Safe and Verifiable Design of Concurrent Java Programs

The design of concurrent programs has a reputation for being difficult, and thus potentially dangerous in safetycritical real-time and embedded systems. The recent appearance of Java, whilst cleaning up many insecure aspects of OO programming endemic in C++, suffers from a deceptively simple threads model that is an insecure variant of ideas that are over 25 years old [1]. Consequently, we cannot directly exploit a range of new CASE tools -- based upon modern developments in parallel computing theory -- that can verify and check the design of concurrent systems for a variety of dangers\ud such as deadlock and livelock that otherwise plague us during testing and maintenance and, more seriously, cause catastrophic failure in service. \ud Our approach uses recently developed Java class\ud libraries based on Hoare's Communicating Sequential Processes (CSP); the use of CSP greatly simplifies the design of concurrent systems and, in many cases, a parallel approach often significantly simplifies systems originally approached sequentially. New CSP CASE tools permit designs to be verified against formal specifications\ud and checked for deadlock and livelock. Below we introduce CSP and its implementation in Java and develop a small concurrent application. The formal CSP description of the application is provided, as well as that of an equivalent sequential version. FDR is used to verify the correctness of both implementations, their\ud equivalence, and their freedom from deadlock and livelock

Synchronous Java: Light-Weight, Deterministic Concurrency and Preemption in Java

A key issue in the development of reliable embedded software is the proper handling of reactive controlow, which typically involves concurrency. Java and its thread concept have only limited provisions for implementing deterministic concurrency. Thus, as has been observed in the past, it is challenging to develop concurrent Java programs without any deadlocks or race conditions. To alleviate this situation, the Synchronous Java (SJ) approach presented her adopts the key concepts that have been established in the world of syschronous programming for handling reactive controlow. Thus SJ not only provides deterministic concurrency, but also dierent variants of deterministic preemption. Furthermore SJ allows concurrent threads to communicate with Esterel-style signals. As a case study for an embedded system usage, we also report on how the SJ concepts have been applied in the context of Lego Mindstorms

C# and the .NET framework: ready for real time

0 7 4 0 -7 4 5 9 / 0 3 / $ 1 9 . 0 0 © 2 0 0 3 I E E E including type unsafe features, thread synchronization, and overflow-sensitive arithmeticapply to real-time systems. This article will further explore C# and the .NET Framework's suitability for real-time systems. Real-time systems Practitioners categorize real-time systems as hard, firm, and soft. 1 Hard real-time systems include those in which a single missed deadline might cause catastrophic repercussions. Firm real-time systems tolerate one or more missed deadlines without catastrophic repercussions. In soft real-time systems, missed deadlines only result in performance degradation. Bart Van Beneden says, "All too often, real-time behavior is associated with raw speed. Popular conclusions are that the faster a system responds or processes data, the more real-time it is." 2 However, these conclusions are incorrect. Real-time systems must foremost address schedulability and determinism, especially under load. 1 Schedulability indicates a system's ability to satisfy all deadlines. Determinism lets an observer predict the system's next state at any time given its current state and a set of inputs. Real-time C# Real-time Java systems have been studied extensively. When examining C# and .NET for realtime systems, you should note the characteristics of the underlying platform-this primarily means Microsoft operating systems. M icrosoft's integrated development environment, Visual Studio.NET, includes a new programming language C# (pronounced "C sharp"), which targets the .NET Framework. Both the .NET Framework and C# are fairly well-documented technologies, but the platform's appropriateness for real-time systems has not received much attention. Microsoft doesn't specifically claim that C# and .NET are intended for real-time systems, but many of the platform's general purpose featuresreal-time system

Improving the memory management performance of RTSJ

International audienceFrom a real-time perspective, the garbage collector (GC) introduces unpredictable pauses that are not tolerated by real-time tasks. Real-time collectors eliminate this problem but introduce a high overhead. Another approach is to use memory regions (MRs) within which allocation and deallocation is customized. This facility is supported by the memory model of the Real-Time Specification for Java (RTSJ). RTSJ imposes strict access and assignment rules to avoid both the dangling inter-region references and the delays of critical tasks of the GC. A dynamic check solution can incur high overhead, which can be reduced by taking advantage of hardware features. This paper provides an in-depth analytical investigation of the overhead introduced by dynamic assignments checks in RTSJ, describing and analysing several solutions to reduce the introduced overhead

