Ocarina: An AADL model processing suite

What is AADL?

AADL stands for "Architecture Analysis & Design Language". The aim of the AADL is to allow the description of Distributed Real-time Embedded (DRE) systems by assembling separately developed blocks. Thus it focuses on the definition of clear block interfaces, and separates the implementations from those interfaces. AADL allows for the description of both software and hardware parts of a system.

More information can be found on the AADL web site: http://www.aadl.info.

The Ocarina tool suite

Ocarina is a tool suite written in Ada to manipulate AADL models. Ocarina proposes AADL model manipulation, generation of formal models, performs scheduling analysis and generates distributed applications. It is developed by Télécom Paris.

ocarina architecture

Ocarina libraries

The Ocarina libraries constitute the central core that provides utilities to manipulate an AADL model:

Modules are built around this core, e.g. parsers and printers for different syntaxes, code generators, model analyzers.

Ocarina modules

We have developed the following modules for Ocarina:

AADL parser and pretty printer
An AADL parser/printer has been developed to help validating and reformatting AADL models. It can read an AADL description spread over multiple files.

Ocarina fully supports all constructs from AADL 1.0.

Code generator for distributed applications
AADL descriptions can be processed to fully deduce and then generate the configuration of the middleware. This approach allows one to describe an application and then fully generate it. This reduces the error-prone process of configuring complex runtime like CORBA middleware.

The current version of Ocarina allows the user to generate code from an AADL architecture description towards an Ada application running on top of PolyORB. In this context, PolyORB acts as both the distribution middleware and execution runtime on all targets supported by PolyORB.

Code generators for distributed high-integrity applications
In addition to the previous generator, a specific runtime for distributed high-integrity applications based on the Ada Ravenscar profile has been designed, PolyORB-HI. This runtime inherits concepts from the PolyORB middleware, while using a high-integrity compliant source base. Two target languages are supported: Ada 2005 and C.
Configuration for WCET evaluation tools
By exploiting AADL models information and runtime knowledge, Ocarina provides a way to configurate WCET evaluation tools such as Bound-T. WCET evaluation then can be exploited by scheduling analysis tools.
Requirements language processor

REAL explores the use of AADL to support an optimization process, using a non-functional requirement verification language.

REAL can be used in either to evaluate some aspects of the model (such as memory occupation), or to verify that hard constraints are respected. It allows to have a fully AADL-centric developpement chain, from project specifications to effective system description.

Third-party tools using Ocarina
Cheddar: our AADL toolsuite Ocarina is used to support the schedulabity analysis of AADL models.

Editors for the AADL

To ease the manipulation of AADL models in a lightweight set up, we devised the following editors for the AADL.

Emacs and vi

Modes for Emacs and Vi for the AADL syntax are available in Ocarina's package, see Ocarina User's Guide for more details.

They provide support for both syntax highlighting and automatic indentation.


Ocarina 1.2 source archive (2008-04-29)
This is the latest release of the Ocarina AADL model processing suite. It contains the Ocarina core that validates the consistency of AADL description; it allows the navigation through the tree representation of the AADL models, so that it is possible to plug in analysis tools. In addition, it contains an AADL parser/printer. The backend provided with this release generates Ada code that is meant to be compiled against PolyORB. It contains also two new code generators: Ada and C code generators to be used with the PolyORB High Integrity middleware. For an exhaustive list of the new features in Ocarina 1.2, please read the NEWS file provided in the source package.
Ocarina 1.2 binary distribution archives (2008-04-29)
Several pre-built binary archive can be found in the releases directory (for x86-linux, x86-windows, sparc-solaris, ppc-darwin and x86-freebsd).
Ocarina snapshots
We provide nightly-builds snapshots of Ocarina along with its runtimes.
  • Source and binary snapshots of Ocarina
  • The documentation of the latest Ocarina snapshot describes the structure of Ocarina and its related tools and generators. It also describes the mapping specification from AADL to Ada used by Ocarina. Please read carefully the documentation before using these snapshots, these are work-in-progress releases made available for testing purposes.

Please report bugs or comments to (either in French or in English). Click here to register to this list.


Ocarina has been developed with GNAT (distributed by AdaCore). It has been tested under Linux, Mac OS, Windows, Solaris and FreeBSD


Ocarina is released under the GNAT Modified GPL. Here is an excerpt from the Licence.

Ocarina is a free software;you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110, USA.

As a special exception, if other files instantiate generics from this unit, or you link this unit with other files to produce an executable, this unit does not by itself cause the resulting executable to be covered by the GNU General Public License. This exception does not however invalidate any other reasons why the executable file might be covered by the GNU Public License.

Authors and contributors

Ocarina is primarily developed by Bechir Zalila, Jérôme Hugues and Laurent Pautet.

The following people also contributed to the project:

Research work around AADL at Telecom Paris

Our team from Télécom Paris is using the AADL as a vehicle to describe, deploy and build Distributed Real-Time and Embedded systems.

We are member of the SAE AADL commitee, and are involved in the AADL standardisation process. We propose extensions to the AADL to ease the description of distributed applications. We also make contributions to enable code generation from AADL models.

We are member of the TopCased project and contribute to AADL-related topics.

