

# Report for Phase 3 2001-2003



UPPSALA UNIVERSITY





## **ASTEC: Advanced Software Technology**

## Report for the Third International Evaluation (covering the period 2001 – 2003)

## Introduction

This document reports on the activities of the competence centre Advanced Software Technology (ASTEC) during the period 2001-2003, in preparation for its Third International Evaluation on September 8 and 9, 2003. The structure of the document follows the <u>guidelines</u> given by VINNOVA. Up-to-date information about current activities of ASTEC can be found on the WWW page <u>http://www.astec.uu.se/</u>.

## Contents

- Executive Summary
- Basic Facts
- A. Technical Results and Scientific Outputs
  - A.1. Research Programme
  - A.2. Technical and Scientific Achievements
  - A.3. Scientific Papers
  - A.4. Examinations
  - A.5.Education and Training
- B. Standing of the Competence Center in an International and National Context
  - B.1. Progress of the Centre in Relation to its Long-Term Goals
  - B.2. International and National Collaboration
  - B.3. Core Competences and Critical Mass
  - B.4. Role and Impact of the Centre within the University
  - B.5. Future Plans and Strategies
- C. Industrial Benefits, Technology Transfer, Impact to the Industrial Partners
  - C.1. Industrial Involvement and Interaction
  - C.2. Ways to Facilitate Industrial Implementation
  - C.3. Commercialisation and Technology Transfer
  - C.4. Success Stories
  - C.5. Impact on the Industrial Partners
- D. Future Plans and Strategies
- <u>Appendices</u>
  - 1. ASTEC Business ratios 1995-2002
  - 2. Partners
  - 3. Research staff 1995-2003
  - 4. Financial report
    - Account for income, budget and economic result for 2001-2003 as (PDF)
  - 5. Industrial partners statements
  - 6. Projects
  - 7. Publications
  - 8. ASTEC scientific advisors report 2003 as pdf
  - 9. Evaluation report 00-09-28 as pdf
  - 10. <u>Curricula vitae for Directors of ASTEC Bengt Jonsson and Konstantios</u> <u>Sagonas</u>

## **Executive Summary**

ASTEC (Advanced Software Technology) is a competence centre which focuses on advanced tools and techniques for software development. Development of software accounts for a significant part of the costs in the construction of a number of important products, such as communication systems, transportation and process control systems, of Swedish industry. It is thus a vital interest to be able to produce better software at lower cost. One of the means to achieve this is to improve the tools and techniques used for software development. ASTECs vision is that, wherever possible, software should be developed using high-level specification and programming languages, supported by powerful automated tools that assist in specification, analysis, validation, simulation, and compilation. The purpose of ASTEC is to conduct pre-competitive and industrially applicable research that contributes to this vision, to build up and offer a concentrated research environment in the software technology area, and to be a forum for contacts and exchange of ideas between academia and industry.

ASTEC has been formed as a consortium of academic partners with strong research programs in different areas of software technologies, and of companies which either have a substantial software production or produce tools for software development. During its first two years, ASTEC conducted projects where techniques from academia were applied to problems in industry, resulting in the creation of a network of contacts between academia and industry. In its second phase, guided by a strategic plan, a research environment with critical mass and a clear profile and competence on highest international level in key strategic areas has been built. In the current phase, ASTEC has focussed on technology transfer of sufficiently mature projects, and on developing tools that can solve significant industrial development problems.

Currently, ASTEC has developed into a focussed and distinct research unit, having a broad contact area with a number of companies. It is a natural forum for collaboration, discussions, and new contacts in the software technology area. Some of the main results of ASTEC work can be summarized as follows.

- ASTEC has consolidated its critical mass and competence on highest international level in key strategic areas. The production of interesting and recognized research results has continued. A sign of recognition is that centre groups participate in an increasing number of European collaboration projects.
- The number of industrial partners of ASTEC has been steadily increasing. Results from ASTEC work have been transferred and are used in industry. Some of the technology development in ASTEC has been transferred into industrial products, which are currently supported by ASTEC groups. The academic-industrial collaboration has given ASTEC research very valuable access to industrial software for experimentation, evaluation, and code development, as well as a rich source of interesting research problems.
- The production of Ph.D., Lic., and M.Sc. graduates has continued. The centre contributes courses to national and local graduate and undergraduate education. Several tools produced in ASTEC work are used in graduate and undergraduate education, both locally, nationally, and internationally.

In the next phase, ASTEC intends to consolidate its work from the industrial and application perspective, as well as investigate interesting new concepts in software technology. Mature tools will continue to be developed, prototype tools should become industrially usable and integrated, and projects that are still preliminary should use industrial examples as a major focus. ASTEC will also promote the industrial uptake of techniques that it has developed.

The existing developed tools will also serve as a basis for continued investigation of new interesting concepts in software technology. Greater interaction between other researchers in Europe working on similar topics or projects is strongly desirable. ASTEC researchers will continue the trend of increasing participation in European collaboration activities.

ASTEC will continue its development of upper-level undergraduate courses, and also further develop the role of ASTEC tools for educational purposes.

## **Basic Facts**

ASTEC is formed as a consortium of the following academic and industrial partners.

- Research groups at *Uppsala University*, the *Swedish Institute of Computer Science* (SICS), and *Mälardalen University*, working mainly on formal methods, functional, logic and constraint programming languages, compilation, and on embedded, distributed, and real-time systems, together with
- companies with a substantial software production and thus a large interest in software development: *ABB Ltd, Cross Country Systems AB, Ericsson AB, ESAB Welding Equipment AB, T-mobile Inc, Validation AB,* and *Volvo Technological Development Corporation,* and companies that produce tools for software development: *IAR Systems AB, Mobile Arts AB, OSE Systems AB, Prover Technology AB, Telelogic Sverige AB, Virtutech AB* and *Volcano Communication Technologies AB.*

Further details about the partners, about accounting, economic details, and staff are given in Appendix 1-4. A notable figure is that since 1995 the number of companies has grown from 6 to 14 which corresponds to adding one company per year.

#### Management

The management of ASTEC is structured as follows:

- Within Uppsala University, ASTEC is a separate financial unit, hosted by the Department of Information Technology. All personnel involved in ASTEC are employed by the participating institutions and companies.
- ASTEC Activities are controlled by a board, whose ordinary members are currently Bjarne Däcker (Chairman), Martin Eriksson (Validation AB), Catrin Hansson-Granbom (Ericsson AB), Olle Landström (IAR Systems AB), Jan Lindblad (OSE Systems AB), Erik Hagersten (Uppsala University), and Björn Lisper (KTH/Mälardalens högskola).
- Daily management is performed by the director, Bengt Jonsson, the assisting director, Konstantinos Sagonas, the administrative research coordinator Roland Grönroos, and the respective project coordinators. The directors and project coordinators have regular monthly meetings.
- Area coordinators for each technical area are responsible for strategic project planning and for planning seminars. Longer-term project planning and progress is supervised by the Scientific Advisory board, consisting of Neil Jones, Bernhard Steffen, and Neeraj Suri, which conducts yearly internal reviews.
- All funding decisions are taken by the board. The board follows activities through project reports every 6 months, and contributes to ensuring the industrial relevance of ASTEC work.

The scientific work in ASTEC is carried out in cooperation between the participating research groups, both in industry and academia. There are many informal links, discussions, and technical links between projects within ASTEC. Formal components in this cooperation are the *ASTEC seminar series*, which typically meets twice a month, and regularly organized *program area seminars*. Two-day workshops for the entire ASTEC are conducted annually. The last ones have been conducted at Sätra Brunn in 1997, at Skokloster in 1999, at Fagerudd in 2000 and 2002, at Bergby gård in 2001, and at Oscar II in Uppsala in 2003.

## A. Technical Results and Scientific Outputs

## A.1. Research Programme

The research activities of ASTEC are structured into *programme areas*, which focus the efforts from several projects and are responsible for a wider dissemination of the conclusions, conducting seminars or specialised courses as deemed necessary. The areas are interrelated in that progress in one area is influenced and often driven by the state of the art in the others.

Each program area is either an *application* area, which provides problems to drive the research, or a *technical* area in which techniques, tools, and methods are developed. A particular project can very well span over several of these areas, and typically belongs in at least one technical area and one application area.

The application areas are:

- Software for data- and telecommunication systems, with requirements on mobility, high distribution, massive concurrency, and code replacement without disruption of the continuous operation of the system.
- **Software for embedded applications**, including safety-critical software, often deployed on a distributed network.

The technical areas are

- Validation and verification is concerned with high-level notations for expressing requirements and design specifications, together with tools and (formal) methods for analysis of specifications for the purposes of verification, validation, test generation, and tracing of requirements.
- **Programming language implementation and compilation** is concerned with the implementation and use of high-level (concurrent) programming languages, together with the development of compilation technology for (time- or space-) efficient program execution and code generation for different architectures.
- Real-time, embedded, and distributed systems is an area concerned with features specific to software development for real-time, embedded, or distributed systems, such as predictability, timeliness, scheduling, and distribution.

The application areas and technical areas form a  $2^{*3}$  matrix. which is used to structure projects. Table 1 shows acronyms of the projects that have been conducted during 2000 - 2003.

|                                           | Validation and<br>Verification                            | Programming<br>Languages and<br>Compilation | Real-Time<br>Distributed<br>Systems       |  |
|-------------------------------------------|-----------------------------------------------------------|---------------------------------------------|-------------------------------------------|--|
| Data- and<br>Telecommunication<br>Systems | BUS EnVer<br>SA SMC<br>Testing<br>Remodeling              | HiPE<br>Failure Analysis<br>SA              | BUS<br>HiPE<br>Remodeling                 |  |
| Embedded<br>Applications                  | Auto BUS<br>SAAPP<br>Software synthesis<br>SMC<br>Testing | WCET<br>WPO                                 | Auto<br>Software synthesis<br>TAS<br>WCET |  |

Table 1. ASTEC projects per programme area during 2000 - 2003.

At the time of the previous evalution, in year 2000, the following projects were conducted.

- Auto: A design methodology for embedded real-time systems
- BUS: Modeling and analysis of a bus protocol
- ErlVer: A Verification Method for Erlang
- HiPE: High Performance Erlang
- SA: Analysis of types and process topology for static debugging
- SMC: Symbolic Model Checking
- Testing: Automated Testing
- WCET: Calculation of Worst-Case Execution Times

• WPO: Whole-Program Optimization in Compilers for Embedded

Of these, the projects Auto, BUS, and SA were completed at the end of year 2000. The project ErIVer was completed in the summer of 2001. The projects HiPE, SMC, Testing, WCET, and WPO are still ongoing.

During the current period (2001-2003), the following projects have been initiated

- Failure Analysis: Static analysis of recovery propertes of Erlang applications
- Remodeling: Reverse engineering of industrial real-time applications
- SAAPP: Simulator-Aided Analysis of Parallel Processes
- Software Synthesis Guaranteeing Timing Constraints
- TAS: Time-Accurate Simulation

Of these, **Failure Analysis** and **TAS** have concluded, while the remaining ones (**Remodeling**, **SAAPP**, and **Software Synthesis**) will continue into the next phase of ASTEC. In addition, the umbrella **CODER**: Cluster on Distributed Embedded Real-Time Systems, encompassing the **TAS**, **WCET**, and **WPO** projects, has been formed in 2001.

Short descriptions for each project can be found in Appendix 6.

## A.2. Technical and Scientific Achievements

The presentation of the achievements are structured according to area. We first consider the two application areas followed by the three technical areas.

#### **Application Areas**

#### A.2.1. Software for Data- and Telecommunication Systems

ASTEC's vision is that development of communications software should be conducted, not by large organisations employing heavy and often old-fashioned software development processes, but by small, well-qualified teams working with powerful development tools that enable them to quickly turn an innovative idea into a products. This means that the tools should preferably embody solutions to typical requirements for these systems, including reliability, massive concurrency, ability to update systems with new functionality while in operation *etc*.

In this respect, an ASTEC project has been actively involved in the development of the *Erlang* programming language and several projects have centered around applications written in Erlang. Erlang is a concurrent functional programming language designed by Ericsson to ease the development of large-scale, distributed, soft real-time applications. Erlang has thus far been used quite successfully in the telecommunication industry, both within Ericsson Telecom, where it was designed and developed, and by other companies (both within Sweden and internationally). Examples of product whose software is written in Erlang are scalable ATM switching systems, ADSL delivery systems, next-generation call centers, scalable internet servers, mail robustifiers *etc.* ASTEC's involvement in the context of Erlang has spanned various aspects of Erlang's design, implementation, and use:

- at the level of programming language design, two significant extensions of the Erlang language (a package system and a parameterized module system) have been designed and implemented in the context of the **HiPE** (High Performance Erlang) project;
- at the level of the efficient implementation of the language, the HiPE native code compiler and a shared heap runtime system architecture have been developed and fully incorporated within the Erlang/OTP (Open Telecom Platform) system;
- at the level of enhancing the robustness and safety of applications, tools that aid the verification and testing of applications written in Erlang have been developed in the context of the ASTEC projects **ErlVer** (Erlang Verification), **Failure Analysis**, and **Testing**.

We describe these software tools below.

The major goal of the **HiPE** project has been to improve the performance characteristics of Erlang applications through better implementations of the language. In the previous period of ASTEC, the main means to achieve this goal was through the development of a native code compiler for Erlang. A native code compiler with a SPARC back-end was developed and open-source released as an autonomous system, called the *HiPE system* in March 2000.

Aiming to achieve more impact on the Erlang community, during the current period of ASTEC, the major goal of the **HiPE** project has been the full incorporation and integration of the HiPE native code compiler in the Erlang/OTP system from Ericsson (which is the most commonly used implementation Erlang, and certainly the only system used in commercial applications). This goal is now fully accomplished. It has been achieved in three steps:

- 1. First, HiPE was ported to the then latest Erlang/OTP implementation (Release 7B-1). This step was completed in February 2001.
- 2. Since then, a much closer co-operation between the HiPE team and the Erlang/OTP team from Ericsson was established through common day-long meetings every 2-3 months, and a very frequent exchange of code snapshots (almost every night). This co-operation has resulted in incorporating HiPE into the main branch of the Erlang/OTP development and the HiPE compiler was finally released as part of the open source Erlang/OTP R8B (October 2001).
- 3. Finally, since experience from using HiPE compiler in the Erlang user community was positive, a decision was made to have HiPE as a fully integrated and supported component in Erlang/OTP R9B (October 2002) and R9C (August 2003). This refers to both the open source and commercial versions of Erlang/OTP.

In addition to porting the HiPE compiler in Erlang/OTP, a sub-project within the **HiPE** project developed an alternative runtime system architecture for the Erlang/OTP system. Its main characteristic is the use of a shared heap space for all Erlang processes, which enables inter-process communication to occur with significantly less costs. This work, which is fully described in a Section A.2.4 of this report, is nowadays also fully integrated within the Erlang/OTP system (starting with R9B). More information can be found at <u>Erlang/OTP's homepage.</u>

The HiPE compiler improves the performance of Erlang applications from a few percent up to an order of magnitude. Furthermore, significant space improvements (e.g. an order of magnitude reduction) from uses of the shared heap runtime system architecture can often be observed in large, highly concurrent Erlang applications (e.g. in the *NETSim* product from Ericsson). Feedback from users of features of Erlang/OTP developed in the context of the **HiPE** project is quite positive. As a concrete example, in 2003, another company, T-Mobile, joined ASTEC as a new industrial partner and became the second industrial partner of the **HiPE** project (the first being Ericsson).

Software for telecommunication systems often possesses certain characteristics, such as massive and dynamic concurrency and on-line updating of software, that prohibit the use of fully automatic verification techniques. To permit verification of such software programmed in Erlang a major effort has been undertaken in the **ErlVer** project, which was conducted mainly in the previous period of ASTEC and concluded during 2001. A significant part of the work is described in the Ph.D. Thesis of Lars-åke Fredlund (Sept. 2001). An operational semantics for Erlang has been developed, with a property specification language and a novel proof system for compositional and inductive reasoning. To support verification, a proof assistant with a state-of-the-art graphical user interface and considerable support for proof automation is available: the Erlang Verification Tool (EVT). The feasibility of the method has been illustrated in case studies such as, e.g., the verification of a core part of the Mnesia distributed database system which is part of the standard Erlang distribution. As a side effect of the Erlang verification effort, two patent applications at Ericsson's Computer Science Laboratory were indirectly stimulated.

The EVT tool is rather ambitious, in that it allows to verify arbitrary properties of the

behavior of an Erlang program, which could be expressed in a general property language. As a consequence, it is difficult to obtain automatic proofs for properties of programs of significant size. A comment of the previous ASTEC evaluation was to "adopt more realistic goals". In response, in the current period, 2001–2003, two new – and smaller – ASTEC projects have been initiated aiming at the automated validation and testing of certain characteristics of typical applications written Erlang.

More specifically, the **Failure analysis** project differs from the **ErlVer** project in that its purpose is to develop a tool which focuses on analyzing only the failure behavior of a telecom application, but which in return is able to do so fully automatically on applications of significant size. The techniques developed in the context of this project analyze what is the effect of a process failure on the overall system and how the system can recover from such a failure. These techniques crucially assume (and also check) that the programmer has used the built-in support for failure recovery that is provided by the Erlang/OTP platform. The tool has been evaluated on several parts of the software in the AXD 301 switch.

Another automated tool for analyzing the behaviour of telecom applications written Erlang is currently being developed in the **Testing** project in collaboration with the company MobileArts. The tool allows the automatic generation of test sequences for telecom protocols. The generation considers both control and data aspects of the protocol; data parameters are handled symbolically. The tool assumes that the protocol to be tested is specified as a state machine, and generates a test suite. The tool is currently applied to a product under development within MobileArts, for which it is possible to achieve a very high degree of coverage.

#### A.2.2. Software for Embedded Applications

A lot of effort is currently devoted to developing and formalizing a complete methodology for building software in embedded systems, for instance within the automotive industry. Such a methodology should cover the entire chain from requirements to running code on a specific target platform. Systems are often assembled from parts delivered by subcontractors, and requirements on resource consumption are often very stringent. Challenging research problems include development of notations for requirements, techniques for system modeling and for analyzing whether a component or a collection of components conforms to requirements, techniques for mapping a design onto a distributed target architecture, and for generating code which satisfies requirements on memory, power and timing consumption.

Since its start, ASTEC has addressed several of these research challenges in case studies, technical research work, and tool development. A focus during 2001-2003 has been the development of tools that address larger chunks in the development chain by combining solutions to several related problems. Two major efforts in this area are the TIMES tool, which combines modeling, schedulability analysis, schedule synthesis, and code synthesis, and the development of an integrated tool for calculating the WCET (Worst-Case Execution Time) of embedded programs.

TIMES is a tool for Modeling and Implementation of Embedded Systems, which supports modelling, simulation, verification, schedulability analysis, synthesis of (optimal) schedules and executable code. It is appropriate for systems that can be described as a set of tasks which are triggered periodically or sporadically by time or external events. Currently TIMES supports code generation for the LegoOS platform. A system model consists of three parts: a control part represented as a network of timed automata extended with tasks, parameters of the triggered tasks, and a scheduling policy. The unique feature of TIMES is that it supports a more general process model (timed automata) than usual in classic scheduling theory, where processes are usually assumed to be periodic. The schedulability analysis then avoids overly pessimistic results, made possible by exploiting recent advances in verification of timed systems, as embodied in UPPAAL. A description of technical advances is contained in Section A.2.3. The TIMES tool received the Best tool award at the ETAPS conferences in April 2002.

The **WCET** project has, by June 2003, produced an end-to-end prototype tool that takes a C program as input and automatically generates a WCET estimate for the program. The aim is to make the WCET calculation (almost) fully automatic, thus relieving the programmer from the burden of current practice to annotate the program with flow information, and to measure (by testing or simulation) the execution time of individual code segments.

The prototype tool integrates solutions to all parts of the WCET problem puzzle: it compiles the program and generates a representation of its structure, it makes a semantic analysis of the program code and generates flow information that states how many times each part may be executed, it analyzes the effects of low-level processor features, such as caches and pipelines, and finally it combines all the information to calculate the actual WCET of the program. The tool is built on the modular tool architecture developed within the WCET project for combining modules that solve each particular subproblem into an end-to-end tool. In Section A.2.5, we describe how research performed within ASTEC has contributed to addressing each of these technical problems.

The quality of the results generated by the WCET tool are very competitive. For the classes of processor addressed by the pipeline analysis, very tight results have been demonstrated. The flow analysis gives good flow information for simple programs, and is continually being extended to handle greater parts of the C language. Thanks to working within a compiler, very powerful analyses are possible which are much harder for an approach that starts from the object code.

An industrial case study has been performed together with Enea OSE to assess the real-life usefulness of a WCET tool. The results indicated that there were significant benefits to be obtained from such a tool. The case study also indicated several practical details that need to be solved in order to produce a generally useful WCET tool. The work on gathering industrial requirements for WCET tools, which started with a questionnaire and interview survey in 1997, has been continued at the European level within the ARTIST iniative.

In cooperation with CC Systems, the **TAS** (Time-Accurate Simulation) project has (in a series of M.Sc. theses) developed techniques to simulate distributed real-time systems in real time, in order to allow efficient testing and debugging on a regular PC. They have been proven by use in industrial pilot studies together with customers of CC-Systems, and are being used today at CC-Systems to develop new embedded control systems. TAS is a good example of how the university world can help small companies adopt and develop simple but powerful ideas into techniques that confer concrete competitive advantages.

Timing properties are also central for the **Remodeling** project, conducted in cooperation with ABB Robotics, but this project has a different goal, namely to develop techniques to recover the structure of old, complex, real-time software, in order to allow easier maintenance and addition of new functionality, also by third parties. The project uses measurements to generate a model of an existing system that covers resource usage of programs, such as timing properties, memory consumption, and performance properties.

#### **Technical Areas**

#### A.2.3. Validation and Verification Technology

The area considers methods and tools for specifying and analysing properties of the behavior of systems and system components. The emphasis is on formal approaches to requirement and design specification, and on methods and tools for establishing adherence of systems to their specifications.

During 1999-2000, several industrial case studies were carried out, in which industrial protocols and distributed software systems were verified using existing verification tools, such as UPPAAL. Verification is carried out on a *model* of the system, the creation of which is a significant effort. It is not reasonable to expect that industrial software development develops both a software system and a model of it as separate activities.

Moreover, it is a challenge to develop executable code from such models with predictable timing behaviours. Main research issues include schedulability analysis and schedule synthesis. The **Software Synthesis** project was created in 2000 to develop the TIMES tool, which is designed for schedulability analysis and generation of executable code with predictable timing behaviour from design models that can be analyzed by UPPAAL. The TIMES tool is based on UPPAAL, but also incorporates our recent results on schedulability analysis.

In classic scheduling theory, real time tasks (processes) are usually assumed to be periodic, i.e. tasks arrive (and will be computed) with fixed rates periodically. Analysis based on such a model of computation often yields pessimistic results. To relax the stringent constraints on task arrival times, we have proposed to use automata with timing constraints to model task arrival patterns. This yields a generic task model for real time systems. The model is expressive enough to describe concurrency and synchronization, and real time tasks which may be periodic, sporadic, preemptive or non-preemptive, as well as precedence and resource constraints. We believe that the model may serve as a bridge between scheduling theory and automata-theoretic approaches to system modeling and analysis. The standard notion of schedulability is naturally generalized to automata. An automaton is schedulable if there exists a scheduling strategy such that all possible sequences of events accepted by the automaton are schedulable in the sense that all associated tasks can be computed within their deadlines. It has been shown that the optimal schedulability checking problem for such models is decidable and for fixed priority scheduling strategy, the problem can be efficiently solved by reachability analysis on timed automata using only 2 extra clock variables. The analysis can be done in a similar manner to response time analysis in classic Rate-Monotonic Scheduling.

The TIMES tool can be downloaded at <u>www.timestool.com</u>. (It is freely available for research and educational purposes.) It provides a graphical interface for editing and simulation, an engine for schedulability analysis, and a compiler. Given a system design model consisting of

- a set of application tasks whose executions may be required to meet mixed timing, precedence, and resource constraints,
- a network of timed automata describing the task arrival patterns, and
- a preemptive or non-preemptive scheduling policy,

TIMES will generate a scheduler, and calculate the worst case response times for the tasks. The design model may be further validated using a model checker (e.g. UPPAAL) and then compiled to executable C-code using the compiler.

The **Testing** project, which started in the previous period, has in the last years focused on model-based test generation, i.e., automated generation of test suites from a formal design model. The work extends existing techniques for finite-state models in two directions.

- Automated generation of *real-time* tests, which check also quantitative delays) from timed automata specifications, is developed in collaboration with Aalborg University. The generation is guided by supplying test purposes and/or a coverage criterion. Several different coverage criteria are supported. A distinctive feature of our techniques is that for a given test purpose and coverage criterion, a time-optimal (i.e., taking shortest time) test suite can be generated by using an existing extension of UPPAAL to generate optimal test executions.
- Automated generation of tests that consider data parameters using *symbolic* techniques is developed in collaboration with MobileArts AB. Tests are generated from finite state machines extended with boolean data variables. The implementation work has been able to capitalize on other tools developed in the Erlang work of ASTEC. Currently, a protype tool and an evaluation case study are under development.

