Reliable Software Technologies Ada-Europe 2000: 5th Ada-Europe International Conference Potsdam, Germany, June 26-30, 2000, Proceedings (Lecture Notes in Computer Science, 1845) 9783540676690, 3540676694

Citation preview

Lecture Notes in Computer Science Edited by G. Goos, J. Hartmanis, and J. van Leeuwen

1845

Berlin Heidelberg New York Barcelona Hong Kong London Milan Paris Singapore Tokyo

Hubert B. Keller Erhard Pl¨odereder (Eds.)

Reliable Software Technologies Ada-Europe 2000 5th Ada-Europe International Conference Potsdam, Germany, June 26-30, 2000 Proceedings

Series Editors Gerhard Goos, Karlsruhe University, Germany Juris Hartmanis, Cornell University, NY, USA Jan van Leeuwen, Utrecht University, The Netherlands Volume Editors Hubert B. Keller Forschungszentrum Karlsruhe, Institut f¨ur Angewandte Informatik Hermann-von-Helmholtz-Platz 1, 76344 Eggenstein-Leopoldshafen, Germany E-mail: [email protected] Erhard Pl¨odereder Universit¨at Stuttgart, Institut f¨ur Informatik Breitwiesenstr. 20-22, 70565 Stuttgart, Germany E-mail: [email protected]

Cataloging-in-Publication Data applied for Die Deutsche Bibliothek - CIP-Einheitsaufnahme Reliable software technologies Ada Europe 2000 : Potsdam, Germany, June 26 - 30, 2000 ; proceedings / Hubert B. Keller ; Erhard Plöderer (ed.). - Berlin ; Heidelberg ; New York ; Barcelona ; Hong Kong ; London ; Milan ; Paris ; Singapore ; Tokyo : Springer, 2000 (... Ada-Europe international conference ... ; 5) (Lecture notes in computer science ; Vol. 1845) ISBN 3-540-67669-4

CR Subject Classification (1998): D.2, D.1.2-5, D.3, D.4, C.2.4, C.3, K.6 ISSN 0302-9743 ISBN 3-540-67669-4 Springer-Verlag Berlin Heidelberg New York This work is subject to copyright. All rights are reserved, whether the whole or part of the material is concerned, specifically the rights of translation, reprinting, re-use of illustrations, recitation, broadcasting, reproduction on microfilms or in any other way, and storage in data banks. Duplication of this publication or parts thereof is permitted only under the provisions of the German Copyright Law of September 9, 1965, in its current version, and permission for use must always be obtained from Springer-Verlag. Violations are liable for prosecution under the German Copyright Law. Springer is a company in the BertelsmannSpringer publishing group. c Springer-Verlag Berlin Heidelberg 2000  Printed in Germany Typesetting: Camera-ready by author, data conversion by DA-TeX Gerd Blumenstein Printed on acid-free paper SPIN: 10722060 06/3142 543210

Foreword

The Fifth International Conference on Reliable Software Technologies, AdaEurope 2000, took place in Potsdam, Germany, June 26–30, 2000. It was organized by Ada Deutschland and sponsored by Ada-Europe, the European federation of national Ada societies, in cooperation with ACM SIGAda and the Gesellschaft f¨ ur Informatik (GI). We gratefully acknowledge additional sponsorship by the DFG, the German Research Foundation, and by the Forschungszentrum Karlsruhe. This year’s conference marked the 20th anniversary of consecutive annual Ada-Europe conferences and the fifth year of a conference focusing on the general area of software reliability, in which Ada excels as one of the supporting technologies. The Y2K problem has put the importance of software reliability into the limelight of media and political attention. Luckily, the dire predictions about potentially disastrous failures of critical systems did not prove true at the turn of the year, most likely because an incredible effort was made to update existing software, modernize systems, check-out backup mechanisms, and so on. One cannot but wonder how much more reliable the software could have been if only a percentage of the funds spent on the Y2K problem had gone into enhancements of reliability during the development and maintenance of the software. We are witnessing a rapid growth of software components in cars, trains, planes, phones, control of biological, chemical, and manufacturing plants, and many other products and processes, where reliability is not just a nice-to-have but a hard requirement. It is not an overstatement to note that our daily life is beginning to literally depend on the reliability of the software embedded in products. Yet such reliability does not come about by accident. It needs to be infused into the software and the processes of the software life cycle by the application of appropriate techniques and technologies. The conference on Reliable Software Technologies provides the forum for researchers, developers, and users to share their research results, present tools, report on experiences, and discuss requirements that have recently arisen from the ever-changing application domains. As in past years, the conference comprised a three-day technical program, at which the papers contained in these proceedings were presented, along with short presentations on related topics. The technical program was bracketed by two tutorial days, when attendees had an opportunity to catch up on a variety of topics related to the field, at both introductory and advanced levels. Further, the conference was accompanied by an exhibition at which vendors presented their reliability-related products. The notably increased size of the exhibition demonstrates that the market place is beginning to react to the importance of reliability engineering. This year’s conference comprised a truly international program. Authors from Argentina, Australia, Austria, Canada, China, France, Germany, Italy, Japan, Norway, Spain, Sweden, Switzerland, United Kingdom, and the USA presented

VI

Foreword

their results. A total of 23 papers were accepted for the proceedings and eight additional contributions were accepted for presentation at the conference. Two conference sessions were reserved for presentations by vendors of products supporting the development and management of reliable software. Each conference day was opened by a keynote presentation. The keynote speakers and their themes were: • Rainer Zimmermann, Head of Unit E2, Directorate General Information Society, European Commission, Brussels, Belgium: Support of Technology Development in the Information Society • Reto Weiss, Kingcat MCAS Project Manager, Paranor AG, Wahlendorf, Switzerland: Kingcat MCAS – Monitoring, Control and Alarm System for a Luxury Motor Yacht Implemented in Ada and Java • Brian Pflug, Chief Engineer, Simulation & Software Engineering, Boeing Commercial Airplanes, Seattle, USA: Ada after 10 Years of Usage – Is There a Commercial Future? We would like to express our sincere gratitude to these distinguished speakers, well known to the community, for sharing their insights and information with the audience. The tutorial program featured international experts presenting introductory and advanced material on a variety of subjects relevant to software engineers: • Java for Ada Programmers, Ben Brosgol • Real-Time POSIX , Michael Gonz´ alez Harbour • Ada95 for Beginners and Ada95 for Ada83 Programmers, David Cook and Les Dupaix • Software Metrology Basics – Measurement, Assessment, and Certification of Procedures, Objects, and Agents, Hans-Ludwig Hausen • The HOOD 4 Design Method , Jean-Pierre Rosen • Tree-Based Reliability Models (TBRMs) for Early Reliability Measurement and Improvement , Jeff Tian • Implementing Design Patterns in Ada95 , Matthew Heaney • High Integrity Ada Tasking, John Harbaugh • GtkAda, An Ada95 Object-Oriented Graphic Toolkit, Emmanuel Briot • Building Ada Development Tools with ASIS for GNAT , Sergey Rybin and Vasily Fofanov ¨ • Windows Development with Ada, Orjan Leringe • Developing Ada Applications for the Java Platform with JGNAT , Franco Gasperoni Many people contributed to the success of the conference. The program committee spent part of their Christmas vacation carefully reviewing all the papers and providing detailed evaluations. A subcommittee comprising Lars Asplund, Johann Blieberger, Michael Gonz´ alez, Hubert Keller, Erhard Pl¨ odereder, and J¨ urgen Winkler met on a Sunday in January to compose the program based on

Foreword

VII

the reviews. Some committee members shepherded papers to their final versions. We thank the committee for its dedication and hard work. A great help in organizing the paper review were the Start Conference Manager, provided free of charge by Rich Gerber, and Michael H¨ udepohl who administered this WWWbased paper submission and review system at the University of Stuttgart. The organizing committee deserves special mention. Peter Dencker put together an exhibition of unprecedented scope. Theodor Tempelmeier composed the attractive tutorial program. And always helping the organizers was Alfred Strohmeier, Ada-Europe’s Conference Liaison. We also would like to thank Christine Harms, who handled the registration and the local organization at Potsdam. Foremost, however, we express our appreciation to the authors of the papers submitted to the conference, and to the participants who came to exchange their ideas and results. Without you, there would be no conference. We hope that you were satisfied by the technical program of the conference and enjoyed the social events of this Fifth International Conference on Reliable Software Technologies.

April 2000

Hubert Keller Erhard Pl¨ odereder

Organizing Committee Conference Chair Hubert B. Keller, Forschungszentrum Karlsruhe, Institute of Applied Computer Science, Germany Program Co-chairs Hubert B. Keller, Forschungszentrum Karlsruhe, Institute of Applied Computer Science, Germany Erhard Pl¨ odereder, University of Stuttgart, Institute of Informatics, Germany Tutorial Chair Theodor Tempelmeier, FH Rosenheim, Dept. of Informatics, Germany Exhibition Chair Peter Dencker, Aonix GmbH, Germany Poster and Publicity Chair Michael Tonndorf, CSC Pl¨ onzke, Germany Ada-Europe Conference Liaison Alfred Strohmeier, Swiss Federal Institute of Technology in Lausanne Conference Secretariat Christine Harms, c/o GMD Forschungszentrum Informationstechnik GmbH, Germany

Committee

IX

Program Committee ´ ´ Angel Alvarez, Technical University of Madrid Lars Asplund, Uppsala University Ted Baker, Florida State University St´ephane Barbey, Paranor AG John Barnes, JBI Johann Blieberger, Technical University Vienna Jim Briggs, University of Portsmouth Benjamin Brosgol, Ada Core Technologies, Inc. Dirk Craeynest, OFFIS nv/sa Peter Dencker, Aonix GmbH Marc Gobin, Royal Military Academy, Belgium Peter G¨ ohner, University of Stuttgart Gerhard Goos, University of Karlsruhe Michael Gonz´ alez Harbour, Universidad de Cantabria G¨ unter Hommel, TU Berlin Yvon Kermarrec, ENST de Bretagne Fabrice Kordon, Universit´e P. & M. Curie Rudolf Landwehr, CCI Franco Mazzanti, Istituto di Elaborazione della Informazione, CNR Paolo Panaroni, Intecs Sistemi Laurent Pautet, ENST Paris Jean-Pierre Rosen, Adalog Edmond Schonberg, New York University & ACT Alfred Strohmeier, Swiss Federal Institute of Technology, Lausanne S. Tucker Taft, AverStar, Inc. Theodor Tempelmeier, FH Rosenheim Tullio Vardanega, European Space Agency Debora Weber-Wulff, TFH Berlin Andy Wellings, University of York J¨ urgen Winkler, University of Jena

Table of Contents

Invited Presentations Support of Technology Development in the Information Society . . . . . . . . . . . . . 1 Rainer Zimmermann Kingcat MCAS - Monitoring, Control and Alarm System for a Luxury Motor Yacht Implemented in Ada and Java . . . . . . . . . . . . . . . . . . . . . . . 2 Reto Weiss Ada after 10 Years of Usage - Is There a Commercial Future? . . . . . . . . . . . . . . . 4 Bryan Pflug An Open Ravenscar Real-Time Kernel for GNAT . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Juan A. de la Puente, Jos´e F. Ruiz and Juan Zamorano Real-Time and Safety-Critical Systems Object-Oriented Programming and Protected Objects in Ada 95 . . . . . . . . . . . 16 Andy J. Wellings, Bob Johnson, Bo Sanden, J¨ org Kienzle, Thomas Wolf and Stephen Michell Is an Ada Lint Necessary? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 Bj¨ orn K¨ allberg Session: Tools Using JavaTM APIs with Native Ada Compilers . . . . . . . . . . . . . . . . . . . . . . . . . . . 41 Shayne Flint and Brian Dobbing Static Worst-Case Execution Time Analysis of Synchronous Programs . . . . . .56 Thomas Ringler A Supporting Tool for Development of Self-Measurement Ada Programs . . . 69 Yusuke Nonaka, Jingde Cheng and Kazuo Ushijima Session: APIs and Components On Persistent and Reliable Streaming in Ada . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82 J¨ org Kienzle and Alexander Romanovsky Reengineering the Booch Component Library . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96 Jordi Marco and Xavier Franch

XII

Table of Contents

GtkAda: Design and Implementation of a High Level Binding in Ada . . . . . 112 Emmanuel Briot, Jo¨el Brobecker and Arnaud Charlet Session: ASIS ASIS-for-GNAT: A Report of Practical Experiences . . . . . . . . . . . . . . . . . . . . . . . 125 Sergey Rybin, Alfred Strohmeier, Vasiliy Fofanov and Alexei Kuchumov Generation of Interface Design Description Documents Using ASIS . . . . . . . . 138 Steven V. Hovater, William Marksteiner and Allen Butturini An Ada95 Programming Style Checker Using the GNAT ASIS Implementation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149 Patrick Closhen and Hans-J¨ urgen Hoffmann Session: Risk and Reliability Management Enhancements in Software Project Risk Management . . . . . . . . . . . . . . . . . . . . . 161 Peter Wieland, Frode Høgberg and Kristin Strømseng Constructing Reliable Embedded Systems Using the Results of System Safety Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 173 Giuseppe Mauri and Stefan Scheer An Application of the Chains-of-Rare-Events Model to Software Development Failure Prediction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .185 N´estor R. Barraza, Jonas D. Pfefferman, Bruno Cernuschi-Fr´ıas and F´elix Cernuschi Session: UML Analysis, Design and Implementation of an Object-Oriented Framework in Ada95 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196 Detlef Schmitt MTS Integrating UML, HOOD, Ada in a Full Ada Operational Software Project . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211 Thierry Lacomme, S´everine Carles, Agusti Canals and Fran¸cois Normend Session: Formal Analysis Methods Symbolic Data Flow Analysis for Detecting Deadlocks in Ada Tasking Programs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225 Johann Blieberger, Bernd Burgstaller and Bernhard Scholz Exceptions in OO Languages: Using Them and Reasoning about Them . . . 238 Neelam Soundarajan and Stephen Fridella

Table of Contents

XIII

(True) Polymorphism in SPARK2000 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252 Tse-Min Lin and John A. McDermid Session: Testing Improving the Reliability of Object-Oriented Software through Object-Level Behavioral Simulation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266 Mahesh Deshpande, Frank Coyle and Jeff Tian Results of an Investigation into Software Integration Testing Automation . 280 Simon Kiteley and Jonathan Draper On the Minimal Essential Subsets and Minimal Representative Sets . . . . . . . 291 T. Y. Chen and M. F. Lau Author Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .303

6XSSRUWRI7HFKQRORJ\'HYHORSPHQW LQWKH,QIRUPDWLRQ6RFLHW\ 5DLQHU=LPPHUPDQQ (XURSHDQ&RPPLVVLRQ'*,1)62( 5XHGHOD/RL12%%UXVVHOV%HOJLXP

$EVWUDFW 7KHSUHVHQWDWLRQZLOOFRYHUDQRYHUYLHZRIWKH,673URJUDPPHXQGHUWKHWK)UDPH ZRUNRI(XURSHDQ5HVHDUFKDQGZLOOWKHQFRQFHQWUDWHRQWKHRSSRUWXQLWLHVRIWKH.H\ $FWLRQ ³(VVHQWLDO 7HFKQRORJLHV DQG ,QIUDVWUXFWXUHV´ 7KH SUHVHQWDWLRQ ZLOO IRFXV RQ WKHIUDPHZRUNRIWKHGLIIHUHQWDFWLRQW\SHV³IURPUHVHDUFKWRWDNHXS´LQSDUWLFXODU VKRZLQJWKHVXEMHFWVLQWKHDUHD³7HFKQRORJLHVDQGHQJLQHHULQJIRUVRIWZDUHV\VWHPV DQG VHUYLFHV´ 7KH SUHVHQWDWLRQ ZLOO SXW HPSKDVLV RQ QHZ GHYHORSPHQWV LQ WKH VRIW ZDUH DUHD VKRZLQJ WKH LPSRUWDQFH RI HPEHGGHG V\VWHPV DQG RSHQ VRXUFH VRIWZDUH )LQDOO\WKHH[SHFWHGWLPHIUDPHDQGVXEMHFWVIRUWKHQH[WFDOOVZLOOEHSUHVHQWHG



+HDGRI8QLW(

+%.HOOHUDQG(3O|GHUHGHU(GV $GD(XURSH/1&6SS ©6SULQJHU9HUODJ%HUOLQ+HLGHOEHUJ

.LQJFDW0&$60RQLWRULQJ&RQWURODQG $ODUP6\VWHPIRUD/X[XU\0RWRU@ 8VH RI WKLV WHVW VHW KDV D QXPEHU RI DGYDQWDJHV 7KH SURJUDPV DUH SULQWHG DQG GLVWULEXWHG DQG SUREDEO\ UHDG E\ D ODUJH QXPEHU RI SHRSOH 7KH HUURUV LQ WKH SURJUDPVPXVWDOVREHLQWHUHVWLQJWRWKHSRWHQWLDOEX\HURIWKHSURGXFW,IDQHUURULV VRVLPSOH WKDW LW FDQ EH GHWHFWHG E\ D JODQFH QRERG\ ZRXOG EH LQWHUHVWHG WR EX\ D SURGXFWWRGHWHFWVXFKDQREYLRXVPLVWDNH2QWKHRWKHUKDQGWKHSURJUDPVDQGWKH HUURUV FDQ QRW EH WRR FRQWULYHG ,I VR WKH SRWHQWLDO EX\HU ZRXOG QRW EH LQWHUHVWHG HLWKHU 7KXV WKHVH SURJUDPV DUH VHOHFWHG E\ WKH DGYHUWLVHUV WR VKRZ FRPPRQ PLVWDNHV WKDW DQ RUGLQDU\ SURJUDPPHU DUH OLNHO\ WR PDNH DQG ZKLFK DUH KDUG WR GHWHFW

,VDQ$GD/LQW1HFHVVDU\"

2QHSRWHQWLDOGLVDGYDQWDJHZLWKWKLVWHVWVHWLVWKDWHUURUVWKDWDUHQRWGHWHFWHGE\ WKHFRPSDQ\¶VWRROZLOOQRWEHLQFOXGHG



&ODVVLILFDWLRQ

)RU WKLV VWXG\ WKH HUURUV KDYH EHHQ FODVVLILHG LQ IRXU GLIIHUHQW FDWHJRULHV 7KH FDWHJRU\QDPHDQVZHUVWKHTXHVWLRQ³:RXOGWKLVHUURUKDYHEHHQGHWHFWHGE\DQ$GD FRPSLOHU´7DEOHJLYHVDVXPPDU\RIWKHHUURUFDWHJRULHV 7DEOH&ODVVLILFDWLRQRIHUURUV

&DWHJRU\