Static Analysis of Embedded Systems
|
|
- Laurence Perkins
- 6 years ago
- Views:
Transcription
1 Static Analysis of Embedded Systems Xavier RIVAL
2 Outline Case study Certification of embedded softwares Demo Static Analysisof Embedded Systems p.2/12
3 Ariane 5 Flight 501 Ariane 5: sattelite launcher successor of Ariane 5, much more powerful higher payload capability first flight, June, 4th, 1996: failure failure report: History of the flight: take-off parameters nominal, normal flight during 36 seconds T s: loss of trajectory T + 39s: desintegration of the launcher What is the cause of this trajectory issue? Consequences: > $ loss of satellites launcher out of service (more than a year) Static Analysisof Embedded Systems p.3/12
4 Navigation system Sensors: gyroscopes, inertial units Computers (hardware + software): IRS (Inertial Reference System: integrates sensor data OBC (On Board Computer): computes the action to keep the trajectory correct Actuators: engines of the launcher Fault tolerant, redundant systems: two IRS units, but same software Static Analysisof Embedded Systems p.4/12
5 Analysis of the failure Resource problem: registers and memory were expensive... programming practice: reduce number of bits to be used e.g., cast 64 bits floating point numbers into signed 16 bits integers In case of an overflow: no local interruption catch (expensive) thus, computer crash + error code returned! Ariane 501 flight: arithmetic fault interuption in IRS computer illegal error code interpreted as regular flight data by OBC improper actions, thus loss of trajectory Static Analysisof Embedded Systems p.5/12
6 Other Considerations Redundant hardware: useless here all IRS units crashed in the same time in avionics: separate development chains (and teams) Irrelevant computations: faulty computation was irrelevant after take-off (gyroscopes recalibration; useful in the first few seconds only) shutting down a task was considered potentially dangerous Legacy software: the whole system had been used in Ariane 4 successfully, many times... but Ariane 5 was more powerful thus higher horizontal bias values... thus overflow Wrong assumptions, due to legacy software Static Analysisof Embedded Systems p.6/12
7 Embedded systems software failures Many cases: Families of bugs: runtime errors, and other safety problems functional bugs, e.g.: violation of liveness properties unstable control loop specification issues incorrect specifications, invalid specifications... beyond this lecture: what to do if the spec is wrong? user interface issues again, beyond this lecture... Static Analysisof Embedded Systems p.7/12
8 Outline Case study Certification of embedded softwares Demo Static Analysisof Embedded Systems p.8/12
9 Development Requirements Rigorous development requirements defined by norms, such as: DO-178 b for avionics ISO 26262, ARP 4754 for automotive industry High certification cost techniques to validate/certify software typically represent a huge cost: unit testing integration testing software maintenance: imposes more testing... Aeronautics, cost of an airplane: airframe: 1/3 engines: 1/3 softwares, avionics: 1/ % of which is testing, integration, validation, certification Static Analysisof Embedded Systems p.9/12
10 DO-178 B Principle Software levels, depending on level of criticality, e.g.: level A: a failure would cause a crash e.g., fly-by-wire software level C: a failure would cause crew overloading e.g., fly management computer level E: no effect on the safety of the flight e.g., IFE (entertainment software)... Software requirement, depending on level of criticality, e.g.: identification of possible failures, and evidence of correctness traceability absence of dead-code unit testing No technique imposed to meet those criteria... but choice based on efficiency in terms of cost/reliability Static Analysisof Embedded Systems p.10/12
