Skip to main content
SpringerLink
Log in

Taming Interrupts for Verifying Industrial Multifunction Vehicle Bus Controllers

  • Conference paper
  • First Online:
FM 2016: Formal Methods (FM 2016)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 9995))

Included in the following conference series:

Abstract

Multifunction Vehicle Bus controllers (MVBC) are safety-critical sub-systems in the industrial train communication network. As an interrupt-driven system, MVBC is practically hard to verify. The reasons are twofold. First, MVBC introduces the concurrency semantics of deferred interrupt handlers and communication via hardware registers, making existing formalism infeasible. Second, verifying MVBC requires considering the environmental features (i.e., interrupt ordering), which is hard to model and reason. To overcome these limitations, we proposed a novel framework for formal verification on MVBC. First, we formalized the concurrency semantics of MVBC and described a sequentialization technique so that well-designed sequential analyses can be performed. Moreover, we introduced the happen-before interrupt graph to model interrupt dependency and further eliminate false alarms. The framework scaled well on an industrial MVBC product from CRRC Inc. and found 3 severe software bugs, which were all confirmed by engineers.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    http://ecos.sourceware.org/.

References

  1. Brylow, D., Damgaard, N., Palsberg, J.: Static checking of interrupt-driven software. In: ICSE 2001, pp. 47–56 (2001)

    Google Scholar 

  2. Clarke, E., Kroening, D., Lerda, F.: A tool for checking ANSI-C programs. In: Jensen, K., Podelski, A. (eds.) TACAS 2004. LNCS, vol. 2988, pp. 168–176. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  3. Emmi, M., Lal, A., Qadeer, S.: Asynchronous programs with prioritized task-buffers. In: FSE 2012, pp. 48:1–48:11. ACM, New York (2012)

    Google Scholar 

  4. Inverso, O., Tomasco, E., Fischer, B., La Torre, S., Parlato, G.: Bounded model checking of multi-threaded C programs via lazy sequentialization. In: Biere, A., Bloem, R. (eds.) CAV 2014. LNCS, vol. 8559, pp. 585–602. Springer, Heidelberg (2014)

    Google Scholar 

  5. Jiang, Y., et al.: Design and optimization of multiclocked embedded systems using formal techniques. TIE 62, 1270–1278 (2015)

    Google Scholar 

  6. Jiang, Y., et al.: Design of mixed synchronous/asynchronous systems with multiple clocks. TPDS 26, 2220–2232 (2015)

    Google Scholar 

  7. Kidd, N., Jagannathan, S., Vitek, J.: One stack to run them all: reducing concurrent analysis to sequential analysis under priority scheduling. In: Pol, J., Weber, M. (eds.) SPIN 2010. LNCS, vol. 6349, pp. 245–261. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  8. Lal, A., Reps, T.: Reducing concurrent analysis under a context bound to sequential analysis. FMSD 35(1), 73–97 (2009)

    MATH  Google Scholar 

  9. Liu, H., et al.: idola: bridge modeling to verification and implementation of interrupt-driven systems. In: TASE, pp. 193–200 (2014)

    Google Scholar 

  10. Qadeer, S., Wu, D.: Kiss: keep it simple and sequential. In: PLDI 2004, pp. 14–24 (2004)

    Google Scholar 

  11. Schlich, B., Noll, T., Brauer, J., Brutschy, L.: Reduction of interrupt handler executions for model checking embedded software. In: Namjoshi, K., Zeller, A., Ziv, A. (eds.) HVC 2009. LNCS, vol. 6405, pp. 5–20. Springer, Heidelberg (2011). doi:10.1007/978-3-642-19237-1_5

    Chapter  Google Scholar 

  12. Schwarz, D., et al.: Static analysis of interrupt-driven programs synchronized via the priority ceiling protocol. In: POPL, pp. 93–104 (2011)

    Google Scholar 

  13. Tomasco, E., Inverso, O., Fischer, B., Torre, S., Parlato, G.: Verifying concurrent programs by memory unwinding. In: Baier, C., Tinelli, C. (eds.) TACAS 2015. LNCS, vol. 9035, pp. 551–565. Springer, Heidelberg (2015). doi:10.1007/978-3-662-46681-0_52

    Google Scholar 

  14. Wu, X., Chen, L., Mine, A., Dong, W., Wang, J.: Numerical static analysis of interrupt-driven programs via sequentialization. In: EMSOFT 2015, pp. 55–64 (2015)

    Google Scholar 

Download references

Acknowledgement

This research is sponsored by NSFC Program (No.91218 302, No.61527812), National Science and Technology Major Project (N0.16ZX010 38101), MIIT IT funds (Research and application of TCN key technologies ) of China, and National Key Technology R&D Program (No.2015BAG14B01-02).

Author information

Authors and Affiliations

  1. Key Laboratory for Information System Security, Ministry of Education, Beijing, China

    Han Liu, Yu Jiang, Huafeng Zhang, Ming Gu & Jiaguang Sun

  2. Tsinghua National Laboratory for Information Science and Technology, Beijing, China

    Han Liu, Yu Jiang, Huafeng Zhang, Ming Gu & Jiaguang Sun

  3. School of Software, Tsinghua University, Beijing, China

    Han Liu, Yu Jiang, Huafeng Zhang, Ming Gu & Jiaguang Sun

  4. China Railway Rolling Stock Corporation (CRRC), Beijing, China

    Ming Gu

Authors
  1. Han Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yu Jiang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Huafeng Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Ming Gu
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Jiaguang Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Han Liu .

Editor information

Editors and Affiliations

  1. Newcastle University, Newcastle upon Tyne, United Kingdom

    John Fitzgerald

  2. US Naval Research Laboratory, Washington, District of Columbia, USA

    Constance Heitmeyer

  3. ISTI-CNR, Pisa, Italy

    Stefania Gnesi

  4. University of Cyprus, Nicosia, Cyprus

    Anna Philippou

Rights and permissions

Reprints and permissions

Copyright information

© 2016 Springer International Publishing AG

About this paper

Cite this paper

Liu, H., Jiang, Y., Zhang, H., Gu, M., Sun, J. (2016). Taming Interrupts for Verifying Industrial Multifunction Vehicle Bus Controllers. In: Fitzgerald, J., Heitmeyer, C., Gnesi, S., Philippou, A. (eds) FM 2016: Formal Methods. FM 2016. Lecture Notes in Computer Science(), vol 9995. Springer, Cham. https://doi.org/10.1007/978-3-319-48989-6_48

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-48989-6_48

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-48988-9

  • Online ISBN: 978-3-319-48989-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation