Table of contents

• 1. Preface 17
• 1.1 Introduction 17
• 1.2 History of HOOD 17
• 1.3 Structure of the book 18
• 1.4 About this book and other related materials 19
• 1.5 Acknowledgments 19

Part 1 : Industrial software design issues 21

• 2. Hierarchical and object oriented design issues 22
• 2.1 Design: breaking software into modules 22
• 2.2 Object orientation 23
• 2.3 Abstract state machines 23
• 2.4 Abstract data types 24
• 2.5 Aggregation 24
• 2.6 Classes and inheritance 24
• 2.7 Exceptions 25
• 2.8 Generics 26
• 2.9 Concurrency 26
• 2.10 The client-server model 27
• 2.11 Issues with distributed systems 28
• 3. Overview of HOOD 29
• 3.1 Objectives of industrial software design 29
• 3.2 The HOOD approach to design 30
• 3.2.1 The hierarchical approach 30
• 3.2.2 Balancing graphical and textual formalisms 31
• 3.2.3 Design quality control: HOOD rules 32
• 3.2.4 Supporting the method: HOOD tools 33
• 3.3 From analysis to design: scope of HOOD 34
• 3.4 HOOD compared to other methods 34
• 3.5 Summary 35
• 4. HOOD objects 36
• 4.1 Objects and modules 36
• 4.2 Description of objects 36
• 4.2.1 Synthetic view: the graphical description 37
• 4.2.2 Detailed view: the textual description 38
• 4.3 Design refinement: the "include" relationship 40
• 4.3.1 An example 41
• 4.3.2 Parent and child objects 41
• 4.4 Client-server and the "use" relationship 44
• 4.5 Uncles: Combining the "use" and "include" relationships 45
• 4.5.1 Uncles 45
• 4.5.2 Environment 47
• 4.6 Other design issues 48
• 4.6.1 Splitting operations: OP_Controls 48
• 4.6.2 Grouping operations: operation sets 49
• 4.6.3 Sequential or concurrent execution: active objects 50
• 4.7 Summary 50
• 5. Data modelling in HOOD 51
• 5.1 Data flows 51
• 5.2 HOOD types 52
• 5.3 Basic types 52
• 5.4 Abstract data types 53
• 5.4.1 Introduction 53
• 5.4.2 Data refinement: the structure view 54
• 5.4.3 Aggregation 55
• 5.5 Classes 56
• 5.5.1 Introduction 56
• 5.5.2 Inheritance 57
• 5.6 Example 58
• 5.7 Summary 59
• 6. Other HOOD features 60
• 6.1 Exceptions: designing for reliability 60
• 6.2 Generics: designing for reuse 61
• 6.2.1 Generic definition 61
• 6.2.2 Generic instantiation 62
• 6.3 Virtual nodes: designing with distribution 63
• 6.4 Summary 65
• 7. A design example 66
• 7.1 Introduction 66
• 7.2 General structure of the Electronic Mailing System 66
• 7.3 Structure of the GUI 68
• 7.4 Distribution 70
• 7.5 Comments on the design 70

