Article

Proving the absence of run-time errors in safety-critical avionics code

Author:

Patrick CousotAuthors Info & Claims

EMSOFT '07: Proceedings of the 7th ACM & IEEE international conference on Embedded software

Pages 7 - 9

https://doi.org/10.1145/1289927.1289932

Published: 30 September 2007 Publication History

Abstract

We explain the design of the interpretation-based static analyzer ASTRÉE and its use to prove the absence of run-time errors in safety-critical codes.

References

[1]

B. Blanchet, P. Cousot, R. Cousot, J. Feret, L. Mauborgne, A. Miné, D. Monniaux, and X. Rival. Design and implementation of a special-purpose static program analyzer for safety-critical real-time embedded software, invited chapter. T. Mogensen, D. Schmidt, and I. Sudboroughall (Eds.), The Essence of Computation: Complexity, Analysis, Transformation. Essays Dedicated to Neil D. Jones, LNCS 2566, pp. 85--108, Springer, 2002.

Digital Library

[2]

B. Blanchet, P. Cousot, R. Cousot, J. Feret, L. Mauborgne, A. Miné, D. Monniaux, and X. Rival. A static analyzer for large safety-critical software. Proc. ACM SIGPLAN '2003 Conf. PLDI, pp. 196--207, San Diego, 7-14 June 2003. ACM Press.

Digital Library

[3]

P. Cousot. Méthodes it ératives de construction et d'approximation de points fixes d'opérateurs monotones sur un treillis, analyse sémantique de programmes (in French). Thèse d' État ès sciences mathématiques, University of Grenoble, 21 Mar. 1978.

[4]

P. Cousot and R. Cousot. Static determination of dynamic properties of programs. Proc. 2nd Int. Symp. on Programming, pp. 106--130, Paris, 1976. Dunod.

[5]

P. Cousot and R. Cousot. Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fix points. 4th POPL, pp. 238--252, Los Angeles, 1977. ACM Press.

Digital Library

[6]

P. Cousot and R. Cousot. Systematic design of program analysis frameworks. 6th POPL, pp. 269--282, San Antonio, 1979. ACM Press.

Digital Library

[7]

P. Cousot and R. Cousot. Comparing the Galois connection and widening/narrowing approaches to abstract interpretation, invited paper. M. Bruynooghe and M. Wirsing (Eds.), Proc. 4th Int. Symp. PLILP '92, Leuven, LNCS 631, pp. 269-295, Springer, 26-28 Aug. 1992.

Digital Library

[8]

P. Cousot, R. Cousot, J. Feret, L. Mauborgne, A. Miné, D. Monniaux, and X. Rival. The Astrée Static Analyzer. http://www.astree.ens.fr/.

[9]

P. Cousot, R. Cousot, J. Feret, L. Mauborgne, A. Miné, D. Monniaux, and X. Rival. The Astrée analyser. M. Sagiv (Ed.), Proc. 14th ESOP'2005, Edinburg, LNCS 3444, pp. 21--30, Springer, 2-10 Apr. 2005.

Digital Library

[10]

P. Cousot, R. Cousot, J. Feret, L. Mauborgne, A. Miné, D. Monniaux, and X. Rival. Combination of abstractions in the Astrée static analyzer, invited paper. M. Okada and I. Satoh (Eds.), 11th ASIAN 06, Tokyo, 6-8 Dec. 2006. LNCS, Springer. To appear.

Digital Library

[11]

P. Cousot, R. Cousot, J. Feret, L. Mauborgne, A. Miné, D. Monniaux, and X. Rival. Varieties of static analyzers: A comparison with Astrée, invited paper. M. Hinchey, H. Jifeng, and J. Sanders (Eds.), Proc. 1st TASE '07, pp. 3--17, Shanghai, 6-8 June 2007. IEEE Press.

Digital Library

[12]

D. Delmas and J. Souyris. Astrée: from research to industry. G. Filé and H. Riis-Nielson (Eds.), Proc. 14th Int. Symp. SAS '07, Kongens Lyngby, LNCS 4634, Springer, 22-24 Aug. 2007.

Digital Library

[13]

J. Feret. Static analysis of digital filters. D. Schmidt (Ed.), Proc. 30th ESOP '2004, Barcelona, LNCS 2986, pp. 33--48, Springer, Mar. 27 - Apr. 4, 2004.

[14]

J. Feret. The arithmetic-geometric progression abstract domain. R. Cousot (Ed.), Proc. 6th Int. Conf. VMCAI 2005, Paris, LNCS 3385, pp. 42--58, Springer, 17-19 Jan. 2005.

Digital Library

[15]

É. Goubault, M. Martel, and S. Putot. Asserting the precision of floating-point computations: a simple abstract interpreter. D. Le Métayer (Ed.), Proc. 11th ESOP '2002, Grenoble, LNCS 2305, pp. 209--212, Springer, 8-12 Apr. 2002.

Digital Library

[16]

L. Mauborgne. Astrée: Verification of absence of run-time error. P. Jacquart (Ed.), Building the Information Society, ch4, pp. 385--392. Kluwer Acad. Pub., 2004.

[17]

L. Mauborgne and X. Rival. Trace partitioning in abstract interpretation based static analyzer. M. Sagiv (Ed.), Proc. 14th ESOP '2005, Edinburg, LNCS 3444, pp. 5--20, Springer, 2-10 Apr. 2005.

Digital Library

[18]

A. Miné. The Octagon abstract domain library. http://www.di.ens.fr/~mine/oct/.

[19]

A. Miné. A new numerical abstract domain based on difference-bound matrices. O. Danvy and A. Filinski (Eds.), Proc. 2nd Symp. PADO '2001, Århus, LNCS 2053, pp. 155--172, Springer, 21-23 May 2001.

Digital Library

[20]

A. Miné. A few graph-based relational numerical abstract domains. M. Hermenegildo and G. Puebla (Eds.), Proc. 9th Int. Symp. SAS '02, Madrid, LNCS 2477, pp. 117--132, Springer, 2002.

Digital Library

[21]

A. Miné. Relational abstract domains for the detection of floating-point run-time errors. D. Schmidt (Ed.), Proc. 30th ESOP '2004, Barcelona, LNCS 2986, pp. 3--17, Springer, Mar. 27 - Apr. 4, 2004.

[22]

A. Miné. Field-sensitive value analysis of embedded C programs with union types and pointer arithmetics. Proc. LCTES '2006, pp. 54--63, ACM Press, June 2006.

Digital Library

[23]

A. Miné. The octagon abstract domain. Higher-Order and Symbolic Computation, 19:31--100, 2006.

Digital Library

[24]

A. Miné. Symbolic methods to enhance the precision of numerical abstract domains. E. Emerson and K. Namjoshi (Eds.), Proc. l7th Int. Conf. VMCAI 2006, Charleston, LNCS 3855, pp.348--363, Springer, 8-10 Jan. 2006.

Digital Library

[25]

D. Monniaux. The parallel implementation of the Astrée static analyzer. K. Yi (Ed.), Proc. 3rd APLAS '2005, Tsukuba, LNCS 3780, pp. 86--96, Springer, 3-5 Nov. 2005.

Digital Library

[26]

F. Randimbivololona, J. Souyris, and A. Deutsch. Improving avionics software verification cost-effectiveness: Abstract interpretation based technology contribution. Proceedings DASIA 2000 - DAta Systems In Aerospace, Montreal. ESA Publications, 22-26 May 2000.

[27]

X. Rival. Abstract dependences for alarm diagnosis. K. Yi (Ed.), Proc. 3rd APLAS '2005, Tsukuba, LNCS 3780, pp. 347--363, Springer, 3-5 Nov. 2005.

Digital Library

[28]

X. Rival. Understanding the origin of alarms in Astrée. C. Hankin and I. Siveroni (Eds.), Proc. 12th Int. Symp. SAS '05, London, LNCS 3672, pp. 303--319, Springer, 7-9 Sep. 2005.

Digital Library

[29]

J. Souyris. Industrial experience of abstract interpretation-based static analyzers. P. Jacquart (Ed.), Building the Information Society, ch4, pp. 393--400. Kluwer Acad. Pub., 2004.

[30]

S. Thesing, J. Souyris, R. Heckmann, F. Randimbivololona, M. Langenbach, R. Wilhelm, and C. Ferdinand. Abstract interpretation-based timing validation of hard real-time avionics software. Proc. Int. Conf. DSN 2003, San Francisco, pp. 625--634. IEEE Press, 22-25 June 2003.

Cited By

Cousot P(2023)A Personal Historical Perspective on Abstract InterpretationThe French School of Programming10.1007/978-3-031-34518-0_9(205-239)Online publication date: 11-Oct-2023
https://doi.org/10.1007/978-3-031-34518-0_9
Bruni RGiacobazzi RGori RRanzato FJhala RDillig I(2022)Abstract interpretation repairProceedings of the 43rd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3519939.3523453(426-441)Online publication date: 9-Jun-2022
https://dl.acm.org/doi/10.1145/3519939.3523453
Ait Ameur YBoniol FWiels V(2018)Toward a wider use of formal methods for aerospace systems design and verificationInternational Journal on Software Tools for Technology Transfer (STTT)10.5555/3220893.322106712:1(1-7)Online publication date: 28-Dec-2018
https://dl.acm.org/doi/10.5555/3220893.3221067
Show More Cited By

