KeY Version for MISRA C Daniel Larsson KeY Symposium Gteborg, June - - PowerPoint PPT Presentation

key version for misra c
SMART_READER_LITE
LIVE PREVIEW

KeY Version for MISRA C Daniel Larsson KeY Symposium Gteborg, June - - PowerPoint PPT Presentation

Jul 07, 2023 867 likes •989 views

KeY Version for MISRA C Daniel Larsson KeY Symposium Gteborg, June 2005 KeY Version for MISRA C p.1/11 CEDES CEDES ( C ost E fficient D ependable E lectronic S ystems) Software-based methods for fault tolerance & fault handling

slide-1
SLIDE 1

KeY Version for MISRA C

Daniel Larsson

KeY Symposium Göteborg, June 2005

KeY Version for MISRA C – p.1/11

slide-2
SLIDE 2

CEDES

CEDES (Cost Efficient Dependable Electronic Systems) Software-based methods for fault tolerance & fault handling “Our” work package: KeY version for MISRA C programs Symbolic error propagation Formal verification of exception handling routines

KeY Version for MISRA C – p.2/11

slide-3
SLIDE 3

Symbolic Error Propagation

Would complement fault injection methods Main problem with fault injection: coverage Idea: Represent whole classes of errors in logic Perform symbolic execution to ... verify properties in the presence of errors calculate consequences (strongest postcondition)

KeY Version for MISRA C – p.3/11

slide-4
SLIDE 4

KeY Version for MISRA C

Refactoring of KeY + addition of C datastructures Finding and integrating C front-end Writing parser for schemaC Develop and implement dynamic logic and calculus for MISRA C

KeY Version for MISRA C – p.4/11

slide-5
SLIDE 5

Front-end for C

Cetus Implemented in Java Uses ANTLR parser generator Is an active project

KeY Version for MISRA C – p.5/11

slide-6
SLIDE 6

Refactoring of Datastructures

Should as much as possible be re-used/shared? Save a lot of work Avoid duplicated code ... or ... Should structures for different languages be kept separate? Java semantics implicitly built-in

⇒ Bugs that are hard to find

KeY Version for MISRA C – p.6/11

slide-7
SLIDE 7

Refactoring of Datastructures cont’d

Should as much as possible be re-used/shared? Save a lot of work Avoid duplicated code ... or ... Should structures for different languages be kept separate? Java semantics implicitly built-in

⇒ Bugs that are hard to find

Decision: Go for 1st approach

KeY Version for MISRA C – p.7/11

slide-8
SLIDE 8

Refactoring of Datastructures cont’d

How general? First plan: Structure that allowed for addition of arbitrary OO language with imperative core Not worth the effort Existing datastructures already fairly general

⇒ Go for ad-hoc approach

KeY Version for MISRA C – p.8/11

slide-9
SLIDE 9

Refactoring of Datastructures cont’d

How general? First plan: Structure that allowed for addition of arbitrary OO language with imperative core Not worth the effort Existing datastructures already fairly general

⇒ Go for ad-hoc approach

Decision: Minimal refactoring to be able to add C constructs

KeY Version for MISRA C – p.9/11

slide-10
SLIDE 10

New Package Structure

KeY Version for MISRA C – p.10/11

slide-11
SLIDE 11

New Package Structure cont’d

KeY Version for MISRA C – p.11/11