open-DO » Related Initiatives

Executable Annotations for C Programs

Yannick Moy — Mon, 09 Jan 2012 11:49:16 +0000

The Frama-C platform, which integrates static analysis and formal proof of C programs, now has a plug-in for run-time execution of annotations. In particular, preconditions and postconditions written using the E-ACSL subset of the ACSL annotation language for C can now be executed thanks to this plug-in. This is a great move in the direction of better integration of proofs and tests for C programs!

As far as I know, this is the first attempt at defining a common annotation language for tests and static analysis / proof for C. The annotation languages for C that I know of cannot be executed: Microsoft’s widely used Standard Annotation Language, the annotation language used by the Escher C Verifier or the one from Microsoft’s VCC.

Note that an important difference between this annotation language and others is that it uses mathematical semantics for operations in annotations. So an addition in annotations cannot overflow. In practice, they are using the GMP library for mathematical integers. Try it for yourself by downloading/installing Frama-C and this plug-in!

code.NASA

Jamie Ayre — Thu, 05 Jan 2012 08:11:19 +0000

An interesting new website added to the family of NASA websites. code.NASA, according the website, NASA “…will continue, unify, and expand NASA’s open source activities. The site will serve to surface existing projects, provide a forum for discussing projects and processes, and guide internal and external groups in open development, release, and contribution.”

More information can be found at:

http://open.nasa.gov/blog/2012/01/04/the-plan-for-code/

I particularly like the call for participation – “Will your code someday escape our solar system or land on an alien planet? We’re working to make it happen, and with your help, it will.”

First TOPCASED Days 2011 conference

Jamie Ayre — Tue, 25 Jan 2011 08:20:23 +0000

The first conference based around the TOPCASED toolkit project will take place in Toulouse February 2nd-4th, 2011.

TOPCASED (Toolkit in OPen-source for Critical Application and SystEms Development) is a modular, open-source, Eclipse-based software environment providing methods and tools for critical embedded systems development, ranging from system and architecture specifications to software and hardware implementation through equipment definition. TOPCASED promotes model-driven engineering and formal methods as key technologies.

Safety-critical software and formal verification

Jamie Ayre — Fri, 10 Sep 2010 10:54:41 +0000

Below are a couple of links to a paper and an article discussing the formal verification of safety-critical applications.

The first one is an article written by Boris Sedacca in the IET magazine “Verifying safety-critical aerospace and automotive applications” looking at how the current and upcoming Avionics and Automotive standards “aim to improve code verification”.
http://kn.theiet.org/magazine/issues/1013/verifying-safety-1013.cfm

The second one is a paper written by Xavier Leroy who is a member of the team at INRIA working on the CompCert project. “The paper reports on the development and formal verification (proof of semantic preservation) of CompCert, a compiler from Clight (a large subset of the C programming language) to PowerPC assembly code, using the Coq proof assistant both for programming the compiler and for proving its correctness.”
http://gallium.inria.fr/~xleroy/publi/compcert-CACM.pdf

Certification Together Conference

Jamie Ayre — Mon, 26 Jul 2010 09:49:12 +0000

According to the website, “The Certification Together International Conference for the Aeronautical Industry is the only event in Europe fully dedicated to System, Software and Hardware certification challenges.”

Looking at the program, a large part of it, as you’d expect, is dedicated to the changes in the upcoming DO-178C standard and how it will affect current certification process and practices. Coupled with these are more practical, hand-on user studies provided by primes and vendors alike.

Cyrille Comar will be giving a talk based around “The challenges of Agile certification” and an update on the Object Oriented Technology (OOT) supplement of DO-178C.

The event will be held in Toulouse, France – Oct 26-28.

Hi-Lite project officially launched

Jamie Ayre — Wed, 05 May 2010 12:02:31 +0000

Yesterday saw the official launch of the Hi-Lite project. Financially supported by French national and local government agencies, Hi-Lite aims to increase the use of formal methods in developing high integrity software, particularly to meet the forthcoming DO-178C avionics standard.

Hi-Lite is completely based on libre software. The project is structured in two different toolchains for Ada and C based on GNAT/GCC compilers, the SPARK verification toolset and the Frama-C platform. The integration of these toolchains inside two industrial IDEs offers to the user a common interaction on Ada and C programs. In particular, mixed Ada/C programs can be verified against a common specification.

The project partners are AdaCore, Altran Praxis, Astrium Space Transportation, CEA-LIST, the ProVal team of INRIA and Thales Communications. AdaCore is the project leader. For more information please visit www.open-do.org/projects/hi-lite and to subscribe to the public mailing list please send email to hi-lite-discuss@lists.forge.open-do.org.

We will be reporting on its progress here as it reaches major milestones throughout the evolution of the project.

IEEE effort to standardize requirements capture language

Jose Ruiz — Thu, 22 Oct 2009 08:24:01 +0000

In a recent announcement, IEEE has approved work to develop a standard for a language to capture software requirements. Unfortunately, I have not found much information about it. They mention that the information will be presented in a tree-like structure, which should fit well with the hierarchical organization of requirements in typical safety-critical development.

Interesting open-source partitioning kernel

Jose Ruiz — Fri, 05 Jun 2009 08:57:22 +0000

I attended the DASIA 2009 conference las week, and I discovered a really nice open-source initiative targeting the high-integrity real-time community. The Real-Time Systems Group of the University of Valencia has developed an open-source hypervisor (partitioning kernel) called XtratuM, which is not ARINC compliant, but it provides temporal and spatial partitioning. It currently works on x86 and LEON2. I know personally the people behind this project, and I can encourage you to keep an eye on it.