data-driven dependability analysis using aadl for...
TRANSCRIPT
Data-Driven Dependability Analysis Using AADL for
Wireless Sensor Networks
Ting Yan, Hui Cao, Sujit R. Das, and Luis Pereira
Innovation Center, Eaton CorporationJanuary 25th, 2006
Dependability
Dependability = Ability to deliver a trusted service
DependabilityDependability
ThreatsThreats AttributesAttributes
SurvivabilitySurvivability
IntegrityIntegrity
ConfidentialityConfidentiality
SafetySafety
MaintainabilityMaintainability
AvailabilityAvailability
ReliabilityReliability
FailuresFailures
ErrorsErrors
FaultsFaults
Dependability metrics for WSN
Average Packet Success Rate Average LatencyAverage System Life
Reliability AvailabilityAvailability, Maintainability
Note: Those values are averaged across all the nodes and over a period of time
AADL Dependability Analysis Tool Design
GUI Input
Power consumption
data
Link Quality data
Hardware failure data
Packet latency data
Topology Formation
Routing
Latency Analysis PSR AnalysisSystem Life Analysis
Time Series Data Analysis
DeploymentComponents Environment Radio Feature
AADL WSN Model Generation
Model InstantiationData Access
System to model and analyzeSensor Network
Base station
•Chip: ATmega128L•Radio: CC2420•Battery: 2AA-1800MAH•# of nodes: 8•Location of nodes: node1(0,10), node2(10,15)…..•Environment: humdity 85%…•MAC: 802.15.4•Routing: AODV•Application: data aggregation
AADL Model
Average PSR
0%
20%
40%
60%
80%
100%
0 20% 30% 40% 50% 60% 70%
Humidity
0.96
0.94
0.780.89
0.900.69
0.32
0.95
R(t) = 0.97
0.98
0.79
0.680.76
0.91
0.84 0.980.88
0.93
Hardware Data
Communication Link Data
Data driven Dependability Analysis
AADLArchitecture Design
Power consumption
data
Link PSR data
Dependability Analysis
Dependability MetricsPacket Success RateSystem Latency System Life
Hardwarefailure data
Packet latency data
Why Data driven?Low fidelity of wireless channel model
Huge Environment impact on link quality
and node reliability
Real data from
deployment
Time Varying Dependability Analysis
Time(days)
…
Time(days)
Node Reliability
Battery Level: B (t) =
1800mAh
100
100
200
200
1
Link Quality: retrieved from Link Data
R (t) = e -λt
λ: Failure rate for Node
tDCBtotal **−C: power consumption per dayD: duty cycle
Modeling a Sensornet
Power UnitBattery
Processing UnitCPU
Transceiver UnitRadio
Sensing UnitHardware
Physical Layer
MAC Layer
Network Layer
Transport Layer
Sensor Layer
Sensor Application Layer
Wireless Channel Sensor Channel
NETWORK STACKSENSOR STACK
AADL Constructs:
Software categoryProcessSubprogramDataThreadThread group
Platform categoryProcessorMemoryDeviceBus
CompositeSystem
Mapping
Layers: ThreadsWireless Channel: BusSensor Channel: BusProcessing Unit: ProcessorSensing Unit: Device
Transceiver Unit: DevicePower Unit: DeviceSensor Measurements: DataMessages Exchanged: Data,
Event Ports
AADL Model - Network
NetworkSets of NodesRouting policy:
Neighbor TableZigBee AODV routing policy
Radio ChannelChannel No.
