Temporal skeletons for verifying time

This paper presents an intermediate notation used in a framework for verification of real-time properties. The framework aims at overcoming the need for the framework user to have significant knowledge of the verification specific detail that formal verification at some level is bound to impose on a model. In order to accomplish this, model extraction from source code of an initial formal model, a timing skeleton, is made automatically. The model refinement needed to transform the temporal skeleton into a model that can be verified is not done immediately. This allows postponement of the abstraction and specialisation needed for the verification which further improves the readability of the skeleton. The purpose of the timing skeleton is that it easily can be validated to represent the source code it was created from. The timing skeleton is then automatically refined with verification detail, and then hidden for the user, transformed into the notation of a verification tool. This transformation is hidden from the user. In order to reduce the complexity of the application model the framework uses a formally verified run-time kernel with a clear separation from the application. The kernel supports preemption, dynamic priorities and multiple processors.

[1]  Insup Lee,et al.  A graphical property specification language , 1997, Proceedings 1997 High-Assurance Engineering Workshop.

[2]  Alexander Metzner,et al.  Why Model Checking Can Improve WCET Analysis , 2004, CAV.

[3]  Alan Burns,et al.  Adding Temporal Annotations and Associated Verification to Ravenscar Profile , 2003, Ada-Europe.

[4]  Douglas J. Howe,et al.  An approach to formal verication of real time concurrent Ada programs , 2003 .

[5]  Sami Evangelista,et al.  Quasar: A New Tool for Concurrent Ada Programs Analysis , 2003, Ada-Europe.

[6]  Wang Yi,et al.  Timed Automata: Semantics, Algorithms and Tools , 2003, Lectures on Concurrency and Petri Nets.

[7]  Adam C. Winstanley,et al.  Making Changes to Formal Specifications: Requirements and an Example , 1994, IEEE Trans. Software Eng..

[8]  William Currie Colket Code analysis of saftey-critical and real-time software using ASIS , 1999 .

[9]  Alan Burns,et al.  The Ravenscar Tasking Profile for High Integrity Real-Time Programs , 1998, Ada-Europe.

[10]  S. E. Paynter The benefits of formal specification are not automatic , 1995 .

[11]  Wang Yi,et al.  Uppaal in a nutshell , 1997, International Journal on Software Tools for Technology Transfer.

[12]  Rachel Cardell-Oliver,et al.  A method for verifying real-time properties of Ada programs , 2001, Proceedings Seventh IEEE International Conference on Engineering of Complex Computer Systems.

[13]  Kristina Lundqvist,et al.  Component-based approach to run-time kernel specification and verification , 2005, 17th Euromicro Conference on Real-Time Systems (ECRTS'05).

[14]  Luciano Baresi,et al.  Can Graph Grammars Make Formal Methods More Human? , 2000, ICALP Satellite Workshops.

[15]  Andy J. Wellings,et al.  Integrating object-oriented programming and protected objects in Ada 95 , 2000, TOPL.

[16]  James C. Corbett,et al.  Timing Analysis of Ada Tasking Programs , 1996, IEEE Trans. Software Eng..

[17]  Sami Evangelista,et al.  Verifying linear time temporal logic properties of concurrent Ada programs with quasar , 2004 .

[18]  Nancy G. Leveson,et al.  On the use of visualization in formal requirements specification , 2002, Proceedings IEEE Joint International Conference on Requirements Engineering.

[19]  M. Rodriguez,et al.  Making formal methods practical , 2000, 19th DASC. 19th Digital Avionics Systems Conference. Proceedings (Cat. No.00CH37126).

[20]  A. Silbovitz,et al.  A hardware implementation of a Ravenscar-compliant run-time kernel , 2003, Digital Avionics Systems Conference, 2003. DASC '03. The 22nd.

[21]  T. Hoverd Are formal methods the answer , 1989 .

[22]  David Guaspari,et al.  Timing analysis by model checking , 2000 .

[23]  Georg Frey,et al.  Formal verification of PLC programs generated from signal interpreted Petri nets , 2001, 2001 IEEE International Conference on Systems, Man and Cybernetics. e-Systems and e-Man for Cybernetics in Cyberspace (Cat.No.01CH37236).

[24]  Xiaoping Jia A pragmatic approach to formalizing object-oriented modeling and development , 1997, Proceedings Twenty-First Annual International Computer Software and Applications Conference (COMPSAC'97).

[25]  Kim G. Larsen,et al.  A Tutorial on Uppaal , 2004, SFM.

[26]  Lars Asplund,et al.  Multi-level project work; a study in collaboration , 2000, 30th Annual Frontiers in Education Conference. Building on A Century of Progress in Engineering Education. Conference Proceedings (IEEE Cat. No.00CH37135).

[27]  Alan Burns,et al.  The Ravenscar tasking profile for high integrity real-time programs , 1998 .

[28]  Lars Asplund,et al.  A Ravenscar-Compliant Run-time Kernel for Safety-Critical Systems* , 2004, Real-Time Systems.