SlideShare une entreprise Scribd logo

Interface-Implementation Contract Checking

Dharmalingam Ganesan
Dharmalingam Ganesan
TechnologieBusiness
1  sur  26
Télécharger pour lire hors ligne
Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL Dharmalingam Ganesan, Mikael Lindvall Fraunhofer Center for Experimental Software Engineering College Park Maryland © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 1
Agenda • Context: NASA OSAL • Static equivalence analysis • Static contract checking • Conclusion © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 2
Context: NASA OSAL • Operating System Abstraction Layer • Isolates flight software from real time operating systems and hardware. • Implementation for the real time systems RTEMS and vxWorks and posix compliant non-real time systems. • Provides “Write once, run everywhere (somewhere)” at compile level • Used for mission critical embedded systems • Provides support for file-system, tasks, queues, semaphores, interrupts, hardware abstraction, I/O ports and exception handling © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 3
NASA OSAL • Why is it important that OSAL is bug free? – flight software is mission critical and needs to be of very high quality – OSAL is the foundation of the CFE which CFS runs on top of – OSAL is used in many NASA missions, e.g. the Lunar Renaissance Orbit – If OSAL has issues, it might result in catastrophic failure © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 4
NASA OSAL in CFS © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 5
NASA OSAL – Architecture © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 6
Agenda • Context: NASA OSAL • Static equivalence analysis • Static contract checking • Conclusion © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 7
Static equivalence analysis • Currently OSAL has implementations for Rtems, vxWorks and Posix operating systems • All implementations should work the same – Perform same operation regardless of OS – Return same error-codes when errors occur © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 8
Static equivalence analysis • Used to find differences between implementations of OSAL – Posix, RTEMS, vxWorks • Extracts return codes from function bodies • Return codes of each implementation compared to find differences © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 9
Static equivalence analysis • Enables us to easily find otherwise subtle and hard to find errors Posix implementation Rtems implementation © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 10
Static equivalence analysis - example © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 11
Which defects can be found in OSAL when analyzing function pairs for functional equivalence? Runtime Issues # Issues Minor Issues # Issues Precondition Checking Diffs. 13 Configuration Issues 9* Return Code Diffs. 24 Output Differences 18* Global Variable Writing Diffs. 15 Parameter Writing Diffs. 3 Parameter Checking 2 Σ Σ 27 57 Acknowledged and/or Fixed © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 12
Agenda • Context: NASA OSAL • Static equivalence analysis • Static contract checking • Conclusion © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 13
Static contract checking without a formal contract • API‘s are supposed to fulfill a “contract” • A contract is: – Specification of what each function does and – How it responds to errors and what the function should return • Programmers program to a API using the contract as a guide. • A function not written according to the contract can cause hard to find errors © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 14
Static contract checking without a formal contract Example of function fulfilling contract Contract Implementation © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 15
Static contract checking without a formal contract Example of function fulfilling contract © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 16
Static contract checking without a formal contract Example of function fulfilling contract © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 17
Static contract checking without a formal contract Example of function not fulfilling contract © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 18
Static contract checking without a formal contract • Regular expressions to create simple and fast perl programs • Compatible with C and C++ • Extracts return codes from function bodies and contract comments • Compares the return codes of contract comments and function bodies to find mismatches © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 19
Static contract checking without a formal contract © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 20
Static contract checking without a formal contract ...and the other way around. • To find if functions implement more than the contracts implies • To identify an uncomplete contract that could result in implementation mismatches between wrappers • Extract return codes from the function bodies, instead of the contract comments • Compare the extracted returns to the contract comments to find undocumented behavior © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 21
Static contract checking without a formal contract © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 22
static contract checking without a formal contract A part of the 61 issues found in the Posix implementation. All issues reported and taken care now. © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 23
Summary Static equivalence analysis: • A lightweight technique • powerful for detecting inconsistencies between wrappers • Found several inconsistencies (addressed in OSAL) Static contract checking without a formal contract: • A lightweight technique • Found a lot of inconsistencies between documentation and code (addressed in OSAL) • Does not need any modeling or rigor – (but neither sound nor complete) © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 24
Thank you! dganesan@fc-md.umd.edu mlindvall@fc-md.umd.edu © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 25
Acknowledgement • Gunnar Cortes • Henning Femmer • Dave McComas • Alan Cudmore • Wesley Deadrick © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 26

