Improving quality of Ada software with range analysis

Abstract

Ada is a strong language with built-in mechanisms that naturally lead to less risky software programs. This is possible because Ada is a structured and strongly typed language with built-in run-time protection mechanisms. For example, subtyping allows for specification of ranges for variable. The compiler can detect illegal values for these variables as well as insert run-time range checks during compilation so that violating specified ranges result in a Constraint_Error during run-time. For complex embedded systems where quality and reliabiity are imperative, the Ada programming language alone may not provide sufficient quality margins. Demonstrating run-time robustness with exhaustive dynamic testing is not possible. Formal methods with mathematical proofs enables precise determination of some properties of a complex system without the need for exhaustive analysis. This technique can be exploited statically to exhaustively determine dynamic runtime behavior of software programs. Coupling the Ada language with these state of the art verification solutions may improve the predictability of quality and safety. This tutorial examines software verification and testing approaches that have been applied to Ada programs. These techniques will be compared and contrasted with formal methods based techniques that can statically produce accurate variable range analysis of Ada programs. Concrete technical examples will be explored to see how these verification techniques, in particular the use of range analysis, can be used to improve the quality and safety of complex software systems that are developed in Ada.