Simulink 모델과 C/C++ 코드에대한매스웍스의정형검증툴소개 The MathWorks, Inc. 1

Similar documents
Leveraging Formal Methods for Verifying Models and Embedded Code Prashant Mathapati Application Engineering Group

Formal Verification of Models and Code Prashant Mathapati Application Engineer Polyspace & Model Verification

Verification and Test with Model-Based Design

Verification and Validation of Models for Embedded Software Development Prashant Hegde MathWorks India Pvt. Ltd.

Model-Based Design for High Integrity Software Development Mike Anthony Senior Application Engineer The MathWorks, Inc.

Developing AUTOSAR Compliant Embedded Software Senior Application Engineer Sang-Ho Yoon

Standardkonforme Absicherung mit Model-Based Design

Intro to Proving Absence of Errors in C/C++ Code

Using Model-Based Design in conformance with safety standards

Jay Abraham 1 MathWorks, Natick, MA, 01760

Implementation and Verification Daniel MARTINS Application Engineer MathWorks

Utilisation des Méthodes Formelles Sur le code et sur les modèles

Automated Requirements-Based Testing

Automating Best Practices to Improve Design Quality

Static Analysis in C/C++ code with Polyspace

WHITE PAPER. 10 Reasons to Use Static Analysis for Embedded Software Development

Leveraging Formal Methods Based Software Verification to Prove Code Quality & Achieve MISRA compliance

Guidelines for deployment of MathWorks R2010a toolset within a DO-178B-compliant process

Model-Based Design for Safety-Critical and Mission-Critical Applications Bill Potter Technical Marketing April 17, 2008

Model-Based Design for Safety Critical Automotive Applications

Verification and Validation of High-Integrity Systems

Production Code Generation and Verification for Industry Standards Sang-Ho Yoon Senior Application Engineer

From Design to Production

2015 The MathWorks, Inc. 1

정형기법을활용한 AUTOSAR SWC 의구현확인및정적분석

On the Generation of Test Cases for Embedded Software in Avionics or Overview of CESAR

Simulink 를이용한 효율적인레거시코드 검증방안

Automatización de Métodos y Procesos para Mejorar la Calidad del Diseño

automatisiertensoftwaretests

Automating Best Practices to Improve Design Quality

18-642: Code Style for Compilers

Increasing Design Confidence Model and Code Verification

Automatic Qualification of Abstract Interpretation-based Static Analysis Tools. Christian Ferdinand, Daniel Kästner AbsInt GmbH 2013

Testing, Validating, and Verifying with Model-Based Design Phil Rottier

Architecture-driven development of Climate Control Software LMS Imagine.Lab Embedded Software Designer Siemens DF PL

Generating Industry Standards Production C Code Using Embedded Coder

IDE for medical device software development. Hyun-Do Lee, Field Application Engineer

Increasing Embedded Software Confidence Model and Code Verification. Daniel Martins Application Engineer MathWorks

Applications of Program analysis in Model-Based Design

Don t Be the Developer Whose Rocket Crashes on Lift off LDRA Ltd

Testen zur Absicherung automatisierter Transformationsschritte im Model-Based Design

Static Analysis by A. I. of Embedded Critical Software

Verification, Validation and Test in Model Based Design Manohar Reddy

Safety Manual. for ait, Astrée, StackAnalyzer. AbsInt Angewandte Informatik GmbH

GNAT Pro Innovations for High-Integrity Development

Program Verification. Aarti Gupta

Simulation-based Test Management and Automation Sang-Ho Yoon Senior Application Engineer

System Requirements & Platform Availability by Product for R2016b

Static program checking and verification

Formal Verification of Flight Control Applications along a Model- Based Development Process A Case Study

VectorCAST SP3 and Beyond

Verification and Validation Introducing Simulink Design Verifier

What s New with the MATLAB and Simulink Product Families. Marta Wilczkowiak & Coorous Mohtadi Application Engineering Group

Principles of Software Construction: Objects, Design, and Concurrency (Part 2: Designing (Sub )Systems)

Towards an industrial use of FLUCTUAT on safety-critical avionics software

Simulink for AUTOSAR: Best Practices

Testing. ECE/CS 5780/6780: Embedded System Design. Why is testing so hard? Why do testing?

Static Analysis methods and tools An industrial study. Pär Emanuelsson Ericsson AB and LiU Prof Ulf Nilsson LiU

Considerations in automotive embedded development Global Automotive Director Kiyo Uemura

Testing! Prof. Leon Osterweil! CS 520/620! Spring 2013!