Recommandé

Model-based Testing of a Software Bus - Applied on Core Flight Executive
Model-based Testing of a Software Bus - Applied on Core Flight ExecutiveModel-based Testing of a Software Bus - Applied on Core Flight Executive
Model-based Testing of a Software Bus - Applied on Core Flight Executive
Dharmalingam Ganesan
 
Assessing Model-Based Testing: An Empirical Study Conducted in Industry
Assessing Model-Based Testing: An Empirical Study Conducted in IndustryAssessing Model-Based Testing: An Empirical Study Conducted in Industry
Assessing Model-Based Testing: An Empirical Study Conducted in Industry
Dharmalingam Ganesan
 
Ivv workshop model-based-testing-of-nasa-systems
Ivv workshop model-based-testing-of-nasa-systemsIvv workshop model-based-testing-of-nasa-systems
Ivv workshop model-based-testing-of-nasa-systems
Dharmalingam Ganesan
 
Reverse Engineering of Software Architecture
Reverse Engineering of Software ArchitectureReverse Engineering of Software Architecture
Reverse Engineering of Software Architecture
Dharmalingam Ganesan
 
Automated Testing of NASA Software
Automated Testing of NASA SoftwareAutomated Testing of NASA Software
Automated Testing of NASA Software
Dharmalingam Ganesan
 
Model-based Testing using Microsoft’s Spec Explorer Tool: A Case Study
Model-based Testing using Microsoft’s Spec Explorer Tool: A Case StudyModel-based Testing using Microsoft’s Spec Explorer Tool: A Case Study
Model-based Testing using Microsoft’s Spec Explorer Tool: A Case Study
Dharmalingam Ganesan
 
Secure application programming in the presence of side channel attacks
Secure application programming in the presence of side channel attacksSecure application programming in the presence of side channel attacks
Secure application programming in the presence of side channel attacks
Dharmalingam Ganesan
 
Verifying Architectural Design Rules of a Flight Software Product Line
Verifying Architectural Design Rules of a Flight Software Product LineVerifying Architectural Design Rules of a Flight Software Product Line
Verifying Architectural Design Rules of a Flight Software Product Line
Dharmalingam Ganesan
 

Recommandé

Model-based Testing of a Software Bus - Applied on Core Flight Executive
Model-based Testing of a Software Bus - Applied on Core Flight ExecutiveModel-based Testing of a Software Bus - Applied on Core Flight Executive
Model-based Testing of a Software Bus - Applied on Core Flight Executive
Dharmalingam Ganesan
 
Assessing Model-Based Testing: An Empirical Study Conducted in Industry
Assessing Model-Based Testing: An Empirical Study Conducted in IndustryAssessing Model-Based Testing: An Empirical Study Conducted in Industry
Assessing Model-Based Testing: An Empirical Study Conducted in Industry
Dharmalingam Ganesan
 
Ivv workshop model-based-testing-of-nasa-systems
Ivv workshop model-based-testing-of-nasa-systemsIvv workshop model-based-testing-of-nasa-systems
Ivv workshop model-based-testing-of-nasa-systems
Dharmalingam Ganesan
 
Reverse Engineering of Software Architecture
Reverse Engineering of Software ArchitectureReverse Engineering of Software Architecture
Reverse Engineering of Software Architecture
Dharmalingam Ganesan
 
Automated Testing of NASA Software
Automated Testing of NASA SoftwareAutomated Testing of NASA Software
Automated Testing of NASA Software
Dharmalingam Ganesan
 
Model-based Testing using Microsoft’s Spec Explorer Tool: A Case Study
Model-based Testing using Microsoft’s Spec Explorer Tool: A Case StudyModel-based Testing using Microsoft’s Spec Explorer Tool: A Case Study
Model-based Testing using Microsoft’s Spec Explorer Tool: A Case Study
Dharmalingam Ganesan
 
Secure application programming in the presence of side channel attacks
Secure application programming in the presence of side channel attacksSecure application programming in the presence of side channel attacks
Secure application programming in the presence of side channel attacks
Dharmalingam Ganesan
 
Verifying Architectural Design Rules of a Flight Software Product Line
Verifying Architectural Design Rules of a Flight Software Product LineVerifying Architectural Design Rules of a Flight Software Product Line
Verifying Architectural Design Rules of a Flight Software Product Line
Dharmalingam Ganesan
 
Model-Based Testing: Theory and Practice. Keynote @ MoTiP (ISSRE) 2012.
Model-Based Testing: Theory and Practice. Keynote @ MoTiP (ISSRE) 2012.Model-Based Testing: Theory and Practice. Keynote @ MoTiP (ISSRE) 2012.
Model-Based Testing: Theory and Practice. Keynote @ MoTiP (ISSRE) 2012.
Wolfgang Grieskamp
 
system verilog
system verilogsystem verilog
system verilog
Vinchipsytm Vlsitraining
 
