Static Detection of Bugs in Embedded Software using Lightweight Verification, Phase I

Validating software is a critical step in developing high confidence systems. Typical software development practices are not acceptable in systems where failure leads to loss of life or other high costs. New software development tools are needed to radically reduce defect rates and enable the high levels of confidence required for safety- and security-critical systems. Lightweight verification techniques have proven themselves effective in finding defects in large software systems by balancing rigor with scalability and usability. Lightweight verification techniques do not exhaustively check software, but they can find defects in systems that are too large for more rigorous analysis techniques, and are fast becoming an essential tool for software developers. The techniques generally fail to address key sources of problems specific to embedded systems: paths due to asynchronous transfer of control or context switches between tasks are not considered; assembly language components are ignored; it is hard to detect violations of domain-specific rules. We propose to extend and adapt our static analysis technology to make it capable of addressing these problems. We will exploit our existing connections with NASA facilities to gain help validating our approach and to ensure that the solution we propose is responsive to NASA's unique needs. More »