Mouse Droid

Mouse Droid

Introduction mouse-droid Comment C0001

The mouse droid is a repair droid. When a mission is programmed, it autonomously drives to the destination location, selects spare parts and tools and exchanges damaged parts.
It is easily reprogrammable and can therefore also be used for
- cleaning tasks
- spying and surveillance tasks
- message delivery

Mouse Droid

Scope Comment C0141

This document describes system and software architecture for engineering generation 5 of the mouse droid, denoted by the term MoD5G.

Mouse Droid

MoD5G mouse-droid Image C0173

Requirements and Goals, Requirements and Goals, Scope and Context, Deployment View

Mouse Droid MoD5G mouse-droid Component C0004

The Mouse Droid (MoD5G) is a repair droid that can be instructed to perform a mission and which then autonomously selects tactics to achieve the mission goals.

Requirements and Goals

Commander Actor C0005

The commander instructs the MoD5G on the mission to perform.

Requirements and Goals

Perform a 1-day mission goal UseCase C0006

The mouse droid is able to perform a mission that takes several hours. The energy resources of the MoD5G last for one terrestrial day.

- The commander programs a mission
- The mouse droid drives to the first location
- The mouse droid uses tools to remove a defective part
- The mouse droid installs a spare part
- Above steps are repeated for further mission objectives
- The mouse droid returns to its base location (see Glossary)

Requirements and Goals, L1 Requirements View, Requirements and Goals

Drive to location goal UseCase C0007

The mouse droid can explore its environment and calculate a route from its actual position to the target location.

- The mouse droid explores its environment
- The mouse droid enriches an internally memorized map
- The mouse droid calculates a route
- The mouse droid drives along the calculated route
- The mouse droid re-caclulates the route in case of new environment data
- The mouse droid reaches the target location

Requirements and Goals, L1 Requirements View, Requirements and Goals

Repair using tools goal UseCase C0008

The mouse droid has a couple of tools inside its chassis.

- The mouse droid uses a screw diver to untighten damaged parts
- The mouse droid uses a gripper to move the damaged part out of the way
- The mouse droid uses a gripper to put a spare part from its internal cargo bin to the target place
- The mouse droid uses a screw diver to tighten replaced parts
- The mouse droid uses a gripper to move the damaged part into its internal cargo bin.
(see L2 Mechanics)

L1 Requirements View, Requirements and Goals

Return to base location goal UseCase C0177

The MoD5G returns to its base location.
Note: Base location is defined at Glossary.

Requirements and Goals, L1 Requirements View, Requirements and Goals

Drive to location goal UseCase C0007

The mouse droid can explore its environment and calculate a route from its actual position to the target location.

- The mouse droid explores its environment
- The mouse droid enriches an internally memorized map
- The mouse droid calculates a route
- The mouse droid drives along the calculated route
- The mouse droid re-caclulates the route in case of new environment data
- The mouse droid reaches the target location

Requirements and Goals, L1 Requirements View, Requirements and Goals

Repair using tools goal UseCase C0008

The mouse droid has a couple of tools inside its chassis.

- The mouse droid uses a screw diver to untighten damaged parts
- The mouse droid uses a gripper to move the damaged part out of the way
- The mouse droid uses a gripper to put a spare part from its internal cargo bin to the target place
- The mouse droid uses a screw diver to tighten replaced parts
- The mouse droid uses a gripper to move the damaged part into its internal cargo bin.
(see L2 Mechanics)

L1 Requirements View, L3 Requirements

L1Req: Recognize paths env-perception Requirement C0149

The MoDG5 shall use redundant sensor data to calculate paths that it can drive along.

L1 Requirements View, L3 Requirements

L1Req: Position screw driver Requirement C0150

The MoDG5 shall bring the screw driver into a given 3D position.

L1 Requirements View, Requirements and Goals

Return to base location goal UseCase C0177

The MoD5G returns to its base location.
Note: Base location is defined at Glossary.

Constraints

Operating Temperatures environment Requirement C0003

The droid shall be functional in the range 240K..360K, it shall survive temperatures from 150K to 400K.

Constraints, Architecture Decisions

Cosmic Rays environment Requirement C0002

The droid shall ensure data and program integrity.
It shall continue operation after cosmic rays have interfered with data storage or program execution.
Corrupted data must not be stored permanently.

Constraints

Environmental Constraints environment Package C0144

This package lists technical/physical constraints imposed by the environment in which to operate.

Scope and Context

Development and Production Context Component C0088

This boundary encompasses the topics that are in scope during development and production.

Scope and Context

Operational Context Component C0089

This boundary encompasses the topics that are in scope during operation and maintenance.

Scope and Context

Build Droids factory UseCase C0090

At the factory, workers assemble hardware and electronic parts to mouse droids and integrate control logic and data.

Scope and Context

Develop Software SW UseCase C0091

A team of engineers designs, produces and tests the control logic and factory data of the droids.

Scope and Context

Operate Droid usage UseCase C0092

An operator/commander instructs the mouse droid which mission to perform. The logic of the mouse droid translates this mission into driving maneuvers and actions of the integrated tools.

Scope and Context

Repair Droid maintenance UseCase C0093

A service mechanic analyzes the health state of a mouse droid. Depending on the outcome, oil is refilled, logic is updated, parts are exchanged or the whole droid is disintegrated.

Scope and Context

Design Hardware HW UseCase C0135

A team of engineers designs, produces and tests the mechanical hardware parts of the droids.

Scope and Context

Electrical Engineering EE UseCase C0136

A team of engineers designs, produces and tests the electrical and electronic parts of the droids.

L2 Mechanics, L1 Physical View, Solution Strategy, Building Block View, L2 Electric Parts and Electronics

Electrical Parts and Electronics EE Block C0019

The main components of the electric parts are:
- a set of cables and connectors
- a set of sensors and actuators
- the energy cell
- two printed circuit boards (PCB) containing the electronic parts

Base Logic Board, L3 Requirements, L1 Physical View, Solution Strategy, L2 Electric Parts and Electronics, Power Distribution

Base Logic Board Block C0048

The base logic board consists of several electronic parts shown in Base Logic Board.

