1 / 13

Automatic Verification of Component-Based Real-Time CORBA Applications

Automatic Verification of Component-Based Real-Time CORBA Applications. Gabor Madl gabe@isis.vanderbilt.edu Sherif Abdelwahed sherif@isis.vanderbilt.edu Gabor Karsai gabor@isis.vanderbilt.edu.

Download Presentation

Automatic Verification of Component-Based Real-Time CORBA Applications

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Automatic Verification of Component-Based Real-Time CORBA Applications Gabor Madl gabe@isis.vanderbilt.edu Sherif Abdelwahed sherif@isis.vanderbilt.edu Gabor Karsai gabor@isis.vanderbilt.edu This work was supported by the NSF ITR Grant CCR-0225610 “Foundations of Hybrid and Embedded Software Systems.”

  2. Outline • Challenge problems • Approach • Verification tool chain using GME • Generic timed automata model • Case study: Verification of a Bold Stroke application • Boeing Bold Stroke execution framework • Embedded Systems Modeling Language (ESML) • Transformation of the example application • Verifying timed properties with UPPAAL

  3. Challenge problems • Distributed Real-Time Embedded (DRE) systems are traditionally hard to verify • In the Model Integrated Computing approach we create application models using Domain Specific Modeling Languages (DSML) • We verify application models by mapping them to formally defined Models of Computations using well-defined model transformations (e.g. graph transformations) and checking the desired properties in that semantic domain

  4. Approach Design feedback Design feedback Domain Specific Model Semantic mapping Semantic Domain Analysis Model Generator Input Simulator Model Checker Executable Code Trace Verification Property Verification

  5. Verification tool chain using GME We provide a common framework based on the Graph Rewriting and Transformation (GREAT) tool, which utilizes graph transformations, and the UPPAAL model checker to verify the non-preemptive scheduling of embedded systems Component-based Modeling Language (ESML) Model Checker Input Domain (Timed Automata) UPPAAL Model Checker

  6. Generic timed automata model

  7. Case study:Verification of a Bold Stroke application

  8. Boeing Bold Stroke Execution Framework • Unsynchronized software timers trigger the periodic processing, event passing is asynchronous • Priority bands are executing same-priority actions • Preemptive scheduling between bands, non-preemptive between actions with the same priority • Priority bands are implemented using 3 threads (Thread-Pool policy for multi-threading)

  9. Modeling the Bold Stroke application using the ESML language • ESML is a modeling language for component-based, event-driven systems • It uses the publisher/subscriber communication pattern • The models contain information about priorities, sub-priorities, worst case execution times and deadlines for actions

  10. Transformation of the example application Pattern of components OR decomposition Pattern of TA

  11. Verifying timed properties with UPPAAL • Deadlock A[] not deadlock • The system is schedulable if all tasks can be executed within their deadlines • Verifying this property does not require additional property checking because the Timeout state deadlocks the model in our design • Additional properties can also be checked because dependencies and dense time information are captured in the network of timed automata

  12. Conclusion and future directions • We presented a solution to verify dense timed properties of periodic event-driven systems • The verification process can provide simulation runs and pinpoint components that fail to meet their deadlines • Our close future plans are to formalize the graph transformation as well as the computational model behind Bold Stroke • Modeling preemption while avoiding the state explosion problem is our long-term goal

  13. Questions?

More Related