You can acces the final global planning of the conference here as well as the final program.

The accepted papers are listed and detailed here.

An Invitation to Ada 2005

In 2000, the ISO technical group in charge of maintaining the Ada language has started looking into possible changes for the next revision of the standard, around 2005. Based on the input from the Ada community, it was felt that the revision was a great opportunity for further enhancing Ada by integrating new programming practices, e.g. in the OOP area; by providing new capabilities for embedded and high-reliability applications; and by remedying annoyances encountered during many years of usage of Ada 95. This led to the decision to make a substantive revision rather than a minor one.

This keynote will outline the standardization process and schedule, and give a technical presentation of a number of keys improvements that are currently under consideration for inclusion in Ada 2005.

Pascal Leroy is a Principal Software Engineer with Rational Software Corp., and the chairman of the ISO Ada Rapporteur Group, the expert group in charge of revising and maintaining the Ada standard. He has more than 18 years of experience in Ada and has been involved in language design, in compiler and tool development and in consultancy with very large Ada projects, notably in the area of command and control systems.

Pascal holds degrees from Ecole Polytechnique and Ecole Nationale des Telecommunications in Paris, France.

Aspect-Oriented Programming Beyond Hierarchical Modularity

Aspect-oriented programming (AOP) is a new technology targeted at modularizing so-called crosscutting concerns. While the hierarchical modularity mechanisms of object-oriented and procedural programming have been very useful, they lack support for modularizing concerns whose modular structures are not hierarchical but rather crosscutting in nature. Failure handling strategies, security checking, and policy enforcement are few examples of concerns, whose implementation crosscuts the modular structure of an object-oriented software system that is organized around the key abstractions of an application domain. AOP provides language support that allows crosscutting structure to be explicit, clear and composable. This enables to program crosscutting aspects in a modular way, resulting in the usual benefits of better modularity.

In this talk the fundamental ideas of AOP and some works in the field will be presented and open issues will be discussed.

Mira Mezini is a full professor of computer science at Darmstadt University of Technology in Germany, where she leads the software technology group. She holds a a PhD (Dr.-Ing.) from the University of Siegen, Germany. Prior to joining Darmstadt University of Technology, she was an assistant professor of computer science at Northeastern University, Boston, MA.

Her current research interests are in design and implementation of languages with powerful modularization capabilities, aspect-oriented programming, design patterns and frameworks, component-oriented software development and adaptable component middleware.

Software Fault Tolerance: An Overview

The scope, complexity, and pervasiveness of computer-based and controlled systems continue to increase dramatically, and hence the consequences of such systems failing can be considerable. Ideally, the processes by which the software controlling such systems is created, analyzed, designed, implemented and tested would have advanced to the point where software could be developed without errors. Although significant progress has been achieved in recent years, and even if the best people, practices, and tools are used, it would be very risky to assume that the software developed is error-free.

This talk presents an overview of the techniques that can be used by developers to produce software that can tolerate design faults and faults of the surrounding environment. After reviewing the basic terms and concepts of fault tolerance, the best-known fault-tolerance techniques exploiting software, information and time redundancy are presented. The most important features of Ada 95 and other programming languages that can be of help when implementing fault tolerance are reviewed, and their usefulness is illustrated by examples.

Jörg Kienzle is assistant professor in computer science at McGill Universiy in Montreal, Canada, where he is leading the Software Engineering Laboratory. He holds a Ph.D. and engineering diploma from the Swiss Federal Institute of Technology in Lausanne (EPFL). His current research interests include fault tolerance, software development methods, distributed systems and aspect-orientation.

Software Development Process for Airbus A380

The A380 program is a major economic and technical stake for Airbus. The new architecture system based on the concepts of the Integrated Modular Avionique, the reduction meaning of the cycle of development as well as the level of maturity asked from first delivery of the plane impose us the implementation of a process of development and a software optimized workshop insuring the validation as soon as possible of the requirements and the major choices of architecture as well as the use of techniques of verification allowing to reduce the costs and the cycles of development while obtaining from better results.

The presentation will attempt to describe the evolutions methodological organized for the program A380, the choices in term of computer solution and software workshop as well as their perspectives of evolution and improvement for the future programs. We shall speak thus about activities of specification, conception, coding and verification of on-board software.

Patrick Farail is Airbus Methods Development Engineer for Airborne Computer Software since 1989. He is the Team leader of experts on Software development activities including Specification, Design, Coding and Requirements Engineering.

He was involved earlier in Ada development (since 1983) and then was a member of the team who defined HOOD method in 1987. Since these first experiences he investigates, improves and promotes the use of software engineering methods in Airbus airborne computer software. He :

• proposes the methodologies with respect to project constraints. He helps developers to put in practice these methods in order to optimise project costs while insuring software quality.
• guarantees methodology consistency among all projects.
• chooses CASE tools supporting this methodology.
• knows perfectly : functional specification method (formal ones or unformal), HOOD (Hierarchical Object Oriented Design) design method , Ada, C, C++ and Java languages, UML (Unified Modelling language) formalism and Object methodology.

Tutorial #1 : The Personal Software Process(sm) for Ada

For the last several years, SEI Fellow Watts Humphrey, in conjunction with the SEI process program, has been developing techniques to help software engineers better manage and control their work while improving their personal skills and capabilities. This body of work is referred to as the Personal Software Process.

The Personal Software Process (PSP) is a scaled-down version of an industrial (CMM-like) software process that is suitable for individual use. The goal of the PSP is to make software engineers aware of the processes they use to do their work and the performance of those processes. Software engineers set personal goals, define methods to be used, measure their work, analyse the results, and adjust their methods to meet their goals.

More on level and topics here.

Daniel Roy is President of Software Technology, Process and People (STPP) Inc., a training and consulting company specializing in the institutionalization of disciplined software engineering practices at the individual and team levels.

Dan Roy has 28 years experience in the development of biomedical and space systems (hardware and software). He worked for twelve years with major contractors such as General Electric and Loral at the NASA Goddard Space Flight Center. During this period he was fortunate to be exposed to and even, at times, to participate in the landmark work of the Software Engineering Laboratory (SEL). He worked at Carnegie Mellon University, Software Engineering Institute (SEI) for five years until December 1994. While at SEI, Dan led the real-time embedded systems tested project. Dan's interests include methodologies, risk management, process (from the Personal Software Process (PSP) to Capability Maturity Model (CMM) assessments), the People-CMM, and the psychological aspects of change management. Dan Roy has retained close ties with the SEI where he still teaches and consults as a visiting scientist. In particular, he is a regular teacher of the SEI "train the trainer" course for the Personal Software Process and he has been selected by SEI to verify and approve the French translation of CMM and CBA-IPI material. In January 1997, SEI and STPP signed a Cooperative Research and Development Agreement (CRADA) to commercialize the PSP. Since then, Dan has been involved in the delivery of various SEI PSP products and the on going trials of the Team Software Process (TSP) in Europe, the US and in India. With a customer base spanning 10 countries, Dan has also worked with various world class software engineering institutes such as the Centre de Recherche Informatique de Montreal (CRIM) in Canada, the Norwegian Computing Center (NR), the Swedish Institute for Systems Development (SISU), the Institut d'Ingénierie International (IN3) in Paris, the Centro Internacional de Technologica de Software (CITS) in Brazil, and the European Software Institute (ESI) in Spain.

Dan is co-author of the book "Meeting Deadlines in Hard Real-Time Systems" (Briand-Roy) published by IEEE in 1999. He is a senior member of the Institute of Electrical and Electronics Engineers (IEEE) and the IEEE Computer Society, a member of the Association for Computing Machinery (ACM), and a senior member of the American Institute of Aeronautics and Astronautics (AIAA). He has served as chairman of several Ada conferences and as chair of the ACM SIGAda Performance Issues Working Group (PIWG) and Safety and Security Working Group. He is also a trained evaluator for the accreditation visits of the Computer Science Accreditation Board (CSAC/CSAB), a 1997 senior examiner for Q-NET (Pittsburgh Chamber of Commerce Baldrige-like award) and a qualified user of the Myers-Briggs Type Indicator (MBTI).

Tutorial #2 : Developing High Integrity Systems with GNAT/ORK

The Ravenscar profile is a subset of Ada tasking that enables the development of high integrity systems on top of a reduced, reliable run-time kernel. The Ravenscar subset removes all non-deterministic features from Ada tasking in order to enable static analysis and response time analysis to be performed on Ada programs. The Ravenscar subset includes static tasks (with no entries) and protected objects (with at most one entry), a real-time clock and delay until statements, as well as protected interrupt handler procedures and other tasking related features. ORK is a free real-time kernel that supports the execution of Ravenscar Ada programs on ERC32 (a radiation-hardened version of the SPARCv7 architecture) and PC targets. It is fully integrated in the GNAT programming environment, as a combined GNAT/ORK cross-compilation system which can be used to develop embedded applications on stand-alone computer boards.

The tutorial will describe the main aspects of the Ravenscar profile, its interactions with other Ada features which are relevant for developing high integrity systems, and will give hints on programming schemes based on the profile. It will also describe the main features of GNAT/ORK, and the details on how to use it as a programming environment for embedded real-time systems.

More on level and topics here.

Juan Antonio de la Puente is a full professor at the Technical University of Madrid (UPM). He has been teaching Ada and Real-Time systems for more than 15 years, and is project manager for the ORK project at UPM.

Juan Zamorano is a professor at the Technical University of Madrid, with more than 15 years experience in teaching real-time systems and systems architecture. He is the technical manager of the ORK project, and is responsible for ORK maintenance at UPM.

Tutorial #3 : Implementing Design Patterns in Ada95

A design pattern is a description of how a group of objects collaborate to solve a general problem in a specific context. Although Ada is a feature-rich language, it is sometimes not obvious how to actually implement many design patterns, and knowledge of certain advanced language features is often necessary. Accordingly, I present several idioms for object-oriented programming in Ada95, such as using controlled types and smart pointers to perform memory management, and using access discriminants to implement Java-style interface types.

More on level and outline here.

Tutorial #4 : Principles Of Physical Software Design in Ada95

In this tutorial Matthew Heaney will discuss issues concerning the compilation of large software systems, and will present many techniques for ameliorating the problems.

Most texts on software design concentrate almost exclusively on logical design, and provide only a cursory explanation of physical design. Discussions about types and objects are important, but there are also many pragmatic compilation issues that cannot be ignored. Unless care is taken, dependencies among modules often force a substantial recompile when seemingly innocuous changes are made. This can stymie development, especially for large systems that require hours (or even days) to rebuild.

More on level and outline here.

Matthew Heaney has been programming in Ada over 15 years, and has designed several large, real-time systems in Ada. He originally learned design patterns by converting all the C++ examples in the Gamma book to Ada95, and now he uses them on real projects.

On2 Technologies develops advanced full-motion, full-screen video compression and streaming technology. Matthew leads development of the TrueCast family of on-demand streaming media servers.

Tutorial #5 : High-integrity Ravenscar Using SPARK

SPARK is a well-established, unambiguous and fully-analysable annotated subset of Ada. In its original form SPARK excluded all forms of concurrency because weaknesses in the Ada tasking model made it incompatible with the design goals of SPARK. The advent of the Ravenscar Profile has provided an opportunity to extend SPARK to include concurrency and to enable the SPARK Examiner to analyse concurrent programs.

The tutorial will describe the way SPARK has been extended to include the Ravenscar Profile and how static analysis techniques can eliminate all of the erroneous behaviour, bounded errors and implementation- defined behaviour that remain in the concurrency model defined by the Profile.

More on level and outline here.

Peter Amey is an aeronautical engineer by original professional training and achieved Chartered Engineer status through the Royal Aeronautical Society. He served as an engineering officer in the Royal Air Force and spent several years at the Boscombe Down test establishment working on the certification of aircraft armament systems. Peter joined Program Validation Limited to develop the high-integrity language SPARK and its support tool the SPARK Examiner and continues that work today with Praxis Critical Systems. As well as developing SPARK he has used it on major programmes including Tornado, Eurofighter and the Lockheed C130J.

Peter teaches SPARK and Ada on a regular basis and has lectured widely on the development of critical systems. Most recently this has included the keynote address "Logic versus Magic" at Ada Europe 2001, "Closing the Loop: the Influence of Code Analysis on Design" at Ada Europe 2002 and the paper "A Language for Systems not Just Software" at SIGAda 2001. Peter has also had a well-received article published in Crosstalk.

Tutorial #6 : Architecture Centric Development Using Ada and the Avionics Architecture Description Language

This tutorial will describe an architecture centric approach to developing and evolving reliable systems using the Avionics Architecture Description Language (AADL). The AADL is being standardized under the Society of Automotive Systems, Aerospace Avionic Systems Division. It is an ADL specifically developed for time critical, reliable applications. It supports building multiprocessor, fault tolerant, multi-level safety critical systems. It was developed for the avionics domain but useful in many real-time domains including space, automotive, industrial etc. UML is a widely used object orient general purpose software specification language. The AADL UML profile is being developed and will allow UML specification and tools to be used.

The tutorial will cover concepts, architecture centric development process, language overview, example specification, hardware and software components, Ada component integration, modeling and analysis as well as the an overview of the UML profile.

More on level and outline here.

Bruce Lewis is a senior experimental developer for the US Army's Aviation and Missile Command, Research, Development and Engineering Laboratory. His work has focused on real time systems, Ada, software engineering, software architecture and system evolution since 1989. He has served as the government lead on various DARPA projects including those related to development of a real-time Architecture Description Language. He is the chairman of the international Avionics Architecture Description Language standardization committee.

Mr. Lewis has presented tutorials and presentations at several previous SigAda and AdaEurope meetings. He has presented tutorials related to architecture description language at the last 4 Digital Avionics Systems Conferences, both half and full day as well as at the International Reuse Conference and Tools USA 2000. He was a co-presenter and chair of a full tutorial and Avionics Architecture Description Language Seminar held in Toulouse in Oct of 2002, which drew 85 engineers. He was an instructor in the Air Force in electronics.

Ed Colbert is consulting with U.S. Army Aviation & Missile Command, and Honeywell Technology Center, on the definition of the Avionics Architecture Description Language (AADL) for the Society of Automotive Engineers (SAE). He is also lecturing in the Computer Science Department of the University of Southern California on software engineering and architectures, and contributing to the Model-Based Software Engineering (MBASE) method of the USC Center for Software Engineering.

Ed has been teaching object-oriented methods, software engineering, and the Ada programming language since 1982, and since 1986 consulting as well. He created the Colbert Object-Oriented Software Development method ("OOSD"), which supports analysis and design for implementation in languages such as Ada, C++, and SmallTalk. NASA Langley Research Center used OOSD for a Software Engineering Process manual, chosen partly for its strength in real-time software development. Ed has delivered presentations at the Ground Systems Architecture Workshop (LA, 2003), International Conference on Reliable Software Technologies (Belgium, 2001), TOOLS (2000, 1995), Ada Europe (England, 1997), TRI-Ada (1996, '95), UNICOM (England, 1993), OOPSLA (D.C., 1993), ObjectExpo (New York, 1993), ObjectExpo Europe (England, 1992), TRI-Ada (Florida, 1992), LOOK (Denmark, 1992), OOP (Germany, 1992), and SCOOP Europe (England, 1991). He is a graduate of the University of Michigan (M.S. Computer & Communication Sciences, 1981; B.S. (with Distinction) Chemistry and Biology, 1979).

Tutorial #7 : A Semi Formal Approach to Software Systems Development

Faced with the challenges of applying theoretical formal methods to the development of large scale systems, various techniques have been created that exploit semi-formal approaches. These techniques exploit many of the advantages of the full formal methods but are less onerous to learn and to apply. Starting with Dr. Harlan Mills Cleanroom Software Engineering, the area of semi-formal methods has matured to being a viable choice for current developments.

The key technical aspects of such techniques include the application of enumeration-based requirements definition, the derivation of software design and code using state-machines and rigorous development stages, the verification of the software using informal correctness proofs, and the verification and validation of the product using statistical testing.

This tutorial examines the background of these techniques, analyses their strengths and weaknesses, and explores one specific technique in greater depth.

More on level and outline here.

Tutorial #8 : An Overview of Statistical-Based Testing

Taking traditional approaches to the testing of large systems often results in less than satisfactory results. When transitioning from the test environment to the deployed environment, numerous latent defects are frequently discovered, even after what seems to be extensive testing. These defects become visible after the system is brought through a usage pattern that was unanticipated. In order to overcome these shortcomings of traditional requirements-based testing, the technique of statistical-based testing has been developed. In this approach, the expected usage patterns of the system are identified and modeled (using usage models which are based on state transition diagrams). For these patterns, predicted probabilities of occurrence are generated by assigning probabilities to each state transition. Based on the usage models, test cases and scenarios are randomly derived consistent with the probabilities of occurrence. The results are tracked and an overall reliability of performance is computed. Stopping criteria is then applied to determine of the testing process has been sufficient for the system's goals. This approach also supports a significant increase in automation, thereby increasing the intensity of the testing and reducing the time needed to create and run the tests.

The tutorial will analyze this technique, and present the mechanisms used to create the usage models, identify the tests, and analyze the results.

More on level and outline here.

Since 1990, Dr. Bail has worked for The MITRE Corporation in McLean VA as a Computer Scientist in the Software Engineering Center (SWEC) . MITRE is a not-for-profit corporation chartered to provide systems engineering services to the U.S. Government agencies, primarily the DoD, the FAA, and the IRS. Within MITRE, the SWEC focuses on supporting various programs with consultation, particularly transitioning emerging technologies into practice.

Dr. Bail's technical areas of focus include dependable software design and assessment, techniques for software specification development, design methodologies, metric definition and application, and verification and validation. At MITRE, Dr. Bail is currently supporting the U.S. Navy, focusing on the practice of software engineering within PEO IWS (Integrated Warfare Systems), particularly as applied to large real-time systems. Prior to 1990, Dr. Bail worked at Intermetrics Inc. in Bethesda MD.

Previously, Dr. Bail taught part-time at The University of Maryland from 1983-1986 in the Computer Science Department for undergraduate courses in discrete mathematics, computer architecture, and programming language theory. Since 1989 he has served as an part-time Adjunct Associate Professor at the University of Maryland University College where he develops instructional materials and teaches courses in software engineering, in topics such as Software Requirements, Verification and Validation, Software Design, Software Engineering, Fault Tolerant Software, and others. He has also presented tutorials in Cleanroom Software Engineering at SIGAda in 2000, and at AdaEurope in 2002, as well as tutorials in Ada in the early 1990s.

Dr. Bail received a BS in Mathematics from Carnegie Institute of Technology, and an MS and Ph.D. in Computer Science from the University of Maryland.