Modeling OSEK/VDX OS Requirements in C

  title={Modeling OSEK/VDX OS Requirements in C},
  author={Yoohee Chung and Dongwoo Kim and Yunja Choi},
  journal={2017 24th Asia-Pacific Software Engineering Conference (APSEC)},
This paper presents an approach to use C language to model underlying operating systems widely used in the domain of automotive control software. The greatest benefit of using C, a programming language, which is used widely in this domain, is the elimination of the heterogeneity between OS model and control software. This enables us to formally verify control software while keeping its own characteristics such as function calls, the use of external libraries, and dynamic memory allocation. We… 
3 Citations

Figures and Tables from this paper

Model Checking Embedded Control Software using OS-in-the-Loop CEGAR
  • Dongwoo Kim, Yunja Choi
  • Computer Science
    2019 34th IEEE/ACM International Conference on Automated Software Engineering (ASE)
  • 2019
OiL-CEGAR (OS-in-the-Loop Counterexample-Guided Abstraction Refinement), a variant of CEGAR, greatly improves the accuracy and efficiency of property checking in this domain and is successively refined using the counterexamples generated from the composition model.
A review of OSEK/VDX application verification methods
This paper makes an introduction and review of OSEK/VDX application verification method, and the main shortcomings of current methods, which is the state explosion problem existing in verification procedure.
Automated Validation of IoT Device Control Programs Through Domain-Specific Model Generation
This work constructs a validation model by composing pre-defined behavioral patterns of an operating system that is compliant with the OSEK/VDX international standard and models of application programs abstracted w.r.t. interactions with the underlying operating system.


Modeling and Verifying the Code-Level OSEK/VDX Operating System with CSP
This paper employs process algebra CSP to describe and reason about a real code-level OSEK/VDX operating system and indicates that the whole system is deadlock-free and the scheduling scheme is sound with respect to the specification.
Yes! You Can Use Your Model Checker to Verify OSEK/VDX Applications
  • Haitao Zhang, T. Aoki, Yuki Chiba
  • Computer Science
    2015 IEEE 8th International Conference on Software Testing, Verification and Validation (ICST)
  • 2015
The approach described is that it can be considered as a front-end translator for enabling existing model checkers to verify OSEK/VDX applications, since the execution characteristics of OSEVX applications are different from the sequential software and general multi-threaded software.
Verifying OSEK/VDX OS Design Using Its Formal Specification
A framework to verify the design models of reactive systems against their specifications based on a simulation relation is proposed and shown, which shows the effectiveness and practicality of the framework based on the results of the case study.
Model checking Trampoline OS: a case study on safety analysis for automotive software
  • Yunja Choi
  • Computer Science
    Softw. Test. Verification Reliab.
  • 2014
Methods for converting the Trampoline kernel code into formal models for the model checker SPIN are presented, a series of experiments using an incremental verification approach, and the use of embedded C constructs for performance improvement are presented.
Model-Based API-Call Constraint Checking for Automotive Control Software
The checker converts application source code into formal models and checks violations of a set of pre-defined constraint patterns from OSEK/VDX international standard using model checker NuSMV by using formal models of the underlying operating system.
Verification of Temporal Properties in Automotive Embedded Software
A SystemC model from the original C program is derived in order to integrate directly with the SystemC temporal checker and performed a case study on an embedded software from automotive industry which is responsible for controlling read and write requests to a non-volatile memory.
A Spin-Based Approach for Checking OSEK/VDX Applications
This paper describes and develops an alternative approach to verify the OSEK/VDX applications based on the Spin and investigates the effectiveness of the bounded model checking approach and Spin-based approachbased on the experiments.
Integrated Static Analysis for Linux Device Driver Verification
It is shown that SLICx, together with CBMC, can be used to simulate preemption in multi-threaded code, and to find race conditions and to prove the absence of deadlocks and memory leaks.
Model-Based Verification of Energy-Aware Real-Time Automotive Systems
This work provides a mapping scheme as the basis for automatic model transformation between the extended EAST-ADL and priced timed automata for model checking and identifies potential conflicts between different automotive functions at an early stage of development.
Model checking C source code for embedded systems
A new model checker for source code for microcontrollers, called [mc]square, is developed and successfully applied to the same microcontroller program used in the case study.