Analyze This! Sound Static Analysis for Integration Verification of Large-Scale Automotive Software Absint Angewandte Informatik Gmbh

Format:

Book

Conference/Event

Author/Creator:

Kaestner, Kaestner, author.

Contributor:

Ferdinand, Christian

Mauborgne, Laurent

Schlund, Maximilian

Schmidt, Bernard

Wilhelm, Stephan

Conference Name:

WCX SAE World Congress Experience (2019-04-09 : Detroit, Michigan, United States)

Language:

English

Physical Description:

1 online resource cm

Place of Publication:

Warrendale, PA SAE International 2019

Summary:

AbstractSafety-critical embedded software has to satisfy stringent quality requirements. One such requirement, imposed by all contemporary safety standards, is that no critical run-time errors must occur. Runtime errors can be caused by undefined or unspecified behavior of the programming language; examples are buffer overflows or data races. They may cause erroneous or erratic behavior, induce system failures, and constitute security vulnerabilities. A sound static analyzer reports all such defects in the code, or proves their absence. Sound static program analysis is a verification technique recommended by ISO/FDIS 26262 for software unit verification and for the verification of software integration. In this article we propose an analysis methodology that has been implemented with the static analyzer Astrée. It supports quick turn-around times and gives highly precise whole-program results. We give an overview of the key concepts of Astrée that enable it to efficiently handle large-scale code, and describe a pre-analysis which transforms the source code to make it better amenable to static analysis. The experimental results confirm that sound static analysis can be successfully applied for integration verification of large-scale automotive software

Notes:

Vendor supplied data

Publisher Number:

2019-01-1246

Access Restriction:

Restricted for use by site license