In the previous period, techniques for translating formal specifications into so-called *test oracles*, i.e., programs that observe the specified system during testing and report when requirements are violated, were developed in a case study in collaboration with Volvo

Technical Development AB. This work has been continued by connecting this generation to the Simulink environment, thus making the oracle generation facility usable by embedded systems engineers.

During 2002 – 2003, the **SMC** project in collaboration with Prover Technology AB has, based on the Prover Plug-in implementation of Stålmarck's algorithm, which in 2000 generated the tool FixIt, focussed on extending the design tool Esterel Scade with the Prover Plug-In to automatically perform fault tree analysis, a wide-spread method for finding minimal combinations of failures of components leading to a failure of the whole system. This allows designers to verify, for example, that it takes at least three components to fail simultaneously to cause the system to become unsafe. The automatic verification is done by repeatedly calling the Prover model-checker. Our implementation extends the Prover Plug-In model checker, We are still improving the tool, which already proved capable of analysing relatively large examples provided by ONERA CERT, Saab AB, and Airbus.

The new **SAAPP** (Simulator-Aided Analysis of Parallel Processes) project develops techniques for analyzing concurrency properties such as data races of programs. To allow analysis of low-level programs, including operating systems and their interaction with user programs, we use and extend the commercially successful instruction-level simulator SIMICS, developed by the industrial partner Virtutech AB. The advantages of SIMICS are that programs run unmodified, and that analysis is done non-intrusively without introducing "probe effects", which are common in earlier approaches which use code instrumentation. We can thus avoid the general problem of abstraction in approaches based on analysis of specifications rather than actual programs. Since SIMICS analyzes programs at a low level of abstraction (essentially machine instructions), techniques must be developed for recovering the process structure of a program, and for detecting the dependencies between processes, communication objects such as locks, semaphores, and shared variables at runtime rather than by using specially instrumented libraries.

#### A.2.4. Programming Language Implementation and Compilation

The area is concerned with the implementation and use of high-level programming languages, together with the development of system software tools such as compilers and program analyzers that enable (time- or space-) efficient execution of programs written in these languages. Activities that also fit in this technical area include compilation techniques tailored to the characteristics of different computer architectures; in particular, compilation techniques for embedded processors.

The biggest project in this area is the **HiPE** project, which focusses on the concurrent functional language Erlang. As mentioned in Section A.2.1, in this period, the project achieved one of its main goals which has been the incorporation of the HiPE native code compiler into the main development and distribution branch of the Erlang/OTP system from Ericsson. The HiPE compiler is an efficient native code compiler for Erlang programs incorporating many optimizations which have been proven successful in the context of functional programming languages. In addition, many other compiler techniques have been adjusted and sometimes developed taking the characteristics of Erlang into account. These include support for concurrency, communication, distribution, fault-tolerance, on-the-fly code reloading, automatic memory management, and preservation of tail-recursion in the context of a mixed mode (i.e., interpreted and native code) execution. In addition, research and development effort was spent in the following directions:

• Initially, the HiPE compiler only generated SPARC code. During this period, a back-end of HiPE for the Intel x86 architecture was designed and developed. A lot of effort was put so that this port reached the level of maturity and robustness that is expected from an industrial-strength compiler which is typically used to develop telecom applications. Results show that the resulting system, HiPE/x86, is significantly faster than the interpreted implementation of Erlang, and achieves speedups comparable to and sometimes better than those of the more mature HiPE/SPARC compiler. This compiler is also included in the Erlang/OTP system and is actively used by the Erlang community.

- The project has investigated compilation techniques for fast, on-the-fly compilation of bytecode into native code (i.e., *just-in-time compilation*). In particular, extensions and improvements to the *linear scan register allocation algorithm* were proposed and experimentally evaluated. For the first time, the quality of allocation obtained by linear scan was measured in the context of a register-poor architecture such as the x86.
- Alternative runtime system architectures for highly concurrent languages were proposed, implemented, and experimentally evaluated. As mentioned in Section A.2.1, one of them, called *shared heap architecture*, is already part of the Erlang/OTP system. For another one, called *hybrid architecture*, a novel static analysis was designed, called *message analysis* that discovers statically the intended use of data (and tracks the program points of their creation) in order to guide the memory allocator.
- Important and useful extensions of the Erlang programming language were designed and developed. In particular, a structured module system (i.e., a *package system* for Erlang) was developed, which has already made it into the Erlang/OTP system and is actively used by many Erlang application programmers. A proposal for a *parameterized module system* has also recently (June 2003) been completed, and work is underway to also include this extension into Erlang/OTP.

The **WPO** (Whole Program Optimization) project develops compiler optimization techniques for embedded systems. The project has thus far primarily focused on two characteristics of embedded systems:

- 1. in embedded systems, memory is an expensive and sometimes limited resource, and thus it is desirable to find techniques that lower the hardware costs by reducing memory usage, and
- architectures for embedded systems are often irregular; sometimes this can be handled by careful redesign of existing algorithms, and sometimes development of new compilation techniques is required.

To reduce the code size of embedded programs, algorithms for code compaction through a technique called *procedural abstraction* were developed and implemented in a prototype. In procedural abstraction, the program control flow graph is scanned for semantically equivalent graph fragments, which are then factored out into a new procedure. The project has investigated the effectiveness and advantages of applying procedural abstraction at the level of intermediate code (as opposed to applying it at the assembly code level). It was found that doing so provides opportunities for more powerful code compaction by e.g., not interfering or be negatively influenced by the effects of register allocation or of other compiler optimization steps.

Embedded systems often have irregular memory architectures; i.e., different memory areas which differ in access time and size. A technique for static allocation of global data to memory areas was developed and benchmarked. The algorithm tries to allocate data so that frequently accessed variables reside in fast memory, and frequently used pointers and pointer expressions are assigned cheap pointer types. Finally, processors used in embedded systems often have an irregular register set; there may for example be register pairs (or other clusters) or non-orthogonal constraints on the operands of certain instructions. We have generalized the standard graph-coloring register allocation to handle such irregularities.

The WCET analysis tool developed within ASTEC contains a flow analysis component. The aim of this analysis is to produce program flow constraints like loop iteration bounds and infeasible path constraints. This information can be used in the subsequent calculation phase to produce a WCET estimate. The analysis can often produce the necessary constraints automatically, without any externally supplied information. The only other WCET tool we know that can do this is the *Bound-T* tool from Space Systems Finland. However, the analysis developed in the context of the **WCET** project places fewer restrictions on the analyzed code to produce useful flow constraints.

The core ideas of the flow analysis were developed in the previous phase of ASTEC and are described in Jan Gustafsson's Ph.D. thesis. The analysis is based on an interval-based

abstract interpretation, operating on the control flow graph of the program just like the classical abstract interpretation by Cousot and Cousot. However, unlike the classical analysis, it works like a symbolic execution. This has consequences for the analysis of loops, where each iteration is analyzed separately rather than approximating the abstract states by widening. This allows for better precision but at the cost of potentially higher time complexity. To curb the complexity, the tool uses *program slicing*. This allows to update only the parts of the abstract states that might change during fixed-point iteration. A syntactical analysis, that screens the code for common, easily-recognized loop patterns with precomputed loop bound formulae, is also under development: the expensive abstract interpretation must then deal only with the remaining, "hard" cases.

The analysis is integrated with the NIC research C compiler also developed within the **WPO** project. It operates on the intermediate code of the compiler, which basically represents the control-flow graph (CFG) of the program after optimizations. This CFG then also represents the program flow in the generated object code, and the flow information is thus valid for WCET calculation for this code. The analysis can handle unstructured code as well as non-recursive function calls. A *pointer analysis* is under implementation and will allow the successful analysis of many programs that manipulate pointers. A first prototype exists and is operational. During the fall of 2003 the tool will be used to evaluate the developed analysis techniques w.r.t. precision and time complexity, for realistic embedded software benchmarks.

#### A.2.5. Real-Time Distributed Systems

This area considers the particular challenges that arise when building embedded real-time and distributed systems. The emphasis is on the needs of software that needs to operate under tight timing constraints and with high requirements for correctness. Analyzing and verifying the timing aspects of a system is the least understood and thus the most difficult part of developing embedded real-time systems. Reliable estimates of computation times are necessary for scheduling and resource allocation, and for analyzing whether a program will meet all deadlines.

The goal of the WCET project is to integrate worst-case execution time (WCET) analysis into a commercial tool for development of embedded systems. The main industrial partners are IAR systems and ENEA Embedded Technology (until recently, OSE Systems). The system and applications are described in Section A.2.2. The WCET project has also produced interesting technical results concerning WCET calculation.

A major problem for WCET calculation is to analyze the program flow to extract information that is not supplied by annotations. This problem was earlier addressed In Jan Gustafsson's Ph.D. thesis. Current work is described in Section A.2.4.

On the hardware side, the timing effect of processor features such as pipelines and caches must be taken into account in order to yield reasonable and safe WCET estimates for a program module. In the Ph.D. thesis of Jakob Engblom, a conceptually simple but powerful technique for analysing the effect of pipelines has been developed. The technique makes it easy to integrate the results of high-level program flow analysis and analysis of cache memories. The technique only depends on having a cycle-accurate simulator for the actual processor available. Hence it can easily be ported to new target architecture, which is very important in the highly fragmented embedded systems processor market. The thesis also contains novel theoretical results, which give criteria under which it is guaranteed that the effects of pipelines are safely taken into account.

The final piece of the WCET puzzle is the combination of the software (program flow) and hardware (pipelines etc.) effects to calculate a WCET estimate. In the Ph.D. thesis of Andreas Ermedahl, several novel and efficient techniques for this step are presented, creating a tool capable of handling complex programs and complex hardware in combination. Three different calculation methods are developed, which trade off speed of calculation against precision of results. In particular, the *clustered calculation method* presented in the thesis combines high precision with high calculation performance, demonstrating excellent scaling for larger programs with many flow facts. This was

previously a potential problem for high-precision constraint-based WCET calculation methods.

#### Some Selected Highlights.

A few of the most interesting achievements in academic research during the period 2001 – 2003 are:

- Results that show how schedulability analysis can be reduced to reachability analysis on timed automata. For fixed priority scheduling, the algorithm uses only 2 extra clock variables (work presented in TACAS'03).
- A detailed description of the pros and cons of different runtime system architectures for concurrent languages and a proposal for a new runtime system architecture (work presented at ISMM'02) on which memory allocation is guided by a novel static analysis called *message analysis* (work presented at SAS'03).
- Fundamental results on execution time analysis for pipelined architectures, described in Jakob Engblom's Ph.D. thesis, and presented at EMSOFT'02.
- Erik Stenman's Ph.D. thesis, titled *Efficient Implementation of Concurrent Languages*, which was conducted in the context of the **HiPE** project, was nominated for the best IT doctoral thesis of 2002 in Sweden.

The following achievements in building tools should be put forward.

- The HiPE native code compiler, which has been fully incorporated into the Erlang/OTP system from Ericsson, and is actively used by the Erlang community.
- An integrated tool for calculating the WCET (Worst-Case Execution Time) of embedded programs with real-time demands.
- The TIMES tool, which received the best tool award at the ETAPS conferences in April 2002.

There are several notable examples of increased involvement of companies in ASTEC, in spite of more difficult economic times.

- A spontaneous cash contribution from T-Mobile, and the subsequent addition of the company as a new (and in fact located outside Sweden!) industrial partner to ASTEC.
- New industrial Ph.D. students have joined ASTEC. There are currently 4 industrial Ph.D. students.

Finally, we would like to mention that

- Uppsala University and its competence centers hosted the NUTEK Competence Center day in 2000.
- A selection of work from ASTEC has been invited and is presented in a special issue of the Springer Verlag journal STTT (Software Tools for Technology Transfer) as an example of establishing a successful co-operation between academia and industry.

## A.3. Scientific Papers

The ASTEC publications can be found in Appendix 7.

## A.4. Examinations

A list of degrees is included at the end of the publication list in Appendix 7.

## A.5. Education and Training

ASTEC has contributed to the development and execution of courses within its areas of interest.

• Upper-level undergraduate and graduate courses have been developed and given on

Testing and Verification, Real-Time Systems, Compiler Techniques, and Theory of Distributed Systems, by senior researchers in ASTEC.

- A national graduate course on modeling and analysis of Real-Time Systems has been developed and conducted, in collaboration with ARTES. A related course has been given to CUGS (The National Computer Graduate School in Computer Science), and to Gävle University.
- ASTEC companies are providing many guest lecturers for undergraduate courses given at Uppsala University and Mälardalen University, which helps in bringing an industrial perspective into university education and are providing students with some impression of the realities of software development practice. For example, senior scientists from Virtutech AB are giving guest lectures on computer architecture, from ENEA are giving guest lectures on software testing, from Prover Technology AB give lectures on formal methods, while scientists from IAR Systems give lectures in Compiler and Real-Time System courses.
- Tools of ASTEC industrial partners, or tools developed in ASTEC projects are used in undergraduate and graduate courses at Uppsala University. For instance, the Simics tool, from Virtutech AB, is used in computer architecture courses. The HiPE, UPPAAL, and TIMES tools are regularly used in undergraduate computer science courses at Uppsala University. The UPPAAL tool is used in undergraduate and graduate courses in a large number of universities world-wide, including Oldenburg University (Germany), Twente University (the Netherlands), IIS (India), University of Pennsylvania (U.S.A.), NUS (Singapore), etc.

The national research programme ARTES which supports research on real-time systems and promotes graduate education, hosted at Uppsala University and funded by SSF (the Swedish Foundation for Strategic Research) with a budget of 88MSEK during 1998-2002, was initiated in 1998 with the support and involvement of several ASTEC researchers. Currently, Prof. Hans Hansson is program director, and he, Parosh Abdulla, and Wang Yi conduct projects funded by ARTES. There is a close coordination between ASTEC and ARTES work: the two bodies share Roland Grönroos as administrator, and several ASTEC projects are closely related to ARTES projects. ARTES++, a graduate school in real-time and embedded systems, was recently granted 7 MSEK in funding from SSF for operation from 2004 to 2006. Some 20 students annually, from 9 participating universities, will be provided support for international mobility, industry contacts, and attending courses. In total, 18 instances of courses will be given. Leadership will be enforced by appointing a director of graduate studies (Paul Pettersson). Support to the ARTES++ graduate school will be instrumental in continued recruitment and education of strong Ph.D. students in the real-time and embedded systems area, and will substantially add to the return on the investment already made in ARTES.

## **B. Standing of the Competence Center in an International and National Context**

## **B.1. Progress of the Centre in Relation to its Long-Term** Goals

#### Background

Industrial and academic collaboration should be particularly relevant for research on software systems: many advances in software technology occur in universities but on the other hand the major part of software production occurs in industry. Such a collaboration thus offers the opportunity for industry to exploit recent advances in software technology and for researchers in academia to evaluate the effectiveness of new techniques in a "real-world" environment.

Though this observation is probably universal, it is particularly applicable to a country like Sweden. Several major products of Swedish industry, e.g., data communication and

process control systems, are to a significant extent based on software. Swedish academia has a strong tradition of research in some areas which have potential applications to software development. The indirect impact of this research on industrial practice, through mobility of individuals and ideas, has been noticeable: functional programming and formal methods have influenced software development in the Swedish telecommunications industry, as witnessed, e.g., by the creation of high-level languages such as Erlang, SDL, and TTCN. ASTEC is intended to build on this tradition, and strengthen direct contacts between academic research and industrial practice, so that advances in academic research can indeed benefit industrial software development, which in its turn can guide the agenda for academic research.

#### **Goals and Strategies**

ASTEC's vision is that, wherever possible, software should be developed using high-level specification and programming languages, supported by powerful automated tools that assist in specification, analysis, validation, simulation, and compilation. ASTECs goals are to contribute to this vision by

- 1. carrying out industrially relevant pre-competitive research at the highest international research level which can be both published in leading scientific conferences and journals and exploited by the industrial parties,
- 2. building up and maintaining a critical-mass, and a concentrated research environment for research, graduate education, collaboration, problem solving, and long-term competence development, and
- 3. being a forum for contact between industrial and academic software researchers.

The strategies chosen by ASTEC to meet these goals are based on the following principles:

- 1. Academic-industrial collaboration and technology transfer require that both parties take an active interest. Therefore, ASTEC work should be conducted with active participation by both industry and academia. Collaboration and a plan for technology transfer will thus be built in from the beginning. This strategy has been successful in building strong links between researchers in academia and in industry.
- 2. Longer-term project planning and the build-up of a concentrated research environment is guided by a *strategic research plan*. The plan structures the challenges addressed by ASTEC into program areas, more precisely described in Section A.
- 3. ASTEC runs and supports seminars and workshops for contact between industrial and academic researchers.

#### History and Evaluations of ASTEC

During the first two years (Phase 1), ASTEC activities focussed on establishing collaboration links between academia and industry by conducting projects where techniques from academia were applied to problems in industry, thereby creating a network of contacts.

To address recommendations of the first ASTEC evaluation, in Phase 2, a *strategic research plan*, which structures challenges for the long-term development of ASTEC, was developed. Based on this plan, more research competence has been recruited and strengthened to build up key areas of ASTEC such as compilation, and the administrative support was strengthened by appointing a research coordinator (Roland Grönroos, 40%). Also in Phase 2, an international *scientific advisory board* was appointed. Currently, it consists of Profs. Neil Jones (DIKU, Univ. of Copenhagen), Bernhard Steffen (T.U. Dortmund), and Neeraj Suri (T.U. Darmstadt). The scientific advisory board has conducted two self-imposed internal reviews in Phase 2 (April 1998 and March 2000), and two in Phase 3 (April 2002 and June 2003). These reviews have pointed out strengths and weaknesses in the technical work of ASTEC, provided guidance, and resulted in shifts of focus of some projects.

The second, mid-term NUTEK evaluation in September 2000 generally expressed its

satisfaction with the work of ASTEC and with the measures taken since the first review. Specific recommendations for individual projects and for the structure of ASTEC in general were made and most of them have been followed during Phase 3. In particular, we mention:

- The recommendation that the ASTEC board be enriched with influential leaders from industry partners. In the current period, Catrin Hansson-Granbom (from Ericsson AB) and Jan Lindblad (from OSE Systems AB) joined the ASTEC board, and an assisting director was appointed.
- That procedures and mechanisms be developed that ensure that all researchers and participants are well informed about projects, technology tranfer plans, and the interrelationships between projects. In response to this recommendation, ASTEC has created the **CODER** project cluster, organized half-day long seminars where work from the three technical areas of ASTEC was presented in a concentrated form (in addition to the annual ASTEC research meetings), and has kept the frequency of meetings between project leaders (where the progress of individual projects is discussed) high.

#### Progress

Within Uppsala University, ASTEC is recognized as an important long-term strategic research unit. In written and oral presentations of research in information technology, ASTEC is referred to as a strong pillar of research in Computer Science, and as an example of successful and continued establishment of collaboration between academic researchers with industry.

Over the years, the participation of industry within ASTEC has been steadily increasing. The number of companies involved within ASTEC has grown from 6 to 12 in 2002 and 14 in 2003; see data shown in Table 2 below. As a rather unusual "success-story" we mention the inclusion of a non-Swedish company (T-Mobile) as parner of an ASTEC project in 2003. Results from ASTEC work have been transferred and are nowadays used in industry. Despite the difficult times for companies in the information technology sector, financial contribution from industrial partners of ASTEC has reached its peak in 2000 and has kept at a high level during the last few years.

The production of graduates (Ph.D., Lic. and M.Sc.) has acquired momentum (a total of 5 till 1999, 15 in 2000, to a total of 27 at the end of 2002). The centre has graduated one and currently employs four industrial Ph.D. students. ASTEC researchers and graduates have moved to the industrial partners of ASTEC, and some ASTEC researchers also have part-time appointments with companies. The centre has developed and conducted graduate courses in its area of competence, and its seminar series is continuing in full speed during the last few years.

## **B.2. International and National Collaboration**

ASTEC researchers are firmly established in the international research community. Senior researchers are members of program committees in key conferences of the areas of the strategic research plan. For 2001-2003, these include

- ACS (Int. Conf. on Applications of Concurrency to System Design),
- CAV (Conference on Automated Verification),
- CC (Compiler Construction),
- CONCUR (Conference on Concurrency Theory),
- FEMSYS (Formal Design of Safety Critical Embedded Systems),
- ICFEM (Int. Conf. on Formal Engineering Methods),
- ICALP (Int. Colloquium on Automata, Languages and Programming),
- ICLP (Int. Conf. on Logic Programming),
- LICS (IEEE Symp. on Logic in Computer Science),
- LCTES (Languages, Compilers, and Tools for Embedded Systems),
- NWPT (the Nordic Workshop on Programming Theory),
- PPDP (ACM SIGPLAN Principles and Practice of Declarative Programming), where

Konstantinos Sagonas was Conference Chairman in 2003,

- RTCSA (Int. Conf. on Real-Time Computing Systems and Applications),
- RTSS (IEEE Real Time Systems Symposium),
- SEFM (Int. Conf. on Software Engineering and Formal Methods)
- TACAS (Tools and Algorithms for the Construction and Analysis of Systems), where Prof. Wang Yi was Program co-Chairman in 2001.

A sign of recognition is that the TIMES tool received the best tool award at the ETAPS conferences in April 2002, and that ASTEC has been invited to present its activities in a special issue of the Springer Verlag journal STTT (Software Tools for Technology Transfer).

ASTEC has a strong network of international contacts. As examples, the UPPAAL and TIMES projects have been collaborating very closely with Aalborg University in Denmark since 1995. ASTEC groups have had a long been an active collaboration with Seoul National University (SNU) (Andreas Ermedahl (then an ASTEC Ph.D. student) has been on a 6 month visit at SNU), and with C-Lab in Paderborn, Germany (including frequent visits by Friedhelm Stappert)

In addition to visits within the collaboration just mentioned, ASTEC attracts both long- and short-term visitors. Prof. Werner Damm, Univ. of Oldenburg, has spent a semester as visiting professor in autumn 2001. ASTEC groups host several post-doc researchers (currently 4) from other countries.

Through its partners, ASTEC participates in several European Community research projects.

- WOODDES (Workbench for Object Oriented Design and Development of Embedded Systems), concluded in 2003, is devoted to development technology for embedded systems in automotive and telecommunication industry within the framework of UML. The project has 6 European industrial partners and 2 academic partners: Oldenburg University, Germany and Uppsala University.
- The ARTIST (Advanced Real Time Systems) project, in which Mäardalen University and Uppsala University participate, collects around 20 leading research groups in Europe with the objectives to coordinate European Research and Development effort in the area of Advanced Real-time Systems, e.g., by identifying innovative and relevant research directions.
- The ADVANCE (Advanced Validation for Telecommunication Protocols) project, develops tools that extend the power of formal analysis. Its partners include Uppsala and Ericsson.
- The GAMES Research and Training network GAMES, comprising 7 European and 1 U.S. University is concerned with developing techniques for the synthesis and validation of computing systems that are based on games and automata.
- PROFUNDIS (Proofs of Functionality for Mobile Distributed Systems) focusses on formal modelling and verification techniques for key issues in mobile distributed systems, such as security authentication, access rights and resource management. The 4 academic partners include Uppsala University.
- <u>ESACS</u> (Enhanced Safety Assessment for Complex Systems) aims at developing new tools and methodologies to improve safety analysis of complex systems. Partners include 4 aircraft industries and several reseach centers, including Prover Technology AB, Sweden.

Our participation in all these projects builds directly on ASTEC work.

SAVE (Component Based Design of Safety Critical Vehicular Systems) is a national project supported by SSF (Swedish strategic research). The goal of the project is to establish an engineering discipline for systematic development of component-based software for safety critical embedded vehicular systems. Uppsala's effort within SAVE will be focused on component models and verification of quantatative properties of components.

ASTEC has co-organized and co-sponsored several international workshops and conferences, including PLI'03 (Principles, Logics and Implementations of High-Level

Programming Languages) which comprises of ICFP (ACM SIGPLAN International Conference on Functional Programming), PPDP (ACM SIGPLAN Conference on Principles and Practice of Declarative Programming), and a total of five co-located workshops.

A collection of scientific papers, which represent ASTEC work, has been invited and will be published in the Springer Verlag journal STTT (Software Tools for Technology Transfer), together with a cover paper which presents the ASTEC framework, with the goal of presenting ASTEC to a wider scientific community.

ASTEC conducts technical seminars, and seminars directed to an industrial audience. For example, Jakob Engblom gave a lecture on efficient C programming for embedded systems, on behalf of IAR Systems, at the Embedded Systems Conferences in San Francisco in 2001 and 2002. The lecture topic was how to write code that is efficiently compiled by a modern C compiler. Open half-day seminars are organized to present results of selected ASTEC project clusters. A concentrated seminar presenting the Erlang work was organized on 14 November 2002, and a seminar on the CODER work was organized on 12 March 2003.

