A Formal Correctness Proof for an EDF Scheduler Implementation
The scheduler is a critical piece of software in real-time systems. A failure in the scheduler can have serious consequences; therefore, it is important to provide strong correctness guarantees for it. In this paper we propose a formal proof methodology that we apply to an Earliest Deadline First (E...
Saved in:
| Published in | Proceedings / IEEE Real-Time and Embedded Technology and Applications Symposium pp. 281 - 292 |
|---|---|
| Main Authors | , , , |
| Format | Conference Proceeding |
| Language | English |
| Published |
IEEE
01.05.2022
|
| Subjects | |
| Online Access | Get full text |
| ISSN | 2642-7346 |
| DOI | 10.1109/RTAS54340.2022.00030 |
Cover
| Abstract | The scheduler is a critical piece of software in real-time systems. A failure in the scheduler can have serious consequences; therefore, it is important to provide strong correctness guarantees for it. In this paper we propose a formal proof methodology that we apply to an Earliest Deadline First (EDF) scheduler. It consists first in proving the correctness of the election function algorithm and then lifting this proof up to the implementation through refinements. The proofs are formalized in the Coq proof assistant, ensuring that they are free of human errors and that all cases are considered. Our methodology is general enough to be applied to other schedulers or other types of system code. To the best of our knowledge, this is the first time that an implementation of EDF applicable to arbitrary sequences of jobs has been proven correct. |
|---|---|
| AbstractList | The scheduler is a critical piece of software in real-time systems. A failure in the scheduler can have serious consequences; therefore, it is important to provide strong correctness guarantees for it. In this paper we propose a formal proof methodology that we apply to an Earliest Deadline First (EDF) scheduler. It consists first in proving the correctness of the election function algorithm and then lifting this proof up to the implementation through refinements. The proofs are formalized in the Coq proof assistant, ensuring that they are free of human errors and that all cases are considered. Our methodology is general enough to be applied to other schedulers or other types of system code. To the best of our knowledge, this is the first time that an implementation of EDF applicable to arbitrary sequences of jobs has been proven correct. |
| Author | Nowak, David Vanhems, Florian Rusu, Vlad Grimaud, Gilles |
| Author_xml | – sequence: 1 givenname: Florian surname: Vanhems fullname: Vanhems, Florian email: florian.vanhems@univ-lille.fr organization: Univ. Lille, CNRS, Centrale Lille, UMR 9189 CRIStAL,Lille,France,F-59000 – sequence: 2 givenname: Vlad surname: Rusu fullname: Rusu, Vlad email: vlad.rusu@inria.fr organization: Inria Lille-Nord Europe,France – sequence: 3 givenname: David surname: Nowak fullname: Nowak, David email: david.nowak@univ-lille.fr organization: Univ. Lille, CNRS, Centrale Lille, UMR 9189 CRIStAL,Lille,France,F-59000 – sequence: 4 givenname: Gilles surname: Grimaud fullname: Grimaud, Gilles email: gilles.grimaud@univ-lille.fr organization: Univ. Lille, CNRS, Centrale Lille, UMR 9189 CRIStAL,Lille,France,F-59000 |
| BookMark | eNotzEFLwzAYgOEoCq7TX6CH_IHOJF-SJheh1FUHA8XN80jTL6zSNiOtB_-9Az29l5cnI1djHJGQB85WnDP7-LEvd0qCZCvBhFgxxoBdkIxrraS11ohLshBairwAqW9INk1f50ULCwvyVNI6psH1tIopoZ9HnCb6nmIMNMRE3UjXzzXd-SO23z0muhlOPQ44zm7u4nhLroPrJ7z775J81ut99Zpv3142VbnNj8LAnBsmPQu6KFDIplXc-Mb4llmuXBAgbSGND9oiA3ShMApkAwIUWo0GUThYkvs_t0PEwyl1g0s_B3t2NRj4BWn_SZw |
| CODEN | IEEPAD |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IL CBEJK RIE RIL |
