Changeset 3442

Timestamp:

Feb 17, 2014, 11:40:57 AM (7 years ago)

Author:

mulligan

Message:

Changes up to Section 3. Added missing reference to AbsInt?'s aiT tools.

Location:

Papers/fopara2013

Files:

• fopara13.bib (modified) (1 diff)
• fopara13.tex (modified) (7 diffs)

Papers/fopara2013/fopara13.bib

@@ -278 +278 @@
   pages={167-181}
 }
+
+@misc
+{ absint,
+  year = {2014},
+  url = {http://www.absint.com/ait/},
+  author = {{AbsInt}},
+  title = {{aiT WCET} analysis tools}
+}

Papers/fopara2013/fopara13.tex

@@ -185 +185 @@
 
 \section{Project context and approach}
-Formal methods for verification of functional properties of programs have 
+Formal methods for the verification of functional properties of programs have 
 now reached a level of maturity and automation that is facilitating a slow but 
 increasing adoption in production environments. For safety critical code, it is 
@@ -196 +196 @@
 becomes an assumption for later analysis.
 
-The scenario for the verification of non-functional properties (time spent, 
+The outlook for verifying non-functional properties of programs (time spent, 
 memory used, energy consumed) is bleaker.
 % and the future seems to be getting even worse.
@@ -220 +220 @@
 from the research community towards the introduction of alternative
 hardware with more predictable behaviour, which would be more suitable
-for static analysis.  One example being investigated by the Proartis
-project~\cite{proartis} is to decouple execution time from execution
+for static analysis.  One example, being investigated by the Proartis
+project~\cite{proartis}, is to decouple execution time from execution
 history by introducing randomisation.
 
 In the CerCo project \cite{cerco} we do not try to address this problem, optimistically 
 assuming that improvements in low-level timing analysis or architecture will make
-verification feasible in the longer term. The main objective of our work is 
-instead to bring together static analysis of functional and non-functional 
+verification feasible in the longer term. Instead, the main objective of our work is 
+to bring together the static analysis of functional and non-functional 
 properties, which, according to the current state of the art, are completely 
 independent activities with limited exchange of information: while the 
@@ -258 +258 @@
 The second reason to perform the analysis on the object code is that bounding 
 the worst case execution time of small code fragments in isolation (e.g. loop 
-bodies) and then adding up the bounds yields very poor estimates because no 
-knowledge of the hardware state on executing the fragment can be assumed. By 
+bodies) and then adding up the bounds yields very poor estimates as no 
+knowledge of the hardware state prior to executing the fragment can be assumed. By 
 analysing longer runs the bound obtained becomes more precise because the lack 
 of information about the initial state has a relatively small impact.
@@ -266 +266 @@
 are required to bound the number of times each basic block is
 executed.  Current state
-of the art WCET technology such as AbsInt performs these analyses on the
+of the art WCET technology such as AbsInt's aiT analysis tools~\cite{absint} performs these analyses on the
 object code, where the logic of the program is harder to reconstruct
 and most information available at the source code level has been lost;
@@ -297 +297 @@
 parametric: the cost of a block can depend on actual program data, on a 
 summary of the execution history, or on an approximated representation of the 
-hardware state. For example, loop optimizations may assign to a loop body a cost 
+hardware state. For example, loop optimisations may assign a cost to a loop body 
 that is a function of the number of iterations performed. As another example, 
 the cost of a block may be a function of the vector of stalled pipeline states, 
@@ -328 +328 @@
 state-of-the-art WCET tools is very large: one needs to trust the control flow 
 analyser and the linear programming libraries it uses and also the formal models 
-of the hardware. In CerCo we are moving the control flow analysis to the source 
+of the hardware under analysis. In CerCo we are moving the control flow analysis to the source 
 code and we are introducing a non-standard compiler too. To reduce the trusted 
 code base, we implemented a prototype and a static analyser in an interactive