Formal Development of a Real-Time Operating System Memory Manager

@article{Su2015FormalDO,
  title={Formal Development of a Real-Time Operating System Memory Manager},
  author={Wen Su and Jean-Raymond Abrial and Geguang Pu and Bin Fang},
  journal={2015 20th International Conference on Engineering of Complex Computer Systems (ICECCS)},
  year={2015},
  pages={130-139}
}
  • Wen Su, J. Abrial, Bin Fang
  • Published 9 December 2015
  • Computer Science
  • 2015 20th International Conference on Engineering of Complex Computer Systems (ICECCS)
This paper presents the formal development of the memory management module of a real time operating system. The interesting feature of this type of memory manager is that its dynamic memory allocation/reallocation mechanism behaves in O(1) (no loops). This brings a serious challenge on the "correct by construction" approach used to build this kind of system. This is due to the necessity to elaborate some delicate algorithms associated with complex data structures. To overcome this challenge, we… 

Figures and Tables from this paper

Formal modelling of list based dynamic memory allocators
TLDR
This paper provides formal models for a full class of dynamic memory allocators, the class using various kinds of lists to manage the memory blocks controlled by the DMA, and organises these models in a hierarchy ranked by refinement relations to obtain reusable formal models and tractable formal reasoning.
A refinement hierarchy for free list memory allocators
TLDR
This paper provides formal models for a full class of DMA, the free list class, in a hierarchy ranked by refinement relations and proves the soundness of models and refinement relations using an off-the-shelf theorem prover.
Rely-Guarantee Reasoning About Concurrent Memory Management in Zephyr RTOS
TLDR
This paper develops a fine-grained formal specification of the buddy memory management in Zephyr RTOS and uses the rely-guarantee technique to conduct the compositional verification of functional correctness and invariant preservation.
A Verified Specification of TLSF Memory Management Allocator Using State Monads
TLDR
This paper presents a verified Two-Level Segregated Fit (TLSF) memory management model, a dynamic memory allocator designed for real-time operating systems, and formalizes the specification of TLSF algorithm based on the client requirements.
Fine-Grained Formal Specification and Analysis of Buddy Memory Allocation in Zephyr RTOS
TLDR
This paper provides a fine-grained formal specification of buddy memory allocation and formally verify its safety via invariants and functional correctness and found a functional flaw in the C code.
A framework for OS portability: from formal models to low-level code
TLDR
The framework presented in this work has the potential to not only improve portability, but also overall maintainability and system dependability, as it combines verification and code generation.
A Model-Based Concept for RTOS Portability
TLDR
A novel approach towards portability of embedded RTOSs based on the formal, hardware-independent and detailed specification of RTOS kernels, with additional models of relevant MCU properties and instruction set architectures (ISA), able to generate low level RTOS code for different target architectures.
Formal Verification of a Hybrid IoT Operating System Model
TLDR
A hybrid model for an IoT operating system and employs the Event-B method for modeling and verification is proposed and a large proportion of the proof obligations are automatically proven on the Rodin platform to simplify the development process.
Software Engineering and Formal Methods: 18th International Conference, SEFM 2020, Amsterdam, The Netherlands, September 14–18, 2020, Proceedings
TLDR
The approach and preliminary results undertaken in the project EXOSOUL are presented, aimed at equipping humans with an automatically generated exoskeleton, a software shield that protects and empowers them and their personal data in all interactions with the digital world by mediating or discarding those ones that would result in unacceptable or morally wrong behaviors according to the user’s ethical and privacy preferences.
Techniques for formal modelling and verification on dynamic memory allocators. (Techniques de modélisation et de vérification formelles des allocateurs de mémoire dynamiques)
Cette these est une contribution a la specification et a la verification formelles des allocateurs de memoire dynamiques sequentiels (SDMA, en abrege), qui sont des composants cles des systemes
...
...

References

SHOWING 1-10 OF 37 REFERENCES
TLSF: a new dynamic memory allocator for real-time systems
TLDR
A DSA algorithm called two-level segregated fit memory allocator (TLSF), developed specifically to be used by RTOS, is introduced and provides explicit allocation and deallocation of memory blocks with a temporal cost /spl Theta/(1).
seL4: formal verification of an OS kernel
TLDR
To the knowledge, this is the first formal proof of functional correctness of a complete, general-purpose operating-system kernel.
Compositional Verification of a Baby Virtual Memory Manager
TLDR
A framework that assists in creation of verification systems for each layer and refinements between the layers is developed, and a certification of BabyVMM, a small VMM designed for simplified hardware is produced.
Automatic Generation of C from Event-B
TLDR
The requirements of such a tool are discussed, the B2C extension to RODIN that has been developed to meet these needs is introduced, and its use on a practical example is described.
Real-time performance of dynamic memory allocation algorithms
  • I. Puaut
  • Computer Science
    Proceedings 14th Euromicro Conference on Real-Time Systems. Euromicro RTS 2002
  • 2002
TLDR
Detailed average and worst-case measurements of the timing performance of a comprehensive panel of dynamic memory allocators are given to provide a guideline to developers of real-time systems to choose whether to use dynamic memory management or not, and which dynamic allocation algorithm should be preferred from the viewpoint of predictability.
A constant-time dynamic storage allocator for real-time systems
TLDR
TLSF (Two Level Segregated Fit) is presented, which is designed and implemented to accommodate real-time constraints and exhibits time-bounded behaviour, O(1), and maintains a very good execution time.
Derivation of concurrent programs by stepwise scheduling of Event-B models
TLDR
This paper shows how to introduce explicit control flow for the concurrent sub-models in the form of event schedules to provide process-oriented specifications of the programs to complement the state-based approach in Event-B, as well as to facilitate more efficient implementation of the models.
Code Generation for Event-B
TLDR
This work presents an approach to generating program code from Event-B models that is correct-by-construction, and provides a simple yet powerful scheduling language that allows one to specify an execution sequence of the model's guarded events where assertions are used to express properties established by the event execution sequence, which are necessary for well-definedness and refinement proofs.
Creating Sequential Programs from Event-B Models
TLDR
The conclusion is that using patterns, it is feasible to derive efficient sequential programs from event-based specifications in many cases.
Towards verified virtual memory in L4
TLDR
An abstract model of the virtual memory subsystem in L4 is described, safety properties about this model are proved, and refinement of the abstract model is described towards the implementation of L4.
...
...