Main Board Logic, L3 Requirements, L1 Physical View, Solution Strategy, L2 Electric Parts and Electronics, Power Distribution

Main Logic Board Block C0047

The main logic board consists of several electronic parts shown in Main Board Logic.

Solution Strategy

Outer World env-perception Comment C0094

The main logic addresses the following tasks:
- evaluating sensor signals from microphone and camera
- calculating movement actions to be performed by base logic (tactics)

Solution Strategy

Guiding Main Principles mouse-droid Comment C0116

The functions of the MoD5G are divided onto two logic boards.
The base logic gets local sensor information and controls things within the system boundary of the MoD5G.
The main logic gets sensor data of the environment and calculates movement actions to efficiently fulfill the mission (that was programmed before).

Solution Strategy

Inner World Comment C0117

The base logic addresses the following tasks:
- charging
- programming
- steering the motors
- self-check
If a list of actions is available, this logic board can steer the MoD6G without the help of the main logic board.

L1 Functional View

Motors to move the MoD5G (L1-Fct) device Block C0178

L1 Functional View

Recognize paths (L1-Fkt) device Block C0179

L1 Functional View

Recognize objects to repair (L1-Fct) device Block C0180

L1 Functional View, L1 Logical View

Plan movement strategy (L1-Fct) role Block C0181

L1 Functional View, L1 Logical View

Plan repair strategy (L1-Fct) role Block C0182

L1 Functional View, L1 Logical View

Perform movement tactic (L1-Fct) role Block C0183

L1 Functional View, L1 Logical View

Perform repair tactic (L1-Fct) role Block C0184

L1 Functional View

Tools to repair device Block C0185

L1 Functional View, L1 Logical View

Plan movement strategy (L1-Fct) role Block C0181

L1 Functional View, L1 Logical View

Plan repair strategy (L1-Fct) role Block C0182

L1 Functional View, L1 Logical View

Perform repair tactic (L1-Fct) role Block C0184

L1 Functional View, L1 Logical View

Perform movement tactic (L1-Fct) role Block C0183

L1 Logical View, L1 Physical View

Strategy planning (L1) Block C0186

This system element aggregates functions that have high demands on computation power but less demands on realtime-reactions. These even may be turned off from time to time.

L1 Logical View, L1 Physical View

Tactic execution (L1) Block C0187

This system element aggregates functions that have high demands on realtime observations and reations; also high demands on availability.

L2 Mechanics, L1 Physical View, Solution Strategy, Building Block View, L2 Electric Parts and Electronics

Electrical Parts and Electronics EE Block C0019

The main components of the electric parts are:
- a set of cables and connectors
- a set of sensors and actuators
- the energy cell
- two printed circuit boards (PCB) containing the electronic parts

Base Logic Board, L3 Requirements, L1 Physical View, Solution Strategy, L2 Electric Parts and Electronics, Power Distribution

Base Logic Board Block C0048

The base logic board consists of several electronic parts shown in Base Logic Board.

Main Board Logic, L3 Requirements, L1 Physical View, Solution Strategy, L2 Electric Parts and Electronics, Power Distribution

Main Logic Board Block C0047

The main logic board consists of several electronic parts shown in Main Board Logic.

L1 Logical View, L1 Physical View

Tactic execution (L1) Block C0187

This system element aggregates functions that have high demands on realtime observations and reations; also high demands on availability.

L1 Logical View, L1 Physical View

Strategy planning (L1) Block C0186

This system element aggregates functions that have high demands on computation power but less demands on realtime-reactions. These even may be turned off from time to time.

L2 Mechanics, Building Block View

Mechanical Parts HW Block C0018

The mechanical parts encompass all parts of which the mouse droid consists. From outside, the chassis and wheels are the most obvious parts. Inside, a skeleton frame provides stability of the assembly.
Important charactereistics are weight, operating temperature range, durability, stability.

L2 Mechanics, L1 Physical View, Solution Strategy, Building Block View, L2 Electric Parts and Electronics

Electrical Parts and Electronics EE Block C0019

The main components of the electric parts are:
- a set of cables and connectors
- a set of sensors and actuators
- the energy cell
- two printed circuit boards (PCB) containing the electronic parts

Building Block View, Solution Strategy, Building Block View

Software Parts SW Package C0020

The software consists of control logic, initial data that was integrated at the factory and learned data that is aggregated during operation.
These software items are split over two logical boards and subdivided into independent execution partitions.

L2 Mechanics

Chassis mouse-droid Block C0035

L2 Mechanics

Cargo Bin Block C0036

L2 Mechanics, L3 Requirements

Screw Driver Block C0037

L2 Mechanics

Wheels (4) Block C0038

L2 Mechanics

Fan Block C0039

A fan prevents overheating in hot environment conditions.

L2 Mechanics, L2 Electric Parts and Electronics

Motors Block C0040

L2 Mechanics, L3 Requirements, L2 Electric Parts and Electronics

Camera env-perception Block C0041

L2 Mechanics, L2 Electric Parts and Electronics

Microphone env-perception Block C0042

L2 Mechanics, L2 Electric Parts and Electronics

Loud Speaker Block C0043

L2 Mechanics, L2 Electric Parts and Electronics

Programming and Diagnostic Connector Block C0044

L2 Mechanics, Power Distribution

Charging Connector Block C0045

L2 Mechanics, Power Distribution

Energy Cell Block C0046

L2 Mechanics, Building Block View

Mechanical Parts HW Block C0018

The mechanical parts encompass all parts of which the mouse droid consists. From outside, the chassis and wheels are the most obvious parts. Inside, a skeleton frame provides stability of the assembly.
Important charactereistics are weight, operating temperature range, durability, stability.

L2 Mechanics, L1 Physical View, Solution Strategy, Building Block View, L2 Electric Parts and Electronics

Electrical Parts and Electronics EE Block C0019

The main components of the electric parts are:
- a set of cables and connectors
- a set of sensors and actuators
- the energy cell
- two printed circuit boards (PCB) containing the electronic parts

L2 Mechanics

Gripper Block C0054

A tool that allows to grab objects and move them.

