Exhaustive testing of safety critical Java

With traditional testing, the test case has no control over non-deterministic scheduling decisions, and thus errors dependent on scheduling are only found by pure chance. Java Path Finder (JPF) is a specialized Java virtual machine that can systematically explore execution paths for all possible schedulings, and thus catch these errors. Unfortunately, execution-based model checkers, including JPF, cannot be easily adapted to support real-time programs. We propose a scheduling algorithm for JPF which allows testing of Safety Critical Java (SCJ) applications with periodic event handlers at SCJ levels 0 and 1 (without aperiodic event handlers). The algorithm requires that deadlines are not missed and that there is an execution time model that can give best- and worst-case execution time estimates for a given program path and specific program inputs. Our implementation, named R SJ, allows to search for scheduling dependent memory access errors, certain invalid argument errors, priority ceiling emulation protocol violations, and failed assertions in application code in SCJ programs for levels 0 and 1. It uses the execution time model of the Java Optimized Processor (JOP). We test our tool wit

Use Cases in Dataflow-Based Privacy and Trust Modeling and Analysis in Industry 4.0 Systems

Fostering efficiency of distributed supply chains in the Industry 4.0 often bases on IoT-data analysis and by means of lean- and shop oor-management. However, trust by preserving privacy is a precondition: Competing factories will not share data, if, e.g., the analysis of the data will reveal business relevant information to competitors. Our approach is enforcing privacy policies in Industry 4.0 supply chains. These are highly dynamic and therefore not manageable by \u27traditional\u27 rights-management approaches as we will stretch in a literature analysis. To enforce privacy, we analyze two industrial settings and derive general requirements: (1) Lean- and shop oor-management and (2) factory access control, both common in Industry 4.0 supply chains. We further propose a reference architecture for Industry 4.0 supply chains. We introduce the combination of Palladio Component Model (PCM) [23] and Ensembles [4] in order to analyze and enforce privacy policies in highly dynamic environments. Our novel approach paves way for data sharing and global data analyzes in highly dynamic Industry 4.0 supply chains. It is an important step for efficiency of these supply chains and therefore one important cornerstone for the success of Industry 4.0

Addressing State Explosion in Discovery of Concurrency Errors in Component Java Code

Abstract. Current approaches to the development of reliable software systems include decomposition into components, attaching formal behavior specification to the components, and verification of component behavior via model checking. The main obstacle preventing model checking real-life software components is state explosion, which occurs especially for highly parallel components. In addition, since a typical model checker (e.g. Java PathFinder) checks only complete programs, it is necessary to create an artificial environment for each isolated component. We present a technique that addresses state explosion in discovery of concurrency errors in component Java code with Java PathFinder. The key idea is to reduce parallelism in a component environment to preserve parallel execution only for methods that interact with each other via concurrency-related constructs of the Java language- those methods and the degree of interaction between them are determined by a metric. Benefits of the proposed technique are illustrated by results of experiments performed on several real-life software components. In particular, the technique makes discovery of concurrency errors with Java PathFinder possible in limited memory and reasonable time

Automated Construction of Reasonable Environment for Java Components

In software component verification, one of the challenges is model checking of isolated components. The environment of an isolated component is unknown, and therefore a part of an input to a model checker is missing. This problem can be addressed via automated generation of an artificial environment â?? component and its environment form a complete program that can be verified using common model checkers. Focusing on concurrency errors in Java components, we propose to automatically generate a reasonable artificial environment that makes efficient detection of concurrency errors with Java PathFinder possible. Such an environment executes in parallel those component's methods that interact via concurrency constructs of Java and thus likely contain concurrency errors. We employ static code analysis to identify sets of methods to be executed in parallel and a metric to order the sets according to the degree of interaction. Benefits of the technique are illustrated on results of experiments performed on real-life Java components

Lung Point Sign in Ultrasound Diagnostics of Pneumothorax: Imitations and Variants

Background. Pulmonary ultrasound plays a key role in the diagnosis of pneumothorax in emergency and intensive-care medicine. The lung point sign has been generally considered a pathognomonic diagnostic sign. Recently, several other situations have been published that can mimic the lung point, as well as a few different variants of the true lung point sign. Materials and Methods. Based on years of monitoring the literature and collecting our database of ultrasound findings, we prepared a review of ultrasound findings mimicking the lung point sign and ultrasound variants of the true lung point sign. Results. We present four imitations of the lung point sign (physiological lung point sign, pseudo-lung point sign, bleb point sign, and pleurofascial point sign) and two variants of the true lung point sign (double lung point sign and hydro point sign) documented by images and video records. Conclusions. Knowledge of ultrasound imitations and variants of the lung point sign may increase the reliability of pneumothorax diagnosis and may reduce the risk of performing unindicated interventions

Challenge benchmarks for verification of real-time programs

Real-time systems, and in particular safety-critical systems, are a rich source of challenges for the program verification community as software errors can have catastrophic consequences. Unfortunately, it is nearly impossible to find representative safety-critical programs in the public domain. This has been significant impediment to research in the field, as it is very difficult to validate new ideas or techniques experimentally. This paper presents open challenges for verification of real-time systems in the context of the Real-time Specification for Java. But, our main contribution is a family of programs, called CDx, which we present as an open source benchmark for the verification community

Challenge Benchmarks For Verification Of Real-Time Programs

Real-time systems, and in particular safety-critical systems, are a rich source of challenges for the program verification community as software errors can have catastrophic consequences. Unfortunately, it is nearly impossible to find representative safety-critical programs in the public domain. This has been significant impediment to research in the field, as it is very difficult to validate new ideas or techniques experimentally. This paper presents open challenges for verification of real-time systems in the context of the Real-time Specification for Java. But, our main contribution is a family of programs, called CDx, which we present as an open source benchmark for the verification community. Copyright © 2010 ACM