5. Software Requirements Engineering¶
Software engineering standards for critical software such as ECSS-E-ST-40C demand that software requirements for a software product are collected in a software requirements specification (technical specification in ECSS-E-ST-40C terms). They are usually derived from system requirements (requirements baseline in ECSS-E-ST-40C terms). RTEMS is designed as a reusable software product which can be utilized by application designers to ease the development of their applications. The requirements of the end system (system requirements) using RTEMS are only known to the application designer. RTEMS itself is developed by the RTEMS maintainers and they do not know the requirements of a particular end system in general. RTEMS is designed as a real-time operating system to meet typical system requirements for a wide range of applications. Its suitability for a particular application must be determined by the application designer based on the technical specification provided by RTEMS accompanied with performance data for a particular target platform.
Currently, no technical specification of RTEMS exists in the form of a dedicated document. Since the beginning of the RTEMS evolution in the late 1980s it was developed iteratively. It was never developed in a waterfall model. During initial development the RTEID [Mot88] and later the ORKID [VIT90] draft specifications were used as requirements. These were evolving during the development and an iterative approach was followed often using simple algorithms and coming back to optimise. In 1993 and 1994 a subset of pthreads sufficient to support GNAT was added as requirements. At this time the Ada tasking was defined, however, not implemented in GNAT, so this involved guessing during the development. Later some adjustments were made when Ada tasking was actually implemented. So, it was consciously iterative with the specifications evolving and feedback from performance analysis. Benchmarks published from other real time operating systems were used for comparison. Optimizations were carried out until the results were comparable. Development was done with distinct contractual phases and tasks for development, optimization, and the addition of priority inheritance and rate monotonic scheduling. The pthreads requirement has grown to be as much POSIX as possible.
Portability from FreeBSD to use its network stack, USB stack, SD/MMC card stack and device drivers resulted in another set of requirements. The addition of support for symmetric multiprocessing (SMP) was a huge driver for change. It was developed step by step and sponsored by several independent users with completely different applications and target platforms in mind. The high performance OpenMP support introduced the Futex as a new synchronization primitive.
Guidance
A key success element of RTEMS is the ability to accept changes driven by user needs and still keep the operating system stable enough for production systems. Procedures that place a high burden on changes are doomed to be discarded by the RTEMS Project. We have to keep this in mind when we introduce a requirements management work flow which should be followed by RTEMS community members and new contributors.
We have to put in some effort first into the reconstruction of software requirements through reverse engineering using the RTEMS documentation, test cases, sources, standard references, mailing list archives, etc. as input. Writing a technical specification for the complete RTEMS code base is probably a job of several person-years. We have to get started with a moderate feature set (e.g. subset of the Classic API) and extend it based on user demands step by step.
The development of the technical specification will take place in two phases. The first phase tries to establish an initial technical specification for an initial feature set. This technical specification will be integrated into RTEMS as a big chunk. In the second phase the technical specification is modified through arranged procedures. There will be procedures
to modify existing requirements,
add new requirements, and
mark requirements as obsolete.
All procedures should be based on a peer review principles.
- 5.1. Requirements for Requirements
- 5.1.1. Identification
- 5.1.2. Level of Requirements
- 5.1.3. Syntax
