Sat Jan 1 14:47:13 EST 2011


Copilot: A Hard Real-Time Runtime Monitor[1], built on top of Atom[2],
a procedural language for C code generation.

* It's hard to do embedded programming: no abstraction
   - Have to understand (computing) hardware
   - Have to understand peripherals (real-world interaction)
   - Probably no operating system
   - Timing
* Paradoxically, we depend on them
* How to get evidence it works?  Currently: circumstantial.
   - Certification: process oriented
   - Probably not formally verified
   - Unanticipated faults and behaviour -> danger
   => Needs run-time monitor
* Copilot implementation:
   - Haskell EDSL
   - Constant space / time dataflow: no side effects
   - Static schedule, ensuring sync between streams

   - Fault-tolerance code is often the cause of failures!  This needs
     separation of concerns.

[1] http://vimeo.com/16676033
[2] http://hackage.haskell.org/package/atom