| DOI | 10.1109/RTAS54340.2022.00030 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan All Online (POP All Online) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP All) 1998-Present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISBN | 1665499982 9781665499989 |
| EISSN | 2642-7346 |
| EndPage | 292 |
| ExternalDocumentID | 9804638 |
| Genre | orig-research |
| GroupedDBID | 23M 29O 6IE 6IK 6IL 6IN AAWTH ABLEC ACGFS ADZIZ ALMA_UNASSIGNED_HOLDINGS BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK CHZPO IEGSK IPLJI M43 OCL RIE RIL RNS |
| ID | FETCH-LOGICAL-h283t-804c0f677e24bd518cb8cd0915af2349748cf69e03eaf78534b3235e96e8ee2a3 |
| IEDL.DBID | RIE |
| IngestDate | Wed Aug 27 02:23:49 EDT 2025 |
| IsDoiOpenAccess | false |
| IsOpenAccess | true |
| IsPeerReviewed | false |
| IsScholarly | true |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-h283t-804c0f677e24bd518cb8cd0915af2349748cf69e03eaf78534b3235e96e8ee2a3 |
| OpenAccessLink | https://inria.hal.science/hal-03671598 |
| PageCount | 12 |
| ParticipantIDs | ieee_primary_9804638 |
| PublicationCentury | 2000 |
| PublicationDate | 2022-May |
| PublicationDateYYYYMMDD | 2022-05-01 |
| PublicationDate_xml | – month: 05 year: 2022 text: 2022-May |
| PublicationDecade | 2020 |
| PublicationTitle | Proceedings / IEEE Real-Time and Embedded Technology and Applications Symposium |
| PublicationTitleAbbrev | RTAS |
| PublicationYear | 2022 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| SSID | ssj0036293 |
| Score | 2.223302 |
| Snippet | The scheduler is a critical piece of software in real-time systems. A failure in the scheduler can have serious consequences; therefore, it is important to... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 281 |
| SubjectTerms | Codes coq correction EDF formal implementation job monad proof real-time Real-time systems refinement scheduler shallow embedding Software TCB verification Voting |
| Title | A Formal Correctness Proof for an EDF Scheduler Implementation |
| URI | https://ieeexplore.ieee.org/document/9804638 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV3Pa8IwFH6op53cpmO_yWHHVWubtOllIM4ig42xKXiTJH1BmKsy6mV__V7aqjB22K2EhpSked-X9vveA7hTGIpMRdKLpC88HqjA08rnHgqtY8GVqtUWL9Fkxp_mYt6A-70XBhFL8Rn23GX5Lz9bm637VNZPpMtvJZvQpNes8mrtoi7F4SSsrXEDP-m_TYfvzjXp0xEwKHNyljrnQwGVEj_SNjzvRq5kIx-9baF75vtXUsb_PtoxdA9OPfa6x6ATaGB-Cu1dqQZW79wOPAxZ6tjpio1cOQ5TuAjneq4tI9rKVM7GjyndvyToWVHPMmvwZ21MyrswS8fT0cSrSyd4S-ILBeEON76N4hgDrjMxkEZLkxE3EMoGIadDhDQ2StAPUdmYIJvrMAgFJhFKxECFZ9DK1zmeA0McSIvWJ6JiuSHCJzNqSRJOxIqjzi6g46ZjsamyYyzqmbj8u_kKjtyCVJLBa2gVX1u8IVgv9G25nj99L6G- |
| linkProvider | IEEE |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjV3PT8IwFH5BPOgJFYy_7cGjg7G1W3cxIeiCCsQoJNxIu72GRBzGjIt_va9jQGI8eFuaNW3a9H1ft-97D-BGoS9SFUgnkK5wuKc8RyuXOyi0DgVXqlRbDIPemD9NxKQCtxsvDCIW4jNs2sfiX366SJb2U1krkja_ldyBXcJ9LlZurXXcpUgc-aU5ru1GrddR5836Jl26BHpFVs5C6bwtoVIgSFyDwXrslXDkvbnMdTP5_pWW8b-TO4DG1qvHXjYodAgVzI6gti7WwMqzW4e7DostP52zri3IkeQ2xtmeC8OIuDKVsYf7mN6fEfjMqWeRN_ijtCZlDRjHD6NuzymLJzgzYgw5IQ9PXBOEIXpcp6ItEy2TlNiBUMbzOV0jZGKCCF0flQkJtLn2PV9gFKBE9JR_DNVskeEJMMS2NGhcoiqGJ0T5ZEotUcSJWnHU6SnU7XJMP1f5MablSpz93XwNe73RoD_tPw6fz2Hfbs5KQHgB1fxriZcE8rm-Kvb2Bye1pQs |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=proceeding&rft.title=Proceedings+%2F+IEEE+Real-Time+and+Embedded+Technology+and+Applications+Symposium&rft.atitle=A+Formal+Correctness+Proof+for+an+EDF+Scheduler+Implementation&rft.au=Vanhems%2C+Florian&rft.au=Rusu%2C+Vlad&rft.au=Nowak%2C+David&rft.au=Grimaud%2C+Gilles&rft.date=2022-05-01&rft.pub=IEEE&rft.eissn=2642-7346&rft.spage=281&rft.epage=292&rft_id=info:doi/10.1109%2FRTAS54340.2022.00030&rft.externalDocID=9804638 |