Architecture Analysis and Design Language (AADL)

Created July 2019 • Updated February 2022

As software for avionics, cyber-physical, and autonomous systems becomes increasingly complex, the cost to assure these and other mission- and safety-critical systems is growing. Software attributes that impede analysis and concerns such as performance, safety, and security are responsible for this increase.

The Architecture Analysis and Design Language (AADL) is an SAE international standard that addresses these issues by defining guidelines for design and analysis through a Domain-Specific Modeling Language (DSML).

Abstracting Large Software for Analysis

AADL captures large designs through high-level architectural concepts built after domain expertise: component categories that describe key building blocks, such as processor, devices, threads, and rules to assemble them. Through careful abstractions, complex designs can be captured as smaller models amenable to inspection and analysis.

Analyzing for Multiple Concerns

Design teams can review AADL models, use automated tools to assess conformance to modeling guidelines, and run analyses to uncover design problems or validate a design. Since its inception, the SEI is the driving force of the SAE AADL standard. Our core team demonstrated how to implement and apply tool-supported analysis methods on complex systems. Our portfolio of analysis covers performance, safety, and security. We directed multiple pilot studies that demonstrate the efficiency of the approach on different classes of systems.

Leveraging Digital Engineering

Using SAE AADL, systems architects leverage digital engineering for the design and validation of complex safety-critical systems in two critical phases of a system design:

During early stages, SAE AADL provides early analysis capabilities to mitigate integration risks. This capability is the core of the Architecture Centric Virtual Integration Process (ACVIP) that is being transitioned to SEI customers.
During system evolutions, SAE AADL analysis capabilities allow for trade-off analysis to select the best update approach.

As a language, AADL can interoperate with other modeling notations (e.g., SysML, UML) and be integrated into larger Systems Engineering approaches (e.g., MOSA). The SEI and its partners have developed technical reports, open-source software, and teaching course to aid in applying AADL.

Model-Based Development for Safety-Critical Systems

AADL is a modeling language with an architecture-centric, model-based development approach throughout the system lifecycle. AADL is targeted at real-time, safety-critical embedded systems where components are tightly coupled. These systems need specific validation and verification capabilities to demonstrate system correctness across all dimensions: functional, performance, safety, and security.

AADL has rich semantics that can be exercised to analyze and generate the system. AADL is also a standard promoted by SAE International: AS5506C.

Benefits of Using an Open Standard

As an open standard, the AADL language is

industry-grade: AADL provides textual and graphic notation with precise semantics to model applications and execution platforms.
ready to use: AADL is supported by commercial and open-source tool solutions
unambiguous: one model can be analyzed for multiple qualities
interoperable: AADL can integrate with other modeling notations for systems modeling OMG SysML, FACE and also functional modeling like Matlab Simulink or ANSYS SCADE

Benefits for Your Organization

The SAE AADL standard lowers development and maintenance costs by

providing a standard for modeling performance-critical systems
defining precise semantics for conducting multiple analyses on the same model
supporting large-scale (multi-contractor) architectures from many aspects in a single analyzable model that can be incrementally refined and detailed architectures of subsystems
focusing on the architecture of a system to evaluate the effect of change, such as the emergent properties of integration (e.g., safety, schedulability, end-to-end latency, and security)
complementing other notations and approaches like functional simulation through the analysis of the system structure and runtime
supporting reference architectures for avionics, security or safety, and component-based or product-line development

Software Engineering Institute