Abstract
Ada is unique amongst modern high-level languages in the degree to which it allows programming errors to be trapped at the compilation stage. Using a tool like the SPARK Examiner amplifies this effect and can provide a high degree of confidence that a program is well formed before we try and verify that its behaviour is correct. Despite this progress a less tractable class of errors remain: run-time exceptions. For safety-related systems a run-time error may be just as hazardous as any other logical error. For secure systems, guarding against the deliberate generation of such errors-through buffer overflow attacks for example-is vital. The paper explains how automated techniques based on formal verification or proof techniques have now matured and provide an industrial strength solution.
- Jon Garnsworthy, Ian O'Neill, Barnard Carré. Automatic Proof of the Absence of Run-Time Errors. In Ada: Towards Maturity - Proceedings of the 1993 AdaUK conference. IOS Press. ISBN 9051991428.]]Google Scholar
- RTCA-EUROCAE. Software Considerations in Airborne Systems and Equipment Certification. DO-178B / ED-12B.]]Google Scholar
- Common Criteria for Information Technology Security Evaluation. ISO Standard 15408. http://csrc.nist.gov/cc]]Google Scholar
- John Barnes. High Integrity Ada: The SPARK Approach. Addison Wesley, 1997 (reprinted 2001) ISBN 0201175177. http://www.sparkada.com/]]Google Scholar
- Ross Anderson. Security Engineering. Wiley, 2001. ISBN 0471389226.]]Google Scholar
- Robert Dewar, Olivier Hainque, Dirk Craeynest, Philippe Waroquiers. Exposing Uninitialized Variables: Strengthening and Extending Run-Time Checks in Ada. Proceedings of Reliable Software Technologies - Ada Europe 2002. Springer-Verlag LNCS 2361. pp. 193--204.]] Google Scholar
Digital Library
- Steve King, Jonathan Hammond, Roderick Chapman, Andy Pryor. Is Proof More Cost-Effective than Testing? IEEE Transactions on Software Engineering, Volume 26, Number 8, August 2000.]] Google Scholar
Digital Library
- Darren Foulger, Steve King. Using the SPARK toolset for Showing the Absence of Run-Time Errors in Safety-Critical Software. in Reliable Software Technologies - Ada-Europe 2001. Springer-Verlag LNCS 2043. pp. 229--240.]] Google Scholar
- Liz Whiting, Mike Hill. Safety Analysis of the Hawk In-Flight Monitor. Presented at the 1999 ACM SIGPLAN Workshop on Program Analysis for Software Tools and Engineering, Toulouse, France.]] Google Scholar
Digital Library
- Kent Beck. Extreme Programming Explained. Addison Wesley. ISBN 0201616416.]] Google Scholar
Digital Library
- Roderick Chapman, Alan Burns, Andy Wellings. Combining Static Worst-Case Timing Analysis and Program Proof. Real-Time Systems Journal. Volume 11, pp. 145--171. Kluwer Academic Publishers, 1996.]] Google Scholar
Digital Library
- Butler, Ricky W.; and Finelli, George B.: The Infeasibility of Quantifying the Reliability of Life-Critical Real-Time Software. IEEE Transactions on Software Engineering, vol. 19, no. 1, Jan. 1993, pp 3--12.]] Google Scholar
Digital Library
- Littlewood, Bev; and Strigini, Lorenzo: Validation of Ultrahigh Dependability for Software-Based Systems. CACM 36(11): 69--80 (1993).]] Google Scholar
Digital Library
- Littlewood, B: Limits to evaluation of software dependability. In Software Reliability and Metrics (Procedings of Seventh Annual CSR Conference, Garmisch-Partenkirchen). N. Fenton and B. Littlewood. Eds. Elsevier, London, pp. 81--110.]]Google Scholar
- Bergeretti and Carré: Information-flow and data-flow analysis of while-programs. ACM Transactions on Programming Languages and Systems 1985.]] Google Scholar
Digital Library
- Finnie, Gavin et al: SPARK95 - The SPADE Ada95 Kernel. Edition 3.0, July 2002, Praxis Critical Systems.]]Google Scholar
- http://pvs.csl.sri.com/]]Google Scholar
- http://www.polyspace.com/]]Google Scholar
- Taft et. al. Consolidated Ada Reference Manual: Language and Standard Libraries. Springer-Verlag Berlin, January 2001. LNCS 2219. ISBN 3540430385.]]Google Scholar
Index Terms
Industrial strength exception freedom
Recommendations
Industrial strength exception freedom
SIGAda '02: Proceedings of the 2002 annual ACM SIGAda international conference on Ada: The engineering of correct and reliable software for real-time & distributed systems using Ada and related technologiesAda is unique amongst modern high-level languages in the degree to which it allows programming errors to be trapped at the compilation stage. Using a tool like the SPARK Examiner amplifies this effect and can provide a high degree of confidence that a ...
MP1: languages for safety-critical software: issues and assessment
SIGAda '08: Proceedings of the 2008 ACM annual international conference on SIGAda annual international conferenceLevel - Intermediate.
This intermediate-level tutorial is aimed at people with a technical background in software development. No previous experience with safety-critical standards is required. Some familiarity with one or more of C, C++, Ada, or Java ...
Data-Oriented Exception Handling
Exception handling mechanisms were added to programming languages to segregate normal algorithmic processing from error processing. However, handlers which are typically associated with exceptions through a program's control features, clutter source ...







Comments