9 Hits in 2.5 sec

Extending Ravenscar with CSP Channels [chapter]

Diyaa-Addein Atiya, Steve King
2005 Lecture Notes in Computer Science  
The advantage of these Ravenscar channels is transforming the data-oriented asynchronous tasking model of Ravenscar into the cleaner message-passing synchronous model of CSP.  ...  This paper uses Ravenscar protected objects to implement CSP channels in Ada -the proposed implementation is formally verified using model checking.  ...  If our Ravenscar channel is correct, we should be able to replace all CSP channels in Net with the RavenChannel processes, without affecting the external behaviour of the network.  ... 
doi:10.1007/11499909_7 fatcat:e2cdkue2ivdovf67nxmdg6e5q4

A formal approach to AADL model-based software engineering

Hana Mkaouar, Bechir Zalila, Jérôme Hugues, Mohamed Jmaiel
2019 International Journal on Software Tools for Technology Transfer (STTT)  
To be formally verified, a system should be specified with a specific formalism such as Petri nets, automata and process algebras, which requires a formal expertise and may become complex especially with  ...  Experimentation illustrates our results with the Flight control system and Line follower robot case studies.  ...  The channel may use user-defined or predefined basic types, as illustrated with the Γ ex p channel.  ... 
doi:10.1007/s10009-019-00513-7 fatcat:5r6nelejczeapmgunvozo4eafu

FPGAs in critical hardware/software systems

Adrian J. Hilton J. Adrian J. Hilton, Gemma Townson, Jon G. Hall
2003 Proceedings of the 2003 ACM/SIGDA eleventh international symposium on Field programmable gate arrays - FPGA '03  
FPGAs are being used in increasingly more complex roles in critical systems, interacting with conventional critical software.  ...  We pay particular attention to the development and analysis of high-level language programs for FPGAs designed to interact with conventional software.  ...  Channels between threads could be modelled using Ravenscar protected objects.  ... 
doi:10.1145/611817.611871 dblp:conf/fpga/HiltonTH03 fatcat:nmkyo47eszfh3gf63xdkthvv2m

Real-time Connectors for Deterministic Data-flow

Irfan Hamid, Elie Najm
2007 13th IEEE International Conference on Embedded and Real-Time Computing Systems and Applications (RTCSA 2007)  
There is also the possibility of extending the DBX connectors by replacing the internal front and back stores with circular queues.  ...  With these connectors, code generated from AADL models to run on Ravenscar-compliant kernels is faithful to the semantics of data ports as given in the standard.  ... 
doi:10.1109/rtcsa.2007.58 dblp:conf/rtcsa/HamidN07 fatcat:qd7amx4kq5hjlcsb6ltaki5zzq

Safety-Critical Java: level 2 in practice

Matt Luckcuck, Andy Wellings, Ana Cavalcanti
2016 Concurrency and Computation  
Wellings is a member of the Java Community Process JSR 302 Expert Group, which is tasked with developing the Safety-Critical Java Specification.  ...  They extend the Java PathFinder tool with a scheduling algorithm that allows it to explore the possible schedulings of an SCJ program.  ...  The RTSJ is the basis for SCJ Programs written in the Ravenscar-Java profile conform to the RTSJ standard, with extra restrictions to ensure the program adheres to the Ravenscar rules.  ... 
doi:10.1002/cpe.3951 fatcat:5xh6rc4denagtjo4cowssqbvze

Circus Models for Safety-Critical Java Programs

F. Zeyda, L. Lalkhumsanga, A. Cavalcanti, A. Wellings
2013 Computer journal  
Our modelling language is part of the Circus family; at the core, we have Z, CSP, and Morgan's calculus, but we also use object-oriented and timed constructs from the OhCircus and Circus Time variants.  ...  In this work, we are concerned with Level 1, which, roughly, corresponds in complexity to the Ravenscar profile for Ada [19] .  ...  The Circus family of languages Like in CSP, the key elements of Circus models are processes that interact with each other and their environment via communication channels.  ... 
doi:10.1093/comjnl/bxt060 fatcat:t4izhlvz2jhy3jdsqubux4sypm

Java in the Safety-Critical Domain [chapter]

Ana Cavalcanti, Alvaro Miyazawa, Andy Wellings, Jim Woodcock, Shuai Zhao
2017 Lecture Notes in Computer Science  
We cover Circus Time [45], with facilities for time modelling from Timed CSP [39], and OhCircus [11], based on the Java model of object-orientation.  ...  For modelling, we use the Circus family of notations, which combine Z, CSP, Timed CSP, and object orientation.  ...  We have benefitted from discussions with Frank Zeyda in the development of our case study.  ... 
doi:10.1007/978-3-319-56841-6_4 fatcat:6h4qh74t5jgpnfkdachghf73we

High integrity hardware-software codesign

Adrian J. Hilton
This process incorporates the use of Synchronous Receptive Process Theory as a semantic basis for specifying and proving properties of programs executing on PLDs, and extends the use of SPARK Ada from  ...  As such it shows no clear advantage for our purposes over CSP, with CSP at least backed by analysis tools.  ...  As such it shows no clear advantage for our purposes over CSP, with CSP at least backed by analysis tools.  ... 
doi:10.21954/ fatcat:2jmjhbz4kjet7cgpfdkjbplg3q

Definition, realization and evaluation of a software reference architecture for use in space applications

Marco <1982> Panunzio, Tullio Vardanega
computational model, to ensure that the architectural description of the software is statically analyzable; (iii) a programming model, to ensure that the implementation of the design entities conforms with  ...  Our proposed component model is centered on: (i) rigorous separation of concerns, achieved with the support for design views and by careful allocation of concerns to the dedicated software entities; (ii  ...  MDT-Papyrus 6 -extended with CHESS-specific plugin -was chosen as the development platform.  ... 
doi:10.6092/unibo/amsdottorato/3847 fatcat:qdkld5ntovfnzksan7wivknaxq