Low level synchronisation problems in digital systems
We have briefly discussed a class of low level synchronisation faults which can occur in digital systems. Further we have shown the necessity of solving, or avoiding, this problem in static redundant faulttolerant systems in order that the redundancy masks faults rather than generates them.
It is generally accepted that it is desirable to use formal techniques in the development of High Integrity Systems, hence we turned out attention to the issue of formally designing systems so that they can be shown to be free from the above synchronisation problems. We outlined the difficulties of expressing such problems, and verifying their absence, in existing (and possibly any future) formal specification notations. In particular we discussed the difficulty of showing that an implicit specification of synchronisation can be refined to an explicit one, via the normal refinement paradigms.
We concluded by suggesting that an alternative paradigm is required in the formal development of High Integrity Systems. This involves a hierarchy of models, as well as a hierarchy of specifications, where the models represent generic solutions to implementation problems (such as synchronisation) which are outwith the purview of the specifications notation.
Whilst this is a novel concept which has not been validated in practice, it can be seen by analogy with the development of other critical (e.g. secure) systems, that this proposed approach warrants further study.
Unable to display preview. Download preview PDF.
- Boebert1985.B W Boebert et al, “Secure Ada Target: Issues, System Design and Verification”, Proceedings of the 1985 Symposium of Security and Privacy, IEEE (1985).Google Scholar
- Cullyer1985.W J Cullyer, “VIPER Microprocessor: Formal Specification”, RSRE Report 85013 (1985).Google Scholar
- Cullyer1987.W J Cullyer and C H Pygott, “Application of formal methods to the VIPER microprocessor”, Computers and Digital Techniques, IEE (1987).Google Scholar
- Esp1987.D G Esp, “Environment Based Specification of Real-Time Interlock and Control Systems”, CERL Report TPRD/L/ECS152/M87 (1987).Google Scholar
- Hayes1986.I Hayes (Editor), Specifcation Case Studies, Prentice Hall International (1986).Google Scholar
- Hoare1985.C A R Hoare, Communicating Sequential Processes, Prentice Hall (1985).Google Scholar
- McDermid1988.J A McDermid (Editor), Proceedings of Workshop on Theory and Practice of Refinement, 1988.Google Scholar
- Rescher1971.N Rescher and A Urquart, Temporal Logic, Springer-Verlag (1971).Google Scholar
- Shepherd1988.D Shepherd, “Using Formal Methods in VLSI Design”, in Proceedings of Workshop on Theory and Practice of Refinement, ed. J A McDermid (1988).Google Scholar