Part 2 : Formalization 73

• 8. Formalization and refinement of the structural decomposition 74
• 8.1 "Include" relationship 74
• 8.2 Provided interface 75
• 8.3 Required interface 76
• 8.4 "Use" relationship 77
• 8.5 OP_Controls 78
• 8.6 Generics 78
• 8.6.1 Generic module 78
• 8.6.2 Generic instance 80
• 8.7 Practical tips 81
• 8.7.1 Provided interface 81
• 8.7.2 "Use" relationship 81
• 8.7.3 Environment or child object? 83
• 8.7.4 Starting active objects 83
• 8.7.5 Redundant systems 84
• 8.8 Summary 84
• 9. Formalization and refinement of functional aspects 85
• 9.1 Operations 85
• 9.1.1 Specification of operations 85
• 9.1.2 Implementation of operations 86
• 9.2 Operation sets 87
• 9.3 Exceptions 88
• 9.3.1 Server side 88
• 9.3.2 Client side 89
• 9.3.3 Internal exceptions 90
• 9.4 Practical tips 90
• 9.4.1 Naming conventions 90
• 9.4.2 Error managers 91
• 9.5 Summary 91
• 10. Formalization and refinement of data structures 92
• 10.1 Description of types 92
• 10.2 HADT and classes 93
• 10.2.1 Global and instance attributes and operations 93
• 10.2.2 Aggregation and inheritance formalization 94
• 10.2.3 Abstract classes 94
• 10.3 Constants, variables and parameters 95
• 10.3.1 Constants 95
• 10.3.2 Data 95
• 10.3.3 Data flows 95
• 10.4 Practical tips 96
• 10.4.1 Naming conventions 96
• 10.4.2 The "good" data 96
• 10.4.3 HADT or class? 97
• 10.4.4 Avoiding too many root classes: class libraries 97
• 10.4.5 Controlling instances: object factories 98
• 10.5 Summary 100
• 11. Formalization and refinement of behavioural aspects 101
• 11.1 Defining execution conditions: operation constraints 101
• 11.2 HOOD execution model 102
• 11.3 State constraints 103
• 11.4 Concurrency constraints 105
• 11.4.1 Mutual EXclusion Execution Request (MTEX) 106
• 11.4.2 Read Write Execution Request (RWER) 106
• 11.4.3 Read Only Execution Request (ROER) 106
• 11.5 Protocol constraints 106
• 11.5.1 Highly Synchronous Execution Request (HSER) 107
• 11.5.2 Loosely Synchronous Execution Request (LSER) 108
• 11.5.3 Asynchronous Execution Request (ASER) 109
• 11.5.4 Reporting Loosely Synchronous Execution Request (RLSER) 109
• 11.5.5 Reporting Asynchronous Execution Request (RASER) 109
• 11.6 Time-out constraint 110
• 11.7 Practical tips 111
• 11.7.1 State constraints 111
• 11.7.2 Consistency of protocol constraints 112
• 11.8 Summary 112
• 12. A model of the global project organization 113
• 12.1 The HOOD design tree 113
• 12.2 The global project picture 113
• 12.2.1 Object space 114
• 12.2.2 Generic space 114
• 12.2.3 Virtual node space 114
• 12.2.4 Physical node space 114
• 12.2.5 The global picture 115
• 12.3 System Configuration 115
• 12.4 Summary 116

Part 3 : The design process 117

• 13. The basic decomposition process 118
• 13.1 The iterative process 118
• 13.2 The refinement process 119
• 13.3 The basic design step 120
• 13.3.1 Understand the problem 120
• 13.3.2 Refinement lines 121
• 13.3.3 Design activities 122
• 13.3.4 Justification of the solution 123
• 13.3.5 Ordering of activities 123
• 13.4 A typical workout of the basic design step 124
• 13.4.1 Activity 1: problem definition 124
• 13.4.2 Activity 2: elaboration of an informal solution strategy 126
• 13.4.3 Activity 3: formalization of the strategy 127
• 13.4.4 Activity 4: formalization of the solution 129
• 13.4.5 Activity 5: analysis of the solution 130
• 13.5 Terminal implementation 131
• 13.6 Summary 131
• 14. Designing in the large 132
• 14.1 Prime contractor's activities 132
• 14.1.1 Activity 1: Define the logical architecture 132
• 14.1.2 Activity 2: Select reusable components 132
• 14.1.3 Activity 3: Decide the distribution strategy 132
• 14.1.4 Activity 4: Physical architecture 133
• 14.2 Initiating the design 133
• 14.3 Subcontracting 134
• 14.4 HOOD and development standards 136
• 14.5 Configuration management 136
• 14.6 Human factors and HOOD management 138
• 14.7 Summary 139
• 15. Design documentation 140
• 15.1 Why is documentation important? 140
• 15.2 Relations between documentation and design fragments 141
• 15.3 Generating standard documents 141
• 15.4 Trends in documentation 142
• 16. Design reviews 143
• 16.1 Authoring reviews and quality assurance 143
• 16.1.1 Author-readers cycles 143
• 16.1.2 Quality assurance 144
• 16.2 Preparing reviews 144
• 16.3 What to check in a HOOD design 145
• 16.3.1 Looking for the "good" design 145
• 16.3.2 Design evaluation process 146
• 16.3.3 Reviewing the tree structure 147
• 16.3.4 Reviewing ODSs 147

Part 4 : From design to code 149

• 17. Mapping HOOD to programming languages 150
• 17.1 Tool support issues 150
• 17.2 Principles of target language mapping 151
• 17.3 Ada mapping 154
• 17.3.1 Objects 154
• 17.3.2 "Implemented-by" relationship 154
• 17.3.3 HADT and Classes 155
• 17.3.4 Exceptions 155
• 17.3.5 Generics 155
• 17.3.6 Concurrency 155
• 17.3.7 Distribution 155
• 17.4 C and C++ mapping 156
• 17.4.1 Objects 156
• 17.4.2 "Implemented-by" relationship 156
• 17.4.3 HADT and Classes 156
• 17.4.4 Exceptions 156
• 17.4.5 Generics 156
• 17.4.6 Concurrency 157
• 17.4.7 Distribution 157
• 17.5 Other languages 157
• 17.6 Adjusting mapping rules: HOOD Pragmas 157
• 17.6.1 Target language 157
• 17.6.2 Mutex code generation control 158
• 17.6.3 Testing support 158
• 17.7 Summary 158
• 18. Hard real-time systems 159
• 18.1 Hard real-time specific issues 159
• 18.2 Additional features of HRT-HOOD 160
• 18.2.1 Sporadic, cyclic and protected objects 160
• 18.2.2 HRT rules 160
• 18.2.3 HRT execution model 161
• 18.2.4 Real-time attributes 162
• 18.3 HRT execution model theory 162
• 18.4 Tool support of HRT-HOOD 162
• 19. Preserving design investment: the HOOD "standard" 163
• 19.1 The HOOD Reference Manual 163
• 19.2 Formal definition of the ODS 163
• 19.3 Exchanging designs between tools: the Standard Interchange Format 164

Part 5 : A full design example 165

• 20. Starting the project 166
• 20.1 Requirements 166
• 20.2 Initiating the design 166
• 20.3 The first basic design step 167
• 20.3.1 Problem definition 167
• 20.3.2 Elaboration of an informal strategy 168
• 20.3.3 Formalization of the strategy 168
• 20.3.4 Formalization of the solution 170
• 20.3.5 Analysis of the solution 171
• 21. First level objects 172
• 21.1 The Mission_Manager 172
• 21.1.1 Problem definition 172
• 21.1.2 Elaboration of an informal strategy 172
• 21.1.3 Formalization of the strategy 173
• 21.1.4 Formalization of the solution 175
• 21.1.5 Analysis of the solution 175
• 21.2 The secured driver 175
• 21.3 Request controller 176
• 21.3.1 Problem definition 176
• 21.3.2 Elaboration of an informal strategy 176
• 21.3.3 Formalization of the strategy 176
• 21.3.4 Formalization of the solution 177
• 21.3.5 Analysis of the solution 177
• 21.4 Generic_Gate 177
• 21.4.1 Problem definition 177
• 21.4.2 Elaboration of an informal strategy 177
• 21.4.3 Formalization of the strategy 178
• 21.4.4 Formalization of the solution 179
• 21.4.5 Analysis of the solution 179
• 22. Other objects 180
• 22.1 Motors library 180
• 22.2 Lights_Controller and Pressure_Sensor 180
• 22.3 Protected counter and Flip_Flop 181
• 22.4 Gates instantiations 181
• 22.5 Hard_Configuration 181
• 22.6 System configuration 181

Annexes 183

• A. Abbreviations 184
• B. Summary of graphical notation 185
• C. Glossary 187
• D. References 190
• E. ODS of the water-lock system 192
• F. Index 219