Presentation is loading. Please wait.

Presentation is loading. Please wait.

Stuart AllenMark Bickford Robert Constable (PI) Christoph KreitzLori LorigoRobbert Van Renesse Secure software infrastructure Logic Programming Communications.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Stuart AllenMark Bickford Robert Constable (PI) Christoph KreitzLori LorigoRobbert Van Renesse Secure software infrastructure Logic Programming Communications."— Presentation transcript:

1 Stuart AllenMark Bickford Robert Constable (PI) Christoph KreitzLori LorigoRobbert Van Renesse Secure software infrastructure Logic Programming Communications An Open Logical Programming Environment Department of Computer Science, Cornell University Contract # F30602-98-0198

2 Formally relate mechanisms for composing program modules to mechanisms for composing specifications Prove system properties Add aspects while preserving properties Generate code modules from service specifications Build adaptive protocols for embedded applications Support real-time constraints in large networks Problem Description Build and apply formal method tools to increase assurance, adaptability, and performance of networked embedded systems

3 Objectives & Approach Class Theory ReflectionExtend logical language to support compositional design and verification (Class Theory), property-preserving code transformations, and real-time issues (Reflection) Build formal model of networked embedded systems Build formal knowledge and tailored reasoning strategies Introduce aspects via “composition” of micro-protocols Use LPE to increase confidence, flexibility & efficiency of key applications (Ensemble, Spinglass, Bold Stroke,...) open Logical Programming Environment Organize tools for verification, optimization, and formal design into an open Logical Programming Environment

4 LPE will provide Infrastructure for assuring system properties - e.g. safety, fault tolerance + synchronization, timing, … Support for error-free code reuse - Library of reusable specifications and related code - Mechanisms for composing designs and specs - Property-preserving transformations that combine aspects in code and specifications Verified mechanisms for increasing adaptability Support for real-time guarantees Contribution to PCES goals novel technologyreduce efforts increasing confidence The overarching goal of PCES is novel technology … that can reduce efforts to program embedded systems while increasing confidence in the … product Confidence requires proof

5 Possible applications through Ensemble & Spinglass Reliable infrastructure for large scale sensor networks that can provide real time intelligence to ground troops (Army) Support for communication infrastructure in Joint Battlespace Infosphere (In discussion with Air Force, Rome) Support for software systems like HiperD used in AEGIS battle control software (Navy) More through work on Boeing OEP Contribution to DoD Application LPE will provide assurance for desired properties, support rapid configuration of high-confidence systems and adaptability to changing situations

6 Project Tasks & Schedule Release tools for optimization of protocol stacks Complete formal verification of Ensemble VS protocol Develop new adaptive communication protocol using the LPE in design and verification  Specify and model event-driven embedded system module from PCES project partner (BoldStroke, …)  Develop web-based presentation mechanisms for knowledge base of software and specifications Enhance automatic tools to increase pace of formal developments (decision procedures, tailored tactics,…) Explore probabilistic embedded protocols with LPE technology developed for adaptive protocols  Incrementally deploy logical reflection mechanisms as basis for program composition / reconfiguration Fall 2000 Winter 2000 Spring 2001 Summ er 2001Fall2001 ongoin g Spring / Summ er 20022002

7 Theoretical basis for efficient reflection mechanism  reasoning about intensional properties: time, resources, synch…. Class theory supports code & design reuse through composition and weaving  Developed LPE technology for formal design of verifiably correct adaptive systems  Formal documentation, publications, Nuprl LPE and large database of algorithmic knowledge available at our web site http://www.cs.cornell.edu/Info/Projects/NuPrl Progress & Accomplishments

8 Verified Program Composition Class Theory provides expressive type constructs - Union, Intersection, Subtyping, Records, Modules Supports compositional verification - Intersecting modules preserves safety properties (M A P )  (M A  M B P ) - Intersecting modules is a form of composition M A  M B intersects states, actions, constraints == A method for property-preserving composition But intersection is more than just functional composition

9 Weaving as Combining Effects Intersection is proven to combine all safety properties of code Communication Logging Communication with Logging state q,log: Msg List action SEND: Msg effect SEND(m): q := enqueue m q if sensitive(m) then log := append log m Communication Communication state q: Msg List action SEND: Msg effect SEND(m): q := enqueue m q Logging Logging state log: Msg List action SEND: Msg effect SEND(m): if sensitive(m) then log := append log m Reflection needed to prove semantical effects of purely syntactical transformations (renaming, ….)  Intersection weaves code-pieces together  : property-preserving weaving of aspects

10 Designing Adaptive Systems Make system adapt safely to run-time dynamics - upgrades, higher security, performance Building block approach - generic switching protocol constructs hybrid protocols from simpler ones Switching protocol prot 1 prot 2 Correctness Issues - what protocols are switchable at all? - what code invariant preserves switchable properties ? Technique applies to event-driven architectures

11 6 Meta-Properties are sufficient for protocols to work correctly under a switch switch spec network Verifying Adaptive Systems } Layered Architecture } Protocol Switching Asynchrony Safety Delayable Send-enabled Composable Memoryless Verification reveals hidden assumptions & limitations of applicability Verification yields code invariants MP’s simplify design and verification MP’s characterize environmental prerequisites for correct behavior reliable adaptability Abstract approach supports reliable adaptability beyond communication

12 Package adaptive LPE tools and make available on web, including formal documentation Model components from Bold Stroke event channel - Investigate how to provide adaptive technology, optimization techniques, and check properties  Illustrate how to weave probabilistic aspects into an existing protocol Develop prototype probabilistic real time embedded protocol with LPE  Next Milestones

13 Applying the LPE to Bold Stroke Bold Stroke is layered event-channel architecture - some similarity to protocol stacks in communication Develop formal model of architecture and modules Investigate how to provide formal assistance for - assuring system properties (particularly after changes) - safe switching between schedules - dynamic reconfiguration (using adaptive technology) - improving performance for specific scenarios  Analysis tools for OEP application components

14 Provide properties with extremely high probability Scales well Same real-time guarantees as deterministic approaches Less vulnerable (weaker assumptions, more realistic) Simpler to design and analyze use MP technology developed for adaptive protocols + formal probabilistic communication model + reflection (for timing issues and probability analysis) Applications: Air traffic control, embedded sensor networks Probabilistic embedded protocols Bimodal Multicast Unreliable 1% fail 10 -12 fail Elegant for dealing with real-time constraints in large networks

15 BBN (old ties: Ensemble in Aqua/Quo projects) (planned: Ensemble in A/V transmission) Boeing (in preparation: apply LPE to Bold Stroke) Vanderbilt (planned: analyze synthesized software) ORA (ongoing: LPE verifications) (planned: formal RT Java semantics) AFRL Rome (joint Information Assurance Institute) Others ? Collaborations

16 (DoD + commercial use)LPE already provides direct support of Ensemble and Spinglass systems (DoD + commercial use) (AFLR/Cornell Information Assurance Institute)AFRL people are being trained to use the LPE (AFLR/Cornell Information Assurance Institute) Connections to BBN and Boeing offer new transition paths for future results Technology Transfer

17 Which PCES application is best to demonstrate major impact of formal tools? Balance between long-term and short-term goals? (better formal tools vs pushing application with today’s tools) Project is part of PCES only until Sept. 2002 Meaningful collaboration beyond 2002? Program Issues

Download ppt "Stuart AllenMark Bickford Robert Constable (PI) Christoph KreitzLori LorigoRobbert Van Renesse Secure software infrastructure Logic Programming Communications."

Similar presentations

ECOE 560 Design Methodologies and Tools for Software/Hardware Systems Spring 2004 Serdar Taşıran.

ECOE 560 Design Methodologies and Tools for Software/Hardware Systems Spring 2004 Serdar Taşıran.
25 February 2009Instructor: Tasneem Darwish1 University of Palestine Faculty of Applied Engineering and Urban Planning Software Engineering Department.

25 February 2009Instructor: Tasneem Darwish1 University of Palestine Faculty of Applied Engineering and Urban Planning Software Engineering Department.
© Chinese University, CSE Dept. Software Engineering / 1 - 1 Software Engineering Topic 1: Software Engineering: A Preview Your Name: ____________________.

© Chinese University, CSE Dept. Software Engineering / Software Engineering Topic 1: Software Engineering: A Preview Your Name: ____________________.
Presented by: Thabet Kacem Spring 2010. Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.

Presented by: Thabet Kacem Spring Outline Contributions Introduction Proposed Approach Related Work Reconception of ADLs XTEAM Tool Chain Discussion.
Background information Formal verification methods based on theorem proving techniques and model­checking –to prove the absence of errors (in the formal.

Background information Formal verification methods based on theorem proving techniques and model­checking –to prove the absence of errors (in the formal.
Automated creation of verification models for C-programs Yury Yusupov Saint-Petersburg State Polytechnic University The Second Spring Young Researchers.

Automated creation of verification models for C-programs Yury Yusupov Saint-Petersburg State Polytechnic University The Second Spring Young Researchers.
Fault-Tolerant Real-Time Networks Tom Henzinger UC Berkeley MURI Kick-off Workshop Berkeley, May 2000.

Fault-Tolerant Real-Time Networks Tom Henzinger UC Berkeley MURI Kick-off Workshop Berkeley, May 2000.
Reseach in DistriNet (department of computer science, K.U.Leuven) General overview and focus on embedded systems task-force.

Reseach in DistriNet (department of computer science, K.U.Leuven) General overview and focus on embedded systems task-force.
Page 1 Building Reliable Component-based Systems Chapter 16 - Component based embedded systems Chapter 16 Component based embedded systems.

Page 1 Building Reliable Component-based Systems Chapter 16 - Component based embedded systems Chapter 16 Component based embedded systems.
Chess Review May 11, 2005 Berkeley, CA Composable Code Generation for Distributed Giotto Tom Henzinger Christoph Kirsch Slobodan Matic.

Chess Review May 11, 2005 Berkeley, CA Composable Code Generation for Distributed Giotto Tom Henzinger Christoph Kirsch Slobodan Matic.
1 Software Architecture: a Roadmap David Garlen Roshanak Roshandel Yulong Liu.

1 Software Architecture: a Roadmap David Garlen Roshanak Roshandel Yulong Liu.
Rigorous Fault Tolerance Using Aspects and Formal Methods Shmuel Katz Computer Science Department The Technion Haifa, Israel

Rigorous Fault Tolerance Using Aspects and Formal Methods Shmuel Katz Computer Science Department The Technion Haifa, Israel
Stuart AllenMark Bickford Robert Constable Richard Eaton Christoph KreitzLori Lorigo Secure software infrastructure Logic Programming Communications Advances.

Stuart AllenMark Bickford Robert Constable Richard Eaton Christoph KreitzLori Lorigo Secure software infrastructure Logic Programming Communications Advances.
Strategic Directions in Real- Time & Embedded Systems Aatash Patel 18 th September, 2001.

Strategic Directions in Real- Time & Embedded Systems Aatash Patel 18 th September, 2001.
CSC 402, Fall 20001 Requirements Analysis for Special Properties Systems Engineering (def?) –why? increasing complexity –ICBM’s (then TMI, Therac, Challenger...)

CSC 402, Fall Requirements Analysis for Special Properties Systems Engineering (def?) –why? increasing complexity –ICBM’s (then TMI, Therac, Challenger...)
Report WG1 Software-Intensive Systems and New Computing Paradigms Cannes November 12-14, 2008 WG Leader: Martin Wirsing WG Depu ty Leaders: Jean-Pierre.

Report WG1 Software-Intensive Systems and New Computing Paradigms Cannes November 12-14, 2008 WG Leader: Martin Wirsing WG Depu ty Leaders: Jean-Pierre.
CprE 458/558: Real-Time Systems

CprE 458/558: Real-Time Systems
Misconceptions About Real-time Computing : A Serious Problem for Next-generation Systems J. A. Stankovic, Misconceptions about Real-Time Computing: A Serious.

Misconceptions About Real-time Computing : A Serious Problem for Next-generation Systems J. A. Stankovic, Misconceptions about Real-Time Computing: A Serious.
1 FM Overview of Adaptation. 2 FM RAPIDware: Component-Based Design of Adaptive and Dependable Middleware Project Investigators: Philip McKinley, Kurt.

1 FM Overview of Adaptation. 2 FM RAPIDware: Component-Based Design of Adaptive and Dependable Middleware Project Investigators: Philip McKinley, Kurt.
Router modeling using Ptolemy Xuanming Dong and Amit Mahajan May 15, 2002 EE290N.

Router modeling using Ptolemy Xuanming Dong and Amit Mahajan May 15, 2002 EE290N.

Similar presentations

Ads by Google