![Page 1: 1 Air Traffic Control Case Study CSSE 377 Software Architecture and Design 2 Steve Chenoweth, Rose-Hulman Institute Tuesday, October 5, 2010](https://reader036.vdocuments.us/reader036/viewer/2022062301/56649ebc5503460f94bc5127/html5/thumbnails/1.jpg)
1
Air Traffic Control Case Study
CSSE 377 Software Architecture and Design 2Steve Chenoweth, Rose-Hulman InstituteTuesday, October 5, 2010
![Page 2: 1 Air Traffic Control Case Study CSSE 377 Software Architecture and Design 2 Steve Chenoweth, Rose-Hulman Institute Tuesday, October 5, 2010](https://reader036.vdocuments.us/reader036/viewer/2022062301/56649ebc5503460f94bc5127/html5/thumbnails/2.jpg)
2
Today
Variety! Possible special guest – Tyler Gonnsen, X by 2 Air Traffic Control – this
• We’ll spend a bit of the hour on it
Leave time for finishing Project 3 if needed Thursday –
Special guest, Matt Ellis, Microsoft Intro to Testability (as time allows)
![Page 3: 1 Air Traffic Control Case Study CSSE 377 Software Architecture and Design 2 Steve Chenoweth, Rose-Hulman Institute Tuesday, October 5, 2010](https://reader036.vdocuments.us/reader036/viewer/2022062301/56649ebc5503460f94bc5127/html5/thumbnails/3.jpg)
3
Acknowledgements
Some of the material in these slides is taken from Software Architecture in Practice, 2nd edition by Bass, Clements and Kazman.
Lecture created by Mark Ardis
![Page 4: 1 Air Traffic Control Case Study CSSE 377 Software Architecture and Design 2 Steve Chenoweth, Rose-Hulman Institute Tuesday, October 5, 2010](https://reader036.vdocuments.us/reader036/viewer/2022062301/56649ebc5503460f94bc5127/html5/thumbnails/4.jpg)
4
Outline
Air Traffic Control Overview Advanced Automation System (AAS) Initial Sector Suite System (ISSS) Architectural Views
![Page 5: 1 Air Traffic Control Case Study CSSE 377 Software Architecture and Design 2 Steve Chenoweth, Rose-Hulman Institute Tuesday, October 5, 2010](https://reader036.vdocuments.us/reader036/viewer/2022062301/56649ebc5503460f94bc5127/html5/thumbnails/5.jpg)
5
Air Traffic Control
Ground control movement on ground,
taxiing Tower control
takeoff/landing Terminal control
near airport En Route Center
regional
Image from travel.howstuffworks.com/air-traffic-control2.htm .
![Page 6: 1 Air Traffic Control Case Study CSSE 377 Software Architecture and Design 2 Steve Chenoweth, Rose-Hulman Institute Tuesday, October 5, 2010](https://reader036.vdocuments.us/reader036/viewer/2022062301/56649ebc5503460f94bc5127/html5/thumbnails/6.jpg)
6
Cartoon of the Day
![Page 7: 1 Air Traffic Control Case Study CSSE 377 Software Architecture and Design 2 Steve Chenoweth, Rose-Hulman Institute Tuesday, October 5, 2010](https://reader036.vdocuments.us/reader036/viewer/2022062301/56649ebc5503460f94bc5127/html5/thumbnails/7.jpg)
7
Advanced Automation System (AAS)
New version of all control systemsground control, tower control, terminal
control, en route centers Ultimately proved too ambitious Architecture and code kept for new
system, included parts of ISSSInvolved procurement from many
sources
Q 1
![Page 8: 1 Air Traffic Control Case Study CSSE 377 Software Architecture and Design 2 Steve Chenoweth, Rose-Hulman Institute Tuesday, October 5, 2010](https://reader036.vdocuments.us/reader036/viewer/2022062301/56649ebc5503460f94bc5127/html5/thumbnails/8.jpg)
8
Initial Sector Suite System (ISSS) Acquire radar reports Convert radar reports for display Handle conflict alerts Provide network management Recording capability for later playback GUI with special safety requirements Provide reduced backup capability
(p. 135, slide 11)
Q 2
![Page 9: 1 Air Traffic Control Case Study CSSE 377 Software Architecture and Design 2 Steve Chenoweth, Rose-Hulman Institute Tuesday, October 5, 2010](https://reader036.vdocuments.us/reader036/viewer/2022062301/56649ebc5503460f94bc5127/html5/thumbnails/9.jpg)
9
Requirements
Availability - ultrahigh: no more than 5 minutes downtime per year
Performance - high: up to 2440 active aircraft without losing them
Other qualities: Openness Subsets Ease of modification Many interfaces
![Page 10: 1 Air Traffic Control Case Study CSSE 377 Software Architecture and Design 2 Steve Chenoweth, Rose-Hulman Institute Tuesday, October 5, 2010](https://reader036.vdocuments.us/reader036/viewer/2022062301/56649ebc5503460f94bc5127/html5/thumbnails/10.jpg)
10
Physical View (1/2)
2 Host Computer Systems (HCS) at each en route centerone as hot standby
Common Consoles Local Communication Network (LCN)
4 parallel token-ring networks, one is spare
LCN Interface Units (LIU)
Q 3
![Page 11: 1 Air Traffic Control Case Study CSSE 377 Software Architecture and Design 2 Steve Chenoweth, Rose-Hulman Institute Tuesday, October 5, 2010](https://reader036.vdocuments.us/reader036/viewer/2022062301/56649ebc5503460f94bc5127/html5/thumbnails/11.jpg)
11
Physical View (2/2)
Enhanced Direct Access Radar Channel (EDARC)