Index Terms

Proving the absence of run-time errors in safety-critical avionics code

Recommendations

Proving the absence of RTSJ related runtime errors through data flow analysis
JTRES '06: Proceedings of the 4th international workshop on Java technologies for real-time and embedded systems

The Real-Time Specification for Java (RTSJ) introduces region based memory management to avoid the need for garbage collection. This region based memory management, however, introduces new possible runtime errors. Ensuring that an RTSJ application ...
Experimental assessment of Astrée on safety-critical avionics software
SAFECOMP'07: Proceedings of the 26th international conference on Computer Safety, Reliability, and Security

Astrée is a parametric Abstract Interpretation based static analyser that aims at proving the absence of RTE (Run-Time Errors) in control programs written in C. Such properties are clearly safety properties since the behaviour of a C program is ...
Pointer Analysis, Conditional Soundness, and Proving the Absence of Errors
SAS '08: Proceedings of the 15th international symposium on Static Analysis

It is well known that the use of points-to information can substantially improve the accuracy of a static program analysis. Commonly used algorithms for computing points-to information are known to be sound only for memory-safe programs. Thus, it ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

EMSOFT '07: Proceedings of the 7th ACM & IEEE international conference on Embedded software

September 2007

304 pages

ISBN:9781595938251

DOI:10.1145/1289927

Program Chairs:
Christoph M. Kirsch
University of Salzburg
,
Reinhard Wilhelm
Saarland University

Copyright © 2007 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 30 September 2007

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Article

Conference

ESWEEK07

Sponsor:

ESWEEK07: Third Embedded Systems Week

September 30 - October 3, 2007

Salzburg, Austria

Acceptance Rates

Overall Acceptance Rate 60 of 203 submissions, 30%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

17
Total Citations
View Citations
323
Total Downloads

Downloads (Last 12 months)6
Downloads (Last 6 weeks)2

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Cousot P(2023)A Personal Historical Perspective on Abstract InterpretationThe French School of Programming10.1007/978-3-031-34518-0_9(205-239)Online publication date: 11-Oct-2023
https://doi.org/10.1007/978-3-031-34518-0_9
Bruni RGiacobazzi RGori RRanzato FJhala RDillig I(2022)Abstract interpretation repairProceedings of the 43rd ACM SIGPLAN International Conference on Programming Language Design and Implementation10.1145/3519939.3523453(426-441)Online publication date: 9-Jun-2022
https://dl.acm.org/doi/10.1145/3519939.3523453
Ait Ameur YBoniol FWiels V(2018)Toward a wider use of formal methods for aerospace systems design and verificationInternational Journal on Software Tools for Technology Transfer (STTT)10.5555/3220893.322106712:1(1-7)Online publication date: 28-Dec-2018
https://dl.acm.org/doi/10.5555/3220893.3221067
Cortesi AZanioli M(2018)Widening and narrowing operators for abstract interpretationComputer Languages, Systems and Structures10.1016/j.cl.2010.09.00137:1(24-42)Online publication date: 20-Dec-2018
https://dl.acm.org/doi/10.1016/j.cl.2010.09.001
Merz FSinz CPost HGorges TKropf T(2018)Bridging the gap between test cases and requirements by abstract testingInnovations in Systems and Software Engineering10.1007/s11334-015-0245-711:4(233-242)Online publication date: 15-Dec-2018
https://dl.acm.org/doi/10.1007/s11334-015-0245-7
Mukherjee RKroening DMelham T(2015)Hardware Verification Using Software Analyzers2015 IEEE Computer Society Annual Symposium on VLSI10.1109/ISVLSI.2015.107(7-12)Online publication date: Jul-2015
https://doi.org/10.1109/ISVLSI.2015.107
Bao TZhang X(2013)On-the-fly detection of instability problems in floating-point program executionACM SIGPLAN Notices10.1145/2544173.250952648:10(817-832)Online publication date: 29-Oct-2013
https://dl.acm.org/doi/10.1145/2544173.2509526
Bao TZhang XHosking AEugster PLopes C(2013)On-the-fly detection of instability problems in floating-point program executionProceedings of the 2013 ACM SIGPLAN international conference on Object oriented programming systems languages & applications10.1145/2509136.2509526(817-832)Online publication date: 29-Oct-2013
https://dl.acm.org/doi/10.1145/2509136.2509526
Siminiceanu RCiardo G(2012)Symbolic Model Checking for AvionicsFormal Methods for Industrial Critical Systems10.1002/9781118459898.ch5(85-112)Online publication date: 29-Nov-2012
https://doi.org/10.1002/9781118459898.ch5
Chaudhuri SGulwani SLublinerman R(2010)Continuity analysis of programsACM SIGPLAN Notices10.1145/1707801.170630845:1(57-70)Online publication date: 17-Jan-2010
https://dl.acm.org/doi/10.1145/1707801.1706308
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten