Automatic Sound Static Analysis for Integration Verification of AUTOSAR Software

Abstract

<div class="section abstract"><div class="htmlview paragraph">Preventing systematic software failures is of paramount importance for any highly automatic vehicle control system, in particular for safety-critical AUTOSAR software. Among the most critical software defects are runtime errors like buffer overflows or data races. They may cause erroneous or erratic behavior, induce system failures, and constitute security vulnerabilities. Sound static analysis can be used to report all such defects in the code, or to prove their absence. It can also determine dependencies between software components and show freedom of interference without missing any data and control flow through data or function pointers. In the past, AUTOSAR projects often had to be decomposed or simplified to achieve satisfactory analysis time or memory consumption. Creating the analysis model, i.e., determining the tasks and ISRs to analyze, their priorities, synchronization, etc., required significant manual effort. In this article we present novel analysis concepts, developed in the Astrée analyzer, to support fully automatic integration analysis of AUTOSAR projects. The execution model is automatically derived from the ARXML specification. No changes to the software under analysis are required. All specified tasks and ISRs are analyzed assuming fully concurrent execution; runtime errors, data races and deadlocks are reported. Task priorities, core assignment, resources, spinlocks, and critical sections enclosed by primitives to disable/enable interrupts are automatically handled. To minimize false alarms, Astrée supports tuning the analyzer to the software under analysis by locally boosting analysis precision. We report on practical experience with real-life industry projects, giving an overview of alarm rates, analysis time and memory consumption, as well as reduction of false alarms by fine-tuning the analysis precision to the software under analysis.</div></div>