11 Certifying Safety by Analysis Advantages of static analysis: lower cost, better confidence Safety: the software will not crash / cease to function: absence of runtime errors no crash, no violation of application specific constraints Astrée synchronous requirement, i.e., time constraint critical sections should take a bounded amount of time i.e., the software must be responsive recursion is forbidden Absint WCET analysis (Worst Case Execution Time) resource usage no dynamic memory allocation stack usage Absint stack analyzer Beyond safety, functional correctness: usually only testing... (challenge!) Static Analysisof Embedded Systems p.11/12
12 Outline Case study Certification of embedded softwares Demo Static Analysisof Embedded Systems p.12/12
Towards an industrial use of FLUCTUAT on safety-critical avionics software
Towards an industrial use of FLUCTUAT on safety-critical avionics software David Delmas 1, Eric Goubault 2, Sylvie Putot 2, Jean Souyris 1, Karim Tekkal 3 and Franck Védrine 2 1. Airbus Operations S.A.S.,
More informationStackAnalyzer Proving the Absence of Stack Overflows
StackAnalyzer Proving the Absence of Stack Overflows AbsInt GmbH 2012 2 Functional Safety Demonstration of functional correctness Well-defined criteria Automated and/or model-based testing Formal techniques:
More informationAutomatic Qualification of Abstract Interpretation-based Static Analysis Tools. Christian Ferdinand, Daniel Kästner AbsInt GmbH 2013
Automatic Qualification of Abstract Interpretation-based Static Analysis Tools Christian Ferdinand, Daniel Kästner AbsInt GmbH 2013 2 Functional Safety Demonstration of functional correctness Well-defined
More informationStatic Analysis by A. I. of Embedded Critical Software
Static Analysis by Abstract Interpretation of Embedded Critical Software Julien Bertrane ENS, Julien.bertrane@ens.fr Patrick Cousot ENS & CIMS, Patrick.Cousot@ens.fr Radhia Cousot CNRS & ENS, Radhia.Cousot@ens.fr
More informationSimulink 모델과 C/C++ 코드에대한매스웍스의정형검증툴소개 The MathWorks, Inc. 1
Simulink 모델과 C/C++ 코드에대한매스웍스의정형검증툴소개 2012 The MathWorks, Inc. 1 Agenda Formal Verification Key concept Applications Verification of designs against (functional) requirements Design error detection Test
More informationVerification and Test with Model-Based Design
Verification and Test with Model-Based Design Flight Software Workshop 2015 Jay Abraham 2015 The MathWorks, Inc. 1 The software development process Develop, iterate and specify requirements Create high
More informationAlexandre Esper, Geoffrey Nelissen, Vincent Nélis, Eduardo Tovar
Alexandre Esper, Geoffrey Nelissen, Vincent Nélis, Eduardo Tovar Current status MC model gradually gaining in sophistication Current status MC model gradually gaining in sophistication Issue Safety-related
More informationState of Practice. Automatic Verification of Embedded Control Software with ASTRÉE and beyond
Automatic Verification of Embedded Control Software with ASTRÉE and beyond Patrick Cousot Jerome C. Hunsaker Visiting Professor Department of Aeronautics and Astronautics, MIT cousot mit edu www.mit.edu/~cousot
More informationIntro to Proving Absence of Errors in C/C++ Code
Intro to Proving Absence of Errors in C/C++ Code Develop high quality embedded software Kristian Lindqvist Senior Pilot Engineer MathWorks 2016 The MathWorks, Inc. 1 The Cost of Failure Ariane 5: Overflow
More informationLeveraging Formal Methods for Verifying Models and Embedded Code Prashant Mathapati Application Engineering Group
Leveraging Formal Methods for Verifying Models and Embedded Code Prashant Mathapati Application Engineering Group 2014 The MathWorks, Inc. 1 The Cost of Failure News reports: Recall Due to ECU software
More informationABSTRACT INTERPRETATION
Master of Science in Engineering ABSTRACT INTERPRETATION Pascal Roman Artho, partho@hsr.ch Seminar Program Analysis and Transformation Rapperswil, January 7, 2015 Agenda Informal Example What is the idea
More informationA Multi-Modal Composability Framework for Cyber-Physical Systems
S5 Symposium June 12, 2012 A Multi-Modal Composability Framework for Cyber-Physical Systems Linh Thi Xuan Phan Insup Lee PRECISE Center University of Pennsylvania Avionics, Automotive Medical Devices Cyber-physical
More informationWhen Embedded Systems Attack. Unit 22. Therac-25. Therac-25. Embedded Failures. Embedded systems can fail for a variety of reasons
