Eliminating synchronization faults in air traffic control software via design for verification with concurrency controllers

Abstract: Abstract.The increasing level of automation in critical infrastructures requires development of effective ways for finding faults in safety critical software components. Synchronization in concurrent components is especially prone to errors and, due to difficulty of exploring all thread interleavings, it is difficult to find synchronization faults. In this paper we present an experimental study demonstrating the effectiveness of model checking techniques in finding synchronization faults in safety critical sof… Show more

“…In [4], [5] TSAFE implementation was verified with re- spect to non-reentrant read-write and mutex locks. We modified the TSAFE implementation using reentrant read-write and mutex locks.…”

“…Note that during interface verification, JPF searches the state space for all possible outcomes of the non-deterministic choices that are inserted during thread isolation. The thread isolation techniques we use are explained in detail in [5].…”

“…Our modular verification approach is based on the earlier work on verification of synchronization policies in Java programs presented in [2]- [5]. However, these earlier results are not capable of handling reentrant locks since they restrict the interfaces of the synchronization policies to finite state machines.…”

“…Related Work: This paper builds on the framework developed in [2]- [5]. The main contribution of the current paper is extending the modular verification framework introduced in this earlier work to reentrant locks.…”

Modular verification of synchronization with reentrant locks

“…In [4], [5] TSAFE implementation was verified with re- spect to non-reentrant read-write and mutex locks. We modified the TSAFE implementation using reentrant read-write and mutex locks.…”

“…Note that during interface verification, JPF searches the state space for all possible outcomes of the non-deterministic choices that are inserted during thread isolation. The thread isolation techniques we use are explained in detail in [5].…”

“…Our modular verification approach is based on the earlier work on verification of synchronization policies in Java programs presented in [2]- [5]. However, these earlier results are not capable of handling reentrant locks since they restrict the interfaces of the synchronization policies to finite state machines.…”

“…Related Work: This paper builds on the framework developed in [2]- [5]. The main contribution of the current paper is extending the modular verification framework introduced in this earlier work to reentrant locks.…”

Modular verification of synchronization with reentrant locks

“…Test beds developed were a simplified MARS Rover and a part of a tactical separation assisted flight environment. For example, the latter test bed was used to identify limits to a method and allow for the method developer to make improvements to the techniques based upon the empirical analysis [14]. The application of the techniques went from test beds to carefully moni-tored projects to large-scale projects, allowing the techniques to evolve over use and provide the necessary information for the experience base.…”

A Personal Perspective on the Evolution of Empirical Software Engineering

Identifying Failure Causalities in Multi-component Applications