Skip to main content
SpringerLink
Log in

100% Coverage for Safety-Critical Software – Efficient Testing by Static Analysis

  • Conference paper
Computer Safety, Reliability, and Security (SAFECOMP 2010)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 6351))

Included in the following conference series:

  • 2240 Accesses

Abstract

Safety-critical embedded software is used more and more pervasively in the automotive, avionics and healthcare industries. Failures of such safety-critical embedded systems may cause high costs or even endanger human beings. Also for non-safety-critical applications, a software failure may necessitate expensive updates. Making sure that an application is working properly means addressing many different aspects. Development standards like DO-178B, IEC 61508 and the new revisions DO-178C, or ISO 26262 require to identify potential functional and non-functional hazards and to demonstrate that the software does not violate the relevant safety goals.

For ensuring functional program properties automatic or model-based testing, and formal techniques like model checking become more and more widely used. For non-functional properties identifying a safe end-of-test criterion is a hard problem since failures usually occur in corner cases and full test coverage cannot be achieved. For some non-functional program properties this problem is solved by abstract interpretation-based static analysis techniques which provide full coverage and yield provably correct results. In this article we focus on static analyses of worst-case execution time, stack consumption, and runtime errors, which are increasingly adopted by industry in the validation and certification process for safety-critical software. We explain the underlying methodology and identify criteria for their successful application. The integration of static analyzers in the development process requires interfaces to other development tools, like code generators or scheduling tools. Using them for certification requires an appropriate tool qualification. We will address each of these topics and report on industrial experience.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. AbsInt Angewandte Informatik GmbH. Astrée Website, http://www.astree.de

  2. Blanchet, B., Cousot, P., Cousot, R., Feret, J., Mauborgne, L., Miné, A., Monniaux, D., Rival, X.: A Static Analyzer for Large Safety-Critical Software. In: Proceedings of the ACM SIGPLAN 2003 Conference on Programming Language Design and Implementation (PLDI 2003), San Diego, California, USA, June 7-14 2003, pp. 196–207. ACM Press, New York (2003)

    Chapter  Google Scholar 

  3. JTC1/SC22. Programming languages – C (December 16, 1999)

    Google Scholar 

  4. Cousot, P., Cousot, R.: Abstract Interpretation: A Unified Lattice Model for Static Analysis of Programs by Construction or Approximation of Fixpoints. In: Proceedings of the 4th ACM Symposium on Principles of Programming Languages, Los Angeles, California, pp. 238–252 (1977)

    Google Scholar 

  5. Cousot, P., Cousot, R., Feret, J., Miné, A., Mauborgne, L., Monniaux, D., Rival, X.: Varieties of Static Analyzers: A Comparison with ASTRÉE. In: First Joint IEEE/IFIP Symposium on Theoretical Aspects of Software Engineering, TASE 2007, pp. 3–20. IEEE Computer Society, Los Alamitos (2007)

    Chapter  Google Scholar 

  6. Delmas, D., Souyris, J.: ASTRÉE: from Research to Industry. In: Riis Nielson, H., Filé, G. (eds.) SAS 2007. LNCS, vol. 4634, pp. 437–451. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  7. Esterel Technologies. SCADE Suite, http://www.esterel-technologies.com/products/scade-suite

  8. ETAS Group. ASCET Software Products, http://www.etas.com/en/products/ascet_software_products.php

  9. Ferdinand, C.: Cache Behavior Prediction for Real-Time Systems. PhD thesis, Saarland University (1997)

    Google Scholar 

  10. Ferdinand, C., Heckmann, R., Kästner, D.: Static Memory and Timing Analysis of Embedded Systems Code. In: Proceedings of the IET Conference on Embedded Systems at Embedded Systems Show (ESS), Birmingham (2006)

    Google Scholar 

  11. Ferdinand, C., Heckmann, R., Langenbach, M., Martin, F., Schmidt, M., Theiling, H., Thesing, S., Wilhelm, R.: Reliable and precise WCET determination for a real-life processor. In: Henzinger, T.A., Kirsch, C.M. (eds.) EMSOFT 2001. LNCS, vol. 2211, pp. 469–485. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  12. Ferdinand, C., Heckmann, R., Le Sergent, T., Lopes, D., Martin, B., Fornari, X., Martin, F.: Combining a high-level design tool for safety-critical systems with a tool for WCET analysis on executables. In: 4th European Congress ERTS Embedded Real Time Software, Toulouse, France (January 2008)

    Google Scholar 

  13. Feret, J.: Static Analysis of Digital Filters. In: Schmidt, D. (ed.) ESOP 2004. LNCS, vol. 2986, pp. 33–48. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  14. Heckmann, R., Langenbach, M., Thesing, S., Wilhelm, R.: The influence of processor architecture on the design and the results of WCET tools. Proceedings of the IEEE 91(7), 1038–1054 (2003), Special Issue on Real-Time Systems

    Google Scholar 

  15. Henia, R., Hamann, A., Jersak, M., Racu, R., Richter, K., Ernst, R.: System level performance analysis – the SymTA/S approach. In: IEEE Proceedings on Computers and Digital Techniques, vol. 152(2) (March 2005)

    Google Scholar 

  16. Kästner, D., Wilhelm, R., Heckmann, R., Schlickling, M., Pister, M., Jersak, M., Richter, K., Ferdinand, C.: Timing Validation of Automotive Software. In: 3rd International Symposium on Leveraging Applications of Formal Methods, Verification and Validation (ISOLA) 2008. CCIS, vol. 17, pp. 93–107. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  17. Langenbach, M., Thesing, S., Heckmann, R.: Pipeline modeling for timing analysis. In: Hermenegildo, M.V., Puebla, G. (eds.) SAS 2002. LNCS, vol. 2477, pp. 294–309. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  18. Lions, J., et al.: ARIANE 5, Flight 501 Failure. Report by the Inquiry (1996)

    Google Scholar 

  19. Mauborgne, L., Rival, X.: Trace Partitioning in Abstract Interpretation Based Static Analyzers. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 5–20. Springer, Heidelberg (2005)

    Google Scholar 

  20. Miné, A.: Relational Abstract Domains for the Detection of Floating-Point Run-Time Errors. In: Schmidt, D. (ed.) ESOP 2004. LNCS, vol. 2986, pp. 3–17. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  21. Miné, A.: The Octagon Abstract Domain. Higher-Order and Symbolic Computation 19(1), 31–100 (2006)

    Article  MATH  Google Scholar 

  22. Schneider, J., Ferdinand, C.: Pipeline behavior prediction for superscalar processors by abstract interpretation. In: Proceedings of the ACM SIGPLAN Workshop on Languages, Compilers and Tools for Embedded Systems, pp. 35–44 (May 1999)

    Google Scholar 

  23. Souyris, J., Le Pavec, E., Himbert, G., Jégu, V., Borios, G., Heckmann, R.: Computing the worst case execution time of an avionics program by abstract interpretation. In: Proceedings of the 5th Intl. Workshop on Worst-Case Execution Time (WCET) Analysis, pp. 21–24 (2005)

    Google Scholar 

  24. Theiling, H., Ferdinand, C.: Combining abstract interpretation and ILP for microarchitecture modelling and program path analysis. In: Proceedings of the 19th IEEE Real-Time Systems Symposium, Madrid, Spain, pp. 144–153 (December 1998)

    Google Scholar 

  25. Thesing, S., Souyris, J., Heckmann, R., Randimbivololona, F., Langenbach, M., Wilhelm, R., Ferdinand, C.: An abstract interpretation-based timing validation of hard real-time avionics software. In: Proceedings of the 2003 International Conference on Dependable Systems and Networks (DSN 2003), pp. 625–632. IEEE Computer Society, Los Alamitos (2003)

    Chapter  Google Scholar 

  26. Wilhelm, R.: Determining bounds on execution times. In: Zurawski, R. (ed.) Handbook on Embedded Systems, pp. 14-1 –14-23. CRC Press, Boca Raton (2005)

    Google Scholar 

  27. Wilhelm, R., Engblom, J., Ermedahl, A., Holsti, N., Thesing, S., Whalley, D., Bernat, G., Ferdinand, C., Heckmann, R., Mitra, T., Mueller, F., Puaut, I., Puschner, P., Staschulat, J., Stenström, P.: The worst-case execution-time problem—overview of methods and survey of tools. ACM Transactions on Embedded Computing Systems 7(3), 1–53 (2008)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. AbsInt GmbH, Science Park 1, 66123, Saarbrücken, Germany

    Daniel Kästner, Reinhold Heckmann & Christian Ferdinand

Authors
  1. Daniel Kästner
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Reinhold Heckmann
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Christian Ferdinand
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Safety and Security Department, AIT Austrian Institute of Technology GmbH, Donau-City-Str. 1, 1220, Vienna, Austria

    Erwin Schoitsch

Rights and permissions

Reprints and permissions

Copyright information

© 2010 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Kästner, D., Heckmann, R., Ferdinand, C. (2010). 100% Coverage for Safety-Critical Software – Efficient Testing by Static Analysis. In: Schoitsch, E. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2010. Lecture Notes in Computer Science, vol 6351. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-15651-9_15

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-15651-9_15

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-15650-2

  • Online ISBN: 978-3-642-15651-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation