a co-author of "A Practitioner's Handbook on Real-Time
Analysis". He has been involved in several projects using Ada to build real-time
controllers for robots.
Michael is an active member of the POSIX real-time working group. He is the Technical
Editor of the IEEE POSIX.1d and IEEE POSIX.1j standards. |
Outline
=======
Part I: Real-Time Analysis
1. Introduction
2. Analyzing sets of periodic tasks
3. Extending the basic theory
4. Task synchronization
5. Handling aperiodic tasks
6. Lessons learned from RMA experience
Part II: Real-Time POSIX
1. Introduction. Real-time operating systems
2. The basic POSIX standard and its Ada bindings
3. Real-time extensions
4. Threads extension
5. Additional real-time extensions
6. POSIX subsets
8. Design and analysis of real-time applications
7. Selecting a POSIX-conforming OS
8. Summary and conclusions
Schedule
Friday, June 12, full day, 8h30-12h00 and 13h30-17h00 with two half hour breaks.
John Barnes, Peter Amey
jgpb@jbinfo.demon.co.uk
Audience background
Attendees will be expected to be familiar with the mainstream ideas of Ada (83 or 95).
No knowledge of SPARK will be assumed. No prior knowledge of formal methods is required.
Note: This tutorial is not for the novice but nor will it contain heavy indigestible proof
stuff so it is classed as Intermediate.
Abstract
This tutorial will provide a general appreciation of the goals and capabilities of
SPARK illustrated by a number of examples.
The first part of the tutorial will commence with an overview of the key principles behind
SPARK. This will be followed by a survey of the concepts of abstraction, refinement and
flow analysis and an introduction to the ideas of how a program might be proved to be
correct with respect to its specification.
The second part will briefly survey the various features of SPARK as a subset of Ada and
show how these have been constrained by a number of general principles designed to reduce
misunderstandings and eliminate ambiguities and uncertainties.
The final part of the tutorial will look at the tools associated with SPARK in a bit more
detail. This will include the techniques used by the Examiner for flow analysis and the
use of the Simplifier and Proof Checker for generating proofs.
In summary, the main purpose is to give attendees an appreciation of the scope of SPARK
and what might be achieved by its use in practise. An important goal is to show that the
SPARK approach can bring useful benefits without every programmer having to have a
doctorate in formal methods!
Biography
 |
John Barnes read Mathematics at Trinity College Cambridge. Fellow of the
British Computer Society.
Member of Ada 83 and Ada 95 design teams. Principal author of Rationale for Ada 95. Author
of Programming in Ada 95. Author of High Integrity Ada - The SPARK Approach.
|
Peter Amey is Product Manager of Praxis Critical Systems. He is the principal author of
the Examiner, the key tool for the analysis of SPARK programs.
Schedule
Friday, June 12, full day, 8h30-12h00 and 13h30-17h00 with two half hour breaks.