Test & Measurement

Analysis tool gets thumbs-up for avionics, rail industries

24th October 2014
Mick Elliott
0

AdaCore’s CodePeer advanced static analysis tool for the automated review and validation of Ada source code has been qualified as a software verification tool for developers in both avionics and railway industries. CodePeer assesses the program before execution to find errors efficiently and early in the development life cycle. Using advanced mathematics, it analyses every line of software, considering every possible input and every path through the program.

It performs impact and vulnerability analysis when existing code is modified, and, using control-flow, data-flow and other advanced static analysis techniques, it detects problems that would otherwise require labour-intensive debugging. “In safety-critical domains, developers need very strong assurances that the tool they’re using to assess their code is reliable, can be trusted, and will substantially reduce the need for manual code review,” says Arnaud Charlet, CodePeer Product Manager and Technical Director at AdaCore. “CodePeer has been through rigorous industry-specific tests for avionics and railway that fully affirm its value and reliability in these and other safety-critical development environments.”  

CodePeer has been qualified as a verification tool for DO-178B, the software safety standard for commercial airborne systems. Certification authorities such as the FAA in the U.S. and EASA in Europe apply DO-178B to provide confidence that the software will meet its requirements.   Vulnerabilities detected by CodePeer analysis for avionics include: overflow on integer and floating point types, range violations on integer and floating point types, index violations on array operations, division by zero on integer and floating point types, uninitialised variables and underflow on floating point types

Where no potential error is reported, CodePeer guarantees that the code is exempt from these vulnerabilities.   For railway applications, CodePeer has been used to verify code certified in accordance with CENELEC EN 50128:2011 SIL 4 --the highest safety integrity level. In this context, it has been used for the following activities: boundary value analysis: it detects attempts to dereference a pointer that could be null, to read values outside the bounds of an Ada type or subtype, and also detects buffer overflows, numeric overflow or wraparound, and division by zero.

Control flow analysis: it detects suspicious and potentially incorrect control flows, such as unreachable code, redundant conditionals, loops that either run forever or fail to terminate normally, and subprograms that never return.

Data flow analysis: it detects suspicious and potentially incorrect data flows, such as variables read before they are written (uninitialised variables), variables written more than once without being read (redundant assignments), variables that are written but never read, and parameters with an incorrect mode (unread parameter, unassigned parameter).

Product Spotlight

Upcoming Events

View all events
Newsletter
Latest global electronics news
© Copyright 2024 Electronic Specifier