Improve Space Software Quality with POLYSPACE Aurore Dupuis 1 SPACE SOFTWARE CNES – National Space Agency Involved in systems characterized by : • Space Constraints • Innovation • Technological Risk Software is present everywhere in these systems. 3 Improve Space Software Quality with Polyspace Space Software 2 major space software types : • Embedded software • Ground software 2 major software issues : • Reliability • Maintainability 4 Improve Space Software Quality with Polyspace Software Assurance Quality Based on ECSS/CNES referential • ECSS-Q-ST-80 - Software product assurance • Language specific coding standards • Code analysis tools such as Polyspace • Software quality team 5 Improve Space Software Quality with Polyspace 2 ANALYSIS CONTEXT Software Quality Team Mission Much more than code analysis • Support to Quality Engineer • Normalisation • Analysis Tools Watch • Code Analysis • … 7 Improve Space Software Quality with Polyspace Software Development Context • Very few internal development • Suppliers analyze the code they produce Software Quality Team Checks supplier code (only the most critical ones) 8 Improve Space Software Quality with Polyspace Software Quality Team Organization Community Contact ECSS – Q80 Analysis Tools Software Quality Team Quality Engineer CNES project team Software supplier 9 Improve Space Software Quality with Polyspace (Polyspace, …) 3 POLYSPACE ANALYSIS Polyspace version and configuration Polyspace version used is 2012a Polyspace metrics is not used for security reason (no authentication service, code duplication) later versions of Polyspace do support password protection of Polyspace metrics 1 Improve Space Software Quality with 1 Polyspace MISRA/JSF Rules CNES coding rules match partially MISRA-C rules. CNES only uses this function on recurrent embedded software in order to verify that the number of defects is not increasing. JSF++ Rules are not checked with Polyspace yet. The comparison with CNES coding rules is still in progress. 1 Improve Space Software Quality with 2 Polyspace Bugs research CNES principal use of Polyspace is dedicated to the bugs finding on embedded software and critical ground software. Most of analyzed code is C code, the rest is C++ (which represents a large volume in terms of files). 1 Improve Space Software Quality with 3 Polyspace Bugs finding – Analyses 2010-2012 SLOC (source lines of code) Analyses 5 327498 C C++ C C++ 1113858 29 14 Improve Space Software Quality with Polyspace Analysis process – Launch Context Software supplier Delivery Software Quality Team Ask for analysis CNES project team if needed Analyse 1 Improve Space Software Quality with 5 Polyspace Analysis process – Launch Polyspace • Unit by unit analysis may be launched first if the development is not mature enough • Global analysis determining entry points defining compiler options (little/big endian, …) with the project team 1 Improve Space Software Quality with 6 Polyspace Analysis process – Analyze results • Red points Red points are almost always real bugs (except for task definition), Such bugs are communicated to the project team to be fixed ASAP (as soon as possible), fixed locally to launch the analysis, Each code modification is traced and included into the analysis report, 1 Improve Space Software Quality with 7 Polyspace Analysis process – Analyze results • Grey points Almost all grey points is linked to robustness, Grey points not related to robustness are bounced to the project team, 1 Improve Space Software Quality with 8 Polyspace Analysis process – Analyze results • Orange points NIV and IDP are linked to memory access, these points are not verified by the software quality team. o The hypothesis done is that the project team masters memory accesses. These points are almost never communicated to the project. Other orange points are analyzed, only proved bugs and potential bugs are synthetized into the report and presented to the project team o Software quality team has to argument and explain the need to correct these points, giving priority 1 Improve Space Software Quality with 9 Polyspace Analysis process – Analyze results • Shared variables Shared variables are identified byPolyspace and listed into the report The project team has to check their use without concurrent access o In some cases, this work is done by the software quality team if critical sections are well identified 2 Improve Space Software Quality with 0 Polyspace Analysis report CNES has its own report template. Result reports are generated using Polyspace. The generated tables are inserted into the CNES report. 2 Improve Space Software Quality with 1 Polyspace Metrics • About 30 analyses with Polyspace between 2010 and 2012 and 6 analysis in 2013 • About 10 analysis led to bugs discovery • Current bugs Overflow Cast 2 Improve Space Software Quality with 2 Polyspace 4 CONCLUSION Conclusion Embedded space software is critical, a bug can compromise a whole space mission. CNES needs tools to analyze code in order to find residual bugs. Polyspace has been successfully useful to find overflows and cast problems. 2 Improve Space Software Quality with 4 Polyspace Thanks for your attention Contact Aurore DUPUIS – aurore.dupuis@cnes.fr 25 Improve Space Software Quality with Polyspace
© Copyright 2024 Paperzz