200 likes | 291 Views
Experiences using SPARK in an Undergraduate CS Course. Dr. Anthony S. Ruocco Roger Williams University aruocco@rwu.edu. Attendance made possible through the Educator Grant Program. Agenda. Why this course Course Development Assessment Future Possibilities (some unexpected effects).
E N D
Experiences using SPARK in an Undergraduate CS Course Dr. Anthony S. Ruocco Roger Williams University aruocco@rwu.edu Attendance made possible through the Educator Grant Program
Agenda • Why this course • Course Development • Assessment • Future Possibilities (some unexpected effects)
Ada95 Course • Needed a CS elective suitable for juniors/seniors • Asked constituents about Ada95 • Local industry was uninterested • One employer supported it (Navy Research Lab) • Dean was skeptical • More conducive to the idea of well-constructed software • Planned for a software development course using Ada95
High Integrity Software • SPARK toolset available at SIGSCE2004 • Gnat Programming System (GPS) available via AdaCorp Academic Alliance • Professional grade IDE • Some SPARK tools available as drop-down menu items • JGRASP • Used in other courses • Requires use of SPARK toolset ‘outside’ the IDE
The students • Seven total • 2 Juniors • 4 Seniors • 1 December grad • Courses (Completed/Concurrent) • Intro to Programming (7) • Data Structures (7) • Computer Organization (7) • Programming Languages (7) • Theory of Computation (5/2) • Analysis of Alg (5) • Operating Systems (2/3) • Compiler Design (2/3) • Senior Design I (2/3) • Senior Design II (2)
Course Description This course focuses on programming techniques for computer systems found in safety critical environments such as avionics, power plant and/or transportation systems. The course uses a specialized language (SPARK) and its tools to write and examine high-integrity code segments. Students become familiar with some of the differences between general programming languages and specialized languages. Use of the risks.comp news group also highlights non software-specific risks in large systems.
Course Objectives • Understand the safety/risk implications inherent in high integrity software systems. • Use specialized software tools in the production of high integrity code segments. • Use a specialized programming language to produce high integrity code segments. • Research an issue in high integrity software and present a possible solution.
Course Layout • Ada95 / SPARK language basics (10 lessons) • Examiner tools and software design (14 lessons) • gtkAda tools (4 lessons – target of opportunity) • Four projects • Two individual projects • One group project • One course project
SPARK Overview • A language fully contained within Ada95 • Syntactically, it is Ada code linked by special annotations to a tool-set • Produces a series of reports of the results (but it is not a compiler)
Projects • P1: Matrix • Individual • IDE and SPARK familiarization • Enforced requirement for all ranges to be subtypes • P2: Extension of Project 1 • No one thought of using child-packages
Projects (cont) • P3: max-flow • Given functional pascal code • Two groups (size 3 and 4) • This was an ‘interesting’ project • P4: Flight control simulator • Three groups of 2 for Pitch, Roll, Yaw control • Each group gave one person to a ‘control team’ • They were to work independently, then link their pieces
Assessment & Lessons Learned • First time course was offered • Only 7 students • Lots of opportunity for one-to-one discussions of content • Some follow-up after the course with graduates
Course Development This course focuses on programming techniques for computer systems found in safety critical environments such as avionics, power plant and/or transportation systems. The course uses a specialized language (SPARK) and its tools to write and examine high-integrity code segments. Students become familiar with some of the differences between general programming languages and specialized languages. Use of the risks.comp news group also highlights non software-specific risks inlarge systems.
Course Objectives • Understand the safety/risk implications inherent in high integrity software systems. • Use specialized software tools in the production of high integrity code segments. • Use a specialized programming language to produce high integrity code segments. • Research an issue in high integrity software and present a possible solution.
Student Comments • Students felt SPARK was a unique language (not just an Ada subset) • Students felt they needed to know Ada before starting SPARK • Students would like to see Ada95 as a regular elective and SPARK done on some cycle • All students felt the most important pre-req for this course was Programming Languages (a survey course) • Students were surprised by how much the OS and compiler removes from the programmer • All students were able to link some aspect of every previous course they had to this course*
Lessons learned • Had to do parallel development of Ada as SPARK constructs were covered • The GPS IDE with SPARK drop down menu helped instill habit of running SPARK tools prior to compilation • Pay attention to SPARK license, it expires in September (after the semester was underway)
Future possibilities(FIE 2006 paper) • SPARK supports a number of concepts from other courses • Five categories from CAC • Algorithms, software design, computer organization & architecture, data structures, programming languages • Algorithms: understanding all variables, as well as the operating space of the algorithm, tools to support formal proof • Software Design: strong focus on design by contract. All the parts need to be completely understood to integrate them
Computer Org and Architecture: Use of config files allows for various target machines • Data structures: Reduced operating space enforces careful data structure design and links to algorithm • Programming languages: SPARK itself • Consider SPARK as an overall educational tool, not just a language
Thanks to: Adacore: www.gnat.com/academic_overview.php Rod Chapman at Praxis: www.praxis-his.com/sparkada/universities.asp