4.6 Annex Subclauses and Annex Libraries
Annex subclauses contain declarations expressed in a sublanguage that can be added to component types and component implementations through annexes. Examples of annex subclauses are assertions. 
Annex libraries are reusable declarations expressed in a sublanguage that are declared in packages.  Those reusable declarations can be referenced by annex subclauses.
A major use of these annex declarations is to accommodate new analysis methods through analysis specific notations or sublanguages.
The AADL standard consists of a core language and a set of approved annexes.  An AADL specification is compliant with the standard if it restricts itself to the core language and the approved annexes.  Individual projects can introduce additional annexes to support project-specific analysis needs.  Use of such annexes results in AADL models that are not fully compliant with the standard.  Standard compliant AADL tools are however required to accept such AADL specifications (see Processing Requirements and Permissions).
Examples of annex libraries are constraint functions that can be referenced in assertions.
Syntax
annex_subclause ::=
    annex annex_identifier  {**
       annex_specific_language_constructs
    **} ;

annex_library ::=
    annex annex_identifier  {**
       annex_specific_reusable_constructs
    **} ;
Naming Rules
The annex identifier must be the name of an approved annex or a project-specific identifier different from the approved annex identifiers. 
Legality Rules
Annex subclauses can only be declared in component types and component implementations.
A component type or component implementation declaration may contain at most one annex subclause for each annex.
Annex libraries can only be declared in packages.
A package declaration may contain at most one annex library declaration for each annex.
Semantics
An annex subclause provides additional specification information about a component to be interpreted by analysis methods.  Annex subclauses apply to component types and component implementations.  Such annex subclauses can introduce analysis specific notations such as constraints and assertions expressed in predicate logic or behavioral descriptions expressed in temporal logic.  Such notation can refer to subcomponents, connections, modes, and transitions as well as features and subcomponent access.
An annex library provides reusable specifications expressed in an annex specific notation. Users can place multiple reusable annex specific constructs inside an annex library declaration.  An example of a reusable annex specification is a predicate function expressed in a constraint language such as the Object Constraint Language (OCL) notation.
Processing Requirements and Permissions
Annex specific languages can use any vocabulary word except for the symbol **} representing the end of the annex subclause or specification.
Processing methods compliant with the core AADL standard must accept AADL specifications with approved and project-specific annex subclauses and specifications, but are not required to process the content of annex subclauses and annex library declarations.  An AADL analysis tool must provide the option to report the use of project-specific annexes.  Processing methods compliant with a given annex must process specifications as defined in that annex. 
Annex-specific sublanguages may choose not to support inheritance of sublanguage declarations contained in annex libraries of ancestor component type or component implementation declarations by their extensions.
Examples
thread Collect_Samples
features
   Input_Sample : in data port Sampling::Sample;
   Output_Average : out data port Sampling::Sample;
annex OCL {**
   pre: 0 < Input_Sample < maxValue;
   post: 0 < Output_Sample < maxValue;
**};
end Collect_Samples;