Provably Correct Systems

Objective

The goal of PROCOS was to contribute to methodologies for the joint hardware and software development of safety-critical, high integrity, real-time, embedded systems by defining:
-methods for problem domain requirements capture
-a specification and a programming language
-a machine architecture and language
-a compiler from the programming language to that machine
-a suitable kernel supporting the execution of compiled programs.
PROCOS also aimed to design the formal semantics of specification, programming and machine languages, contribute to principles of decomposing the development of such systems into smaller, more manageable tasks, and develop techniques for ensuring the integrity and stability of interfaces between the different components of a system.
Programming methodologies were studied for systems that must interact correctly, uncorruptedly and in real time with an environment, no matter how that environment behaves. Systems software needed to support such applications (compilers and operating system kernals, for example) was investigated, together with principles and techniques for the development of provably correct software, ranging from the design of machine languages to methods for capturing the applications requirements.

Techniques for capturing the requirements for real time, embedded, safety critical systems have been clarified, and the proper roles of equipment and component systems engineering are becoming apparent.

A novel duration calculus for real time specification has been proposed, and its mathematics studied and its applicability tested. More conventional specification, programming machine languages have been given firm semantics, and several novel transformation rules between them have been studied and applied. A novel rapid compiler protoyping technique, as well as production quality compiler development techniques, are being studied and applied. Large manual proofs of correctness of compilation have been carried through.

Throughout the work, a better understanding has emerged of overall design techniques for interfacing the various components of complex digital hardware and sofware systems.
APPROACH AND METHODS
The approach taken was based on decomposing the ultimate goal into a set of subgoals, as outlined above.
To achieve these subgoals a theoretical study has been made of what is meant by the safety criticality of embedded systems. Insights gained in this study are being evaluated through individual case-studies of particular systems, such as auto-pilots, gas burners and railway systems.
The experience gained with these case-studies have been used to define requirements specification, programming, and machine languages with formal semantics. The soundness of rules for the transformation of specifications to programs and of programs to mac hine code (compilation) have been established. A novel interval logic, the Duration Calculus, has been developed and used to specify and reason about real-time requirements. OCCAM 2 with the Inmos transputer has been adopted as the underlying machine for programs and programming languages. Refinement techniques are employed for the verification of transformation rules, and a variety of other techniques for compiler and kernel development.
PROGRESS AND RESULTS
Techniques for capturing the requirements for real-time, embedded, safety-critical systems have been clarified, and the proper roles of equipment and component systems engineering are becoming apparent.
A novel duration calculus for real-time specification has been proposed, and its mathematics studied and its applicability tested. More conventional specification, programming and machine languages have been given firm semantics, and several novel transformation rules between them have been studied and applied. A novel rapid compiler prototyping technique, as well as production quality compiler development techniques, are being studied and applied. Large manual proofs of correctness of compilation have been carried through.
Throughout the work, a better understanding has emerged of overall design techniques for interfacing the various components of complex digital hardware and software systems.
POTENTIAL
The resulting principles and techniques will find use within the industrial production of computer-controlled instruments, in process and manufacturing (robotics) control, and in defence, as well as in the larger area of computer applications, where dependable, high integrity, safety-critical systems are required.

Fields of science (EuroSciVoc)

CORDIS classifies projects with EuroSciVoc, a multilingual taxonomy of fields of science, through a semi-automatic process based on NLP techniques. See: The European Science Vocabulary.

• natural sciences computer and information sciences software software applications system software operating systems
• natural sciences computer and information sciences software software development
• engineering and technology electrical engineering, electronic engineering, information engineering electronic engineering robotics
• natural sciences mathematics

Programme(s)

Multi-annual funding programmes that define the EU’s priorities for research and innovation.

• FP2-ESPRIT 2 - European strategic programme (EEC) for research and development in information technologies (ESPRIT), 1987-1992

Topic(s)

Calls for proposals are divided into topics. A topic defines a specific subject or area for which applicants can submit proposals. The description of a topic comprises its specific scope and the expected impact of the funded project.

Call for proposal

Procedure for inviting applicants to submit project proposals, with the aim of receiving EU funding.

Funding Scheme

Funding scheme (or “Type of Action”) inside a programme with common features. It specifies: the scope of what is funded; the reimbursement rate; specific evaluation criteria to qualify for funding; and the use of simplified forms of costs like lump sums.

Data not available

Coordinator

Participants (5)