We are studying the use of the AADL in the context of the following research projects:

We contribute to the following projects:

A detailed list of our research activities is provided as part of our ongoing publication work around Ocarina and the AADL, see the publication section for more details.

We also use AADL for our teaching activities as part of the engineering cursus at Télécom Paris and UPMC Master degree SAR.


[HZPK08] J. Hugues, B. Zalila, L. Pautet, and F. Kordon. From the Prototype to the Final Embedded System Using the Ocarina AADL Tool Suite. ACM Transactions in Embedded Computing Systems (TECS), oct 2008.

[ZPH08] B. Zalila, L. Pautet, and J. Hugues. Towards Automatic Middleware Generation. In 11th IEEE International Symposium on Object-oriented Real-time distributed Computing (ISORC'08), Orlando, Florida, USA, may 2008.

[HZNH08] I. Hamid, B. Zalila, E. Najm, and J. Hugues. Automatic framework generation for hard real-time applications. Innovations in Systems and Software Engineering: A NASA Journal, mar 2008.

[HPZ08] J. Hugues, L. Pautet, and B. Zalila. From MDD to Full Industrial Process: Building Distributed Real-Time Embedded Systems for the High-Integrity Domain.. In Monterey Workshop 2006, volume LNCS, pages 35-52, Paris, France, jan 2008.

[DHPZ08] J. Delange, J. Hugues, L. Pautet, and B. Zalila. Code Generation Strategies from AADL Architectural Descriptions Targeting the High Integrity Domain. In 4th European Congress ERTS, Toulouse, Paris, jan 2008.

[HPZ+08] J. Hugues, L. Pautet, B. Zalila, P. Dissaux, and M. Perrotin. Using AADL to build critical real-time systems:Experiments in the IST-ASSERT project. In 4th European Congress ERTS, Toulouse, Paris, jan 2008.

[HZP07] J. Hugues, B. Zalila, and L. Pautet. Rapid Prototyping of Distributed Real-Time Embedded Systems Using the AADL and Ocarina. In 18th IEEE/IFIP International Workshop on Rapid System Prototyping (RSP'07), Porto Allegre Brésil, jun 2007.

[ZHHP07] B. Zalila, I. Hamid, J. Hugues, and L. Pautet. Generating Distributed High Integrity Applications from their Architectural Description. In Ada-Europe 2007, Geneva, Switzerland, jun 2007.

[HZP07] J. Hugues, B. Zalila, and L. Pautet. Combining Model processing and Middleware Configuration for Building Distributed High-Integrity Systems. In 10th IEEE International Symposium on Object-oriented Real-time distributed Computing (ISORC'07), Santorini Island, Greece, may 2007.

[HZNH07] I. Hamid, B. Zalila, E. Najm, and J. Hugues. A generative approach to building a framework for hard real-time applications. In 31st Annual NASA Goddard Software Engineering Workshop, pages 269-278, Baltimore, USA, mar 2007.

[Ver06] Thomas Vergnaud. Modélisation des systèmes temps-réel répartis embarqués pour la génération automatique d'applications formellement vérifiées. PhD thesis, École nationale supérieure des télécommunications, December 2006.

[HZP06] Jerome Hugues, Bechir Zalila, and Laurent Pautet. Middleware and Tool suite for High Integrity Systems. In Proceedings of RTSS-WiP'06, pages 1 - 4, Rio de Janeiro, Brazil, Dec 2006. IEEE.

[VBH+06] Thomas Vergnaud, Khaled Barbaria, Irfan Hamid, Laurent Pautet, Sylvie Vignes, and Elie Najm. Modeling and generating tailored distribution middleware for embedded real-time systems. In Proceedings of ERTS'06, Toulouse, France, Jan 2006. SIA.

[HKPV05] Jerome Hugues, Fabrice Kordon, Laurent Pautet, and Thomas Vergnaud. A Factory To Design and Build Tailorable and Verifiable Middleware. In Proceedings of the Monterey Workshop 2005 on Networked Systems: realization of reliable systems on top of unreliable networked platforms, volume LNCS, Monterey Bay, USA, Sep 2005. Springer Verlag.

[VHPK05] Thomas Vergnaud, Jerome Hugues, Laurent Pautet, and Fabrice Kordon. Rapid Development Methodology for Customized Middleware. In Proceedings of the 16th IEEE International Workshop on Rapid System Prototyping (RSP'05), pages 111-117, Montreal, Canada, June 2005. IEEE.

[VPK05] Thomas Vergnaud, Laurent Pautet, and Fabrice Kordon. Using the AADL to describe distributed applications from middleware to software components. In Proceedings of the 10th International Conference on Reliable Software Techologies Ada-Europe 2005 (RST'05), volume LNCS 3555, pages 67 - 78, York, UK, June 2005. Springer Verlag.

[VHPK04] Thomas Vergnaud, Jerome Hugues, Laurent Pautet, and Fabrice Kordon. PolyORB: a schizophrenic middleware to build versatile reliable distributed applications. In Proceedings of the 9th International Conference on Reliable Software Techologies Ada-Europe 2004 (RST'04), volume LNCS 3063, pages 106 - 119, Palma de Mallorca, Spain, June 2004. Springer Verlag.