Sumesh Divakaran scite author profile

Mohan

2010

A framework based on the notion of "conflict-tolerance" was proposed in [3,4] as a compositional methodology for developing and reasoning about systems that are composed of multiple independent controllers. A central notion in this framework is that of a "conflict-tolerant" specification for a controller. In this work we propose a way of specifying conflict-tolerant real-time controllers in Metric Interval Temporal Logic (MITL). We call our logic CT-MITL for ConflictTolerant MITL. We consider the associated verification and synthesis problems for CT-MITL and give decision procedures to solve them.

Efficient Refinement Checking in VCC

Sridhar

2014

We propose a methodology for carrying out refinement proofs across declarative abstract models and concrete implementations in C, using the VCC verification tool. The main idea is to first perform a systematic translation from the top-level abstract model to a ghost implementation in VCC. Subsequent refinement proofs between successively refined abstract models and between abstract and concrete implementations are carried out in VCC. We propose an efficient technique to carry out these refinement checks in VCC. We illustrate our methodology with a case study in which we verify a simplified C implementation of an RTOS scheduler, with respect to its abstract Z specification. Overall, our methodology leads to efficient and automatic refinement proofs for complex systems that would typically be beyond the capability of tools such as Z/Eves or Rodin.

Refinement-Based Verification of the FreeRTOS Scheduler in VCC

Kushwah

et al. 2015

Abstract. We describe our experience with verifying the schedulerrelated functionality of FreeRTOS, a popular open-source embedded real-time operating system. We propose a methodology for carrying out refinement-based proofs of functional correctness of abstract data types in the popular code-level verifier VCC. We then apply this methodology to carry out a full machine-checked proof of the functional correctness of the FreeRTOS scheduler. We describe the bugs found during this exercise, the fixes made, and the effort involved.

Conflict-tolerant specifications in temporal logic

Matteplackel

2010

A framework based on the notion of conflict-tolerance was proposed in [1] as a methodology for developing and reasoning about systems that are composed of multiple independent features. In [1] the authors use annotated transition systems to specify conflict-tolerant features. In this paper we propose a way of specifying conflict-tolerant features in Temporal Logic, which is a specification language widely used in practice. We call our logic Conflict-Tolerant LTL or CT-LTL. We provide an algorithm for verifying whether a given feature implementation meets a specification given in our logic. The paper concludes by providing a constructive procedure for synthesising a finite-state feature implementation from a given CT-LTL specification.