Abstract
Static program analysis is widely used in property checking of software systems, especially safety and mission critical embedded systems. Most of these efforts check for violation of only standard properties such as array index out of bound, overflow/underflow and so on. However, our studies have shown that checking for these standard properties only captures less than 10% of all the defects detectable through static analysis. The remaining defects can be detected by checking for domain specific (custom) properties. We have applied two static analysis tools (TCS Embedded Code Analyzer and Saturn), varying in their analysis techniques, over a large embedded code base to check for a particular custom property. The code base consisted of 10 million lines of code (LOC) and belonged to the automotive domain. The custom property (semaphore consistency) to be verified was chosen after a detailed causal analysis of the history of various defects encountered in the code base. Here, we present our experience with this effort -- key problems encountered, solutions provided and results obtained. Our experience shows that static analysis of very large code bases is practically feasible and is a value-add in software quality assurance.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.