# HG changeset patch
# User Christian Urban <urbanc@in.tum.de>
# Date 1568974358 -3600
# Node ID 99880ddeae63d7ab490e2ffbf3cf807ecef20e56
# Parent  e6d58b2a29299642a154346b2f3660da315653a9
updated

diff -r e6d58b2a2929 -r 99880ddeae63 index.html
--- a/index.html	Sat Sep 07 15:04:15 2019 +0100
+++ b/index.html	Fri Sep 20 11:12:38 2019 +0100
@@ -14,7 +14,6 @@
     ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js';
     var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s);
   })();
-
 </script>
 </HEAD>
 
@@ -23,12 +22,13 @@
       LINK="#0000EF" 
       VLINK="#51188E"  
       ALINK="#FF0000">
+<font face='Tahoma'>
 
 <TABLE WIDTH="100%" 
        BGCOLOR="#4169E1" 
        BORDER="0"   
        FRAME="border"  
-       CELLPADDING="10"     
+       CELLPADDING="11"     
        CELLSPACING="2"
        RULES="all">
 
@@ -201,8 +201,8 @@
 <TR>
 <TD BGCOLOR="#FFFFFF" WIDTH="75%">
 <B>Nominal Isabelle</B> 
-I currently work on Nominal 
-<A HREF="http://isabelle.in.tum.de">Isabelle</A> 2. This is joint work with 
+I am the main developer of Nominal 
+<A HREF="http://isabelle.in.tum.de">Isabelle</A>. This is joint work with 
 <A HREF="http://www21.in.tum.de/~berghofe/">Dr Stefan Berghofer</A>,
 <A HREF="http://sketis.net/">Dr Markus Wenzel</A>,
 <A HREF="http://cl-informatik.uibk.ac.at/users/cek/">Dr Cezary Kaliszyk</A>,
@@ -210,22 +210,69 @@
 the Isabelle-team in Munich.
 Many of the theoretical ideas originate from the nominal logic project - a wonderful project headed 
 by <A HREF="http://www.cl.cam.ac.uk/~amp12/">Prof. Andrew Pitts</A>.  
-The aim of my work is to make formal reasoning involving binders as simple as 
+The aim with this work is to make formal reasoning involving binders as simple as 
 on paper and the hope is to lure  
 <A HREF="http://alliance.seas.upenn.edu/~plclub/cgi-bin/poplmark/index.php?title=The_POPLmark_Challenge#Vision">masses</A> to automated
 theorem proving. My funding for this work was provided in 2004 and 2005 by a research 
 fellowship from the 
 <A HREF="http://en.wikipedia.org/wiki/Alexander_von_Humboldt">Alexander-von-Humboldt</A>
 <A HREF="http://www.humboldt-foundation.de/web/home.html">foundation</A>. During this time I was a visitor in the group of 
-<A HREF="http://www.mathematik.uni-muenchen.de/~schwicht/">Prof. Helmut Schwichtenberg</A>.
-Since 2006 this work is supported by an
+<A HREF="http://www.mathematik.uni-muenchen.de/~schwicht/">Prof. Helmut Schwichtenberg</A> in Munich.
+Between 2006 and 2011 this work is supported by an
 <A HREF="http://en.wikipedia.org/wiki/Emmy_Noether">Emmy-Noether</A> 
-<A HREF="https://www.dfg.de/en/research_funding/programmes/individual/emmy_noether/">fellowship</A>.
+<A HREF="https://www.dfg.de/en/research_funding/programmes/individual/emmy_noether/">fellowship</A> at the TUM.
 There is a <A HREF="https://nms.kcl.ac.uk/christian.urban/Nominal/">webpage</A> about Nominal
 Isabelle, which also includes a list of projects that use Nominal Isabelle.
 Users of Nominal Isabelle had their papers appearing at LICS, POPL, FOSSACS, SOS, TPHOLs, CPP, SEFM,
 the Haskell Symposium and
-in the Journal of Automated Reasoning.
+in the Journal of Automated Reasoning. Nowadays, Nominal Isabelle 2 is part of the <A HREF="https://www.isa-afp.org">Archive of Formal Proofs</A>.
+</TD>
+</TR>
+
+<TR>
+<TD BGCOLOR="#FFFFFF" WIDTH="75%">
+<B>Real-Time Scheduling and Priority Inheritance</B>
+  In real-time operating systems with processes, resource locking and
+  priority scheduling, one faces the problem of
+  <A HREF="http://en.wikipedia.org/wiki/Priority_inversion">priority inversion</A> (processes
+  with lower priority block processes with higher priority indefinitely). If you do not prevent this problem,
+  then processes can behave erratically, as <A HREF="http://www.nasa.gov">NASA</A> found out the
+  <A HREF="http://catless.ncl.ac.uk/Risks/19.54.html#subj6">hard</A> way with their first
+  <A HREF="http://www.nasa.gov/mission_pages/mars-pathfinder/index.html">Mars Pathfinder mission</A>.
+  The priority inheritance protocol is a widely used scheduling algorithm that prevents
+  priority inversion. However, the <A HREF="http://dx.doi.org/10.1109/12.57058">original paper</A>
+  describing this algorithm contains an incorrect algorithm and a bogus(!) correctness proof.
+
+  We formalised our version of the priority inheritance protocol, including a generalisation
+  of the original work (we allow overlapping critical sections) in the theorem prover
+  <A HREF="http://isabelle.in.tum.de">Isabelle</A>.
+
+  In our formalisation we use the inductive method we learned from
+  <A HREF="https://www.cl.cam.ac.uk/~lp15/">Prof. Larry Paulson</A>.
+  He used this method in order to prove the correctness of security
+  protocols. We have implemented our algorithm on top of the
+  the small <A HREF="https://en.wikipedia.org/wiki/Pintos">PINTOS</A>
+  operating system used for teaching (we passed all their test cases and were
+  faster than their reference implementation).
+
+  
+  While the problem with the original algorithm was already known for some time, the incorrect
+  specification seems to be still widely in use and described in many textbooks on real-time operating systems,
+  including famous and rather expensive
+  ones. Feel free to decide whether they are worth your time and money. Task: Spot the problems in  
+  <A href="https://www.amazon.com/Real-Time-Systems-Design-Analysis-Practitioner-ebook/dp/B0062LNOCW">here</A>,
+  <A href="https://www.amazon.co.uk/Real-Time-Concepts-Embedded-Systems-Qing/dp/1578201241">here</A>,
+  <A href="https://www.amazon.co.uk/Real-Time-Systems-Jane-W-Liu/dp/0130996513">here</A>,
+  <A href="https://www.springer.com/gp/book/9780792392118">here</A> and
+  <A href="https://www.os-book.com/OS9/">here</A>!
+  Alternatively, you can look at the quotes and pointers in our
+  <A HREF="http://nms.kcl.ac.uk/christian.urban/Publications/pip.pdf">paper</A>. A notable
+  exception is the <A HREF="https://www.springer.com/gp/book/9781461406754">textbook</A>
+  by Buttazzo, who gives the correct specification. Unfortunately, his work did not
+  help us with proving the correctness of the priority inheritance protocol.
+  
+  This is joint work with Prof. Xingyuan Zhang and his student Chunhan Wu from the 
+ <A HREF="http://www.ust.com.cn/">PLA University of Science and Technology</A> in Nanjing. 
 </TD>
 </TR>
 
@@ -261,39 +308,6 @@
 </TD>
 </TR>
 
-<!--
-<TR>
-<TD BGCOLOR="#FFFFFF" WIDTH="75%">
-<B>Priority Inheritance</B>
-  In real-time operating systems with processes, resource locking and
-  priority scheduling, one faces the problem of indefinite
-  <A HREF="http://en.wikipedia.org/wiki/Priority_inversion">priority inversion</A> (processes
-  with lower priority block processes with higher priority). If you do not prevent this problem,
-  then processes can behave quite erratically, as <A HREF="http://www.nasa.gov">NASA</A> found out the
-  <A HREF="http://catless.ncl.ac.uk/Risks/19.54.html#subj6">hard</A> way with their
-  <A HREF="http://www.nasa.gov/mission_pages/mars-pathfinder/index.html">Mars Pathfinder mission</A>.
-  The priority inheritance protocol is a widely used scheduling algorithm that prevents
-  priority inversion. However, the <A HREF="http://dx.doi.org/10.1109/12.57058">original paper</A>
-  describing this algorithm contains an incorrect algorithm and a bogus correctness proof
-  (this seems to be the only &quot;proof&quot; about priority inheritance in the literature). 
-
-  We formalised the priority inheritance protocol, including a generalisation
-  of the original work.
-
-  using the inductive method we learned from
-  <A HREF="https://www.cl.cam.ac.uk/~lp15/">Prof. Larry Paulson</A>.
-  While the problem with the original algorithm was already known, the incorrect
-  specification seems to be still in use 
-
-  <A HREF="http://mcs.une.edu.au/%7Eiam/Data/threads/node15.html">here</A>
-  <A HREF="http://ems2.be/Portals/6/course_docs/OS_pathfinder_failure.ppt"> 
-  
-  This is joint work with Prof. Xingyuan Zhang and his student Chunhan Wu from the 
- <A HREF="http://www.ust.com.cn/">PLA University of Science and Technology</A> in Nanjing. 
-</TD>
-</TR>
--->
-
 <TR>
 <TD BGCOLOR="#FFFFFF" WIDTH="75%">
 <B>Nominal Unification and Alpha-Prolog</B> 
@@ -370,7 +384,7 @@
 
 </TABLE>
 <P>
-Time-stamp: <- 2017-09-26 19:52:51 by Christian Urban>
 <a href="https://validator.w3.org/check/referer">[Validate this page.]</a>
+</font>
 </BODY>
 </HTML>