Evidence Gathering Using Static Code Analysis
Static Code Analysis (SCA) has a proven track record as a powerful software verification technique providing the necessary rigour for safety-related software. A number of mature tools supporting SCA are available. However, static analysis also has a reputation as being costly and labour-intensive. This paper looks at recent advances in identifying objectives and processes for SCA and assesses the potential for such analyses to provide, in conjunction with new software safety standards such as the CAA’s SWO1 and Ministry of Defence’s DEF STAN 00-56 Issue 3, a cost-effective and focussed method of gathering evidence that software performs safely.
KeywordsSafety Requirement Proof Obligation Integrity Check Software Failure System Safety Management
Unable to display preview. Download preview PDF.
- Adelard (2001) Justifying the use of software of uncertain pedigree (SOUP) in safety-related applications. Report No: CRR336 HSE Books 2001 ISBN 0 7176 2010 7.Google Scholar
- Advantage Technical Consulting (Jan 2002) The Assessment of Software Components for Safety Applications. Technical Guidance. 21989/05-Rep-01.Google Scholar
- Archinoff G H, Hohendorf R J, Wassyng A, Quigley B, Borsch M R (1990) Verification of the shutdown system software at the Darlington Nuclear Generating Station. International Conference on Control and Instrumentation in Nuclear Installations.Google Scholar
- Chapman R (2000). Industrial Experience with SPARK. Praxis Critical Systems. ACM SigAda 2000.Google Scholar
- Harrison (1999). Static Code Analysis on the C-130J Hercules Safety Critical Software. Aerosystems International, UK. Int. Systems Safety Conf. 1999Google Scholar
- Nadjm-Tehrani S (2002). Safety Critical Systems: the role of formal techniques. Linkoping University.Google Scholar
- Pamas D L, Asmis G J K, Kendall J D (May 1990). Reviewable development of Safety Critical Software. International Conference on Control and Instrumentation in Nuclear Installations.Google Scholar
- Sampson C (2003). Software Dependability Issues. IMechE Workshop, “Is the Software in your Product Safe and Reliable”.Google Scholar
- Strigini L., Fenton N. (1996). Rigorously Assessing Software Reliability and Safety. ESA Software Product Assurance Workshop, Nordnjik.Google Scholar
- UK Ministry of Defence (July 2003), Safety Management Requirements for Defence Systems, DEF STAN 00-56, Issue 3 Draft.Google Scholar
- Ward N. J. (1993). The Rigorous Retrospective Static Analysis of the Sizewell ‘B’ Primary Protection System Software. TA Consultancy Services. Presented at Safecomp 93.Google Scholar