Error Detection by Code Coverage Analysis without Instrumenting the Code

Similar documents
Tools and Methods for Validation and Verification as requested by ISO26262

Tessy. Automated dynamic module/unit testing for embedded applications. CTE Classification Tree Editor for test case specifications

NEC 78K0- Family On-Chip Emulation

User Trace Port Trace Port Emulation on Processors without on-chip Trace Hardware

Renesas 78K/78K0R/RL78 Family In-Circuit Emulation

TRACE32. Product Overview

NEWS 2018 CONTENTS SOURCE CODE COVERAGE WORKS WITHOUT CODE INSTRUMENTATION. English Edition

EMULATOR SETUP MB BIT COMPACT-ICE

Intro to Proving Absence of Errors in C/C++ Code

Testing at extremely high speeds: Bit Error Rate Test for high-speed interfaces in production

O B J E C T L E V E L T E S T I N G

WHITE PAPER. 10 Reasons to Use Static Analysis for Embedded Software Development

All information, including contact information, is available on our web site Feel free also to explore our alternative products.

4. Hardware Platform: Real-Time Requirements

_ V1.1. Motorola 6809 B POD rev. C. POD Hardware Reference

Overview of Microcontroller and Embedded Systems

DO-254 Testing of High Speed FPGA Interfaces by Nir Weintroub, CEO, and Sani Jabsheh, Verisense

_ V Intel 8085 Family In-Circuit Emulation. Contents. Technical Notes

FPGA Adaptive Software Debug and Performance Analysis

All information, including contact information, is available on our web site Feel free also to explore our alternative products.

Introduction to Embedded Systems

_ V ST STM8 Family On-Chip Emulation. Contents. Technical Notes

Alexandre Esper, Geoffrey Nelissen, Vincent Nélis, Eduardo Tovar

)8-,768'HY.LW 2YHUYLHZ. )XMLWVX0LNURHOHNWURQLN*PE+ Am Siebenstein Dreieich-Buchschlag, Germany

_ V NEC V850ES/Fx3 Family In-Circuit Emulation. Contents. Technical Notes

2oo4D: A New Design Concept for Next-Generation Safety Instrumented Systems 07/2000

Validation Suites vs. Validation Kits

In Circuit Emulators. In-Circuit Emulators.

Leopard Nexus Emulation Adapter 257BGA 144TQ

Bolero3M Nexus Emulation Adapter 256BGA 176TQ

Simulink 모델과 C/C++ 코드에대한매스웍스의정형검증툴소개 The MathWorks, Inc. 1

Embedded Systems Lab Lab 1 Introduction to Microcontrollers Eng. Dalia A. Awad

Functional Safety and Safety Standards: Challenges and Comparison of Solutions AA309

MPLAB SIM. MPLAB IDE Software Simulation Engine Microchip Technology Incorporated MPLAB SIM Software Simulation Engine

Managing Complex Trace Filtering and Triggering Capabilities of CoreSight. Jens Braunes pls Development Tools

Test and Verification Solutions. ARM Based SOC Design and Verification

Testing: Test design and testing process

Testing for the Unexpected Using PXI

Bolero Nexus Emulation Adapter 208BGA 100TQ

_ V1.3. Motorola 68HC11 AE/AS POD rev. F. POD Hardware Reference

_ V1.2. Motorola 68HC08 JL POD rev. D1. POD Hardware Reference

Nohau Supports the ST Microelectronics upsd3200 Architecture

An Efficient Multi Mode and Multi Resolution Based AHB Bus Tracer

Parts List. Nohau In-Circuit Emulators. EMUL51-PC For the 80C51MX Family. By ICE Technology Tel Tel Fax

IDE for medical device software development. Hyun-Do Lee, Field Application Engineer

Overview of Digital Design with Verilog HDL 1

RM3 - Cortex-M4 / Cortex-M4F implementation

정형기법을활용한 AUTOSAR SWC 의구현확인및정적분석

What Are The Main Differences Between Program Counter Pc And Instruction Register Ir

