Distributed Real-Time Emulation of Formally-Defined Patterns for Safe Medical Device Control

Safety of medical devices and of their interoperation is an unresolved issue causing severe and sometimes deadly accidents for patients with shocking frequency. Formal methods, particularly in support of highly reusable and provably safe patterns which can be instantiated to many device instances can help in this regard. However, this still leaves open the issue of how to pass from their formal specifications in logical time to executable emulations that can interoperate in physical time with other devices and with simulations of patient and/or doctor behaviors. This work presents a specification-based methodology in which virtual emulation environments can be easily developed from formal specifications in Real-Time Maude, and can support interactions with other real devices and with simulation models. This general methodology is explained in detail and is illustrated with two concrete scenarios which are both instances of a common safe formal pattern: one scenario involves the interaction of a provably safe pacemaker with a simulated heart; the other involves the interaction of a safe controller for patient-induced analgesia with a real syringe pump.Comment: In Proceedings RTRTS 2010, arXiv:1009.398

Rigorous concurrency analysis of multithreaded programs

technical reportThis paper explores the practicality of conducting program analysis for multithreaded software using constraint solv- ing. By precisely defining the underlying memory consis- tency rules in addition to the intra-thread program seman- tics, our approach orders a unique advantage for program ver- ification | it provides an accurate and exhaustive coverage of all thread interleavings for any given memory model. We demonstrate how this can be achieved by formalizing sequen- tial consistency for a source language that supports control branches and a monitor-style mutual exclusion mechanism. We then discuss how to formulate programmer expectations as constraints and propose three concrete applications of this approach: execution validation, race detection, and atom- icity analysis. Finally, we describe the implementation of a formal analysis tool using constraint logic programming, with promising initial results for reasoning about small but non-trivial concurrent programs

Towards MARTE++ : an enhanced UML-based language to Model and Analyse Real-Time and Embedded Systems for the IoT age

This paper presents requirements for an enhanced version of the UML Profile for MARTE, the current standard of the OMG for the modelling and analysis of real-time embedded systems. Since its adoption by the OMG in 2009 and after the various additions along recent years, MARTE has been essayed in a number of application domains and validation approaches. This paper makes a review of these various efforts describing extensions, additional functionality, and modeling needs that may serve as inputs for the preparation of a formal request for proposals (RFP) at the OMG. Aspects that have been found useful to have in it include modern platforms like Multi-core, Many-core and GPUs, networking for broader domains like the Internet of Things, federation of all modelling artifacts involved in the development process, including tracing mechanisms embedded in the language to link design and run-time artifacts, and more elaborated kinds of quantitative analyses and extra functional properties, like energy and memory consumption, heat dissipation, and temperature distribution. Also methodological aspects like its specification as a profile and/or as a meta-model will need to be discussed. Finally, the standard needs to be reviewed against the new executable UML related specifications; particularly to be in alignment with those semantics of state machines and composite structures.This work receives funding from the Spanish Government under grant number TIN2014-56158-C4-2-P (M2C2), and from the Electronic Component Systems for European Leadership Joint Undertaking under grant agreement No 737494 (MegaM@RT2). This Joint Undertaking receives support from the European Union’s Horizon 2020 research and innovation programme and Sweden, France, Spain, Italy, Finland, Czech Republic. We thank the anonymous reviewers for their insights and proposals of improvement

Nemos: a framework for axiomatic and executable specifications of memory consistency models

technical reportConforming to the underlying memory consistency rules is a fundamental require- ment for implementing shared memory systems and writing multiprocessor programs. In order to promote understanding and enable automated verification, it is highly desir- able that a memory model specification be both declarative and executable. We have developed a specification framework called Nemos (Non-operational yet Executable Memory Ordering Specifications), which employs a uniform notation based on predi- cate logic to define shared memory semantics in an axiomatic as well as compositional style. In this paper, we present this framework and discuss how constraint logic pro- gramming and SAT solving can be used to make these axiomatic specifications exe- cutable for memory model analysis, thus supporting precise specification and automatic execution in the same framework. To illustrate our approach, this paper formalizes a collection of well known memory models, including sequential consistency, coherence, PRAM, causal consistency, and processor consistency