Cooperative framework for open real-time systems

Actualmente, os sistemas embebidos estão presentes em toda a parte. Embora grande parte da população que os utiliza não tenha a noção da sua presença, na realidade, se repentinamente estes sistemas deixassem de existir, a sociedade iria sentir a sua falta. A sua utilização massiva deve-se ao facto de estarem practicamente incorporados em quase os todos dispositivos electrónicos de consumo, telecomunicações, automação industrial e automóvel. Influenciada por este crescimento, a comunidade científica foi confrontada com novos problemas distribuídos por vários domínios científicos, dos quais são destacados a gestão da qualidade de serviço e gestão de recursos - domínio encarregue de resolver problemas relacionados com a alocação óptima de recursos físicos, tais como rede, memória e CPU. Existe na literatura um vasto conjunto de modelos que propõem soluções para vários problemas apresentados no contexto destes domínios científicos. No entanto, não é possível encontrar modelos que lidem com a gestão de recursos em ambientes de execução cooperativos e abertos com restrições temporais utilizando coligações entre diferentes nós, de forma a satisfazer os requisitos não funcionais das aplicações. Devido ao facto de estes sistemas serem dinâmicos por natureza, apresentam a característica de não ser possível conhecer, a priori, a quantidade de recursos necessários que uma aplicação irá requerer do sistema no qual irá ser executada. Este conhecimento só é adquirido aquando da execução da aplicação. De modo a garantir uma gestão eficiente dos recursos disponíveis, em sistemas que apresentam um grande dinamismo na execução de tarefas com e sem restrições temporais, é necessário garantir dois aspectos fundamentais. O primeiro está relacionado com a obtenção de garantias na execução de tarefas de tempo-real. Estas devem sempre ser executadas dentro da janela temporal requirida. O segundo aspecto refere a necessidade de garantir que todos os recursos necessários à execução das tarefas são fornecidos, com o objectivo de manter os níveis de performance quer das aplicações, quer do próprio sistema. Tendo em conta os dois aspectos acima mencionados, o projecto CooperatES foi especificado com o objectivo de permitir a dispositivos com poucos recursos uma execução colectiva de serviços com os seus vizinhos, de modo a cumprir com as complexas restrições de qualidade de serviço impostas pelos utilizadores ou pelas aplicações. Decorrendo no contexto do projecto CooperatES, o trabalho resultante desta tese tem como principal objectivo avaliar a practicabilidade dos conceitos principais propostos no âmbito do projecto. O trabalho em causa implicou a escolha e análise de uma plataforma, a análise de requisitos, a implementação e avaliação de uma framework que permite a execução cooperativa de aplicações e serviços que apresentem requisitos de qualidade de serviço. Do trabalho desenvolvido resultaram as seguintes contribuições: Análise das plataformas de código aberto que possam ser utilizadas na implementação dos conceitos relacionados com o projecto CooperatES; Critérios que influenciaram a escolha da plataforma Android e um estudo focado na análise da plataforma sob uma perspectiva de sistemas de tempo-real; Experiências na implementação dos conceitos do projecto na plataforma Android; Avaliação da practicabilidade dos conceitos propostos no projecto CooperatES; Proposta de extensões que permitam incorporar características de sistemas de tempo real abertos na plataforma Android.Embedded devices are reaching a point where society does not notice its presence; however, if suddenly taken away, everyone would notice their absence. The new, small, embedded devices used in consumer electronics, telecommunication, industrial automation, or automotive systems are the reason for their massive spread. Influenced by this growth and pervasiveness, the scientific community is faced with new challenges in several domains. Of these, important ones are the management of the quality of the provided services and the management of the underlying resources - both interconnected to solve the problem of optimal allocation of physical resources (namely CPU, memory and network as examples), whilst providing the best possible quality to users. Although several models have been presented in literature, a recent proposal handles resource management by using coalitions of nodes in open real-time cooperative environments, as a solution to guarantee that the application’s non-functional requirements are met, and to provide the best possible quality of service to users. This proposal, the CooperatES framework, provides better models and mechanisms to handle resource management in open real-time systems, allowing resource constrained devices to collectively execute services with their neighbours, in order to fulfil the complex Quality of Service constraints imposed by users and applications. Within the context of the CooperatES framework, the work presented in this thesis evaluates the feasibility of the implementation of the framework’s Quality of Service concept within current embedded Java platforms, and proposes a solution and architecture for a specific platform: the Android operating system. To this purpose, the work provides an evaluation of the suitability of Java solutions for real-time and embedded systems, an evaluation of the Android platform for open real-time systems, as well as discusses the required extensions to Android allowing it to be used within real-time system. Furthermore, this thesis presents a prototype implementation of the CooperatES framework within the Android platform, which allows determining the suitability of the proposed platform extensions for open real-time systems applications

