Atego Research and Development - Safety Critical Java Specification Initiative

Introduction:

This site contains meeting minutes and preliminary specifications of the working group on the Safety Critical Java™ Standard.

NO WARRANTY

Any material furnished by Atego on this site is furnished on an "as is" basis. Atego makes no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material. Atego does not make any warranty of any kind with respect to freedom from patent, trademark, or copyright infringement.


Document Index:

real-time-java-issues.pdf

 

Issues in the Design and Implementation of Real-Time Java, April 22, 1996, by Kelvin Nilsen

Since many embedded computer systems must comply with real-time constraints, the question might be raised, “Can Java support the development of reliable hard and soft real-time applications?” This report suggests that Java, as it has been announced and distributed to date, is not appropriate for development of real-time software. However, by combining certain Java programming conventions with special implementation techniques, it is possible to support varying degrees of real-time reliability, ranging from 100% guaranteed compliance with hard real-time constraints to fully unguaranteed compliance with soft-real-time constraints. Users who require compliance with hard real-time constraints will, of necessity, need to pay much more for their execution hardware in order to prove that worst-case resource needs will always be satisfied. The same real-time software that has been designed to run with 100% reliability on specially constructed real-time Java virtual machines will run reasonably well on less expensive Java virtual machines that are not capable of guaranteeing compliance with hard real-time constraints. The potential benefits of a Real-Time Java standard would include lower development and maintenance costs, quicker time to market, increased portability, enhanced network connectivity, improved reliability, and increased functionality of real-time systems.

One of the most exciting potential benefits of the Real-Time Java execution model is the support it provides for development and reuse of portable real-time software. Not only does Java enable the creation of real-time software modules to be shrink wrapped for use on a variety of different Java execution platforms in cooperation with arbitrary mixes of other concurrently executing real-time activities, but it also allows reliable integration of software written in multiple different languages. For example, work is currently under way to retarget an Ada compiler to generate Java virtual machine code. Furthermore, the Java real-time execution model allows integration of non-real-time COTS software components as optionally executed components of real-time tasks. This makes available to developers of Real-Time Java applications large libraries of highly functional reusable Java object definitions.

spec.pdf

PERC™ Real-Time API1 (Draft 1.2), Feb. 6, 1998, by Kelvin Nilsen and Steve Lee

This is a working document that describes the application programmer interface (API) for PERC, a dialect of Java™ designed to support development of cost-effective portable real-time software components. Implementation issues are discussed as they relate to the API description. In its current form, this material should be viewed as preliminary.

hrt.jtres.2003.pdf

Issues in the Design and Implementation of Efficient Interfaces Between Hard and Soft Real-Time Java Components, by Kelvin Nilsen and Andrew Klein.

This paper, presented at the 2003 Workshop on Java Technologies for Real-Time and Embedded Systems, presents results of research funded by the U.S. Navy on the performance and software engineering tradeoffs inherent in combining high-level Java software with low-level device-driver software. Three alternative approaches are considered: (1) Use of native code and the Java Native Interface, (2) Use of traditional RTSJ abstractions, and (3) Use of RTSJ-subset abstractions such as are proposed in the Scalable-Java developer guidelines.

sandiego.minutes.txt

Minutes of Open Group Meeting held Feb. 5-6 2004, San Diego, CA, prepared by Doug Wells, Open Group

scjava.4-12-04.pdf

Draft Safety Critical Java Standard 4-12-2004.  First draft specification (and outline of issues)

brussels.minutes.txt

Minutes of Open Group meeting held April 23-24 2004, Brussels, Belgium, prepared by Bill Bush, Sun Microsystems

scjava.6-21-04.pdf

Draft Safety Critical Java Standard 6-21-2004. Second draft specification

javadoc.7-8-04

Safety Critical Java Draft API Specification 7-8-2004.  Draft API specification for safety-critical Java (subset of RTSJ and J2SE) in Javadoc format.

darpa.productivity.7-04.ppt

Quantitative Analysis of Developer Productivity in C vs. Real-Time Java, Kelvin Nilsen, Ph.D., Chief Technology Officer for Java, Atego

Abstract: This talk was presented at the DARPA Workshop on Real-Time Java, held on July 13 2004 in Arlington VA.  Java yields a two-fold productivity increase during development, a five-fold reduction in code size, and improvements in software maintainability and generality.

