Model-based Analysis & Engineering  of
Novel Architectures for Dependable Electric Vehicles



MAENAD is an FP7 Project supported by the European Commission




September 2013: Below is an update regarding milestone 8 progress.


Milestone 8 Update 



The MAENAD project has reached milestone 8 and completed 3 years. Some key events and recent progresses in regard to the modeling and tool support are introduced below.


EAST-ADL Open Workshop, Göteborg, October 24th 2013

Organized by the MAENAD project and the EAST-ADL Association, this workshop describes EAST-ADL, shows concrete examples of its usage along with various tools that support EAST-ADL and assist, automate and rationalise part of the system design process. The workshop also discusses and shares experiences on industrial deployment of EAST-ADL and development of automotive systems.


For registration, please see  


New Language Version EAST-ADL 2.1.11

Early 2013, the conceptual work on new version of EAST-ADL had been completed and published as domain model M2.1.11. End of May 2013 this proposal was approved by the EAST-ADL association as the next official EAST-ADL version 2.1.11.


As reported in our previous newsletter already, the new language version includes a number of consolidation refinements to the core of EAST-ADL (e.g. data types, values, expressions) and integrates the language amendments proposed by the TIMMO-2-USE European research project into the overall language. Some extension packages have received major updates, esp. the behavior extension. Also, several refinements have been made to keep the EAST-ADL domain model aligned to recent versions of AUTOSAR, e.g. the recent AUTOSAR changes to the inheritance hierarchy of software component types, prototypes, and ports have been reconstructed in EAST-ADL's inheritance of function types, prototypes, and ports.


Tool Support

A number of implementations are currently available for EAST-ADL: implementations within the commercial-quality modeling tools MetaEdit+ and SystemWeaver, an open source implementation of the language based on Eclipse EMF/Sphinx provided by the EATOP initiative, and an implementation as a UML2 profile that can be used in the tool Papyrus UML. Since May 2013, these implementations have been updated to conform to EAST-ADL 2.1.11.


The accompanying XML schema definition (XSD) for the so-called EAXML format has been updated to 2.1.11 as well. This exchange format is provided to allow a seamless data exchange across different EAST-ADL implementations and is currently supported by several of the above implementations and for most parts of the EAST-ADL domain model 2.1.11.


Links to EAST-ADL implementations:






There is also a rich set of new modelling and tool solutions being developed to facilitate the usage of EAST-ADL for a multi-viewed and multi-leveled approach to the engineering of automotive embedded systems. The covered topics include: import of external requirement and architecture descriptions, formalized description of behaviours, early resource and timing analysis, multi-objective optimization, and model-based dependability engineering.


Further information about these new modelling and tool solutions is available here at, where some typical views and tool screenshots are illustrated below.


More on EAST-ADL

There is a white paper, describing the EAST-ADL modeling concepts, methodology and relations to other modeling languages. An example model is also included in this white paper. It is available on the website, under ”MAENAD Presentations”:


The EAST-ADL Association is open to anyone involved in EAST-ADL modeling or definition. See

There is also the LinkedIn EAST-ADL group for discussions, and an EAST-ADL channel on YouTube.



August 2013: Invitation


EAST-ADL Open Workshop

MAENAD and EAST-ADLAssociation is organizaing an Open Workshop October 24th. See Invitation for more details.



March 2013: Below is an update regarding milestone 7 progress.


Milestone 7 Update 


The MAENAD project has reached milestone 7 and completed 2.5 years. The project has received one new member, ARCCORE, and will be extended until January 2014. A public workshop is planned autumn 2013.


Language and profile update

At the end of March 2013, the new EAST-ADL domain model version M2.1.11 has been released by the MAENAD project. It will be presented to the EAST-ADL Association for approval as the next official EAST-ADL version 2.1.11 in May 2013. Until then, minor corrections and fixes may be performed depending on the feedback from language implementers.


