The Safety-Critical Java Mission Model: A Formal Account

  • Frank Zeyda
  • Ana Cavalcanti
  • Andy Wellings
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6991)


Safety-Critical Java (SCJ) is a restriction of the Real-Time Specification for Java to support the development and certification of safety-critical applications. It is the result of an international effort from industry and academia. Here we present the first formalisation of the SCJ execution model, covering missions and event handlers. Our formal language is part of the Circus family; at the core, we have Z, CSP, and Morgan’s calculus, but we also use object-oriented and timed constructs from the OhCircus and CircusTime variants. Our work is a first step in the development of refinement-based reasoning techniques for SCJ.


Circus real-time systems models verification RTSJ 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Beckert, B., Hähnle, R., Schmitt, P.H. (eds.): Verification of Object-Oriented Software. LNCS (LNAI), vol. 4334. Springer, Heidelberg (2007)Google Scholar
  2. 2.
    Brooke, P., Paige, R., Jacob, J.: A CSP model of Eiffel’s SCOOP. Formal Aspects of Computing 19(4), 487–512 (2007)CrossRefzbMATHGoogle Scholar
  3. 3.
    Burdy, L., Cheon, Y., Cok, D.R., Ernst, M.D., Kiniry, J.R., Leavens, G.T., Leino, K.R.M., Poll, E.: An overview of JML tools and applications. Software Tools for Technology Transfer 7(3), 212–232 (2005)CrossRefGoogle Scholar
  4. 4.
    Burns, A.: The Ravenscar Profile. ACM SIGAda Ada Letters XIX, 49–52 (1999)CrossRefGoogle Scholar
  5. 5.
    Cavalcanti, A., Sampaio, A., Woodcock, J.: A Refinement Strategy for Circus. Formal Aspects of Computing 15(2-3), 146–181 (2003)CrossRefzbMATHGoogle Scholar
  6. 6.
    Cavalcanti, A., Sampaio, A., Woodcock, J.: Unifying classes and processes. Software Systems and Modeling 4(3), 277–296 (2005)CrossRefGoogle Scholar
  7. 7.
    Cavalcanti, A., Wellings, A., Woodcock, J.: The Safety-Critical Java Memory Model: A Formal Account. In: Butler, M., Schulte, W. (eds.) FM 2011. LNCS, vol. 6664, pp. 246–261. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  8. 8.
    The Open Group. Safety Critical Java Technology Specification. Technical Report JSR-302, Java Community Process (January 2011)Google Scholar
  9. 9.
    Haddad, G., Hussain, F., Leavens, G.T.: The Design of SafeJML, A Specification Language for SCJ with Support for WCET Specification. In: JTRES. ACM, New York (2010)Google Scholar
  10. 10.
    Harwood, W., Cavalcanti, A., Woodcock, J.: A Theory of Pointers for the UTP. In: Fitzgerald, J.S., Haxthausen, A.E., Yenigun, H. (eds.) ICTAC 2008. LNCS, vol. 5160, pp. 141–155. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  11. 11.
    Henties, T., Hunt, J., Locke, D., Nilsen, K., Schoeberl, M., Vitek, J.: Java for Safety-Critical Applications. In: SafeCert (2009)Google Scholar
  12. 12.
    Hoare, C.A.R.: Communicating Sequential Processes. Prentice-Hall, Englewood Cliffs (1985)zbMATHGoogle Scholar
  13. 13.
    Hoare, C.A.R., Jifeng, H.: Unifying Theories of Programming. Prentice-Hall, Englewood Cliffs (1998)zbMATHGoogle Scholar
  14. 14.
    Kalibera, T., Parizek, P., Malohlava, M.: Exhaustive Testing of Safety Critical Java. In: JTRES. ACM, New York (2010)Google Scholar
  15. 15.
    Morgan, C.C.: Programming from Specifications, 2nd edn. Prentice-Hall, Englewood Cliffs (1994)zbMATHGoogle Scholar
  16. 16.
    Oliveira, M., Cavalcanti, A., Woodcock, J.: A UTP Semantics for Circus. Formal Aspects of Computing 21(1-2), 3–32 (2009)CrossRefzbMATHGoogle Scholar
  17. 17.
    Santos, T., Cavalcanti, A., Sampaio, A.: Object-Orientation in the UTP. In: Dunne, S., Stoddart, B. (eds.) UTP 2006. LNCS, vol. 4010, pp. 18–37. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  18. 18.
    Sherif, A., Cavalcanti, A., Jifeng, H., Sampaio, A.: A process algebraic framework for specification and validation of real-time systems. Formal Aspects of Computing 22(2), 153–191 (2009)CrossRefzbMATHGoogle Scholar
  19. 19.
    Spivey, J.: The Z Notation: A Reference Manual. Prentice-Hall, Englewood Cliffs (1992)zbMATHGoogle Scholar
  20. 20.
    Tang, D., Plsek, A., Vitek, J.: Static Checking of Safety Critical Java Annotations. In: JTRES, pp. 148–154. ACM, New York (2010)Google Scholar
  21. 21.
    Wellings, A.: Concurrent and Real-Time Programming in Java. Wiley, Chichester (2004)Google Scholar
  22. 22.
    Wellings, A., Kim, M.: Asynchronous event handling and safety critical Java. In: JTRES, ACM, New York (2010)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • Frank Zeyda
    • 1
  • Ana Cavalcanti
    • 1
  • Andy Wellings
    • 1
  1. 1.University of YorkYorkUK

Personalised recommendations