Refinement-Based Verification of the FreeRTOS Scheduler in VCC

Divakaran, Sumesh; D’Souza, Deepak; Kushwah, Anirudh; Sampath, Prahladavaradan; Sridhar, Nigamanth; Woodcock, Jim

doi:10.1007/978-3-319-25423-4_11

Cited by 8 publications

(4 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Both of the works proved FreeRTOS task invariants such as the running task always has the top priority. Divakaran et al [19] verified the FreeR-TOS scheduler with refinement-based method. Specifically, the method not only checks functional correctness but also proves that their abstraction in the Z notation is refined by the FreeRTOS implementation.…”

Section: Related Workmentioning

confidence: 99%

Formal Analysis of FreeRTOS Scheduler on ARM Cortex-M4 Cores

Lin¹,

Wang²

2022

Preprint

View full text Add to dashboard Cite

FreeRTOS is a real-time operating system with configurable scheduling policies. Its portability and configurability make FreeRTOS one of the most popular real-time operating systems for embedded devices. We formally analyze the FreeR-TOS scheduler on ARM Cortex-M4 processor in this work. Specifically, we build a formal model for the FreeRTOS ARM Cortex-M4 port and apply model checking to find errors in our models for FreeRTOS example applications. Intriguingly, several errors are found in our application models under different scheduling policies. In order to confirm our findings, we modify application programs distributed by FreeRTOS and reproduce assertion failures on the STM32F429I-DISC1 board.

show abstract

Section: Related Workmentioning

confidence: 99%

Formal Analysis of FreeRTOS Scheduler on ARM Cortex-M4 Cores

Lin¹,

Wang²

2022

Preprint

View full text Add to dashboard Cite

show abstract

“…In Divakaran et al, 65 there is an account of a formal model in Z of the FreeRTOS system. The discovery of this work was welcomed with joy, as it held out the promise of being able to integrate our application modelling with an equally rigorous model of the underlying system that the code relied on.…”

Section: Abstraction Level Impedance Mismatches-other Verification Tasksmentioning

confidence: 99%

“…Essentially, there was an abstraction level impedance mismatch that prevented efficient interworking. We would have had to model much more of the basic memory system than we could afford, in order to bring our models to the level of abstraction of Divakaran et al 65 In point [J] (Optimisation), we mentioned the enthusiasm for automatic code generation. However, we could see at a distance the mismatch between the kind of code that we could expect to generate automatically, and the anticipation of highly optimised code that was the day to day reality in the embedded world, we did not pursue this angle seriously; all this notwithstanding the impact on working practices that would be needed, and the nontrivial cost of production quality tools in this area.…”

Section: Abstraction Level Impedance Mismatches-other Verification Tasksmentioning

confidence: 99%

Formal methods by stealth: The INSPEX experience

Banach

Razavi

Debicki

et al. 2021

J Software Evolu Process

View full text Add to dashboard Cite

INSPEX is an INtegrated Smart sPatial EXploration system. It relies on a family of sensors, like automated vehicles do, to provide enough information to a digital system for it to make reliable inferences about the location of obstacles and other impediments in its environment. Unlike the automated vehicle case, INSPEX is minaturised, because it is intended for lightweight applications and for portable use by humans, for example, visually impaired persons navigating outdoors (among many similar use cases). The complexity of this hardware-focused system merited the introduction of formal methods during its (essentially conventionally structured) development. The aim was to improve the dependability of parts of the implemented system and to estimate system characteristics via modelling and calculation that could not be obtained experimentally within the scope of the project.The paper overviews the experience of the very much human-in-the-loop use of formal techniques in the INSPEX Project and focuses particularly on the human issues that impacted the cooperation between the conventional techniques and formal methods.

show abstract

“…Verification of conditions of this type can build upon existing work which has been done to verify operating-system level components. For example, there is a body of work related to the verification of the real-time operating system FreeRTOS (FreeRTOS, 2011;Divakaran et al, 2015), which is widely used in this type of application. From our point of view, it is interesting that this work uses a multi-tool approach, starting with refinement based tools to relate overall system requirements to those of specific subsystems, and then transitioning to tools designed to verify C code in order to check that these subsystems correctly perform their function.…”

Section: Functioning Under Conditions Of Uncertaintymentioning

confidence: 99%

Formal Verification for Advanced Sensing Applications: Data Pre-processing in the INSPEX System

Razavi

Banach

Lesecq

et al. 2018

Proceedings of the 13th International Conference on Software Technologies

View full text Add to dashboard Cite

Abstract:The INSPEX project aims to miniaturize state-of-the-art obstacle detection technology comprising heterogeneous sensors and advanced processing, so that it can be used for wearable devices. The project focuses on enhancing the white cane used by some visually impaired and blind people. Due to high demand for reliability and performance, the project is a good candidate for the use of formal methods. In this paper, we report lessons we have learned from formal modelling exercises related to the pre-processing of sensor information in INSPEX.

show abstract

Refinement-Based Verification of the FreeRTOS Scheduler in VCC

Cited by 8 publications

References 25 publications

Formal Analysis of FreeRTOS Scheduler on ARM Cortex-M4 Cores

Formal Analysis of FreeRTOS Scheduler on ARM Cortex-M4 Cores

Formal methods by stealth: The INSPEX experience

Formal Verification for Advanced Sensing Applications: Data Pre-processing in the INSPEX System

Contact Info

Product

Resources

About