SCJ-Circus: a refinement-oriented formal notation for Safety-Critical Java

Safety-Critical Java (SCJ) is a version of Java whose goal is to support the development of real-time, embedded, safety-critical software. In particular, SCJ supports certification of such software by introducing abstractions that enforce a simpler architecture, and simpler concurrency and memory models. In this paper, we present SCJ-Circus, a refinement-oriented formal notation that supports the specification and verification of low-level programming models that include the new abstractions introduced by SCJ. SCJ-Circus is part of the family of state-rich process algebra Circus, as such, SCJ-Circus includes the Circus constructs for modelling sequential and concurrent behaviour, real-time and object orientation. We present here the syntax and semantics of SCJ-Circus, which is defined by mapping SCJ-Circus constructs to those of standard Circus. This is based on an existing approach for modelling SCJ programs. We also extend an existing Circus-based refinement strategy that targets SCJ programs to account for the generation of SCJ-Circus models close to implementations in SCJ.

[1]  Ana Cavalcanti,et al.  Control Law Diagrams in Circus , 2005, FM.

[2]  Martin Schoeberl,et al.  Exhaustive testing of safety critical Java , 2010, JTRES '10.

[3]  Jim Woodcock,et al.  Circus Time with Reactive Designs , 2012, UTP.

[4]  Augusto Sampaio,et al.  A Refinement Strategy for Circus , 2003, Formal Aspects of Computing.

[5]  Michael D. Ernst,et al.  An overview of JML tools and applications , 2003, International Journal on Software Tools for Technology Transfer.

[6]  Jan Vitek,et al.  Static checking of safety critical Java annotations , 2010, JTRES '10.

[7]  Alvaro Miyazawa Formal verification of implementations of Stateflow charts , 2012 .

[8]  A. W. Roscoe Understanding Concurrent Systems , 2010, Texts in Computer Science.

[9]  Takeo Kanade,et al.  Unifying Theories of Programming , 2010, Lecture Notes in Computer Science.

[10]  Gary T. Leavens,et al.  The design of SafeJML, a specification language for SCJ with support for WCET specification , 2010, JTRES '10.

[11]  Ana Cavalcanti,et al.  Refinement-oriented models of Stateflow charts , 2012, Sci. Comput. Program..

[12]  Marcel Vinícius Medeiros Oliveira Formal derivation of state-rich reactive programs using Circus , 2005 .

[13]  Jim Woodcock,et al.  Using Z - specification, refinement, and proof , 1996, Prentice Hall international series in computer science.

[14]  Ana Cavalcanti,et al.  SCJ: Memory-Safety Checking without Annotations , 2014, FM.

[15]  Andy J. Wellings,et al.  Safety-critical Java programs from Circus models , 2013, Real-Time Systems.

[16]  Andy J. Wellings Concurrent and real-time programming in Java , 2004 .

[17]  Ana Cavalcanti,et al.  Refinement-based verification of implementations of Stateflow charts , 2013, Formal Aspects of Computing.

[18]  Andy J. Wellings,et al.  Circus Models for Safety-Critical Java Programs , 2014, Comput. J..

[19]  Augusto Sampaio,et al.  Unifying classes and processes , 2005, Software & Systems Modeling.