Formal verification of a small real-time operating system

The foundation of this thesis is a distributed real-time system that connects several electronic control units (ECUs) with a communication bus. Each ECU consists of a processor executing the real-time operating system OLOS and several applications on the one hand, and an interface to the bus (ABC) on the other hand. OLOS provides application scheduling and controls the communication with the bus. The applications may communicate with OLOS via so-called system calls. For applications written in high-level languages these calls are available in terms of library functions. First, we present the design and the implementation of OLOS and its necessary library functions. Thereafter, we introduce the abstract model of an entire ECU which specifies the interface to the bus (ABC), process models and the behaviour of OLOS. Then, we formulate a simulation theorem between the abstract ECU model and a model that embeds the concrete OLOS implementation. The proof of this theorem provides us with the implementation correctness of OLOS. Based on the formal correctness of our operating system, the last section of this thesis presents an approach to pervasively verify applications that are executed under OLOS on a single ECU.Grundlage dieser Arbeit ist ein verteiltes Echtzeitsystem, welches mehrere elektronische Kontrolleinheiten (ECUs) mit einem Kommunikationsbus verbindet. Jede dieser Kontrolleinheiten besteht aus einer Schnittstelle zum Bus (ABC) und einem Prozessor, welcher das Echtzeitbetriebssystem Olos und mehrere Anwendungen ausführt. Olos organisiert die Ausführungszeit der Anwendungen auf dem Prozessor und steuert deren Kommunikation mit dem Bus. Die Anwendungen haben die Möglichkeit, über sogenannte Systemaufrufe mit dem Betriebssystem zu kommunizieren. Diese stehen den Anwendungen, die in höheren Programmiersprachen geschrieben sind, in Form von Bibliotheksfunktionen zur Verfügung. Zuerst stellen wir den Entwurf und die Implementierung von Olos und den notwendigen Bibliotheksfunktionen vor. Danach beschreiben wir das abstrakte Modell einer vollständigen ECU, welches die Schnittstelle zum Bus (ABC), Prozessmodelle und das Verhalten des Betriebssystems Olos festlegt. Wir formulieren ein Simulationstheorem zwischen dem abstrakten ECU Modell und einem Modell mit eingebetteter konkreter Olos-Implementierung. Der Beweis dieser Aussage liefert uns die Implementierungskorrektheit von Olos. Im letzten Teil der Arbeit benutzen wir dieses Ergebnis als Grundlage für einen Ansatz, mit dem durchgängig Anwendungen verifiziert werden können, die unter Olos auf einer elektronischen Kontrolleinheit ausgeführt werden

Tools and Algorithms for the Construction and Analysis of Systems

This open access book constitutes the proceedings of the 28th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, TACAS 2022, which was held during April 2-7, 2022, in Munich, Germany, as part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2022. The 46 full papers and 4 short papers presented in this volume were carefully reviewed and selected from 159 submissions. The proceedings also contain 16 tool papers of the affiliated competition SV-Comp and 1 paper consisting of the competition report. TACAS is a forum for researchers, developers, and users interested in rigorously based tools and algorithms for the construction and analysis of systems. The conference aims to bridge the gaps between different communities with this common interest and to support them in their quest to improve the utility, reliability, exibility, and efficiency of tools and algorithms for building computer-controlled systems

Planification de pas pour robots humanoïdes : approches discrètes et continues

Dans cette thèse nous nous intéressons à deux types d'approches pour la planification de pas pour robots humanoïdes : d'une part les approches discrètes où le robot n'a qu'un nombre fini de pas possibles, et d'autre part les approches où le robot se base sur des zones de faisabilité continues. Nous étudions ces problèmes à la fois du point de vue théorique et pratique. En particulier nous décrivons deux méthodes originales, cohérentes et efficaces pour la planification de pas, l'une dans le cas discret (chapitre 5) et l'autre dans le cas continu (chapitre 6). Nous validons ces méthodes en simulation ainsi qu'avec plusieurs expériences sur le robot HRP-2. ABSTRACT : In this thesis we investigate two types of approaches for footstep planning for humanoid robots: on one hand the discrete approaches where the robot has only a finite set of possible steps, and on the other hand the approaches where the robot uses continuous feasibility regions. We study these problems both on a theoretical and practical level. In particular, we describe two original, coherent and efficient methods for footstep planning, one in the discrete case (chapter 5), and one in the continuous case (chapter 6). We validate these methods in simulation and with several experiments on the robot HRP-2

Tools and Algorithms for the Construction and Analysis of Systems

This open access book constitutes the proceedings of the 28th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, TACAS 2022, which was held during April 2-7, 2022, in Munich, Germany, as part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2022. The 46 full papers and 4 short papers presented in this volume were carefully reviewed and selected from 159 submissions. The proceedings also contain 16 tool papers of the affiliated competition SV-Comp and 1 paper consisting of the competition report. TACAS is a forum for researchers, developers, and users interested in rigorously based tools and algorithms for the construction and analysis of systems. The conference aims to bridge the gaps between different communities with this common interest and to support them in their quest to improve the utility, reliability, exibility, and efficiency of tools and algorithms for building computer-controlled systems

Interaction-aware analysis and optimization of real-time application and operating system

Mechanical and electronic automation was a key component of the technological advances in the last two hundred years. With the use of special-purpose machines, manual labor was replaced by mechanical motion, leaving workers with the operation of these machines, before also this task was conquered by embedded control systems. With the advances of general-purpose computing, the development of these control systems shifted more and more from a problem-specific one to a one-size-fits-all mentality as the trade-off between per-instance overheads and development costs was in favor of flexible and reusable implementations. However, with a scaling factor of thousands, if not millions, of deployed devices, overheads and inefficiencies accumulate; calling for a higher degree of specialization. For the area real-time operating systems (RTOSs), which form the base layer for many of these computerized control systems, we deploy way more flexibility than what is actually required for the applications that run on top of it. Since only the solution, but not the problem, became less specific to the control problem at hand, we have the chance to cut away inefficiencies, improve on system-analyses results, and optimize the resource consumption. However, such a tailoring will only be favorable if it can be performed without much developer interaction and in an automated fashion. Here, real-time systems are a good starting point, since we already have to have a large degree of static knowledge in order to guarantee their timeliness. Until now, this static nature is not exploited to its full extent and optimization potentials are left unused. The requirements of a system, with regard to the RTOS, manifest in the interactions between the application and the kernel. Threads request resources from the RTOS, which in return determines and enforces a scheduling order that will ensure the timely completion of all necessary computations. Since the RTOS runs only in the exception, its reaction to requests from the application (or from the environment) is its defining feature. In this thesis, I will grasp these interactions, and thereby the required RTOS semantic, in a control-flow-sensitive fashion. Extracted automatically, this knowledge about the reciprocal influence allows me to fit the implementation of a system closer to its actual requirements. The result is a system that is not only in its usage a special-purpose system, but also in its implementation and in its provided guarantees. In the development of my approach, it became clear that the focus on these interactions is not only highly fruitful for the optimization of a system, but also for its end-to-end analysis. Therefore, this thesis does not only provide methods to reduce the kernel-execution overhead and a system's memory consumption, but it also includes methods to calculate tighter response-time bounds and to give guarantees about the correct behavior of the kernel. All these contributions are enabled by my proposed interaction-aware methodology that takes the whole system, RTOS and application, into account. With this thesis, I show that a control-flow-sensitive whole-system view on the interactions is feasible and highly rewarding. With this approach, we can overcome many inefficiencies that arise from analyses that have an isolating focus on individual system components. Furthermore, the interaction-aware methods keep close to the actual implementation, and therefore are able to consider the behavioral patterns of the finally deployed real-time computing system

Computer Aided Verification

The open access two-volume set LNCS 12224 and 12225 constitutes the refereed proceedings of the 32st International Conference on Computer Aided Verification, CAV 2020, held in Los Angeles, CA, USA, in July 2020.* The 43 full papers presented together with 18 tool papers and 4 case studies, were carefully reviewed and selected from 240 submissions. The papers were organized in the following topical sections: Part I: AI verification; blockchain and Security; Concurrency; hardware verification and decision procedures; and hybrid and dynamic systems. Part II: model checking; software verification; stochastic systems; and synthesis. *The conference was held virtually due to the COVID-19 pandemic

Tools and Algorithms for the Construction and Analysis of Systems

This open access book constitutes the proceedings of the 28th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, TACAS 2022, which was held during April 2-7, 2022, in Munich, Germany, as part of the European Joint Conferences on Theory and Practice of Software, ETAPS 2022. The 46 full papers and 4 short papers presented in this volume were carefully reviewed and selected from 159 submissions. The proceedings also contain 16 tool papers of the affiliated competition SV-Comp and 1 paper consisting of the competition report. TACAS is a forum for researchers, developers, and users interested in rigorously based tools and algorithms for the construction and analysis of systems. The conference aims to bridge the gaps between different communities with this common interest and to support them in their quest to improve the utility, reliability, exibility, and efficiency of tools and algorithms for building computer-controlled systems