StackAnalyzer Proving the Absence of Stack Overflows

A Model-Based Reference Workflow for the Development of Safety-Related Software

Hybrid Verification in SPARK 2014: Combining Formal Methods with Testing

Homework #3 CS2255 Fall 2012

SOFTWARE QUALITY OBJECTIVES FOR SOURCE CODE

CIS 890: Safety Critical Systems

Best Practices Process & Technology. Sachin Dhiman, Senior Technical Consultant, LDRA

MathWorks Products and Prices North America January 2018

Static Analysis of Embedded Systems

Green Hills Software, Inc.

Test and Evaluation of Autonomous Systems in a Model Based Engineering Context

Objectives. Chapter 19. Verification vs. validation. Topics covered. Static and dynamic verification. The V&V process

AstréeA From Research To Industry

DRYING CONTROL LOGIC DEVELOPMENT USING MODEL BASED DESIGN

ABSTRACT INTERPRETATION

By V-cubed Solutions, Inc. Page1. All rights reserved by V-cubed Solutions, Inc.

Certification Authorities Software Team (CAST) Position Paper CAST-25

Better than Hand Generating Highly Optimized Code using Simulink and Embedded Coder

Bounded Model Checking Of C Programs: CBMC Tool Overview

Verification & Validation of Open Source

Simulink Verification and Validation

Automatic Code Generation Technology Adoption Lessons Learned from Commercial Vehicle Case Studies

A Comparison of SPARK with MISRA C and Frama-C

Formal Verification for UML/SysML models

Ein Modell - viele Zielsysteme

Leveraging Formal Verification Throughout the Entire Design Cycle

IBM Rational Rhapsody

An incremental and multi-supplement compliant process for Autopilot development to make drones safer

SCADE. SCADE Suite Tailored for Critical Applications EMBEDDED SOFTWARE

Verification Overview Testing Theory and Principles Testing in Practice. Verification. Miaoqing Huang University of Arkansas 1 / 80

A3. Programming Languages for Writing Safety-Critical Software

AVS: A Test Suite for Automatically Generated Code

ISO compliant verification of functional requirements in the model-based software development process

ISO Compliant Automatic Requirements-Based Testing for TargetLink

Verifying source code

MathWorks Products and Prices International September 2016

Formal Verification in Aeronautics: Current Practice and Upcoming Standard. Yannick Moy, AdaCore ACSL Workshop, Fraunhofer FIRST

Manifest Safety and Security. Robert Harper Carnegie Mellon University

CSc 225 Algorithms and Data Structures I Case Studies

State of Practice. Automatic Verification of Embedded Control Software with ASTRÉE and beyond

Transcription:

Simulink 모델과 C/C++ 코드에대한매스웍스의정형검증툴소개 2012 The MathWorks, Inc. 1

Agenda Formal Verification Key concept Applications Verification of designs against (functional) requirements Design error detection Test generation Test coverage analysis Run-time error detection Proving the absence of run-time errors Formal methods in certifications 2

Formal Verification Example Example application of formal verification: Error detection in model and code Model: Simulink Design Verifier Code: Polyspace Code Verifier 3

Formal Verification Formal verification is mathematically rigorous procedures to search through the possible execution paths of your model for design errors, test cases and counterexamples. (Simulink Design Verifier homepage) act of proving or disproving the correctness of intended algorithms underlying a system with respect to a certain formal specification or property, using formal methods of mathematics.: (Wikipedia)? 4

What are the key formal verification concepts? 5

Testing vs. Formal Verification Illustration Design Space * * * * * * **** **** * * * * * ** * TESTING Design Space FORMAL VERIFICATION (Ideal case) Design Space FORMAL VERIFICATION* (Real-world) Point coverage through simulation Complete coverage of design space (formal proof) Real-world application of formal verification * Source: Erik Seligman, Formal Verification An Overview 6

Formal Verification Process Improve algorithm, or requirements 3 Functional and Non-Functional Requirement 1 Formal Property 2 Algorithm (System) Formal model (System) Formal Methods Engine informal formal 7

What are applications of formal verification today? 8

Applications Today Verification of designs against functional requirements Design error detection Test generation Test coverage analysis Run-time error detection Proving the absence of runtime errors 9

Verification of Designs Against Requirements 10

Verification of Designs Against Requirements Algorithm ( System) Simulink Design Verifier Verification Model V1.0 V2.0 V3.0 Design Verifier Properties (Requirements) 11

