Julien Julien Bertrane
Patrick Cousot
Xavier Rival
Skip Abstract Section
Abstract
Formal methods are increasingly used to help ensuring the correctness of complex, critical embedded software systems. We show how sound semantic static analyses based on Abstract Interpretation may be used to check properties at various levels of a software design: from high level models to low level binary code. After a short introduction to the Abstract Interpretation theory, we present a few current applications: checking for run-time errors at the C level, translation validation from C to assembly, and analyzing SAO models of communicating synchronous systems with imperfect clocks. We conclude by briey proposing some requirements to apply Abstract Interpretation to modeling languages such as UML.
- AbsInt, Angewandte Informatik. Astrée run-time error analyzer. http://www.absint.com/astree/.Google Scholar
- Bertrane, J. Proving the properties of communicating imperfectly-clocked synchronous systems. In Proceedings of the Thirteenth International Symposium on Static Analysis (SAS 06) (Seoul, 29--31 Aug. 2006), K. Yi, Ed., vol. 4134 of LNCS, Springer, pp. 370--386. Google ScholarDigital Library
- Bertrane, J., Cousot, P., Cousot, R., Feret, J., Mauborgne, L., Miné, A., and Rival, X. Static analysisGoogle Scholar
- Blanchet, B., Cousot, P., Cousot, R., Feret, J., Mauborgne, L., Miné, A., Monniaux, D., and Rival, X. Design and implementation of a special-purpose static program analyzer for safety-critical real-time embedded software, invited chapter. In The Essence of Computation: Complexity, Analysis, Transformation. Essays Dedicated to Neil D. Jones, T. Mogensen, D. Schmidt, and I. Sudborough, Eds., LNCS 2566. Springer, 2002, pp. 85--108. Google ScholarDigital Library
- Blanchet, B., Cousot, P., Cousot, R., Feret, J., Mauborgne, L., Miné, A., Monniaux, D., and Rival, X. A static analyzer for large safety-critical software. In Proc. ACM SIGPLAN'2003 Conf. PLDI (San Diego, 2003), ACM Press, pp. 196--207. Google ScholarDigital Library
- Bouissou, O., Conquet, E., Cousot, P., Cousot, R., Feret, J., Goubault, E., Ghorbal, K., Lesens, D., Mauborgne, L., Miné, A., Putot, S., Rival, X., and Turin, M. Space software validation using abstract interpretation. In Proc. of the Int. Space System Engineering Conference, Data Systems In Aerospace (DASIA'09) (Istanbul, Turkey, 26--29 May 2009), ESA publications, pp. 1--7.Google Scholar
- Cousot, P. The calculational design of a generic abstract interpreter. In Calculational System Design, M. Broy and R. Steinbrüggen, Eds. NATO ASI Series F. IOS Press, Amsterdam, 1999.Google Scholar
- Cousot, P., and Cousot, R. Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In Conf. Rec. of the 4th ACM Symp. on Principles of Programming Languages (POPL'77) (Jan. 1977), pp. 238--252. Google ScholarDigital Library
- Cousot, P., and Cousot, R. Systematic design of program analysis frameworks. In Conference Record of the Sixth Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (San Antonio, Texas, 1979), ACM Press, pp. 269--282. Google ScholarDigital Library
- Cousot, P., Cousot, R., Feret, J., Mauborgne, L., Miné, A., Monniaux, D., and Rival, X. Combination of abstractions in the Astrée static analyzer. In Proc. of the 11th Annual Asian Computing Science Conference (ASIAN'06) (Tokyo, Japan, 6--8 Dec. 2006), M. Okada and I. Satoh, Eds., vol. 4435 of LNCS, Springer, pp. 272--300. Google ScholarDigital Library
- Cousot, P., Cousot, R., Feret, J., Mauborgne, L., Miné, A., and Rival, X. The Astrée static analyzer. http://www.astree.ens.fr.Google Scholar
- Cousot, P., and Halbwachs, N. Automatic discovery of linear restraints among variables of a program. In Conf. Rec. of the 5th Annual ACM SIGPLAN-SIGACT Symp. on Principles of Programming Languages (POPL'78) (Tucson, USA, 1978), ACM Press, pp. 84--97. Google ScholarDigital Library
- Delmas, D., and Souyris, J. Astrée: from research to industry. In Proc. of the 14th Int. Static Analysis Symposium (SAS'07), G. Filé and H. Riis-Nielson, Eds., vol. 4634 of LNCS. Springer, Kongens Lyngby, Denmark, 22--24 Aug. 2007, pp. 437--451. Google ScholarDigital Library
- Esterel Technologies. Scade suite™, the standard for the development of safety-critical embedded software in the avionics industry. http://www.esterel-technologies.com/.Google Scholar
- Feret, J. Static analysis of digital filters. In Proc. of the 13th European Symp. on Programming Languages and Systems (ESOP'04) (27 Mar.--4 Apr. 2004), D. Schmidt, Ed., vol. 2986 of LNCS, Springer, pp. 33--48.Google Scholar
- Feret, J. The arithmetic-geometric progression abstract domain. In Proc. of the 6th Int. Conf. on Verification, Model Checking and Abstract Interpretation (VMCAI'05) (Paris, France, 17--19 Jan. 2005), R. Cousot, Ed., vol. 3385 of LNCS, Springer, pp. 42--58. Google ScholarDigital Library
- Goubault, E. Static analyses of oating-point operations. In Proc. of the 8th Int. Static Analysis Symposium (SAS'01) (2001), vol. 2126 of LNCS, Springer, pp. 234--259. Google ScholarDigital Library
- Heckmann, R., and Ferdinand, C. Worst-case execution time prediction by static program analysis. In Proc. of the 18th Int. Parallel and Distributed Processing Symposium (IPDPS'04) (2004), IEEE Computer Society, pp. 26--30.Google Scholar
- IEEE Computer Society. IEEE standard for binary floating-point arithmetic. Tech. rep., ANSI/IEEE Std. 745--1985, 1985.Google Scholar
- Ioualalen, A. SARDANA: an abstract interpretation based tool for Optimization of numerical expressions in LUSTRE programs. In Tools for Automatic Program AnalysiS (TAPAS 2010), Perpignan, France (17 Sep. 2010).Google Scholar
- ISO/IEC JTC1/SC22/WG14 Working Group. C standard. Tech. Rep. 1124, ISO & IEC, 2007.Google Scholar
- Jeannet, B., and Miné, A. Apron: A library of numerical abstract domains for static analysis. Computer Aided Verification, CAV'2009 5643 of LNCS (2009), 661--667. Google ScholarDigital Library
- Kästner, D., Wilhelm, S., Nenova, S., Cousot, P., Cousot, R., Feret, J., Mauborgne, L., Miné, A., and Rival, X. Astrée: Proving the absence of rutime errors. In Proc. of Embedded Real-Time Software and Systems (ERTS'10) (Toulouse, France, May 2010), pp. 1--5. (to appear).Google Scholar
- Miné, A. Field-sensitive value analysis of embedded C programs with union types and pointer arithmetics. In Proc. of the ACM SIGPLAN-SIGBED Conf. on Languages, Compilers, and Tools for Embedded Systems (LCTES'06) (June 2006), ACM Press, pp. 54--63. Google ScholarDigital Library
- Miné, A. The octagon abstract domain. Higher-Order and Symbolic Computation 19 (2006), 31--100. Google ScholarDigital Library
- Moore, R. E. Interval Analysis. Prentice Hall, Englewood Cliffs N. J., USA, 1966.Google Scholar
- Randimbivololona, F., Souyris, J., Baudin, P., Pacalet, A., Raguideau, J., and Schoen, D. Applying formal proof techniques to avionics software: A pragmatic approach. In Proc. of the World Congress on Formal Methods (FM'99) (1999), vol. 1709 of LNCS, Springer, pp. 1798--1815. Google ScholarDigital Library
- Rival, X. Symbolic transfer functions-based approaches to certified compilation. In Conf. Rec. of the 31st Annual ACM SIGPLAN-SIGACT Symp. on Principles of Programming Languages (POPL'04) (Venice, Italy, Jan. 2004), ACM Press, pp. 1--13. Google ScholarDigital Library
- Rival, X., and Mauborgne, L. The trace partitioning abstract domain. ACM Trans. Program. Lang. Syst. 29, 5 (2007). Google ScholarDigital Library
- Technical Commission on Aviation, R. DO-178B. Tech. rep., Software Considerations in Airborne Systems and Equipment Certification, 1999.Google Scholar
- von der Beeck, M. A formal semantics of uml-rt. In Model Driven Engineering Languages and Systems, 9th International Conference, MoDELS 2006, Genova, Italy, October 1-6, 2006, Proceedings (2006), O.Nierstrasz, J. Whittle, D. Harel, and G. Reggio, Eds., vol. 4199 of LNCS, Springer, pp. 768--782. Google ScholarDigital Library
Index Terms
- Static analysis by abstract interpretation of embedded critical software
Recommendations
Interval analysis of microcontroller code using abstract interpretation of hardware and software
SCOPES '10: Proceedings of the 13th International Workshop on Software & Compilers for Embedded SystemsStatic analysis is often performed on source code where intervals -- possibly the most widely used numeric abstract domain -- have successfully been used as a program abstraction for decades. Binary code on microcontroller platforms, however, is ...
Field-sensitive value analysis of embedded C programs with union types and pointer arithmetics
LCTES '06: Proceedings of the 2006 ACM SIGPLAN/SIGBED conference on Language, compilers, and tool support for embedded systemsWe propose a memory abstraction able to lift existing numerical static analyses to C programs containing union types, pointer casts, and arbitrary pointer arithmetics. Our framework is that of a combined points-to and data-value analysis. We abstract ...
Static program analysis of embedded executable assembly code
CASES '04: Proceedings of the 2004 international conference on Compilers, architecture, and synthesis for embedded systemsWe consider the problem of automatically checking if coding standards have been followed in the development of embedded applications. The problem arises from practical considerations because DSP chip manufacturers (in our case Texas Instruments) want ...
Comments