Worst-case execution time (WCET) analysis of real-time code needs to be performed on the executable binary code for soundness. Obtaining tight WCET bounds requires determination of loop bounds and elimination of infeasible paths. The binary code, however, lacks information necessary to determine these bounds. This information is usually provided through manual intervention, or preserved in the binary by a specially modified compiler. We propose an alternative approach, using an existing translation-validation framework, to enable high-assurance, automatic determination of loop bounds and infeasible paths. We show that this approach automatically determines all loop bounds and many (possibly all) infeasible paths in the seL4 microkernel, as well as in standard WCET benchmarks which are in the language subset of our C parser. We also design and validate an improvement to the seL4 implementation, which permits a key part of the kernel’s API to be available to users in a mixed-criticality setting.

中文翻译：

---

高保证实时操作系统的高保证时序分析

实时代码的最坏情况执行时间 (WCET) 分析需要在可执行二进制代码上执行以确保稳健性。获得严格的 WCET 边界需要确定循环边界并消除不可行路径。然而，二进制代码缺乏确定这些界限所必需的信息。此信息通常通过人工干预提供，或由经过特殊修改的编译器保存在二进制文件中。我们提出了一种替代方法，使用现有的翻译验证框架，以实现对循环边界和不可行路径的高保证、自动确定。我们表明，这种方法会自动确定 seL4 微内核中的所有循环边界和许多（可能所有）不可行路径，以及在我们的 C 解析器的语言子集中的标准 WCET 基准测试中。