150 likes | 294 Views
HASTEN: Advanced Tool Integration for Embedded Systems Assurance. Insup Lee Department of Computer and Information Science University of Pennsylvania. May 10, 2005. Principle investigators. Rajeev Alur (UPenn) Sampath Kannan (UPenn) Insup Lee (PI, UPenn) Oleg Sokolsky (UPenn)
E N D
HASTEN: Advanced Tool Integration for Embedded Systems Assurance Insup Lee Department of Computer and Information Science University of Pennsylvania May 10, 2005
Principle investigators • Rajeev Alur (UPenn) • Sampath Kannan (UPenn) • Insup Lee (PI, UPenn) • Oleg Sokolsky (UPenn) • Robert P. Cook (GSU) • Carl Gunter (UIUC) • Elsa Gunter (UIUC) • Kang G. Shin (UMich) HCES Review Meeting
Embedded Systems • Embedded system are • devices used to control, monitor or assist the operation of appliances, gadgets, equipment, machinery or plant; • an integral part of the system. • Characteristics • Tightly coupled to the physical world; i.e., interacts with (or reacts to) its environment • Correct operation is subject to • Physical constraints imposed by the environment • Resource constraints of the device • Heterogeneity, networked at larger scale • Sociological and ethical requirements • Users are not system experts • Trustworthiness, security and privacy HCES Review Meeting
A Variety of Application Domains • Hybrid and embedded systems • Aerospace, automobiles, robotics, process control, sensor networks, smart spaces • Medical devices and instruments • Patient monitoring, MRI, infusion pumps, artificial organs • Multimedia • Virtual reality, immersive environment • Consumer electronics • Mobile phones, office electronics, digital appliances • Network components • Bridges, routers, switches, hubs • E-business • ATM, vending machines • Distributed and grid computing • Critical infrastructure defense system, air traffic control, intelligent highway systems, emergence response system HCES Review Meeting
Goals of the HASTEN Project • High Assurance Systems Tools and ENvironments (HASTEN) • Develop techniques and tools for “end-to-end” software engineering of embedded software systems • Requirements capture • Specification, analysis, simulation • Implementation generation and validation: code generation, testing • Deployed system monitoring, checking, and steering • Integrated use of tools • Vertical integration (reuse models) • Horizontal integration (layered modeling and analysis) • Case studies • automotive controllers, mobile robots, medical devices, embedded Linux HCES Review Meeting
Example: Workflow for Policy Modeling and Verification Manual Translation and Merging Paragraphs Paragraphs System Specification Build NLFSM NLFSMs NL Documents Programmer Test Script Generation Tool Program Code • Write NL Requirements • Extract formal system specifications • (EFSMs) • Analyze specifications • Implement system • Create test scripts • Run test scripts on implementation • Use test results and properties to decide if implementation passes Properties Certification Test Scripts Tester Test Outcomes Certification Criteria Certifier Yes / No Outcome HCES Review Meeting
Software Development Process • Requirements capture and analysis • Informal to formal • Consistency and completeness • Assumptions and interfaces between system components • Application-specific properties • Design specifications and analysis • Formal modeling notations • Analysis techniques & Abstractions • Interfaces • Implementation • Code generation & synthesis • Validation • Testing • Model extraction and verification • Run-time monitoring and checking Requirements Design specification Implementation HCES Review Meeting
Posters and Demos • Requirements capture and analysis • Extracting Formal Models from Natural Language Policy, Nikhil Dinesh, Arvind Easwaran, Aravind Joshi, Insup Lee • Design specification and analysis • CHARON-AADL: An integrated framework for architectural and behavioral specifications, Jesung Kim, Duncan Clarke, Oleg Sokolsky • Symbolic Compositional Verification by Learning Assumptions, Won Hong Nam, Rajeev Alur • Implementation generation and verification • Sound distributed code generation from hybrid system models, Madhukar Anand, Sebatian Fischmeister, Jesung Kim, Insup Lee • On-the-fly model-checking of recursive state machines, Swarat Chaudhuri, Rajeev Alur • Real-time and probabilistic extensions to MaC, Usa Sammapun, Oleg Sokolsky, Insup Lee • Medical Device Case Studies: • Generic Infusion Pump and Bloodbank Management System, Dave Arney, Aravind Easwaran, Sebastian Fischmeister, Jesung Kim, Insup Lee HCES Review Meeting
Other on-going projects • Token coherence protocol, Alur • Stochastic Charon, Alur • Policy integration for programmable embedded devices, Alur, Gunter • Understanding what can be done with steering, Kannan, Lee • Compositional real-time scheduling framework, Lee • Adding time and power consumption to the model supported by the Path Exploration Tool, Gunter • Investigating the combination of model checking, equational rewriting and general theorem proving with Maude, Spin, and Isabelle, Gunter • Etc. HCES Review Meeting
Technology transfer I • Schedulability analysis of embedded systems • AADL is an SAE standard for modeling of embedded systems • Formal schedulability analysis by VERSA • Eclipse plugin forOSATE AADLmodeling tool HCES Review Meeting
Technology transfer II • LMCO: MaC run-time verification tool • Checking properties of systems at run time • Dynamic and timing properties • QinetiQ: finding exploitable vulnerabilities in binary code • Use MaC to provide dynamic data into static constraint solving problem • BAI Intl.: providing safety wrappers for avionics controllers • Use MaC to evaluate the wrapper at run time HCES Review Meeting
Applied Verification by Bob Cook • Discovered bug in Red Hat Next-generation POSIX Thread Library (NPTL); acknowledged/fixed by Red Hat • Description of tools and users • Implemented a POSIX Threads multi-platform library • Java FSM Explorer for PDAs • Experiments with code strip verification • Porting NASA Shuttle Launch Control code to multiple platforms and analyzing it • Tech transfer activities • invited participant NASA Roadmap Workshop • FA-24 Instructor, Fort Gordon • NASA KSC Faculty Fellow, 04/05 • Requested to consult, Battle Lab, Ft. Gordon in the area of network protocol analysis HCES Review Meeting
HCMDSS (High-Confidence Medical Device Software and Systems) Workshop • The High Confidence Software and Systems (HCSS) Coordinating Group (CG) of the Federal Networking and Information Technology R&D (NITRD) Subcommittee, Committee on Technology of the National Science and Technology Council, invites you to submit a position paper for a workshop on High Confidence Medical Device Software and Systems (HCMDSS). • The Federal government recognizes that the rapidly increasing software complexity of medical devices makes the development of high integrity medical device software and systems a crucial issue in public health. • The purpose of the HCMDSS workshop is to provide an open, working forum for leaders and visionaries concerned with medical devices from industry, research laboratories, academia, and government with the goal of developing a roadmap to overcome crucial medical device software and systems issues and challenges facing the design, manufacture, certification, and use of medical devices. • June 2 & 3, 2005, Philadelphia, PA (www.cis.upenn.edu/hcmdss/) HCES Review Meeting
Topics of Interest • Enabling Technologies for Future Medical Devices • Implantable regulatory devices, networked biosensors, telesurgery, robotic surgery • Foundations for Integration of Medical Device Systems/Models • Component-based foundations for accelerated design and verifiable system integration • System of systems (including models, medical devices, care-givers, patients) • Distributed Control & Sensing of Networked Medical Device Systems • Robust, verifiable, fault-tolerant control of uncertain, multi-modal systems • Patient Modeling & Simulation • Large scale, high fidelity organ and patient models for design and testing • Embedded, Real-Time, Networked System Infrastructures for MDSS • Architecture, platform, middleware, resource management, QoS (Quality of Service), PnP (Plug-and-Play) of MDSS • High-Confidence Medical Device Software Development & Assurance • Care-giver requirements solicitation and capture, design and implementation V&V (Verification and Validation) • Heterogeneity in environment, architecture, platform in medical devices • Medical Practice-driven Models and Requirements • User-centered design, risk understanding, and use/misuse modeling in medical practice • Certification of MDSS • Quantifiable incremental certification of MDSS, role of design tools • COTS, non-determinisitic and self-adaptive medical device systems HCES Review Meeting
Talks • Algorithmic software verification, Rajeev Alur • Schedulability analysis of AADL models" Oleg Sokolsky • Role-based access control in a mobile environment, Elsa Gunter HCES Review Meeting