A number of implementations are currently available for EAST-ADL. Implementations within the commercial quality modeling tools MetaEdit+ and SystemWeaver, an open source implementation of the language based on Eclipse EMF/Sphinx provided by the EATOP initiative, and an implementation as a UML2 profile that can be used in the tool Papyrus UML. These implementations are currently available for EAST-ADL 2.1.10 and will be updated to 2.1.11 over the coming weeks and months.


In order to provide a seamless data exchange across these different implementations, a standard XML schema definition (XSD) is provided, defining the so-called EAXML format. This exchange format is currently supported by several of the above implementations and for most parts of the EAST-ADL domain model 2.1.10; this support will be updated to 2.1.11 and further extended over the coming months.

The new language version includes a number of consolidation refinements to the core of EAST-ADL (e.g. data types, values, expressions) and integrates the language amendments proposed by the TIMMO-2-USE European research project into the overall language. Some extension packages have received major updates, esp. the behavior extension. Also, several refinements have been made to keep the EAST-ADL domain model aligned to recent versions of AUTOSAR, e.g. the recent AUTOSAR changes to the inheritance hierarchy of software component types, prototypes, and ports have been reconstructed in EAST-ADL's inheritance of function types, prototypes, and ports.


Links to selected EAST-ADL implementations:

- MetaEdit+:

- SystemWeaver:

- EATOP: eclipse-auto-iwg

- UML2 Profile / Papyrus UML:


Analysis concepts

A new release of MAENAD Analysis Workbench, containing different analysis tools and plugins was released this milestone. It will be further developed throughout the project; a new release is planned before summer.


EAST-ADL and HiP-HOPS (a state of the art dependability analysis and optimisation tool extended in MAENAD) are now supporting automatic decomposition of Automotive Safety Integrity Levels (ASILs), which have been adopted as part of the automotive safety standard ISO 26262. The ASILs assigned to safety goals at system level within an EAST-ADL model can now be allocated and decomposed by HiP-HOPS into ASIL assignments for components of the model. A Brake-By-Wire case study is in progress.


For optimisation, an evolved prototype tool architecture ‘OptiPAL’ with an addon for the EAST-ADL modelling tool EPM authored by the Technical University of Berlin was developed. It is intended to support product line optimisation over the coming months, but dependability analysis with architectural optimisation and cost analysis as possible objective evaluations can already take place via HiP-HOPS.


On the timing analysis part, besides the transformation between EAST-ADL timing information and MARTE models for schedulability analysis which is already implemented in the timing analysis tool ‘Qompass’, the corresponding plug-in has been enhanced to directly analyse EAST-ADL models and a work to support the BBW model is in progress.


Concerning behavioural analysis, a behaviour description annex was developed and concepts for native behaviour constraints have been formalised and integrated into the language domain model. Novel analysis algorithms based on transformations of behavioural descriptions to fault trees and optimised Markov models were released together with enhanced compositional synthesis algorithms. These are envisaged to feed into tool development work like integration with HiP-HOPS and to link behavioural analysis tools like SPIN and UPAAL with MetaEdit+.



The MAENAD methodology is modeled in the Business Process Model and Notation ( It follows one to one the abstraction level principle of the EAST-ADL language, starting from the most abstract level, the vehicle phase, to the most concrete level, the implementation phase. Each abstraction level has been structured in 7 steps according to the Generic Method Pattern (GMP) identified together with the TIMMO-2-USE project.

Moreover, the methodology has been modeled in 4 “swimlanes”; the core development methodology leading a developer through the EAST-ADL language is modeled in the “Core” lane. Specific aspects that extend the core methodology are separated to additional lanes. In fact the complete methodology includes also the functional safety swimlane, the timing swimlane and one swimlane dedicated to FEV. The swimlane related to the Functional Safety Process has been modeled in compliance with the ISO 26262 safety life-cycle, by detailing each process sub-phase in terms of inputs, outputs and activities to be performed. The FEV swimlane has been modeled by including the design activities that shall be performed according to the standards and regulations related to FEV development.


More on EAST-ADL

There is a white paper, describing the EAST-ADL modeling concepts, methodology and relations to other modeling languages. An example model is also included in this white paper. It is available on the website, under ”MAENAD Presentations”:

The EAST-ADL Association is open to anyone involved in EAST-ADL modeling or definition. The next meeting is in May, where new members will be accepted.

There is also the LinkedIn EAST-ADL group for discussions, and an EAST-ADL channel on YouTube.




The MAENAD Consortium





October 2012: Below is an update regarding milestone 6 progress.



Milestone 6 Update 

The MAENAD project has reached milestone 6 and completed its second year. We would like to tell you about a recent workshop, EAST-ADL progress, our case studies and tooling.



Public Workshop

The ITEA and FP7 projects AMALTHEA, MAENAD, SAFE and TIMMO-2-USE had a common workshop in Berlin in September. Around 80 participants attended, and were presented with results and plans from the projects. The theme was challenges and solutions in the areas of methodology, representation and tooling. A large demo area provided possibilities to see and discuss tools and examples. Common issues were identified and possible cooperations defined.


LinkedIn group

A LinkedIn group for EAST-ADL has been created, where we will post these newsletters, and other announcements  and we welcome you to join and start discussions related to EAST-ADL.


Language and profile update

Several required language changes and refinements have been identified. On the one hand, this includes updates required in the context of the major MAENAD objectives, e.g. for ISO26262 support or support of various analyses. On the other hand, some updates were initiated by other research projects, for example the results of the TIMMO2USE project on modeling timing-related information were integrated into EAST-ADL. Finally, some fixes and refinements resulted from a general language consolidation review undertaken within the MAENAD project earlier this year. This includes, for example, a change in the inheritance structure of meta-classes such as function types and ports, in order to be in line with the latest AUTOSAR version where this has also been modified (introduction of AtpType, AtpPrototype, etc.).

However, with respect to the core of the language and from the perspective of a modeler applying EAST-ADL, these changes do not introduce fundamental differences or fundamentally new concepts. So the core of the language is kept fairly stable. Extensions with some more detailed changes include those on timing and behavior. All the abovementioned changes will be made available as part of the upcoming EAST-ADL M2.1.11 release.

In addition the UML2 profile for EAST-ADL has been updated to the latest EAST-ADL version M2.1.10 and the latest MARTE version.


Case studies

The selected case studies, preliminarily defined in the first year, have been updated in terms of specification and models.

The activities have been carried out to provide better support for the evaluation of MAENAD capabilities for the design and analysis of complex FEV architectures.

The hardware architecture of the “Propulsion and power distribution subsystem” has been revised. The case study has been enhanced with new design views, specifically the functional analysis architecture.

Hazard analysis and risk assessment have been performed on the above mentioned subsystem to evaluate the ability of MAENAD to support ISO 26262 safety processes and safety concepts, as well as their integration with other aspects of system development.

A “dependability” model with a view of the risk assessment performed has been created, to investigate the tool support for this type of model view.

The “Mode and range management” subsystem has been enhanced to provide better support with regard to project objectives. New model views have been added such as the Behavioral model, the AUTOSAR model in ARText and the timing model.

The same applies for the “Regenerative braking”  subsystem, where all the existing views developed during the first year of the project have been updated, and new model views focused on timing, timing requirements and E2E timing have been created to support the evaluation of the performance analysis and the optimization approach.


Tool Support

MetaEdit+ for EAST-ADL provides a multi-user modeling environment for systems and software development. Various graphical modeling editors and browsers for EAST-ADL are described at MetaEdit+ enables the use of models for various analysis and testing purposes (e.g. with TLA, UPPAAL, SPIN) and integrates with other development tools (e.g. Simulink, Visual Studio, Eclipse). Contact Mr. Janne Luoma ( for details.


SystemWeaver  provides a  multi-user environment for model-based development along with configuration and version control. EAST-ADL 2.1.9 and M2.1.10 are implemented using SystemWeaver, and a collaborative environment has been set up for MAENAD. EAXML exchange has been implemented, so far concentrating on the hardware architecture. More information can be provided by Systemite (


The UML tool Papyrus has received updated support for EAST-ADL 2.1.10 through its UML profile and related plugin with toolbars for various EAST-ADL areas. The Papyrus homepage is here:, and a version configured for EAST-ADL can be downloaded from MAENAD website:  


EATOP was introduced in our previous newsletter as an Eclipse project in preparation similar to ARTOP. More information can be found at the Eclipse Automotive IWG: An initial code contribution has been made and several activities are ongoing to provide elements to the platform.