22.1 22.2 When Embedded Systems Attack Unit 22 Embedded Failures Embedded systems can fail for a variety of reasons Electrical problems Mechanical problems Errors in the programming Incorrectly specified
More informationCSE 403: Software Engineering, Fall courses.cs.washington.edu/courses/cse403/16au/ Unit Testing. Emina Torlak
CSE 403: Software Engineering, Fall 2016 courses.cs.washington.edu/courses/cse403/16au/ Unit Testing Emina Torlak emina@cs.washington.edu Outline Software quality control Effective unit testing Coverage
More informationGreats Bugs in History
Semidoctus, 23 November 2016 Semidoctus, 23 November 2016 1 / 1/ Plan 1 Introduction: what s a bug? 2 The Y2K Bug 3 The case of Ariane 5 4 Heartbleed 5 The Intel Division Bug 6 500-mile emails 7 Conclusion
More informationFrom Design to Production
From Design to Production An integrated approach Paolo Fabbri Senior Engineer 2014 The MathWorks, Inc. 1 Do you know what it is? Requirements System Test Functional Spec Integration Test Detailed Design
More informationCertification Authorities Software Team (CAST) Position Paper CAST-25
Certification Authorities Software Team (CAST) Position Paper CAST-25 CONSIDERATIONS WHEN USING A QUALIFIABLE DEVELOPMENT ENVIRONMENT (QDE) IN CERTIFICATION PROJECTS COMPLETED SEPTEMBER 2005 (Rev 0) NOTE:
More informationLeveraging Formal Methods Based Software Verification to Prove Code Quality & Achieve MISRA compliance
Leveraging Formal Methods Based Software Verification to Prove Code Quality & Achieve MISRA compliance Prashant Mathapati Senior Application Engineer MATLAB EXPO 2013 The MathWorks, Inc. 1 The problem
More informationStatic Analysis and Verification of Aerospace Software
Static Analysis and Verification of Aerospace Software by Abstract Interpretation joint work with: Patrick Cousot Julien Bertrane and Radhia Cousot École normale supérieure, Paris Patrick Cousot, Courant
More informationOverall Structure of RT Systems
Course Outline Introduction Characteristics of RTS Real Time Operating Systems (RTOS) OS support: scheduling, resource handling Real Time Programming Languages Language support, e.g. Ada tasking Scheduling
More informationRegression testing. Whenever you find a bug. Why is this a good idea?
Regression testing Whenever you find a bug Reproduce it (before you fix it!) Store input that elicited that bug Store correct output Put into test suite Then, fix it and verify the fix Why is this a good
More information18-642: Requirements
18-642: Requirements 2/12/2018 "In spite of appearances, people seldom know what they want until you give them what they ask for. " - Gerald M. Weinberg - Donald Gause and Gerald Weinberg, Are Your Lights
More informationStatic analysis of concurrent avionics software
Static analysis of concurrent avionics software with AstréeA Workshop on Static Analysis of Concurrent Software David Delmas Airbus 11 September 2016 Agenda 1 Industrial context Avionics software Formal
More informationThe do s and don ts of error handling. Joe Armstrong
The do s and don ts of error handling Joe Armstrong A system is fault tolerant if it continues working even if something is wrong Work like this is never finished it s always in-progress Hardware can fail
More informationStatic Analysis in C/C++ code with Polyspace
1 Static Analysis in C/C++ code with Polyspace Yongchool Ryu Application Engineer gary.ryu@mathworks.com 2016 The MathWorks, Inc. 2 Agenda Efficient way to find problems in Software Category of Static
More informationSteps for project success. git status. Milestones. Deliverables. Homework 1 submitted Homework 2 will be posted October 26.
git status Steps for project success Homework 1 submitted Homework 2 will be posted October 26 due November 16, 9AM Projects underway project status check-in meetings November 9 System-building project
More informationCIS 890: Safety Critical Systems
CIS 890: Safety Critical Systems Lecture: SPARK -- Analysis Tools Copyright 2007, John Hatcliff. The syllabus and all lectures for this course are copyrighted materials and may not be used in other course
More informationWho is our rival? Upcoming. Testing. Ariane 5 rocket (1996) Ariane 5 rocket 3/8/18. Real programmers need no testing!
