Compiling and verifying SC-SystemJ programs for safety-critical reactive systems

Park, Heejong; Malik, Avinash; Salčić, Zoran

doi:10.1016/j.cl.2015.08.006

Cited by 3 publications

(1 citation statement)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The work presented by Park et al [39] should also be referenced here, as they propose a technique for parallel compilation of an application into an executable and a formally verifiable Promela/SPIN model [40]. It is not a static programme analysis method per se, but our remarks regarding static analysis approaches still apply.…”

Section: Static Analysis: No Developer Guidancementioning

confidence: 99%

Frameworks compiled from declarations: a language‐independent approach

2016

View full text Add to dashboard Cite

Programming frameworks are an accepted fixture in the object-oriented world, motivated by the need for code reuse, developer guidance and restriction. A new trend is emerging where frameworks require domain experts to provide declarations using a domain-specific language, influencing the structure and behaviour of the resulting application. These mechanisms address concerns such as user privacy. Although many popular open platforms such as Android are based on declaration-driven frameworks, current implementations provide ad hoc and narrow solutions to concerns raised by their openness to non-certified developers. Most widely used frameworks fail to address serious privacy leaks and provide the user with little insight into application behaviour. To address these shortcomings, we show that declaration-driven frameworks can limit privacy leaks, as well as guide developers, independently from the underlying programming paradigm. To do so, we identify concepts that underlie declaration-driven frameworks and apply them systematically to an object-oriented language, Java and a dynamic functional language, Racket. The resulting programming framework generators are used to develop a prototype mobile application, illustrating how we mitigate a common class of privacy leaks. Finally, we explore the possible design choices and propose development principles for developing domain-specific language compilers to produce frameworks, applicable across a spectrum of programming paradigms.Domain-specific languages themselves are a well-established tool for increasing programmer efficacy as well as bridging the communication gap between application developers and domain experts [7][8][9][10]. This work aims in part to explore the link between DSLs and application programming frameworks.The complexity of DSLs used to parameterise frameworks varies greatly: we find examples ranging from simple lists of permissions as in Android to relatively rich DSLs used to describe the structure of the application (as in QtBuilder [11]). For example, the Manifest file required by Android applications declares which resources the application may use [3]. Resources are any sources or sinks, whether real devices (e.g. camera and microphone) or virtual ones (e.g. address book and the Internet). Such declarations allow the framework to better answer emerging challenges such as privacy concerns, potentially giving a user insight into how their sensitive information is used. In this work, we focus on these declaration-driven frameworks as applied to the problem of user data privacy. This is but one example where such declaration-driven frameworks are a fruitful technique: elsewhere, they have been applied to quality-of-service concerns [12], automatic exception management [13] or drive application simulation before deployment [14]. We restrict our discussion to user privacy, because it is a timely and relevant problem for which the benefits of declaration-driven frameworks are clear, as we will motivate in the rest of this article.Recently, we are seein...

show abstract

Section: Static Analysis: No Developer Guidancementioning

confidence: 99%

Frameworks compiled from declarations: a language‐independent approach

2016

View full text Add to dashboard Cite

show abstract

Formal modelling and verification of GALS systems using GRL and CADP

2016

View full text Add to dashboard Cite

A GALS (Globally Asynchronous, Locally Synchronous) system consists of several synchronous components that evolve concurrently and interact with each other asynchronously. The design of GALS systems is tedious and error-prone due to the high degree of synchronous and asynchronous concurrency present in complex architectures. In this paper, we present GRL (GALS Representation Language), a formal language designed to model GALS systems, for the purpose of formal verification of the asynchronous aspects. GRL combines the synchronous reactive model underlying dataflow languages and the asynchronous concurrent model underlying process algebras. We propose a translation from GRL to LNT, a value-passing concurrent language with classical process algebra flavour. This makes possible the analysis of GRL specifications using all the state-of-the-art simulation and verification functionalities provided by the CADP toolbox.

show abstract