This paper studies the task scheduler in a widely used embeddedμC/OS-Ⅲkernel. After selecting core parts from the scheduler,it specifies the properties of the scheduler formally. Based on the separation logic and SCAP,it builds a verification framework including a machine model,operational semantics,assertion languages,and inference rules. In the framework,assertions specifying system data structures and properties are defined,and system code is able to be reasoned about modularly. Finally, the properties of the task scheduler in μC/OS-Ⅲ are formally proved, and the entire proof provided by the work are machine checkable.%以μC/OS-Ⅲ内核中的任务调度器为研究对象,选取调度相关的核心代码,验证调度器代码满足优先调度最高优先级任务的性质。基于分离逻辑与SCAP验证理论,利用Coq辅助证明工具,通过定义机器模型、操作语义、逻辑断言以及推导规则构建验证框架。在验证框架中,定义内核数据结构和内核相关性质的逻辑描述,模块化地对内核代码进行推理。验证结果表明,μC/OS-Ⅲ任务调度器满足可靠性要求,并且可以通过机器的自动检查。
展开▼