### **B.3. Core Competences and Critical Mass**

Over the years, ASTEC has developed into a focussed research unit with a critical mass within the technical areas of the centre: verification and validation, (declarative) programming languages and compilation, and development of techniques and tools for real-time and embedded systems. Within these areas, ASTEC performs research on the highest international level. Impressive recognized research results have been produced, of both theoretical and practical nature, which are published in leading conferences and journals of the field. ASTEC collaborates with other national research initiatives, and has strong international collaboration links, including links with several big European Community research projects.

The companies also contribute to the centre's research profile. Several companies, which are industrial partners of ASTEC, are world-leading suppliers of technology for software development, and are thus also on the frontier of international research in the areas of relevance. As examples, Prover Technology AB owns what may be the world's most powerful solver for satisfiability problems, which is now integrated into the Esterel Scade tool. Enea Embedded Technology develops the OSE Real Time Operating System, one of the most popular RTOS's. Virtutech AB, with its SIMICS product, is the world leader in the design and development of full system simulation platforms. Software tools produced by research conducted under the aegis of ASTEC are being used by big international companies of the telecom industry such as Ericsson and T-Mobile.

Cooperation between academic and industrial units of ASTEC has become closer and more interconnected within this period.

- As an example, the work on projects involving Erlang has resulted in regular, bi-monthly day-long meetings between members of the HiPE (at UU) and Erlang/OTP (at Ericsson) development teams. There has also been a collaboration between the Failure analysis project and the AXD-301 development team at Ericsson. Finally, the Failure analysis tool used and provided feedback for software tools developed within the context of the HiPE project.
- Another example of close coordination between different activities in ASTEC is the formation of the **CODER** (Cluster on Distributed and Embedded Real-Time systems) cluster, which originated from integration of the **WCET** group with the **WPO** group, and which also includes the projects **TAS** and **Remodeling**. The rationale for forming the **CODER** cluster is that there are obvious synergies between research on compilation techniques for embedded systems and research on execution-time analysis of code for such systems. In practice, this has worked out very well. There is a research compiler infrastructure shared by the two groups, and there have been several joint graduate seminars on program analysis techniques. The work in the **CODER** cluster is geographically and organizationally dispersed, with nodes at Uppsala University, IAR Systems, CC-Systems, ABB, OSE Systems AB, and

Mälardalen University. There is also a steady cooperation with C-Lab in Paderborn, Germany. This has worked well, thanks to using email, instant messaging programs, and the use of CVS (Concurrent Versions System) to share text and code.

• Finally, links between industry and academia are often strengthened by the fact that ASTEC researchers are appointed jointly by academia and industry and by the increasing number of industrial Ph.D. students.

## B.4. Role and Impact of the Centre within the University

Over the last several years, Uppsala university has taken several measures in order to increase the visibility and operational efficiency of its educational and research programs in the information technology field. In January 1999 the various small departments dealing with different aspects of IT were joined to two large departments, and the Virtual IT-faculty was created to coordinate and promote the role of IT within the university in different ways. These reforms have now been consolidated and we can see a very strong IT-department which offers a good administrative infrastructure for large research programs and good opportunities for collaboration between different specialties within the IT field. Generally speaking, ASTEC has been part of this increased focus on the IT area within the university both in the sense that the program has had advantages from it and that the activities within ASTEC have been seen as part of the focus on IT at Uppsala University.

Malardalen University has over the last several years developed MRTC (the Mälardalen Real-Time REsearch Centre) into a strong environment for Real-Time research, now with around 70 researchers. A recent development was the creation, in January 2003, of SEL (Software Engineering Laboratory), a research laboratory, focusing on

- Software engineering for industrial, real-time and embedded systems; this will include the engineering technologies, tools, and processes.
- Component-based software engineering.

The staff of SEL contains two professors, 4 lecturers, and around 12 Ph.D. students.

In the late nineties, IT saw a very strong expansion both in terms of number of programs and courses and number of student positions. During the last two years, the recruitment of undergraduate students has been negatively affected by the problems in the IT sector. This has affected all Universities and University Colleges including Uppsala. In the case of Uppsala, we have been able to handle the decreased interest without major problems and the number of full time students at the department now seems to stabilize around 1000. The recruitment to Ph.D. studies has actually benefited from the current situation. It is now even easier to attract good students to the Ph.D. programs. This has been clearly noticed also in the ASTEC program.

ASTEC is formally a separate administrative unit within Uppsala University. The administration is hosted in the IT Department but the accounting is separated from that of the department. One of the beneficial effects of the formation of a joint IT-department is that we now have a very strong administration, it is probably the best of all departments within Uppsala University. The department is organized with a common administrative unit for the whole department, and there are senior professional administrative persons responsible for every key task with good back up possibilities. Therefore the capability to manage and coordinate large projects is very good.

The structure of the IT Department is exceptionally well suited for centers such as ASTEC also from an academic point of view. It is unique for Swedish Universities that expertise representing the whole chain from data collection, signal processing, automatic control, advanced software development, database engineering, and numerical analysis are all available within one department. For development of advanced industrial software this is an excellent environment that is not yet fully utilized to its full potential.

In several of these areas the department has been successful in attracting world-leading experts. The number of professors at the IT Department has increased from 8 to 22

since its creation in January 1999. Several of the new chairs at Uppsala University (and also Mälardalen University) are in areas that support ASTEC work, including real-time systems, computer architecture, computer communications, and computing science. ASTEC has indirectly catalyzed the creation of some of these chairs. The most recent additions of professors in areas closely related to ASTEC are Erik Hagersten in Computer architecture and Stefan Seipel in Computer graphics and visualization. Hagersten has taken a seat on the ASTEC board and new industrial collaborations have been formed involving Hagerstens group and ASTEC.

Uppsala University has over the last few years carried out a major strategic planning and resource reallocation process called BASTU (SAUNA). One of the outcomes of that process was significant new resources to High performance computing through the establishment of a new centre UppMAX which will have a handful of senior application experts that support researchers wishing to use or develop high performance computing. This opens up several new potential collaboration areas for ASTEC.

ASTEC is together with a few other strategic research programs always presented as an important part of the research strategy of the university. ASTEC is frequently mentioned in accounts of the research program in Computer Science at Uppsala University. Examples include the STUNS report, and presentation of Research in IT to representatives of the leadership of research at SUN, ABB, Ericson, Volvo Car Corp, and other major companies in ASTEC related areas.

## C. Industrial Benefits, Technology Transfer, Impact to the Industrial Partners

## C.1. Industrial Involvement and Interaction

The industrial involvement in ASTEC has continuously increased with about one partner per year since the center started in 1995; see Table 2. What is not shown in the table is the fact that the industrial involvement is particularly strong on the level of individuals: many companies have reorganised and changed names during the period, but the involved personal contacts have been increasingly strong and expanding.

|                                                                             |       | Year |      |      |      |      |      |      |      |      |
|-----------------------------------------------------------------------------|-------|------|------|------|------|------|------|------|------|------|
|                                                                             | all   | 2002 | 2002 | 2001 | 2000 |      | 1998 | 1997 | 1996 | 1995 |
|                                                                             | years | 2003 | 2002 | 2001 | 2000 | 1333 | 1330 | 1331 | 1330 | 1995 |
| ABB Automation                                                              |       |      | 1    | 1    | 1    | 1    |      |      |      |      |
| Products AB                                                                 |       |      |      |      |      |      |      |      |      |      |
| ABB LtD                                                                     |       | 1    |      |      |      |      |      |      |      |      |
| Cross Country<br>Systems AB                                                 |       | 1    | 1    | 1    |      |      |      |      |      |      |
| Ericsson Radio<br>Systems AB                                                |       |      |      |      |      |      |      | 1    | 1    | 1    |
| Ericsson Telecom<br>Systems AB<br>Ericsson<br>Utvecklings AB<br>Ericsson AB |       | 1    | 1    | 1    | 1    | 1    | 1    | 1    |      |      |
| ESAB Welding                                                                |       | 1    | 1    | 1    |      |      |      |      |      |      |
| Equipment AB                                                                |       |      |      |      |      |      |      |      |      |      |
| I.A.R. Systems AB                                                           |       | 1    | 1    | 1    | 1    | 1    | 1    | 1    | 1    | 1    |
| Mecel AB                                                                    |       |      |      |      | 1    | 1    | 1    | 1    | 1    | 1    |
| Mobile Arts AB*                                                             |       | 1    |      |      |      |      |      |      |      |      |
| ENEA OSE Systems<br>AB                                                      |       |      | 1    | 1    |      |      |      |      |      |      |
| OSE Systems AB**                                                            |       | 1    |      |      |      |      |      |      |      |      |
| Prover Technology<br>AB                                                     |       | 1    | 1    | 1    | 1    | 1    | 1    | 1    | 1    | 1    |
| Rational Software<br>Scandinavia AB                                         |       |      |      |      |      |      | 1    | 1    | 1    | 1    |
| T-mobile Inc.*                                                              |       | 1    |      |      |      |      |      |      |      |      |
| Telelogic AB<br>Telelogic Sverige<br>AB                                     |       | 1    | 1    | 1    | 1    | 1    |      |      |      |      |
| Telia AB<br>Telia Validation AB<br>Validation AB                            |       | 1    | 1    | 1    | 1    | 1    | 1    | 1    | 1    | 1    |
| UPAAL Sweden AB                                                             |       | · ·  | - '  |      | 1    | 1    |      |      |      |      |
| Virtutech AB                                                                |       | 1    | 1    | 1    |      | - ·  |      |      |      |      |
| Volcano                                                                     |       | 1    | 1    | 1    | 1    | 1    |      |      |      |      |
| Communicaton<br>Technologies AB                                             |       |      |      |      |      |      |      |      |      |      |
| Volvo Teknisk<br>Utveckling AB                                              |       | 1    | 1    | 1    | 1    | 1    |      |      |      |      |
| Sum=                                                                        | 18    | 14   | 1 2  | 1 2  | 10   | 10   | 6    | 7    | 6    | 6    |

**Table 2.** The industrial participation in ASTEC during 1995 – 2003 showing the years of activity of each company within the center. Company names within the same row represent essentially the same partner whose name or internal organisation has changed during the years; these companies are counted as one partner here. Note the expansion of about one partner per year.

\* The formal contract to accept T-Mobile and Mobile-Arts as partners is currently (August 2003) circulating for signing by the present partners in ASTEC.

\*\* Stockholm, Sweden, July 15, 2003: "OSE Systems, a subsidiary of Enea Data (SAXESS: ENEA), today announced that it has joined forces with Enea Data's subsidiaries, Enea Realtime and Enea TekSci Consulting to become Enea Embedded Technology." The financial contributions to ASTEC have increased for the first five years (Figure 2). The increase during 1999-2000 is partly due to increased contributions by NUTEK. Their contribution has levelled out on 6 MSEK per year during phase 3 (2001-2003). During year 2001, industry's ability to support research has decreased. At the same time a shift in project structure with accompanying recruitment problems caused decreased ability to carry out research. During 2002, the total contributions were recovered. This was achieved by increased contributions from academia. The continued difficult times for industry in the IT secter were probably the cause of the slight decrease in their contributions during 2002, but despite these problems the industry contribution is predicted to increas for 2003.



During ASTEC's existence, four companies have left the centre

- Rational Software Scandinavia AB has moved its research and development from Sweden to the US, and consequently withdrew from ASTEC.
- Ericsson Radio AB was initially involved in a case study, whose conclusion was that the technique applied in ASTEC performed well on one case study but would probably not perform as well on other important future applications.
- UPAAL Sweden AB's involvement within ASTEC was started in 1999, to a large extent because of experiences from ASTEC projects. The company's activity has been low in the last years.
- **Mecel AB** formed the spin-off company Systemite AB, founded by the persons active in the ASTEC co-operation. Systemite develops and markets the tool SystemWeaver, which is based on the Butler tool that was a subject of ASTEC collaboration.

Mobility between academia an industry is examplified by the following.

• Currently, the centre employs four industrial Ph.D. students. Three of them, namely

Johan Runeson (IAR), Johann Deneux (Prover), and Johan Blom (MobileArts), are in Uppsala University while Johan Andersson (ABB Robotics) is an industrial Ph.D. student in Mälardalen University. Previously, Jakob Engblom and Jan Sjödin were also active as industrial Ph.D. students. In the ASTEC model, the students are employed half-time by a company in order to carry out their Ph.D. work which is conducted at the host University funded by ASTEC.

- One ASTEC Ph.D. student, Jakob Engblom, after his graduation has moved on to work at one of the new ASTEC industrial partners (Virtutech), while maintaining an adjunct lecturer position at the IT department of Uppsala University.
- Senior researchers at companies are making substantial contributions to projects.
- A number of M.Sc. graduates have moved to ASTEC industrial partners.

## C.2. Ways to Facilitate Industrial Implementation

From the companies' own statements (<u>Appendix 5</u>), it is clear that the main expectations of industrial parners of ASTEC, were

- to get in contact with state of the art research and techniques
- to directly or indirectly benefit from these contacts
- to solve complex problems in simple ways and benefit from competence in the ASTEC technical areas which exists in academia (for specific information see <u>Appendix 5</u>)
- to find new ways of solving problems, and
- to recruit diploma thesis students (ex-jobbers) who can possibly become future employees.

The fulfillment of these expectations is presented in Sections C.3 and C.4 below.

Two notable characteristics of software development within many of the ASTEC projects facilitate industrial implementation and technology transfer:

- 1. The existence of software, concurrently with a commercial version, in an open-source version which is not significantly different than the commercial one. Such is for example nowadays the case for the Erlang/OTP system from Ericsson. Existence of an open-source version, not only allows distribution of code without getting hang up into legal issues, but also provides a whole new community of users which is significant in number. Perhaps not surprisingly (since they have access to the code), some of the open-source users are quite knowledgeable and are often more committed to improving the software than its paying users. Moreover, they are not afraid to try new, unsupported features and seem to have more time to provide valuable feedback than commercial users. All these, have e.g. allowed the HiPE compiler to be first released as an unsupported component of Erlang/OTP, get feedback and an "informal approval" from the open-source user community, thereby making the decision to also include HiPE in the commercial version of Erlang/OTP (which is the one typically used in telecom applications) easier to take.
- 2. Because of the the close industrial collaboration, it is quite often the case that state-of-the-art academic research projects carried out under the aegis of ASTEC have access to production-size, industrial-quality software. This software is given as source code, which can be used to conduct experiments and serve as a "real-life" benchmark. This has given the research on compilation, execution-time analysis, and on formal verification, a unique opportunity to evaluate the applicability and effectiveness of new techniques in realistic settings rather than on synthetic (and often toy) benchmarks.

## C.3. Commercialisation and Technology Transfer

Some of the research conducted under ASTEC has already reached the level of commercialisation. As examples, we mention:

• The HiPE native code compiler, whose development was initiated in ASTEC in 1998, has reached industrial maturity, and has been fully incorporated into the

open-source and commercial versions of the Erlang/OTP system from Ericsson.

- The work on the UPPAAL tool which has resulted in the formation of a company that would provide training and consulting services to users of the tool.
- Finally, the work performed in the context of the **SMC** project has been instrumental in extending the Esterel Scade tool with the Prover Plug-In to automatically perform fault tree analysis and thereby be able to find minimal combinations of components which will lead to a failure of the whole system.

Technology transfer bewteeen academia and industry often takes places by osmosis in seminars or common project meetings between the various ASTEC partners. More concretely, some big steps towards achieving a more full-scale technology transfer have been taken by several other ASTEC projects during this period. As notable examples, we mention:

- The various kinds of flow analysis and hardware timing models which have been developed in the context of the **WCET** project over the years, have now been integrated into a common tool which is about to be used to analyze the precision and time complexity behaviour of the developed techniques for realistic embedded software benchmarks.
- Work performed in the context of the **WPO** project which has significantly facilitated the work of the **WCET** project.
- Techniques developed by the **TAS** project which are being used today by CC Systems to develop new embedded control systems, and
- relatively recent work from the **Testing** project which is currently under evaluation using case studies at MobileArts AB.

### C.4. Success Stories

- The HiPE compiler which is actively used and appreciated by the Erlang user community. This is also the reason why T-Mobile, a large non-Swedish company of the telecom industry, has voluntarily taken the steps to become an ASTEC partner. Work in the context of the HiPE project has also generated several recognized "basic research" results on memory management for concurrent languages.
- The UPPAAL tool, which has been developed and used in several ASTEC projects, is a world-leading tool for verification of timed systems, used in academia and industry for research, teaching, and industrial verification. It is put forward in several standard texts on automated verification (examples: a chapter in the textbook "Systems and Software Verification" by B. Berard et al (Springer 2001) describes UPPAAL) and is used in teaching in universities world-wide.
- The subsequent TIMES tool received the best tool award at the ETAPS conferences in April 2002, and is accompanied by several recognized research results on schedulability analysis.
- The work on worst case execution time analysis has produced a prototype tool, which can perform WCET calculation fully automatically on some code examples. The ASTEC work on WCET has gained large recognition by the international research community.

## C.5. Impact on the Industrial Partners

As mentioned above, technology transfer comes in many different forms. Perhaps the most direct of them is when project results are integrated into products and provide concrete solutions to company problems.

- In this respect, Jörgen Hansson (Cross Country Systems AB) writes that "the techniques developed (in two master theses) have been used in industrial pilot studies together with ESAB and Rolls-Royce Marine, and are being used today at CC Systems to develop new embedded control systems".
- Similarly, Kenneth Lundin (Ericsson AB) writes that "several of the HiPE results are now part of the Erlang/OTP product which is used in several products developed by Ericsson and other companies".

Participation in ASTEC has allowed companies to gain knowledge about new advances in technology and their potential applications and has provided them with competence and expertise that they often lack or strive for.

- As an example, Ove Åkerlund (from Prover Technology AB) describes his experience from being involved in implementing *"knowm theoretical formal methods results into a practical tool (SCADE)"* stating that *"doing this is a good example of technology transfer between academia and industry"*.
- Also, as pointed out by Jakob Engblom (Virtutech AB) "participating in ASTEC allows Virtutech to explore interesting issues that we [Virtutech] would otherwise not have the competence to pursue on our own".

Finally, an appreciated, indirect benefit from participation of companies within ASTEC continues to be the potential for contacts with the international scientific community. As Ola Lundkvist (Volvo Technology), Jan Lindblad (Enea Embedded Technology), and Ove Åkerlund (Prover Technology AB) point out *"collaboration with ASTEC has given good opportunities for European contacts"* within the embedded systems research community and the European aircraft industry.

Appendix 5 collects statements from most of the industrial partners of ASTEC.

## **D.** Future Plans and Strategies

The future plans and strategies follow the goals outlined at the end of the executive summary and ASTEC's long-term goals described in Section A.1. They are also influenced by input from the industrial and academic partners, and from ASTEC's Scientific Advisory Board.

In the next phase, ASTEC plans to develop further and consolidate its work from the industrial and application perspective as follows:

- Tools that have reached industrial maturity, such as the HiPE native code compiler, will continue to be developed in order to keep up with advancements in technology (such as e.g. new processor architectures), and extended with new functionality. Effort will also be put in providing support for these tools so that maximum impact and trust by their user community is achieved.
- Projects that have now developed prototypes (e.g., WCET, TIMES, or Testing) will concentrate on making tools that are industrially usable and, where appropriate, on integrating their results into tools of industrial partners of ASTEC.
- Finally, for projects that currently are in a more preliminary phase, the development of a prototype that can be used on industrial examples will be the main focus.

The development of tools has and will also serve as the basis for investigation of interesting new concepts in software technology, such as memory management in concurrent languages, techniques for developing and scheduling time-critical code, and new verification and test generation techniques.

ASTEC will also contribute to promoting the industrial uptake of techniques that it has developed, such as e.g., the use of automated WCET analysis, model-based code generation, verification, and test generation. Industrial seminars will be organized in order to present the results of the work done during ASTEC's lifetime.

During the current phase, ASTEC projects have naturally organized themselves into clusters have been formed (e.g., the CODER and the Erlang cluster). These clusters will continue to live over the next two years in order to achieve maximum benefit from interaction between different projects and humans within each cluster. Also, we feel that greater interaction between other researchers in Europe working on similar topics or projects is strongly desirable. ASTEC researchers will continue the current trend of increasing their participation in European collaboration activities.

On the educational side, ASTEC will continue its successful upper-level undergraduate

courses (on verification, real-time systems and compiler technology) at Uppsala University. At this point, tools produced in ASTEC project have reached the maturity to be used in regular undergraduate tools (UPPAAL and HiPE). and we will work so use also other tools, such as TIMES, the WCET tool, and the Testing tool.

To ensure a sustained, long-term support and development of research results and tools produced in ASTEC projects, an effort will be made in the next - and most probably final - phase of ASTEC to identify results that are sufficiently mature to be self-supported to a large extent, and to encourage partners from industry to adopt them in their products. At the same time, ASTEC will investigate potentially new research topics and directions of software technology that can form the basis for a renewal or reincarnation of the centre, possibly within the next generation of competence centers.

## Appendices

- 1. ASTEC Business ratios 1995-2002
- 2. Partners
- 3. Research staff 1995-2003
- 4. <u>Financial report</u> Account for income, budget and economic result for 2001-2003 as (PDF)
- 5. Industrial partners statements
- 6. Projects
- 7. Publications
- 8. ASTEC scientific advisors report 2003 as pdf
- 9. Evaluation report 00-09-28 as pdf
- 10. Curricula vitae for Directors of ASTEC Bengt Jonsson and Konstantios Sagonas

Last update: 19-Aug-2003 11:49 , e-mail: astec@docs.uu.se Location: http://www.astec.uu.se/etapp3/evaluations/eval2003/Material/eval\_report.shtml

Uppsala University

• Department of Information Technology

ASTEC



ASTEC Advanced Software Technology

2003-07-02

Appendix 3

# Business ratio's for ASTEC 1995 - 2002

ASTEC business ratios are calculated from the costs and activities each year. There is no profit within ASTEC. Contributions from the parts are consumed the same year. The research results are transferred to the participating companies that may profit from them and according to the contracts share the profit with the researchers.

The following tables and figures are summarised here.

**The contributions** to ASTEC has increased for the first 5 years (Fig 1a, b). The increase during 1999-2000 is partly due to increased contributions by NUTEK. Their contribution has levelled out on 6 MSEK per year during phase 3 (2001-2003). During year 2001 industry's ability to support research has decreased. At the same time a shift in project structure with accompanying recruitment problems caused decreased ability to carry out research. During 2002 the total contributions were recovered. This was achieved by increased contributions from academia. The continued poor trading conditions for industry were probably the cause of the slight decrease in their contributions during 2002.

**Management costs** has increased in absolute values but declined relative to total costs during 1997 -1999 (Fig 1a) and thereafter stabilised on about 7%. Management includes all expenses except direct research. About 60% of this cost is covered by academy.

**The cost for each man-year** decreased during the first 3 years to 55% of its initial value. The last years an increase has occurred (Fig 1a). This can be partly be explained by fewer Master of Science students the last year (Fig 2b).

**The amount of work** carried out per year increased with about 40% per year during the first 5 years (Fig 2a). Since then the amount of work has levelled out. During 2002 ASTEC research funding partly shifted from researchers to PhD-students. A larger amount of the work carried out by researchers was made with other funding from Academia. The number of industrial PhD students decreased partly due to a dissertation followed by recruitment to industry (Fig 2b). Technical/administrative staff has decreased each year (Fig 2b).

**The publication rate** increased during 2002 compared to year 2001 due to the shift in project structure (Fig 3a). It takes a while for new projects to obtain publishable results, a similar phenomenon can be seen both 96 and 98-99. The increased cost per publication and time requirement per publication also reflects the start of phases 1, 2 and 3 (Figs 1a and 3c). An interesting shift to journal publication from conference publication has occurred during the 2001. The major publication type in this field of research is conferences (with referee system), technical reports and workshops(Figs 3a,b). There is a trend to decreased cost per publication over time.

### Roland Grönroos



**1a) ASTEC Business Ratios**. The contributions by ASTEC parts, Management, Man power and Publication form the basic data for: the cost per man year (KSEK/man year); the publication cost (KSEK/publication); the effort per publication (man years/publication); the relative management cost (Management/Total).

| Contributions by      | 1995-96 | 1997 | 1998 | 1999  | 2000  | 2001  | 2002  | Sum   |
|-----------------------|---------|------|------|-------|-------|-------|-------|-------|
| INDUSTRY              | 3568    | 2778 | 3520 | 5293  | 7219  | 6117  | 5659* | 34154 |
| ACADEMY               | 2375    | 3450 | 2347 | 4557  | 4688  | 5392  | 6159  | 28969 |
| NUTEK/VINNOVA         | 2295    | 3395 | 3134 | 5202  | 6869  | 5712  | 6672  | 33280 |
| Total (KSEK)          | 8238    | 9623 | 9001 | 15053 | 18777 | 17221 | 18491 | 96403 |
|                       |         |      |      |       |       |       |       |       |
| Management (KSEK)     | 380     | 818  | 721  | 1038  | 1066  | 1336  | 1293  | 6651  |
| Man power(man years   | 6,0     | 9,1  | 12,5 | 17,5  | 25,0  | 21,5  | 20,7  | 112,3 |
| Publications (no.)    | 8       | 19   | 12   | 22    | 34    | 28    | 33    | 156   |
|                       |         |      |      |       |       |       |       |       |
|                       |         |      |      |       |       |       |       | Mean  |
| KSEK/man year         | 1371    | 1054 | 719  | 858   | 753   | 801   | 894   | 858   |
| KSEK/Publication      | 1030    | 506  | 750  | 684   | 552   | 615   | 560   | 618   |
| Man years/publication | 0,75    | 0,48 | 1,04 | 0,80  | 0,73  | 0,77  | 0,63  | 0,72  |
| Management/Total      | 5%      | 9%   | 8%   | 7%    | 6%    | 8%    | 7%    | 7 %   |

\*) At the time of writing is there an uncertainty whether one industry contribution of 1.8 MSEK for year 2002 can be counted in. It is included in all tables.