L2 Mechanics

Tool-Window (2) Block C0055

A tool window is a flap in the chassis that protects screw driver, gripper and cargo bin when unused. It can be opened and closed by a motor.

L2 Mechanics

Skeleton Frame mouse-droid Block C0146

The skeleton frame provides stability to the assembly of parts. Anchorage points latch the assembled parts at their positions.

L2 Mechanics, L1 Physical View, Solution Strategy, Building Block View, L2 Electric Parts and Electronics

Electrical Parts and Electronics EE Block C0019

The main components of the electric parts are:
- a set of cables and connectors
- a set of sensors and actuators
- the energy cell
- two printed circuit boards (PCB) containing the electronic parts

L2 Mechanics, L2 Electric Parts and Electronics

Loud Speaker Block C0043

L2 Mechanics, L3 Requirements, L2 Electric Parts and Electronics

Camera env-perception Block C0041

L2 Mechanics, L2 Electric Parts and Electronics

Microphone env-perception Block C0042

L2 Mechanics, L2 Electric Parts and Electronics

Motors Block C0040

L2 Mechanics, L2 Electric Parts and Electronics

Programming and Diagnostic Connector Block C0044

Main Board Logic, L3 Requirements, L1 Physical View, Solution Strategy, L2 Electric Parts and Electronics, Power Distribution

Main Logic Board Block C0047

The main logic board consists of several electronic parts shown in Main Board Logic.

Base Logic Board, L3 Requirements, L1 Physical View, Solution Strategy, L2 Electric Parts and Electronics, Power Distribution

Base Logic Board Block C0048

The base logic board consists of several electronic parts shown in Base Logic Board.

Base Logic Board, Requirements and Goals, L2 Electric Parts and Electronics, L2 Software [subsystem]

Base Micro Controller Block C0051

The base micro controller consists of
- logic unit
- data storage
- persistent data+logic storage
- self supervision (by ECC and lockstep-cores)
- HW watchdog
- clock
- temperature sensor
- io ports
This block is optimized for providing a reliable execution of algorithms, see Quality Requirements.

Base Logic Board, L3 Requirements, L1 Physical View, Solution Strategy, L2 Electric Parts and Electronics, Power Distribution

Base Logic Board Block C0048

The base logic board consists of several electronic parts shown in Base Logic Board.

Base Logic Board, Requirements and Goals, L2 Electric Parts and Electronics, L2 Software [subsystem]

Base Micro Controller Block C0051

The base micro controller consists of
- logic unit
- data storage
- persistent data+logic storage
- self supervision (by ECC and lockstep-cores)
- HW watchdog
- clock
- temperature sensor
- io ports
This block is optimized for providing a reliable execution of algorithms, see Quality Requirements.

Base Logic Board

Clock Block C0053

Base Logic Board, Power Distribution

PMIC Block C0049

Power Management Integrated Circuit

Base Logic Board

Temperature Sensor Block C0071

Main Board Logic, L3 Requirements, L1 Physical View, Solution Strategy, L2 Electric Parts and Electronics, Power Distribution

Main Logic Board Block C0047

The main logic board consists of several electronic parts shown in Main Board Logic.

Main Board Logic, Requirements and Goals, L2 Software [subsystem]

Main Performance Controller Block C0056

This block provides an execution environment for algorithms that is optimized for high performance.

Main Board Logic

RAM Block C0057

Main Board Logic

ROM Block C0058

Main Board Logic

Motivator Block C0059

A motivator is a basic component needed to keep going on.

Base Logic Board, Power Distribution

PMIC Block C0049

Power Management Integrated Circuit

L2 Mechanics, Power Distribution

Charging Connector Block C0045

L2 Mechanics, Power Distribution

Energy Cell Block C0046

Main Board Logic, L3 Requirements, L1 Physical View, Solution Strategy, L2 Electric Parts and Electronics, Power Distribution

Main Logic Board Block C0047

The main logic board consists of several electronic parts shown in Main Board Logic.

Base Logic Board, L3 Requirements, L1 Physical View, Solution Strategy, L2 Electric Parts and Electronics, Power Distribution

Base Logic Board Block C0048

The base logic board consists of several electronic parts shown in Base Logic Board.

Main Board Logic, Requirements and Goals, L2 Software [subsystem]

Main Performance Controller Block C0056

This block provides an execution environment for algorithms that is optimized for high performance.

Base Logic Board, Requirements and Goals, L2 Electric Parts and Electronics, L2 Software [subsystem]

Base Micro Controller Block C0051

The base micro controller consists of
- logic unit
- data storage
- persistent data+logic storage
- self supervision (by ECC and lockstep-cores)
- HW watchdog
- clock
- temperature sensor
- io ports
This block is optimized for providing a reliable execution of algorithms, see Quality Requirements.

Deployment View, L2 Software [subsystem]

Real Time Video Processing Chip Node C0060

L2 Software [subsystem]

Watchdog Execution Environment Node C0061

Deployment View, L2 Software [subsystem]

General Purpose Partition 1 Node C0062

Deployment View, L2 Software [subsystem]

General Purpose Partition 2 Node C0063

Deployment View, L2 Software [subsystem]

Base Logic SW Partition Node C0064

Requirements and Goals, Requirements and Goals, Scope and Context, Deployment View

Mouse Droid MoD5G mouse-droid Component C0004

The Mouse Droid (MoD5G) is a repair droid that can be instructed to perform a mission and which then autonomously selects tactics to achieve the mission goals.

Requirements and Goals, L1 Requirements View, Requirements and Goals

Drive to location goal UseCase C0007

The mouse droid can explore its environment and calculate a route from its actual position to the target location.

- The mouse droid explores its environment
- The mouse droid enriches an internally memorized map
- The mouse droid calculates a route
- The mouse droid drives along the calculated route
- The mouse droid re-caclulates the route in case of new environment data
- The mouse droid reaches the target location

Requirements and Goals, L1 Requirements View, Requirements and Goals

Repair using tools goal UseCase C0008

The mouse droid has a couple of tools inside its chassis.

- The mouse droid uses a screw diver to untighten damaged parts
- The mouse droid uses a gripper to move the damaged part out of the way
- The mouse droid uses a gripper to put a spare part from its internal cargo bin to the target place
- The mouse droid uses a screw diver to tighten replaced parts
- The mouse droid uses a gripper to move the damaged part into its internal cargo bin.
(see L2 Mechanics)

Requirements and Goals, L3 Requirements

Explore Environment env-perception UseCase C0067

When the mouse droid is missing relevant data on the environment, it plans a list of actions that suits the purpose of gaining the missing knowledge.

Requirements and Goals

Perform Movement UseCase C0068

Requirements and Goals, L3 Requirements

Steer motors of tools UseCase C0069

Requirements and Goals

Plan tasks UseCase C0070

The mouse droid creates a list of actions to fulfill the given mission. If data on the environment is missing, it plans an explortion task and re-plans the action list later.

Main Board Logic, Requirements and Goals, L2 Software [subsystem]

Main Performance Controller Block C0056

This block provides an execution environment for algorithms that is optimized for high performance.

Base Logic Board, Requirements and Goals, L2 Electric Parts and Electronics, L2 Software [subsystem]

Base Micro Controller Block C0051

The base micro controller consists of
- logic unit
- data storage
- persistent data+logic storage
- self supervision (by ECC and lockstep-cores)
- HW watchdog
- clock
- temperature sensor
- io ports
This block is optimized for providing a reliable execution of algorithms, see Quality Requirements.

L1 Requirements View, L3 Requirements

L1Req: Recognize paths env-perception Requirement C0149

The MoDG5 shall use redundant sensor data to calculate paths that it can drive along.

L1 Requirements View, L3 Requirements

L1Req: Position screw driver Requirement C0150

The MoDG5 shall bring the screw driver into a given 3D position.

Requirements and Goals, L3 Requirements

Explore Environment env-perception UseCase C0067

When the mouse droid is missing relevant data on the environment, it plans a list of actions that suits the purpose of gaining the missing knowledge.

Requirements and Goals, L3 Requirements

Steer motors of tools UseCase C0069

L3 Requirements, Environment Capture

L3Req: Calc 3D scene from 2 cameras env-perception Requirement C0151

The Main Logic Board shall create a 3D model of the environment based on 2 camera images.

Base Logic Board, L3 Requirements, L1 Physical View, Solution Strategy, L2 Electric Parts and Electronics, Power Distribution

Base Logic Board Block C0048

The base logic board consists of several electronic parts shown in Base Logic Board.

Main Board Logic, L3 Requirements, L1 Physical View, Solution Strategy, L2 Electric Parts and Electronics, Power Distribution

Main Logic Board Block C0047

The main logic board consists of several electronic parts shown in Main Board Logic.

L3 Requirements, System Control

L3Req: Operate motors of tool-arm Requirement C0152

The Base Logic Board shall steer the motors of the tool-arm to a given 3D position.

L2 Mechanics, L3 Requirements

Screw Driver Block C0037

L2 Mechanics, L3 Requirements, L2 Electric Parts and Electronics

Camera env-perception Block C0041

Constraints, Architecture Decisions

Self-Preservation Requirement C0081

In case a wookiee growls at the MoD5G, it shall flee for self-preservation

Quality Tree, Constraints, Quality Scenarios, Quality Requirements

Interoperability SW-subcharacterisitc Requirement C0123

The programming and charging interfaces of the MoD5G shall be compatible to
- old republic terminals
- imperial terminals

Scope and Context

Imperial Operator Actor C0082

Scope and Context

Operator of the old republic Actor C0083

Requirements and Goals, Requirements and Goals, Scope and Context, Deployment View

Mouse Droid MoD5G mouse-droid Component C0004

The Mouse Droid (MoD5G) is a repair droid that can be instructed to perform a mission and which then autonomously selects tactics to achieve the mission goals.

Environment Capture, Solution Strategy, Building Block View, Deployment View

Environment Capture main_logic Package C0118

Environment Model Composer Sequence, Solution Strategy, Building Block View, Deployment View

Tactics Calculator main_logic Component C0108

Calculate tactics based on given strategy and current situation model

System Control, Solution Strategy, Building Block View, Deployment View

System Control base_logic Package C0119

Solution Strategy

Base Software Structure Comment C0121

The software is basically structured into three parts:
- environment model generation
- calculating actions
- controlling execution of actions

Building Block View, Solution Strategy, Building Block View

Software Parts SW Package C0020

The software consists of control logic, initial data that was integrated at the factory and learned data that is aggregated during operation.
These software items are split over two logical boards and subdivided into independent execution partitions.

Environment Capture, Environment Model Composer Sequence, Building Block View, Deployment View

Video Capture env-perception Component C0106

Environment Capture, Environment Model Composer Sequence, Building Block View, Deployment View

Audio Capture env-perception Component C0107

Environment Model Composer Sequence, Solution Strategy, Building Block View, Deployment View

Tactics Calculator main_logic Component C0108

Calculate tactics based on given strategy and current situation model

Environment Model Composer Sequence, System Control, Building Block View, Deployment View

Motor Controller Component C0109

Move motors according to calculated tactics

Environment Capture, Solution Strategy, Building Block View, Deployment View

Environment Capture main_logic Package C0118

System Control, Solution Strategy, Building Block View, Deployment View

System Control base_logic Package C0119

Environment Capture, Environment Model Composer Sequence, Building Block View, Deployment View

Environment Model Composer env-perception Component C0120

System Control, Building Block View, Crosscutting Concepts

SW Watchdog Component C0129

The SW Watchdog shall check

- validity of data as well as
- validity of sequence of checkpoints
received from software components on the Main Logic Board.
See also Crosscutting Concepts.

