A formal specification of the RT-Middleware data transfer protocol
暂无分享,去创建一个
The RT-Middleware framework, which is used on both robotic and non-robotic systems in Japan, uses “DataPorts” to provide one-way, flow-based data communication. These ports are built upon a custom protocol which is in turn built on top of a Remote Procedure Call mechanism and a set of data buffers. The protocol is used to transfer data according to a set of communication policies specified by a system integrator. It forms the major foundation of systems built in the framework. Therefore, in order to have confidence in systems built using RT-Middleware we require confidence that this protocol is correct and will transfer the data to destinations as expected. This paper describes a formal specification of the RT-Middleware DataPort protocol, and verification of the correctness of this specification. The specification is written using the TLA+ formal specification language, and verification is performed using model checking. We describe the specification itself and present an example of the model-checking. We demonstrate that the protocol behaves as described in its informal specification, absent external errors. The presence of a formal specification increases confidence in the correctness of the software, and also provides an unambiguous description of expected behaviour when creating additional implementations.
[1] Takashi Suehiro,et al. A Software Platform for Component Based RT-System Development: OpenRTM-Aist , 2008, SIMPAR.
[2] Leslie Lamport,et al. Specifying Systems: The TLA+ Language and Tools for Hardware and Software Engineers [Book Review] , 2002, Computer.
[3] Chris Newcombe. Why Amazon Chose TLA + , 2014, ABZ.
[4] Stephan Merz,et al. Towards Verification of the Pastry Protocol Using TLA + , 2011, FMOODS/FORTE.