#### 1b) The development of contributions to ASTEC by NUTEK, Academia and Industry.







## 2a) Development of work carried out within ASTEC in man years for each year.

### 2b) Development of ASTEC staff categories,.

|                                | Amount ea | ach year | (man ye | ears) |      |      |      |
|--------------------------------|-----------|----------|---------|-------|------|------|------|
| Category                       | 1995-1996 | 1997     | 1998    | 1999  | 2000 | 2001 | 2002 |
| Professor                      | 0,5       | 0,3      | 0,6     | 0,6   | 2,1  | 1,8  | 1,4  |
| Senior researcher              | 1,2       | 2,1      | 2,5     | 4,1   | 2,8  | 2,4  | 2,1  |
| PhD student                    | 3,3       | 4,1      | 6,3     | 7,1   | 9,0  | 7,1  | 10,6 |
| Industry researcher            | 1,0       | 1,7      | 2,2     | 2,1   | 3,8  | 1,7  | 2,5  |
| Industry PhD students          |           |          |         | 2,0   | 3,0  | 4,0  | 1,9  |
| Master of Science students     |           |          |         | 1,0   | 3,9  | 3,2  | 1,9  |
| Technical/administrative       |           | 1,1      | 1,0     | 0,6   | 0,5  | 0,4  | 0,3  |
| Total=                         | 6,0       | 9,1      | 12,5    | 17,5  | 25,0 | 20,5 | 20,7 |
|                                |           |          |         |       |      |      |      |
| Increase each year (man years) | ) -       | 3,1      | 3,4     | 5,0   | 7,4  | -4,4 | 0,2  |
| Increase each year (%)         | -         | 52%      | 37%     | 40%   | 42%  | -18% | 1 %  |



## Publications and exams

3a) Publication rate, note the increase following each phase initiation in 1995, 1998 and 2001.



**3b) Publication divided into different publication categories,** note the increase in journal publication and that conference, workshop and technical reports are dominating.

| Publications     |      |      |      | ye   | ar   |      |      |      |     |
|------------------|------|------|------|------|------|------|------|------|-----|
| type             | 1995 | 1996 | 1997 | 1998 | 1999 | 2000 | 2001 | 2002 | Sum |
| Journal          |      | 1    | 2    | 2    |      |      | 4    | 4    | 13  |
| Conference       |      | 1    | 6    | 5    | 8    | 13   | 8    | 17   | 58  |
| Workshop         |      | 1    | 1    | 2    | 5    | 6    | 8    | 3    | 26  |
| Technical report | 1    | 3    | 9    | 2    | 4    | 4    | 2    | 2    | 27  |
| Submitted        |      |      |      |      |      |      | 2    | 1    | 3   |
| PhD thesis       |      |      |      |      | 1    | 2    | 1    | 2    | 6   |
| Lic thesis       |      |      |      |      | 1    | 1    |      | 2    | 4   |
| M.Sc. thesis     |      | 1    | 1    | 1    | 3    | 8    | 4    | 3    | 21  |
| Sum              | 1    | 7    | 19   | 12   | 22   | 34   | 29   | 34   | 158 |



**3c) Time requirement and cost per ASTEC publication**, note the decrease in time per publication as a new phase develops. Phase 1 started 1995, phase 2 started 1998 and phase 3 2001.





3c) The cost per ASTEC publication, note the trend in decreasing cost per publication over time.





Appendix 2

## **ASTEC Partners and Persons Phase 3**

#### Academic research groups 2001-2003

- Uppsala university, Department of Information Technology The CODER group Leader: Dr. Jakob Engblom The Formal Verification Group Leader: Professor Parosh Abdulla and Bengt Jonsson The UPPAAL group Leader: Professor Wang Yi The Programming Language and Implementation Group Leader: Dr. Kostis Sagonas
- 2. **SICS** (Swedish Institute of Computer Science) Code Verification Group Leader: Dr. Dilian Gurov
- 3. Mälardalen University, Department of Computer Engineering The Computer Science Laboratory Leader: Professor Björn Lisper

#### ASTEC industry partners 2001-2003

| Industry                              | Employees*         |
|---------------------------------------|--------------------|
| ABB Inc.                              | 133000             |
| Cross Country Systems AB              | 110                |
| ESAB Welding Equipment AB             | 6700               |
| Mobile Arts AB**                      | 4                  |
| OSE Systems AB***                     | 600                |
| T-mobile Inc.**                       | very large company |
| Ericsson AB                           | 61000              |
| IAR Systems AB                        | 150                |
| Prover Technology AB                  | 30                 |
| Validation AB                         | 500                |
| Virtutech AB                          | 500                |
| Telelogic Sverige AB                  | 850                |
| Volcano Communication Technologies AB | >21                |
| Volvo Teknisk Utveckling AB           | 400                |

\* The number of emplyees were collected August 2003 from the web. In some cases they refeer to concern figures.

\*\*The formal contract to accept T-Mobile and Mobile-Arts as partners is currently (August 2003) circulating for signing by the present parts in ASTEC. \*\*\* "Stockholm, Sweden, July 15, 2003 - OSE Systems, a subsidiary of Enea Data (SAXESS: ENEA), today announced that it has joined forces with Enea Data's subsidiaries, Enea Realtime and Enea TekSci consulting to become Enea Embedded Technology."

|                                           | Validation and<br>Verification                                            | Programming<br>Languages and<br>Compilation | Real-Time<br>Distributed<br>Systems                                                 |
|-------------------------------------------|---------------------------------------------------------------------------|---------------------------------------------|-------------------------------------------------------------------------------------|
| Data- and<br>Telecommunication<br>Systems | ABB, Ericsson,<br>Prover, Telelogic,<br>Validation, Volvo                 | Ericsson, T-Mobile                          | ABB, Prover,<br>Telelogic,<br>Validation, Volvo                                     |
| Embedded<br>Applications                  | ABB, MobileArts,<br>Prover, Telelogic,<br>Validation,<br>Virtutech, Volvo | IAR,<br>OSE systems,<br>Vocano Com. Tech.   | CC-systems,<br>ESAB, IAR,<br>OSEsystems,<br>Prover, Telelogic,<br>Validation, Volvo |

## Persons involved in ASTEC

#### ASTEC board 1995-2003

| Name                   | Affiliation                    | Period            |
|------------------------|--------------------------------|-------------------|
| Ewert Bengtsson        | Uppsala University             | 990101 to 991231  |
| Bjarne Däcker          | Pensioner (former Ericsson AB) | 990101 to present |
| Martin Eriksson        | Validation AB                  | 000101 to present |
| Erik Hagersten         | Uppsala University             | 000101 to present |
| Catrin Hansson-Granbom | Ericsson Utvecklings AB        | 020101-present    |
| Seif Haridi            | SICS/KTH                       | 990101 to 991231  |
| Sten Hellström         | Mecel AB                       | 990101 to 001208  |
| Olle Landström         | IAR AB                         | 990101 to present |
| Jan Lindblad           | ENEA OSE Systems AB            | 020101-present    |
| Björn Lisper           | Mälardalen University          | 000101 to present |
| Åke Sandberg           | Telia Validation AB            | 990101 to 991231  |

#### ASTEC scientific advisory board

| Prof. Neil Jones         | University of Copenhagen          |
|--------------------------|-----------------------------------|
| Prof. Bernhard Steffen   | University of Dortmund            |
| <u>Prof. Neeraj Suri</u> | Chalmers University of Technology |

Updated 16-Aug-2003 15:43 by Roland Grönroos

e-mail: astec@docs.uu.se

Location: http://www.astec.uu.se/etapp3/evaluations/eval2003/Material/appendices/2partners.shtml

Uppsala University
 Department of Information Technology
 ASTEC

2 of 2

# ASTEC Research staff 1995-2003

Sorted by Category, Affiliation, Last name

| Soried by C | Lategory, Amina | lion, Last name      |                          |                   |     | Man yea | rs    |                   | App      | endix 3   |
|-------------|-----------------|----------------------|--------------------------|-------------------|-----|---------|-------|-------------------|----------|-----------|
| First nam   | neLast name     | Affiliation          | Category                 | Project           | Sex | 95-03   | 01-03 |                   | 11       |           |
| Annette     | Ander           | UU                   | Admin.                   | Admin             | F   | 0,05    | 0,05  |                   |          |           |
| Roland      | Grönroos        | UU                   | Admin.                   | Admin             | М   | 1,52    | 0,59  |                   |          |           |
| Patrik      | Johansson       | UU                   | Admin.                   | Admin             | М   | 0,20    | 0,20  |                   |          |           |
| Helena      | Petterson       | UU                   | Admin.                   | Admin             | F   | 0,45    | 0,05  |                   |          |           |
| Jan         | Sjödin          | IAR                  | Industrial Ph.D. Student | WPO               | М   | 4,18    | 1,33  |                   |          |           |
| Johan       | Blom            | MobileArts           | Industrial Ph.D. Student | Testing           | М   | 1,00    | 1,00  |                   |          |           |
| Johann      | Deneux          | Prover Technology    | Industrial Ph.D. Student | SMC               | М   | 3,00    | 3,00  |                   |          |           |
| Johan       | Runesson        | UU                   | Industrial Ph.D. Student | WPO               | М   | 4,25    | 3,00  |                   |          |           |
| Jakob       | Engblom         | UU/IAR               | Industrial Ph.D. Student | WCET              | М   | 4,90    | 1,65  |                   |          |           |
| Anders      | Möller          | CC-systems           | Industry MSc student     | WCET              | М   | 0,56    | 0,56  | SUM               | MING     | UP        |
| Magnus      | Nilsson         | CC-systems           | Industry MSc student     | WCET              | М   | 0,46    | 0,46  | bein              |          |           |
| Martin      | Carlsson        | ENEA                 | Industry MSc student     | WCET              | М   | 0,52    | 0,52  |                   | an year  | s         |
| Sven        | Montan          | IAR                  | Industry MSc student     | WCET              | Μ   | 0,50    |       | 1995-2003         | 130      |           |
| Niklas      | Edvinsson       | Telelogic            | Industry MSc student     | Testing           | Μ   | 0,42    | 0,42  | 1995-2000         | 69       | 53%       |
| Håkan       | Larsson         | Telelogic            | Industry MSc student     | Testing           | Μ   | 0,18    | 0,10  | 2001-2003         | 61       | 47%       |
| Gerardo     | Padilla         | Telelogic            | Industry MSc student     | Testing           | Μ   | 0,50    |       | Industry          | 40       | 31%       |
| Daniel      | Löf             | Telia Validation     | Industry MSc student     | Testing           | Μ   | 0,25    |       | Academia          | 91       | 69%       |
| Fredrik     | Flink           | Volvo TU             | Industry MSc student     | Testing           | Μ   | 0,50    | 0,50  |                   | <i>,</i> | 40/       |
| John        | Håkanson        | Volvo TU             | Industry MSc student     | Testing           | Μ   | 0,65    |       | Admin<br>Research | 6<br>125 | 4%<br>96% |
| Anders      | Lundell         | ABB LAB              | Industry researcher      | BUS               | Μ   | 0,25    |       | Tresearen         |          |           |
| Ulf         | Hammar          | ABB LABC             | Industry researcher      | Software synthesi | s M | 0,10    | 0,10  | Male              | 127      | 98%       |
| Ulf         | Hammar          | ABB LABC             | Industry researcher      | BUS               | М   | 0,22    |       | Female            | 3        | 2%        |
| Christer    | Norström        | ABB Robotics         | Industry researcher      | Remodel           | М   | 0,10    | 0,10  |                   |          |           |
| Jörgen      | Hansson         | CC-systems           | Industry researcher      | WCET              | М   | 0,03    | 0,03  |                   |          |           |
| Jan         | Lindblad        | ENEA                 | Industry researcher      | WCET              | М   | 0,07    | 0,07  |                   |          |           |
| Thomas      | Aarts           | Ericsson CSLAB       | Industry researcher      | Failure Analysis  | М   | 0,01    | 0,01  |                   |          |           |
| Thomas      | Aarts           | Ericsson CSLAB       | Industry researcher      | Erl Ver           | М   | 1,90    | 0,40  |                   |          |           |
| Clara       | Benac Earle     | Ericsson CSLAB       | Industry researcher      | Erl Ver           | F   | 1,08    | 0,33  |                   |          |           |
| Björn       | Gustavsson      | Ericsson Erlang/OTP  | Industry researcher      | HIPE              | М   | 0,90    | 0,90  |                   |          |           |
| Kenneth     | Lundin          | Ericsson Erlang/OTP  | Industry researcher      | HIPE              | М   | 0,03    | 0,03  |                   |          |           |
| Ulf         | Wiger           | Ericsson Telecom AB. | Industry researcher      | Failure Analysis  | М   | 0,02    | 0,02  |                   |          |           |
| Per         | Åberg           | ESAB                 | Industry researcher      | WCET              | Μ   | 0,00    |       |                   |          |           |

page 1

| <b>T1</b> | <b>.</b> .  |                    |                     |         | G   | Man yea |        |
|-----------|-------------|--------------------|---------------------|---------|-----|---------|--------|
| First nan | neLast name | Affiliation        | Category            | Project | Sex | 95-03   | 01-03  |
| Anders    | Berg        | IAR                | Industry researcher | WPO     | М   | 0,20    |        |
| Jan-Erik  | Dahlin      | IAR                | Industry researcher | WPO     | Μ   | 0,60    |        |
| Mats      | Fors        | IAR                | Industry researcher | WPO     | Μ   | 0,13    | 0,08   |
| Anders    | Pikas       | IAR                | Industry researcher | WCET    | Μ   | 0,05    | ,<br>, |
| Håkan     | Törngren    | IAR                | Industry researcher |         | Μ   | 0,05    |        |
| Carl      | von Platen  | IAR                | Industry researcher | WPO     | Μ   | 0,85    | 0,30   |
| Carl      | von Platen  | IAR                | Industry researcher | WCET    | Μ   | 1,16    | 0,66   |
| Pontus    | Jansson     | Mecel              | Industry researcher | Auto    | Μ   | 0,40    | ,<br>, |
| Magnus    | Lindahl     | Mecel              | Industry researcher | Auto    | Μ   | 0,28    |        |
| Mikael    | Strömberg   | Mecel              | Industry researcher | Auto    | Μ   | 0,71    |        |
| Göran     | Båge        | MobileArts         | Industry researcher | Testing | Μ   | 0,20    | 0,20   |
| Saleh     | Ali         | Prover Technology  | Industry researcher | SMC     | Μ   | 1,00    | 1,00   |
| Mats      | Boman       | Prover Technology  | Industry researcher | SMC     | Μ   | 1,00    | 1,00   |
| Arne      | Borälv      | Prover Technology  | Industry researcher | SMC     | Μ   | 0,02    |        |
| Gunnar    | Stålmarck   | Prover Technology  | Industry researcher | SMC     | Μ   | 0,29    | 0,02   |
| Ove       | Åkerlund    | Prover Technology  | Industry researcher | SMC     | Μ   | 1,00    | 1,00   |
| Karin     | Palmqvist   | Rational           | Industry researcher | BOOM    | F   | 0,01    |        |
| Johan     | Nordin      | Telelogic          | Industry researcher | Testing | Μ   | 0,09    | 0,09   |
| Tomas     | Grelsson    | Telia Validation   | Industry researcher | Testing | Μ   | 0,02    |        |
| Stefan    | Mangenat    | Telia Validation   | Industry researcher | Testing | Μ   | 2,09    | 0,43   |
| Jakob     | Engblom     | Virtutech AB       | Industry researcher | SAAPP   | Μ   | 0,08    | 0,08   |
| Bengt     | Verner      | Virtutech AB       | Industry researcher | SAAPP   | Μ   | 0,08    | 0,08   |
| Antal     | Rajnak      | Volcano Com. Tech. | Industry researcher | WCET    | Μ   | 0,00    |        |
| Ola       | Lundqvist   | Volvo TU           | Industry researcher | Testing | Μ   | 0,11    | 0,03   |
| Henrik    | Lönn        | Volvo TU           | Industry researcher | Testing | Μ   | 0,05    | 0,05   |
| Mikael    | Andersson   | UU                 | MSc student         | WCET    | Μ   | 0,25    |        |
| Jonas     | Boustedt    | UU                 | MSc student         | Testing | Μ   | 0,80    | 0,30   |
| Johnny    | Burlin      | UU                 | MSc student         | WCET    | Μ   | 0,50    |        |
| Niklas    | Eén         | UU                 | MSc student         | SMC     | Μ   | 0,67    |        |
| Daniel    | Evestedt    | UU                 | MSc student         | SMC     | Μ   | 0,50    |        |
| Per       | Gustafsson  | UU                 | MSc student         | HIPE    | Μ   | 1,67    | 1,67   |
| Lennart   | Kamensky    | UU                 | MSc student         | SMC     | М   | 0,50    |        |

| First nam | eLast name  | Affiliation     | Category      | Project            | Sex | Man years<br>95-03 | 01-03 |
|-----------|-------------|-----------------|---------------|--------------------|-----|--------------------|-------|
| Tobias    | Lindahl     | UU              | MSc student   | HIPE               | М   | 1,67               | 1,67  |
| Olof      | Lindroth    | UU              | MSc student   | HIPE               | Μ   | 1,00               | ,     |
| Ulf       | Magnusson   | UU              | MSc student   | HIPE               | Μ   | 0,50               | 0,50  |
| Jesper    | Wilhelmsson | UU              | MSc student   | HIPE               | Μ   | 0,50               | 0,50  |
| Johan     | Andersson   | ABB Robotics    | Ph.D. Student | Remodel            | Μ   | 0,50               | 0,50  |
| Gunnar    | Övergaard   | KTH             | Ph.D. Student | BOOM               | Μ   | 1,40               | ,     |
| Nerina    | Bermudo     | MDH             | Ph.D. Student | WCET               | F   | 2,10               | 1,50  |
| Christer  | Sandberg    | MDH             | Ph.D. Student | WCET               | Μ   | 1,00               | 1,00  |
| Xavier    | Vera        | MDH             | Ph.D. Student | WCET               | М   | 1,50               | 0,90  |
| Anders    | Wall        | MDH             | Ph.D. Student | Software synthesis | s M | 0,10               | 0,10  |
| Friedhelm | Stappert    | Paderborn Univ. | Ph.D. Student | WCET               | Μ   | 0,02               | 0,02  |
| Gennady   | Chugunov    | SICS            | Ph.D. Student | Erl Ver            | Μ   | 1,55               | 0,15  |
| Lars-Åke  | Fredlund    | SICS            | Ph.D. Student | Erl Ver            | Μ   | 3,30               | 0,25  |
| Tobias    | Amnell      | UU              | Ph.D. Student | Software synthesis | s M | 3,00               | 3,00  |
| Tobias    | Amnell      | UU              | Ph.D. Student | Software synthesis | s M | 2,00               |       |
| Dirk      | Auchter     | UU              | Ph.D. Student | VassCo             | Μ   | 1,60               |       |
| Johan     | Bengtsson   | UU              | Ph.D. Student | BUS                | Μ   | 1,12               |       |
| Richard   | Carlsson    | UU              | Ph.D. Student | HIPE               | Μ   | 4,25               | 3,00  |
| Julien    | D'Orso      | UU              | Ph.D. Student | SMC                | Μ   | 1,50               |       |
| Alexandre | David       | UU              | Ph.D. Student | BUS                | М   | 2,00               |       |
| Andreas   | Ermedahl    | UU              | Ph.D. Student | WCET               | Μ   | 6,00               | 2,40  |
| Elena     | Fersman     | UU              | Ph.D. Student | Software synthesis | s F | 0,02               | 0,02  |
| Во        | Frödeberg   | UU              | Ph.D. Student | WPO                | Μ   | 0,60               |       |
| Anders    | Hessel      | UU              | Ph.D. Student | Testing            | Μ   | 2,33               | 2,33  |
| Fredrik   | Larsson     | UU              | Ph.D. Student | BUS                | Μ   | 1,00               |       |
| Karl      | Marklund    | UU              | Ph.D. Student | SAAPP              | Μ   | 1,83               | 1,83  |
| Leonid    | Mokrushin   | UU              | Ph.D. Student | Software synthesis | s M | 2,00               | 2,00  |
| Marcus    | Nilsson     | UU              | Ph.D. Student | SMC                | Μ   | 1,30               |       |
| Jan       | Nyström     | UU              | Ph.D. Student | Failure Analysis   | Μ   | 2,17               | 2,17  |
| Erik      | Stenman     | UU              | Ph.D. Student | HIPE               | М   | 5,52               | 1,92  |
| Jesper    | Wilhelmsson | UU              | Ph.D. Student | HIPE               | М   | 2,00               | 2,00  |
| Joachim   | Parrow      | KTH             | Prof.         | BOOM               | Μ   | 0,44               |       |

| First nam | eLast name | Affiliation       | Category | Project           | Sex | Man yea<br>95-03 | rs<br>01-03 |
|-----------|------------|-------------------|----------|-------------------|-----|------------------|-------------|
| Björn     | Lisper     | MDH               | Prof.    | WCET              | М   | 0,70             | 0,60        |
| Parosh    | Abdulla    | Prover Technology | Prof.    | SMC               | Μ   | 1,03             | 0,10        |
| Mads      | Dam        | SICS              | Prof.    | Erl Ver           | М   | 1,17             | 0,05        |
| Parosh    | Abdulla    | UU                | Prof.    | SMC               | М   | 0,63             | 0,25        |
| Bengt     | Jonsson    | UU                | Prof.    | WCET              | М   | 0,30             | 0,30        |
| Bengt     | Jonsson    | UU                | Prof.    | Testing           | М   | 1,02             | 0,60        |
| Bengt     | Jonsson    | UU                | Prof.    | Admin             | М   | 3,42             | 1,50        |
| Bengt     | Jonsson    | UU                | Prof.    | Failure Analysis  | М   | 0,20             | 0,20        |
| Wang      | Yi         | UU                | Prof.    | Software synthesi | s M | 0,40             | 0,40        |
| Wang      | Yi         | UU                | Prof.    | Auto              | М   | 0,82             |             |
| Wang      | Yi         | UU                | Prof.    | BUS               | М   | 0,20             |             |
| Sang Luyl | Min        | UU/KOREA          | Prof.    | WCET              | М   | 0,01             |             |
| Hans      | Hansson    | UU/MDH            | Prof.    | WCET              | М   | 1,02             | 0,40        |
| Christer  | Jonsson    | UU                | Res Eng  | HIPE              | М   | 1,75             |             |
| Mats      | Carlsson   | SICS              | Senior   | VOCAL             | М   | 0,25             |             |
| Dilian    | Gurov      | SICS              | Senior   | Erl Ver           | М   | 2,70             | 0,15        |
| Roland    | Bol        | UU                | Senior   | ARENA             | М   | 0,85             |             |
| Thomas    | Lindgren   | UU                | Senior   | HIPE              | М   | 0,80             |             |
| Sven-Olof |            | UU                | Senior   | WPO               | М   | 2,56             | 1,76        |
| Sven-Olof | •          | UU                | Senior   | SA                | М   | 1,49             | 0,21        |
| Mikael    | Petterson  | UU                | Senior   | HIPE              | М   | 4,58             | 2,40        |
| Paul      | Petterson  | UU                | Senior   | Testing           | М   | 1,00             | 0,20        |
| Kostis    | Sagonas    | UU                | Senior   | HIPE              | М   | 1,62             | 0,99        |
| Björn     | Victor     | UU                | Senior   | SAAPP             | М   | 0,11             | 0,11        |
| Jan       | Gustafsson | UU/MDH            | Senior   | WCET              | Μ   | 1,86             | 0,80        |





Appendix 4

# **ASTEC Financial Report Phase 3**

# Costs compared to contract for Phase 3 (2001-2003).

The amount of contributions from the parts differ from the planned proportions according to the ASTEC agreement for 2001-2003. The industrial parts has not been able to carry out the planned expansion from phase 2 to phase 3. The new industrial parts together with Academias ability to increase the contributions has mitigated the loss of planned funding from the industry. The Vinnova contribution will be slightly less the planned amount. It sholud be kept in mind that the contribution figures for 2003 included in these calculations is preliminary.

