Following a brief discussion of uniprocessor scheduling in which we argue the case for formal analysis, we describe a distributed Event B model of interrupt driven scheduling. We first consider a model with two executing tasks, presented with the aid of state machine diagrams. We then present a faulty variant of this model which, under particular event timings, may ”drop” an interrupt. We show how the failure to discharge a particular proof obligation leads us to the conceptual error in this model. Finally we generalise the correct model to n tasks, leading to a reduction in proof effort
Event-B is a refinement-based formal method that is used for system-level modeling and analysis of c...
In this paper we analyze the traditional model of interrupt management and its incapacity to incorpo...
Abstract. We study the problem of determining stack boundedness and the exact maximum stack size for...
A widely-used class of real-time, reactive, embedded systems is called interrupt-driven systems [8]....
Embedded control programs are hard to analyse because their behaviour depends on how they interact w...
AbstractInterruption is a useful feature in programming and specification languages. Therefore, proc...
Programs for multiprocessor machines commonly perform busy-waiting for synchronisation. In this pape...
AbstractThis paper presents an approach to the efficient abstraction of interrupt handling in microc...
Parallel execution and hardware acceleration involving specialized devices such as GPUs and FPGAs ar...
Abstract—Interrupt-driven software is difficult to test and debug, especially when interrupts can be...
Interrupt-driven software is difficult to test and debug, especially when interrupts can be nested a...
AUTOSAR, the open and emerging global standard for automotive embedded systems, offers a timing prot...
Interrupt-driven software is difficult to test and debug, especially when interrupts can be nested a...
Lecture Notes in Computer Science 8144, 2013AUTOSAR, the open and emerging global standard for autom...
Real-time scheduling algorithms like RMA or EDF and their corresponding schedulability test have pro...
Event-B is a refinement-based formal method that is used for system-level modeling and analysis of c...
In this paper we analyze the traditional model of interrupt management and its incapacity to incorpo...
Abstract. We study the problem of determining stack boundedness and the exact maximum stack size for...
A widely-used class of real-time, reactive, embedded systems is called interrupt-driven systems [8]....
Embedded control programs are hard to analyse because their behaviour depends on how they interact w...
AbstractInterruption is a useful feature in programming and specification languages. Therefore, proc...
Programs for multiprocessor machines commonly perform busy-waiting for synchronisation. In this pape...
AbstractThis paper presents an approach to the efficient abstraction of interrupt handling in microc...
Parallel execution and hardware acceleration involving specialized devices such as GPUs and FPGAs ar...
Abstract—Interrupt-driven software is difficult to test and debug, especially when interrupts can be...
Interrupt-driven software is difficult to test and debug, especially when interrupts can be nested a...
AUTOSAR, the open and emerging global standard for automotive embedded systems, offers a timing prot...
Interrupt-driven software is difficult to test and debug, especially when interrupts can be nested a...
Lecture Notes in Computer Science 8144, 2013AUTOSAR, the open and emerging global standard for autom...
Real-time scheduling algorithms like RMA or EDF and their corresponding schedulability test have pro...
Event-B is a refinement-based formal method that is used for system-level modeling and analysis of c...
In this paper we analyze the traditional model of interrupt management and its incapacity to incorpo...
Abstract. We study the problem of determining stack boundedness and the exact maximum stack size for...