Improve Space Software Quality with POLYSPACE Aurore...
Transcript of Improve Space Software Quality with POLYSPACE Aurore...
Improve Space Software Quality with POLYSPACE Aurore Dupuis
1
SPACE SOFTWARE1
2
CNES – National Space Agency
Involved in systems characterized by :
• Space Constraints
• Innovation
• Technological Risk
Software is present everywhere in these systems.
Improve Space Software Quality with Polyspace
3
Space Software
2 major space software types :
• Embedded software
• Ground software
2 major software issues :
• Reliability
• Maintainability
Improve Space Software Quality with Polyspace
4
Software Assurance Quality
Based on ECSS/CNES referential
• ECSS-Q-ST-80 - Software product assurance
• Language specific coding standards
• Code analysis tools such as Polyspace
• Software quality team
Improve Space Software Quality with Polyspace
5
ANALYSIS CONTEXT 2
Software Quality Team Mission
Much more than code analysis
• Support to Quality Engineer
• Normalisation
• Analysis Tools Watch
• Code Analysis
• …
Improve Space Software Quality with Polyspace
7
Software Development Context
• Very few internal development
• Suppliers analyze the code they produce
Software Quality Team
Checks supplier code
(only the most critical ones)
Improve Space Software Quality with Polyspace
8
Software Quality Team Organization
Software Quality Team
ECSS – Q80 Analysis Tools(Polyspace, …)
CommunityContact
CNES project team
Quality Engineer
Software supplier
Improve Space Software Quality with Polyspace
9
POLYSPACE ANALYSIS3
Polyspace version and configuration
Polyspace version used is 2012a
Polyspace metrics is not used for security reason (no authentication service, code duplication)
later versions of Polyspace do support password protection of Polyspace metrics
Improve Space Software Quality with Polyspace
11
MISRA/JSF Rules
CNES coding rules match partially MISRA-C rules.
CNES only uses this function on recurrent embedded software in order to verify that the number of defects is not increasing.
JSF++ Rules are not checked with Polyspace yet. The comparison with CNES coding rules is still in progress.
Improve Space Software Quality with Polyspace
12
Bugs research
CNES principal use of Polyspace is dedicated to the bugs finding on embedded software and critical ground software.
Most of analyzed code is C code, the rest is C++ (which represents a large volume in terms of files).
Improve Space Software Quality with Polyspace
13
14
Bugs finding – Analyses 2010-2012
Improve Space Software Quality with Polyspace
14
29
5
Analyses
C
C++
1113858
327498
SLOC (source lines of code)
C
C++
Analysis process – Launch Context
Improve Space Software Quality with Polyspace
15
Software Quality Team
CNES project team
Software supplier
Delivery
Ask for analysis if needed
Analyse
Analysis process – Launch Polyspace
• Unit by unit analysis may be launched first if the development is not mature enough
• Global analysis
determining entry points
defining compiler options (little/big endian, …)
with the project team
Improve Space Software Quality with Polyspace
16
Analysis process – Analyze results
• Red points
Red points are almost always real bugs (except for task definition),
Such bugs are
communicated to the project team to be fixed ASAP (as soon as possible),
fixed locally to launch the analysis,
Each code modification is traced and included into the analysis report,
Improve Space Software Quality with Polyspace
17
Analysis process – Analyze results
• Grey points
Almost all grey points is linked to robustness,
Grey points not related to robustness are bounced to the project team,
Improve Space Software Quality with Polyspace
18
Analysis process – Analyze results
• Orange points
NIV and IDP are linked to memory access, these points are not verified by the software quality team.
o The hypothesis done is that the project team masters memory accesses. These points are almost never communicated to the project.
Other orange points are analyzed, only proved bugs and potential bugs are synthetized into the report and presented to the project team
o Software quality team has to argument and explain the need to correct these points, giving priority
Improve Space Software Quality with Polyspace
19
Analysis process – Analyze results
• Shared variables
Shared variables are identified byPolyspace and listed into the report
The project team has to check their use without concurrent access
o In some cases, this work is done by the software quality team if critical sections are well identified
Improve Space Software Quality with Polyspace
20
Analysis report
CNES has its own report template.
Result reports are generated using Polyspace. The generated tables are inserted into the CNES report.
Improve Space Software Quality with Polyspace
21
Metrics
• About 30 analyses with Polyspace between 2010 and 2012 and 6 analysis in 2013
• About 10 analysis led to bugs discovery
• Current bugs
Overflow
Cast
Improve Space Software Quality with Polyspace
22
CONCLUSION4
Conclusion
Embedded space software is critical, a bug can compromise a whole space mission.
CNES needs tools to analyze code in order to find residual bugs.
Polyspace has been successfully useful to find overflows and cast problems.
Improve Space Software Quality with Polyspace
24
Thanks for your attention
ContactAurore DUPUIS – [email protected]
25
Improve Space Software Quality with Polyspace
25