Examples of Formalized Requirements Explicit descriptions of required behavior functional or safety requirement Primitive: Objectives, proofs Invariant: A > B => C=0 Temporal: A > B for 10 time steps => C=0 within 5 time steps Complex, state-based Stateflow, MATLAB functions Example invariant: Always identical, for every time step, including initialization, all modes of operation 12

Design Error Detection 13

Design Error Detection Simulink Design Verifier Automated detection of hard-to find errors: Integer overflow Division by zero Dead logic Assertion violation Range violation Results displayed on the model including data values For each error* a test vector is generated for root-cause analysis in simulation Overflow and division by zero detection Range violation in R2011b *Where applicable 14

Test Generation 15

Generating Tests for Functional Requirements Must Do (Test Case) Must demonstrate opening and closing the valve when [Condition] 16

Test Coverage Analysis 17

Model Coverage Testing Generate Tests Simulink Design Verifier Measure Coverage in Simulation Simulink Verification and Validation Formal Verification Simulation 18

Model Coverage Analysis Measure of Test Completeness Execution analysis Based on the model structure Dynamic data collected during simulation Coverage results Displayed directly in the model Available in a separate html report linked with the model objects Supports: Simulink Stateflow Embedded MATLAB Decision coverage Condition coverage MC/DC Lookup table coverage Signal range coverage Supported coverage types 19

Run-Time Error Detection 20

Augmenting Static Code Analysis with Formal Methods Static code analysis scan source code to automate verification Range from unsound methods to sound techniques high sophistication Formal methods Sound proof based techniques, applied to source code Can show SW is robust for wide operating conditions Bug finding Pattern matching, heuristics, data/control flow low Compiler warnings Incompatible type detection, etc. 21

Polyspace Formal Methods based Static Code Analysis Exhaustively verify code Detect and prove absence of runtime errors Precisely determines and propagates variable ranges Languages supported C, C++, and Ada Verify SW robustness Analyze for full range operating conditions OR Specified ranges of parameters and inputs 22

Example: Finding a Run-Time Error 23

Proving Absence of Runtime Errors 24

Formal Methods based Static Code Analysis You Can Prove That: c = a + b; will never overflow j = arr[i]; i will always be within array bounds *ptr = 12; will never be an illegal dereference w = x / (y + z); y never equal to -z or visa versa (divide by zero) And many more 25

Example: Proving Absence of Run-time Errors 26

Example: Proving Absence of Run-time Errors 27

Example: Proving Absence of Run-time Errors variable x (int 32): 10 28

Example: Proving Absence of Run-time Errors variable y (int 32): 11.. 21474865 29

Example: Proving Absence of Run-time Errors parameter sensor_pos1 (int 32): full range [ 2 31.. 2 31 1] 30

Example: Proving Absence of Run-time Errors parameter sensor_pos2 (int 32): full range [ 2 31.. 2 31 1] 31

Can I get certification credit if I use formal verification techniques in my process? 32

DO-178B Certification Credit Table A-5 (ref section: 6.3.4b, 6.3.4c, 6.3.4d, 6.3.4f) Dataflow, control flow Dead code Compliance with standards (MISRA, JSF++) Arithmetic overflow, resource contention, uninitialized variables, Table A-6 (ref section: 6.4.2.1, 6.4.2.2, 6.4.3) Uninitialized variables, parameter passing errors, data corruption, Incorrect loop/logic decisions, arithmetic faults, violations of array limits, Diagnostics of runtime failure, operation under full range conditions, non terminating loops, 33

Formal Methods Supplement to DO-178C and DO-278A Allows the use of Formal Methods Analysis for verification of: Software requirements Software design Source code Executable object code Adds an objective that the formal analysis method must be shown to be sound What does this mean Polyspace is a formal methods tool for analysis of source code As a Criteria 2 tool, partial credit may be taken for analysis of executable object code and this is included in the DO Qualification Kit DO Qualification Kit already includes a Theoretical Foundation document to justify the soundness of Abstract Interpretation 34

IEC 61508 Certification of MathWorks Products TÜV SÜD certified: Real-Time Workshop Embedded Coder Simulink Design Verifier Simulink Verification and Validation Polyspace products for C/C++ For use in development processes which need to comply with IEC 61508, ISO 26262, or EN 50128 Note: The products listed above were not developed using certified processes 35

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback