Learn More
This paper describes an experiment to use the Spin model checking system to support automated verification of time partitioning in the Honeywell DEOS real-time scheduling kernel. The goal of the experiment was to investigate whether model checking could be used to find a subtle implementation error that was originally discovered and fixed during the(More)
Group communication is a widely studied paradigm for building fault-tolerant distributed systems. The Armada project at the University of Michigan is a collaborative effort with the Honeywell Technology Center to study how real-world applications use group communication. In this paper, we describe the results of our experience implementing a fault-tolerant(More)
In this paper, we describe our application of SPIN 11 to model an algorithm used to synchronize the clocks of modules that provide periodic real-time communication over a network. We used the SPIN model to check certain performance properties of the system; in particular , we w ere able to verify that the algorithm achieves synchronization within a time(More)
Time partitioning is a crucial property for integrated moduIar avionics architectures, particularly those in which applications of different criticalities run on the same processor. In a time-partitioned operating system, the scheduler is responsible for ensuring that the actions of one thread cannot affect other threads' guaranteed access to CPU execution(More)
  • 1