Formal Methods and their role in Software and System Development. Riccardo Sisto, Politecnico di Torino

Using Code Coverage to Improve the Reliability of Embedded Software. Whitepaper V

ACC, a Next Generation CAN Controller

On-Chip Design Verification with Xilinx FPGAs

Tracking the Virtual World

The MPC500 Family of 32-bit Embedded Controllers from Motorola. Rudan Bettelheim MCU Marketing Manager 32-bit Embedded Controller Division, SPS

_ V1.3. MPC564xB ActiveGT POD. POD Hardware Reference

A framework for verification of Program Control Unit of VLIW processors

The House Intelligent Switch Control Network based On CAN bus

1 Black Box Test Data Generation Techniques

Simulink 를이용한 효율적인레거시코드 검증방안

Chapter 7 The Potential of Special-Purpose Hardware

ACCELERATING DO-254 VERIFICATION

By V-cubed Solutions, Inc. Page1. All rights reserved by V-cubed Solutions, Inc.

10 Steps to Virtualization

NIOS II Instantiating the Off-chip Trace Logic

A CAN-Based Architecture for Highly Reliable Communication Systems

Seven Roadblocks to 100% Structural Coverage (and how to avoid them)

Microcomputer Architecture and Programming

Trace Getting Started V8.02

Safety and Reliability of Software-Controlled Systems Part 14: Fault mitigation

TDT 1.2 Release Notes and FAQ March 2002

ARM Processors for Embedded Applications

SE420 Software Quality Assurance

EB-51 Low-Cost Emulator

Employing Multi-FPGA Debug Techniques

E-Blocks Build Your Own PLC Bundle

Fault-Injection testing and code coverage measurement using Virtual Prototypes on the context of the ISO standard

ST SPC58 B Line Emulation Adapter System

Digital Control for Space Power Management Devices

Mohammad Jafar Navabi Medtronic Microelectronics Center, Tempe, Arizona, USA

Working with Quad and Other SPI Protocols Testing and Debugging (Quad-) SPI-based ASIC, FPGA, SoC and Embedded Systems

Moodle WILLINGDON COLLEGE SANGLI (B. SC.-II) Digital Electronics

DIGITAL SYSTEM FUNDAMENTALS (ECE421) DIGITAL ELECTRONICS FUNDAMENTAL (ECE4220. PROGRAMMABLE LOGIC DEVICES (PLDs)

Leveraging Formal Methods Based Software Verification to Prove Code Quality & Achieve MISRA compliance

Precise Continuous Non-Intrusive Measurement-Based Execution Time Estimation. Boris Dreyer, Christian Hochberger, Simon Wegener, Alexander Weiss

Best Practices Process & Technology. Sachin Dhiman, Senior Technical Consultant, LDRA

Virtualizing the TCU of BMW's 8 speed transmission

IN-CIRCUIT DEBUG (ICD) USER GUIDE

DS-251 In-Circuit Emulator

TRACE32 Getting Started... ICD In-Circuit Debugger Getting Started... ICD Introduction... 1

Short introduction to Bascom-AVR Programming. Written by Jurij Mikeln - Last Updated Tuesday, 04 June :38

Chapter 15 ARM Architecture, Programming and Development Tools

Freescale and the Freescale logo are trademarks of Freescale Semiconductor, Inc. All other product or service names are the property of their

WS_CCESBF7-OUT-v1.00.doc Page 1 of 8

ZAP Cross Debuggers for Motorola Microcontrollers

FPGA for Dummies. Introduc)on to Programmable Logic

Freescale 68HCS12 Family On-Chip Emulation

Selection Guide. Control Circuit and Load Protection. Allen-Bradley 1489-M2C020

CAN on Integration Technologies

2 Control Equipment for General Applications

Transcription:

Error Detection by Code Coverage Analysis without Instrumenting the Code Erol Simsek, isystem AG Exhaustive testing to detect software errors constantly demands more time within development cycles. Software errors with catastrophic consequences have often pushed forward innovations in software analysis and testing. For example after the explosion of Ariane 5 the code analysis tool PolySpace was introduced which could have detected the fault in advance. Different standards for diverse markets are perpetually updated and changed to increase the safety of complex systems including software: IEC61508 ( Functional safety of electrical/electronic/programmable electronic safety-related systems (E/E/PES) ), ISO CD 26262 ( Road vehicles - Functional safety ), DO-178B ( Software Considerations in Airborne Systems and Equipment Certification ), ISO/TS 16949 (specification for quality management systems), DIN EN 62304 ( Medical device software - Software life-cycle processes ), IEC 60601-1 (safety specification for medical devices) etc. These standards have a tremendous influence on the development cycle and especially on the amount of testing. The following article covers a small portion of a test process the so called Code Coverage. Code coverage is mostly used to detect dead code and thus non-tested code that may result in an unwanted behaviour of an application. We will focus on object code level coverage, an approach to analyze software based on a combination of hardware and software mechanisms. The Use of traditional Development Tools for Testing Today's development tools have to be more flexible than ever. An example for that are in-circuit emulators (ICEs) and on-chip debuggers (OCDs). In the past microcontroller experts used ICEs/OCDs for low-level embedded systems software development only. Today exactly the same tools can be found in different situations of the development cycle as an interface to the target hardware used to emulate, implement and test software. Besides being the interface to a target hardware an ICE or OCD with trace offers functions for professional software error detection and software testing. One part of this is code coverage analysis. Code coverage is a method to assess the quality of test runs. Based on this evaluation new test cases are deduced, redundant test cases are eliminated and inefficient test cases are changed or replaced. This approach leads step by step to a code coverage measure defined by company quality criteria or by national/international standards. Code coverage analysis is a technique to evaluate the quality of the whole test process during product development and by that to indirectly improve the quality of the complete product. Error detection by code coverage analysis without instrumenting the code 2008-12-16 1/7

Prerequisites to Measure Code Coverage There are several ways to measure code coverage: based on source code (e.g., C or C++) or based on object code (assembler). Tools that work on source code instrument the code to measure code coverage during runtime. For embedded systems code instrumentation is seldom an option. Very often resources on hardware are not sufficient. Instrumented code changes the runtime behaviour of an application, which may have a negative effect on the overall coverage result. Analysis on object code runs on the code loaded in the real target hardware. To measure code coverage a hardware tool connected to the target records the activities on the CPU buses (commands and data, external signals including time stamps). With this information it can be proved in object code whether code has been executed or not. This functionality is called tracing. Tracing is available through an ICE and also through an OCD, but the OCD interface has to have at least one code trace port to reconstruct and measure code execution. Preferably is the usage of microcontrollers that implement on chip debug cells like NEXUS or ETM. How to build a Coverage Tool according to the Quality of a Debug Interface To accomplish code coverage analysis based on object code, an ICE or a high quality OCD is necessary. With an ICE the trigger and filter logic has direct access to the CPU bus. Extensive trace functions can record the unfiltered address, data and control bus (see pic. 1, left) or use the complex trigger and filter logic of the emulator. An emulator can only be built if the microcontroller manufacturer produces a so called bondout chip or a chip that can run in a special mode, so that access to all buses is available. Code coverage is feasible with an ICE in all varieties (see also last paragraph of this article). On-chip trace (NEXUS, ETM, trace buffer or special trace ports) was introduced because of the challenges of constantly increasing miniaturization, integration and speed of microcontrollers. Due to the integration of the whole memory on the chip an external bus is no longer needed. This reduces the number of pins while increasing the maximum internal clock frequency. Unfortunately most comfort of an ICE is lost. Especially code coverage is very time limited. Error detection by code coverage analysis without instrumenting the code 2008-12-16 2/7

Picture 1: Extensive trigger and filter logic on an ICE (left) and the simple On-Chip logic of NEXUS or ETM (right) Current Nexus and ETM implementations cannot completely replace the ICE trace. But sophisticated technologies integrated in modern tools (see pic.2) allow the usage of almost all runtime analysis functions on NEXUS or ETM on-chip trace. This is also true for code coverage analysis. Picture 2: The RTR FPGA reconstructs the CPU bus in real time. RTR is RealtimeTrace Reconstruction and is a function of the development tool to enhance the trace quality in general. Error detection by code coverage analysis without instrumenting the code 2008-12-16 3/7

