.. Langages-de-modélisation, 79 3.3.1 Motivations d'une représentation unifiée de l'architecture, p.79

.. Cha??necha??ne-de-génération, 141 5.2.1 Travaux existants

.. Patrons-de-génération-de-code, 144 5.3.2 Composants virtual processor et process 149 5.3.4 Composant memory, Connections entre composants thread . . . . . . . . 152 5.3.8 Connections entre composants process . . . . . . . 153 5.3.9 Intégration de code applicatif externe . . . . . . . . 155 5.3.10 Optimisation . . . . . . . . . . . . . . . . . . . . . . 156 5.3.11 Résumé des patrons de génération, p.158

.. Plate-forme-pour-systèmes-sûrs-et-sécurisés, 158 5.4.2 Architecture et services

.. Implantation-des-pilotes-de-périphérique, 166 Modèles et choix d, Implantation, p.167

J. Alves-foss, W. S. Harrison, P. Oman, and C. Taylor, The MILS Architecture for High-Assurance Embedded Systems, CROSSTALK -International Journal of Embedded Systems, 2005.

J. Alves-foss, C. Taylor, and P. Oman, A multi-layered approach to security in high assurance systems, 37th Annual Hawaii International Conference on System Sciences, 2004. Proceedings of the, pp.90302-90304, 2004.
DOI : 10.1109/HICSS.2004.1265709

B. Ames, Real-time software goes modular. Military & Aerospace Electronics, 2003.

A. J. Arlow, C. J. Duffy, and J. A. Mcdermid, Safety specification of the active traffic management control system for English motorways, 1st IET International Conference on System Safety, pp.54-63, 2006.
DOI : 10.1049/cp:20060203

J. Barnard, The Value of a Mature Software Process In United Space Alliance, presentation to UK Mission on Space Software, 1999.

W. Barnes, ARINC 653 and why is it important for a safety-critical RTOS, 2004.

D. E. Bell and L. J. Lapadula, Secure Computer System : Unified Exposition and MULTICS Interpretation The MITRE Corporation, 1976.

F. Bellard, QEMU, a fast and portable dynamic translator, ATEC '05 : Proceedings of the annual conference on USENIX Annual Technical Conference, pp.41-41, 2005.

C. Beounes, M. Aguera, J. Arlat, S. Bachmann, C. Bourdeau et al., SURF-2: A program for dependability evaluation of complex hardware and software systems, FTCS-23 The Twenty-Third International Symposium on Fault-Tolerant Computing, pp.668-673, 1993.
DOI : 10.1109/FTCS.1993.627372

B. Cole, Telelogic brings SysML to its TAU G2 system modeling suite http

S. Bernardi and J. Merseguer, A UML profile for dependability analysis of realtime embedded systems, WOSP '07 : Proceedings of the 6th international workshop on Software and performance, pp.115-124, 2007.

S. Bernardi, J. Merseguer, and D. C. Petriu, Adding Dependability Analysis Capabilities to the MARTE Profile, MoDELS '08 : Proceedings of the 11th international conference on Model Driven Engineering Languages and Systems, pp.736-750, 2008.
DOI : 10.1007/978-3-540-87875-9_51

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

K. J. Biba and M. Corp, Integrity Considerations for Secure Computer Systems, 1977.

E. Biham and A. Shamir, Differential cryptanalysis of des-like cryptosystems, CRYPTO '90 : Proceedings of the 10th Annual International Cryptology Conference on Advances in Cryptology, pp.2-21, 1991.

C. Boettcher, R. Delong, J. Rushby, and W. Sifre, The MILS component integration approach to secure information sharing, 2008 IEEE/AIAA 27th Digital Avionics Systems Conference, 2008.
DOI : 10.1109/DASC.2008.4702758

E. Borde, G. Ha¨?kha¨?k, and L. Pautet, Mode-based reconfiguration of critical software component architectures, 2009 Design, Automation & Test in Europe Conference & Exhibition, 2009.
DOI : 10.1109/DATE.2009.5090838

M. Bordin, C. Comar, T. Gingold, J. Guitton, O. Hainque et al., Couverture : an Innovative Open Framework for Coverage Analysis of Safety Critical Applications, Ada User Journal, pp.248-256, 2009.

D. D. Brewer and D. M. Nash, The Chinese Wall security policy, Proceedings. 1989 IEEE Symposium on Security and Privacy, p.206, 1989.
DOI : 10.1109/SECPRI.1989.36295

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

J. Chilenski, Aerospace Vehicle Systems Institute Systems and Software Integration Verification Overview. AADL Safety and Security Modeling Meeting, 2007.

A. Crespo, I. Ripoll, and M. Masmano, Partitioned Embedded Architecture Based on Hypervisor: The XtratuM Approach, 2010 European Dependable Computing Conference, pp.67-72, 2010.
DOI : 10.1109/EDCC.2010.18

R. I. Davis and A. Burns, Hierarchical Fixed Priority Pre-Emptive Scheduling, 26th IEEE International Real-Time Systems Symposium (RTSS'05), pp.389-398, 2005.
DOI : 10.1109/RTSS.2005.25

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

J. Delange, PolyORB-HI-C user guide -http: // aadl. telecom-paristech. fr, Ecole Nationale Supérieure des Télécommunications, 46 rue Barrault, 2007.

J. Delange, POK Developper's Guide, Ecole Nationale Supérieure des Télécommunications , 46 rue Barrault, 2008.

J. Delange, POK User's Guide, Ecole Nationale Supérieure des Télécommunications , 46 rue Barrault, 2008.

J. Delange, ARINC653 Annex for AADLv2 -to be published, 2010.

J. Delange, J. Hugues, L. Pautet, and D. De-niz, An MDE-Based Process for the Design, Implementation and Validation of Safety-Critical Systems, 2010 15th IEEE International Conference on Engineering of Complex Computer Systems, 2010.
DOI : 10.1109/ICECCS.2010.12

J. Delange, J. Hugues, L. Pautet, and B. Zalila, Code Generation Strategies from AADL Architectural Descriptions Targeting the High Integrity Domain, 4th European Congress ERTS, 2008.

J. Delange, L. Pautet, A. Plantec, M. Kerboeuf, F. Singhoff et al., Validate, simulate, and implement ARINC653 systems using the AADL, Proceedings of the ACM SIGAda annual international conference on Ada and related technologies, SIGAda '09, pp.31-44, 2009.
DOI : 10.1145/1647420.1647435

URL : https://hal.archives-ouvertes.fr/hal-00745370

S. Demathieu, F. Thomas, C. André, S. Gérard, and F. Terrier, First Experiments Using the UML Profile for MARTE, 2008 11th IEEE International Symposium on Object and Component-Oriented Real-Time Distributed Computing (ISORC), pp.50-57, 2008.
DOI : 10.1109/ISORC.2008.36

A. Easwaran, I. Lee, O. Sokolsky, and S. Vestal, A Compositional Scheduling Framework for Digital Avionics Systems, 2009 15th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications, 2007.
DOI : 10.1109/RTCSA.2009.46

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

A. European-space, ASSERT Project -http://www.assert-project

A. European-space, Ariane 501 -Presentation of Inquiry Board report -http, 1996.

P. Feiler and A. Rugina, Dependability Modeling with the Architecture Analysis & Design Language (AADL), 2007.

P. H. Feiler, Evolution of an Avionics System, 2007.

P. H. Feiler and J. Hansson, Flow Latency Analysis with the Architecture Analysis and Design Language (AADL), 2007.

P. H. Feiler, J. Hansson, D. De-niz, and L. Wrage, System Architecture Virtual Integration : An Industrial Case Study, 2009.

N. E. Fenton and N. Ohlsson, Quantitative analysis of faults and failures in a complex software system, IEEE Transactions on Software Engineering, vol.26, issue.8, pp.797-814, 2000.
DOI : 10.1109/32.879815

M. V. Fleet, Protection Profile for Partitioning Kernels in Environments Requiring Augmented High Robustness, 2003.

. Flex-eware, Flex-eWare Project -https

R. Frana, J. Bodeveix, M. Filali, and J. Rolland, The aadl behaviour annex ? experiments and roadmap. Engineering Complex Computer Systems, 12th IEEE International Conference on, pp.377-382, 2007.

A. German and G. Mooney, Air vehicle Software Static Code Analysis Lessons Learnt, Aspects of Safety Management, 2001.
DOI : 10.1007/978-1-4471-0713-2_13

O. Gilles, REAL : Requirement Enforcement Analysis, 2008.

D. Greve, M. Wilding, and M. Vanfleet, A Separation Kernel Formal Security Policy

N. Halbwachs, A Synchronous Language at Work: The Story of Lustre, pp.3-11, 2005.
DOI : 10.1002/9781118459898.ch2

URL : https://hal.archives-ouvertes.fr/hal-00190883

C. Hannum and J. Kohl, The NetBSD project : A highly portable UNIX-like system. the USENIX Association newsletter, pp.39-41, 1995.