| Part                | C  | Cont | ract | %   |    | Cost | :   | %   |
|---------------------|----|------|------|-----|----|------|-----|-----|
| Industry            | 25 | 626  | 000  | 43  | 17 | 009  | 850 | 33  |
| Uppsala Universitet | 15 | 388  | 657  | 26  | 17 | 185  | 913 | 34  |
| NUTEK               | 18 | 000  | 000  | 31  | 17 | 009  | 850 | 33  |
| Sum                 | 59 | 014  | 657  | 100 | 51 | 205  | 613 | 100 |

# Contributions by ASTEC industrial parties compared to the contract.

| Industry                 | Contract (S | EK) | Cost   |     | (%) |
|--------------------------|-------------|-----|--------|-----|-----|
| ABB Ltd.                 | 336         | 000 | 593    | 000 | 176 |
| Cross Country Systems AB | 1 500       | 000 | 300    | 000 | 20  |
| OSE Systems AB           | 840         | 000 | 809    | 203 | 96  |
| Ericsson AB              | 7 650       | 000 | 4 467  | 000 | 58  |
| ESAB                     | 75          | 000 |        | 0   | 0   |
| IAR Systems AB           | 7 500       | 000 | 5 067  | 220 | 68  |
| Prover Technology AB     | 2 400       | 000 | 2 300  | 000 | 96  |
| Telelogic Sverige AB     | 1 500       | 000 | 200    | 000 | 13  |
| Validation AB            | 2 025       | 000 | 1 176  | 500 | 58  |
| Virtutech AB             | 900         | 000 | 499    | 200 | 55  |
| Volcano Com. Tech. AB    | 450         | 000 | 100    | 000 | 22  |
| Volvo Tech. Dev. AB      | 450         | 000 | 247    | 000 | 55  |
| MobileArts AB            |             | 0   | 800    | 000 |     |
| T-Mobile Inc.            |             | 0   | 449    | 940 |     |
| Sum                      | 25 626      | 000 | 17 009 | 850 | 66  |

# **ASTEC** projects finances

|                                  | Period 3, | 2001-2003  | 1995  | -2003      |
|----------------------------------|-----------|------------|-------|------------|
| Project                          | KSEK      | % of total | MSEK  | % of total |
| MANAGEMENT                       | 4004      | 8%         | 8,3   | 7%         |
| BUS                              |           |            | 1,8   | 2%         |
| Auto                             |           |            | 3,4   | 3%         |
| Erl Ver                          | 1890      | 4%         | 9,2   | 8%         |
| Failure<br>Analysis              | 1187      | 2%         | 1,2   | 1%         |
| HIPE                             | 10430     | 21%        | 17,0  | 15%        |
| SA                               | 153       | 0%         | 1,6   | 1%         |
| Symbolic                         | 4238      | 8%         | 6,6   | 6%         |
| Testning                         | 4500      | 9%         | 7,4   | 7%         |
| WCET UU                          | 5877      | 12%        | 13,4  | 12%        |
| WCET MDH                         | 4128      | 8%         | 4,1   | 4%         |
| WPO                              | 6155      | 12%        | 11,0  | 10%        |
| BOOM                             |           |            | 3,7   | 3%         |
| VASSCO                           |           |            | 0,9   | 1%         |
| ARENA                            |           |            | 4,7   | 4%         |
| VOCAL                            |           |            | 3,0   | 3%         |
| RT* see WCET +<br>AUTO for 98-00 |           |            | 5,1   | 5%         |
| STEP                             | 1204      | 2%         | 1,2   | 1%         |
| REMODEL                          | 939       | 2%         | 0,9   | 1%         |
| SAAPP                            | 2103      | 4%         | 2,1   | 2%         |
| Software<br>Synthesis            | 3938      | 8%         | 3,9   | 4%         |
| Total                            | 50745     | 100%       | 110,4 | 100%       |

Updated 19-Aug-2003 01:38 by Roland Grönroos

e-mail: astec@docs.uu.se Location: http://www.astec.uu.se/etapp3/evaluations/eval2003/Material/appendices/finance.shtml

Uppsala University

• Department of Information Technology

ASTEC

| Financial report for ASTE              | EC vear 200 <sup>°</sup> | 1 and 2002  | and budge   | t for2003   |             |            |          | Uppdated 2003-08-18                       |
|----------------------------------------|--------------------------|-------------|-------------|-------------|-------------|------------|----------|-------------------------------------------|
| · ···································· |                          |             | updated*    |             | see note ** | Phase 3    |          |                                           |
|                                        | Budget 2001              | Result 2001 | Budget 2002 | Result 2002 | Budget 2003 | kr         | division | Comments                                  |
| ABB                                    | 112 000                  | 103 000     | 112 000     | -           | 490 000     | 593 000    |          | 2003 only ABB robotics                    |
| Cross Country Systems AB               | 500 000                  | 150 000     | 250 000     | 150 000     | -           | 300 000    |          |                                           |
| OSE Systems AB                         | 280 000                  | 287 230     | 261 000     | 261 000     | 261 000     | 809 230    |          | 58 kUSD donation                          |
| Ericsson AB                            | 2 550 000                | 2 326 080   | 890 700     | 1 581 680   | 560 000     | 4 467 760  |          |                                           |
| ESAB                                   | 25 000                   | -           | 25 000      | -           | -           | -          |          |                                           |
| I.A.R. Systems AB                      | 2 500 000                | 2 371 200   | 1 950 000   | 1 696 020   | 1 000 000   | 5 067 220  |          |                                           |
| Prover Technology AB                   | 800 000                  | 400 000     | 650 000     | 900 000     | 1 000 000   | 2 300 000  |          |                                           |
| Telelogic Sverige AB                   | 500 000                  | 200 000     | 200 000     | -           | -           | 200 000    |          |                                           |
| Validation AB                          | 675 000                  | 382 500     | 50 000      | 119 000     | 675 000     | 1 176 500  |          |                                           |
| Virtutech AB                           | 300 000                  | -           | 100 000     | 51 200      | 448 000     | 499 200    |          |                                           |
| Volcano Communicaton Technologies AB   | 150 000                  | -           | -           | -           | 100 000     | 100 000    |          |                                           |
| Volvo Teknisk Utveckling AB            | 150 000                  | 97 000      | -           | -           | 150 000     | 247 000    |          |                                           |
| Mobile Arts                            | -                        | -           | -           | -           | 800 000     | 800 000    |          | Suggested as new partner from 2003-01-01. |
| T-mobile                               |                          |             |             |             | 449 940     | 449 940    |          | Suggested as new partner from 2003-01-01. |
| Contribution missing to match VINNOVA  |                          |             |             |             |             | -          |          |                                           |
| Industry                               | 8 542 000                | 6 317 010   | 4 488 700   | 4 758 900   | 5 933 940   | 17 009 850 | 34%      |                                           |
|                                        |                          |             |             |             |             |            |          |                                           |
| Uppsala Universitet inkl MDH           | 4 262 407                | 4 125 542   | 4 473 046   | 5 511 812   | 4 518 459   |            |          |                                           |
| SICS                                   | 1 060 800                | 307 413     | -           |             | -           |            |          |                                           |
| MDH                                    |                          | 959 030     | 959 030     | 647 450     | 647 450     |            |          |                                           |
| Akademy                                | 5 323 207                | 5 391 985   | 5 432 076   | 6 159 262   | 5 165 909   | 16 717 156 | 33%      |                                           |
| VINNOVA***                             | 6 000 000                | 5 711 969   | 5 984 530   | 6 672 448   | 4 625 433   | 17 009 850 | 34%      |                                           |
| SUM                                    | 19 865 207               | 17 420 964  | 15 905 306  | 17 590 610  | 15 725 282  | 50 736 856 | 100%     |                                           |

\* Original budget the same contribution each year, the amounts are given in the column "Budget 2001".

\*\* ASTEC managemet budget assumption of contributions for 2003. \*\*\* VINNOVA funding amounts is shown as the year they are consumed. The payment of the contribution is exactly 6 MSEK per year.

-





Appendix 5 19-Aug-2003 11:36

# Statements from ASTEC's Industrial Partners

Most of these statements arrived as e-mail they have here been merged into one documet.

# Companies with a substantial software production

•

# ABB Automation Technology Products

| Your ref.     | Our ref.(please quote) | Date            |
|---------------|------------------------|-----------------|
| Bengt Jonsson | Christer Norström      | August 14, 2003 |

## Industrial statement ASTEC

ABB Automation Technology Products AB/ Robotics develops industrial robots, including mechanics, electronics, and software. We are currently one of the biggest players in the market place. Our products play an important role in different manufacturing industries, such as the car industry. Many car manufactures uses our robots in their assembly lines, e.g., for assembling and welding. Since an assembly line includes several hundred of robots, the reliability of our robots is of utmost importance for the car manufactures and our business.

The core component in a robot system is the control system, which has extremely high reliability requirements. Further, the investment we have done in this control system during the years is considerable. Despite that we have a very advanced system today, our customers want even more functionality. When adding new functionality it is a risk that we introduce new bugs or influence old functionality negatively. Therefore are we very interested in collaborating with ASTEC in methods for increasing reliability of a system during its complete life cycle.

This year we have started one project Remodel within ASTEC that aims to build up a method analyzing the effect of doing a change of our control system before we have implemented the change. The results of the projects so far are promising. A prototype tool has been developed and some small cases have been run. In addition, three papers have been written and presented in international conferences and workshops. This project has and will benefit from the competence available in ASTEC and provide interesting research problems with industrial relevance.

Hence, we strongly support ASTEC.

Christer Norström Department Manager Technology Development ABB Automation Technology Products AB/ Robotics

# **ABB** Automation Technology Products

Postal address:Telephone:Telefax:e-mail:ABB AutomationTechnolgy Products ABRobotics+46 21 34 40 00 +46 21 13 25 92 abb.robotics@se.abb.comS-721 68 VÄSTERÅS / Sweden

# • Cross Country Systems AB

Date: Mon, 18 Aug 2003 14:32:31 +0200

When developing new control systems or improving existing ones, testing is an important part of the development cycle. To reduce the time spent on testing it is very useful to be able to test the whole control system on a PC instead of using expensive target hardware. CC Systems has developed a simulation environment that offers support for functional testing and debugging of software for embedded systems. The principal aim of the Masters Theses iTime-Accurate Simulationî and iSynchronised Simulation of a Distributed Real-Time Systemî, was to enhance this simulation environment, by introducing support for synchronised simulation between different nodes in a simulated system. By assigning execution time to the different nodes in the system, in a controlled manner, more efficient and time-accurate simulation can be performed.

The techniques developed have been used in industrial pilot studies together with ESAB and Rolls-Royce Marine, and are being used today at CC Systems to develop new embedded control systems.

Jörgen Hansson

# • Ericsson AB

Date: Thu, 14 Aug 2003 10:47:45 +0200 From: Kenneth Lundin

This is a statement from the Erlang/OTP group at Ericsson AB regarding the HiPE part of ASTEC:

Stockholm 2003-08-14

During the last 3 years we have had a very fruitful cooperation with the HiPE (High Performance Erlang) group within ASTEC.

Things to mention are:

Regular exchange of code in both directions:

- Snapshots from Ericssons development branch to HiPE.
- New HiPE releases to be integrated and tested by Ericsson.

Coordination and technical meetings 2-3 times a year.

Several of the HiPE results are now part of the Erlang/OTP product which is used in several products developed by Ericsson and other companies.

Some results from HiPE which are now integrated into the product are:

- Improved Garbage Collection.
- Native code generation for SPARC and Intel X86 (for evaluation in real

#### products)

- Compiler improvements and optimizations.
- Packages , a hierarchical module system.

...

If the market situation for Ericsson and Telecom products in general were better, there is no doubt that Ericsson would have engaged some of the HiPE researchers as employees for further productification, industrialisation of some of the HiPE results.

The Erlang/OTP group has devoted 30% of one person for integration and test of the HiPE results into our product. If we have had more resources (better times) we could have spent more time on evaluating and refining the HiPE solutions which would have brought more of them into the product.

/Regards Kenneth Lundin (Product Manager of Erlang/OTP within Ericsson)

Kenneth Lundin Ericsson AB kenneth@erix.ericsson.se ÄT2/UAB/UKH/K BOX 1505 +46 8 727 57 25 125 25 Älvsjö

#### • Volvo Technological Development Corporation

Date: Mon, 18 Aug 2003 16:02:13 +0200 From: "Lundkvist Ola" To: Roland Grönroos

Volvo Technology (VTEC) has acted as an industrial partner in the ASTEC project during its 3 year period. During this time, we have conducted several collaborations with academic partners of the project. We have run two MSc thesis projects that were inspired by, and partly supervised by Uppsala Universitet (UU), an ASTEC project partner.

The first thesis project involves automatic oracle generation from a property definition expressed in logic. The oracle executes on a test equipment originally designed for fault injection. The thesis work demonstrated how this oracle can be used to automatically run tests in real-time to verify electronic control units.

The second thesis project utilizes the results from the first thesis but integrates the oracle in a Simulink environment. This tool is easier to use, since no physical equipment is needed in the simulated environment, and it can be used in an earlier phase of development.

The oracle tool, although it should be seen as a research prototype, is still useful for industrial problems. Particularly impressive considering the limited resources put in the project. At VTEC, we are currently concerned with finding real project in which to utilize the tool, which is essential to motivate further work and ensure that it goes in the right direction.

We consider ASTEC a fruitful project with industrially relevant results. UU has contributed with the main knowledge whereas VTEC has provided industrial problems. Volvo has received valuable contacts and interaction with researchers and students from the ASTEC consortium. The collaboration has also lead to European contacts in the embedded systems research area. Additionally, we have been able to examine industrial case studies in detail together with our ASTEC project partners.

Ola Lundkvist

# Companies that produce tools for software development

#### • IAR Systems AB

To: "'Bengt Jonsson'" Date: Mon, 18 Aug 2003

### The IAR Systems AB involvement in ASTEC

IAR Systems started the cooperation by taking part in the WCET (Worst Case Execution Time) related activities in order to understand the possibilities of providing tools that could be really useful to the real-time system developer. Since then our involvement has also emerged into the related field of compiler optimization technology, specifically the WPO (Whole Program Optimization) technology. We have part financed several M.Sc. diploma workers as well as three industrial Ph.D. students (one has now graduated, one is on his way towards graduation and one has now left the research work before graduating).

During the last couple of years the climate for research oriented activities has become rather harsh. The expected return on investment time frame is often below 12 months and this is a very short time when exploring new technologies. The product development cycle, for IAR Systems, is normally around 12 months when using well-known technologies and procedures. Creating something really new is much harder.

During the first years of cooperation the center was a good way for IAR Systems to recruit skilled students. There is currently no need for this since we do not hire any students at the moment.

Despite the economical climate we have decided to keep up the cooperation within ASTEC. It is the only truly software oriented competence center in Sweden, providing a unique way of establishing and maintaining a multilateral link between research organizations, end-users and different software tools suppliers. I am convinced that the long term investment in research cooperation will eventually pay off by giving us the possibilities to create new products or services that we can use to increase the value of our offerings to our customer base.

Olle Landström IAR Systems AB

## Mobile Arts AB

Mobile Arts AB Tjärhovsgatan 56 11628 Stockholm August 18, 2003

#### **ASTEC Evaluation**

Mobile Arts is a company providing products for telecommunication network operators in the mobile system area. As such, we have high expectations from our customers to deliver reliable, highly available software solutions in a timely manner. Thus efficient and accurate testing of our products can be considered one of the key factors for success. Mobile Arts expectations from this project is to testing methods and tools problem that work with the limited resources available in a smaller company, both in man power and nancially. The test methods and tools resulting from the project should be applicable and usable for new systems as well as modi cations to existing systems. We also have expectations on a technology transfer, something we expect to be fulled with an industrial PhD student.

Mobile Arts is a member of the ASTEC competence center since January 2003. The collaboration has so far been working to our satisfaction using a considerable amount of necessary speci cations and industrial experience from Mobile Arts, and method and tool development from the University. Because of the limited time the project has been running it is hard to give a more thoughtful evaluation. As of today we are encouraged by the results but are yet to reach a point were we use the rst results in our production. We do have expectations to reach such a point during the autumn 2003 though. This can be considered as a delay with the original plans, but it is mainly due to a slight exchange in company focus which will result in a new range of products. Our expectation is that the results from the ASTEC project will be applicable also on this new product platform. And that the degree of applicability will be a good test of the results.

Lars Kari, CTO Mobile Arts

#### • OSE Systems AB

Date: Thu, 14 Aug 2003 15:09:43 +0200 From: Jan Lindblad To: Roland Grönroos

Our (Enea Embedded Technology, formerly OSE Systems) membership in the ASTEC research group gives us several benefits. It allows us to try out, and influence the development of, some of the most advanced real time analysis tools on this planet. I believe this is highly valuable for the research community as well, since the road from theory to practice is a rocky one. Eventually, we might be able to help in the productification and commercialisation of a tool set, as development team or as advisor. We have contact with many potential users of this technology.

Through the years, we have had many thesis students in the field (execution time analysis). Our participation in ASTEC has also led us to participate actively in the european level research community, with many interesting contacts with researchers from UK, Germany, France and Finland.

Jan Lindblad

### • Prover Technology AB

From: Ove Åkerlund To: Roland Grönroos Date: Wed, 13 Aug 2003

Find below some statements about the co-operation between ASTEC (Johann Deneux) and Prover Technology AB.

Prover Technology is a company developing tools for automated verification – based on formal methods - of both software and hardware designs. The proof engines we develop can handle both combinatorial and sequential logic. Prover Technology's mission is to provide tool vendors and system integrators with these proof engines - "Prover Plug-in" – which are integrated into existing development tools. In this way the end-user will have access to a unified development

environment including automatic verification capabilities.

The main objective of the co-operation between ASTEC and Prover Technology is to develop a "user-friendly design and verification environment" for system design. The work done by ASTEC can be summarized in the following points:

- Starting from a commercial design tool (SCADE) we have utilized "formal methods" to introduce possibilities to perform verification analyses when also failure modes are included. Doing this work the "ASTEC competence and problem solving" has led to a first prototype for doing safety and reliability analyses.
- The ASTEC-work has been done by a PhD student, Johann Deneux. The work is mainly an implementation of known theoretical "formal method" results into a "practical tool". Doing this is a good example of technology transfer from academia to industry.
- The work is done as part of an EC-project (ESACS, Enhanced Safety Assessment for Complex Systems), which main objective is to improve safety and reliability analysis techniques as an integrated part of the development process. In this respect the ASTEC-work has been given good opportunities for contacts in the European aircraft industry, which is leading the project.

Ove Åkerlund

### Virtutech AB

From: "Jakob Engblom" Date: Thu, 14 Aug 2003 Organization: Virtutech

Virtutech is a company that sells full-system simulation technology to its customers, who then use it to speed their development of many different kinds of complex digital systems. Typically, Virtutech customers work with a mix of hardware and software concerns, and our technology allows them to work with a simulated environment instead of a real (possibly prototypal) machine.

Full system simulation technology has a great benefit in that it allows a degree of control over and repetition of execution which is impossible to obtain on a real hardware machine. The SAAPP project is about exploiting this control and repeteability in novel ways, to create a very powerful software analysis and debugging tool based on our simulation technology.

There is a great need to recreate the abstractions created by software e.g. threads, virtual address spaces and locks. Part of this project is about recreating these abstractions automatically and making them available to the user, which has obvious utility for Virtutech's customers.

What is interesting in SAAPPs approach is to try and apply model checking to the large class of software which has not been written in a correct by design language.

From an application perspective, it is not necessary to build a complete model of the software. Even a partial model can be used to find errors in code. Another nice property is that the SAAPP approach works even when the source code is not available. Overall, it seems like a very good idea to try and bridge the gap between the theoretical power of model checking and the tons of code that have been written without formal verification in mind.

In the short term, there are interesting things to be learned from the SAAPP project that have relevance for Virtutech. Especially interesting is how the simulator control can be used to systematically trigger different possible behaviours.

Participating in ASTEC allows Virtutech to help explore these interesting issues that we would otherwise not have the competence to pursue on our own.

/jakob

-----

Jakob Engblom, PhD. Senior developer @ Virtutech

\_\_\_\_\_

WWW: www.virtutech.com Email: jakob@virtutech.com Phone: +46-(0)8-6900746 Fax: +46-(0)8-6900729

University home: http://user.it.uu.se/~jakob

Updated 19-Aug-2003 09:05 by <u>Roland Grönroos</u> e-mail: a<u>stec@docs.uu.se</u>

 $\label{eq:location:http://www.astec.uu.se/etapp3/evaluations/eval2003/Material/appendices/industry\_statements.shtml \label{eq:location:http://www.astec.uu.se/etapp3/evaluations/eval2003/Material/appendices/industry\_statements.shtml \label{eq:location:http://www.astec.uu.se/etapp3/evaluations/evaluations/evaluations/evaluations/evaluations/evaluations/evaluations/evaluations/evaluations/evaluations/evaluations/evaluat$ 

Uppsala University
 Department of Infe

<u>Department of Information Technology</u>
 <u>ASTEC</u>





Appendix 6 19-Aug-2003 11:36

# **ASTEC Projects**

# Projects 2001-2003

# • HIPE: High Performance Erlang

The project aims at developing techniques for efficient compilation of concurrent functional programming languages. The project focuses on the Erlang language. Within the project, the following issues are addressed.

- Techniques for efficient compilation of programming language features and abstractions that are prominent in communication software, such as process communication, process creation and code replacement. Efforts should be guided by the characteristics of realistic industrial applications.
- Methods for measuring usage characteristics and execution properties of software, which is useful for guiding optimization efforts
- Evaluation on industrial-size programs found in telecommunications systems, such as ATM switches and WWW servers.

The project is based on the current development of a compiler for Erlang, currently being developed at Uppsala University. This compiler is a platform for experimenting with optimizations, and for application to industrial-size programs, which exist today.

Participating industries: Ericsson AB and T-Mobile Inc.

# • Remodeling: Reverse engineering of industrial real-time applications

Many complex industrial real-time systems used in industry today such as robot control systems, industrial control systems, telecom systems etc. were not initially designed to enable early analysis of various quality properties. This was not a problem when the system was young. However, to understand the impact of changes become more and more difficult the older the system become. This is mainly due to two reasons. First, the initial design decay due to frequent changes and extensions of new functions. Second, the engineers that architect the initial system have left the company. The impact of this is that the only way to analyze the effect of adding a new feature to the system is to implement it and test if the system still works properly which is very time consuming. Further, when the system complexity increases the cost of extending and maintaining the system increase dramatically which is not acceptable. The only ways to handle this situation is to either redesign the system or remodel the system to enable early analysis. The latter is often preferred. In this project we will study how it is possible to re introduce analyzeability into complex real-time systems. The specific properties which will be studied are resource properties such as timing properties, memory consumption and performance properties.

The goal of the work is to:

- Develop a methodology on how to remodel existing systems

- Develop a modeling language which support describing both structure and behavior of a system.

- Develop a query language to use on the model.

- Study the model validity problem.

- Run at least two case studies to show the viability of the approach.

Initially work has been done. A case study at ABB Robotics has been conducted and a set of prototype tools has been developed as a master thesis.

Participating industry: ABB Robotics.

# • SAAPP: Simulator-Aided Analysis of Parallel Processes This project develops techniques for analyzing concurrency properties such as data races of programs. To allow analysis of low-level programs, including operating systems and their interaction with user programs, we use and extend the commercially successful instruction-level simulator SIMICS, developed by the industrial partner. The advantages of SIMICS are that programs run unmodified, and that analysis is done non-intrusively without introducing "probe effects", which are common in earlier approaches which use code instrumentation. We can thus avoid the general problem of abstraction in approaches based on analysis of specifications rather than actual programs. Since SIMICS analyzes programs at a low level of abstraction (essentially machine instructions), techniques must be developed for recovering the process structure of a program, and for detecting the dependencies between processes, communication objects such as locks, semaphores, and shared variables at runtime rather than by using specially instrumented libraries.

Participating industry: Virtutech AB

# • SMC: Symbolic Model Checking

The goal of the project is to extend the applicability and efficiency of model checking algorithms. The main approach is to consider an alternative approach for symbolic verification by using SAT-solvers such as Stålmarck's method, instead of BDDs as a search engine in model checking.

The main issues are

- to design methods that scale for large and complex system models, in particular for control systems, signalling systems, hardware circuits, etc.
- to make analysis as complete and powerful as possible in the case that complete coverage of the system model is impossible.

The work will be based on Stålmarck's method for proving large

ASTEC

formulas in propositional logic and in restricted fragments of first-order logic. Participating industry: Prover Technology AB.

# • Software Synthesis Guaranteeing Timing Constraints

The focus of this project is on schedulability analysis and synthesis of executable code for timed systems with predictable behaviours. We assume that a timed system consists of two parts: the control software and the plant (to be controlled). Both are modeled as timed automata extended with real time computation tasks. We consider the extended timed automata as design models.

The goal of this project is to develop (1) a tool for schedulability analysis of timed systems based on their design models and resource constraints. (2) a compiler to transform design models to executable code including a run-time scheduler (run time system) preserving the correctness and schedulability of the models.

The outcome of the project is the TIMES tool suite, which includes features for schedulability analysis and a code generator for the LEGOS operating system. TIMES can be downloaded at www.timestool.com for free application in research and education.

Participating industriy: ABB Automation Products.

# • Testing: Automated Testing

The project focuses on developing techniques for model-based automated testing of computer systems. Central problems are:

- Developing symbolic techniques for generation of test suites from abstract models of system under test.
- Generation of test oracles from requirements of systems under test.
- Developing symbolic techniques for testing of real-time systems.

In the current period, focus has been on techniques for automated test case generation form abstract models of telecom services (modelled as extended finite state machines) and real-time systems (modelled as timed automata).

Participating Industries: Validation AB, Volvo TU, and MobileArts

• WCET: Calculation of Worst-Case Execution Times The project addresses static analysis of programming languages and hardware in industrial use, in order to extract information about the execution time of code fragments. This information is of vital importance for the development of predictable embedded and real-time systems.

This project addresses three main areas:

- Static and automatic analysis of program flow, in order to determine the worst possible program executions without manual intervention. Examples of problems that are attacked is recursion, loops, and inheritance in object-oriented languages.
- · Analysis of hardware features like pipelines, caches, and

• The combination of flow information and hardware information to calculate final execution time estimates, including how to account for compiler optimizations that makes the relation between source code and object code complex.

Participating industries: IAR Systems AB and Volcano Communications Technologies AB.

# • WPO: Whole-Program Optimization in Compilers for Embedded Systems

This project addresses

- Methods for automated and efficient compilation of code to meet stringent constraints on memory, power, timing, and irregular hardware architectures.
- The target applications are taken from small embedded programs.
- The approach to solve this problem is to develop static analysis methods that consider the entire program. The entire application is analyzed and optimizations are performed based on the information obtained. In the embedded market, the normal applications are small enough for this approach.

The goal should be "keyword-free programming", in which the compiler relieves the programmer from the burden to optimize for particular features of the platform. Techniques for automatically generating efficient optimized code for a variety of hardware platforms shall be developed.

Participating industries: IAR Systems AB.

# Projects completed 2000-2003

- Auto: A design methodology for embedded real-time systems This project takes a broad view on the development of embedded real-time systems. The main focus is on
  - techniques for describing functional modules of a design and their relationships,
  - methods for mapping a network of connected functional modules onto a distributed target architecture. Important aspects are resource sharing, resource allocation and scheduling.

A starting point is the software development method BASEMENT proposed in the VIA project, which includes an outline of a signal-flow based design language.

Participating industries: Mecel AB.

# • BUS: Modelling and analysis of a bus protocol This project is primarily a case study. It aims at modeling and analyzing a bus protocol, developed and implemented by ABB Automation Products, using state-of-the-art model checking tools, primarily UPPAAL. The purpose is

• to construct an abstract model of the protocol, and finding

sources of potential execution problems.

• using the experiences gained in the case study, to develop further the general methodology for modeling bus protocols, and the tool support for analysis.

Participating industries: ABB Automation Products AB, UPAAL Sweden AB.

# • ErlVer: A Verification Method for Erlang

This project develops a methodology which consists of the following.

- On the theoretical side, of an operational semantics, property specification language based on temporal logic, and a proof system for Erlang.
- On the practical side, of a tool set that supports verification of properties by means of a proof assistant, extended with a graphical user inteface, and with considerable support for proof automation.
- Evaluation of the approach using a range of case studies in telecommunications systems, kindly submitted by Erlang software developers.

Participating industries: Ericsson Utvecklings AB.

# • Failure Analysis: Static analysis of recovery propertes of Erlang applications

ERLANG is a concurrent functional language, which has been successfully used for the development of complex telecommunication software within Ericsson. An important feature of ERLANG, which allows to build highly concurrent and still very robust systems, is its in-built support for recovery from failures. An ERLANG system typically creates a large number of processes. OTP provides support for organising the processes of an ERLANG system into trees, in which parent processes monitor the failure status of their children and are responsible for recovery, typically meaning to restart chrashed children. The purpose of thus project is to support the analysis of the ability of ERLANG systems to tolerate and recover crashes of individual processes. The question that we seek to answer are: How can an automated tool address the following questions: What is the effect of a process crash on the overall system? What recovery will happen upon the crash of a process? What are the potentially dangerous scenarios in which recovery may not be guaranteed? on the basis of the code of an Erlang system. The idea of the project is to answer the above questions by developing a tool that can extract relevant system structure from an ERLANG system, and thereafter analyze this structure to find potential "holes" in the recovery mechanisms. Results

- The analysis tools developed in the project have been applied to several OTP-libraryapplications and a subsystem of the AXD 301 ATM switch.

- Jan Nyström is planned to present his PhD thesis during 2003. Participating industries: ATM Multiservice Networks, Ericsson Telecom AB, Ericsson Utvecklings AB.

• SA: Analysis of types and process topology for static

# debugging

This project develops a method and an implementation for analysis of the Erlang programming language. The analysis is intended to give information similar to that of a static typing system, helping the programmer to validate and debug a program while it is being constructed. The approach is specifically aimed at handling features that are characteristic of Erlang and telecommunications programs, such as processes and communication. The analysis is also intended to provide information to an Erlang compiler, which can be used for compilation.

Participating industry: Ericsson Utvecklings AB.

# • TAS: Time-Accurate Simulation

The **Time-Accurate Simulation** (TAS) project is a part of CODER, and developed techniques to allow multi-node distributed real-time systems to be simulated on a PC. The techniques used synchronizes the simulation of multiple nodes in order to reflect their relative speed. It is also possible to synchronize against a real-world clock, to run the simulated system with a constant speed relative to the real-world. A special case of this is when the constant is one, in which case the simulation runs at its real-life speed. Slowing the simulation down can be just as useful for finding bugs. The project was performed together with CC-Systems, and the results are being used today at CC-Systems to develop new embedded control systems. Participating industry: CC Systems AB.

Updated 19-Aug-2003 11:36 by <u>Roland Grönroos</u> e-mail: <u>astec@docs.uu.se</u> Location: http://www.astec.uu.se/etapp3/evaluations/eval2003/Material/appendices/projects.shtml

Uppsala University

• Department of Information Technology

ASTEC

Appendix 7

# **ASTEC publications 1995-2003**

# Statistical data 1995-2003

| Publication type                      | No.            | Publication   | year No.            |                        |
|---------------------------------------|----------------|---------------|---------------------|------------------------|
| Journal, Book                         | 14             | 1995          | 1                   |                        |
| Conference (with refree system)       | 63             | 1996          | 7                   |                        |
| Workshop                              | 35             | 1997          | 19                  |                        |
| Technical report                      | 29             | 1998          | 12                  |                        |
| Submitted                             | 4              | 1999          | 22                  |                        |
| PhD thesis                            | 7              | 2000          | 35                  |                        |
| Lic thesis                            | 3              | 2001          | 32                  |                        |
| M.Sc. thesis                          | 22             | 2002          | 34                  |                        |
| SUM                                   | 177            | 2003          | 15                  |                        |
|                                       |                | SUM           | 177                 |                        |
| The total number of contributing 125. |                |               | t frequent<br>iters | No. of<br>publications |
| The mean number of authors per        | publication is | Engblom, J.   |                     | 23                     |
| 2,5.                                  |                | Ermedahl, A.  |                     | 22                     |
|                                       |                | Yi, W.        |                     | 21                     |
|                                       |                | Pettersson, I | P.                  | 17                     |
|                                       |                | Sagonas, K.   |                     | 15                     |
|                                       |                | Gustafsson,   | J.                  | 12                     |
|                                       |                | Johansson, E  |                     | 12                     |
|                                       |                | Jonsson, B.   |                     | 12                     |
|                                       |                | Fredlund, L   |                     | 11                     |
|                                       |                | Gurov, D.     |                     | 10                     |
|                                       |                | Dam, M.       |                     | 9                      |
|                                       |                | David, A.     |                     | 9                      |
|                                       |                | Hansson, H.   |                     | 9                      |

# ASTEC publications 2001-2003

to ASTEC publications for the period 1995-2000

# Publications in refereed scientific journals

Amnell, T., Fersman, E., Pettersson, P., Sun, H. and Yi, W. 2002. Code Synthesis for Timed Automata Nordic Journal of Computing vol: 9 (4) pages: 269-300 . <u>ps</u>, <u>pdf</u>, <u>abstract</u>, <u>webpage</u>
Arts, T., Chugunov, G., Dam, M., Fredlund, L., Gurov, D. and Noll, T. 2001. A Tool for Verifying Software Written in Erlang International Journal on Software Tools for Technology Transfer, accepted . <u>ps</u>, <u>webpage</u>
Behrmann, G., Bengtsson, J., David, A., Gulstrand Larsen, K., Petterson, P., Yi, W., 2002. UPPAAL Implementation Secrets Bengtsson, J., Griffioen, D., Kristoffersen, K., Larsen, K., Larsson, F., Pettersson, P., Yi, W. 2002. Automated Analysis of an Audio Control Protocol Using UPPAAL

Journal of Logic and Algebraic Programming vol: 52-53 pages: 163-181 .

- Dam, M. and Gurov, D. 2002.
   mu-Calculus with Explicit Points and Approximations
   Journal of Logic and Computation, Abstract in Proceedings of: FICS 2000 vol: 12(2) pages:
   43-57. ps
   Earsteine L. Ermedelel, A. Siödin, M. Custafasen, L. and Lansson, H. 2001.
- Engblom, J., Ermedahl, A., Sjödin, M., Gustafsson, J. and Hansson, H. 2001. Worst-Case Execution-Time Analysis for Embedded Real-Time Systems International Journal on Software Tools for Technology Transfer, accepted . , <u>webpage</u>
- Johansson, E., Pettersson, M., Sagonas, K., and Lindgren, T. 2001. The Development of the HiPE System: Design and Experience Report International Journal on Software Tools for Technology Transfer, accepted . , <u>webpage</u>
- Larsen, K., Larsson, F., Pettersson, P. and Yi, W. 2003. Compact Data Structure and State-Space Reduction for Model-Checking Real-Time Systems In Real-Time Systems - The International Journal of Time-Critical Computing Systems, volume 25, issue 2:3, Kluwer Academic Publisher vol: 25., <u>webpage</u>

Lindahl, M., Pettersson, P., Yi, W. 2001. Formal Design and Analysis of a Gear-Box Controller International Journal on Software Tools for Technology Transfer (STTT) vol: 3 pages: 353-368 . <u>ps</u>, <u>pdf</u>

#### Publications in refereed scientific conferences

Amnell, T., Fersman, E., Mokrushin, L., Pettersson, P. and Yi, W. 2002. TIMES: A Tool for Modelling and Implementation of Embedded Systems Proceedings of 8th International Conference, TACAS 2002, part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2002 Katoen J.-P., Stevens P. (ed.) . - Springer-Verlag, (Lecture Notes in Computer Science) vol: 2280 pages: 460-464 . ps, pdf, abstract Arts, T. and Benac Earle, C. 2001. Development of a Verified Erlang Program for Resource Locking In proceedings of Formal Methods in Industrial Critical Systems, Paris, France, July, ps Behrmann, G., Bengtsson, J., David, A., Gulstrand Larsen, K., Petterson, P., Yi, W., 2002. **UPPAAL** Implementation Secrets International Symposium on Formal Techniques in Real-Time and Fault Tolerant Systems . ps , pdf , abstract Behrmann, G., David, A., Guldstrand Larsen, K., Yi, W., 2002. New UPPAAL Architecture Workshop on Real-Time Tools proceedings . , webpage Behrmann, G., David, A., Larsen, K., Möller, O., Pettersson, P. and Yi, W. 2001. **UPPAAL** - Present and Future In Proceedings of the 40th IEEE Conference on Decision and Control (CDC'2001). Orlando, Florida, USA, December 4 to 7, 2001. . ps , pdf , abstract , webpage Carlsson, M., Engblom, J., Ermedahl, A., Lindblad, J. and Lisper, B. 2002. Worst-Case Execution Time Analysis of Disable Interrupt Regions in a Commercial Real-Time **Operating System** RTTOOLS 2002 . Carlsson, R. 2002. Hierarchical module namespaces in Erlang Proceedings of the ACM SIGPLAN Erlang Workshop, Pittsburgh, Pennsylvania . - New York: ACM Press pages: 1-5 . Carlsson, R., Sagonas, K. and Wilhelmsson, J. 2003. Message Analysis for Concurrent Languages In Proceedings of the Static Analysis Symposium Cousot, Radhia (ed.) . - Springer, Berlin (LNCS) vol: 2694 pages: 73-90 . Damm, W. and Jonsson, B. 2002. Eliminating queues from RT UML model representations. Proc. FTRTFT'02, Lecture Notes in Computer Science vol: 2469 pages: 375-394 . Engblom, J. 2001.

Getting the Least Out of Your C Compiler Embedded Systems Conference (ESC) in San Francisco, April 9-13., pdf, webpage Engblom, J. 2003. Analysis of the Execution Time Unpredictability caused by Dynamic Branch Prediction In Proceedings of the 9th IEEE Real-Time/Embedded Technology and Applications Symposium (RTAS 2003), Toronto, Canada, May ., webpage Engblom, J. and Jonsson, B. 2002. Processor Pipelines and Their Properties for Static WCET Analysis Proceeding of the Second Embedded Software Conference (EMSOFT 02), LNCS 2491 . -Springer Verlag, Heidelberg, Germany vol: 2491 . Fersman, E., Pettersson, P. and Yi, W. 2002. Timed Automata with Asynchrounous Processes: Schedulability and Decidability Proceedings of 8th International Conference on Tools and Algorithms for the Construction and Analysis of Systems, TACAS 2002 . - Springer-Verlag, (Lecture Notes in Computer Science) vol: 2280 pages: 67-82 . ps , pdf , abstract Fredlund, L.-Å., Gurov, D. and Noll, T. 2001. Semi-Automated Verification of Erlang Code In Proceedings of: ASE'01, IEEE Computer Society pages: 319-323 . , pdf Gustafsson, J. 2002. Worst Case Execution Time Analysis of Object-Oriented Programs In Seventh IEEE International Workshop on Object-oriented Real-time Dependable Systems (WORDS 2002) January 7-9, 2002 San Diego, CA . IEEE . , abstract Gustafsson, P., Sagonas, K. 2002. Native Code Compilation of Erlang's Bit Syntax Proceedings of the ACM SIGPLAN Erlang Workshop, Pittsburgh, Pennsylvania . - New York: ACM Press pages: 6-15 . Johansson, E. and Sagonas, K. 2002. Linear Scan Register Allocation in a High-Performance Erlang Compiler. Presented at the 4th International Symposium, Practical Aspects of Declarative Languages (PADL 2002), Portland, OR, USA, January 19-20, . LNCS vol: 2257 pages: 299-317 . ps , pdf Johansson, E., Sagonas, K. and Wilhelmsson, J. 2002. Heap Architectures for Concurrent Languages using Message Passing Proceedings of ISMM'2002: ACM SIGPLAN International Symposium on Memory Management . - New York: ACM Press pages: 88-99 . Lee, S. Ermedahl, A., Lyul Min, S. and Chang, N. 2001. An Accurate Instruction-Level Energy Consumption Model for Embedded RISC Processors ACM SIGPLAN 2001 Workshop on Languages, Compilers, and Tools for Embedded Systems (LCTES'2001), Snowbird, Utah, USA, June 22-23 pages: 1-10 . ps , pdf Lindahl, T., Sagonas, K. 2002. Unboxed Compilation of Floating Point Arithmetic in a Dynamically Typed Language **Environment** Proceedings of the 14th International Workshop on the Implementation of Functional Languages (IFL 2002). Madrid, Spain, September 2002. LNCS. Peña Ricardo (ed.) . - Berlin; Springer vol: 2670 . Makholm, H., Sagonas, K. 2002. On Enabling the WAM with Region Support Proceedings of the International Conference on Logic Programming Stuckey, Peter (ed.) . -Springer, Berlin, (LNCS) vol: 2401 pages: 163-178 . Noll, T., Fredlund, L.-Å. and Gurov, D. 2001. The Erlang Verification Tool In Proceedings of: TACAS'01, Lecture Notes in Computer Science vol: 2031 pages: 582-585 . <u>ps</u> Pettersson, M., Sagonas, K., and Johansson, E. 2002. The HiPE/x86 Erlang Compiler: System Description and Performance Evaluation Proceedings of the 6th International Symposium on Functional and Logic Programming, Aizu, Japan, September 2002. Springer Hu, Zhenjiang; Rodriguez-Artalejo, Mario (ed.) . - Berlin: Springer, (LNCS) vol: 2441 pages: 228-244 . Runeson, J. and Nyström, S.-O. 2003. Retargetable Graph-Coloring Register Allocation for Irregular Architectures SCOPES'03, Vienna, September 24-26 . , pdf

Sjödin, J. and von Platen, C. 2001.

Storage Allocation for Embedded Processors

In Proc. of CASES'01, November 16-17, Atlanta, Georgia, USA. pages: 15-23 . , pdf Stappert, F., Ermedahl, A., and Engblom, J. 2001.

Efficient Longest Executable Path Search for Programs with Complex Flows and Pipeline Effects

Technical reports from the Department of Information Technology vol: 12 . <u>ps</u> , <u>pdf</u> , <u>abstract</u> , <u>webpage</u>

Stappert, F., Ermedahl, A., and Engblom, J. 2001.

Efficient Longest Executable Path Search for Programs with Complex Flows and Pipeline Effects

In Proc. of CASES'01, November 16-17, Atlanta, Georgia, USA. pages: 132-140 . , pdf Stenman, E. and Sagonas, K. 2002.

On Reducing Interprocess Communication Overhead in Concurrent Programs Proceedings of the ACM SIGPLAN Erlang Workshop, Pittsburgh, Pennsylvania . - New York: ACM Press pages: 58-63 .

Vera, X. and Xue, J. 2002.
 Let's Study Whole-Program Cache Behaviour Analytically
 In International Symposium on High-Performance Computer Architecture (HPCA 8)
 Cambridge, MA, February 2002, IEEE. . <u>ps</u>, <u>abstract</u>

#### Publications in scientific workshops

Amnell, A., David, A., Fersman, E., Möller, O., Pettersson, P. and Yi, W. 2001. Tools for Real-Time UML: Formal Verification and Code Synthesis In Proceedings of the Workshop on Specification, Implementation and Validation of Object-oriented Embedded Systems (SIVOES'2001), 18-22 June . ps , pdf , abstract Amnell, T., Fersman, E., Mokrushin, L., Pettersson, P. and Yi, W. 2003. TIMES: a Tool for Schedulability Analysis and Code Generation of Real-Time Systems In Proceedings of the 1st International Workshop on Formal Modeling and Analysis of Timed Systems (FORMATS) . ps , pdf , abstract Blom, J. and Jonsson, B. 2003. Automated Test Generation for Industrial Erlang Applications in Proc. 2nd ACM SIGPLAN Erlang Workshop, Uppsala, Aug. . Carlsson, R. 2001. An Introduction to Core Erlang In Proceedings of the PLI Erlang Workshop, Florence, Italy, September . ps Carlsson, R. 2003. Parametrized Modules in Erlang In Proceedings of the Second ACM SIGPLAN Erlang Workshop, Uppsala, Sweden, August, ACM Press pages: 30-36 . Engblom, J. 2001. On Hardware and Hardware Models for Embedded Real-Time Systems IEEE Embedded Real-Time Systems Workshop held in conjunction with the IEEE Real-Time Systems Symposium (RTSS 2001), London, UK, December 3 . , pdf Engblom, J., Ermedahl, A. and Stappert, F. 2001. A Worst-Case Execution-Time Analysis Tool Prototype for Embedded Real-Time Systems Workshop on Real-Time Tools (RT-TOOLS), Aalborg, Denmark, August 20 . , pdf , webpage Ermedahl, A., Engblom, J. and Stappert, F. 2002. A Unified Flow Information Language for WCET Analysis WCET Workshop, Wien, June 18. Fersman, E., Mokrushin, L., Pettersson, P. and Yi, W. 2003. Schedulability Analysis using Two Clocks In Proceedings of the 9th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS'03) . ps , pdf , abstract Gustafsson, J., Lisper, B., Bernmudo, N., Sandberg, C. and Sjöberg, L. 2002. A Prototype Tool for Flow Analysis of C Programs WCET Workshop, Wien, June 18, . Gustafsson, J., Lisper, B., Sandberg, C. and Bermudo, N. 2003. A Tool for Automatic Flow Analysis of C-Programs for WCET Calculation

WORDS Hessel, A., Larsen, K., Nielsen, B., Pettersson, P. and Skou, A. 2003. Time-Optimal Test Cases for Real-Time Systems In Proceedings of the 1st International Workshop on Formal Modeling and Analysis of Timed Systems (FORMATS). . ps , pdf , abstract Johansson, E. and Sagonas, K. 2001. Linear Scan Register Allocation in the HiPE compiler The International Workshop on Functional and (Constraint) Logic Programming (WFLP 2001), Kiel, Germany September 13-15 . ps , pdf Jonsson, B. and Padilla, G. 2001. An Execution Semantics for MSC2000 Tenth SDL Forum, Copenhagen, June . ps Nyström, J. and Jonsson, B. 2001. Extracting the Process Structure of Erlang Applications Erlang Workshop, Firenze, Sept. 2. . Nyström, S.-O. 2003. A Soft-typing System for Erlang in Proc. 2nd ACM SIGPLAN Erlang Workshop, Uppsala, Aug. . ps Pettersson, M., Sagonas, K., Johansson, E. and Magnusson, U. 2001. "The HiPE/x86 Erlang Compiler: System Description and Performance Evaluation " In Proceedings of the 13th International Workshop on the Implementation of Functional Languages, Stockholm, Sweden, September pages: 17-31. Sagonas, K. 2001. HiPE Version 1.0 Proceedings from Seventh International Erlang/OTP User Conference, Ericsson, Älvsjö, Sweden. . , webpage Sagonas, K., Pettersson, M., Carlsson, R., Gustafsson, P. and Lindahl, T. 2003. All you wanted to know about the HiPE compiler (and might have been afraid to ask) In Proceedings of the Second ACM SIGPLAN Erlang Workshop, Uppsala, Sweden, August. ACM Press. pages: 37-43. Wilhelm, R., Engblom, J., Thesing, S. and Whalley, D. 2003. Industrial Requirements for WCET Tools -- Answers to the ARTIST Questionnaire WCET03 workshop in Porto, Portugal, June. Held in conjunction with the 15th Euromicro Conference on Real-Time Systems. . , webpage **Technical** reports Bermudo, N. and Vera, X. 2001. Covote Project: Documentation Mälardalen Real-Time Research Center, Technical Report, October vol: 39 . Engblom, J., Ermedahl, A. and Stappert, F. 2001. Validating a Worst-Case Execution Time Analysis Method for an Embedded Processor Technical reports from the Department of Information Technology vol: 30 pages: 10. ps., pdf, abstract Lee, S. Ermedahl, A., Lyul Min, S. and Chang, N. 2002. Statistical Derivation of an Accurate Energy Consumption Model for Embedded Processors Technical reports from the Department of Information Technology vol: 11 pages: 20., pdf, <u>abstra</u>ct Pettersson, P. and Yi, W. (eds.) 2002. Workshop on Real-Time Tools Proceedings of the Workshop on Real-Time Tools 2002, Technical Report, Department of Information Technology vol: 5 . , webpage Pettersson, P. and Yovine, S. (eds.) 2001. Workshop on Real-Time Tools Proceedings of the Workshop on Real-Time Tools 2001, Technical Report. Department of Information Technology, Uppsala University, August vol: 14., webpage Runeson, J. and Nyström, S.-O. 2002. Generalizing Chaitin's Algorithm: Graph-Coloring Register Allocation for Irregular Architectures Technical Reports from the Department of Information Technology, Uppsala University vol:

#### 21., webpage

#### Submitted

Dam, M. 2001.

Proof System for pi-calculus Logics

"To appear. de Queiroz (ed.), ""Logic for Concurrency and Synchronisation"", Studies in Logic and Computation, Oxford Univ Press." . <u>ps</u>

Ermedahl, A., Stappert, F. and Engblom, J. 2003.

Clustered Calculation of Worst-Case Execution Times (To appear in) Proceedings of the 6th International Conference on Compilers, Architectures, and Synthesis for Embedded Systems (CASES 2003), San Jose, California, USA, Oct 30th to Nov 1st., <u>webpage</u>

Håkansson, J., Jonsson, B. and Lundqvist, O. 2002.

Generating On-Line Test Oracles from Temporal Logic Specifications Submitted .  $\underline{\text{ps}}$ 

Nyström, S.-O., Runeson, J. and Sjödin, J. 2001.

Code Compression Techniques for Embedded Systems

To appear: Technical reports from the Department of Information Technology . ps

#### PhD Theses

Engblom, J. 2002.

Processor Pipelines and Static Worst-Case Execution Time Analysis

Uppsala dissertations from the Faculty of Science and Technology vol: 36 . , <u>pdf</u> , <u>webpage</u> Ermedahl, A 2003.

A Modular Tool Architecture for Worst-Case Execution Time Analysis

Uppsala Dissertations from the Faculty of Science and Technology, ISSN 1104-2516 ; 45 pages: 200 . ,  $\underline{pdf}$  ,  $\underline{abstract}$ 

Fredlund, L.-Å. 2001.

A Framework for Reasoning about Erlang Code

PhD-thesis, KTH, TRITA-IT AVH vol: 4 pages: 233 . , pdf , abstract

Stenman, E. 2002.

Efficient implementation of concurrent programming languages Acta Universitatis Upsaliensis. Uppsala dissertations from the Faculty of Science and

Technology, ISSN 1104-2516 vol: 43 .

# Licenciate Theses

Towards A Static Cache Analysis for Whole Program Analysis Licentiate thesis ISSN 1404-3041 ISRN MDH-MRTC-59/2002-1-SE, Mälardalen University Press . <u>ps</u> , <u>abstract</u>

#### **Master of Science Theses**

Boustedt, J. 2002.

Automated Analysis of Dynamic Web Services

Technical reports from the Department of Information Technology vol: 10 pages: 56 .  $\underline{ps}$  ,  $\underline{pdf}$  ,  $\underline{abstract}$ 

Carlsson, M. 2002.

Worst Case Execution Time Analysis, Case Study on Interrupt Latency, For the OSE Real-Time Operating System

KTH, Masters Thesis in Electrical Engineering Stockholm 2002-03-18 . , pdf

Flink, F. 2001.

Simuleringsverktyg för kvantifiering och verifiering av distribuerade realtidssystem Examensarbeten på Datorteknik, Chalmers. .

Lindahl, T. 2002.

Compilation of Floating Point Arithmetic in the High Performance Erlang Compiler Uppsala Tekniska Högskola Master Thesis, UPTEC F 02 07, Uppsala University, October . Magnusson, U. 2001.

Vera, X. 2002.

An x86 back-end for the HiPE compiler Uppsala Master Thesis in Computing Science 197, Uppsala University, November pages: 19 . , <u>pdf</u> Montan, S. 2001. Validation of Cycle-Accurate CPU Simulators against Real Hardware Technical reports from the Department of Information Technology (M.Sc. thesis, Uppsala University) vol: 7 . <u>ps</u> , <u>pdf</u> , <u>abstract</u> Nilsson, Magnus 2001. Time Accurate Simulation UPTEC F 01 074, Masters degree project vol: SEP pages: 1-39 . , <u>pdf</u> Wilhelmsson, J. 2002. Exploring Alternative Memory Architectures for Erlang: Implementation and Performance Evaluation Uppsala Master Thesis in Computing Science vol: 212 . <u>ps</u>

# **ASTEC publications 1995-2000**

# Publications in refereed scientific journals

| Altenbernd, P. and Hansson, H. 1998.<br>The Slack Method: A new method for static allocation of hard real-time tasks                                                                          |
|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|
| Real-Time Journal, Kluwer, ASTEC Report 97/12 vol: 15(2) . <u>ps</u>                                                                                                                          |
| Gustafsson, J. and Ermedahl, A. 1998.                                                                                                                                                         |
| Automatic derivation of path and loop annotations in object-oriented real-time programs Journal of Parallel and Distributed Computing Practices vol: 1 (2) pages: 61 - 74 . <u>ps</u>         |
| Hansson, H., Lawson, H., Bridal, O., Eriksson, C., Larsson, S., Lönn, H. and Strömberg, M. 1997.<br>BASEMENT: An Architecture and Methodology for Distributed Automotive Real-Time<br>Systems |
| IEEE TC vol: 46(9) pages: 1016-1027 .                                                                                                                                                         |
| Hansson, H., Lawson, H., Strömberg, M. and Larsson, S. 1996.                                                                                                                                  |
| BASEMENT a distributed real-time architecture for vehicle applications                                                                                                                        |
| Real-Time Systems vol: 11 pages: 223-244 .                                                                                                                                                    |
| Hansson, H., Sjödin, M. and van der Velde, H. 1997.                                                                                                                                           |
| CAN-based Real-Time Lab Environment                                                                                                                                                           |
| CAN Newsletter vol: 3 pages: 48-49 . <u>ps</u> , <u>pdf</u>                                                                                                                                   |
| Publications in refereed scientific conferences                                                                                                                                               |
| Abdulla, P. A., Bjesse, P. and Eén, N. 2000.                                                                                                                                                  |
| Symbolic Reachability Analysis Based on SAT-Solvers                                                                                                                                           |
| In Proc. International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS) . ps                                                                           |
| Abdulla, P. A., Bouajjani, A., Jonsson, B. and Nilsson, M. 1999.                                                                                                                              |
| Handling Global Conditions in Parameterized System Verification                                                                                                                               |
| In Proc. 11th Int. Conf. on Computer Aided Verification vol: LNCS1633 pages: 134-145 . ps                                                                                                     |
| Abdulla, P. A., Iyer, P. and Nylén, A. 2000.                                                                                                                                                  |
| Unfoldings of unbounded petri nets                                                                                                                                                            |
| In Proc. 12 Int. Conf. on Computer Aided Verification, Lecture Notes in Computer Science vol: 1855 pages: 495-507. ps                                                                         |
| Amnell, A., Behrmann, G., Bengtsson, J., D'Argenio, P. R., David, A., Fehnker, A., Hune, T., Jeannet,                                                                                         |
| B., Larsen, K., Möller, O., Pettersson, P., Weise, C. and Yi, W. 2000.                                                                                                                        |
| UPPAAL - Now, Next, and Future,                                                                                                                                                               |
| In Proceedings of Modelling and Verification of Parallel Processes (MOVEP'2k), Nantes,                                                                                                        |
| France, June 19 to 23, 2000. LNCS Tutorial, F. Cassez, C. Jard, B. Rozoy, and M. Ryan                                                                                                         |
| (Eds.) vol: 2067 pages: 100-125 . <u>ps</u> , <u>pdf</u> , <u>abstract</u> , <u>webpage</u>                                                                                                   |
| Amnell, T., David, A. and Yi, W. 2000.                                                                                                                                                        |
| A Real Time Animator for Hybrid Systems                                                                                                                                                       |

In Proc. 6th ACM SIGPLAN LCTES'2000. To appear in LNCS. vol: accepted . ps Arts, T. and Dam, M. 1999. Verifying a Distributed Database Lookup Manager written in Erlang ASTEC Report 99/01, In Proc. World Congress on Formal Methods (FM) vol: LNCS 1708 pages: 682-700 . ps , pdf Arts, T., Dam, M., Fredlund, L. and Gurov, D. 1998. System Description: Verification of Distributed Erlang Programs In Proc. 15th International Conference on Automated Deduction (CADE'98) vol: LNCS 1421 pages: 38-41 . ps Bouajjani, A., Jonsson, B., Nilsson, M. and Touili, T. 2000. Regular Model Checking In Proc. 12th Int. Conf. on Computer Aided Verification, LNCS . ps Carlsson, M., Ottosson, G. and Carlson, B. 1996. Towards an Open Finite Domain Solver In Principles and Practice of Constraint Programming---CP96, Springer-Verlag LNCS vol: 1118 pages: 531-532 . ps Carlsson, M., Ottosson, G. and Carlson, B. 1997. An Open-Ended Finite Domain Constraint Solver Proceedings of International Symposium on Programming Languages: Implementations, Logics, and Programming, LNCS, Springer-Verlag vol: 1292 . ps Dam, M. and Fredlund, L. 1998. On the verification of open distributed systems In Proc. of the 1998 Symposium on Applied Computing (SAC'98) . ps Dam, M. and Gurov, D. 1999. Compositional Verification of CCS Processes In Proc. International Conference PERSPECTIVES OF SYSTEM INFORMATICS (PSI'99) vol: LNCS 1755 pages: 247-256 . ps Dam, M. and Gurov, D. 2000. µ-Calculus with Explicit Points and Approximations Fixed Points in Computer Science (FICS 2000) . ps Dam, M., Fredlund, L. and Gurov, D. 1998. Toward Parametric Verification of Open Distributed Systems In Proc. Compositionality: the significant difference, H. Langmaack, A. Pnueli and W.-P. de Roever (eds.), Springer-Verlag vol: LNCS 1536 pages: 150-185 . ps David, A. and Yi, W. 2000. Modelling and Analysis of a Commercial Field Bus Protocol 12th Euromicro Conference On Real-Time Systems, Stockholm, Sweden, June 19th-21th . ps Engblom, J. 1999. Static Properties of Commercial Embedded Real-Time Programs, and Their Implication for Worst-Case Execution Time Analysis In Proc. Fifth IEEE Real-Time Technology and Applications Symposium (RTAS '99). IEEE Computer Society Press, Vancouver, Canada pages: 46-55 . , pdf Engblom, J. 1999. Why SpecInt95 Should Not Be Used to Benchmark Embedded Systems Tools Proc. ACM SIGPLAN 1999 Workshop on Languages, Compilers, and Tools for Embedded Systems (LCTES '99) pages: 96-103 . ps , pdf Engblom, J. and Ermedahl, A. 1999. Pipeline Timing Analysis Using a Trace-Driven Simulator In Proc. The 6th International Conference on Real-Time Computing Systems and Applications (RTCSA'99) . ps , pdf Engblom, J. and Ermedahl, A. 2000. Modeling Complex Flows for Worst-Case Execution Time Analysis Proc. 21st IEEE Real-Time systems Symposium (RTSS 2000), Orlando, Florida, December . ps, pdf Engblom, J., Altenbernd, P. and Ermedahl, A. 1998. Facilitating Worst-Case Execution Time Analysis For Optimized Code ASTEC Report 98/02, 10th Euromicro Workshop on Real-Time Systems, Berlin . ps Ericsson, C., Wall, A. and Yi, W. 1999. Timed Automata as Task Models for Event-Driven Systems In proc. The 6th International Conference on Real-Time Computing Systems and Applications

(RTCSA'99), IEEE press . ps Ermedahl, A. and Gustafsson, J. 1997. Deriving Annotations for Tight Calculation of Execution Time ASTEC Report 97/04, Euro-Par '97, LNCS vol: 1300 pages: 1298-1307 . ps Ermedahl, A., Hansson, H. and Sjödin, M. 1997. Responce-Time Guarantees in ATM Networks. In Proc. 18th IEEE Real-Time Sytems Symposium (RTSS) pages: 274-284 . ps , pdf , webpage Ermedahl, A., Hansson, H., Papatriantafilou, M. and Tsigas, P. 1998. Wait-free Snapshots in Real-Time Systems: Algorithms and Performance ASTEC Report 98/04, Conference version of report 98/04, In Proc. of the 5th International Conference on Real-Time Computing Systems and Applications (RTCSA'98) . ps Fredlund, L.-Å. and Gurov, D. 1999. A Framework for Formal Reasoning about Open Distributed Systems In Proc. Asian Computing Science Conference (ASIAN'99) vol: LNCS 1742 pages: 87-100 . ps Getoor, L., Ottosson, G., Fromherz, M. and Carlson, B. 1997. Effective Redundant Constraints for Online Scheduling ASTEC Report 97/08, In Proceedings of the Fourteenth National Conference on Artificial Intelligence (AAAI '97). American Association for Artificial Intelligence, July . ps Gurov, D. and Chugunov, G. 2000. Verification of Erlang Programs: Factoring out the Side-effect-free Fragment In Proc. 5th International ERCIM Workshop on Formal Methods for Industrial Critical Systems (FMICS'2000) GMD Report vol: 91 pages: 109-122 . ps Gustafsson, J. 2000. Eliminating Annotations by Automatic Flow Analysis of Real-Time Programs In Proc. Seventh International Conference on Real-Time Systems and Applications (RTCSA 2000), IEEE Computer Society Press vol: accepted . Johansson, E., Pettersson, M. and Sagonas, K. 2000. A High-Performance Erlang System In Proceedings of ACM SIGPLAN. International Conference of Pinciples and Practices of Declarative Programming. . ps , abstract Jonsson, B. and Nilsson, M. 2000. Transitive Closures of Regular Relations for Verifying Infinite-State Systems In Proc. International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS), LNCS . ps Lindgren, M., Hansson, H. and Thane, H. 2000. Using Measurements to Derive the Worst-Case Execution Time "In Proceedings of RTCSA 2000 Cheju Island, South Korea. IEEE Computer Society" . ps Lönn, M. and Pettersson, P. 1997. Formal Verification of a TDMA Protocol Start-Up Mechanism ASTEC Report 97/16, In Proceedings of the 1997 IEEE Pacific Rim International Symposium on Fault-Tolerant Systems pages: 235-242 . ps , pdf Ottosson, G. and Sjödin, M. 1997. Worst-Case Execution Time Analysis for Modern Hardware Architectures ASTEC Report 97/01, SIGPLAN 1997 Workshop on Languages, Compilers and Tools for Real-Time Systems . ps Wall, A., Sandström, K., Mäki-Turja, J., Norström, C. and Yi, W. 2000. Verifying Temporal Constraints on Data in Multi-Rate Transactions Using Timed Automata In Proc. Seventh International Conference on Real-Time Systems and Applications (RTCSA 2000), IEEE Computer Society Press vol: accepted . Publications in scientific workshops Abdulla, P. A., Bouajjani, A., Jonsson, B. and Nilsson, M. 1999. Binary Communication in Parameterized System Verification Nordic Workshop on Programming Theory, Uppsala, October 7, Technical report 1999-008,

Department of Information Technology. vol: 8 . ps

Arts, T. and Noll, T. 2000.

Verifying Generic Erlang Client-Server Implementations "Proceedings of the 12th International Workshop on the Implementation of Functional Languages, Lecture Notes in Computer Science, Springer Verlag, Berlin" vol: LNCS . <u>ps</u> Benac Earle, C. 2000. Symbolic Program Execution using the Erlang Verification Tool International workshop on functional and logic programming, Benicassim, Spain . ps Carlsson, M. and Ottosson, G. 1996. Anytime Frequency Allocation with Soft Constraints In CP96 Pre-Conference Workshop on Applications . ps Chugunov, G. and Fredlund, L.-Å. 1999. Verification of Sequential Erlang Programs Nordic Workshop on Programming Theory, Uppsala, October 7 . ps David, A., Hammar, U. and Yi, W. 1999. Modeling and Analysis of a Field Bus Protocol Using Uppaal Nordic Workshop on Programming Theory, Uppsala, October 7 . ps Engblom, J., Ermedahl, A. and Stappert, F. 2000. Structured Testing of Worst-Case Execution Time Analysis Methods Work in Progress Session at 21st IEEE Real-Time systems Symposium (RTSS 2000), Orlando, Florida, December . , pdf , abstract Fersman, E. and Jonsson, B. 2000. Abstraction of Communication Channels in Promela: a Case Study In SPIN 2000: 7th Int. SPIN Workshop on Model Checking of Software, Stanford University, California, in Lecture Notes in Computer Science, Springer Verlag . ps Fredlund, L.-Å. 1999. Towards a Semantics for Erlang Workshop on Foundations of Mobile Computation, Chennai, December 16. Gustafsson, J. and Ermedahl, A. 1997. Automatic derivation of path and loop annotations in object-oriented real-time programs ASTEC Report 97/14, in Workshop for Parallel and Distributed Real-Time Systems (WPDRTS '97), Workshop on Object-Oriented Real-Time Systems (WOORTS'97) and 11th International Parallel Processing Symposium (IPPS'97) . ps Håkansson, J., Jonsson, B. and Lundqvist, O. 1999. Automated Generation of Test Oracles from Temporal Logic SPecifications Nordic Workshop on Programming Theory, Uppsala, October 7 . ps Johansson, E., Nyström, S.-O. 2000. Profile-guided optimization across process boundaries ACM SIGPLAN Workshop on Dynamic and Adaptive Compilation (Dynamo'00), January 18. ps Runeson, J., Nyström, S.-O. and Sjödin, J. 2000. Optimizing Code Size through Procedural Abstraction In Proc. of Workshop on Languages, Compilers, and Tools for Embedded Systems (LCTES'2000), Technical reports from the Department of Information Technology vol: 22., pdf Övergaard, G. 1998. A Formal Approach to Relationships in the Unified Modeling Language Workshop on Precise Semantics for Software Modeling Techniques, ISCE'98 in Kyoto, Japan, April . ps Övergaard, G. and Palmkvist, K. 1998. A Formal Approach to Use cases and their Relationships In Proc. of UML '98: Beyond the notations pages: 309-317 . **Technical reports** Abdulla, P. A., Iyer, P. and Nylén, A. 2000. SAT-solving the coverability problem for unbounded Petri net Technical report, Department of Information Technology, Uppsala University . ps Altenbernd, P. 1997. Cross-Compiling Software Circuits to CHaRy ASTEC Report (replaced by Altenbernd, P. and Hansson, H. 1998) vol: 97/11 . ps ARENA 1996. Applying and Evaluating the ARENA Methodology for Requirements Engineering ASTEC Report vol: 96/03 . ps Auchter, D. 1997. From Requirements Engineering to Design: Combining the ARENA and SOMT Method

ASTEC Report vol: 97/13 . ps Auchter, D., Blom, J., Bol, R., Fredlund, L.-Å. and Grelsson, T. 1997. Requirements Engineering in a Telecommunication Environment ASTEC Report, Replaces report 96/02 vol: 97/10 . ps Börjesson, H. 1995. Incorporating Worst Case Execution Time in a Commercial C-compiler ASTEC Report vol: 95/01 . ps Carlson, B., Carlsson, M. and Stålmarck, G. 1997. NP (FD) A Proof System for Finite Domain Formulas ASTEC Report vol: 97/15 . ps Carlsson, R. 2000. Extending Erlang with structured module packages Technical Reports from the Department of Information Technology, Uppsala University vol: 2000-01 . ps , pdf , abstract Carlsson, R., Gustavsson, B., Johansson, E., Lindgren, T., Nyström, S.-O., Pettersson, M. and Virding, R. 2000. Core Erlang 1.0 language specification Technical Reports from the Department of Information Technology, Uppsala University vol: 30 pages: 28 . ps , pdf , abstract Engblom, J. 1998. Static Properties of Commercial Real-Time and Embedded Systems, Results from the MARE Project (Measurements of Actual Real-Time and Embedded Programs) ASTEC Report vol: 98/05 . ps Engblom, J., Ermedahl, A., Sjödin, M., Gustafsson, J. and Hansson, H. 1999. Towards Industry-Strength Worst-Case Execution Time Analysis ASTEC Report vol: 99/02 . ps , pdf Ermedahl, A. and Gustafsson, J. 1996. Redovisning av Studiecirkel/Kurs i Exekveringstidsanalys ASTEC Report vol: 96/04 . ps Ermedahl, A. and Gustafsson, J. 1997. Realtidsindustrins syn på verktyg för exekveringstidsanalys ASTEC Report vol: 97/06 . ps Johansson, E., Nyström, S.-O., Jonsson, C. and Lindgren, T. 1999. Evaluation of HiPE, an Erlang Native Code Compiler ASTEC Report vol: 99/03 . ps , pdf Johansson, E., Nyström, S.-O., Pettersson, M. and Sagonas, K. 1999. HiPE: High-Performance Erlang ASTEC Report vol: 99/04 . ps , pdf Larsson, J. 1996. ScheduLite, A Fixed Priority Scheduling Analysis Tool ASTEC Report vol: 96/01 . ps Larsson, J. 1997. Information interface to the scheduling level of a hard real-time systems design model ASTEC Report vol: 97/02 . ps Larsson, J. 1997. Fixed priority scheduling analysis of the powertrain management application example using the schedulite tool ASTEC Report vol: 97/03 . ps Lindahl, M., Pettersson, P., Yi, W. 1997. Formal Design and Analysis of a Gear-Box Controller: an Industrial Case Study using Uppaal ASTEC Report 97/09, 4th International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS). Gulbenkian Foundation, Lisbon, Portugal, 1998. and in LNCS vol 1384, and in International Journal on Software Tools for Technology Transfer (STTT), 1998 vol: . ps , pdf Lindgren, T. 1998. Module merging: aggressive optimization and code replacement in highly available systems Reports in Computing Science vol: 154 . ps Lindgren, T. and Jonsson, C. 1999. The Design and Implementation of a High-Performance Erlang Compiler ASTEC Report vol: 99/05 . ps , pdf

Ottosson, G., Carlsson, M. 1997.

Using Global Constraints for Frequency Allocation ASTEC Report vol: 97/07 . ps

Pettersson, M. 2000.

A staged tag scheme for Erlang

Technical reports from the Department of Information Technology vol: 29 pages: 19 .  $\underline{ps}$  ,  $\underline{pdf}$  ,  $\underline{abstract}$ 

#### **PhD Theses**

Gustafsson, J. 2000.

Analyzing Execution-Time of Object-Oriented Programs Using Abstract Interpretation Ph.D. thesis, Uppsala University, DoCS report 00/115 and MRTC report 00/10 . <u>, abstract</u> Pettersson, P. 1999.

Modelling and Verification of Real-Time Systems Using Timed Automata: Theory and Practice Ph.D. thesis, DoCS report 99/101, Uppsala University . <u>ps</u> , <u>pdf</u> , <u>webpage</u>

Övergaard, G. 2000.

Formal Specification of Object Oriented Modeling Concepts Ph.D. thesis, KTH nov .

### Licenciate Theses

Johansson, E. 1999.

Performance Measurements and Process Optimization for Erlang Ph.Lic. thesis, Uppsala University . <u>ps</u>

Nilsson, M. 2000.

**Regular Model Checking** 

Licentiate Theses from the Department of Information Technology vol: 8 pages: 66 .  $\underline{ps}$  ,  $\underline{pdf}$  ,  $\underline{abstract}$ 

# Master of Science Theses

Andersson, M. 2000. Using SAT Solvers to Verify SMV programmes M.Sc. thesis, Uppsala University . Auchter, D. 1997. Tool Support for Requirements Engineering: Applying the ARENA Methodology M.Sc. thesis, Uppsala University, ASTEC Report 97/05 vol: . ps Benac Earle, C. 2000. Symbolic Program Execution using the Erlang Verification Tool M.Sc. thesis, Uppsala University . ps Burlin, J. 2000. Optimizing Stack Layout For Embedded Systems M.Sc. thesis, Uppsala University . ps Eén. N. 1999. Symbolic Reachability Analysis based on SAT-Solvers M.Sc. thesis, Uppsala University . ps , pdf Enablom, J. 1998. Worst-Case Execution Time Analysis for Optimized Code M.Sc. thesis, ASTEC Report 98/01, Uppsala University . ps Evestedt, D. and Kamensky, L. 2000. Symbolic Model Checking of SMV-programs using SAT-solvers 2 M.Sc. theses, Uppsala University . Håkansson, J. 2000. Automated Generation of Test Scripts from Temporal Logic Specifications M.Sc. thesis, Uppsala University . Larsson, P. 1996. Ett effektivt bevissystem för S4 M.Sc. thesis, Institutionen för teoretisk filosofi, Stockholms Universitet . Löf, D. 2000.

Automated Testing of WWW Applications M.Sc. thesis, Uppsala University . Nilsson, M. 1999. Analyzing Parameterized Distributed Algorithms M.Sc. thesis, Uppsala University . <u>ps</u> Padilla, G. 2000. An Execution Semantics for MSC2000 M.Sc. thesis, Uppsala University . <u>ps</u> Runeson, J. 2000. Code compression through procedural abstraction before register allocation M.Sc. thesis, Uppsala University . <u>ps</u> Wiklander, C. 1999. Verification of Erlang Programs using Spin M.Sc. thesis, KTH .

Updated 19-Aug-2003 01:40 by Roland Grönroos e-mail: astec@docs.uu.se

Location: http://www.astec.uu.se/etapp3/evaluations/eval2003/Material/appendices/publications.shtml

Uppsala University

Department of Information Technology
 ASTEC

# Remarks on ASTEC Group Meeting in May, 2003

These remarks recapitulate the end-of-day verbal report made on May 21 and give the impressions of the advisory board members: Neil Jones (University of Copenhagen) and Bernhard Steffen (University of Dortmund). Unfortunately, Neeraj Suri (Darmstadt) was unable to come for personal reasons. This note was made by Neil Jones after e-mail consultation with Bernhard Steffen and Neeraj Suri.

Two comments from Neeraj Suri (which Bernhard and Neil agree with):

- ASTEC is not using us fully by still getting us to do last minute comments well, a wee bit earlier than the last minute. I'd be glad to be able to help out on a progressive basis by email/updates etc if they'd just keep us actively in the loop.
- ASTEC needs to be pro-active in getting the consolidated results of their work out. I don't mean papers etc., more like a open Sweden day, or a pan-European meeting where ASTEC presents their results to a broader community. I think this would only strengthen their impact on SSF and the larger funding/research community.

## **Recommendations and comments**

Overall: ASTEC is now now harvesting the fruits of earlier pure research and systems development.

