Étude de voies de signalisation en rapport avec la maladie de Crohn / Study of signaling pathways in relation with Crohn's disease

Mahfouz, Batoul

30 September 2016

La maladie de Crohn (MC) est une maladie inflammatoire chronique de l’intestin. Parmi les gènes associés à la MC, NOD2 est le plus fréquemment retrouvé chez les patients. Le premier but de ce travail était d’explorer le rôle de NOD2 dans la régulation des voies de signalisation et de déterminer l’impact des mutations associées à la MC et le syndrome de Blau (SB) sur ces voies. Nous avons étudié l’impact de deux mutations de NOD2, 1007fs et R334W, respectivement associées à la MC et au SB. La forme 1007fs est caractérisée par une perte de réponse au MDP ainsi qu’une augmentation exacerbée de la perméabilité paracellulaire (PP) en réponse à la carence nutritionnelle. Les cellules arborant la mutation R334W présentaient une activation basale de la voie p38 et NF-κB quasi inchangée par le MDP associée à une très faible sécrétion de cytokines pro-inflammatoires suggérant une perte de fonction de NOD2-R334W. La deuxième partie de cette thèse se focalise sur l’effet de l’imatinib (IMA), inhibiteur de tyrosine kinase, sur la PP, dans le but d’expliquer les effets bénéfiques observés chez les patients Crohn traités par l’IMA. Nous avons observé une réduction de l’augmentation de la PP induite par la carence nutritionnelle in vitro et ex vivo par l’IMA. Cet effet était spécifique à la PP induite par la carence et il ne semble pas associé à un effet inhibiteur de l’IMA sur le flux autophagique. Nous avons également montré une amélioration de la colite induite par le DSS des souris traitées avec l’IMA. Ces résultats expliquent en partie l’effet bénéfique de l’IMA observé chez les patients atteints de MC et encouragent à le proposer comme traitement pour cette maladie / Crohn's disease (CD) is an inflammatory bowel disease. Among the genes associated to CD, NOD2 is the most frequently mutated. It recognizes a component of the bacterial cell wall, muramyl dipeptide (MDP), and thus regulates several signaling pathways. The first aim of this study was to explore the role of NOD2 in the regulation of signaling pathways and to determine the impact of mutations associated with CD and Blau syndrome (BS) on these pathways. We studied the impact of two mutations in NOD2, 1007fs and R334W, respectively associated with CD and BS. We showed a loss of function of the 1007fs variant characterized by a loss of response to MDP for the activation of MAPK and NF-κB pathways and increased paracellular permeability (PP) in response to nutrient starvation (NS). Cells bearing the R334W mutation, exhibited a basal activation of p38 and NF-κB pathway unchanged by the MDP stimulation. This effect was correlated with a low secretion of proinflammatory cytokines by these cells also suggesting a loss of function of NOD2-R334W. The second part of this work focused on the effect of imatinib (IMA), a tyrosine kinase inhibitor, on the PP, in order to explain the beneficial effects observed in patients treated with IMA. We observed a reduction of the increase of the PP induced by NS in vitro and ex vivo by IMA. This effect was specific to PP induced by NS and was associated with an inhibitory role of IMA on the autophagic flux. We have also shown an improvement in the DSS induced-colitis in mice treated with IMA. These results partially explain the beneficial effect of IMA observed in CD patients and support it as a treatment for this disease

IMA

IMA

An architecture for identity management

Richardson, Brian Robert

06 July 2005

Personalization of on-line content by on-line businesses can improve a users experience and increase a businesss chance of making a sale, but with stricter privacy legislation and Internet users increasing concerns about privacy, businesses need to ensure they do not violate laws or frighten away potential customers. This thesis describes the design of the proposed Identity Management Architecture (IMA). The IMA system allows users to decide on a per business basis what personal information is provided, gives users greater access to their personal information held by on-line businesses, and does not rely on a trusted third-party for management of personal information. In order to demonstrate the design and functionality of the IMA system a prototype implementation has been built. This implementation consists of the IMA client application and an example participating business to demonstrate the features of the IMA client. To evaluate the design of the IMA system it was compared to three high profile identity management systems: Microsoft .NET Passport, Liberty Alliance Project, and Microsoft Infocards. Through this evaluation each tool was compared based on the access to personal information provided to users and on what areas of privacy legislation compliance are improved for a business that participates.

identity management

privacy

ima

An architecture for identity management

Richardson, Brian Robert

06 July 2005

Personalization of on-line content by on-line businesses can improve a users experience and increase a businesss chance of making a sale, but with stricter privacy legislation and Internet users increasing concerns about privacy, businesses need to ensure they do not violate laws or frighten away potential customers. This thesis describes the design of the proposed Identity Management Architecture (IMA). The IMA system allows users to decide on a per business basis what personal information is provided, gives users greater access to their personal information held by on-line businesses, and does not rely on a trusted third-party for management of personal information. In order to demonstrate the design and functionality of the IMA system a prototype implementation has been built. This implementation consists of the IMA client application and an example participating business to demonstrate the features of the IMA client. To evaluate the design of the IMA system it was compared to three high profile identity management systems: Microsoft .NET Passport, Liberty Alliance Project, and Microsoft Infocards. Through this evaluation each tool was compared based on the access to personal information provided to users and on what areas of privacy legislation compliance are improved for a business that participates.

identity management

privacy

ima

Female community leaders in Houston, Texas: a study of the education of Ima Hogg and Christia Daniels Adair

Black, Linda L.

15 May 2009

Houston, Texas, the fourth largest metropolitan area in the United States, has several structures named after historically male leaders of the city―George R. Brown Convention Center, Mickey Leland Federal Building, William P. Hobby Airport, and Jesse H. Jones Hall. However, Houston women have also had a history that included positions of leadership in the community. Not only were women instrumental in creating the city’s cultural institutions such as the Houston Symphony, Alley Theater, and Houston Public Library, but female community leaders were also responsible for social and political reforms including the integration of public facilities in Houston and the campaign for women’s suffrage. These women leaders have not been recognized, and there are no public buildings in Houston that bear the names of women. This study seeks, in part, to make known the achievements of two women―one white, one black―who played an integral part in the political and cultural fabric of twentieth century Houston. The purpose of this dissertation was to analyze the relationship between educational experience and community leadership in the lives of two female community leaders in Houston, Texas, Ima Hogg and Christia Daniels Adair. Utilizing published interviews, government records, and manuscript collections, I detail the beliefs and values taught and modeled by parents and reinforced by church, school, and community, as well as the knowledge and skills developed through organizational work and self-directed study. Upon initial observation, the lives of Ima Hogg and Christia Adair seemed quite different, separated by issues of race and class. However, by examining both the formal and informal educational experiences of these two women, common patterns or themes emerged. The themes were identified as service to community, expectations of success and leadership, a belief in the value of education and lifelong learning, and the development of leadership skills. The informal educational experience, in particular, proved to be especially significant in the development of leadership skills for these women and in their eventual roles as community leaders. Using these themes, this study analyzes the education of two female community leaders as a way of understanding the relationship between women’s education and women’s achievement.

female

leaders

houston

Texas

education

Christia

Adair

Ima

Hogg

Fault management via dynamic reconfiguration for integrated modular avionics

Hubbard, Peter D.

January 2015

The purpose of this research is to investigate fault management methodologies within Integrated Modular Avionics (IMA) systems, and develop techniques by which the use of dynamic reconfiguration can be implemented to restore higher levels of systems redundancy in the event of a systems fault. A proposed concept of dynamic configuration has been implemented on a test facility that allows controlled injection of common faults to a representative IMA system. This facility allows not only the observation of the response of the system management activities to manage the fault, but also analysis of real time data across the network to ensure distributed control activities are maintained. IMS technologies have evolved as a feasible direction for the next generation of avionic systems. Although federated systems are logical to design, certify and implement, they have some inherent limitations that are not cost beneficial to the customer over long life-cycles of complex systems, and hence the fundamental modular design, i.e. common processors running modular software functions, provides a flexibility in terms of configuration, implementation and upgradability that cannot be matched by well-established federated avionic system architectures. For example, rapid advances of computing technology means that dedicated hardware can become outmoded by component obsolescence which almost inevitably makes replacements unavailable during normal life-cycles of most avionic systems. To replace the obsolete part with a newer design involves a costly re-design and re-certification of any relevant or interacting functions with this unit. As such, aircraft are often known to go through expensive mid-life updates to upgrade all avionics systems. In contrast, a higher frequency of small capability upgrades would maximise the product performance, including cost of development and procurement, in constantly changing platform deployment environments. IMA is by no means a new concept and work has been carried out globally in order to mature the capability. There are even examples where this technology has been implemented as subsystems on service aircraft. However, IMA flexible configuration properties are yet to be exploited to their full extent; it is feasible that identification of faults or failures within the system would lead to the exploitation of these properties in order to dynamically reconfigure and maintain high levels of redundancy in the event of component failure. It is also conceivable to install redundant components such that an IMS can go through a process of graceful degradation, whereby the system accommodates a number of active failures, but can still maintain appropriate levels of reliability and service. This property extends the average maintenance-free operating period, ensuring that the platform has considerably less unscheduled down time and therefore increased availability. The content of this research work involved a number of key activities in order to investigate the feasibility of the issues outlined above. The first was the creation of a representative IMA system and the development of a systems management capability that performs the required configuration controls. The second aspect was the development of hardware test rig in order to facilitate a tangible demonstration of the IMA capability. A representative IMA was created using LabVIEW Embedded Tool Suit (ETS) real time operating system for minimal PC systems. Although this required further code written to perform IMS middleware functions and does not match up to the stringent air safety requirements, it provided a suitable test bed to demonstrate systems management capabilities. The overall IMA was demonstrated with a 100kg scale Maglev vehicle as a test subject. This platform provides a challenging real-time control problem, analogous to an aircraft flight control system, requiring the calculation of parallel control loops at a high sampling rate in order to maintain magnetic suspension. Although the dynamic properties of the test rig are not as complex as a modern aircraft, it has much less stringent operating requirements and therefore substantially less risk associated with failure to provide service. The main research contributions for the PhD are: 1. A solution for the dynamic reconfiguration problem for assigning required systems functions (namely a distributed, real-time control function with redundant processing channels) to available computing resources whilst protecting the functional concurrency and time critical needs of the control actions. 