Provably Correct Systems

Objectif

Our overall objectives are to advance the state of the art of systematic design of complex heterogeneous systems, including both software and hardware; in particular, to reduce the risk of error in the specification, design and implementation of embedded safety-critical systems.

To approach this goal, we plan to develop a theory, system and methodology to cover all of the following: (1) Requirements capture and analysis; (2) system specification and design; (3) programming language processing and compilation; (4) a hardware machine, including multiprogramming kernel; (5) an implementation in hardware down to gate level. Support for (4) and (5) have also been provided from national sources.
Research has been carried out in order to improve dependability, reduce timescales and cut development costs of construction for embedded systems, particularly in real time and safety critical applications.

For the requirements phase, advances have been made in the application and extension of Duration Calculus by considering probabilistic aspects and the problems associated with hybrid systems. The gap between the requirements and the specification level is being filled by adding real time features to the specification language and also the programming language.

A real time design calculus has been developed for the transformation of a specification into a program, using a wide spectrum language which encompasses both levels.

The programming language has been designed to express assertions on the timed behaviour of programs. It features delay timing as present in occam and allows the programmer to specify upper bounds for the time spent for the execution of internal actions. A prototype compiler has been rigorously developed and partially proved correct.

The compilation of occam programs directly into synchronous hardware is being investigated, using Field Programmable Gate Array technology. The proof of correctness depends on using a realistic model of the underlying hardware. An approach has been adopted in which programs are compiled into a normal form that is a very restricted subset of the high level language, but is close to the actual hardware in form.

Trails have been made of HOL, the Boyer-Moore prover, Larch, Lambda, OBJ and PVS.
A ProCoS Working Group has been formed as a forum for a wider constituency of researchers in universities and in industry. Collaboration has been established with research teams in the United States, Brazil and Macao.

Verification support has been used as required.
APPROACH AND METHODS

(2), (3) and (4) above were included in PROCOS I. Each level is served by a theory and calculus designed to be at the most appropriate level of abstraction. It seems feasible to embed these separate formalisms in a single abstract mathematical theory, which ensures their mutual consistency, and defines a clear sense in which implementations conform to designs, designs to specifications, and specifications to requirements. This reduces the risk of error due to misunderstanding as a project moves from one phase to the next.

In PROCOS I concepts and proof techniques have been developed by concentrating collaboratively on a rather simple language and simple case studies. At the same time, we have developed theories that promise to deal successfully with a much more ambitious language, encompassing concurrency, communication, timing constraints, recursion, procedures and parameters.

Occam and the transputer have been chosen as the underlying programming language and machine architecture and subsets (or related and compatible supersets) of these are selected for study.

POTENTIAL

The partners use a selection of these features in somewhat more significant case studies, which are carried through all the stages listed above. PROCOS II will also seek a simplification of the technology to make it truly useful for engineers, and conduct further theoretical work to spearhead future advances.

Champ scientifique (EuroSciVoc)

CORDIS classe les projets avec EuroSciVoc, une taxonomie multilingue des domaines scientifiques, grâce à un processus semi-automatique basé sur des techniques TLN. Voir: Le vocabulaire scientifique européen.

• sciences naturelles informatique et science de l'information logiciel

Programme(s)

Programmes de financement pluriannuels qui définissent les priorités de l’UE en matière de recherche et d’innovation.

• FP3-ESPRIT 3 - Specific research and technological development programme (EEC) in the field of information technologies, 1990-1994

Thème(s)

Les appels à propositions sont divisés en thèmes. Un thème définit un sujet ou un domaine spécifique dans le cadre duquel les candidats peuvent soumettre des propositions. La description d’un thème comprend sa portée spécifique et l’impact attendu du projet financé.

Appel à propositions

Procédure par laquelle les candidats sont invités à soumettre des propositions de projet en vue de bénéficier d’un financement de l’UE.

Régime de financement

Régime de financement (ou «type d’action») à l’intérieur d’un programme présentant des caractéristiques communes. Le régime de financement précise le champ d’application de ce qui est financé, le taux de remboursement, les critères d’évaluation spécifiques pour bénéficier du financement et les formes simplifiées de couverture des coûts, telles que les montants forfaitaires.

Données non disponibles

Coordinateur

Participants (3)