- 5.1.4. Wording Restrictions
- 5.1.5. Separate Requirements
- 5.1.6. Conflict Free Requirements
- 5.1.7. Use of Project-Specific Terms and Abbreviations
- 5.1.8. Justification of Requirements
- 5.1.9. Requirement Validation
- 5.1.10. Resources and Performance
- 5.2. Specification Items
- 5.2.1. Specification Item Hierarchy
- 5.2.2. Specification Item Types
- 5.2.2.1. Root Item Type
- 5.2.2.2. Build Item Type
- 5.2.2.3. Build Ada Test Program Item Type
- 5.2.2.4. Build BSP Item Type
- 5.2.2.5. Build Configuration File Item Type
- 5.2.2.6. Build Configuration Header Item Type
- 5.2.2.7. Build Group Item Type
- 5.2.2.8. Build Library Item Type
- 5.2.2.9. Build Objects Item Type
- 5.2.2.10. Build Option Item Type
- 5.2.2.11. Build Script Item Type
- 5.2.2.12. Build Start File Item Type
- 5.2.2.13. Build Test Program Item Type
- 5.2.2.14. Constraint Item Type
- 5.2.2.15. Glossary Item Type
- 5.2.2.16. Glossary Group Item Type
- 5.2.2.17. Glossary Term Item Type
- 5.2.2.18. Interface Item Type
- 5.2.2.19. Application Configuration Group Item Type
- 5.2.2.20. Application Configuration Option Item Type
- 5.2.2.21. Application Configuration Feature Enable Option Item Type
- 5.2.2.22. Application Configuration Feature Option Item Type
- 5.2.2.23. Application Configuration Value Option Item Type
- 5.2.2.24. Interface Compound Item Type
- 5.2.2.25. Interface Define Item Type
- 5.2.2.26. Interface Domain Item Type
- 5.2.2.27. Interface Enum Item Type
- 5.2.2.28. Interface Enumerator Item Type
- 5.2.2.29. Interface Forward Declaration Item Type
- 5.2.2.30. Interface Function or Macro Item Type
- 5.2.2.31. Interface Group Item Type
- 5.2.2.32. Interface Header File Item Type
- 5.2.2.33. Interface Typedef Item Type
- 5.2.2.34. Interface Unspecified Header File Item Type
- 5.2.2.35. Interface Unspecified Item Type
- 5.2.2.36. Interface Variable Item Type
- 5.2.2.37. Register Block Item Type
- 5.2.2.38. Proxy Item Types
- 5.2.2.39. Requirement Item Type
- 5.2.2.40. Functional Requirement Item Type
- 5.2.2.41. Action Requirement Item Type
- 5.2.2.42. Generic Functional Requirement Item Type
- 5.2.2.43. Non-Functional Requirement Item Type
- 5.2.2.44. Design Group Requirement Item Type
- 5.2.2.45. Design Target Item Type
- 5.2.2.46. Generic Non-Functional Requirement Item Type
- 5.2.2.47. Runtime Measurement Environment Item Type
- 5.2.2.48. Runtime Performance Requirement Item Type
- 5.2.2.49. Requirement Validation Item Type
- 5.2.2.50. Requirement Validation Method
- 5.2.2.51. Runtime Measurement Test Item Type
- 5.2.2.52. Specification Item Type
- 5.2.2.53. Test Case Item Type
- 5.2.2.54. Test Platform Item Type
- 5.2.2.55. Test Procedure Item Type
- 5.2.2.56. Test Suite Item Type
- 5.2.3. Specification Attribute Sets and Value Types
- 5.2.3.1. Action Requirement Boolean Expression
- 5.2.3.2. Action Requirement Condition
- 5.2.3.3. Action Requirement Expression
- 5.2.3.4. Action Requirement Expression Condition Set
- 5.2.3.5. Action Requirement Expression State Name
- 5.2.3.6. Action Requirement Expression State Set
- 5.2.3.7. Action Requirement Name
- 5.2.3.8. Action Requirement Skip Reasons
- 5.2.3.9. Action Requirement State
- 5.2.3.10. Action Requirement Transition
- 5.2.3.11. Action Requirement Transition Post-Condition State
- 5.2.3.12. Action Requirement Transition Post-Conditions
- 5.2.3.13. Action Requirement Transition Pre-Condition State Set
- 5.2.3.14. Action Requirement Transition Pre-Conditions
- 5.2.3.15. Application Configuration Option Name
- 5.2.3.16. Boolean or Integer or String
- 5.2.3.17. Build Assembler Option
- 5.2.3.18. Build C Compiler Option
- 5.2.3.19. Build C Preprocessor Option
- 5.2.3.20. Build C++ Compiler Option
- 5.2.3.21. Build Dependency Conditional Link Role
- 5.2.3.22. Build Dependency Link Role
- 5.2.3.23. Build Include Path
- 5.2.3.24. Build Install Directive
- 5.2.3.25. Build Install Path
- 5.2.3.26. Build Link Static Library Directive
- 5.2.3.27. Build Linker Option
- 5.2.3.28. Build Option Action
- 5.2.3.29. Build Option C Compiler Check Action
- 5.2.3.30. Build Option C++ Compiler Check Action
- 5.2.3.31. Build Option Default Value
- 5.2.3.32. Build Option Name
- 5.2.3.33. Build Option Set Test State Action
- 5.2.3.34. Build Option Value
- 5.2.3.35. Build Source
- 5.2.3.36. Build Target
- 5.2.3.37. Build Test State
- 5.2.3.38. Build Use After Directive