Data SourceLink QualityHardware Reliability
system implementation WSN.NLAsubcomponents
NODE0: system NODE.NODE0;NODE1: system NODE.NODE1;NODE2: system NODE.NODE2;NODE3: system NODE.NODE3;NODE4: system NODE.NODE4;NODE5: system NODE.NODE5;NODE6: system NODE.NODE6;NODE7: system NODE.NODE7;
propertiesNetworkProp::network_channel => 13;NetworkProp::network_LinkData=>“\c\dev\psr1.txt”;
end WSN.NLA;
•Chip: ATmega128L•Radio: CC2420•Battery: 2AA-1800MAH•# of nodes: 8•Location of nodes: node1(0,10), node2(10,15)…..•Environment: humdity 85%…•MAC: 802.15.4•Routing: AODV•Application: data aggregation
AADL Model
AADL Model - NodeNode
Node Type: RFD, FFDLocation (x,y)Hardware Components
CPUMemory
EnvironmentsTemperature
Operating ProfilesDuty Cycle
Power Unit:Battery CapacityPower consumption
Radio ChannelTx Power level
system implementation NODE.NODE0properties--Location PropertiesNodeProp::node_id => 0;NodeProp::node_x => 0.0;NodeProp::node_y => 0.0;--Hardware Components PropertiesNodeProp::node_memory => 1000.0;NodeProp::node_cpu_speed => 1000.0;--Environments PropertiesNodeProp::op_temperature => 30.0;NodeProp::dormrant_temperature => 40.0;--Operating Profiles PropertiesNodeProp::humidity => 20.0;NodeProp::vibration_level => 0.0;NodeProp::case_ID => 0;--Battery PropertiesNodeProp::isBattery => 0; NodeProp::node_battery_energy => 2100.0; --Node state
NodeProp::node_time => 0.0;end NODE.NODE0;
Dependability Analysis: Mains-Powered
Method: Monte Carlo Simulation
Base station
Sensor Node 1
Step 1: Update Node reliability
Step 2: Decide whether Node is alive or not
Step 3: Update Link Quality
Step 4: AODV routing policy1
8
7
6
2
4
5
0.78
0.90 0.42
0.79
0.680.76
0.91
0.88
0.67
ZigBee routing policy
AODV Link Cost:
Reliability of node 1:
Latency of node 1:
402412 LLL ++
402412 RRR ∗∗
Dependability Analysis: Battery-Powered
Node battery life: Node can work properly until certain voltage levelOnly for RFD or end devices
18
7
6
23
4
5
0.96
0.94
0.890.95
0.97
0.98
0.910.84
0.999
17
6
24
5
0.78
0.90 0.420.680.76
0.91
0.881
76
24
5
0.78
0.90 0.42 0.680.76
0.91
0.88
18
7
6
24
53
9%
19%23% Base station
Mains Node 1
Battery Node 7
Results – System PSRAverage Packet Success Rate (PSR)
Channel has impact on reliability of WSN
Transmission power level also affects reliability
00.10.20.30.40.50.60.70.80.9
1
1 2 3 4 5 6 7 8 9 10
year
End-
to-E
nd R
elia
bilit
y
channel 13channel 17channel 21channel 25
0.65
0.7
0.75
0.8
0.85
0.9
0 -5 -10 -15
Tx Power Level(dBm)
End-
to-E
nd R
elia
bilit
y
Note: Average over 10 year
Results – System Life
System life:Measured by percentage of disconnected nodes
0
0.1
0.2
0.30.4
0.5
0.6
0.7
0.8
1 2 3 4 5 6 7 8 9 10
year
Perc
enta
ge o
f Dis
conn
ecte
d Nod
es
-40F30F85F At higher temperature, more
nodes are disconnected
0.182
0.183
0.184
0.185
0.186
0.187
0.188
13 17 21 25
Channel No.
Perc
enta
ge o
f Dis
conn
ecte
d no
des Channel affects the system
life also
Note: Average over 10 year
Lessons learnedAADL is the choice for modeling WSN architecture:
Flexibility in language extensions
OSATE plug-in support
Node or link level dependability ≠ WSN dependability
Needed more AADL support for WSN:
Represent large scale WSN topologies
Import empirical/experimental data into the system model
Represent time-variant properties
Represent node-level state machines
Proposed Publications
AADL tutorial for Embedded System Design magazineWSN modeling approach using AADL –ConferenceAADL for ZigBee – ZigBee conference
Issues for WSN Modeling
What features are not there for effectively modeling wireless sensor networks in the current version of AADL?
Effective and flexible means to represent large scale WSN topologiesto import empirical/experimental data into the system model to represent time-variant propertiesto represent node-level state machines
WSN Topology Specification
It is painful to specify each individual node location and link manually for a large scale WSNVarious ways to manage the issue
Fixed topologies – need means to read topology from filesTopologies with patterns – grids, uniformly random, …
Specify with patterns and parameters, such as Grid with grid size 10 meters, and have the plug-ins automatically generate the topologies
Specification of Links
Number of links exceeds that of nodes, therefore it is not realistic to have them entered manually for a system with > 100 nodesAutomatically generate links based on simple models with plug-ins
Given the node topologies, base the on/off of links on a circular model with random fluctuations
Gather link information with experiments, and then import the experimental data into the system
Specify Time-Variant Properties
Some properties are time-variant, e.g., RSSI and LQI, which cannot be specified with the syntax/semantics of the current version of AADLSpecify time-variant properties
Model based specificationImport empirical data from experiments
Specify Node-Level State Machines
State machines on each WSN node are necessary to describe system behavior, which is missing in the current version of AADL
For example, the communication sub-system of a single node may have states such as SENDING, RECEIVING, WAITING_FOR_ACK, …Need notions of state, transition, …
Two Patterns
Need to import data from separate filesNode locations, link qualities, …
Need various levels of details – for example: First level – Grid deployment with density of 1/100m^2Second level – Locations (0m, 0m), (10m, 0m), (20m, 0m), (0m, 10m) …Use plug-ins to automatically generate the second level model from the first level model