Abstract
The Ravenscar tasking profile for Ada 95 has been designed to allow implementation of highly safety critical systems. Ravenscar defines a tasking system with deterministic behavior and low complexity. We provide a formal model using UPPAAL of the primitives provided by Ravenscar including exceptions. This formal model is used to verify the correctness of the Ravenscar model and can be used to verify safety properties of applications using the Ravenscar profile. As an illustration of this, we model a sample application using all features of Ravenscar and formally verify its correctness. Furthermore, an introduction to the Ravenscar model is given.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Alur, R., and Dill, D. 1990. Automata for modeling real-time systems. In Int. Colloquium on Algorithms, Languages and Programming, Vol. 443 of Lecture Notes in Computer Science, pp. 322-335.
Asplund, L., Johnson, B., Lundqvist, K., and Burns, A. 1999. Session summary: The Ravenscar profile and implementation issues. The 9th International Real-Time Ada Workshop (IRTAW9), Ada Letters XIX(2): 12-14.
Barnes, J. 1997. High Integrity Ada. The Spark Approach. New York: Addison-Wesley Publishing Company, Inc.
Burns, A., Dobbing, B., and Romanski, G. 1998. The Ravenscar tasking profile for high integrity real-time programs. In L. Asplund (ed.) Reliable Software Technologies-Ada-Europe '98, Vol. 1411 of Lecture Notes in Computer Science, pp. 263-275.
Burns, A., and Wellings, A. 1990. Real-Time Systems and their Programming Languages. New York: Addison-Wesley Publishing Company, Inc. ISBN 0-201-17529-0.
Chapront, P. 1998. Ada + B the formula for safety critical software development. In L. Asplund (ed.), Reliable Software Technologies-Ada-Europe '98, Vol. 1411 of Lecture Notes in Computers Science, pp. 14-18.
Crow, J., Owre, S., Rushby, J., Shankar, N., and Srivas, M. 1995. A tutorial introduction to PVS. In WIFT '95: Workshop on Industrial-Strength Formal Specification Techniques.
Dobbing, B., and Burns, A. 1998. The Ravenscar tasking profile for high integrity real-time programs. In SIGAda '98.
Dobbing B., and Romanski, G. 1999. The Ravenscar tasking profile-experience report, The 9th International Real-Time Ada Workshop (IRTAW9). Ada Letters XIX(2): 28-32.
Fowler, S., and Wellings, A. J. 1996. Formal analysis of a real-time kernel specification. In B. Jonsson and J. Parrow (eds.), 4th International Symposium on Formal Techniques in Real-Time and Fault Tolerant Systems.
Fowler, S., and Wellings, A. J. 1997. Formal development of a real-time kernel. In 18th Real-Time Systems Symposium.
Guaspari, D., Marceau, C., and Polak, W. 1990. Formal verification of Ada programs. IEEE Transactions on Software Engineering 16(9): 1058-1075.
Hansson, H. 1991. Time and probability in formal design of distributed systems. Ph.D. Thesis, Department of Computer Systems, Uppsala University.
Henzinger, T. A., Ho, P.-H., and Wong-Toi, H. 1997. HyTech: A model checker for hybrid systems. Software Tools for Technology Transfer (1): 110-122.
Hansson, H., Nicollin, X., Sifakis, J., and Yovine, S. 1992. Symbolic model checking for real-time systems. In IEEE Symp. On Logic in Computer Science.
Hsiung, P.-A., and Wang, F. 1998. A state-graph manipulator tool for real-time system specification and verification. In 5th International Conference on Real-Time Computing Systems and Applications, RTCSA '98.
Hutcheon, A. 1994. Safe nucleus formal specification. Technical report. York.
Jahanian, F., and Mok, A. K. 1986. Safety analysis of timing properties in real-time systems. IEEE Transactions on Software Engineering 12(9); 890-904.
Laroussinie, F., and Larsen, K. G. 1998. CMC: A tool for compositional model-checking of real-time systems. In IFIP Joint Int. Conf. Formal Description Techniques & Protocol Specification, Testing, and Verification (FORTE-PSTV '98), pp, 439-456.
Larsen, K. G., Pettersson, P., and Yi, W. 1997. UPPAAL in a nutshell. Int. Journal on Software Tools for Tehcnology Transfer 1(1-2): 134-152.
Leveson, N. G. 1995. Safeware: System Safety and Computers. New York: Addison-Wesley Publishing Company, Inc. ISBN 0201119722.
Lundqvist, K., and Asplund, L. 1999. A formal model of the Ada Ravenscar tasking profile; delay until. In SIGAda.
Lundqvist, K., Asplund, L., and Michell, S. 1999. A formal model of the Ada Ravenscar tasking profile; protected object. In Reliable Software Technologies-Ada-Europe, pp. 12-25.
Naydich, D., and Guaspari, D. 1998. Analyzing Ravenscar profile tasks by model checking. Technical Report TM-98-0034, Odyssey Research Associates.
Rushby, J. 1999. Integrated formal verification: Using model checking with automated abstraction, invariant generation, and theorem proving. In D. Dams, R. Gerth, S. Leue, and M. Massink (eds) Theoretical and Practical Aspects of SPIN Model Checking; 5th and 6th International SPIN Workshops, Vol. 1680 of Lecture Notes in Computer Science. Trento, Italy, and Toulouse, France.
Schonberg, E., and Banner, B. 1994. The GNAT Project: A GNU-Ada 9X Compiler. In TriAda '94.
Smith, M. K. 1992. The AVA Reference Manual: Derived from ANSI/MIL-STD-1815A-1983. Computational Login Inc.
Tol, R. M. 1995. Formal design of a real-time operating system kernel. Ph.D. Thesis. Rijksuniversiteit Groningen.
Wellings, A., and Burns, A. 1997. Workshp Report. The Eighth International Real-Time Ada Workshop (IRATAW8), Ada User Jornal 18(2)
Yi, W. 1991. A calculus of real time systems. Ph.D. Thesis, Department of Computer Science, Chalmers University of Technology.
Yovine, S. 1997. Kronos: A verification tool for real-time systems. Springer International Journal of Software Tools for Technology Transfer 1(1/2)
Author information
Authors and Affiliations
Rights and permissions
About this article
Cite this article
Lundqvist, K., Asplund, L. A Ravenscar-Compliant Run-time Kernel for Safety-Critical Systems*. Real-Time Systems 24, 29–54 (2003). https://doi.org/10.1023/A:1021701221847
Issue Date:
DOI: https://doi.org/10.1023/A:1021701221847