March 2012: Below is an update regarding milestone 5 progress.


Milestone 5 update

The MAENAD project has completed milestone 5 and reached half-time. This period has involved language consolidation, and further work on analysis, synthesis and methodology with the release of related deliverables. The EATOP project has also been initiated.


Language and profile update

We are currently in the later phases of a language consolidation, i.e. a review and various quality improvements of the EAST-ADL domain model and specification. As part of this consolidation effort, we had publicly solicited feedback on EAST-ADL's language concepts (for example via the web site and in prior newsletters). Thank you for your responses! This feedback has been considered and is being incorporated into the language refinements we are working on. The refinements resulting from both the MAENAD-internal review and the external feedback will be covered in the upcoming MAENAD-internal EAST-ADL release 2.1.10. This project-internal release will later be considered by EAST-ADL association for the next official EAST-ADL release.


The preparation of a new Eclipse project called “EATOP” is ongoing. EATOP will be an Eclipse-based implementation of the EAST-ADL meta-model.

The general outcome will be an extensible platform, which provides model editors and analysis plug-ins, which will support the EAST-ADL language for functional-, system-, software- and hardware-description. For the integration of already existing tools, which work on proprietary meta-models, model to model transformations will be provided.

With the work of EATOP the usage of EAST-ADL should be simplified and the number of already existing intermediate formats should be reduced.

So far, more than 30 persons from 4 countries, from industry and university institutes announced their interest in the creation of EATOP. Initial steps are already in place, i.e.

                    the proposal has been presented at the Eclipse automotive industry working group,

                    one mentor from the Eclipse architecture council already agreed to support the project (two are needed) and

                    an Eclipse Labs space (a community of open source projects) is already available for an upcoming upload of the initial code.

In April the interested parties will come together in a first phone conference to prepare the upcoming steps. Then it will take approximately half a year to prepare the code in an Eclipse Lab to be ready for contribution to Eclipse directly and to publish the project at the Eclipse website.

Analysis and synthesis algorithms for fully electric vehicles

Bridging the evolution of EAST-ADL language concepts and the implementation of modelling and analysis tools is the development of analysis and synthesis algorithms and techniques. In MAENAD, algorithm development focuses primarily on:


   Supporting safety analyses required by ISO 26262, particularly the allocation and decomposition of ASILs (Automotive Safety Integrity Levels);

   Behavioural simulation of systems modelled with executable EAST-ADL semantics;

   Timing and performance analysis of embedded processor technology;

   Techniques for the automatic optimisation of system architectures.


In addition we consider analyses specific to FEVs such as power consumption analysis, current analysis, and cable length analysis, amongst others.


One of the major aims of the MAENAD project is to support the new requirements and methodologies introduced by the ISO 26262 standard, such as the notion of an ‘ASIL’ – an Automotive Safety Integrity Level – and how they can be decomposed over the system architecture so that a robust, parallelised implementation can fulfil a higher ASIL safety requirement even if its constituent parts only meet a lower ASIL. This process of decomposition can be difficult to achieve manually, and so as part of MAENAD, we have been investigating algorithms to automate this process. So far we have looked at two different approaches, both based on FTA technology: one is an exhaustive approach while the other is based on optimisation. Both have been implemented as part of the HiP-HOPS tool and applied to small examples; early results are promising but suggest that scalability is an issue we will need to look at further.


Optimisation has also been applied elsewhere in MAENAD, where we are developing a tool infrastructure and supporting algorithms to allow multi-objective architectural optimisation of EAST-ADL models to take place. Automatic design optimisation is an area of growing importance, as computers can investigate and evaluate potential design options far more rapidly than can be done manually. The idea is that the optimisation algorithms are able to intelligently explore a huge search space of many potential designs by finding good candidates and modifying them in an attempt to improve them further.