Upcoming Homework 3 posted; due March 22 Literature review due March 20 Testing Paper presentation instructions posted: http://people.cs.umass.edu/~brun/class/2018spring/cs621/paperpresentation/paperpresentation.pdf
More informationAdvanced practical Programming for Scientists
Advanced practical Programming for Scientists Thorsten Koch Zuse Institute Berlin TU Berlin SS2017 The Zen of Python, by Tim Peters (Part 2) There should be one-- and preferably only one --obvious way
More informationSafety Manual. for ait, Astrée, StackAnalyzer. AbsInt Angewandte Informatik GmbH
Safety Manual for ait, Astrée, StackAnalyzer AbsInt Angewandte Informatik GmbH info@absint.com www.absint.com Date: November 2, 2017 Status: Final Baseline: Revision: 279525 Copyright notice: AbsInt Angewandte
More informationAutomated Freedom from Interference Analysis for Automotive Software
Automated Freedom from Interference Analysis for Automotive Software Florian Leitner-Fischer ZF TRW 78315 Radolfzell, Germany Email: florian.leitner-fischer@zf.com Stefan Leue Chair for Software and Systems
More informationSafety Architecture Patterns
Tutorial: Safety Architecture Patterns Philip Koopman, Ph.D. These tutorials are a simplified introduction, and are not sufficient on their own to achieve system safety. You are responsible for the safety
More informationAstréeA From Research To Industry
AstréeA From Research To Industry Dr.-Ing. Stephan Wilhelm, AbsInt GmbH Workshop on Static Analysis of Concurrent Software Edinburgh, 2016 2 AbsInt Angewandte Informatik GmbH Provides advanced development
More informationPattern-Based Analysis of an Embedded Real-Time System Architecture
Pattern-Based Analysis of an Embedded Real-Time System Architecture Peter Feiler Software Engineering Institute phf@sei.cmu.edu 412-268-7790 Outline Introduction to SAE AADL Standard The case study Towards
More informationWidening Operator. Fixpoint Approximation with Widening. A widening operator 2 L ˆ L 7``! L is such that: Correctness: - 8x; y 2 L : (y) v (x y)
EXPERIENCE AN INTRODUCTION WITH THE DESIGN TOF A SPECIAL PURPOSE STATIC ANALYZER ABSTRACT INTERPRETATION P. Cousot Patrick.Cousot@ens.fr http://www.di.ens.fr/~cousot Biarritz IFIP-WG 2.3 2.4 meeting (1)
More informationDeveloping AUTOSAR Compliant Embedded Software Senior Application Engineer Sang-Ho Yoon
Developing AUTOSAR Compliant Embedded Software Senior Application Engineer Sang-Ho Yoon 2015 The MathWorks, Inc. 1 Agenda AUTOSAR Compliant Code Generation AUTOSAR Workflows Starting from Software Component
More informationCS 520 Theory and Practice of Software Engineering Fall 2018
CS 520 Theory and Practice of Software Engineering Fall 2018 Nediyana Daskalova Monday, 4PM CS 151 Debugging October 30, 2018 Personalized Behavior-Powered Systems for Guiding Self-Experiments Help me
More informationIncreasing Design Confidence Model and Code Verification
Increasing Design Confidence Model and Code Verification 2017 The MathWorks, Inc. 1 The Cost of Failure Ariane 5 $7,500,000,000 Rocket & payload lost 2 The Cost of Failure USS Yorktown 0 Knots Top speed
More informationSemantics and Validation Lecture 1. Informal Introduction
Semantics and Validation Lecture 1. Informal Introduction Laboratoire Modélisation et Analyse de Systèmes en Interaction, CEA-LIST and Ecole Polytechnique Eric Goubault and Sylvie Putot November 26, 2013
More informationModel-Based Design for Safety Critical Automotive Applications
Model-Based Design for Safety Critical Automotive Applications Mirko Conrad Senior Team Lead Simulink Certification and Standards 2008 The MathWorks, Inc. Model-Based Design for Safety-Critical Applications
More informationCDA 5140 Software Fault-tolerance. - however, reliability of the overall system is actually a product of the hardware, software, and human reliability
CDA 5140 Software Fault-tolerance - so far have looked at reliability as hardware reliability - however, reliability of the overall system is actually a product of the hardware, software, and human reliability
More informationIncreasing Embedded Software Confidence Model and Code Verification. Daniel Martins Application Engineer MathWorks
