Improve Space Software Quality
with POLYSPACE
Aurore Dupuis
1
SPACE SOFTWARE
CNES – National Space Agency
Involved in systems characterized by :
• Space Constraints
• Innovation
• Technological Risk
Software is present everywhere in these systems.
3 Improve Space Software Quality with
Polyspace
Space Software
2 major space software types :
• Embedded software
• Ground software
2 major software issues :
• Reliability
• Maintainability
4 Improve Space Software Quality with
Polyspace
Software Assurance Quality
Based on ECSS/CNES referential
• ECSS-Q-ST-80 - Software product assurance
• Language specific coding standards
• Code analysis tools such as Polyspace
• Software quality team
5 Improve Space Software Quality with
Polyspace
2
ANALYSIS CONTEXT
Software Quality Team Mission
Much more than code analysis
• Support to Quality Engineer
• Normalisation
• Analysis Tools Watch
• Code Analysis
• …
7 Improve Space Software Quality with
Polyspace
Software Development Context
• Very few internal development
• Suppliers analyze the code they produce
Software Quality Team
Checks supplier code
(only the most critical ones)
8 Improve Space Software Quality with
Polyspace
Software Quality Team Organization
Community
Contact
ECSS – Q80
Analysis Tools
Software
Quality Team
Quality Engineer
CNES project team
Software supplier
9 Improve Space Software Quality with
Polyspace
(Polyspace, …)
3
POLYSPACE ANALYSIS
Polyspace version and
configuration
Polyspace version used is 2012a
Polyspace metrics is not used for security
reason
(no authentication service, code duplication)
later versions of Polyspace do support password protection of
Polyspace metrics
1 Improve Space Software Quality with
1 Polyspace
MISRA/JSF Rules
CNES coding rules match partially MISRA-C rules.
CNES only uses this function on recurrent embedded
software in order to verify that the number of defects is
not increasing.
JSF++ Rules are not checked with Polyspace yet. The
comparison with CNES coding rules is still in progress.
1 Improve Space Software Quality with
2 Polyspace
Bugs research
CNES principal use of Polyspace is dedicated
to the bugs finding on embedded software
and critical ground software.
Most of analyzed code is C code, the rest is
C++ (which represents a large volume in
terms of files).
1 Improve Space Software Quality with
3 Polyspace
Bugs finding – Analyses 2010-2012
SLOC (source lines of code)
Analyses
5
327498
C
C++
C
C++
1113858
29
14
Improve Space Software Quality with
Polyspace
Analysis process – Launch Context
Software supplier
Delivery
Software
Quality Team
Ask for analysis
CNES project team
if needed
Analyse
1 Improve Space Software Quality with
5 Polyspace
Analysis process – Launch Polyspace
• Unit by unit analysis may be launched first if the
development is not mature enough
• Global analysis
 determining entry points
 defining compiler options (little/big endian, …)
with the project team
1 Improve Space Software Quality with
6 Polyspace
Analysis process – Analyze results
• Red points
 Red points are almost always real bugs (except for
task definition),
 Such bugs are
 communicated to the project team to be fixed ASAP (as
soon as possible),
 fixed locally to launch the analysis,
 Each code modification is traced and included into
the analysis report,
1 Improve Space Software Quality with
7 Polyspace
Analysis process – Analyze results
• Grey points
 Almost all grey points is linked to robustness,
 Grey points not related to robustness are
bounced to the project team,
1 Improve Space Software Quality with
8 Polyspace
Analysis process – Analyze results
• Orange points
 NIV and IDP are linked to memory access, these points
are not verified by the software quality team.
o The hypothesis done is that the project team masters memory
accesses. These points are almost never communicated to the
project.
 Other orange points are analyzed, only proved bugs
and potential bugs are synthetized into the report and
presented to the project team
o Software quality team has to argument and explain the need to
correct these points, giving priority
1 Improve Space Software Quality with
9 Polyspace
Analysis process – Analyze results
• Shared variables
 Shared variables are identified byPolyspace
and listed into the report
 The project team has to check their use
without concurrent access
o In some cases, this work is done by the software
quality team if critical sections are well identified
2 Improve Space Software Quality with
0 Polyspace
Analysis report
CNES has its own report template.
Result reports are generated using
Polyspace. The generated tables are
inserted into the CNES report.
2 Improve Space Software Quality with
1 Polyspace
Metrics
• About 30 analyses with Polyspace between
2010 and 2012 and 6 analysis in 2013
• About 10 analysis led to bugs discovery
• Current bugs
 Overflow
 Cast
2 Improve Space Software Quality with
2 Polyspace
4
CONCLUSION
Conclusion
Embedded space software is critical, a bug
can compromise a whole space mission.
CNES needs tools to analyze code in order to
find residual bugs.
Polyspace has been successfully useful to
find overflows and cast problems.
2 Improve Space Software Quality with
4 Polyspace
Thanks for your attention
Contact
Aurore DUPUIS – [email protected]
25
Improve Space Software Quality with
Polyspace