Ogma is a instrument to facilitate the integration of receive runtime shows into
other programs. Ogma extends
Copilot, a excessive-stage runtime
verification framework that generates stressful staunch-time C99 code.
-
Translating necessities outlined in NASA’s necessities elicitation instrument
FRET into corresponding shows in
Copilot. -
Producing NASA Core Flight Blueprint applications
that exercise Copilot for monitoring data bought from the message bus. -
Producing message handlers for NASA Core Flight Blueprint applications to make
exterior data in structs accessible to a Copilot display screen. -
Producing the glue code needed to work with C structs in Copilot.
Conversion of FRET necessities into C code.
Featured Content Ads
add advertising here
Integration of shows into bigger applications (e.g., simulators).
Desk of Contents
Pre-requisites
To install Ogma from supply, users would possibly want to possess the instruments GHC and cabal-install.
Right this moment, we imply GHC 8.6 and a version of cabal-install between 2.4
and 3.2. (Ogma has been examined with GHC versions up to eight.10 and cabal-install
versions up to some.6, even supposing the set up steps would possibly presumably perhaps differ somewhat depending
on the version of cabal-install being extinct.)
Featured Content Ads
add advertising hereOn Debian or Ubuntu Linux, both would possibly presumably perhaps even be installed with:
$ staunch-procure install ghc cabal-install
On Mac, they’ll even be installed with:
$ brew install ghc cabal-install
Compilation
Once GHC and cabal are installed, basically the most bright technique to put in Ogma is with:
$ git clone https://github.com/nasa/ogma.git $ cd ogma $ export PATH="$HOME/.cabal/bin/: $PATH" $ cabal v1-install alex relaxed $ cabal v1-install BNFC copilot $ cabal v1-install ogma-*/
After that, the ogma executable will likely be positioned within the directory
$HOME/.cabal/bin/, the attach $HOME represents your person’s home directory.
The dear invocation of ogma with --merit lists sub-commands accessible:
$ ogma --merit ogma - an anything else-to-Copilot application generator Usage: ogma COMMAND Generate full or partial Copilot applications from a pair of languages Readily accessible alternate choices: -h,--merit Repeat this merit textual reveal material Readily accessible commands: structs Generate Copilot structs from C structs handlers Generate message handlers from C structs cfs Generate a full cFS/Copilot application worry-ingredient-spec Generate a Copilot file from a FRET Element Specification worry-reqs-db Generate a Copilot file from a FRET Requirements Database
Language transformations: FRET
FRET is a necessities elicitation instrument
created by NASA Ames Be taught Center. Requirements would possibly presumably perhaps even be specified in
structured pure language known as FRETish, and the instrument helps users understand
them, validate them, and formalize them. For instructions on programs to specify,
analyze and export FRET necessities, stumble on the FRET
handbook.
Screenshot of requirement specified interior NASA’s necessities elicitation instrument FRET.
Ogma can convert specs generated by FRET into Copilot shows.
Particularly, the commands worry-ingredient-spec and worry-reqs-db allow users
to have interaction with the assorted forms of info produced by FRET.
FRET info embody properties encoded using Temporal Logic, both in
SMV and in
CoCoSpec,
the latter of which is an extension of Lustre. Ogma uses the SMV expressions by
default, however the CLI flag --cocospec would possibly presumably perhaps even be extinct to secure the CoCoSpec
variant of necessities as a replace.
For instance, from the following FRET requirement:
test_component shall satisfy (input_signal <= 5)
Ogma generates the following Copilot specification:
-- @
-- test_component shall satisfy (input_signal <= 5) -- @ propTestCopilot_001 :: Stir Bool propTestCopilot_001 = ( alwaysBeen (( ( ( input_signal <= 5 ) ) )) ) -- | Complete specification. Calls the C function void handler(); when -- the property is violated. spec :: Spec spec = do trigger "handlerpropTestCopilot_001" (not propTestCopilot_001) [] main :: IO () main = reify spec >>= assemble "worry"">
import Copilot.Assemble.C99 import Copilot.Language hiding (prop) import Copilot.Language.Prelude import Copilot.Library.LTL (next) import Copilot.Library.MTL hiding (since, alwaysBeen, verbalize off) import Copilot.Library.PTLTL (since, old, alwaysBeen) import Language.Copilot (reify) import Prelude hiding ((&&), (||), (++), no longer, (<=), (>=), (<), (>)) input_signal :: Stir Double input_signal = extern "input_signal" Nothing -- | propTestCopilot_001 -- @ -- test_component shall satisfy (input_signal <= 5) -- @ propTestCopilot_001 :: Stir Bool propTestCopilot_001 = ( alwaysBeen (( ( ( input_signal <= 5 ) ) )) ) -- | Complete specification. Calls the C function void handler(); when -- the property is violated. spec :: Spec spec = do trigger "handlerpropTestCopilot_001" (not propTestCopilot_001) [] main :: IO () main = reify spec >>= assemble "worry"
This program would possibly presumably perhaps even be compiled using Copilot to generate a worry.c file that
entails a stressful staunch-time C99 implementation of the display screen. The specification
generated by FRET for the FRETish requirement shown above is integrated with the
Ogma distribution, and would possibly presumably perhaps even be examined with:
$ ogma worry-ingredient-spec --cocospec --worry-file-title examples/worry-reqs-runt.json > FretCopilot.hs
$ runhaskell FretCopilot.hs
The fundamental step executes ogma, generating a Copilot display screen in a file known as
FretCopilot.hs. The second step executes the Copilot compiler, generating a C
implementation worry.c and C header file worry.h.