Increasing Embedded Software Confidence Model and Code Verification Daniel Martins Application Engineer MathWorks Daniel.martins@mathworks.fr 1 What is the Cost of Software Failure Ariane 5 $7,500,000,000
More informationFormal verification of floating-point arithmetic at Intel
1 Formal verification of floating-point arithmetic at Intel John Harrison Intel Corporation 6 June 2012 2 Summary Some notable computer arithmetic failures 2 Summary Some notable computer arithmetic failures
More informationSoftware Verification and Validation (VIMMD052) Introduction. Istvan Majzik Budapest University of Technology and Economics
Software Verification and Validation (VIMMD052) Introduction Istvan Majzik majzik@mit.bme.hu Budapest University of Technology and Economics Dept. of Measurement and Information s Budapest University of
More informationRelational Abstract Domains for the Detection of Floating-Point Run-Time Errors
ESOP 2004 Relational Abstract Domains for the Detection of Floating-Point Run-Time Errors Antoine Miné École Normale Supérieure Paris FRANCE This work was partially supported by the ASTRÉE RNTL project
More informationSemantic Analysis. Outline. The role of semantic analysis in a compiler. Scope. Types. Where we are. The Compiler Front-End
Outline Semantic Analysis The role of semantic analysis in a compiler A laundry list of tasks Scope Static vs. Dynamic scoping Implementation: symbol tables Types Static analyses that detect type errors
More informationVerification & Validation of Open Source
Verification & Validation of Open Source 2011 WORKSHOP ON SPACECRAFT FLIGHT SOFTWARE Gordon Uchenick Coverity, Inc Open Source is Ubiquitous Most commercial and proprietary software systems have some open
More informationCSC313 High Integrity Systems/CSCM13 Critical Systems. CSC313/CSCM13 Chapter 1 1/ 38
CSC313 High Integrity Systems/CSCM13 Critical Systems CSC313/CSCM13 Chapter 1 1/ 38 CSC313 High Integrity Systems/ CSCM13 Critical Systems Course Notes Chapter 1: Programming Languages for Writing Safety-Critical
More informationCSE 403: Software Engineering, Fall courses.cs.washington.edu/courses/cse403/16au/ Static Analysis. Emina Torlak
CSE 403: Software Engineering, Fall 2016 courses.cs.washington.edu/courses/cse403/16au/ Static Analysis Emina Torlak emina@cs.washington.edu Outline What is static analysis? How does it work? Free and
More informationDon t Be the Developer Whose Rocket Crashes on Lift off LDRA Ltd
Don t Be the Developer Whose Rocket Crashes on Lift off 2015 LDRA Ltd Cost of Software Defects Consider the European Space Agency s Ariane 5 flight 501 on Tuesday, June 4 1996 Due to an error in the software
More informationA Byzantine Fault-Tolerant Key-Value Store for Safety-Critical Distributed Real-Time Systems
Work in progress A Byzantine Fault-Tolerant Key-Value Store for Safety-Critical Distributed Real-Time Systems December 5, 2017 CERTS 2017 Malte Appel, Arpan Gujarati and Björn B. Brandenburg Distributed
More informationSAE AS5643 and IEEE1394 Deliver Flexible Deterministic Solution for Aerospace and Defense Applications
SAE AS5643 and IEEE1394 Deliver Flexible Deterministic Solution for Aerospace and Defense Applications Richard Mourn, Dap USA Inc. AS5643 coupled with IEEE-1394 Asynchronous Stream capability provides
More informationOverview of Potential Software solutions making multi-core processors predictable for Avionics real-time applications
Overview of Potential Software solutions making multi-core processors predictable for Avionics real-time applications Marc Gatti, Thales Avionics Sylvain Girbal, Xavier Jean, Daniel Gracia Pérez, Jimmy
More informationImplementation and Verification Daniel MARTINS Application Engineer MathWorks
Implementation and Verification Daniel MARTINS Application Engineer MathWorks Daniel.Martins@mathworks.fr 2014 The MathWorks, Inc. 1 Agenda Benefits of Model-Based Design Verification at Model level Code
More informationVerification and Validation of Models for Embedded Software Development Prashant Hegde MathWorks India Pvt. Ltd.
Verification and Validation of Models for Embedded Software Development Prashant Hegde MathWorks India Pvt. Ltd. 2015 The MathWorks, Inc. 1 Designing complex systems Is there something I don t know about
More informationEXPERIENCES FROM MODEL BASED DEVELOPMENT OF DRIVE-BY-WIRE CONTROL SYSTEMS
EXPERIENCES FROM MODEL BASED DEVELOPMENT OF DRIVE-BY-WIRE CONTROL SYSTEMS Per Johannessen 1, Fredrik Törner 1 and Jan Torin 2 1 Volvo Car Corporation, Department 94221, ELIN, SE-405 31 Göteborg, SWEDEN;
More informationSOFTWARE QUALITY OBJECTIVES FOR SOURCE CODE
Software Quality Objectives Page 1/21 Version 2.0 SOFTWARE QUALITY OBJECTIVES FOR SOURCE CODE The MathWorks 2 rue de Paris 92196 Meudon France 01 41 14 87 00 http://www.mathworks.fr Revision table Index
More informationThe role of semantic analysis in a compiler
Semantic Analysis Outline The role of semantic analysis in a compiler A laundry list of tasks Scope Static vs. Dynamic scoping Implementation: symbol tables Types Static analyses that detect type errors
More informationIntroduction to Real-time Systems. Advanced Operating Systems (M) Lecture 2
Introduction to Real-time Systems Advanced Operating Systems (M) Lecture 2 Introduction to Real-time Systems Real-time systems deliver services while meeting some timing constraints Not necessarily fast,
More informationDistributed Systems (ICE 601) Fault Tolerance
Distributed Systems (ICE 601) Fault Tolerance Dongman Lee ICU Introduction Failure Model Fault Tolerance Models state machine primary-backup Class Overview Introduction Dependability availability reliability
More informationCS 161 Computer Security. Security Throughout the Software Development Process
Popa & Wagner Spring 2016 CS 161 Computer Security 1/25 Security Throughout the Software Development Process Generally speaking, we should think of security is an ongoing process. For best results, it
More informationFault Tolerance. Distributed Software Systems. Definitions
Fault Tolerance Distributed Software Systems Definitions Availability: probability the system operates correctly at any given moment Reliability: ability to run correctly for a long interval of time Safety:
More informationExamples of Code Roaches. First Draft List Cem Kaner September 11, 2005
Examples of Code Roaches First Draft List Cem Kaner September 11, 2005 Why a Potential-Bug List? Given a potential error, you can develop a method to test for it Foundation for Code inspections Glass box
More informationObject Oriented Programming Exception Handling
Object Oriented Programming Exception Handling Budditha Hettige Department of Computer Science Programming Errors Types Syntax Errors Logical Errors Runtime Errors Syntax Errors Error in the syntax of
More informationCPSC 427: Object-Oriented Programming
CPSC 427: Object-Oriented Programming Michael J. Fischer Lecture 20 November 12, 2018 CPSC 427, Lecture 20, November 12, 2018 1/26 Rethrowing Exceptions Uncaught Exceptions Singleton Design Pattern Smart
More informationThe University of Iowa Fall CS:5810 Formal Methods in Software Engineering. Introduction
The University of Iowa Fall 2017 CS:5810 Formal Methods in Software Engineering Introduction Copyright 2017, Cesare Tinelli, Pierre-Loïc Garoche, Reiner Hänle, Steven Miller These notes are copyrighted
More informationSCADE. SCADE Suite Tailored for Critical Applications EMBEDDED SOFTWARE
EMBEDDED SOFTWARE SCADE SCADE Suite 19.2 SCADE Suite is part of the ANSYS Embedded Software product line, which empowers users with a Model-Based Development Environment for critical embedded software.
More informationModel-Based Design for High Integrity Software Development Mike Anthony Senior Application Engineer The MathWorks, Inc.
Model-Based Design for High Integrity Software Development Mike Anthony Senior Application Engineer The MathWorks, Inc. Tucson, AZ USA 2009 The MathWorks, Inc. Model-Based Design for High Integrity Software
More information5) I want to get this done fast, testing is going to slow me down.
Testing Real Programmers need no Testing! The Top Five List 5) I want to get this done fast, testing is going to slow me down. 4) I started programming when I was 2. Don t insult me by testing my perfect
More informationCPSC 427: Object-Oriented Programming
CPSC 427: Object-Oriented Programming Michael J. Fischer Lecture 22 November 28, 2016 CPSC 427, Lecture 22 1/43 Exceptions (continued) Code Reuse Linear Containers Ordered Containers Multiple Inheritance
More informationReal-Time Component Software. slide credits: H. Kopetz, P. Puschner
Real-Time Component Software slide credits: H. Kopetz, P. Puschner Overview OS services Task Structure Task Interaction Input/Output Error Detection 2 Operating System and Middleware Application Software
More informationSafety Assurance in Software Systems From Airplanes to Atoms
Safety Assurance in Software Systems From Airplanes to Atoms MDEP Conference on New Reactor Design Activities Session Digital I&C: Current & Emerging Technical Challenges September 07 Dr. Darren Cofer
More informationPart 5. Verification and Validation
Software Engineering Part 5. Verification and Validation - Verification and Validation - Software Testing Ver. 1.7 This lecture note is based on materials from Ian Sommerville 2006. Anyone can use this
More informationTest and Evaluation of Autonomous Systems in a Model Based Engineering Context
Test and Evaluation of Autonomous Systems in a Model Based Engineering Context Raytheon Michael Nolan USAF AFRL Aaron Fifarek Jonathan Hoffman 3 March 2016 Copyright 2016. Unpublished Work. Raytheon Company.
More informationHierarchical Shape Abstraction of Dynamic Structures in Static Blocks
Hierarchical Shape Abstraction of Dynamic Structures in Static Blocks Pascal Sotin and Xavier Rival INRIA 4 novembre 2013 P. Sotin, X. Rival (INRIA) Hierarchical Shape Abstraction 4 novembre 2013 1 / 29
More informationJay Abraham 1 MathWorks, Natick, MA, 01760
Jay Abraham 1 MathWorks, Natick, MA, 01760 Stringent performance requirements and shorter development cycles are driving the use of modeling and simulation. Model-Based Design core of this development
More informationCOMPLEX EMBEDDED SYSTEMS
COMPLEX EMBEDDED SYSTEMS Embedded System Design and Architectures Summer Semester 2012 System and Software Engineering Prof. Dr.-Ing. Armin Zimmermann Contents System Design Phases Architecture of Embedded
More informationSoftware Quality. What is Good Software?
Software Quality CS A470 What is Good Software? Depends on your point of view Five perspectives Transcendental view. Quality can be recognized but hard to define User view. Fitness for purpose Often adopted
More informationIN4343 Real-Time Systems
IN4343 Real-Time Systems Koen Langendoen, TA (TBD) 2017-2018 Delft University of Technology Challenge the future Course outline Real-time systems Lectures theory instruction Exam Reinder Bril TU/e Practicum
More informationDependability and real-time. TDDD07 Real-time Systems. Where to start? Two lectures. June 16, Lecture 8
TDDD7 Real-time Systems Lecture 7 Dependability & Fault tolerance Simin Nadjm-Tehrani Real-time Systems Laboratory Department of Computer and Information Science Dependability and real-time If a system
More informationFundamentals: Software Engineering. Objectives. Last lectures. Unit 2: Light Introduction to Requirements Engineering
Fundamentals: Software Engineering Dr. Rami Bahsoon School of Computer Science University of Birmingham r.bahsoon@cs.bham.ac.uk Unit 2: Light Introduction to Requirements Engineering Dr R Bahsoon 1 Objectives
More informationUnderstanding Undefined Behavior
Session Developer Tools #WWDC17 Understanding Undefined Behavior 407 Fred Riss, Clang Team Ryan Govostes, Security Engineering and Architecture Team Anna Zaks, Program Analysis Team 2017 Apple Inc. All
More informationSECURE PROGRAMMING A.A. 2018/2019
SECURE PROGRAMMING A.A. 2018/2019 INTEGER SECURITY SECURITY FLAWS The integers are formed by the natural numbers including 0 (0, 1, 2, 3,...) together with the negatives of the nonzero natural numbers
More informationChapter 17 - Component-based software engineering. Chapter 17 So-ware reuse
Chapter 17 - Component-based software engineering 1 Topics covered ² Components and component models ² CBSE processes ² Component composition 2 Component-based development ² Component-based software engineering
More informationSWITCHED ETHERNET TESTING FOR AVIONICS APPLICATIONS. Ken Bisson Troy Troshynski
