Processor obsolescence is a serious maintenance problem for long-lived embedded control systems. A practical solution is to interpose an emulator program between the ‘legacy’ software and a replacement processor, so that the old code can be reused on the new machine. Unfortunately, no verification techniques exist for proving that the resulting system preserves the original system’s functional and timing behaviour. A particular challenge is that processor emulation mixes both legacy assembly code and new high-level language software patches. Nevertheless, we show that a formalism previously used for analysing program compilation, coupled with an understanding of the legacy software architecture, can be used to verify key aspects of an emulated control system.
Colin J. Fidge