by Yannick Moy – Apr 03, 2016

Did SPARK 2014 Rethink Formal Methods?

David Parnas is a well-known researcher in formal methods, who famously contributed to the analysis of the shut-down software for the Darlington nuclear power plant and designed the specification method known as Parnas tables and the development method called Software Cost Reduction. In 2010, the magazine CACM asked him to identify what was preventing more widespread adoption of formal methods in industry, and in this article on Really Rethinking Formal Methods he listed 17 areas that needed rethinking. The same year, we started a project to recreate SPARK with new ideas and new technology, which lead to SPARK 2014 as it is today. Parnas's article influenced some critical design decisions. Six years later, it's interesting to see how the choices we made in SPARK 2014 address (or not) Parnas's concerns.

#Formal Verification #SPARK

by Emma Adby – Mar 16, 2016

Provably safe programming at Embedded World

AdaCore continues to build reliable and secure software for embedded software development tools. Last month, we attended Embedded World 2016, one of the largest conferences of its kind in Europe, to present our embedded solutions and our expertise for safety, and mission critical applications in a variety of domains.

#ARM #emb2016 #Embedded #Embedded World

by Emma Adby – Mar 10, 2016

CubeSat continues to orbit the Earth thanks to Ada & SPARK!

Dr Carl Brandon of Vermont Technical College and his team of students used SPARK and Ada to successfully launch a satellite into space in 2013 and it has continued to orbit the Earth ever since! At our AdaCore Tech Days in Boston last year Dr Brandon explained further.

#Ada #SPARK #Space #TechDay

by Yannick Moy – Mar 10, 2016

Formal Verification of Legacy Code

Just a few weeks ago, one of our partners reported a strange behavior of the well-known function Ada.Text_IO.Get_Line, which reads a line of text from an input file. When the last line of the file was of a specific length like 499 or 500 or 1000, and not terminated with a newline character, then Get_Line raised an exception End_Error instead of returning the expected string. That was puzzling for a central piece of code known to have worked for the past 10 years! But fair enough, there was indeed a bug in the interaction between subprograms in this code, in boundary cases having to do with the size of an intermediate buffer. My colleague Ed Schonberg who fixed the code of Get_Line had nonetheless the intuition that this particular event, finding such a bug in an otherwise trusted legacy piece of code, deserved a more in depth investigation to ensure no other bugs were hiding. So he challenged the SPARK team at AdaCore in checking the correctness of the patched version. He did well, as in the process we uncovered 3 more bugs.

#SPARK #Legacy #Formal Methods

by Yannick Moy – Mar 04, 2016

SPARK Prez at New Conference on Railway Systems

RSSR is a new conference focused on the development and verification of railway systems. We will present there how SPARK can be used to write abstract software specifications, whose refinement in terms of concrete implementation can be proved automatically using SPARK tools.

#SPARK

by Fabien Chouteau – Mar 03, 2016

Make with Ada: Candy dispenser, with a twist...

A few months ago, my colleague Rebecca installed a candy dispenser in our kitchen here at AdaCore. I don’t remember how exactly, but I was challenged to make it more… fun.

by Emma Adby – Mar 02, 2016

Embedded Product Line Updates

Embedded products are not stand alone, this allows them to have safety, mission critical and real-time requirements that they wouldn’t necessarily have otherwise. The embedded product line provides analyzable, verifiable, and certifiable software for both static and dynamic analysis tools.

#AdaCoreTechDay #GNAT #Embedded Development #Embedded

by Emma Adby – Feb 23, 2016

QGen 2.1 Release!

Embedded World will see the latest release of QGen, the qualifiable and customisable code generator for Simulink® and Stateflow® models!

#QGen #QGen2.1 #AdaCoreTechDay #Embedded World #emb2016

by Emma Adby – Jan 27, 2016

Formal Verification Made Easy!

We are pleased to announce our latest release of SPARK Pro! A product that has been jointly developed alongside our partner Altran and following the global AdaCore Tech Days, you can now see the SPARK 2014 talk, Formal Verification Made Easy by AdaCore’s Hristian Kirtchev, on YouTube.

#SPARK Pro #SPARK2014 #SPARKPro16

by Emma Adby – Jan 18, 2016

ERTS and Embedded World conferences 2016

We are pleased to announce that we will be a major sponsor and exhibitor at ERTS, Toulouse and will be exhibiting at Embedded World, Nuremberg in the coming months!

#ERTS2016 #Embedded World #emb2016 #Embedded Development #Safety Critical Development

by Jérôme Lambourg – Jan 12, 2016

Porting the Ada Runtime to a new ARM board

A step by step tutorial to adapt the ARM runtime to new MCUs/boards.

#Bareboard #ARM #GNAT #STM32 #Ravenscar

by Yannick Moy , Emma Adby – Dec 18, 2015

Ada Lovelace Bicentennial

The three of us attended the Ada Lovelace Symposium in Oxford (UK). The two days were one fantastic discovery after another about the life, achievements and legacy of Ada Lovelace, the programming pioneer who lent her name to the Ada language.

#Lovelace

by Emma Adby – Dec 14, 2015

Dissimilar tools: Use cases and impact on tool qualification level

Frederick Pothon of ACG Solutions has recently published a document entitled - Dissimilar tools: Use cases and impact on tool qualification level on the open-DO blog.

#DO-178 #DO-178C #Avionics #Certification

by Yannick Moy – Nov 30, 2015

GNATprove Tips and Tricks: What’s Provable for Real?

SPARK supports two ways of encoding reals in a program: the usual floating-point reals, following the standard IEEE 754, and the lesser known fixed-point reals, called this way because their precision is fixed (contrary to floating-points whose precision varies with the magnitude of the encoded number). This support is limited in some ways when it comes to proving properties of computations on real numbers, and these limitations depend strongly in the encoding chosen. In this post, I show the results of applying GNATprove on simple programs using either floating-point or fixed-point reals, to explain these differences.

#Formal Verification #SPARK

by Yannick Moy – Nov 23, 2015

SPARK 2014 Rationale: Support for Ravenscar

As presented in a recent post by Pavlos, the upcoming release of SPARK Pro will support concurrency features of Ada, with the restrictions defined in the Ravenscar profile of Ada. This profile restricts concurrency so that concurrent programs are deterministic and schedulable. SPARK analysis makes it possible to prove that shared data is protected against data races, that deadlocks cannot occur and that no other run-time errors related to concurrency can be encountered when running the program. In this post, I revisit the example given by Pavlos to show SPARK features and GNATprove analysis in action.

#Language #Formal Verification #SPARK

by Emmanuel Briot – Nov 16, 2015

Calling inherited subprograms in Ada

This short post describes an idiom that can be used to help maintain complex hierarchies of tagged types, when methods need to call the parent types methods.

#Ada

by Florian Schanda – Nov 12, 2015Guest Author

SPARK 2016 Supports Ravenscar!

The new big feature of the SPARK 2016 release is the support of the Ravenscar profile. Users can now use protected objects and tasks to write concurrent code. On uniprocessor computers the toolset can ensure that no deadlocks or data races will occur and that no tasks will terminate. Read this blog post to learn more and see the new feature in practice.

#Language #Formal Verification #SPARK

by Fabien Chouteau – Nov 10, 2015

Make with Ada: Formal proof on my wrist

When the Pebble Time kickstarter went through the roof, I looked at the specification and noticed the watch was running on an STM32F4, an ARM cortex-M4 CPU which is supported by GNAT. So I backed the campaign, first to be part of the cool kids and also to try some Ada hacking on the device.

#SPARK2014 #Smartwatch #Makers

by Emma Adby – Nov 03, 2015

Modernizing Adacore's Open-Source Involvement

Through the adoption of GitHub we have taken our first step on the way to having a more collaborative and dynamic interaction with, both our users and open source technologies.

#GitHub #OSS #Ada

by David Hauzar – Nov 03, 2015

SPARK 16: Generating Counterexamples for Failed Proofs

While the analysis of failed proofs is one of the most challenging aspects of formal verification, it would be much easier if a tool would automatically find values of variables showing why a proof fails. SPARK Pro 16, to be released in 2016, is going to introduce such a feature. If a proof fails, it attempts to generate a counterexample exhibiting the problem. This post introduces this new feature, developed in the scope of the ProofInUse laboratory.

#Formal Verification #SPARK

« Previous Page Next Page »

AdaCore Blog

An Insight Into the AdaCore Ecosystem

Did SPARK 2014 Rethink Formal Methods?

Provably safe programming at Embedded World

CubeSat continues to orbit the Earth thanks to Ada & SPARK!

Formal Verification of Legacy Code

SPARK Prez at New Conference on Railway Systems

Make with Ada: Candy dispenser, with a twist...

Embedded Product Line Updates

QGen 2.1 Release!

Formal Verification Made Easy!

ERTS and Embedded World conferences 2016

Porting the Ada Runtime to a new ARM board

Ada Lovelace Bicentennial

Dissimilar tools: Use cases and impact on tool qualification level

GNATprove Tips and Tricks: What’s Provable for Real?

SPARK 2014 Rationale: Support for Ravenscar

Calling inherited subprograms in Ada

SPARK 2016 Supports Ravenscar!

Make with Ada: Formal proof on my wrist

Modernizing Adacore's Open-Source Involvement

SPARK 16: Generating Counterexamples for Failed Proofs