S. Harris, CISSP Certification All-in-One Exam Guide, Fourth Edition, 2008.

L. Hatton, Estimating source lines of code from object code : Windows and Embedded Control Systems, 2005.

J. Hugues, L. Pautet, B. Zalila, P. Dissaux, and M. Perrotin, Using AADL to build critical real-time systems : Experiments in the IST-ASSERT project, 4th European Congress ERTS, 2008.

W. Jackson, Under attack -Common Criteria has loads of critics, but is it getting a bum rap ? http ://gcn.com/articles, 2007.

J. J. Chilenski, An Investigation of Three Forms of the Modified Condition Decision Coverage (MCDC) Criterion -http, 2001.

R. M. Karcich, R. Skibbe, P. Aditya, and . Garg, On software reliability and code coverage, 1996 IEEE Aerospace Applications Conference. Proceedings, pp.297-308, 1996.
DOI : 10.1109/AERO.1996.499668

R. N. Kashi and M. Amarnathan, Perspectives on the use of model based development approach for safety critical avionics software development, International Conference on Aerospace Science and Technology, 2008.

J. Lehoczky, L. Sha, and Y. Ding, The rate monotonic scheduling algorithm: exact characterization and average case behavior, [1989] Proceedings. Real-Time Systems Symposium, pp.166-171, 1989.
DOI : 10.1109/REAL.1989.63567

B. Lockheed-martin, R. Collins, and . Green, Hills Software and LynuxWorks and Objective Interface and University of Idaho. U.S. Government Protection Profile for Separation Kernels in Environments Requiring High Robustness, 2003.

. Lynuxworks, LynxSecure Embedded Hypervisor and Separation Kernel http

J. Mason, K. Luecke, and J. Luke, Device drivers in time and space partitioned operating systems, 25th Digital Avionics Systems Conference, pp.1-9, 2006.
DOI : 10.1109/dasc.2006.313742

J. Mcdermid, Software Hazard and Safety Analysis, 2004.
DOI : 10.1007/3-540-45739-9_2

J. Mcdermid and T. Kelly, Software in safety critical systems?achievement and prediction, Nuclear Energy, vol.2, issue.3, pp.140-145, 2006.
DOI : 10.1680/nuen.2006.2.3.140

J. A. Mcdermid, M. Nicholson, D. J. Pumfrey, and P. Fenelon, Experience with the application of HAZOP to computer-based systems, COMPASS '95 Proceedings of the Tenth Annual Conference on Computer Assurance Systems Integrity, Software Safety and Process Security', pp.37-48, 1995.
DOI : 10.1109/CMPASS.1995.521885

K. Med, Aeronautical manufacturer versus architectintegrator : a new industrial model for Airbus (In French) Cahiers du GRES, 2008.

A. K. Mok, X. Feng, and D. Chen, Resource partition for real-time systems, Proceedings Seventh IEEE Real-Time Technology and Applications Symposium, 2001.
DOI : 10.1109/RTTAS.2001.929867

T. Nolte, M. Behnam, M. Asberg, R. J. Bril, and I. Shin, Hierarchical Scheduling of Complex Embedded Real-Time Systems, 2009.

M. Object and . Group, UML Profile for Schedulability, Performance, and Time Specification -http, 2002.

M. Object and . Group, OCL 2.0 Specification -http://www.omg.org/ spec, 2005.

M. Object and . Group, CORBA Component Model Specification, 2006.

G. Ramirez, J. Burke, and L. Pesce, [85] Open Source Initiative, Wireshark & Ethereal Network Protocol Analyzer Toolkit, 2006.

R. F. Paige, L. M. Rose, X. Ge, D. S. Kolovos, and P. J. Brooke, FPTC: Automated Safety Analysis for Domain-Specific Languages, Models in Software Engineering, pp.229-242, 2009.
DOI : 10.1049/sej.1986.0018

S. Paynter, J. Armstrong, and J. Haveman, ADL : An Activity Description Language for Real-Time Networks. Formal Aspects of Computing, pp.120-144, 2000.
DOI : 10.1007/s001650070032

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

G. Quaranta and P. Mantegazza, Using Matlab-Simulink RTW To Build Real Time Control Applications In User Space With RTAI-LXRT, 2001.

