Sat Jan 1 14:47:13 EST 2011
Copilot: A Hard Real-Time Runtime Monitor, built on top of Atom,
a procedural language for C code generation.
* It's hard to do embedded programming: no abstraction
- Have to understand (computing) hardware
- Have to understand peripherals (real-world interaction)
- Probably no operating system
* Paradoxically, we depend on them
* How to get evidence it works? Currently: circumstantial.
- Certification: process oriented
- Probably not formally verified
- Unanticipated faults and behaviour -> danger
=> Needs run-time monitor
* Copilot implementation:
- Haskell EDSL
- Constant space / time dataflow: no side effects
- Static schedule, ensuring sync between streams
- Fault-tolerance code is often the cause of failures! This needs
separation of concerns.