2. A systems management strategy that utilises the dynamic reconfiguration properties of an IMA System to restore high levels of redundancy in the presence of failures. The conclusion summarises the level of success of the implemented system in terms of an appropriate dynamic reconfiguration to the response of a fault signal. In addition, it highlights the issues with using an IMA to as a solution to operational goals of the target hardware, in terms of design and build complexity, overhead and resources.

629.135

AVALIAÇÃO DA ALBUMINA MODIFICADA PELA ISQUEMIA NA ANEMIA ASSOCIADA À DOENÇA RENAL CRÔNICA / EVALUATION OF ISCHEMIA-MODIFIED ALBUMIN IN ANEMIA ASSOCIATED TO CHRONIC KIDNEY DISEASE

Cichota, Luiz Carlos

19 December 2007

Chronic kidney disease (CKD) is highly prevalent, with increasing numbers of patients affected by the disease world-wide, and anemia is a common finding in patients with CKD. Anemia impacts negatively on cardiovascular disease, exercise capacity and quality of life, resulting in a significant mortality and morbidity. The aim of this study was to evaluate the levels of ischemia-modified albumin and lactate in patients with established anemia associated to CKD and its correlations with hemoglobin levels. Hematocrit, hemoglobin, iron, ferritin, albumin, creatinine, lactate and IMA were measured in 17 patients with established anemia associated to CKD and 19 controls by standard methods. The results of hematocrit, hemoglobin, iron and albumin were lower in anemia group than control group. Ferritin, creatinine and lactate levels were higher in anemia of CKD group than control group. IMA increases in anemia group (0.8115 ± 0.1304) ABSU compared to control (0.4951 ± 0.0393) ABSU. Significant correlations between IMA and lactate, IMA and hemoglobin, IMA and creatinine, and hemoglobin and lactate were observed. IMA and lactate increase during anemia and this elevation could be associated to hypoxia due to low hemoglobin levels. However, our data suggest that lactate is more sensitive to detect hypoxia in anemia compared to IMA. / A doença renal crônica (DRC) é altamente prevalente, com um aumento do número de pacientes no mundo inteiro, e a anemia é muito comum nestes pacientes. A anemia tem impacto negativo sobre a doença cardiovascular, capacidade de executar exercícios e a qualidade de vida, resultando numa significativa morbidade e mortalidade. O objetivo deste estudo foi avaliar os níveis de albumina modificada pela isquemia (IMA) e lactato em pacientes com anemia associada à DRC e sua correlação com os níveis de hemoglobina. Hematócrito, hemoglobina, ferro, ferritina, albumina, creatinina, lactato e IMA foram avaliados em 17 pacientes com anemia associada à DRC e em 19 pacientes do grupo controle, por métodos padronizados. Os resultados do hematócrito, hemoglobina, ferro e albumina foram menores no grupo de anêmicos do que no grupo controle. Ferritina, creatinina e lactato foram maiores no grupo de anêmicos do que no grupo controle. A IMA aumentou no grupo de anêmicos (0,8115 ± 0,1304) ABSU se comparado ao grupo controle (0,4951 ± 0,0393) ABSU. Foram observadas significativas correlações entre IMA e lactato, IMA e hemoglobina, IMA e creatinina e hemoglobina e lactato. A IMA e lactato aumentaram durante a anemia e esta elevação poderia ser associada com hipóxia devido aos baixos níveis de hemoglobina. Entretanto, nossos dados sugerem que o lactato possui maior sensibilidade na detecção da hipóxia na anemia, quando comparado com a IMA.

