Evidence Gathering Using Static Code Analysis

  • Chris Sampson
Conference paper


Static Code Analysis (SCA) has a proven track record as a powerful software verification technique providing the necessary rigour for safety-related software. A number of mature tools supporting SCA are available. However, static analysis also has a reputation as being costly and labour-intensive. This paper looks at recent advances in identifying objectives and processes for SCA and assesses the potential for such analyses to provide, in conjunction with new software safety standards such as the CAA’s SWO1 and Ministry of Defence’s DEF STAN 00-56 Issue 3, a cost-effective and focussed method of gathering evidence that software performs safely.


Safety Requirement Proof Obligation Integrity Check Software Failure System Safety Management 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. Adelard (2001) Justifying the use of software of uncertain pedigree (SOUP) in safety-related applications. Report No: CRR336 HSE Books 2001 ISBN 0 7176 2010 7.Google Scholar
  2. Advantage Technical Consulting (Jan 2002) The Assessment of Software Components for Safety Applications. Technical Guidance. 21989/05-Rep-01.Google Scholar
  3. Archinoff G H, Hohendorf R J, Wassyng A, Quigley B, Borsch M R (1990) Verification of the shutdown system software at the Darlington Nuclear Generating Station. International Conference on Control and Instrumentation in Nuclear Installations.Google Scholar
  4. Chapman R (2000). Industrial Experience with SPARK. Praxis Critical Systems. ACM SigAda 2000.Google Scholar
  5. Harrison (1999). Static Code Analysis on the C-130J Hercules Safety Critical Software. Aerosystems International, UK. Int. Systems Safety Conf. 1999Google Scholar
  6. Nadjm-Tehrani S (2002). Safety Critical Systems: the role of formal techniques. Linkoping University.Google Scholar
  7. Pamas D L, Asmis G J K, Kendall J D (May 1990). Reviewable development of Safety Critical Software. International Conference on Control and Instrumentation in Nuclear Installations.Google Scholar
  8. Sampson C (2003). Software Dependability Issues. IMechE Workshop, “Is the Software in your Product Safe and Reliable”.Google Scholar
  9. Strigini L., Fenton N. (1996). Rigorously Assessing Software Reliability and Safety. ESA Software Product Assurance Workshop, Nordnjik.Google Scholar
  10. UK Ministry of Defence (July 2003), Safety Management Requirements for Defence Systems, DEF STAN 00-56, Issue 3 Draft.Google Scholar
  11. Ward N. J. (1993). The Rigorous Retrospective Static Analysis of the Sizewell ‘B’ Primary Protection System Software. TA Consultancy Services. Presented at Safecomp 93.Google Scholar

Copyright information

© Springer-Verlag London 2004

Authors and Affiliations

  • Chris Sampson
    • 1
  1. 1.Advantage Technical Consulting ‘The Barbican’Farnham, SurreyUK

Personalised recommendations