The optimisation algorithms used in MAENAD are based on genetic algorithms, which seek to emulate the process of natural evolution: strong candidates are favoured and pass on their characteristics to future generations, whereas weak candidates are discarded and their characteristics become extinct. The evaluation of the candidates is multi-objective, meaning that we consider different aspects of quality as part of the same optimisation, e.g. cost, safety/dependability, timing/performance etc. This results in trade-offs between the objectives, so that an expensive but very safe design may be considered against a cheap but more unreliable design. The goal later in MAENAD is to extend this optimisation architecture to product lines as well, so that we can optimise not just individual designs, but also multiple designs connected as part of a particular product line.



After analyzing phases, as described in last newsletter, a first draft of MAENAD methodology was defined and modelled in so-called “swimlanes”. The core development methodology is modelled in the “E/E system design engineering – conventional vehicle unit” lane. Specific aspects that extend the core methodology are separated to additional lanes, e.g. “FEV unit” and “Functional safety unit”.


In the next step FEV specific design processes were identified and modelled:

   Design of an insulation monitoring system

   Design the Regenerative Energy Storage System

   Design of the Regenerative Braking System

   Design of conductive charge coupling

   Design of the vehicle operation modes

   Design of theft protection system


Furthermore the Generic Method Pattern (GMP), a methodology model developed in the TIMMO-2-USE project, has been analyzed. First steps to combine the MAENAD methodology with GMP model have been done.


The challenges in the upcoming project phase are:

   To integrate the above FEV specific design processes in the general FEV development process, which will be represented on a separate swimlane in MAENAD methodology

   To refine the MAENAD methodology and harmonize it with GMP model.





October 2011: Below is an update regarding milestone 4 progress.


The MAENAD project has completed milestone 4 and its first year. Below is a short summary of the results. Overall focus has been to identify needs and requirements from a general perspective, and in particular from the ISO26262 functional safety standard and relevant electrical vehicle standards. The EAST-ADL language itself has only been subject to minor adjustments. By keeping it stable in this phase, it was possible to offer EAST-ADL support in several tools and experiment with validator examples.


In addition, we would like to announce that the EAST-ADL association has been formed, see info at the end of the nesletter and at


Language and profile update

The EAST-ADL version currently in use within the project is 2.1.9 and a new version 2.1.10 is expected around end of 2011. This upcoming version will include adjustments to improve support for ISO26262 and several improvements and extensions related to optimization and behaviour description. Each version is supplied with a corresponding implementation as a UML-profile and an XML schema.


Engineering scenarios related to fully electric vehicles

The aim of the MAENAD project is to extend the EAST-ADL methodology for the engineering of Fully Electrical Vehicles, FEVs. An initial activity was therefore the definition of user needs in the engineering processes starting from the concept phase.


The technical issues related to FEVs during their development have been identified, in order to address especially those that are EV specific. Examples are high voltage, insulation, battery charging, integration with conventional vehicle systems, communication with the infrastructure, new propulsion and energy storage technologies.


Standards and regulations play a major role to guide engineers in their job. Therefore standards and regulations from ISO, IEC, SAE, UNECE, FMVSS, NHTSA applicable to EV development have been considered. Those relevant to MAENAD have been identified and deeply examined along with the safety standard ISO26262. Both language/modelling and methodology requirements were identified.



In a first step, the existing EAST-ADL methodology, as developed in the ATESST2 project, has been analysed vs. the identified requirements. A base line for extension is identified and in the next quarter a first release of the methodology will be released.


Modeling platform update

In the MAENAD project, tooling consist of three different sets of tools: 1) the modelling workbench which relies on the Papyrus support for EAST-ADL; 2) the analysis workbench which is a set of plugins, which complement the modelling workbench, providing extra modelling capabilities (e.g. feature/variability), analysis means in connection with external tools (e.g. fault tree analysis with HiP-HOPS), or extra design steps (e.g. generation of an AUTOSAR architecture based on an EAST-ADL model); 3) a set of commercial tool adaptations to support EAST-ADL modelling (e.g. adaptation of SystemWeaver from Systemite, MetaEdit+ from MetaCase).


During the first year of the MAENAD project, an update of the inherited ATESST2 Papyrus-based modeling environment was performed. It now relies on the up-to-date Papyrus MDT UML modeler. The EAST-ADL profile support was updated for this platform to provide specific element-creation palette and model creation wizard, that enables to start off a project with a well-structured EAST-ADL model.  An archived bundle with a complete and well-configured installation is available on request from the MAENAD project. This will be made publically available and will be advertised from the MAENAD website in the coming months.


A new challenge in the MAENAD project is the integration of the tool adaptations mentioned above. To this aim, an XML format was defined and chosen as a neutral exchange basis for EAST-ADL models: it is referred to as EAXML. Tooling to enable the edition of such EAXML files and their import/export from/to the main modelling workbench is under development. This was assessed as a priority for the tooling effort and results are expected in the course of the second year of the MAENAD project.

The ATESST2 plugins are to be migrated to Papyrus MDT. Currently the HiP-HOPS analysis plugin has been migrated, and others will be updated, including Simulink import and export. New plugins under development are importing of Functional Mockup Units and exchange with ModelicaML. New analysis plugins are under development, including timing analysis, architecture optimization and configuration, AUTOSAR Gateway and more.


Enhancement of Language Support for Analysis, V&V

The reasoning and analysis of dependability & performance involve many aspects in a system’s lifecycle.  During the first year of the MAENAD project, a proposal to extend EAST-ADL for allowing native behavior definitions has been developed.  The aim is to support a more precise/formal declaration of behavioral constraints in EAST-ADL. A precise specification of such constraints is fundamental for many overall design decisions, including requirements definitions and refinements, feature and function structuring, the synthesis of analytical models and test cases, and safety engineering, etc.  It is seldom the case that a single analysis tool would cover all these. Even if the actual behaviors of system functions can be captured in external tools (e.g. Simulink), there is still a need of explicitly annotating related bounds (e.g., component contracts in regard to invariants of data, visible mode response, etc.) and permitting the traceability such as for change management and consistency control.


The proposed language extension consists of three categories of behavior constraints:

·         Attribute Quantification Constraint – relating to the declarations of value attributes and the related acausal quantifications (e.g., U=I*R). 

·         Temporal Constraint – relating to the declarations of behavior constraints where the history of behaviors on a timeline is taken into consideration.

·         Computation Constraint – relating to the declarations of cause-effect dependencies of data in terms of logical transformations (for data assignments) and logical paths.


Each of these behavior constraints can be associated to time conditions given in terms of logical time, of which the exact semantics can be given by the existing EAST-ADL support for execution events (e.g. the triggering, and port data sending & receiving events of a function).


The meta-model integration is done in a modular way such that no existing EAST-ADL constructs are modified by the extension.


While currently focusing on nominal behaviors, this work will in a near future cover error behaviors and investigate the possible support of EAST-ADL for formal safety analysis and fault injection. For example, this would allow precise definitions of faulty conditions and their transitions from & to nominal states in association with certain probabilistic attributes. 


EAST-ADL Association

As you Know, the EAST-ADL language is developed by different projects and stakeholders over time. To synchronize further refinement of the language and provide an entry point for EAST-ADL information, an organization has been discussed for some time. September 1st, the EAST-ADL association was formed.


The EAST-ADL Association is a non-profit, non-governmental organization with the aim of assisting and promoting the development and application of the EAST-ADL.


The EAST-ADL Association will stipulate the content of new versions of the EAST-ADL language. This will be done through collaboration between the members of the association and within projects and organizations working with EAST-ADL.


Membership in the EAST-ADL Association is open to individuals and organizations who agree to support the purpose of the association. The EAST-ADL Association has no fees or funds, and each member carry any costs for contributing.

The initial set of members are companies and individuals from OEMs, suppliers, tool vendors and research organizations developing EAST-ADL. If you are interested to join the association, please contact







May 2011: Below is an update regarding milestone 3 progress on

the different demonstrators that are planned, the EAST-ADL methodology and possible new language concepts.




EV Demo

The EV Demo is a part of the EV Demo Car, which is currently under development at Continental. The EV Demo Car shall demonstrate the car’s entire potential set of features and functions. Furthermore, innovative components and functions for an EV is a focus point to be demonstrated by means of this Demo Car.

The architecture and interfaces of the EV Demo Car system are defined in such a way that the components support best energy efficiency of the vehicle as well as to provide the required information to the driver. Thus the EV Demo Car shall represent a particularly well-adapted platform to propose enhanced ergonomic-driven cockpit solutions facing the issues of always increasing complexity. This depends on the kind of function and on the safety relevance of the function/component.

The new concept of electric vehicle requires adapted system architecture and new system components to match the desired functionality. Not only the combustion engine is changed to electric propulsion but as well new additional functions have to be considered. The EV will be successful in the market if it is easy, simple, fun to drive and affordable in comparison to conventional combustion engines driven vehicles.

For the EV Demo as part of MAENAD one of the newly developed components for the EV Demo Car will be a physical part of the demonstrator – the High Voltage Junction box.  The aim of the EV Demo is to show the power distribution and interlock concept as well as the Driving mode selection.


ID4EV demonstrator

Within WP5 of the ID4EV project – intelligent networking – the goal is to identify and control the driving modes of an electric vehicle. This includes the already existing system modes of a vehicle, as well as to be defined driving profiles for an electric vehicle and a power and energy management. This includes the ability to act in critical rage situations by finding charging spots along the road, or switching off consumer systems or putting them in a more energy efficient mode. A HMI concept to support these concepts also is in the scope of the WP5. A special focus on the ID4EV models is on dynamic models as the interaction with the driver, the mode management and other algorithms contributing to the energy mode management as the range calculation and navigation services.


Within the MAENAD project, the modeling efforts of ID4EV are supported and extended by applying and adding EAST-ADL techniques in order support process steps not covered in the ID4EV project (Feature Modelling), enable analysis techniques specific to the EAST-ADL language (MARTE, HIP-HOPS) and adapt and align with simulation technologies as introduced by SysML and Modelica.


Regenerative braking

This case study, built up from previous studies of Brake-by-Wire (BBW) system in ATESST, ATESST2 and TIMMO projects and a physical implementation at VTEC, aims to provide a basis for the validation and demonstration of all EAST-ADL features relevant to MAENAD. Emphasis will be placed on the language enhancement through MAENAD for quality analysis, verification and validation along with architecture modeling and related tool support in the context of a Full Electric Vehicle (FEV). In particular, the following features will be explicitly evaluated: 


I.      modeling and analysis of behaviors for requirements, architectural design, timing and dependability analysis;

II.      modeling for supporting ISO 2262 through representing safety goals, functional and technical safety concept and their formalization;

III.      automated test-case generation, test system modeling, and support for fault injection;

IV.      integration of compositional variability models and design-space specification;

V.      modeling and analysis of physical dynamics with multiple levels of abstraction;

VI.      modeling and analysis of selected part of the electrical architecture.


New language concepts in discussion

An important part of the work in MAENAD will be to assess the impact of the project objectives (e.g. comprehensive support for ISO26262) on the concepts and elements of the EAST-ADL language. It is expected that some objectives will require additional modeling means in the language or an improvement and/or extension of existing concepts. In any case, the first step has to be an assessment of the effectiveness and feasibility of the current EAST-ADL concepts (as of version 2.1) with respect to the MAEAND project objectives. Of course, this will be an iterative process. The relevant project objectives in this context are: model-based support for (a) ISO26262, for (b) dependability and performance analysis, and for (c) multi-objective optimization, including product-line aware optimization across product variants. The first version of these language concept improvements is expected end of November 2011 and another iteration is scheduled for end of August 2012. It should be noted here that we plan to keep the core of EAST-ADL as stable as possible, so almost all of the aforementioned language changes are expected to only affect the extension packages of EAST-ADL.