D. J. Reifer, Industry Software Cost, Quality and Productivity Benchmarks

D. W. Reinhardt, Considerations in the Preference for and Application of RTCA/DO-178B in the Australian Military Avionics Context, Thirteenth Australian Conference on Safety-Related Programmable Systems, pp.49-68, 2008.

M. Rhodes-ousley, R. Bragg, and K. Strassberg, Network Security : The Complete Reference, 2003.

R. Inc, Software considerations in airborne systems and equipment certification (DO178B)

A. E. Rugina, K. Kanoun, and M. Kaaniche, The ADAPT Tool: From AADL Architectural Models to Stochastic Petri Nets through Model Transformation, 2008 Seventh European Dependable Computing Conference, p.6, 2008.
DOI : 10.1109/EDCC-7.2008.14

URL : https://hal.archives-ouvertes.fr/hal-00323969

J. Rushby, The Bell and La Padula Security Model, 1986.

J. Rushby, Separation and Integration in MILS (The MILS Constitution), 2008.

S. Aerospace, Architecture Analysis and Design Language (AADL), 2004.

M. A. Sánchez-puebla and J. Carretero, A new approach for distributed computing in avionics systems, ISICT '03 : Proceedings of the 1st international symposium on Information and communication technologies, pp.579-584, 2003.

C. Savarese and B. Hart, The Caesar Cipher -http

B. Schneier, Products that use Blowfish -http

B. Schneier, Description of a new variable-length key, 64-bit block cipher (Blowfish), Fast Software Encryption, Cambridge Security Workshop Proceedings, pp.191-204, 1994.
DOI : 10.1007/3-540-58108-1_24

B. Schneier, Description of a New Variable-Length Key, 64-bit Block Cipher (Blowfish) In Fast Software Encryption, pp.191-204, 1994.

F. Singhoff, J. Legrand, L. N. Tchamnda, and L. Marcé, Cheddar : a Flexible Real Time Scheduling Framework, Also published in the proceedings of the ACM SIGADA International Conference, pp.1-8, 2004.

Z. Stephenson, M. Nicholson, and J. Mcdermid, Flexibility and Manageability of IMS Projects, 24th International System Safety Conference, 2006.

Z. R. Stephenson, J. A. Mcdermid, and A. G. Ward, Health Modeling for Agility in Safety-Critical Systems Development, 1st IET Conference on System Safety, p.260, 2006.

G. Uchenick and M. Vanfleet, Multiple independent levels of safety and security: high assurance architecture for MSLS/MLS, MILCOM 2005, 2005 IEEE Military Communications Conference, 2005.
DOI : 10.1109/MILCOM.2005.1605749

T. Vergnaud, J. Hugues, L. Pautet, and F. Kordon, Rapid Development Methodology for Customized Middleware, Proceedings of the 16th IEEE International Workshop on Rapid System Prototyping (RSP'05), pp.111-117, 2005.
URL : https://hal.archives-ouvertes.fr/hal-01490881

M. Wallace, Modular Architectural Representation and Analysis of Fault Propagation and Transformation, Electronic Notes in Theoretical Computer Science, vol.141, issue.3, pp.53-71, 2005.
DOI : 10.1016/j.entcs.2005.02.051

M. Whalen, J. Schumann, and B. Fischer, Synthesizing Certified Code, FME 2002 : Formal Methods -Getting IT Right, International Symposium of Formal Methods Europe, volume Lectur, pp.431-450, 2002.
DOI : 10.1007/3-540-45614-7_25

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

T. W. Williams, M. R. Mercer, J. P. Mucha, and R. Kapur, Code coverage, what does it mean in terms of quality?, Annual Reliability and Maintainability Symposium. 2001 Proceedings. International Symposium on Product Quality and Integrity (Cat. No.01CH37179), pp.420-424, 2001.
DOI : 10.1109/RAMS.2001.902502

B. Zalila, Configuration et déploiement d'applications temps-réel réparties embarquéesbarquéesà l'aide d'un langage de description d'architecture, 2008.

B. Zalila, I. Hamid, J. Hugues, and L. Pautet, Generating Distributed High Integrity Applications from Their Architectural Description, Ada-Europe'07 : Proceedings of the 12th international conference on Reliable software technologies, pp.155-167, 2007.
DOI : 10.1007/978-3-540-73230-3_12

B. Zalila, J. Hugues, and L. Pautet, Ocarina user guide -http

J. Zhou and J. Alves-foss, Architecture-based refinements for secure computer systems design, Proceedings of the 2006 International Conference on Privacy, Security and Trust Bridge the Gap Between PST Technologies and Business Services, PST '06, pp.1-11, 2006.
DOI : 10.1145/1501434.1501453

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

H. Zimmermann, OSI Reference Model--The ISO Model of Architecture for Open Systems Interconnection, IEEE Transactions on Communications, vol.28, issue.4, pp.425-432, 1980.
DOI : 10.1109/TCOM.1980.1094702

M. Zitser, D. E. Group, and T. Leek, Testing Static Analysis Tools using Exploitable Buffer Overflows from Open Source Code, Proceedings of the 12th ACM SIGSOFT twelfth international symposium on Foundations of software engineering, pp.97-106, 2004.
DOI : 10.1145/1041685.1029911

URL : http://citeseerx.ist.psu.edu/viewdoc/summary?doi=

A. Annexe, Publications & glossaire A.1 Publications A.1.1 Articles de conférence ? Julien Delange, Laurent Pautet et Fabrice Kordon. Design, Verification and Implementation of MILS systems, Proceedings of the 21th International Symposium on Rapid System Prototyping, 2010.

L. @bullet-julien-delange, F. Pautet, and . Kordon, Modeling and Validation of ARINC653 Architectures, Proceedings of Embedded Real Time Software and Systems (ERTSS'10), 2010.

S. @bullet-gopal-raghav, J. Gopalswamy, L. Delange, J. Pautet, and . Hugues, Model Based Code Generation for Distributed Embedded Systems, Proceedings of Embedded Real Time Software and Systems (ERTSS'10), 2010.

L. @bullet-julien-delange and . Pautet, Jérôme Hugues et Dionisio de Niz. A MDE-based Process for the Design, Implementation and Validation of Safety-Critical Systems, Proceedings of the 5th UML AADL Workshop -UML AADL 2010, 2010.

S. @bullet-gopal-raghav, K. Gopalswamy, and . Radhakrishnan, Julien Delange et Jérôme Hugues Architecture Driven Generation of Distributed Embedded Software from Functional Models, Proceedings of Ground Vehicle Systems Engineering and Technology Symposium (GVSETS09), 2009.

O. @bullet-julien-delange, J. Gilles, L. Hugues, and . Pautet, Model- Based Engineering for the Development of Partitioned Architectures, Proceedings of the AeroTech Congress & Exhibition -Avionics -Integrated Model-based System, Application and Architectures, 2009.

L. @bullet-julien-delange, . Pautet, H. Peter, and . Feiler, Validating safety and security requirements for partitioned architectures, Proceedings of the 14th International Conference on Reliable Software Technologies -Ada Europe, pp.30-43, 2009.

L. @bullet-julien-delange, F. Pautet, and . Kordon, Code Generation Strategies for Partitioned Systems, Proceedings of the 29th IEEE Real-Time Systems Symposium (RTSS'08), pp.53-56, 2008.

J. @bullet-julien-delange, L. Hugues, B. Pautet, and . Zalila, Code Generation Strategies from AADL Architectural Descriptions Targeting the High Integrity Domain, Proceedings of the 4th European Congress ERTS, 2008.

L. @bullet-julien-delange, F. Pautet, and . Kordon, Model-Based Approach for the Configuration of ARINC653 systems dans « Reconfigurable Embedded Control Systems : Applications for Flexibility and Agility, 2010.

J. @bullet-julien-delange, L. Pautet, and A. Plantec, Mickael Kerboeuf, Frank Singhoff et Fabrice Kordon. Validate, simulate and implement ARINC653 systems using the AADL, ACM SIGAda Ada Letters (from the proceedings of the ACM SigAda conference 2009), pp.31-44, 2009.

C. @bullet-matteo-bordin, T. Comar, J. Gingold, O. Guitton, T. Hainque et al., Jérôme Hugues et Laurent Pautet, « Couverture : an Innovative Open Framework for Coverage Analysis of Safety Critical Applications, Ada-User Journal, pp.248-256, 2009.

.. Représentation-textuelle-des-cas-d-'´-etudes and «. , 247 B.4.1 Cas d'´ etude « integrated, p.265