ABSTRACT
To ensure that Safety-Critical Java (SCJ) programs run correctly and safely, the virtual machine they run on must be shown to operate correctly. To the best of our knowledge, however, currently we do not even have a clear specification of the requirements for such a virtual machine. In this paper, we present an identification of these requirements for the SCJ API and infrastructure, based on the requirements of the SCJ standard and on consideration of existing virtual machines for SCJ. Formal methods provide a powerful tool in modelling and eliciting requirements, and establishing correctness of implementations. We also present here a formal model of the requirements written in the Circus specification language, which has already been used in a technique for verification of SCJ programs. Our work is a contribution to establishing a framework for the development of fully verified systems using SCJ.
- A. Armbruster, J. Baker, A. Cunei, C. Flack, D. Holmes, F. Pizlo, E. Pla, M. Prochazka, and J. Vitek. A real-time Java virtual machine with applications in avionics. ACM Trans. Embed. Comput. Syst., 7(1):5:1--5:49, Dec. 2007. Google ScholarDigital Library
- Atego. Atego Perc Pico - Products - Atego. http://www.atego.com/products/atego-perc-pico/, 2015.Google Scholar
- J. Baxter. Requirements for Safety-Critical Java Virtual Machines. Technical report, University of York, 2015. http://www.cs.york.ac.uk/circus/publications/techreports/reports/scjvm-requirements.pdf.Google Scholar
- P. Bertelsen. Dynamic semantics of Java bytecode. Future Gener. Comp. Sy., 16(7):841--850, 2000. Google ScholarDigital Library
- A. Cavalcanti, A. Wellings, and J. Woodcock. The Safety-Critical Java memory model: A formal account. In M. Butler and W. Schulte, editors, FM 2011: Formal Methods, volume 6664 of Lect. Notes Comput. Sc., pages 246--261. Springer Berlin Heidelberg, 2011. Google ScholarDigital Library
- A. Cavalcanti, F. Zeyda, A. Wellings, J. Woodcock, and K. Wei. Safety-Critical Java programs from Circus models. Real-Time Syst., 49(5):614--667, Sept. 2013. Google ScholarDigital Library
- R. I. Davis and A. Burns. A survey of hard real-time scheduling for multiprocessor systems. ACM Comput. Surv., 43(4):35, 2011. Google ScholarDigital Library
- A. Duran, A. Cavalcanti, and A. Sampaio. An algebraic approach to the design of compilers for object-oriented languages. Form. Asp. Comput., 22(5):489--535, 2010. Google ScholarCross Ref
- J. F. Ferreira, C. Gherghina, G. He, S. Qin, and W.-N. Chin. Automated verification of the FreeRTOS scheduler in Hiip/Sleek. Int. J. Software Tools Technol. Trans., 16(4):381--397, 2014. Google ScholarDigital Library
- J. Gosling and G. Bollella. The Real-Time Specification for Java. Addison-Wesley Longman Publishing Co., Inc., Boston, MA, USA, 2000. Google ScholarDigital Library
- A. Gotsman and H. Yang. Modular verification of preemptive os kernels. J. Funct. Program., 23:452--514, 2013.Google ScholarCross Ref
- M. Jones. The functions of Java bytecode. In Workshop on the Formal Underpinnings of the Java Paradigm, 1998.Google Scholar
- G. Klein, J. Andronick, K. Elphinstone, T. Murray, T. Sewell, R. Kolanski, and G. Heiser. Comprehensive formal verification of an OS microkernel. ACM Trans. Comput. Syst., 32(1):2:1--2:70, Feb. 2014. Google ScholarDigital Library
- D. Lime and O. Roux. Formal verification of real-time systems with preemptive scheduling. Real-Time Syst., 41(2):118--151, 2009. Google ScholarDigital Library
- T. Lindholm, F. Yellin, G. Bracha, and A. Buckley. The Java virtual machine specification. Pearson Education, 2014. Google ScholarDigital Library
- A. Lochbihler. A Machine-Checked, Type-Safe Model of Java Concurrency: Language, Virtual Machine, Memory Model, and Verified Compiler. KIT Scientific Publishing, 2012.Google Scholar
- D. Locke, B. S. Andersen, B. Brosgol, M. Fulton, T. Henties, J. J. Hunt, J. O. Nielsen, K. Nilsen, M. Schoeberl, J. Tokar, J. Vitek, A. Wellings, et al. Safety-Critical Java Technology Specification. The Open Group, Jun 2013.Google Scholar
- K. S. Luckow, B. Thomsen, and S. E. Korsholm. HVMTP: A time predictable and portable Java virtual machine for hard real-time embedded systems. In Proceedings of the 12th International Workshop on Java Technologies for Real-time and Embedded Systems, JTRES '14, pages 107:107--107:116, New York, NY, USA, 2014. ACM. Google ScholarDigital Library
- T. Nipkow, D. von Oheimb, and C. Pusch. µjava: Embedding a programming language in a theorem prover. In F. L. Bauer and R. Steinbrüggen, editors, Foundations of Secure Computation, volume 175 of NATO Science Series F: Computer and Systems Sciences, pages 117--144. IOS Press, 2000.Google Scholar
- M. V. M. Oliveira, A. L. C. Cavalcanti, and J. C. P. Woodcock. A UTP Semantics for Circus. Formal Aspects of Computing, 21(1-2):3--32, 2009. Google ScholarCross Ref
- F. Pizlo, L. Ziarek, and J. Vitek. Real time Java on resource-constrained platforms with Fiji VM. In Proceedings of the 7th International Workshop on Java Technologies for Real-Time and Embedded Systems, JTRES '09, pages 110--119, New York, NY, USA, 2009. ACM. Google ScholarDigital Library
- M. Richard-Foy, T. Schoofs, E. Jenn, L. Gauthier, and K. Nilsen. Use of PERC Pico for safety critical Java. In Conference Proceedings: Embedded Real-Time Software and Systems, Toulouse, France, 2010.Google Scholar
- A. W. Roscoe. Understanding Concurrent Systems. Texts in Computer Science. Springer, 2011. Google ScholarDigital Library
- H. Søndergaard, S. E. Korsholm, and A. P. Ravn. Safety-critical Java for low-end embedded platforms. In M. Schoeberl and A. Wellings, editors, Proceedings of the 10th International Workshop on Java Technologies for Real-time and Embedded Systems, JTRES '12, pages 44--53. ACM, 2012. Google ScholarDigital Library
- R. Stärk, J. Schmid, and E. Börger. Java and the Java Virtual Machine. Springer-Verlag, 2001.Google ScholarDigital Library
- M. Strecker. Formal verification of a Java compiler in Isabelle. In A. Voronkov, editor, Automated Deduction --- CADE-18, pages 63--77. Springer, 2002. Google ScholarDigital Library
- J. Woodcock and J. Davies. Using Z: specification, refinement, and proof. Prentice-Hall, Inc., 1996. Google ScholarDigital Library
Index Terms
- Safety-Critical Java Virtual Machine Services
Recommendations
Safety critical Java™ technology
JTRES '06: Proceedings of the 4th international workshop on Java technologies for real-time and embedded systemsA specification for Java in safety critical systems is being developed by The Open Group under the Java Community Process. The JSR-302 Expert Group has begun work to create this specification based on the Real-Time Specification for Java (RTSJ) that ...
Safety-critical Java programs from Circus models
Safety-Critical Java (SCJ) is a novel version of Java that addresses issues related to real-time programming and certification of safety-critical applications. In this paper, we propose a technique that reveals the issues involved in the formal ...
A Safety-Critical Java Technology Compatibility Kit
JTRES '14: Proceedings of the 12th International Workshop on Java Technologies for Real-time and Embedded SystemsIn order to claim conformance with a given Java Specification Request (JSR), a Java implementation has to pass all tests in an associated Technology Compatibility Kit (TCK). This paper presents development of test cases and tools for the draft Safety-...
Comments