Virtual Java Machines for Small Embedded Systems

Die objektorientierte Programmiersprache Java ist auf eingebetteten Systemen noch nicht stark verbreitet, meist aus Kostengründen. Eine virtuelle Java Maschine erfordert normalerweise ein leistungsfähigeres System. Diese Arbeit befasst sich damit, Java auf besonders preiswerten 8-Bit-Mikrocontrollern auszuführen. Das eröffnet für Java die Welt der Messung, Steuerung und Regelung und verknüpft sie mit Benutzerinteraktion und Kommunikation. Java kann mit geringerem Programmieraufwand dazu beitragen, beispielsweise einen Haushalt zu steuern und zu überwachen. Für die speichereffiziente Umsetzung von Java werden einige Techniken evaluiert und auf einem Mikrocontroller (ST7) integriert. Mittels einer Vorverarbeitung von Java-Programmen und der virtuellen Maschine selbst auf einem Entwicklungssystem wird der Platzbedarf auf dem Zielsystem verringert. Geeignete Datenstrukturen und Klassenbibliotheken (API) belegen nur wenig Laufzeitspeicher mit Daten. Die Kombination von Java-Bytecode mit zielsystemabhängigen nativen Code ermöglicht die Ansteuerung von Peripheriekomponenten. Geeignete Zeitsteuerungen (zeitschrankenbasiertes Thread-Scheduling) machen Java auch für zeitkritische Anwendungen geeignet. Zusammen mit einer Software-Umgebung auf dem Entwicklungssystem entstand ein einsatzfähiges Java-System für einen Mikrocontroller. Die bei der Entwicklung dieser JavaVM gemachten Erfahrungen werden schließlich in neue Entwurfsverfahren zur Erstellung spezieller eingebetteter virtueller Maschinen umgesetzt. Dabei kommt ein vollständig in Java beschriebenes mehrschichtiges Modell zum Einsatz, das sich flexibel an verschiedene Zielsysteme anpassen lässt. Das Modell enthält die virtuelle Maschine bestehend aus Kern und Laufzeitbibliothek sowie eine allgemeine Anwendungsprogrammierschnittstelle. Erst Code-Generatoren fügen den zielsystemabhängigen nativen Code in das Modell ein.Java is an object oriented programming language. But mainly because of the costs it’s not widely used on embedded systems. Typical Java virtual machines require larger systems. This work aims for integration of Java on inexpensive 8-bit microcontrollers. This makes Java possible in the world of measurement, control and automation and allows the combination of control, user interaction and communication on a single system. E. g. Java can be used to enable home automation with less programming effort. To integrate Java on small embedded systems with low memory consumption, some techniques are explored and realized on a microcontroller (ST7). Due to preprocessing of Java programs and the virtual machine itself on a development system, the program memory allocation on the target system is reduced. Applicable data structures and class libraries (API) are designed to use as little data memory as possible. If Java bytecode is combined with the target system’s native code, peripheral components can be utilized. Furthermore deadline based thread scheduling can be used for time critical tasks. Together with a software environment for development systems this results in an operative Java system on a microcontroller. Experiences developing this JavaVM are now resulting to new development practices for creation of specialized embedded virtual machines. A completely Java based multilayered model is able to match various target systems. The model contains the virtual machine (kernel and runtime) and a generic application programming interface. Only at the end, code generators insert target system specific native code into the model