JSR.pdf

Revised Draft JSR for Safety Critical Java Specification, Approved July 23, 2004

boston.minutes.txt

Minutes of Open Group Meeting held July 23-24, Boston, MA, prepared by Kelvin Nilsen, Chief Technology Officer for Java, Atego.

static.safety.9-04.pdf

Enforcement of Static Properties in Evolving Standards for Safety-Critical and Mission-Critical Java, September 2004, Kelvin Nilsen, Chief Technology Officer for Java, Atego.

rtsj.issues.9-04.pdf

Making Effective Use of the Real-Time Specification for Java, September 2004, Kelvin Nilsen, Chief Technology Officer for Java, Atego.

jmc.extension.pdf

Proposed Draft Extensions for Mission-Critical Java, November 4, 2004, Kelvin Nilsen, Ph.D., Chief Technology Officer for Java, Atego.

The Open Group’s Real-Time and Embedded Forum has been working for the past several years to define a standard for development of hard real-time safety-critical software using the Java programming language. Various participants in this effort have wondered whether the proposed safety-critical Java standard has any relevance to the development of hard real-time mission-critical software. At July’s Boston meetings, it was requested of Kelvin Nilsen that he provide a description of his ideas for combining hard real-time code written using a generalization of the safety-critical standard with traditional Java components running in soft real-time or non-real-time virtual machine. This document is the response to that request.

jsc.mem.model.qa.pdf

Questions and Answers Regarding Proposed Static Analyzable Memory Model, October 29, 2004, Kelvin Nilsen, Ph.D., Chief Technology Officer for Java, Atego.

At the New Orleans meetings of the Open Group’s Real-Time and Embedded Forum during the week of Oct. 18 2004, several concerns, issues, and questions were raised regarding the memory model previously proposed by Nilsen for the safety-critical Java specification. This document outlines the issues that were raised by representing each in the form of a question, with responses to each question provided by the author of this document. Details of the proposed memory model are provided in appendices to this document.

rtjava.guidelines.11-13-04.pdf

Draft Developer Guidelines for Real-Time Java, November 13, 2004, Kelvin Nilsen, Ph.D., Chief Technology Officer for Java, Atego.

This document establishes programming guidelines to assure that real-time Java software satisfies reliability requirements and is economically maintainable, portable, and scalable. The guidelines are based on making effective use of the traditional J2SE Java in combination with appropriate profiles of the Real-Time Specification.

rtjava.guidelines.2-09-05.pdf

Draft Guidelines for Scalable Java Development of Real-Time Systems, February 9, 2005, Kelvin Nilsen, Ph.D., Chief Technology Officer for Java, Atego.

This 2/9/2005 update of Draft Developer Guidelines for Real-Time Java includes updates resulting from feedback gathered during implementation of the proposed hard real-time execution environment and development tools.

rtjava.guidelines.3-26-05.pdf

Draft Guidelines for Scalable Java Development of Real-Time Systems, March 25, 2005, Kelvin Nilsen, Ph.D., Chief Technology Officer for Java, Atego.

This 3/26/2005 update of Draft Developer Guidelines for Real-Time Java includes updates resulting from feedback gathered during implementation of the proposed hard real-time execution environment and development tools.

open.group.4-05.ppt

Applying RAMS to Design of Safety- and Mission-Critical Java Standards, April 29, 2005, Kelvin Nilsen, Ph.D., Chief Technology Officer for Java, Atego.

This PowerPoint presentation, presented at the April 29, 2005 meeting of the Open Group, in Dublin, Ireland, discusses Reliability, Availability, Maintainability, and Safety issues relevant to the design of a safety-critical Java standard.

rtjava.guidelines.5-6-05.pdf

Draft Guidelines for Scalable Java Development of Real-Time Systems, May 6, 2005,  Kelvin Nilsen, Ph.D., Chief Technology Officer for Java, Atego.

This 5/6/2005 update of Draft Developer Guidelines for Real-Time Java includes updates resulting from feedback gathered during implementation of the proposed hard real-time execution environment and development tools.

JakHarta.pdf A Hardware Java Virtual Machine for Hard Real-Time Systems

A thesis submitted by Glenn Coates to the University of Manchester for the degree of Master of Philosophy in the Faculty of Engineering and Physical Sciences (fall, 2005).  This report discusses a variety of important issues regarding the use of Java for hard real-time systems. The discussions are relevant both to safety-critical and mission-critical uses of Java.

rtjava.guidelines.3-28-06.pdf

Guidelines for Scalable Java Development of Real-Time Systems, March 28, 2006, Kelvin Nilsen, Ph.D., Chief Technology Officer for Java, Atego.

This 3/28/2006 update of Draft Developer Guidelines for Real-Time Java includes changes resulting from feedback gathered during implementation of the PERC Pico product and research, including research conducted with DARPA funding for a large defense subcontractor.

jtres.2006.ppt

Powerpoint slides for "A Type System to Assure Scope Safety within Safety-Critical Java Modules", presented at the 2006 Java Technologies for Real-Time and Embedded Systems (JTRES) workshop in Paris, France, Oct, 2006.

Abstract: To address the needs of safety-critical system developers, a type system based on Java 5.0 meta-data annotations and special byte-code verification techniques is described. This type system enables programmers to develop code for which the byte code verifier is able to prove the absence of scoped memory protocol errors, thereby eliminating the need for run-time assignment checks. Benefits of the type system include improved software reliability, easier maintenance and integration of independently developed real-time software modules, and higher performance.
pico-manual.4-19-08.pdf

PERC Pico User Manual, April 19, 2008.

Abstract: PERC Pico is a commercial product of Aonix, designed to satisfy the rigorous requirements of hard real-time and safety-critical systems implemented in the Java programming language. The design of PERC Pico is based on three years of discussions within the Open Group Real-Time and Embedded Forum on the topic of standardization of a safety-critical Java specification. As an expert-group participant in JSR-302, Aonix continues to influence and track the progress of the official standardization activities. Aonix anticipates that commercial experience with PERC Pico will influence the final form of JSR-302. Once the JSR-302 standard becomes official, Aonix intends to make adjustments to the PERC Pico product to assure full compliance and compatibility.


About Atego

Atego™ is the leading independent supplier of industrial-grade, collaborative development tools , services and runtime environments for engineering complex, high reliability, mission- and safety-critical architectures, systems, software and hardware. Atego delivers stable, robust and scalable tools, services and working environments to thousands of users across an extensive range of complex applications in demanding engineering sectors such as aerospace, automotive, avionics, defense, electronics, medical, telecommunications and transportation.

Atego’s market leading products include; Aonix Perc® – a real-time embedded Java™ virtual machine, Artisan Studio® – a standards-based (OMG UML, SysML & UPDM) modeling tool suite, Atego Exerpt™ – an independent, Requirements data synchronization tool, Atego Process Director™ – a tool for authoring, measuring, managing & improving your organizations engineering and development processes, and Atego HighRely™ tools and services for avionics certification and training, particularly relating to DO-178 and DO-254.

Atego’s tools deliver on the promise of an integrated collaborative development environment – allowing architecture, systems, software and hardware engineering teams to Work-as-One™ – from concept through to delivery, maintenance and support. Founded in 2010 in a merger between Artisan Software Tools™ and Aonix®, Atego is headquartered in San Diego, CA, USA and Cheltenham, UK with offices in France, Germany and Italy, and is supported by a global distributor network.