1 HASTEN: Advanced Tool Integration for Embedded Systems Assurance Insup Lee Department of Computer...

1

HASTEN: Advanced Tool Integration for Embedded Systems Assurance

Insup LeeDepartment of Computer and Information

ScienceUniversity of Pennsylvania

May 10, 2005

May 10,, 2005 HCES Review Meeting 2

Principle investigators

o Rajeev Alur (UPenn)o Sampath Kannan (UPenn)o Insup Lee (PI, UPenn)o Oleg Sokolsky (UPenn) o Robert P. Cook (GSU) o Carl Gunter (UIUC)o Elsa Gunter (UIUC)o Kang G. Shin (UMich)


Embedded Systems

Embedded system are o devices used to control, monitor or assist the operation

of appliances, gadgets, equipment, machinery or plant;o an integral part of the system.

Characteristicso Tightly coupled to the physical world; i.e., interacts with

(or reacts to) its environmento Correct operation is subject to

Physical constraints imposed by the environment Resource constraints of the device

o Heterogeneity, networked at larger scaleo Sociological and ethical requirements

Users are not system experts Trustworthiness, security and privacy


A Variety of Application Domains

Hybrid and embedded systemso Aerospace, automobiles, robotics, process control, sensor networks,

smart spaces Medical devices and instruments

o Patient monitoring, MRI, infusion pumps, artificial organs Multimedia

o Virtual reality, immersive environment Consumer electronics

o Mobile phones, office electronics, digital appliances Network components

o Bridges, routers, switches, hubs E-business

o ATM, vending machines Distributed and grid computing

o Critical infrastructure defense system, air traffic control, intelligent highway systems, emergence response system


Goals of the HASTEN Project

High Assurance Systems Tools and ENvironments (HASTEN) Develop techniques and tools for “end-to-end” software

engineering of embedded software systemso Requirements captureo Specification, analysis, simulationo Implementation generation and validation: code generation,

testingo Deployed system monitoring, checking, and steering

Integrated use of toolso Vertical integration (reuse models)o Horizontal integration (layered modeling and analysis)

Case studieso automotive controllers, mobile robots, medical devices,

embedded Linux


BuildNLFSM

Example: Workflow for Policy Modeling and Verification

NLDocuments

ParagraphsParagraphsNLFSMs

ManualTranslation

and Merging

SystemSpecification

Test ScriptGeneration

Tool

Properties

Yes / NoOutcome

CertificationTest

Scripts

ProgramCode

TestOutcomes

CertificationCriteria

Certifier

Tester

Programmer

1. Write NL Requirements2. Extract formal system specifications

(EFSMs)3. Analyze specifications4. Implement system5. Create test scripts6. Run test scripts on implementation7. Use test results and properties to decide if

implementation passes


Software Development Process

Requirements capture and analysiso Informal to formalo Consistency and completenesso Assumptions and interfaces between

system componentso Application-specific properties

Design specifications and analysiso Formal modeling notationso Analysis techniques & Abstractionso Interfaces

Implementationo Code generation & synthesiso Validation

Testing Model extraction and verification Run-time monitoring and checking

Requirements

Designspecification

Implementation


Posters and Demos

Requirements capture and analysiso Extracting Formal Models from Natural Language Policy, Nikhil Dinesh, Arvind

Easwaran, Aravind Joshi, Insup Lee

Design specification and analysiso CHARON-AADL: An integrated framework for architectural and behavioral

specifications, Jesung Kim, Duncan Clarke, Oleg Sokolskyo Symbolic Compositional Verification by Learning Assumptions, Won Hong Nam,

Rajeev Alur

Implementation generation and verificationo Sound distributed code generation from hybrid system models, Madhukar

Anand, Sebatian Fischmeister, Jesung Kim, Insup Leeo On-the-fly model-checking of recursive state machines, Swarat Chaudhuri,

Rajeev Aluro Real-time and probabilistic extensions to MaC, Usa Sammapun, Oleg Sokolsky,

Insup Lee

Medical Device Case Studies: o Generic Infusion Pump and Bloodbank Management System, Dave Arney,

Aravind Easwaran, Sebastian Fischmeister, Jesung Kim, Insup Lee


Other on-going projects

Token coherence protocol, Alur Stochastic Charon, Alur Policy integration for programmable embedded

devices, Alur, Gunter Understanding what can be done with steering,

Kannan, Lee Compositional real-time scheduling framework,

Lee Adding time and power consumption to the model

supported by the Path Exploration Tool, Gunter Investigating the combination of model checking,

equational rewriting and general theorem proving with Maude, Spin, and Isabelle, Gunter

Etc.


Technology transfer I

Schedulability analysis of embedded systemso AADL is an SAE standard for modeling of

embedded systemso Formal schedulability

analysis by VERSAo Eclipse plugin for

OSATE AADLmodeling tool


Technology transfer II

LMCO: MaC run-time verification toolo Checking properties of systems at run timeo Dynamic and timing properties

QinetiQ: finding exploitable vulnerabilities in binary codeo Use MaC to provide dynamic data into static

constraint solving problem BAI Intl.: providing safety wrappers for

avionics controllerso Use MaC to evaluate the wrapper at run time


Applied Verification by Bob Cook

Discovered bug in Red Hat Next-generation POSIX Thread Library (NPTL); acknowledged/fixed by Red Hat

Description of tools and userso Implemented a POSIX Threads multi-platform libraryo Java FSM Explorer for PDAso Experiments with code strip verificationo Porting NASA Shuttle Launch Control code to multiple

platforms and analyzing it Tech transfer activities

o invited participant NASA Roadmap Workshopo FA-24 Instructor, Fort Gordono NASA KSC Faculty Fellow, 04/05o Requested to consult, Battle Lab, Ft. Gordon in the area

of network protocol analysis


HCMDSS (High-Confidence Medical Device Software and Systems) Workshop

The High Confidence Software and Systems (HCSS) Coordinating Group (CG) of the Federal Networking and Information Technology R&D (NITRD) Subcommittee, Committee on Technology of the National Science and Technology Council, invites you to submit a position paper for a workshop on High Confidence Medical Device Software and Systems (HCMDSS).

The Federal government recognizes that the rapidly increasing software complexity of medical devices makes the development of high integrity medical device software and systems a crucial issue in public health.

The purpose of the HCMDSS workshop is to provide an open, working forum for leaders and visionaries concerned with medical devices from industry, research laboratories, academia, and government with the goal of developing a roadmap to overcome crucial medical device software and systems issues and challenges facing the design, manufacture, certification, and use of medical devices.

June 2 & 3, 2005, Philadelphia, PA (www.cis.upenn.edu/hcmdss/)


Topics of Interest

Enabling Technologies for Future Medical Deviceso Implantable regulatory devices, networked biosensors, telesurgery, robotic surgery

Foundations for Integration of Medical Device Systems/Modelso Component-based foundations for accelerated design and verifiable system integrationo System of systems (including models, medical devices, care-givers, patients)

Distributed Control & Sensing of Networked Medical Device Systemso Robust, verifiable, fault-tolerant control of uncertain, multi-modal systems

Patient Modeling & Simulationo Large scale, high fidelity organ and patient models for design and testing

Embedded, Real-Time, Networked System Infrastructures for MDSSo Architecture, platform, middleware, resource management, QoS (Quality of Service), PnP

(Plug-and-Play) of MDSS High-Confidence Medical Device Software Development & Assurance

o Care-giver requirements solicitation and capture, design and implementation V&V (Verification and Validation)

o Heterogeneity in environment, architecture, platform in medical devices Medical Practice-driven Models and Requirements

o User-centered design, risk understanding, and use/misuse modeling in medical practice Certification of MDSS

o Quantifiable incremental certification of MDSS, role of design toolso COTS, non-determinisitic and self-adaptive medical device systems


Talks

Algorithmic software verification, Rajeev Alur

Schedulability analysis of AADL models" Oleg Sokolsky

Role-based access control in a mobile environment, Elsa Gunter

1 HASTEN: Advanced Tool Integration for Embedded Systems Assurance Insup Lee Department of Computer...

Documents

Transcript of 1 HASTEN: Advanced Tool Integration for Embedded Systems Assurance Insup Lee Department of Computer...