State restoration in Ada 95: a portable approach to supporting software fault tolerance

Studies indicate that techniques for tolerating hardware faults are so effective that software design errors are the leading cause of all faults encountered. To handle these unanticipated software faults, two main approaches have been proposed: N-version programming and recovery blocks. Both are based on the concept of design diversity: the assumption that different designs will exhibit different faults (if any) for the same inputs and will, therefore, provide alternatives for each other. Both approaches have advantages, but this paper focuses upon recovery blocks; specifically, the requirement to save and restore application state. Judicious saving of state has been described as “checkpointing” for over a decade. Using the object-oriented features of the revised Ada language (Ada 95) – a language widely used in this domain – we present three portable implementations of a checkpointing facility and discuss the trade-offs offered by each. Results of the implementation of these mechanisms are used to highlight both the strengths and weaknesses of some of the object-oriented features of Ada. We then show a reusable implementation of recovery blocks illustrating the checkpointing schemes. A performance analysis is made and measurements are presented in support of the analysis.     

Concurrent programming in the Ada® language: The polling bias

The rendezvous is an important concept in concurrent programming—two processes need to synchronize, i.e. rendezvous, to exchange information. The Ada programming language is the first programming language to use the rendezvous as the basis of its concurrent programming facilities. Our experience with rendezvous facilities in the Ada language shows that these facilities lead to and encourage the design of programs that poll. Polling is generally, but not always, undesirable because it is wasteful of system resources. We illustrate and examine the reasons for polling bias in the Ada language. We give suggestions on how to avoid polling programs, and suggest changes to the rendezvous facilities to eliminate the polling bias. The ramifications of these changes to the implementation of the Ada language are also discussed. Although we have focused on the rendezvous facilities in the Ada language our analysis is also applicable to other languages. A polling bias can occur in any concurrent programming language based on the rendezvous mechanism if it does not provide appropriate facilities.     

The CONTEXT: a high-level structuring concept for GKS input

All human beings interact in some context or other. The concept of context has been explored by researchers in many different fields. A survey of some of this work is presented here. Using conceptual graph notation as a knowledge representation language, an introductory analysis of the concept of context and related notions is carried out and the results applied to GKS input. The outline of a possible implementation in Ada, with the (generic) package as the principal structuring unit and the task as the (low-level) implementation unit, is illustrated with a simple example.     

分布式Ada语言系统的实现

基于Ada 95参考手册附录E“分布式系统”中的思想,提出了实现分布式Ada语言系统的一些概念和设计思想,并给出了实现分区通信子系统的具体方案.在此基础上,通过一些前置处理,并利用已实现的分区通信子系统的接口,实现了分布式Ada语言系统.最后通过一个实例,具体介绍了分布式Ada语言系统的程序设计方法.     

Ada programming language standardization

The need for software management and standardization of programming languages used in military systems was first identified by DoD in 1975. DoD at that time supported many limited use languages for what are now called embedded computer applications. This diversity of languages contributed to high software costs. In November 1976, DoD first established seven approved , , , -J3, -J73, , -2, -1. Eventually the number of approved DoD languages may be reduced to three, Ada, , and . Ada was established as Military Standard 1815, on 10 December 1980. The ANSI standardization process for Ada is in progress. The Ada concept places restrictions on what may be called an Ada compiler. Compilers may not be called Ada compilers until they have passed validation tests. Up to 80% of software costs are incurred after the software has been put into service. Ada can promote a programming style that leads to maintainable software. It is in the program maintenance phase of the software life cycle where large savings will be achieved through the use of Ada.     

分布式Ada远程子程序调用及实现

首先阐述了Ａｄａ９５分布式系统的总体设计思想。介绍了类目的概念,并着重讨论了Ａｄａ９５在分布式系统实现中最重要的远程子程序调用问题,给出了实现的方法。最后分析了一个远程过程调用的实例。     

一个基于Ada的面向对象建模语言

给出了一个基于Ada的建模语言AML.AML以Ada95为基础,吸取了Ada95的基本原理和思想,利用支持建模的设施对其进行扩充,以便适用于软件建模的各个阶段.AML沿用了Ada95中的程序包概念,并将程序包作为它的核心成份,同时,沿用了Ada95的任务单元和保护单元等设施,以精确描述了软件系统中主动控制成份和资源保护成份的各种特性;AML吸取了图形化面向对象建模语言与建模方法所采用的多视点模型思想,将实体不同侧面的特征分开描述;AML利用一种新的并发模型和限制设施,有效地解决了系统的并发特性和不确定性等非功能特性的描述问题;AML有较强的可扩充性,能应用于各种应用领域.总之,AML是一个既面向用户,面向开发者,又面向系统的通用建模语言,有效地克服了现有一些建模语言在表达能力和应用范围等方面存在的诸多不足.     

Ada图形用户界面的实现策略

在UNIX环境下实现Ada的图形用户界面一直是一个比较困难的问题。X/Motif Ada Bindings是一个Ada与Motif工具箱的低级接口工具集,它可用于实现Ada的图形用户界面,本文从它的解决方案、体系结构及接口机制等几个方面对此软件包的实现进行了比较深入的研究分析,并基于此软件包和现有操作平台提供了一种高效的Ada GUI实现策略。     

Illustrating Client and Implementation Readability Tradeoffs in Ada and C++

The relative merits of Ada and C++ have fostered numerous discussions among software developers. With the release of Ada 95 and its object-oriented features, we expect these discussions to intensify, particularly given the increasing number of features for which there are implementations in both languages. In this paper, we compare Ada and C++ based on the readability of class and client implementations. We examine this issue using a case study. Our case study illustrates a partial tradeoff that exists between the readability of a class and the readability of its clients. This tradeoff depends on the degree to which overloading is used; extensive use of overloading adds to class complexity, although it increases client readability.     

Adam: An Ada-based language for multiprocessing

Adam is a high-level language for parallel processing. It is intended for programming resource scheduling applications, in particular supervisory packages for run-time scheduling of multiprocessing systems. An important design goal was to provide support for implementation of Ada and its run-time environment. Adam has been used to implement Ada task supervision and also as a high-level target language for compilation of Ada tasking. Adam provides facilities corresponding to the Ada sequential constructs (including subprograms, packages, exceptions, generics). In addition, it provides specialized module constructs for implementation of packages that may be shared between parallel processes, and new predefined types for scheduling. The parallel processing constructs of Adam are more primitive than Ada tasking. Strong restrictions are enforced on the ways in which parallel processes can interact. A compiler for Adam has been implemented in MacLisp on DEC PDP-10 computers. Runtime support packages in Adam for scheduling (on a single CPU) and I/O are also provided. The compiler contains a library manipulation facility for separate compilation. The Adam compiler has been used to build an Ada compiler for most of the July 1980 Ada, including task types and rendezvous constructs. This was achieved by implementing the translation of Ada tasking into Adam parallel processing as a preprocessor to the Adam compiler. This present Ada compiler, which has been operational since December 1980, uses a procedure call implementation of tasking. It can be easily modified to other implementations. Compilation of Ada tasking into a high-level target language such as Adam facilitates studying questions of correctness and efficiency of various compilation algorithms, and code optimizations specific to tasking, e.g. elimination of unnecessary threads of control. This paper gives an overview of Adam and examples of its use. Emphasis is placed on the differences from Ada. Experience using Adam to build the experimental Ada system is evaluated. Design of a run-time supervisor in Adam is discussed in detail.     

Experience acquiring and retargeting a portable Ada compiler

A technique for implementing Ada with reasonable effort on a piece of non-standard hardware is described. The target machine is a single processing element in an experimental multiprocessor based on NS32000. A portable Ada front-end compiler was used for retargeting, and the process of acquiring and evaluating the front end is described. Based on this experience, comments on the validation, quality and efficiency of Ada compilers are given, along with a detailed overview of the resultant system. The Ada system was built from scratch on the bare hardware. It has three main components: a code generator, a run-time system and an Ada kernel. The code generator is table driven and generates symbolic NS32000 assembler. This code is then assembled and linked by commercially available components. The run-time system and the kernel are implemented in assembly language and Concurrent Euclid and handle tasking, exceptions and scheduling. The result is a complete Ada implementation.     

Ada program partitioning language: a notion for distributing Adaprograms

Ada Program Partitioning Language (APPL) has been designed as part of Honeywell's Distributed Ada project. The goal of the project is to develop an approach for reducing the complexity of building distributed applications in Ada. In the proposed approach, an application is written as a single Ada program using the full capabilities of the Ada language. It is not necessary to factor the underlying hardware configuration into the program design. Once the program has been completed and tested in the host development environment, it is partitioned into fragments and mapped onto the distributed hardware. The partitioning and mapping are expressed in APPL and do not require changes to the Ada source. The main thrusts of the project include the design of APPL and the development of language translation tools and the run-time system to support Ada and APPL for a distributed target. The authors present an overview of APPL, the goals considered in the design, and issues that impact its implementation     

面向对象建模集成环境AML-Tools的设计与实现

该文描述了一个新的面向对象建模集成环境AML-Tools。AML是一个基于Ada95的建模语言,它吸取了Ada95的基本原理和思想,利用支持面向对象建模的设施对其进行扩充和改造,使之适用于软件建模的各个阶段;引进了程序包、任务等程序单元的概念并使之成为AML的核心成份;吸取了多视点模型的思想,将描述同一实体不同侧面特征的信息分别封装在相应的程序单元声明、程序单元体和程序单元描述中;利用新的并发模型、同步设施和限制设施,有效地解决了系统并发性、不确定性等非功能特性的描述问题。     

Real-time interrupt handling in Ada

The Ada? programming language defines the semantics of interrupt handling as part of the tasking mechanism, making it possible to construct implementation-independent interrupt handlers. However, for the Ada mechanism to be effective, an implementation must provide support not specified by the Ada standard, such as for initializing hardware interrupting devices, handling unexpected interrupts and optimizing for real-time performance constraints. This paper analyses some of the constraints that efficient interrupt support places on an implementation. It develops a model for the interaction between interrupt hardware and Ada tasks and describes optimizations for Ada interrupt handlers. Implementation issues, including task priorities and task termination for interrupt handlers, are discussed in detail.     

A Ravenscar-Compliant Run-time Kernel for Safety-Critical Systems*

The Ravenscar tasking profile for Ada 95 has been designed to allow implementation of highly safety critical systems. Ravenscar defines a tasking system with deterministic behavior and low complexity. We provide a formal model using UPPAAL of the primitives provided by Ravenscar including exceptions. This formal model is used to verify the correctness of the Ravenscar model and can be used to verify safety properties of applications using the Ravenscar profile. As an illustration of this, we model a sample application using all features of Ravenscar and formally verify its correctness. Furthermore, an introduction to the Ravenscar model is given.     

Ada95语言评述

Ａｄａ９５语言是在Ａｄａ８３基础上修订而成的，它几乎提供了现代程序设计范型及程序设计实践所需要的一切设施，它可以支持面向对象的程序设计、大型程序设计、实时与并行程序设计等等。     

ARTK-M2: A kernel for Ada tasking requirements: An implementation and an automatic generator

A run-time kernel, ARTK-M2, supporting Ada tasking semantics is discussed; full support for task creation, synchronization, communication, scheduling, and termination is provided, together with all options of the Ada rendezvous. An implementation in Modula-2 is presented and a method for automatically translating Ada programs into semantically equivalent Modula-2 programs with corresponding kernel calls is introduced. A parser generator and an attribute grammar were used for the automatic translation. A subset of the Ada Compiler Validation Capability was processed to test the implementation and to illustrate the translation mechanism. The kernel is applicable to the study of real-time control systems; it can also serve as a baseline for studying implementation alternatives of Ada concepts, such as new scheduling algorithms, and for analysing new language constructs. Work is under way to implement some of the changes to the Ada tasking model being proposed as a result of the language revision (Ada9X). Finally, through proper extensions, ARTK-M2 can form an integral part of programming tools such as an Ada compilation system and a distributed kernel for multi-processing environments.     

Extending conventional languages by distributed/concurrent exception resolution

The state of art in handling and resolving concurrent exceptions is discussed and a brief outline of all research in this area is given. Our intention is to demonstrate that exception resolution is a very useful concept which facilitates joint forward error recovery in concurrent and distributed systems. To do this, several new arguments are considered. We understand resolution as reaching an agreement among cooperating participants of an atomic action. It is provided by the underlying system to make it unified and less error prone, which is important for forward error recovery, complex by nature. We classify atomic action schemes into asynchronous and synchronous ones and discuss exception handling for schemes of both kinds. The paper also deals with introducing atomic action schemes based on exception resolution into existing concurrent and distributed languages, which usually have only local exceptions. We outline the basic approach and demonstrate its applicability by showing how exception resolution can be used in Ada 83, Ada 95 (for both concurrent and distributed systems) and Java. A discussion of ways to make this concept more object-oriented and, with the help of reflection, more flexible and useful, concludes the paper.     

Distributed control systems simulation using high level Petri nets

To deal with the complexity of the implementation of control systems for flexible manufacturing systems, formal methods of design are needed. In this work the modeling and validation tool selected is high level Petri nets. Based on this approach we have studied the problems that a distributed implementation can introduce. For the evaluation of different strategies of the model implementation and the scheduling of production tasks a simulator has been constructed. This simulator has been written in Ada language.