Proceedings Article10.1145/337180.337364
Verification of time partitioning in the DEOS scheduler kernel
John Penix,Willem Visser,Eric Engstrom,Aaron Larson,Nicholas Weininger +4 more
- 01 Jun 2000
- pp 488-497
77
TL;DR: An experiment to use the Spin model checking system to support automated verification of time partitioning in the Honeywell DEOS real time scheduling kernel to investigate whether model checking could be used to find a subtle implementation error that was originally discovered and fixed during the standard formal review process.
read more
Abstract: This paper describes an experiment to use the Spin model checking system to support automated verification of time partitioning in the Honeywell DEOS real-time scheduling kernel. The goal of the experiment was to investigate whether model checking could be used to find a subtle implementation error that was originally discovered and fixed during the standard formal review process. To conduct the experiment, a core slice of the DEOS scheduling kernel was first translated without abstraction from C++ into Promela (the input language for Spin). We constructed an abstract “test-driver” environment and carefully introduced several abstractions into the system to support verification. Several experiments were run to attempt to verify that the system implementation adhered to the critical time partitioning requirements. During these experiments, the known error was rediscovered in the time partitioning implementation. We believe this case study provides several insights into how to develop cost-effective methods and tools to support the software design and implementation review process.
read more
Chat with Paper
AI Agents for this Paper
Find similar papers on Google Scholar, PubMed and Arxiv
Write a critical review of this paper
Analyze citations of this paper to find unaddressed research gaps
Citations
Model checking programs
Willem Visser,Klaus Havelund,Guillaume Brat,Seungjoon Park +3 more
- 11 Sep 2000
TL;DR: A verification and testing environment for Java, called Java PathFinder (JPF), which integrates model checking, program analysis and testing, and uses state compression to handle big states and partial order and symmetry reduction, slicing, abstraction, and runtime analysis techniques to reduce the state space.
Tool-supported program abstraction for finite-state verification
Matthew B. Dwyer,John Hatcliff,Roby Joehanes,Shawn Laubach,Corina S. Păsăreanu,Hongjun Zheng,Willem Visser +6 more
- 01 Jul 2001
TL;DR: This paper describes how several different program analysis and transformation techniques are integrated into the Bandera toolset to provide facilities for abstracting Java programs to produce compact, finite-state models that are amenable to verification for example via model checking.
166
Using the Bandera Tool Set to Model-Check Properties of Concurrent Java Software
John Hatcliff,Matthew B. Dwyer +1 more
- 20 Aug 2001
TL;DR: This tutorial paper uses a simple concurrent Java program to illustrate the functionality of the main components of Bandera and how to interact the tool set using its graphical user interface.
166
Automated environment generation for software model checking
Oksana Tkachuk,Matthew B. Dwyer,Corina S. Păsăreanu +2 more
- 06 Oct 2003
TL;DR: This paper describes an approach to generating environments of Java program fragments that integrated formally specified assumptions about environment behavior with sound abstractions of environment implementations to form a model of the environment.
Patent
Methods and apparatus for sharing slack in a time-partitioned system
Pamela A. Binns,Aaron Larson +1 more
- 29 Dec 2000
TL;DR: In this article, slack is stolen from both timeline and reclaimed slack to enable the execution of high priority non-essential tasks on a best efforts basis, and idle time is calculated by priority level.
85
References
The model checker SPIN
Gerard J. Holzmann
- 01 May 1997
TL;DR: An overview of the design and structure of the verifier, its theoretical foundation, and an overview of significant practical applications are given.
Automatic verification of finite-state concurrent systems using temporal logic specifications
TL;DR: It is argued that this technique can provide a practical alternative to manual proof construction or use of a mechanical theorem prover for verifying many finite-state concurrent systems.
Model checking and abstraction
TL;DR: Using techniques similar to those involved in abstract interpretation, an abstract model of a program is constructed without ever examining the corresponding unabstracted model, and it is shown how this abstract model can be used to verify properties of the original program.
1.6K
Specification and verification of concurrent systems in CESAR
Jean-Pierre Queille,Joseph Sifakis +1 more
- 06 Apr 1982
TL;DR: By an example, the alternating bit protocol, the use of CESAR, an interactive system for aiding the design of distributed applications, is illustrated.
1.6K
Model Checking JAVA Programs Using Java Pathfinder
TL;DR: An effort to formally analyze, using Spin, a multi-threaded operating system for the Deep-Space 1 space craft, and of previous work in applying existing model checkers and theorem provers to real applications.
Related Papers (5)
Gerard J. Holzmann
- 01 May 1997
Willem Visser,Klaus Havelund,Guillaume Brat,Seungjoon Park +3 more
- 11 Sep 2000