- Purpose: advice for September evaluation.
- Payoff: to ensure that ASTEC gets its fair share of funding.
- A recommendation: Have lively speakers and subjects just after lunch.
- Overall about the meeting: This meeting was much better organized than before. The talks were mostly well-focused, with a clear overall structure. It was particularly nice that the same pattern was used for the beginning of almost all talks.
- A recommendation: Consider the industry-academia interaction channel. How great is its *bandwidth*?

Make this more visible in the talks at the September evaluation.

Perhaps: Each talk could begin showing industry-academia interactions in both directions.

- Clearly more industrial interaction is desirable but hard in today's economic climate, as expressed in the meeting materials. Advice: "Never complain, never explain."
- There seem to be three larger clusters: CODER (WCET, WPO); ERLANG; and UPPAAL-oriented work, plus a smaller one on use of formal methods (Lustre, model-checking, SAT-proving) to analyze and achieve fault tolerance.

It was a great help to receive the Year 2002 report, to structure the many materials received.

### General recommendations:

- Make a whole projects folder organized according to the clustering mentioned above. This would emphasize synergetic aspects, support arguments of compensations, and clarify how small individual projects relate to the rest, making them harder to criticise in isolation. In fact, we believe that it would considerably strengthen the presentation.
- Emphasize points illustrating that ASTEC helps achieving results which would have been difficult to achieve otherwise (i.e., without continuous large scale funding and industrial cooperation). As ideal examples one should take, e.g., the "low hanging fruits" resulting from years of consequent Uppaal development. This development helped in achieving current results which were even considered impossible originally, and which look now rather natural. Here ASTEC really had an impact, and one should state this in such a way that the funding agencies understand that they supported here a unique development that, in ¿ fact, has the opportunity for a strong long-term industrial impact.
- Have a paper copy of all slides ready to give the evaluators at the start of the September evaluation.

The following comments concern the individual parts of ASTEC.

- HiPE continues at a high level. This is mature, quality work, that shows signs of getting ready to be transferred over to the industrial partner.
- WCET seems to be maturing, and it is excellent that it has good ties with other Europeans (as we recommended). This is a significant improvement over previous times.
- CODER embedded real-time systems: overall looks good. The demonstration "From C code down to clock cycles" is an an excellent idea, and it was impressive that the nontrivial calculation problems needed to do this were carefully worked out. This makes the measurements more convincing, and capitalizes on ASTEC's experience.

- WPO: looks ok; but what is the scientific value? The printed material seemed lacking in this area, and WPO was also only briefly addressed in the talk. Is this in balance with its role in the CODER project concerning funding and development?
- SCADE-based model checking, based on two things: a system described graphically in Lustre; and a correctness specification, also in Lustre. The novelty of this project seemed to be that one is able to check both fault-tolerance and correctness of a system by automated formal methods. In a sense, the method used is a software analog of "fault injection" as used for hardware testing.

This small project (Prover and one PhD student) seemed a bit isolated, though it does display industry-academic collaboration. Would there be a way better to connect it with other partners?

- Recommended clarification: State what is the real goal of the work.
- Recommended clarification: How can the goal be achieved? Answer: program transformation (at the Lustre level).
- It seems that this work could learn from program analysis research. Somehow, it seems dual to strictness analysis(?)

Comment: Perhaps some more senior person should have a closer look at the conceptual development, which looks a bit ad hoc.

• **Test generation:** This material was presented in a very top-down way so it was hard at first to see what's really going on. The essential idea seems to be that MinSearch, a recently worked out cost-optimal reachability algorithm, is an ideal means for test generation: coverage criteria can be encoded in a way such that their satisfactions becomes a reachability property. The argument is as simple as it is elegant. However, it requires the introduction of auxiliary boolean variables expressing coverage, which largely extends the model structure. So what happens to scalability? In this final phase of ASTEC one should now address this issue of practicality.

Comment: Such capitalization on earlier work is very worthwhile – it is OK to "pick low-hanging fruit," especially fruit that would be unreachable except for previous ASTEC progress. In fact, elaborations like this are ideal justifications for all the work on Uppaal that has been done before: step by step new ground is covered based on the solid preparations and developments of previous years.

• The TIMES project's results seem excellent, with practical advances based on two theoretical breakthroughs that both seemed surprising: first, a decidability result for timed automata, and second, the unexpected possibility of doing fixed-priority scheduling using only 2 clocks. From a practical perspective the latter results seems most important, as the complexity of the general solutions seems to exclude any realistic applicability. Like for the test generation, this project ideally illustrates the high potential and the professional development of the Uppaal system.

• SAAPP: If this new project is presented in September, it should be done in a completely different way that emphasizes its academic content, research goals, relation to other approaches, and means to reach these goals.

(Neil: The notion of instruction-level simulation of a system of concurrent processes in search of livelock and other global, large-scale properties reminded me of a suggestion I heard to detect life on Mars: Set up a camera there. If a giraffe walks by, then there is life on Mars.)

- What is the SAAPP "silver bullet," what analyses can be done this way, why is this method better (and better than what).
- It was not clear at the start that Mimics came from an ASTEC partner.
- Why do such low-level simulation? Arguments against intrusive instrumentation did not seem to be a problem for the SCADE-based model checking. Perhaps a comparison with the WCET demonstration "From C code down to clock cycles" could be illuminating, as it covers similar order-of-magnitude changes of scale.
- What are the links between SAAPP and other ASTEC projects?
- One should in any event clearly motivate why such an entirely new project is added at this stage of ASTEC. The project seems in a stage the WCET work was more than five years ago. There does not seem to be enough time left to come to 'harvesting mode within ASTEC. So it seems very difficult to present this project for the final phase in a way that it does not make it an obvious weak spot.

## Evaluation of the Competence Centre for Advanced Software Technology, ASTEC at

## Uppsala University, Uppsala

## 1. Preface, Methodology, and Acknowledgement

On Wednesday, September 27, two of us, the scientific experts of the evaluation team, Joseph Sifakis and David Whalley, were briefed by the Centre Director Bengt Jonsson, project leaders and graduate students of the Competence Centre for Advanced Software Technology, ASTEC, on the range of projects under investigation. On Thursday morning, September 28, the entire evaluation team made up of the scientific experts and the three Competence Centre experts, John S. Baras, Marshall M. Lih and Per Stenius, was briefed on the present state and future strategy of the Centre as well as on its status within the university organization by the Director of the Centre, the Chairman of the Board, Bjarne Däcker, the Vice-Rector of Uppsala University, Jan-Otto Carlsson, several project leaders, graduate students and representatives of industrial partners. The presentations were accompanied by lively discussions.

We appreciate the high quality of most of the presentations during the evaluation. Open and informative discussions were conducted on technical, strategic and leadership issues with the members of the evaluation team.

We would like to thank the whole ASTEC team for the efforts they made in preparing these two days of briefings. We were very pleased by the frankness and the informative discussions that helped us to prepare this report. We also thank Karl-Einar Sjödin and Staffan Hjorth of NUTEK for the invitation to the evaluation and their assistance in all aspects of the review.

### 2. Development as a Competence Centre. Added Values

### Long Term Strategies and Progress of the Centre

ASTEC has made impressive progress in achieving the goals of a successful Competence Centre since the evaluation of 1997. Led by an able and knowledgeable Director and a closely working group of senior faculty members and industry representatives, the Centre has developed a focused research programme of several well coordinated projects on methods and tools for complex software systems development.

The Centre leadership has succeeded to build a cross disciplinary programme involving three academic institutions (Uppsala, KTH, Mälardalen) and one research institute (Swedish Institute of Computer Science). The principal faculty come from the following groups: compilation and program analysis, automated verification and real-time systems at Uppsala University; formal verification, security, semantics, and specification at KTH and SICS; real-time systems at Mälardalen. The technical competence of the Centre is high and internationally recognized.

The Vice Rector confirmed that the Uppsala University would support a successful ASTEC Centre in the future. The university has appointed three chairs in adjacent areas. Evidence of the recognition of ASTEC staff performance by the university has been given by the promotions of three researchers to full professors and one to docent. Additional chairs in areas related to the ASTEC theme are planned. Every effort should be undertaken by the university, over the next phase of ASTEC, to maintain this trend and

further enhance the technical competence by the addition of junior and senior faculty participants in this technical area critical for Swedish industry and economy.

The Centre leadership has developed a programme focused around three interrelated technical thrusts: validation and verification, programming language implementation, and real-time distributed systems. Following close planning between academics and industry, focus has been placed on two application areas, both fundamental for Swedish industry: data- and telecom-applications and automotive applications. The current programme consists of 9 projects. Each project is well placed within a clear conceptual matrix between technical thrusts and application areas. Technology transfer is an integral part of the overall effort in each project. The Centre leadership is strongly encouraged to continue this impressive progress towards a strategic plan by developing a conceptual road map with a five year horizon.

The financial support of the Centre programme has increased substantially since 1997. The value added of the Centre was evident from the enthusiastic participation of senior faculty, the appreciation of the Centre expertise by the industry members, and the enthusiastic and impressive presentations of the PhD students.

The number of PhD students has increased to 14, including 4 industry PhDs. Students work closely with industry engineers and spend considerable time at industry sites. Innovative schemes have been implemented for joint employment of PhD students by universities and industry partners. These appear to benefit the student's programmes and shorten the time needed for completion of the PhD. The quality of students is very good to excellent. Development of a more extensive programme of industry PhDs as well as a substantial increase of MSc students will benefit the ASTEC programme. The scientific output has been very good both in terms of quality and number of journal papers.

The Centre Director has successfully steered the research programme to the current impressive level. Projects provide the opportunity for scientific advances in software development methods and tools at the highest international level and at the same time address key industrial problems.

Finally, the Centre development in the next phase could benefit substantially from a more influential and visionary Board. A judicious addition of influential officers from key industry partners will further accelerate progress towards establishing ASTEC as an international and well recognized Centre of Excellence in software development of unique value to Swedish industry and computer science education in Sweden.

#### International Collaboration and Ranking

ASTEC is open to international collaboration and research collaboration has been established with leading international groups. The Centre also participates in three IST projects. It supports international visitors and sends students abroad to spend time with other research groups.

The Centre has achieved strong international visibility through publications at prestigious conferences and in refereed journals. It has also organized workshops and conferences and ASTEC staff have participated in conference programme committees. The International Evaluation Committee for Computer Science in Sweden, appointed by the Swedish National Board for Engineering Sciences, TFR, in 1999 recognized that ASTEC "has the right combination of theory and practice".

#### Collaboration and Linkages within the Centre

ASTEC has research groups at four locations (Uppsala, Stockholm, Kista, and Västerås). The contacts between these groups seem to run smoothly and involve both discussions in the form of daily contacts, seminar series, programme area seminars and comprehensive workshops. The Centre has developed a well functioning organizational and administrative structure. It is supported by an International Scientific Advisory Board which reviews ongoing projects and proposals for new ones. However, a long-term, joint vision of the development of ASTEC as a whole has been developed only in very general terms without setting specific objectives in terms of scientific or technical achievements. We recommend the creation of a more comprehensive vision that can be reviewed during the time-span of the next five years as a means of focusing activities in the future development of ASTEC.

Uppsala University is conducting internal and external evaluations to set priorities in their support of research programmes. Information technology takes high priority in this planning and four computer science related new chairs have recently been created. The future of the university support of ASTEC will depend on the way the Centre is able to develop its activities. We note that the position of ASTEC in the university organization has been convincingly strengthened since the review in 1997. The establishment of an Information Technology Department should enhance coordination between ASTEC staff.

ASTEC is not merely the union of its projects. There is clearly added value due to collaboration e.g. synergy between the projects HiPE and WPO, and WPO and WCET. There are mutual benefits for both academia and industry. Academic research gets access to industrial tools, experience, and benchmarking. In return, industry benefits from transfer of results and staff training.

#### **Identity and Management of the Centre**

ASTEC has made a number of significant improvements based on recommendations made at the 1997 evaluation. There is substantially more evidence of a strategy for collaboration than before, including EU projects. Students working on industrial projects are supervised by industrial staff. There have also been improvements in promotion efforts and seminars, resulting in an enhancement in identity. In fact, ASTEC now has a good international visibility.

The appointment of a Scientific Advisory Board has provided useful guidance to ASTEC. Organization of seminars to promote the achievements of ASTEC such as the seminar on "Automotive Systems " should be continued.

We felt that management by the Director has improved significantly since the last review. However, the Board should play a more proactive role in the management of ASTEC. It is also important for members of the Board as a whole, including the Chair, to possess and articulate a global view of the areas investigated by the Centre. That way the selection, continuation, and termination of projects can be rationally carried out in an orderly manner based on a coherent strategy rather than the fragmented interests of individual companies or Board members. For instance, one unproductive project was allowed to continue for a year with no reaction. It is the Board's responsibility not only to launch new projects but also to terminate projects.

#### **3. Scientific and Technical Achievements**

#### **Research Programme and Technical Results**

The challenge for validation and verification is to bridge the gap between formal methods and practical software engineering. In particular, verification techniques should be applicable to complex systems described in high level languages. Significant progress has been achieved in meeting this challenge although a lot remains to be done. Results on symbolic model checking are clearly state of the art, especially the work by using SAT techniques.

In programming language implementation and compilation, the challenge is performance and correctness of the compilation process. The HiPE project has achieved substantial performance improvements for the execution of Erlang programs. The HiPE compiler produces the best performing code of any Erlang compiler. These optimization techniques are general and could be applied to other concurrent programming languages such as CML (Concurrent ML). Both HiPE and WPO optimizations have been implemented in production systems.

In real-time, embedded and distributed systems the challenge is to produce tools that can be actually used to guarantee the quality and performance of applications. UPPAAL is one of the best automated verification tools for real-time systems. This tool has been shown to be capable of identifying errors in complex real-time systems. The framework developed in the WCET project has the promise of the most complete and accurate timing analysis tools.

#### Scientific Production and its Quality

Research on the projects ErlVer, HiPE, SMC and WCET has resulted in numerous publications at prestigious conferences and in refereed journals. Furthermore, several ASTEC staff have produced high quality basic research publications, such as in the area of real-time systems and verification.

The overall quality of the scientific production is very good and has significantly improved since the last evaluation.

#### **Education and Training**

ASTEC has played a key role in attracting major educational coalition programmes in the participating universities (e.g. the graduate school ARTES finanzed by the Foundation for Strategic Research, SSF). Faculty members of ASTEC have made significant contributions to the development of graduate and upper-level undergraduate courses in computer science and engineering.

The active involvement of ASTEC in education and training is very commendable and in line with earlier recommendations. Numerous courses have been created due to the ASTEC research. It is likely that the existence of ASTEC helped attract a number of graduate students. 14 Ph.D. students are currently supported and 4 Ph.D.'s were presented this year.

The industrial Ph.D. programme has currently attracted 4 students to ASTEC. This is an interesting collaboration between industry and academia and will probably encourage many students to enroll in the Ph.D. programme. The existence of industrial projects for undergraduate students supervised by engineers is another very interesting example of cooperation between academia and industry to support education.

#### **Conclusions and Recommendations**

Since the last review there has been significant achievements by the various projects within ASTEC. Detailed recommendations for some projects are listed below:

#### Auto : a design methodology for embedded real-time systems (1995-2000)

An important question is how systematic can we make the approach. We recommend that in a follow up project UPPAAL is integrated with BUTLER. However, the technical difficulties of this integration should not be underestimated.

#### BUS : Modeling and analysis of a bus protocol FB-100 (1999-2000)

This is a successful case study that allowed error identification in the protocol. We suggest that a follow up project uses UPPAAL to guide real-time software development.

#### ErlVer : A verification Method for Erlang (1997-2000)

The project goals are long term and perhaps too ambitious. The research is certainly of academic interest but we doubt that the approach could be applied to large systems without automated support. We recommend stronger interaction with the other projects involving Erlang and to adopt more realistic goals.

#### HiPE : High Performance Erlang (1997-2000)

This is a very good project that has shown quantitative benefits. A breakthrough has been accomplished in a short amount of time. The results have been transferred to an industrial version of Erlang.

#### SA : Analysis of types and process typology for static debugging (1999-2000)

The project has no visible results. No explanation was given about the approach used or if any progress was achieved. We recommend that this project should be either terminated or merged with HiPE. A subsequent review of this project should be performed to decide about its future.

#### SMC : Symbolic Model Checking using Stalmarck's method (1999-2000)

We feel that this project has accomplished first class research as indicated by publications and awards. We encourage technology transfer to Prover.

#### Testing : automated testing (1999-2000)

This is a young project, which is currently the union of 3 experiments on testing with 3 different industrial partners. We recommend more focusing and shaping to determine the technological goals.

#### WCET : Calculation of Worst-Case Execution Times (1995-2000)

The productivity of this project has very much improved since the last review. The project integrates the best ideas from various timing analysis groups into a single framework. The goal of transferring the results to IAR by developing a complete timing analysis tool for a target machine should be pursued.

#### WPO : Whole-Program Optimization in Compilers for Embedded Systems (1998-2000)

The project has a good vision about the problems involved in code compression. Most of the effort so far has been to develop a framework for whole program optimization. Code compression developed in the project has been integrated into release of an IAR compiler. We anticipate publications in the near future.

### 4. Industrial Relevance and Benefits

#### **Industrial Involvement and Commitment**

During the past three years, the number of industrial partners has grown from six to ten. They come principally from three groups: automotive/embedded software, data- and telecommunication software, commercial tool developers. The Centre leadership is considering plans to carefully increase the number of partners by expanding the research programme into areas such as Internet software platforms and security.

Collaboration with industry is close and well coordinated. At least one industrial partner participates in each project. With the exception of one very large company, the members are small software firms or software components in large firms. There is also great potential to spin off such firms from the Centre's work. Two start-up companies have already been initiated from ASTEC. The increased industrial interest is also documented by the fact that the members, large and small, are quite supportive of educational endeavours such as industrial PhD students.

#### Strength in Technology Transfer and Implementation of New Technology

Through spinoffs and industrial PhD candidates working back and forth between industry and ASTEC, technology transfer seems to be quite effective. There is strong evidence that personal characteristics may also affect the effectiveness of such a degree candidate to serve as a technology carrier.

Most projects have either transferable results to industry or have plans to do so, as illustrated by the following examples:

- There are plans to transfer the UPPAAL technology to be integrated with the BUTLER tool of Mecel. ABB Automation Products could use UPPAAL to analyze high level specifications.
- The results developed in ErlVer could be used by Ericsson to validate critical kernels of Erlang applications.
- Some optimization techniques developed by HiPE have been integrated into the Erlang compiler supported by Ericsson. We anticipate additional optimization techniques to be integrated in the future.
- We anticipate that symbolic model checking results will find application in Prover Technology tools.
- There are plans by IAR to commercialize the framework developed by WCET once it is completed.
- A prototype implementation of a WPO code compression technique has been integrated into an IAR compiler release.

The interaction with industrial partners is enhanced by making the results available to all ASTEC participants. However, this rule may also discourage some companies from participating and may raise confidentiality issues.

### 5. General Recommendations

After the evaluation in 1997, ASTEC, led by an able and knowledgeable Director and a closely working group of senior faculty members and industry representatives, has made impressive progress in achieving the goals of a successful Competence Centre. There is every reason to believe that this positive development will continue. For the further enhancement of progress we want to make the following recommendations:

- We strongly recommend that the ASTEC Board be enriched by a few influential and committed leaders from industry partners. This will further ensure maximum benefit to the Swedish software industry.
- We strongly recommend that the Board as a whole undertakes an effort to create a comprehensive, documented road map of the ASTEC programme spanning the next five years.
- We recommend that the Board develops a set of criteria by which the quality of suggested new projects is evaluated and the progress of current projects is monitored. These criteria should reflect the ASTEC road map.
- The ASTEC leadership should develop procedures and mechanisms to ensure that all researchers and participants are well informed about the perspective of their projects, the technology transfer plans and the interrelationships between the projects.
- Given the special nature of the software industry and software products, we recommend that ASTEC undertake the devlopment of appropriate intellectual property right policies and procedures, so as to maximally enhance technology transfer and product development based on its research results.

Uppsala, September 28, 2000

Prof. John S. Baras

Dr Marshall M. Lih

Prof. Joseph Sifakis

**Prof. Per Stenius** 

Prof. David Whalley

# Curriculum Vitae, Bengt Jonsson

#### EDUCATION

Docent 1991, Uppsala University, Ph.D. 1987, Uppsala University. M.Sc. in Computer Science Stanford University, California, 1985.

#### EMPLOYMENT

July 1992 - present: Professor, Uppsala University, Dept. of Computer Systems. 1988 - 1992 Researcher, Swedish Inst. of Computer Science.

Long Term Visits:

Stanford University, 1983 - 1985.

Weizmann Inst. of Science, Rehovot, Israel 1985-1986.

#### **Professional Activities**

- Member of the Swedish Research Council(VR), Science and Technology Branch.
- Member of Strategy Planning Group for IT and Physics of the Swedish Foundation for Strategic Research (SSF) in 1996-1999.
- Chairman of recruitment committe for computer sciences at Uppsala University.
- Supervised 5 completed Ph.D. students. Supervised 4 completed Ph.Lic. students.
- Co-Chairman for FTRTFT '96, Organizing Chair for CONCUR 94, and co-chairman of the 11th IFIP symposium on Protocol Specification, Testing, and Verification, 1991.
- Numerous appointmens on program committees of several major conferences in my research areas (CAV, CONCUR, LICS, PODC, TACAS, etc).
- Initiator of the series *Nordic Workshop on Program Correctness*, which has been annually organized since 1989.
- Invited speaker: CONCUR '01 (Int. Conf. on Concurrency theory 2001), CAV '00, (Conference on Computer-Aided Verification), tutorial, ARTS'99 (5th Int. AMAST Workshop on Real-Time and Probabilistic Systems, 1999), PROBMIV '99 (Workshop on Prob. Methods in Verification, 1999) CONCUR '93 tutorial (Int. Conf. on Concurrency theory 1993)
- Over 60 publications in scientific journals and refereed conferences. 3 coedited books and 1 book chapter.

**RESEARCH INTERESTS:** Semantics, analysis, verification, and testing, of embedded, real-time, and distributed systems. Introduction of formal and semi-formal software technology into industrial settings.

## **Curriculum Vitae, Konstantinos Sagonas**

#### EDUCATION

Docent, Uppsala University, Sweden, 2000.

Ph.D. in Computer Science, State University of New York at Stony Brook, U.S.A., 1996.

Diploma in Informatics, University of Athens, Greece, 1991.

#### **EMPLOYMENT**

1999 - present: Docent, Lektor, Dept. of Computer Science, Uppsala University, Sweden.

1996 - 1999: Research Scientist, Dept. of Computer Science, K.U. Leuven, Belgium.

#### **PROFESSIONAL ACTIVITIES**

- Supervised one completed Ph.D. student, and currently supervising five more.
- Head (avdenlningsföreståndare) of the Computer Science Dept., Uppsala University during Nov. 2000 June 2002.
- Assistant Director of the ASTEC (Advance Software TEChnology) competence center.
- Conference chairman for PPDP'03 and PLI'03, program co-chairman of IDL'99, and program chairman of the ITPL'98 workshop.
- Numerous appointmens on program committees of several major conferences in my research area (PPDP, ICLP, CL-2000, CICLOPS, etc), and reviewer for journals (TOPLAS, TOCL, JLP, JFP, JFLP, etc).
- Member of the steering committee of the PPDP conference.
- Member of the recruitment committe for computer science at Uppsala University.
- Invited plenary speaker LPAR'2002 (Int. Conf. on Logic for Programming, Artificial Intelligence and Reasoning), invited speaker at the fourth PLS (Panhellenic Logic Symposium), and WAILL'96 (Workshop on Abstract Interpretation of Logic Languages), and invited tutorialist at JICSLP'96 (Joint Int. Conf. and Symposium on Logic Programming)
- Over 40 publications in scientific journals and refereed conferences. Co-author of 2 books.

**RESEARCH INTERESTS:** Programming language implementation and compiler construction, program analysis and optimization, memory management, functional and (constraint) logic programming, semantics, compilation techniques for embedded systems.



ASTEC (Advanced Software TEChnology) is a competence center in the area of software technology. Its purpose is to develop and support industrially applicable techniques for software specification, design, and development. It shall bring new technology into industrial applications and perform academic research on industrially relevant problems in software development. High-level specification and programming languages, together with tools for specification, analysis, validation, simulation, and compilation are central topics of the center. Particular emphasis is put on methods supporting the development of software for communication and control applications.

Partners:

ASTEC has been formed as a consortium of the following academic and industrial partners during phase 3.

- 1.Academy at Uppsala University (UU) The Department of Information Technology Mälardalen University Swedish Institute of Computer Science (SICS).
- 2.Industry

ABB Automation Products AB, Cross Country Systems AB, Ericsson AB, ESAB IAR Systems AB, Mobile Arts AB, OSE Systems AB, Prover Technology AB, Telelogic Sverige AB, T-Mobile Inc. Validation AB, Virtutech AB, Volcano Communication Technologies AB, Volvo Teknisk Utveckling AB,

3.VINNOVA, Verket för innovationssystem