Albumina modificada pela isquemia (IMA)

Lactato

Hipóxia

Anemia

Ischemia-modified albumin (IMA)

Lactate

Hemoglobin

Hypoxia

Anemia

CNPQ::CIENCIAS BIOLOGICAS::FARMACOLOGIA

Allocation temporelle de systèmes avioniques modulaires embarqués / Temporal allocation in distributed modular avionics systems

Badache, Nesrine

27 May 2016

L'évolution des architectures des systèmes embarqués temps réel vers des architectures modulaires a permis d'introduire plus de fonctionnalités grâce à l'utilisation de calculateurs répartis et d'interfaces de communication et de service standardisés. Nous nous intéressons dans cette thèse à l'architecture avionique modulaire (IMA) des standards ARINC 653 et ARINC 664 partie 7. Cette évolution a introduit de nouveaux défis de conception relatifs, entre autres, au respect des contraintes temporelles applicatives nécessaires au bon fonctionnement du système. La conception d'un système modulaire est un problème d'intégration sous contraintes, qui regroupe plusieurs problèmes difficiles (dimensionnement, allocation de ressource spatiales et temporelles). Ces difficultés requièrent la mise en place d'outils d'aide à l'intégration qui passent à l'échelle. C'est dans ce cadre-là que ces travaux de thèse ont été menés. Nous nous intéressons principalement à l'allocation des ressources temporelles du système. Plus particulièrement, nous déterminons les périodes d'exécution des fonctions embarquées distribuées qui garantissent les contraintes temporelles applicatives et qui offrent un degré d'évolutivité du système élevé, étant donné une répartition des fonctions sur les calculateurs. Notre démarche prend en compte la variabilité temporelle (bornée) du réseau de communication La première contribution de cette thèse est la formulation du problème d'intégration d'un système modulaire IMA en un problème d'optimisation multi-critère à contraintes temporelles. Pour une distribution des fonctions avioniques aux calculateurs, la périodicité des partitions IMA est recherchée de façon à garantir la fraîcheur et la non-perte des données transmises. Parmi toutes les allocations temporelles vérifiant les contraintes temporelles, nous réalisons une recherche multi-critères qui optimise à la fois un critère de charge des calculateurs et de marge temporelle dans le réseau. Ces deux critères facilitent les évolutions futures de l’architecture. La seconde contribution de cette thèse est la proposition de deux heuristiques de recherche multi-critère adaptées à notre problème. Il faut noter que le nombre d'allocations temporelles valides grandit exponentiellement avec le nombre de modules et de partitions hébergées par module. Nous proposons deux algorithmes d'optimisation multi-critères : (i) EXHAUST, un algorithme optimal de recherche exhaustive, (ii) TABOU un algorithme semi-optimal basé sur une métaheuristique Tabou. Pour les deux algorithmes, la cardinalité du problème est réduite par une phase d'optimisation locale à chaque module, rendue possible par la linéarité des deux métriques choisies. Cette première étape d'optimisation locale permet de résoudre à l'optimal le problème d'allocation avec EXHAUST pour un système IMA de taille moyenne. Nous montrons que pour des systèmes de grande taille, l'algorithme TABOU est un très bon candidat car il extrait des solutions satisfaisantes en un temps raisonnable, tout en testant un nombre limité d'allocations valides. Ces deux heuristiques sont appliquées à un système IMA. L'analyse des solutions obtenues nous permet de mettre en exergue la qualité des solutions Pareto-optimales obtenues par les deux algorithmes. Elles présentent les caractéristiques recherchées d'évolutivité de la charge des calculateurs et de la marge réseau. Notre dernière contribution réside dans une analyse fine de ces solutions. L'analyse met en avant différentes classes de solutions Pareto-optimales avec différent compromis entre la charge et la marge réseau. La connaissance de ces classes de solutions permet à l'intégrateur de choisir une solution lui fournissant le compromis qu'il recherche entre les critères de charge et de marge réseau. / The evolution of real-time embedded systems architectures to modular architectures has introduced more functionality through the use of distributed computers and communication interfaces and standardized service. We focus in this thesis on Integrated modular avionics architectures (IMA) standardized in ARINC 653 and ARINC 664 standard Part 7. This development has introduced new design challenges, among others, as respect for application timing constraints mandatory for the proper functioning of systems. The design of a modular system is an integration problem under constraints which features some difficult issues (design, spatial and temporal resource allocation). These difficulties require implementation of tools for integration that go to scale. It is, in this context, that the thesis work was conducted. We are interested primarily to the allocation of time resources of the system. In particular, we determine the execution time of distributed embedded functions that guarantee the application time constraints and offer a high degree of scalability of the system, given a distribution of functions on computers. Our approach takes into account the temporal variability (bounded variability) of the communication network. The first contribution of this thesis is the formulation of the problem of integration of an IMA system in a multi-criteria optimization problem with time constraints. For a distribution of avionics functions on computers, execution periods of IMA partitions are sought in order to ensure freshness and non-loss of transmitted data. Among all temporary allocations satisfying the time constraints, we perform a multi-criteria search that optimizes both load test calculators and time buffer in the network. These two criteria facilitate the future development of architecture. The second contribution of this thesis is the proposal of two multi-criteria search heuristics adapted to our problem. Note that the number of valid temporary allocations grows exponentially with the number of modules and partitions hosted on them. We offer two multi-criteria optimization algorithms: (i) EXHAUST, optimal exhaustive search algorithm, (ii) TABOO a semi-optimal algorithm based on a metaheuristic Tabu. For both algorithms, the cardinality of the problem is reduced by a local optimization phase for each module, made possible by the linearity of the two selected metric. This first local optimization step solves the problem of optimal allocation with EXHAUST for IMA system of medium size. We show that for large systems, the TABOO algorithm is a very good candidate because it extracts satisfactory solutions in a reasonable time while testing a limited number of valid allocations. These two heuristics are applied to an IMA system example. The analysis of the solutions obtained allows us to highlight the quality of Pareto-optimal solutions obtained by both algorithms. They have the characteristics sought scalability of the load of the computers and network margin. Our latest contribution lies in a detailed analysis of these solutions. The analysis highlights different classes of Pareto Optimal solutions with different compromise between the load of the system and the network margin. The knowledge of these solutions allows the system Integrator to choose a solution among solution classes that offer the compromise between the search criteria and network load margin.

Contraintes de bout-en-bout

Tabou

Allocation temporelle

IMA

Optimisation multiobjectif

End-to-end constraints

Tabu

Temporal allocation

IMA

Multiobjective obptimization

Hardening High-Assurance Security Systems with Trusted Computing

Ozga, Wojciech

12 August 2022

We are living in the time of the digital revolution in which the world we know changes beyond recognition every decade. The positive aspect is that these changes also drive the progress in quality and availability of digital assets crucial for our societies. To name a few examples, these are broadly available communication channels allowing quick exchange of knowledge over long distances, systems controlling automatic share and distribution of renewable energy in international power grid networks, easily accessible applications for early disease detection enabling self-examination without burdening the health service, or governmental systems assisting citizens to settle official matters without leaving their homes. Unfortunately, however, digitalization also opens opportunities for malicious actors to threaten our societies if they gain control over these assets after successfully exploiting vulnerabilities in the complex computing systems building them. Protecting these systems, which are called high-assurance security systems, is therefore of utmost importance. For decades, humanity has struggled to find methods to protect high-assurance security systems. The advancements in the computing systems security domain led to the popularization of hardware-assisted security techniques, nowadays available in commodity computers, that opened perspectives for building more sophisticated defense mechanisms at lower costs. However, none of these techniques is a silver bullet. Each one targets particular use cases, suffers from limitations, and is vulnerable to specific attacks. I argue that some of these techniques are synergistic and help overcome limitations and mitigate specific attacks when used together. My reasoning is supported by regulations that legally bind high-assurance security systems' owners to provide strong security guarantees. These requirements can be fulfilled with the help of diverse technologies that have been standardized in the last years. In this thesis, I introduce new techniques for hardening high-assurance security systems that execute in remote execution environments, such as public and hybrid clouds. I implemented these techniques as part of a framework that provides technical assurance that high-assurance security systems execute in a specific data center, on top of a trustworthy operating system, in a virtual machine controlled by a trustworthy hypervisor or in strong isolation from other software. I demonstrated the practicality of my approach by leveraging the framework to harden real-world applications, such as machine learning applications in the eHealth domain. The evaluation shows that the framework is practical. It induces low performance overhead (<6%), supports software updates, requires no changes to the legacy application's source code, and can be tailored to individual trust boundaries with the help of security policies. The framework consists of a decentralized monitoring system that offers better scalability than traditional centralized monitoring systems. Each monitored machine runs a piece of code that verifies that the machine's integrity and geolocation conform to the given security policy. This piece of code, which serves as a trusted anchor on that machine, executes inside the trusted execution environment, i.e., Intel SGX, to protect itself from the untrusted host, and uses trusted computing techniques, such as trusted platform module, secure boot, and integrity measurement architecture, to attest to the load-time and runtime integrity of the surrounding operating system running on a bare metal machine or inside a virtual machine. The trusted anchor implements my novel, formally proven protocol, enabling detection of the TPM cuckoo attack. The framework also implements a key distribution protocol that, depending on the individual security requirements, shares cryptographic keys only with high-assurance security systems executing in the predefined security settings, i.e., inside the trusted execution environments or inside the integrity-enforced operating system. Such an approach is particularly appealing in the context of machine learning systems where some algorithms, like the machine learning model training, require temporal access to large computing power. These algorithms can execute inside a dedicated, trusted data center at higher performance because they are not limited by security features required in the shared execution environment. The evaluation of the framework showed that training of a machine learning model using real-world datasets achieved 0.96x native performance execution on the GPU and a speedup of up to 1560x compared to the state-of-the-art SGX-based system. Finally, I tackled the problem of software updates, which makes the operating system's integrity monitoring unreliable due to false positives, i.e., software updates move the updated system to an unknown (untrusted) state that is reported as an integrity violation. I solved this problem by introducing a proxy to a software repository that sanitizes software packages so that they can be safely installed. The sanitization consists of predicting and certifying the future (after the specific updates are installed) operating system's state. The evaluation of this approach showed that it supports 99.76% of the packages available in Alpine Linux main and community repositories. The framework proposed in this thesis is a step forward in verifying and enforcing that high-assurance security systems execute in an environment compliant with regulations. I anticipate that the framework might be further integrated with industry-standard security information and event management tools as well as other security monitoring mechanisms to provide a comprehensive solution hardening high-assurance security systems.

info:eu-repo/classification/ddc/004

ddc:004

Modélisation compositionnelle d'architectures globalement asynchrones - localement synchrones (GALS) dans un modèle de calcul polychrone

Ma, Yue

29 November 2010

AADL est dédié à la conception de haut niveau et l'évaluation de systèmes embarqués. Il permet de décrire la structure d'un système et ses aspects fonctionnels par une approche à base de composants. Des processus localement synchrones sont alloués sur une architecture distribuée et communiquent de manière globalement asynchrone (système GALS). Une spécificité du modèle polychrone est qu'il permet de spécifier un système dont les composants peuvent avoir leur propre horloge d'activation : il est bien adapté à une méthodologie de conception GALS. Dans ce cadre, l'atelier Polychrony fournit des modèles et des méthodes pour la modélisation, la transformation et la validation de systèmes embarqués. Cette thèse propose une méthodologie pour la modélisation et la validation de systèmes embarqués spécifiés en AADL via le langage synchrone multi-horloge Signal. Cette méthodologie comprend la modélisation de niveau système en AADL, des transformations automatiques du modèle AADL vers le modèle polychrone, la distribution de code, la vérification formelle et la simulation du modèle polychrone. Notre transformation prend en compte l'architecture du système, décrite dans un cadre IMA, et les aspects fonctionnels, les composants logiciels pouvant être mis en œuvre en Signal. Les composants AADL sont modélisés dans le modèle polychrone en utilisant une bibliothèque de services ARINC. L'annexe comportementale d'AADL est interprétée dans ce modèle via SSA. La génération de code distribué est obtenue avec Polychrony. La vérification formelle et la simulation sont effectuées sur deux études de cas qui illustrent notre méthodologie pour la conception fiable des applications AADL.

