Conclusion

The Data Modeling Toolchain, as evidenced in its use by both the AADL and the UML tracks in the ASSERT project, was hugely successful in solving the interworking between the ASSERT VM and the code generated by the modeling tools. By using ASN.1 definitions as the ``data contracts'', it succeeded in establishing the necessary guarantees that no information will ever get lost in the otherwise tedious and error-prone process of translating data (at runtime) between code generated by different modeling tools. It thus manages to completely eliminate a very troubling - and rather wide - category of errors that relate to the marshalling of data; and more importantly, it enforces this at DESIGN time, not at runtime.

Equally important is how this was accomplished: not in a rigid, black-box technology; the mapping backends allow anyone who spends the time to read the relevant appendixes, to be able to create any backend for his/her own modeling tool, irrespective of the specific details of the mapping. The architecture is thus completely flexible and expandable. Semantix is already working in tandem with ESA, in creating backends for additional modeling tools (beyond those supported in ASSERT).

Finally, the implementation did not just stop in simple "proof-only" examples; it became field tested, when it was applied in two multi-modeling tool scenarios, with the MA3S/PFS Pilot Project being the most prominent one. The resulting binaries were successfully downloaded and executed on the real embedded processors that ESA is using (LEON [16]), proving in a conclusive manner that ASSERT is not just a set of theoretical concepts; it's a real implementation of state of the art concepts, in the multi-modeling tool domain (for both monolithic and distributed platforms).