Building Block View, Solution Strategy, Building Block View

Software Parts SW Package C0020

The software consists of control logic, initial data that was integrated at the factory and learned data that is aggregated during operation.
These software items are split over two logical boards and subdivided into independent execution partitions.

L3 Requirements, Environment Capture

L3Req: Calc 3D scene from 2 cameras env-perception Requirement C0151

The Main Logic Board shall create a 3D model of the environment based on 2 camera images.

Environment Capture, Environment Model Composer Sequence, Building Block View, Deployment View

Audio Capture env-perception Component C0107

Environment Capture, Solution Strategy, Building Block View, Deployment View

Environment Capture main_logic Package C0118

Environment Capture, Environment Model Composer Sequence, Building Block View, Deployment View

Video Capture env-perception Component C0106

Environment Capture, Environment Model Composer Sequence, Building Block View, Deployment View

Environment Model Composer env-perception Component C0120

Environment Capture, Glossary

Environment Model data Class C0111

The enironment model refers to the (limited) knowledge of the software on the real environment.

L3 Requirements, System Control

L3Req: Operate motors of tool-arm Requirement C0152

The Base Logic Board shall steer the motors of the tool-arm to a given 3D position.

System Control, Solution Strategy, Building Block View, Deployment View

System Control base_logic Package C0119

Environment Model Composer Sequence, System Control, Building Block View, Deployment View

Motor Controller Component C0109

Move motors according to calculated tactics

System Control, Building Block View, Crosscutting Concepts

SW Watchdog Component C0129

The SW Watchdog shall check

- validity of data as well as
- validity of sequence of checkpoints
received from software components on the Main Logic Board.
See also Crosscutting Concepts.

Power States, Power State Timings, Runtime View

power::booting Activity C0024

Power States, Power State Timings, Runtime View

power::full_operation Activity C0025

While the MoD5G is in full_operation state, all software parts are running and able to react on input data.

Power States, Power State Timings, Runtime View

power::energy_saving Activity C0026

Runtime View

sw::boot_base_board Activity C0072

Runtime View

sw::boot_main_board Activity C0073

Runtime View

sw::start InitialNode C0074

Runtime View

sw::par ForkNode C0075

Runtime View

sw::run_main Activity C0076

Runtime View

sw::run_base Activity C0077

Runtime View

sw::run_base_only Activity C0078

Runtime View

sw::sync JoinNode C0079

Runtime View

sw::booted ActivityFinalNode C0080

Runtime View

sw::op_start InitialNode C0084

Runtime View

sw::op_end ActivityFinalNode C0085

Runtime View

sw::op_par ForkNode C0086

Runtime View

sw::op_sync JoinNode C0087

Environment Model Composer Sequence, System Control, Building Block View, Deployment View

Motor Controller Component C0109

Move motors according to calculated tactics

Environment Model Composer Sequence, Solution Strategy, Building Block View, Deployment View

Tactics Calculator main_logic Component C0108

Calculate tactics based on given strategy and current situation model

Environment Capture, Environment Model Composer Sequence, Building Block View, Deployment View

Environment Model Composer env-perception Component C0120

Environment Capture, Environment Model Composer Sequence, Building Block View, Deployment View

Audio Capture env-perception Component C0107

Environment Capture, Environment Model Composer Sequence, Building Block View, Deployment View

Video Capture env-perception Component C0106

Environment Model Composer Sequence

Persist List Comment C0142

the action list shall be persisted, so that after a sudden reboot, the next actions are immediately available.

Environment Model Composer Sequence, System Control, Building Block View, Deployment View

Motor Controller Component C0109

Move motors according to calculated tactics

Deployment View, L2 Software [subsystem]

Base Logic SW Partition Node C0064

Deployment View, L2 Software [subsystem]

General Purpose Partition 2 Node C0063

Environment Model Composer Sequence, Solution Strategy, Building Block View, Deployment View

Tactics Calculator main_logic Component C0108

Calculate tactics based on given strategy and current situation model

Environment Capture, Environment Model Composer Sequence, Building Block View, Deployment View

Audio Capture env-perception Component C0107

Deployment View, L2 Software [subsystem]

General Purpose Partition 1 Node C0062

Deployment View, L2 Software [subsystem]

Real Time Video Processing Chip Node C0060

Environment Capture, Environment Model Composer Sequence, Building Block View, Deployment View

Video Capture env-perception Component C0106

Environment Capture, Environment Model Composer Sequence, Building Block View, Deployment View

Environment Model Composer env-perception Component C0120

Environment Capture, Solution Strategy, Building Block View, Deployment View

Environment Capture main_logic Package C0118

System Control, Solution Strategy, Building Block View, Deployment View

System Control base_logic Package C0119

Crosscutting Concepts, Risks and Technical Debts

Fault Detection (main logic) Comment C0127

Logic and data is supervised by the SW Watchdog located on the Base Micro Controller.
Every software component on the Main Logic Board shall check processed data and report its health to the SW Watchdog as well as passed checkpoints in the logic.

Crosscutting Concepts

Fault Detection (base logic) Comment C0128

The hardware of the Base Micro Controller enables logic and data supervision. Therefore no extra software solution is implemented to monitor the base logic.

System Control, Building Block View, Crosscutting Concepts

SW Watchdog Component C0129

The SW Watchdog shall check

- validity of data as well as
- validity of sequence of checkpoints
received from software components on the Main Logic Board.
See also Crosscutting Concepts.

Architecture Decisions

Wookiee Detection decision Comment C0131

Challenge: Detect presense of a Wookiee
Alt-1: Detect a growling wookie only by analyzing the audio spectrum recorded from the microphone.
- pro: simple to implement
- con: may produce false alarms
Alt-2: Combine the Video and the Audio sensor data to better distinguish a growling wookie from a shouting officer.
- pro: better recognize wookiees
- con: dependency on video processing
Decision: Alt-1
Rationale: Reacting on a false alarm is not mission-critical.

Constraints, Architecture Decisions

Self-Preservation Requirement C0081

In case a wookiee growls at the MoD5G, it shall flee for self-preservation

Quality Tree, Quality Requirements, Quality Requirements

Compatibility quality_characteristic Requirement C0122

Compatibility defines a set of attributes that measures how well data and messages can be exchanged with other programs and/or versions.

Quality Tree, Constraints, Quality Scenarios, Quality Requirements

Interoperability SW-subcharacterisitc Requirement C0123

The programming and charging interfaces of the MoD5G shall be compatible to
- old republic terminals
- imperial terminals

Quality Tree

Old Republic Programming IF SW-attribute Requirement C0124

The old republic protocol for programming a droid shall be supported.

Quality Tree

Imperial Programming IF SW-attribute Requirement C0125

The imperial protocol for programming a droid shall be supported.

Quality Tree

Universial Charging IF SW-attribute Requirement C0126

The intergalactic standard protocol for power charging shall be supported.

Quality Tree, Constraints, Quality Scenarios, Quality Requirements

Interoperability SW-subcharacterisitc Requirement C0123

The programming and charging interfaces of the MoD5G shall be compatible to
- old republic terminals
- imperial terminals

Quality Tree, Quality Requirements, Quality Requirements

Compatibility quality_characteristic Requirement C0122

Compatibility defines a set of attributes that measures how well data and messages can be exchanged with other programs and/or versions.

Quality Scenarios

Mixed standards of terminals UseCase C0145

precondition:
- The MoD5G operates in an environment providing mixed terminal standards
trigger:
- The MoD5G drives to a charging or programming terminal which complied to either old republic or imperial standard.
scenario:
- The MoD5G determines the applicable standard
- The MoD5G uses the terminal for programming or charging

Quality Tree, Constraints, Quality Scenarios, Quality Requirements

Interoperability SW-subcharacterisitc Requirement C0123

The programming and charging interfaces of the MoD5G shall be compatible to
- old republic terminals
- imperial terminals

Risks and Technical Debts

Fault Detection Strategy may fail Comment C0130

The fault detection strategy for logic and data on the Main Logic Board allows for unnoticed faults:
Not every error in logic can be detected by checkpoints only.

Crosscutting Concepts, Risks and Technical Debts

Fault Detection (main logic) Comment C0127

Logic and data is supervised by the SW Watchdog located on the Base Micro Controller.
Every software component on the Main Logic Board shall check processed data and report its health to the SW Watchdog as well as passed checkpoints in the logic.

Risks and Technical Debts

Risk: Wrong tactic is calculated Requirement C0134

- cause/fault: Due to cosmic rays, the main logic board performs a miscalculation that goes unnoticed by control flow supervision
- risk/failure: the MoD5G calculates a tactic that results in falling off a cliff

Glossary

Situation Model data Class C0110

The situation model refers to the (limited/erroneous) knowledge of the software on environment and status.

Environment Capture, Glossary

Environment Model data Class C0111

The enironment model refers to the (limited) knowledge of the software on the real environment.

Glossary

MoD5G-Status Model data Class C0112

The status model refers to the (limited) knowledge of the software on the real status.

Glossary

Real Situation Class C0113

The real situation refers to the reality of system status and environment.

Glossary

Real Environment Class C0114

The real environment refers to the physical environment of the system.

Glossary

MoD5G Real Status Class C0115

The real status refers to the real system status of the MoD5G. This may differ from what the sensors report.

Runtime View

Power States InteractionUse C0021

refers to Power States

Runtime View

Health States InteractionUse C0022

refers to Health States

Runtime View

start operation InitialNode C0153

Runtime View

orthogonal ForkNode C0154

Runtime View

Operation Modes InteractionUse C0194

Operation Modes

Op::Modes StateMachine C0188

Operation Modes

Charging StateMachine C0189

Operation Modes

Programming StateMachine C0190

Operation Modes

Moving StateMachine C0191

Operation Modes

Using Tools StateMachine C0192

Operation Modes

Waiting StateMachine C0193

Operation Modes

Being Repaired StateMachine C0195

Power States, Power State Timings

power::startup InitialNode C0023

Power States, Power State Timings, Runtime View

power::booting Activity C0024

Power States, Power State Timings, Runtime View

power::full_operation Activity C0025

While the MoD5G is in full_operation state, all software parts are running and able to react on input data.

Power States, Power State Timings, Runtime View

power::energy_saving Activity C0026

Power States, Power State Timings

power::off ActivityFinalNode C0027

Power States

power::all Activity C0138

The statemachine of all power states

Power States, Power State Timings

power::off ActivityFinalNode C0027

Power States, Power State Timings, Runtime View

power::full_operation Activity C0025

While the MoD5G is in full_operation state, all software parts are running and able to react on input data.

Power States, Power State Timings

power::startup InitialNode C0023

Power States, Power State Timings, Runtime View

power::booting Activity C0024

Power States, Power State Timings, Runtime View

power::energy_saving Activity C0026

Power State Timings

max 2300 msec Comment C0139

Power State Timings

max 500 msec Comment C0140

Health States

health::factory InitialNode C0028

Health States

health::disassembly ActivityFinalNode C0029

Health States

health::healthy StateMachine C0030

Health States

health::slightly_damaged StateMachine C0031

Health States, Risks and Technical Debts

health::limp_home StateMachine C0032

In case the full operation is not possible anymore, the MoD5G shall drive back to the home charging station.

Health States

health::damaged StateMachine C0033

Health States

health::operation StateMachine C0034

Health States

health::all StateMachine C0137

The statemachine of all health states

Deployment View

Space Station Node C0095

Requirements and Goals, Requirements and Goals, Scope and Context, Deployment View

Mouse Droid MoD5G mouse-droid Component C0004

The Mouse Droid (MoD5G) is a repair droid that can be instructed to perform a mission and which then autonomously selects tactics to achieve the mission goals.

Deployment View

Programming Terminal Node C0096

Deployment View

Charging Terminal Node C0097

Deployment View

Maintenance Booth Node C0098

Crosscutting Concepts

Motor Type Comment C0099

All motors are electrical step motors.
Step motors can be controlled to move a defined number of steps forward or backwards.
Note that there are conditions when the actual number of steps is not equal to the previously requested number of steps, e.g. when accellerating or slowing down too fast.

Constraints, Architecture Decisions

Cosmic Rays environment Requirement C0002

The droid shall ensure data and program integrity.
It shall continue operation after cosmic rays have interfered with data storage or program execution.
Corrupted data must not be stored permanently.

Architecture Decisions

2 of 3 Voter rejected_alternative Requirement C0100

In order to support integrity of the system, the logic boards and the data storages are deployed three times as three identical parts.
All three parts shall produce the same outcomes given the same input.
If one deviates, it's result is ignored and the part is rebooted.

Architecture Decisions

Cosmic Rays Information Comment C0101

When a cosmic ray interferes with the system, the logic or the processed data gets corrupted.

Architecture Decisions

Watchdog Supervision chosen_alternative Requirement C0102

In order to support integrity of the logic and data, a multi-stage hierarchy supervision shall be implemented.
Software watchdogs shall supervise the running software parts in a way that logic errors and corrupted data can be detected.
A hardware watchdog shall supervise the software watchdogs.
In case of a failure in the supervised logic/data, the system shall reboot. In case of a failure in the monitors, the system may reboot or it shall fall back to a valid supervision mode.

Architecture Decisions

Decision: Watchdog decision Comment C0103

Arguments:

- The 2 of 3 voter is easier to implement but causes higher hardware costs.
- The watchdog supervision requires higher engineering efforts but is cheaper in production.
The watchdog supervision shall be implemented.

Quality Requirements

Usability quality_characteristic Requirement C0009

Usability defines a set of attributes that measures how easy to learn and use the program is.

Maintainability, Quality Tree, Quality Requirements

Maintainability quality_characteristic Requirement C0010

Maintainability defines a set of attributes that influence how to analyze and mitigate defects that occur during operation.

Quality Requirements

Reliability quality_characteristic Requirement C0011

Reliability defines a set of attributes that measures how mature and fault-tolerant the software is.

Quality Tree, Quality Requirements, Quality Requirements

Compatibility quality_characteristic Requirement C0122

Compatibility defines a set of attributes that measures how well data and messages can be exchanged with other programs and/or versions.

Maintainability, Quality Tree, Quality Requirements

Maintainability quality_characteristic Requirement C0010

Maintainability defines a set of attributes that influence how to analyze and mitigate defects that occur during operation.

Maintainability, Quality Tree, Quality Scenarios

Analyzability SW_sub-characteristic Requirement C0014

The MoD5G shall allow to analyze faults that occurred during operation.

Maintainability, Quality Tree, Quality Scenarios

Repairability HW_sub-characteristic Requirement C0012

The MoD5 hardware parts shall be exchangeable in case they are damaged.

Maintainability, Quality Tree, Quality Requirements

Maintainability quality_characteristic Requirement C0010

Maintainability defines a set of attributes that influence how to analyze and mitigate defects that occur during operation.

Maintainability, Quality Tree, Quality Scenarios

Repairability HW_sub-characteristic Requirement C0012

The MoD5 hardware parts shall be exchangeable in case they are damaged.

Maintainability

30 years spare-parts supply HW-attribute Requirement C0013

The mechanical and electrical/electronics parts of the MoD5 shall be produceable in identical or similar form and quality for 30 years after production of the unit.

Maintainability, Quality Tree, Quality Scenarios

Analyzability SW_sub-characteristic Requirement C0014

The MoD5G shall allow to analyze faults that occurred during operation.

Maintainability

Self-Diagnosis SW-attribute Requirement C0015

At the maintenance booth, the MoD5G shall provide an error log. This error log contains detected errors from operation and related environment conditions. It also lists possible causes(faults).

Quality Scenarios

Spare Parts Supply quality_scenario UseCase C0017

pre-condition:
- the stock of MoD5G spare parts is empty
trigger:
- 20 years after production, a MoD5G needs a spare part that is not available anymore
scenario:
- a service mechanic orders a batch of parts
- a factory creates the parts that fit in form, function and quality to the MoD5G
- spare parts are delivered

Quality Scenarios

Motor defect quality_scenario UseCase C0016

pre-condition:
- the MoD5G is performing a 1-day mission autonomously
trigger:
- a motor fails to operate
- the goals of the 1-day mission cannot be accomplished anymore
scenario:
- the MoD5G cancels the mission and returns to the service point
- a service mechanic reads out the error log
- the MoD5G proposes to replace the suspicious motor
- the service mechanic replaces the motor

Maintainability, Quality Tree, Quality Scenarios

Repairability HW_sub-characteristic Requirement C0012

The MoD5 hardware parts shall be exchangeable in case they are damaged.

Maintainability, Quality Tree, Quality Scenarios

Analyzability SW_sub-characteristic Requirement C0014

The MoD5G shall allow to analyze faults that occurred during operation.

Risks and Technical Debts

Limp home mode may fail Comment C0105

In case of a single fault, the MoD5G shall return to the charging station.
The current design does not address the cases:
- the base logic board is damaged
- the energy cell is damaged
- the movement/steering motors are defect

Health States, Risks and Technical Debts

health::limp_home StateMachine C0032

In case the full operation is not possible anymore, the MoD5G shall drive back to the home charging station.

Risks and Technical Debts

Risk: MoD5G does not drive back (logic board) Risk Requirement C0133

- cause/fault: the base logic board is damaged
- risk/failure: the MoD5G cannot drive anymore

Risks and Technical Debts

Risk: MoD5G does not drive back (energy) Risk Requirement C0147

- cause/fault: the energy cell is damaged
- risk/failure: the MoD5G cannot drive anymore

Risks and Technical Debts

Risk: MoD5G does not drive back (motors) Risk Requirement C0148

- cause/fault: the ,ovement/steering motors are damaged
- risk/failure: the MoD5G cannot drive anymore

Glossary

Maintenance booth Comment C0104

A room in a star ship or on a planet where the following tasks are performed:
- check operability of droids
- oil refill service
- repair of droids
- disintegration of old droids

Glossary

Base location Comment C0143

The location where the MoD5G droid returns to when its mission is finished. This location typically provides a charging and programming terminal. This location can be re-programmed.