Backup Communications Network (BCN)Ethernet using TCP/IP
Monitor-and-Control (M&C) consoles Test and Training - add new HW/SW
Q 2 - addendum
![Page 12: 1 Air Traffic Control Case Study CSSE 377 Software Architecture and Design 2 Steve Chenoweth, Rose-Hulman Institute Tuesday, October 5, 2010](https://reader036.vdocuments.us/reader036/viewer/2022062301/56649ebc5503460f94bc5127/html5/thumbnails/12.jpg)
12
Module Decomposition View
5 main modules1. Display management
2. Common system services
3. Recording, analysis and playback
4. National Airspace System Modification system
5. IBM AIX operating system
Q 4
![Page 13: 1 Air Traffic Control Case Study CSSE 377 Software Architecture and Design 2 Steve Chenoweth, Rose-Hulman Institute Tuesday, October 5, 2010](https://reader036.vdocuments.us/reader036/viewer/2022062301/56649ebc5503460f94bc5127/html5/thumbnails/13.jpg)
13
Process View
Functional Group - simple process Operational Unit - fault tolerant Primary Address Space (PAS) –
active Standby Address Space (SAS)
look for timeoutstake over as PAS as needed
(complicated algorithm)
Q 5
![Page 14: 1 Air Traffic Control Case Study CSSE 377 Software Architecture and Design 2 Steve Chenoweth, Rose-Hulman Institute Tuesday, October 5, 2010](https://reader036.vdocuments.us/reader036/viewer/2022062301/56649ebc5503460f94bc5127/html5/thumbnails/14.jpg)
14
Client-Server View
PAS communicates with client/server PAS updates states of standby units
(SAS’s)
![Page 15: 1 Air Traffic Control Case Study CSSE 377 Software Architecture and Design 2 Steve Chenoweth, Rose-Hulman Institute Tuesday, October 5, 2010](https://reader036.vdocuments.us/reader036/viewer/2022062301/56649ebc5503460f94bc5127/html5/thumbnails/15.jpg)
15
Another Cartoon of the Day!
![Page 16: 1 Air Traffic Control Case Study CSSE 377 Software Architecture and Design 2 Steve Chenoweth, Rose-Hulman Institute Tuesday, October 5, 2010](https://reader036.vdocuments.us/reader036/viewer/2022062301/56649ebc5503460f94bc5127/html5/thumbnails/16.jpg)
16
Layered View
AIX does not have all services needed for fault tolerance
Kernel extensions run within AIX kernel's address spacewritten in Csmall, trusted
Rest written in Ada
Q 6
![Page 17: 1 Air Traffic Control Case Study CSSE 377 Software Architecture and Design 2 Steve Chenoweth, Rose-Hulman Institute Tuesday, October 5, 2010](https://reader036.vdocuments.us/reader036/viewer/2022062301/56649ebc5503460f94bc5127/html5/thumbnails/17.jpg)
17
Fault Tolerance View
Describes recovery from errors due to cross-application interaction
Each level:detects errors in self, peers and lowerhandles exceptions from lowerdiagnoses, recovers, reports or raises
exceptionsstandard tactics are used
![Page 18: 1 Air Traffic Control Case Study CSSE 377 Software Architecture and Design 2 Steve Chenoweth, Rose-Hulman Institute Tuesday, October 5, 2010](https://reader036.vdocuments.us/reader036/viewer/2022062301/56649ebc5503460f94bc5127/html5/thumbnails/18.jpg)
18
Adaptation Data
To achieve Modifiability Configuration files
site-specific changes"presets" for development and
deployment changescomplicates codecomplicates testing
![Page 19: 1 Air Traffic Control Case Study CSSE 377 Software Architecture and Design 2 Steve Chenoweth, Rose-Hulman Institute Tuesday, October 5, 2010](https://reader036.vdocuments.us/reader036/viewer/2022062301/56649ebc5503460f94bc5127/html5/thumbnails/19.jpg)
19
Code Templates
Standard event-handler template for every application
Complicated fault tolerance algorithms encoded in templates
All applications share commonalities
Q 7
![Page 20: 1 Air Traffic Control Case Study CSSE 377 Software Architecture and Design 2 Steve Chenoweth, Rose-Hulman Institute Tuesday, October 5, 2010](https://reader036.vdocuments.us/reader036/viewer/2022062301/56649ebc5503460f94bc5127/html5/thumbnails/20.jpg)
20
How it really turned out…
In just a few short years the FAA went from visions of glory to dunning their contractors –
”Nov 30, 1992: FAA gave a “cure notice” to IBM concerning its development of the Initial Sector Suite System (ISSS), a part of the Advanced Automation System (AAS). The agency stated that unless the company provided a plan to remedy deficiencies within 10 calendar days, the government would withhold progress payments under the contract. Earlier in November, IBM had stated that, because of software difficulties and other problems, the ISSS would not be ready for FAA acceptance until Sep 1994, thus adding another 14 months to an already delayed timetable. Following the cure notice, IBM submitted to FAA an initial and later a final cure plan. FAA’s own steps to remedy the situation included changes in the project’s management structure and an Apr 1 ban on further changes in user requirements for the ISSS. (See Oct 1, 1991, and Dec 13, 1993.)“
More, at http://gettheflick.blogspot.com/2007/11/faa-history-lesson-november-30.html.