Comparison of ICE, Nexus/ETM-Interface and Real-time Trace Reconstruction (RTR) The following table compares the complex real-time analysis functions available on an ICE, an On-Chip trace implementation based on Nexus/ETM with and without an additional FPGA used in the tool hardware. ICE Nexus bzw. ETM RTR FPGA Trace Triggering Complex Basic On-Chip Complex Trace Filtering Complex Basic On-Chip Complex Trace Time Stamp FULL Distorted Distorted Execution Profiling YES Time limited YES Data Profiling YES Limited number of objects Limited number of objects Execution Coverage YES Time limited YES Data Coverage YES Time limited (*) YES (*) Table 1: Comparison of high-end test functionality depending on the quality of a debug interface (*) is available in distinct areas and if Nexus/ETM has enough bandwidth Code Coverage Analysis based on Source Code and Object Code Based on source code there are 4 different ways of code coverage each requiring a different number of test cases: Statement or Execution Coverage, Decision or Branch Coverage, Path Coverage and Condition Coverage. Statement or Execution Coverage checks if every instruction has been executed at least once. 100% Statement coverage confirms that there is no code that has not been executed. But this does not cover the context of the code e.g. if/else instructions where only one branch can be executed in a single test. Here could be an undetected fault despite 100% statement coverage. Due to that Decision Coverage tests are used to check if all code branches dependent on a true/false decision are executed. To check not only that boolean expressions in control structures have been tested but every possible path in every function Path Coverage is used. Complete path coverage testing means every possible way from the entry to the exit. Error detection by code coverage analysis without instrumenting the code 2008-12-16 4/7

Picture 3: Code Coverage Analysis on object code is first conducted on assembler and then transferred to source code level. In this picture according code is flagged with coloured caskets and branches with small arrows. Error detection by code coverage analysis without instrumenting the code 2008-12-16 5/7

Hierarchical conditions are reviewed by the Condition Coverage test. Boolean conditions are checked with true and false, multiple conditions are tested with every atomic condition set to true and false. Source code based tools in combination with code-analysis tools support the creation of test cases in a half automated manner. At least there is description of how test cases should look like and how many test cases are necessary to achieve distinct code coverage measures. If object code based tools are used simultaneously, the same test cases can be used and both results can be crosschecked. Picture 4: Code coverage analysis documentation is essential to prove test quality. In this example the results are also shown on address level. Object code level coverage is limited on statement and decision coverage. On this level the code consists of assembly statements and branch commands only. Another difference to source code level analysis is that on object code the analysis is conducted on optimized code which means that source code and object code are no longer identical. To achieve a comprehensive code coverage analysis source code level analysis as well as object code level analysis is necessary. Error detection by code coverage analysis without instrumenting the code 2008-12-16 6/7

Conclusion Software tests constantly demand more design costs and time within a development cycle. Today it is extremely important to detect and fix a software bug as soon as possible. The requirements of code coverage analysis are increasing for avionic, automotive and medical systems. This is not only true for statement level but also for decision and condition level code coverage. Object code level coverage analysis is a convenient method to test as close as much on the final product. To achieve this, the capabilities of the debug interface of the microprocessor should be evaluated at the beginning of development. Object code level analysis can be done with the same tool that is used for development. Ideally source code and object code level analysis are used and both results are crosschecked. Internet Links NEXUS Forum: www.nexus5001.org NIST News Release: www.nist.gov/public_affairs/releases/n02-10.htm Trace-Technology: www.isystem.com/itracegt Embedded Trace Macrocell (ETM) www.arm.com/products/solutions/etm.html Embedded Trace Macrocell (ETM) www.arm.com/miscpdfs/11655.pdf Error detection by code coverage analysis without instrumenting the code 2008-12-16 7/7

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback