1 / 8

Short/mid/long term requirements for the static analysis of avionics programs

This seminar presented by Jean Souyris from Airbus France S.A.S. discusses the short, mid, and long-term requirements for static analysis of avionics programs. Topics covered include process-based assurance, product-based assurance, scalability, precision, and practical processes of the future. The seminar emphasizes the importance of proven software development processes, such as DO178B conformance, and the incorporation of static analyzers like Astrée, Fluctuat, aiV, aiT, and Stackanalyzer in the development cycle. The presentation introduces the concept of Product-based Assurance as a new paradigm for ensuring software safety through proof of required properties and executability validation. The seminar also delves into translating formal properties into software development, synchronization properties, memory protection, and the future steps needed for a full Product-based Assurance integration.

elaine
Download Presentation

Short/mid/long term requirements for the static analysis of avionics programs

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Dagstuhl Seminar 08161 Scalable Program Analysis Presented by Jean Souyris Airbus France S.A.S. Short/mid/long term requirements for the static analysis of avionics programs

  2. Overview Process based assurance Product based Assurance Scalability and Precision Towards the Product based Assurance Practical process of the future

  3. Process based Assurance Process based assurance = current DO178B conforming process Confidence in the software product comes from the fact that it has been rigorously developed (DO178B conforming process). A single activity never proves anything. It’s the conjunction of several activities that ensures the safety of a software product and the compliance to its specifications. Certification authorities check the conformity to DO178B.

  4. Static Analyzers in the development Cycle Astrée, Fluctuat (R&T) aiV, aiT, Stackanalyzer Specification Validation level checks Software architecture Integration Verification Caveat (IP, R&T), Frama-C, aiV, aiT, Stackanalyzer LL requirements Unit Verification Automatic Coding Caveat (UP), Frama-C, Fluctuat aiV, aiT, Stackanalyzer Code Frama-C Translation Validation (R&T) Executable

  5. (Ideal) Product based Assurance Product based Assurance = new paradigm Confidence of the software product is based on the proof of required properties (or specifications) Proof of “Executability” : absence of RTE, satisfaction of timing constraints (based on WCET safe computation), same for memory usage, absence of deadlocks, race conditions, etc. Proof of user-defined properties: during software development formal properties are assigned to the software product at specification or design time. Translation Validation: proof of the last two step of the Model based Development, i.e., SCADE to source code and source code to binary code translation validation.

  6. Ideal Product based Assurance is not for tomorrow Scalability and Precision Specialisation to a pair (family of programs, class of properties) Families of programs: sequential, synchronous with floating-point calculus, asynchronous Classes of properties: see previous slide Current/short term application of the Product based Assurance paradigm Proof of executability on sequential and synchronous programs. Proof of user-defined properties on “small pieces” (Unit Proof*) of a sequential program. Translation Validation C code to PowerPC binary code * Unit Proof = WP based proofs on C functions individually.

  7. Next steps towards the Product based Assurance (mid term) Proof of Executability on asynchronous programs Absence of Run Time Errors (Thésée). Synchronisation properties like absence of deadlocks, WCET computation of tasks made for running on top an OS. Schedulability analysis (?). Memory protection (a process’ thread does not access another process’ memory space). Proof of user-defined properties on sequential programs On bigger “completely” formally specified program pieces. On a whole sequential program if limited number of formalised safety properties (?). Translation Validation: SCADE to source code (?) ‘?’: Only ideas; research work did not start

  8. Full Product based Assurance is unrealistic (long term) Rigorous development process and dynamic analysis (tests) will always be necessary. Practical process will mix: Process and Product based assurances. Static and dynamic analyses.

More Related