SWITCHED ETHERNET TESTING FOR AVIONICS APPLICATIONS Ken Bisson Troy Troshynski 2007 Switched Ethernet is being implemented as an avionics communication architecture. A commercial standard (ARINC-664) and
More informationOpportunities and Obstacles to Using Static Analysis for the Development of Safety-Critical Software
Copyright 2006 Rockwell Collins, Inc. All right reserved. Opportunities and Obstacles to Using Static Analysis for the Development of Safety-Critical Software Safety-Critical Business Case FAA: use of
More informationProgramming Embedded Systems
Programming Embedded Systems Lecture 10 An introduction to Lustre Wednesday Feb 15, 2012 Philipp Rümmer Uppsala University Philipp.Ruemmer@it.uu.se 1/34 Course topic: programming lang. Which language to
More informationScientific Computing. Error Analysis
ECE257 Numerical Methods and Scientific Computing Error Analysis Today s s class: Introduction to error analysis Approximations Round-Off Errors Introduction Error is the difference between the exact solution
More informationAlgorithms in Systems Engineering IE172. Midterm Review. Dr. Ted Ralphs
Algorithms in Systems Engineering IE172 Midterm Review Dr. Ted Ralphs IE172 Midterm Review 1 Textbook Sections Covered on Midterm Chapters 1-5 IE172 Review: Algorithms and Programming 2 Introduction to
More informationAssertions. Assertions - Example
References: internet notes; Bertrand Meyer, Object-Oriented Software Construction; 11/13/2003 1 Assertions Statements about input to a routine or state of a class Have two primary roles As documentation,
More informationIncremental Functional Certification (IFC) on Integrated Modular Avionics (IMA)
IFC on IMA AMS/13/000584 ir 00 www.thalesgroup.com Incremental Functional Certification (IFC) on Integrated Modular Avionics (IMA) WICERT Grenoble March 22, 2013 Franck Aimé Bottom-Up Based 2 / Context
More informationSemantic Analysis. Outline. The role of semantic analysis in a compiler. Scope. Types. Where we are. The Compiler so far
Outline Semantic Analysis The role of semantic analysis in a compiler A laundry list of tasks Scope Static vs. Dynamic scoping Implementation: symbol tables Types Statically vs. Dynamically typed languages
More informationVerification of Real-Time Systems Resource Sharing
Verification of Real-Time Systems Resource Sharing Jan Reineke Advanced Lecture, Summer 2015 Resource Sharing So far, we have assumed sets of independent tasks. However, tasks may share resources to communicate
More informationOnboard Data Handling. Gert Caspersen Terma A/S
Onboard Data Handling Gert Caspersen Terma A/S gec@terma.com Objectives Introduction of onboard data handling concepts and characteristics What Will be Said S Satellite Elements S Characteristics S Purpose
More informationIntroduction to Real-Time Communications. Real-Time and Embedded Systems (M) Lecture 15
Introduction to Real-Time Communications Real-Time and Embedded Systems (M) Lecture 15 Lecture Outline Modelling real-time communications Traffic and network models Properties of networks Throughput, delay
More informationAn Introduction to Lustre
An Introduction to Lustre Monday Oct 06, 2014 Philipp Rümmer Uppsala University Philipp.Ruemmer@it.uu.se 1/35 ES Programming languages Which language to write embedded software in? Traditional: low-level
More informationReaching for the sky with certified and safe solutions for the aerospace market
www.tttech.com/aerospace Reaching for the sky with certified and safe solutions for the aerospace market More about our certified and safe products inside Advancing safe technologies, improving human lives
More informationA program execution is memory safe so long as memory access errors never occur:
A program execution is memory safe so long as memory access errors never occur: Buffer overflows, null pointer dereference, use after free, use of uninitialized memory, illegal free Memory safety categories
More informationSCADE. SCADE Architect System Requirements Analysis EMBEDDED SOFTWARE
EMBEDDED SOFTWARE SCADE SCADE Architect 19.2 SCADE Architect is part of the ANSYS Embedded Software family of products and solutions, which gives you a design environment for systems with high dependability
More informationCertification Requirements for High Assurance Systems
for High Assurance Systems Gordon M. Uchenick Senior Mentor/Principal Engineer Objective Interface Systems, Inc. and W. Mark Vanfleet Senior Cryptologic Mathematician/ Senior INFOSEC Analyst National Security
More information