Stereotypes on "What to build"

UML:Node Metaclass Stereotype C0165

Stereotypes on "What to build"

mouse-droid Stereotype C0163

<path d=" c 3, -0.8 4.5, 0.5 4.5, 2.5 l -8, 0 c 1, -2, 2, -3, 3, -3 c 0.5, 0 0.5, 1 0, 1 m -1.1, 0.3 l -0.2, 0.2 " fill="#bb9977" />

Stereotypes on "What to build"

mouse-img mouse-droid Image C0164

Stereotypes on "What to build"

UML:UseCase Metaclass Class C0170

Stereotypes on "What to build"

goal Stereotype C0171

<path fill="#aaeeff" d=" M 5,9 L 5,1 1,2.5 5,4 "/>

Stereotypes on "What to build"

flag goal Image C0172

Stereotypes on "What to build"

UML:Actor Metaclass Class C0174

Stereotypes on "What to build"

environment Stereotype C0175

<path fill="#eeff88" d=" M 1,0 C 1,0.55 0.55,1 0,1 C -0.55,1 -1,0.55, -1,0 C -1,-0.55 -0.55,-1 0,-1 C 0.55,-1, 1,-0.55, 1,0 "/> <path d=" M 2,0 L 4,0 M 1.73,1 L 3.46,2 M 1,1.72 L 2,3.46 M 0,2 L 0,4 M -1,1.72 L -2,3.46 M -1.73,1 L -3.46,2 M -2,0 L -4,0 M -1.73,-1 L -3.46,-2 M -1,-1.72 L -2,-3.46 M 0,-2 L 0,-4 M 1,-1.72 L 2,-3.46 M 1.73,-1 L 3.46,-2 "/>

Stereotypes on "What to build"

env-img environment Image C0176

Stereotypes on "How to achieve the goal"

UML:Component Metaclass Class C0155

Stereotypes on "How to achieve the goal"

env-perception Stereotype C0156

<path fill="#ffcc66" d=" M 0.8,0 a 0.8,0.8 0 1 0 -1.6,0 a 0.8,0.8 0 1 0 1.6,0 " /> <path d=" M 1,0 A 1,0.5 22 1 1 0.707,0.707 A 1,0.5 67 1 1 0,1 A 1,0.5 112 1 1 -0.707,0.707 A 1,0.5 157 1 1 -1,0 A 1,0.5 202 1 1 -0.707,-0.707 A 1,0.5 247 1 1 0,-1 A 1,0.5 -68 1 1 0.707,-0.707 A 1,0.5 -23 1 1 1,0 " />

Stereotypes on "How to achieve the goal"

env-image env-perception Image C0157

Stereotypes on "How to achieve the goal"

UML:Class Metaclass Class C0158

Stereotypes on "How to achieve the goal"

decision Stereotype C0159

<path d="m 8,12 l -4,7 1,1 6,0 1,-1 -4,-7 l 8,-4 9,0 l -4,7 1,1 6,0 1,-1 -4,-7 " /><path d="m 15,5 l 1,3 m 0,2 l 0,17 " />

Stereotypes on "How to achieve the goal"

decision-img decision Image C0160

Stereotypes on "How to achieve the goal"

data Stereotype C0161

<path d="m 4,5 l 0,22 c 0,2.25 5.25,4 12,4 s 12,-1.75 12,-4 l 0,-22 " /><path d="m 4,5 c 0,-2.25 5.25,-4 12,-4 s 12,1.75
12,4 s -5.25,4 -12,4 s -12,-1.75 -12,-4 " />

Stereotypes on "How to achieve the goal"

data-img data Image C0162

Stereotypes on "How to achieve the goal"

rejected_alternative Stereotype C0166

<path d="m 1,24 4,4 22,0 4,-4 " /><path stroke="#cc0000" d="m 8,17 c 0,-4.4 3.6,-8 8,-8 s 8,3.6 8,8 s -3.6,8 -8,8 s
-8,-3.6 -8,-8 " /><path stroke="#cc0000" d="m 11,17 l 10,0 " />

Stereotypes on "How to achieve the goal"

rejected rejected_alternative Image C0167

Stereotypes on "How to achieve the goal"

chosen_alternative Stereotype C0168

<path d="m 1,24 4,4 22,0 4,-4 " /><path stroke="#00aa00" d="m 8,17 c 0,-4.4 3.6,-8 8,-8 s 8,3.6 8,8 s -3.6,8 -8,8 s
-8,-3.6 -8,-8 " /><path stroke="#00aa00" d="m 11,17 l 10,0 m -5,-5 l 0,10 " />

Stereotypes on "How to achieve the goal"

chosen chosen_alternative Image C0169

Stereotypes on "How to achieve the goal"

SW Stereotype C0196

<path fill="#eeffdd" d=" M 1.5,5 L 2,3 C 4,2 6,2, 8,3 L 8.5,5 7.5,5 8,4 C 6,5 4,5 2,4 L 2.5,5 1.5,5 " />

Stereotypes on "How to achieve the goal"

SW-img SW Image C0197

Stereotypes on "How to achieve the goal"

HW Stereotype C0198

<path fill="#eeddff" d=" M 1,3 L 5,1 7,1 7.5,2 2,5 z " /> <path d=" M 4,4 L 7,10 8,9.5 5,3.5 " />

Stereotypes on "How to achieve the goal"

HW-img HW Image C0199

Stereotypes on "How to achieve the goal"

EE Stereotype C0200

<path fill="#ffffdd" d=" M 1,5 L 3,5 3,3.5, 5,5 3,6.5 3,5 M 5,3.5 L 5,6.5 M 5,5 L 7,5" /> <path d=" M 4,3 L 5,1 4.5,1.5 M 5,3 L 6,1 5.5,1.5 " />

Stereotypes on "How to achieve the goal"

EE-img EE Image C0201