"This paper gives a short overview of the architecture of the
distributed real-time system MARS (MAintainable Real-Time System) and
describes the design and implementation of its operating system. The
main purpose of the MARS kernel is to achieve a timely execution of hard
real-time tasks and to provide an efficient communication mechanism
suitable for distributed real-time systems."
Their current work is at ti.tuwien.ac.at
On 31/08/14 12:26 AM, Douglas Ray wrote:
On 30/08/14 9:26 AM, Rohan McLeod wrote:
I thought the following tale in which Linux turned out to be the
might be of amusement.
In a conversation with a gentleman at the Nicta "TechShowCsae2014"
he was explaining his group's interest in secure and bug-free software;
in the context of 'mission-critical' applications; particularly OS's.
I thought 'mission-critical' had something to do with the military and
but it turned out they are primarily looking at
the OS's in vehicles and
Apparently there have been recent cases of the "OS's' of cars being
via the wireless immobilizing system and the brakes etc. being operated
Regardless; the story seemed to be that as aircraft move from
mechanical to electrical
control and from there to fly-by-wire and then fly-by-fiber networks;
(removing hundreds of kilo-meters of fire prone complex, heavy wiring in
a huge requirement for secure and bug-free OS's arose.
Since sequential bug removal is not a practical option :-)
What he seemed to be claiming was his group had written a RT OS in C;
and then compiled it for ARM processors.
Where things seemed to become interesting was
1/ the C code was apparently subject to some kind of mathematical analysis
which 'somehow' checked the code's logical integrity against the
(Is this possible ?)
I don't know when the "real time" paradigm changed, but I remember
in the 80s real-time OS research focused on verifiable time
constraints rather than "do everything as fast as possible".
To specify, analyse and verify a RT OS requires a model and
then implementing the test points and synchronisation mechanisms.
Establishing models and test methodologies was where RT research was
at that time. I came across something called "MARS" in from
Technische Uni, Vienna - one of their postgrads gave a talk at my
uni, '88 or '89.
The incongruity is that a verifiably RT OS is necessarily slower than
an unverifiable "as fast as possible, please" coding strategy.
You can ensure deadlocks do not happen, and that time-critical events
But if you need peak performance - what used to be called RT - you
do not want a verifiably RT OS.
2/ the machine code from the compiler was then
checked against the
- I have no idea what this means !;
Wikipedia: "Formal Verification"
anyway the assumption is that the compiler
may introduce bugs,
Apparently the resulting RT OS has very little functionality, which is
by supplying that functionality via Linux VM's
Anyway to get to the end of the tale; where Linux turned out to be the
insecure element !;
they are employing 'Red-Teams' (Tiger-teams ?) of hackers to 'crack' the
This is not just pie-in-the sky stuff either; they had a quad-copter
with such an add-on OS;
as proof of concept.
Apparently the OS is available as open-source and binary for ARM and x86
but not in the above secure form at:
regards Rohan McLeod
luv-talk mailing list
luv-talk mailing list