Sunday Morning Tutorials (9:00am - 12:30pm)
SA1: Introducing the Best of Ada
John G.P. Barnes
Level — Introductory
Ada was originally designed in around 1980. Important goals included: to provide a portable and uniform language to replace a number of existing languages then in use; to capture the state of the art in language design; to recognize that programming was a serious engineering discipline; and to be highly reliable and encourage the development of long lived and maintainable programs.
However, Ada 83 (as the first version was known) was developed before the ideas of OOP matured and tasking was fully understood. Accordingly Ada was enhanced in 1995 to cover these topics and others. In this tutorial John will introduce the main themes of Ada and hopefully show why it is an excellent language for systems that need to be reliable and to be maintained.
SA2: Languages for Safety-Critical Software: Issues and Assessment
This intermediate-level tutorial is aimed at people with a technical background in software development. No previous experience with safety-critical standards is required. Some familiarity with one or more of C, C++, Ada, or Java would be useful.
Safety-critical systems (whose anomalous behavior could cause catastrophic or major failure involving loss of life) are becoming increasingly prevalent. Standards such as DO-178B, originally developed for commercial avionics, are attracting attention in other segments. The requirement to comply with such standards imposes constraints (on quality assurance, traceability, etc.) much beyond what is typical for Commercial-Off-The-Shelf Software. One of the major decisions that affects safety certification is the choice of programming language(s). Specific language features, either by their presence of absence, may make certification easier or harder. (Practicalities such as tool support and programmer experience are of course also important but are outside the scope of the tutorial).
This tutorial first summarizes existing safety standards, with a focus on DO-178B, and explains how they affect the requirements on a programming language. It specifically addresses the challenges imposed by Object-Oriented Technology and summarizes the work currently underway on DO-178C. The tutorial then assesses three language technologies -- C (including C++), Ada, and Java -- with respect to suitability for meeting these requirements through appropriate subsetting. MISRA C, SPARK, and the in-progress Safety-Critical Java Technology are specifically identified and reviewed.
Sunday Afternoon Tutorials (2:00 - 5:30pm)
SP1: Introducing the Best of Ada 2005
John G.P. Barnes
Ada 2005 is the latest chapter in the Ada story. Ada 95 was a huge leap forward from Ada 83. However, experience showed that Ada 95 has a number of gaps. Ada 2005 is not such a giant leap forward but aims rather to round off Ada 95 and so provide the community with a really smooth programming language suited for the demanding applications of the 21st century.
John will explain the specific goals of the development and introduce the key new features of Ada 2005. The most obvious new features are in the OO model with the introduction of interfaces and in the real-time area with more control over timing and scheduling plus much more in the predefined library. But there are other improvements as well in areas such as visibility control, exceptions and generics. And of course also downward closures so that Ada is at last as good as Algol 60 in that area.
SP2: Exposing Ada Web Services Using a Service-Oriented Architecture (SOA)
Ricky E. Sward
Level — Intermediate
This tutorial covers the principles of Service-Oriented Architectures (SOA) including loose coupling, encapsulation, reusability, composibility, etc. The attendee will learn about the Ada Web Server (AWS) and how SOA interfaces, session management, etc. are implemented using AWS. The tutorial will also cover the fundamentals of the Enterprise Service Bus (ESB), a key enabling component of the SOA. Attendees will learn about ESB endpoints, data routing, automatic translations, etc. They will also learn how to connect Ada web services to an ESB, how to expose the web services, and how to use AWS with the ESB through in-class exercises and demonstrations. The tutorial will be very interactive and attendees are encouraged to bring their laptop computers.
Monday Full-Day Tutorials (9:00am - 5:30pm)
MF1: Security by Construction
Level — Intermediate
Practising software engineers, programme managers, and those involved with procurement of high-integrity software systems might attend this tutorial. Some background in the development of safety- or security-critical software might be useful, but not essential.
This tutorial will cover the use of "Correctness by Construction" (CbyC) techniques in the development of highly secure software systems. While the use of CbyC is well-known in the development of safety-related systems, it has also been deployed in the domain of highly secure systems. The software world seems plagued by security problems caused by basic mistakes in software design and construction, but this tutorial will show how practices from the safety-critical domain can be used to tackle these problems. In particular, the role of formal methods, programming language design, and strong static verification will be covered. The tutorial will be illustrated with reference to CbyC security projects such as the MULTOS CA and the NSA Tokeneer system.
Software security is one of the highest-profile and most important topics facing researchers today. The plague of "buffer overflow" and similar attacks that we read about every day seem almost endemic, yet these are problems that have been faced (and solved) by the safety-critical community for many years. This tutorial will recount our experience in building high-grade secure systems using the CbyC approach developed by Praxis over the last 15 years.
Part I - Basics
- Security basics - assumptions, threats, attacks, satan's computer
- Software correctness vs security
Part II - Correctness by Construction
- CbyC principles and techniques
- The role of formal languages and methods
Part III - Programming Languages and Static Analysis
- Language issues
- Ada's position in all this
- The SPARK approach to verification of security properties
- Basic protection from stupid mistakes
- Flow analysis and theorem proving
- Input data validation and injection attacks
- Domain- and application-specific security properties
Part IV - Project examples
- MULTOS CA
- NSA Tokeneer
The principal presenter will be Dr Roderick Chapman of Praxis High Integrity Systems.
Monday Morning Tutorials (9:00am - 12:30pm)
MA1: Real-time and Parallel Processing in Ada
John W. McCormick
Level — Intermediate. This tutorial assumes basic knowledge or experience with the Ada programming language.
This tutorial covers two of the major problems with parallel and real-time programming - time management and storage management. Parallel processing, whether on single-processor machines or multiple processors, has many pitfalls. We will examine these potential pitfalls, and discuss ways to avoid common problems, such as deadlocks and race conditions. We will also discuss how to write code that efficiently passes data with other parallel processes. The basics of parallel processing are covered, leading to a discussion and examples using Ada tasking. In addition, the Ada Real-Time Systems Annex is also covered.
Monday Afternoon Tutorials (2:00 - 5:30pm)
MP1: Real Time Scheduling Theory and Its Use with Ada
Level — Intermediate. This tutorial assumes basic knowledge or experience with the Ada programming language. Basic understanding of tasking and real-time constraints — at the level of tutorial MA1 — would be helpful. We assume that attendees have a minimal background on real time operating systems, Ada tasking and critical real time applications/systems; however, a (very) short presentation of such topics will be included in the tutorial.
This tutorial deals with real time scheduling theory and its use with Ada. Real time scheduling theory was firstly proposed in 1974, but stays mostly unused by many software designers.
Too many practitioners have no background on real time scheduling. This tutorial should help them to understand the basis of such a theory and to apply it with Ada technologies. This tutorial is expected to help Ada engineers to predict the performances of their critical Ada real time applications.
This tutorial will be organized in three parts:
- First, we define what a real time system is and then, the theoretical results of the real time scheduling theory are presented. The basic task models and schedulers are explained (their behavior and their properties). The tutorial focusses on fixed priority scheduler and its feasibility tests (eg. Rate monotonic and worst case task response time) which is the most useful scheduler with current real-life applications. However, a dynamic priority scheduler is also presented (eg. EDF). At the end of this first part, attendees should understand what a feasibility test is and how it can help them to predict performances of their real time applications. This part is ended with a short introduction on shared resource support (eg. what a priority inversion is, how PIP/PCP work).
- Second, we show how real time scheduling features are taken into account in Ada international standards such as ISO/IEC Ada 1995 and 2005, the POSIX 1003 Ada binding and ARINC 653 (which is an avionic operating system standard providing an Ada binding). In this part, we try to show the relationships between the real time scheduling theory and the implementation of real time schedulers into practical systems.
- Finally, some Ada program examples are presented and explained. Such examples are based on real-life operating systems which provide Ada and real time scheduling capabilities (eg. MARTE OS, RTEMS, ...).