On the Timed Automata-Based Verification of Ravenscar Systems

The Ravenscar profile for Ada enforces several restrictions on the usage of general-purpose tasking constructs, thereby facilitating most analysis tasks and in particular functional and timing verification using model checking. This paper presents an experiment in translating the Ravenscar fragment of Ada into the input language of a timed model checker (IF [7, 8]), discusses the difficulties and proposes solutions for most constructs supported by the profile. The technique is evaluated in a small case study issued from a space application, on which we present verification results and conclusions.

[1]  Alan Burns,et al.  Guide for the use of the Ada Ravenscar Profile in high integrity systems , 2004, ALET.

[2]  Mathai Joseph,et al.  Finding Response Times in a Real-Time System , 1986, Comput. J..

[3]  Kim Guldstrand Larsen,et al.  Formal Methods for the Design of Real-Time Systems , 2004, Lecture Notes in Computer Science.

[4]  Giorgio Buttazzo,et al.  Hard Real-Time Computing Systems: Predictable Scheduling Algorithms and Applications , 1997 .

[5]  Joseph Sifakis,et al.  The IF Toolset , 2004, SFM.

[6]  Fabrice Kordon,et al.  Reliable Software Technologies - Ada Europe 2007, 12th Ada-Europe International Conference on Reliable Software Technologies, Geneva, Switzerland, June 25-29, 2007, Proceedings , 2007, Ada-Europe.

[7]  Alan Burns,et al.  Real-Time Systems and Programming Languages - Ada, Real-Time Java and C / Real-Time POSIX, Fourth Edition , 2009, International computer science series.

[8]  J. Hugues,et al.  Generating Distributed High Integrity Applications from Their Architectural Description , 2007, Ada-Europe.

[9]  Joost-Pieter Katoen,et al.  A probabilistic extension of UML statecharts: Specification and Verification. , 2002 .

[10]  Marius Bozga,et al.  IF-2.0: A Validation Environment for Component-Based Real-Time Systems , 2002, CAV.

[11]  Tullio Vardanega,et al.  Correctness by Construction for High-Integrity Real-Time Systems: A Metamodel-Driven Approach , 2007, Ada-Europe.

[12]  Wang Yi,et al.  Schedulability Analysis Using Two Clocks , 2003, TACAS.

[13]  Joseph Sifakis,et al.  An Algebraic Framework for Urgency , 2000, Inf. Comput..

[14]  Joseph Sifakis,et al.  A Methodology for the Construction of Scheduled Systems , 2000, FTRTFT.

[15]  James W. Layland,et al.  Scheduling Algorithms for Multiprogramming in a Hard-Real-Time Environment , 1989, JACM.

[16]  Stephan Merz,et al.  Model Checking , 2000 .

[17]  José F. Ruiz,et al.  An Open Ravenscar Real-Time Kernel for GNAT , 2000, Ada-Europe.

[18]  A. Burns,et al.  How to verify concurrent Ada programs: the application of model checking , 1999, IRTAW '99.

[19]  Giorgio C. Buttazzo,et al.  Hard Real-Time Computing Systems: Predictable Scheduling Algorithms and Applications (Real-Time Systems Series) , 2010 .

[20]  Alan Burns,et al.  Real-Time Systems and Programming Languages , 2009 .

[21]  Hubert B. Keller,et al.  Reliable Software Technologies Ada-Europe 2000 , 2000, Lecture Notes in Computer Science.

[22]  Irfan Hamid,et al.  Operational Semantics of Ada Ravenscar , 2008, Ada-Europe.

[23]  Peter H. Feiler,et al.  The SAE AADL Standard: an Architecture Analysis & Design Language for Embedded Real-time Systems, Part 2 , 2004 .

[24]  Irfan Hamid,et al.  A Generative Approach to Building a Framework for Hard Real-Time Applications , 2007, 31st IEEE Software Engineering Workshop (SEW 2007).

[25]  Rajeev Alur,et al.  A Temporal Logic of Nested Calls and Returns , 2004, TACAS.