- 5.2.3.39. Build Use Before Directive
- 5.2.3.40. Constraint Link Role
- 5.2.3.41. Copyright
- 5.2.3.42. Enabled-By Expression
- 5.2.3.43. External Document Reference
- 5.2.3.44. External File Reference
- 5.2.3.45. External Reference
- 5.2.3.46. Function Implementation Link Role
- 5.2.3.47. Generic External Reference
- 5.2.3.48. Glossary Membership Link Role
- 5.2.3.49. Integer or String
- 5.2.3.50. Interface Brief Description
- 5.2.3.51. Interface Compound Definition Kind
- 5.2.3.52. Interface Compound Member Compound
- 5.2.3.53. Interface Compound Member Declaration
- 5.2.3.54. Interface Compound Member Definition
- 5.2.3.55. Interface Compound Member Definition Directive
- 5.2.3.56. Interface Compound Member Definition Variant
- 5.2.3.57. Interface Definition
- 5.2.3.58. Interface Definition Directive
- 5.2.3.59. Interface Definition Variant
- 5.2.3.60. Interface Description
- 5.2.3.61. Interface Enabled-By Expression
- 5.2.3.62. Interface Enum Definition Kind
- 5.2.3.63. Interface Enumerator Link Role
- 5.2.3.64. Interface Function Link Role
- 5.2.3.65. Interface Function or Macro Definition
- 5.2.3.66. Interface Function or Macro Definition Directive
- 5.2.3.67. Interface Function or Macro Definition Variant
- 5.2.3.68. Interface Group Identifier
- 5.2.3.69. Interface Group Membership Link Role
- 5.2.3.70. Interface Hidden Group Membership Link Role
- 5.2.3.71. Interface Include Link Role
- 5.2.3.72. Interface Notes
- 5.2.3.73. Interface Parameter
- 5.2.3.74. Interface Parameter Direction
- 5.2.3.75. Interface Placement Link Role
- 5.2.3.76. Interface Return Directive
- 5.2.3.77. Interface Return Value
- 5.2.3.78. Interface Target Link Role
- 5.2.3.79. Link
- 5.2.3.80. Name
- 5.2.3.81. Optional Floating-Point Number
- 5.2.3.82. Optional Integer
- 5.2.3.83. Optional String
- 5.2.3.84. Performance Runtime Limits Link Role
- 5.2.3.85. Placement Order Link Role
- 5.2.3.86. Proxy Member Link Role
- 5.2.3.87. Register Bits Definition
- 5.2.3.88. Register Bits Definition Directive
- 5.2.3.89. Register Bits Definition Variant
- 5.2.3.90. Register Block Include Role
- 5.2.3.91. Register Block Member Definition
- 5.2.3.92. Register Block Member Definition Directive
- 5.2.3.93. Register Block Member Definition Variant
- 5.2.3.94. Register Definition
- 5.2.3.95. Register Name
- 5.2.3.96. Requirement Design Group Identifier
- 5.2.3.97. Requirement Refinement Link Role
- 5.2.3.98. Requirement Text
- 5.2.3.99. Requirement Validation Link Role
- 5.2.3.100. Runtime Measurement Environment Name
- 5.2.3.101. Runtime Measurement Environment Table
- 5.2.3.102. Runtime Measurement Parameter Set
- 5.2.3.103. Runtime Measurement Request Link Role
- 5.2.3.104. Runtime Measurement Value Kind
- 5.2.3.105. Runtime Measurement Value Table
- 5.2.3.106. Runtime Performance Parameter Set
- 5.2.3.107. SHA256 Hash Value
- 5.2.3.108. SPDX License Identifier
- 5.2.3.109. Specification Attribute Set
- 5.2.3.110. Specification Attribute Value
- 5.2.3.111. Specification Boolean Value
- 5.2.3.112. Specification Explicit Attributes
- 5.2.3.113. Specification Floating-Point Assert
- 5.2.3.114. Specification Floating-Point Value
- 5.2.3.115. Specification Generic Attributes
- 5.2.3.116. Specification Information
- 5.2.3.117. Specification Integer Assert
- 5.2.3.118. Specification Integer Value
- 5.2.3.119. Specification List
- 5.2.3.120. Specification Mandatory Attributes
- 5.2.3.121. Specification Member Link Role
- 5.2.3.122. Specification Refinement Link Role
- 5.2.3.123. Specification String Assert
- 5.2.3.124. Specification String Value
- 5.2.3.125. Test Case Action
- 5.2.3.126. Test Case Check
- 5.2.3.127. Test Context Member
- 5.2.3.128. Test Header
- 5.2.3.129. Test Run Parameter
- 5.2.3.130. Test Support Method
- 5.2.3.131. UID
- 5.2.3.132. Unit Test Link Role
- 5.3. Traceability of Specification Items
- 5.4. Requirement Management
- 5.5. Tooling
- 5.6. How-To
- 5.6.1. Getting Started
- 5.6.2. View the Specification Graph
- 5.6.3. Generate Files from Specification Items
- 5.6.4. Application Configuration Options
- 5.6.5. Glossary Specification
- 5.6.6. Interface Specification
- 5.6.7. Requirements Depending on Build Configuration Options
- 5.6.8. Requirements Depending on Application Configuration Options
- 5.6.9. Action Requirements
- 5.6.10. Validation Test Guidelines
- 5.6.11. Verify the Specification Items