The EAST-ADL methodology has been defined during the ATESST2 project, to give guidance on the use of the language for the construction, validation and reuse of automotive systems.

The aim of MAENAD is to extend this methodology for FEV engineering, and for the application of concepts for functional safety, as defined in the ISO26262. Although functional safety is covered already by the current version of the methodology, there are still open issues that need to be addressed in MAENAD, especially in the context of the ISO26262, and the combination with electric vehicles. Furthermore, new approaches and language extensions, which will be developed in MAENAD, will be addressed by the new methodology, too.


The following aspects will be addressed by the extended methodology:

  • Specific standards related to FEV
  • Application of safety concepts in FEV as defined in the ISO26262, supported by EAST-ADL
  • Novel techniques for automated fault tree analysis and FMEA
  • Application of automated techniques for ASIL decomposition
  • Application of new concepts for V&V, e.g. using behavioral simulation, fault simulation and fault injection
  • Introduction of new concepts for overall safety assessment, providing sufficient evidence of application of ISO26262 concerning the design process and the relevant work products, including requirements capturing and modeling, completeness of safety analysis, of the safety case, and of the V&V


Like in the ATESST2 project, the Eclipse Process Framework (EPF) Composer is chosen as tool support for the specification of the methodology. The resulting model of the EAST-ADL methodology can be exported an XML export library, and as hypertext documentation which is accessible by common web browsers.


February 2011: Below is an update regarding project requirements and the language definition effort.


Requirements and Needs


Work package 2 collects and tracks the needs and requirements for EAST-ADL based modeling and analysis of electric vehicles. Furthermore, the WP has identified a set of typical scenarios, concepts and tool experiments expected to be encountered in FEV design.


The needs are derived from the 4 main project objectives, which were defined already in the project proposal:

(O1) Develop capabilities for modeling and analysis support, following ISO 26262

Modeling and analysis support, following processes in ISO 26262 and including assisted allocation of safety requirements and ASILs during the refinement of a FEV design in EAST-ADL.

(O2) Develop capabilities for prediction of dependability & performance

Model-based dependability analysis of EAST-ADL2 models of FEV aspects, including correct temporal analysis. Model-based prediction of behavior & performance evaluation of EAST-ADL2 models of FEV.

(O3) Develop capabilities for design optimization

Multi-objective optimization of EAST-ADL2 models of FEV in respect of dependability, performance and cost via automatic model transformations applied by genetic algorithms or via resolution of available design variability.

(O4) Verify, validate and explain the above capabilities in practical FEV design

Capturing developer needs, usage scenarios, and defining tutorials, examples and case studies, in order to ensure evaluation and as a basis for industrial adoption.


Each requirement defined in WP2 is a refinement of one or more of the above objectives, and will be addressed by the corresponding responsible technical work package.


In order to show how the EAST-ADL can benefit the design of FEV, and to identify the need for further improvements, a set of typical engineering scenarios has been defined. These scenarios include especially the application of FEV specific standards beyond the ISO 26262, and specific operational situations such as charging or recuperative braking.


Engineering scenarios also include more general issues not particularly related to FEV design. These are e.g. related to the exchange of models between different tools, the transformation of EAST-ADL models to AUTOSAR, or to testing.


Similar to the requirements described above, the engineering scenarios are derived from the project objectives, and a set of requirements is assigned to each scenario.


EAST-ADL Language Refinement


One of the main result of the project will be a proposed new version of EAST-ADL. At this point, we have organized the infrastructure for language documentation and selected the baseline for further refinement. We call this version EAST-ADL M2.1.9 as it is based on EAST-ADL 2.1, but contains minor adjustments from MAENAD. For administrative purposes, the version number is already a 9, but it will later only increase one step at a time. During the course of the project, new MAENAD-versions of EAST-ADL will be issued. The MAENAD versions will be proposed as main EAST-ADL versions and possibly merged with other proposals for EAST-ADL updates.



Copyright ® 2014 MAENAD Partners