S. Fowler and A. Wellings. Formal analysis of a real-time kernel specification. In B. Jonsson and J. Parrow, editors, Formal Techniques in RealTime and Fault-Tolerant Systems, volume 1135, pages 440--458, Uppsala, Sweden, 1996. SpringerVerlag.  Home/Search   Document Details and Download   Summary   Related Articles   Check

....Ada 95 tasking model. The kernel is specified using the logic of the Prototype Verification System (PVS) CO 95] with the temporal properties of the system expressed using Real Time Logic (RTL) JM86] embedded in PVS. The work is based on a previous work on specifying real time kernels [FW96]. The subset of Ada that is used, is similar to the Ravenscar profile. As the analysis done in the Mana project is progressing, we have discovered some properties of the Ravenscar Tasking Model which can adverse the behaviour of Ada tasking, and which hinder the formal analysis of Ravenscar, and ....

S. Fowler, A. Wellings, "Formal Analysis of a Real--Time Kernel Specification", FTRTFT'96, 1996

....be eligible irrespective of its priority. Priority inheritance is a mechanism for ensuring this property but is not a fundamental requirement. The organization of jobs in tasks is irrelevant to the basic protocol mechanisms, and our model ignores this aspect. Modeling tasks more explicitly, as in [5] or [9] would lead to a more complex state machine. The current status of each process (e.g. suspended, ready, or running) would need to be included and the transitions between process states to be specified. In implementations, the number of semaphores and tasks must be finite, but we do not ....

S. Fowler and A. Wellings. Formal Analysis of a Real-Time Kernel Specification. In Proceedings of the Fourth Symposium on Formal Techniques in Real-Time and Fault-Tolerant Systems, volume 1135 of Lecture Notes in Computer Science, pages 440--458, Uppsala, Sweden, September 1996.

....with a very simple program (without exceptions) This paper describes the full run time system, including exception handling, together with a user program. There exists previous work in the area of formally verifying different run time systems e.g. 10, 11] The development process described in [12, 13] captures the temporal properties of a preemptive Ravenscar kernel, and gives directions for the implementation work. The kernel is specified using the logic of the Prototype Verification System (PVS) 14] with the temporal properties of the system expressed using Real Time Logic (RTL) 15] ....

S. Fowler and A. Wellings, "Formal Analysis of a Real-Time Kernel Specification", FTRTFT'96, 1996

....some case studies on kernel verification. As previously discussed, verification methods include theorem proving and model checking. Theorem proving is presented first. This discusses the Nqthm prover, with a case study on Mach [4, 3] and the PVS system with a case study on a real time kernel [8]. Then model checking methods are discussed, presenting the SPIN tool [11, 12] with a case study on the Harmony kernel [5] Our new STRESS method concludes this section. 2.1 Theorem Proving A kernel state consists of entities such as memory objects, processes, and threads. Axioms constrain ....

S. Fowler and A. Wellings. Formal Analysis of a Real-Time Kernel Specification. presented at FTRTFT96, Uppsala, Sweden. URL: http://dcpu1.cs.york.ac.uk:6666/ simonf/ftrtft96.html, 1996.

....not overwritten by a second task accessing the protected object. The solution to these problems was to prove the conjunction of each individual property, as shown below. The full details of the individual functions, and a number of additional lemmas that are required for the proof can be found in [Fow96] icpicorrect: LEMMA FORALL(h: HISTORY) activepcorrect (Int(Init, h) AND callerpcorrect (Int(Init, h) AND ceilingcorrect (Int(Init, h) AND basecorrect (Int(Init, h) AND nestedcorrect (Int(Init, h) 16 4.3 Properties that Require Proof The general class of properties that can be ....

S. Fowler. Formal analysis of a real-time kernel specification. Technical Report YCS 265, Department of Computer Science, University of York, 1996.

No context found.

S. Fowler and A. Wellings. Formal analysis of a real-time kernel specification. In B. Jonsson and J. Parrow, editors, Formal Techniques in RealTime and Fault-Tolerant Systems, volume 1135, pages 440--458, Uppsala, Sweden, 1996. SpringerVerlag.

No context found.

S. Fowler and A. Wellings. Formal analysis of a real-time kernel specification. In B. Jonsson and J. Parrow, editors, Formal Techniques in RealTime and Fault-Tolerant Systems, volume 1135, pages 440--458, Uppsala, Sweden, 1996. SpringerVerlag.

No context found.

S. Fowler and A. Wellings, "Formal analysis of a real-time kernel specification," in Proceedings of the Fourth International Symposium on Formal Techniques in Real-Time and FaultTolerant Systems, (Uppsala, Sweden), pp. 440-- 458, Springer--Verlag, 1996.

No context found.

S. Fowler and A. Wellings, "Formal analysis of a real-time kernel specification," in Proceedings of the Fourth International Symposium on Formal Techniques in Real-Time and FaultTolerant Systems, (Uppsala, Sweden), pp. 440-- 458, Springer--Verlag, 1996.

No context found.

Simon Fowler and Andy Wellings. Formal analysis of a real-time kernel specification. In Bengt Jonsson and Joachim Parrow, editors, Formal Techniques in Real-Time and Fault-Tolerant Systems, volume 1135 of Lecture Notes in Computer Science, pages 440--458, Uppsala, Sweden, September 1996. Springer-Verlag.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC