Towards Verifiable Device Drivers: An Approach based on Domain-Specific Languages

نویسندگان

  • Fabrice Mérillon
  • Laurent Réveillère
  • Charles Consel
  • Robin Hansen
  • Renaud Marlet
  • Gilles Muller
چکیده

Although peripheral devices come out at a frantic pace and require fast releases of drivers, little progress has been made to improve the development of drivers. Too often, this development consists of decoding hardware intricacies, based on ambiguous or incomplete documentation , to determine how to operate a device. Then, assembly-level operations need to be used to interact with the device. These low-level operations make the device driver fairly unreadable and prevent safety properties from being checked. This paper presents a language, named Devil, dedicated to deening the functional interface of a device. More precisely, Devil aims at specifying the access mechanisms, the type and layout of data, and behavioral properties involved in operating a device. The beneet of our approach is that, once compiled, a Devil description implements an interface which models an idealized device and abstracts the hardware intricacies. Unlike a general-purpose language, Devil allows a description to be thoroughly veriied; this veriication greatly improves the safety of the communications with the device. The design of Devil is based on key concepts we identiied in analyzing the domain of device drivers. Our language has been used to specify a large number of PC devices including Ethernet, video, sound, interrupt, DMA and mouse controllers. Vers des pilotes de priphhrique vriiables : une approche fondde sur les langages dddiis RRsumm : Pour suivre la cadence eerrnne laquelle les priphhriques sortent sur le marchh, les pilotes de priphhrique doivent tre produits de plus en plus rapidement. Pourtant, peu de progrrs ont tt faits pour ammliorer leur ddveloppement. Pour crire un pilote, il faut trop souvent commencer par comprendre le fonctionnement du priphhrique, en ddchiirant tant bien que mal une documentation ambiguu ou incompllte. Ensuite, pour interagir avec le priphhrique, il faut recourir un style de programmation proche de l'assembleur. Ces oprations bas-niveau rendent le pilote assez illisible et ne permettent pas de vriier des propriitts de ssrett. Cet article prrsente un langage nommm Devil, dont le but est de dddnir l'interface fonctionnelle d'un priphhrique. Plus prrcissment, Devil vise spciier les mmcanismes d'acccs aux donnnes, leur type et leur disposition, ainsi que des propriitts comportementales reliant ces donnnes au fonctionnement du priphhrique. L'avantage de notre approche est qu'une fois que la description Devil d'un priphhrique a tt compille, la complexitt du priphhrique disparaat derriire une interface abstraite et iddalisse. Contrairement aux oprations bas-niveau d'un langage ggnnraliste comme C, une description crite en …

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Towards Verifiable Device Drivers: an Approach Based on Domain-specific Languages Fabrice Mérillon Laurent Réveillère Charles Consel Robin Hansen Renaud Marlet

Although peripheral devices come out at a frantic pace and require fast releases of drivers, little progress has been made to improve the development of drivers. Too often, this development consists of decoding hardware intricacies, based on ambiguous or incomplete documentation , to determine how to operate a device. Then, assembly-level operations need to be used to interact with the device. ...

متن کامل

Domain-Specific Languages: From Design to Implementation Application to Video Device Drivers Generation

Domain-specific languages (DSL) have many potential advantages in terms of software engineering ranging from increased productivity to the application of formal methods. Although they have been used in practice for decades, there has been little study of methodology or implementation tools for the DSL approach. In this paper we present our DSL approach and its application to a realistic domain:...

متن کامل

A Domain-Specific Language for Device Drivers

Device drivers have been noted as a major source of faults in operating system code [2]. Largely for efficiency, device drivers and other systems code have historically been written in low-level languages like C. Unfortunately, these languages do not provide the type safety and robustness one would expect in critical systems code. Work has been done to augment the type safety of low-level langu...

متن کامل

A Domain Specific Language for Video Device Drivers: From Design to Implementation

Domain-speci c languages (DSL) have many potential advantages in terms of software engineering ranging from increased productivity to the application of formal methods. Although they have been used in practice for decades, there has been little study of methodology or implementation tools for the DSL approach. In this paper we present our DSL approach and its application to a realistic applicat...

متن کامل

Analysis of "the Vittues of Ignorance" from Julia Driver’s Viewpoint

With an emphasis on Julia Driver’s ideas about virtue, this paper intends to illustrate an approach on virtues that despite of accepting general frameworks, it attempts to weaken the genuine role of knowledge in Aristotelian ethics and defines and justifies some important virtues based on ignorance and unawareness. The virtues in his view include modesty, trust, forgiveness, spontaneous courage...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 1999