AADL

Signal

GALS

IMA

ARINC

modèle polychrone

modèle synchrone

simulation

vérification

Distribution d'une architecture modulaire intégrée dans un contexte hélicoptère

Bérard-Deroche, Émilie

12 December 2017

Les architectures modulaires intégrées (IMA) sont une évolution majeure de l'architecture des systèmes avioniques. Elles permettent à plusieurs systèmes de se partager des ressources matérielles sans interférer dans leur fonctionnement grâce à un partitionnement spatial (zones mémoires prédéfinies) et temporel (ordonnancement statique) dans les processeurs ainsi qu'une réservation des ressources sur les réseaux empruntés. Ces allocations statiques permettent de vérifier le déterminisme général des différents systèmes: chaque système doit respecter des exigences de bout-en-bout dans une architecture asynchrone. Une étude pire cas permet d'évaluer les situations amenant aux limites du système et de vérifier que les exigences de bouten- bout sont satisfaites dans tous les cas. Les architectures IMA utilisés dans les avions centralisent physiquement des modules de calcul puissants dans des baies avioniques. Dans le cadre d'une étude de cas hélicoptère, ces baies ne sont pas envisageables pour des raisons d'encombrement: des processeurs moins puissants, utilisés à plus de 80%, composent ces architectures. Pour ajouter de nouvelles fonctionnalités ainsi que de nouveaux équipements, le souhait est de distribuer la puissance de traitement sur un plus grand nombre de processeurs dans le cadre d'une architecture globale asynchrone. Deux problématiques fortes ont été mises en avant tout au long de cette thèse. La première est la répartition des fonctions avioniques associée à une contrainte d'ordonnancement hors-ligne sur les différents processeurs. La deuxième est la satisfaction des exigences de communication de bout-en-bout, dépendantes de l'allocation et l'ordonnancement des fonctions ainsi que des latences de communication sur les réseaux. La contribution majeure de cette thèse est la recherche d'un compromis entre la distribution des architectures IMA sur un plus grand nombre de processeurs et la satisfaction des exigences de communication de bout-en-bout. Nous répondons à cet enjeu de la manière suivante: - Nous formalisons dans un premier temps un modèle de partitions communicantes tenant en compte des contraintes d'allocation et d'ordonnancement des partitions d'une part et des contraintes de communication de bout-en-bout entre partitions d'autre part. - Nous présentons dans un deuxième temps une recherche exhaustive des architectures valides. Nous proposons l'allocation successive des fonctions avioniques en considérant au même niveau la problématique d'ordonnancement et la satisfaction des exigences de bout-en-bout avec des latences de communication figées. Cette méthode itérative permet de construire des allocations de partitions partiellement valides. La construction des ordonnancements dans chacun des processeurs est cependant une démarche coûteuse dans le cadre d'une recherche exhaustive. - Nous avons conçu dans un troisième temps une heuristique gloutonne pour réduire l'espace de recherche associé aux ordonnancements. Elle permet de répondre aux enjeux de distribution d'une architecture IMA dans un contexte hélicoptère. - Nous nous intéressons dans un quatrième temps à l'impact des latences de communication de bout-en-bout sur des architectures distribuées données. Nous proposons pour celles-ci les choix de réseaux basés sur les latences de communication admissibles entre les différentes fonctions avioniques. Les méthodes que nous proposons répondent au besoin industriel de l'étude de cas hélicoptère, ainsi qu'à celui de systèmes de plus grande taille.

Architecture avionique

Systèmes temps-réel embarqués

IMA distribuée

Ordonnancement multiprocesseur

Exigence de bout-en-bout

Asynchronisme