Rv11
Rv11Rv11
Rv11
Wolfgang Grieskamp
 
Verification challenges and methodologies - SoC and ASICs
Verification challenges and methodologies - SoC and ASICsVerification challenges and methodologies - SoC and ASICs
Verification challenges and methodologies - SoC and ASICs
Dr. Shivananda Koteshwar
 
Formal Verification
Formal VerificationFormal Verification
Formal Verification
Ilia Levin
 
SOC Verification using SystemVerilog
SOC Verification using SystemVerilog SOC Verification using SystemVerilog
SOC Verification using SystemVerilog
Ramdas Mozhikunnath
 
Bangalore march07
Bangalore march07Bangalore march07
Bangalore march07
Obsidian Software
 
Bristol 2009 q1_blackmore_tim
Bristol 2009 q1_blackmore_timBristol 2009 q1_blackmore_tim
Bristol 2009 q1_blackmore_tim
Obsidian Software
 
Automated Traceability for Software Engineering Tasks
Automated Traceability for Software Engineering TasksAutomated Traceability for Software Engineering Tasks
Automated Traceability for Software Engineering Tasks
Dharmalingam Ganesan
 
Software Defect Prediction on Unlabeled Datasets
Software Defect Prediction on Unlabeled DatasetsSoftware Defect Prediction on Unlabeled Datasets
Software Defect Prediction on Unlabeled Datasets
Sung Kim
 
System verilog important
System verilog importantSystem verilog important
System verilog important
elumalai7
 
The Impact of Test Ownership and Team Structure on the Reliability and Effect...
The Impact of Test Ownership and Team Structure on the Reliability and Effect...The Impact of Test Ownership and Team Structure on the Reliability and Effect...
The Impact of Test Ownership and Team Structure on the Reliability and Effect...
Kim Herzig
 
Introduction to Software Testing
Introduction to Software TestingIntroduction to Software Testing
Introduction to Software Testing
Henry Muccini
 
Hands-on Experience Model based testing with spec explorer
Hands-on Experience Model based testing with spec explorer Hands-on Experience Model based testing with spec explorer
Hands-on Experience Model based testing with spec explorer
Rachid Kherrazi
 
Verification Engineer - Opportunities and Career Path
Verification Engineer - Opportunities and Career PathVerification Engineer - Opportunities and Career Path
Verification Engineer - Opportunities and Career Path
Ramdas Mozhikunnath
 
Functional verification techniques EW16 session
Functional verification techniques EW16 sessionFunctional verification techniques EW16 session
Functional verification techniques EW16 session
Sameh El-Ashry
 
SE2018_Lec 20_ Test-Driven Development (TDD)
SE2018_Lec 20_ Test-Driven Development (TDD)SE2018_Lec 20_ Test-Driven Development (TDD)
SE2018_Lec 20_ Test-Driven Development (TDD)
Amr E. Mohamed
 
It's Not a Bug, It's a Feature — How Misclassification Impacts Bug Prediction
It's Not a Bug, It's a Feature — How Misclassification Impacts Bug PredictionIt's Not a Bug, It's a Feature — How Misclassification Impacts Bug Prediction
It's Not a Bug, It's a Feature — How Misclassification Impacts Bug Prediction
sjust
 
Issre2014 test defectprediction
Issre2014 test defectpredictionIssre2014 test defectprediction
Issre2014 test defectprediction
Kim Herzig
 
System verilog verification building blocks
System verilog verification building blocksSystem verilog verification building blocks
System verilog verification building blocks
Nirav Desai
 
Testing of C software components using Models
Testing of C software components using ModelsTesting of C software components using Models
Testing of C software components using Models
Dharmalingam Ganesan
 
Exploiting Cryptographic Misuse - An Example
Exploiting Cryptographic Misuse - An ExampleExploiting Cryptographic Misuse - An Example
Exploiting Cryptographic Misuse - An Example
Dharmalingam Ganesan
 

Contenu connexe

Tendances

Formal Verification
Formal VerificationFormal Verification
Formal Verification
Ilia Levin
 
Bristol 2009 q1_blackmore_tim
Bristol 2009 q1_blackmore_timBristol 2009 q1_blackmore_tim
Bristol 2009 q1_blackmore_tim
Obsidian Software
 
The Impact of Test Ownership and Team Structure on the Reliability and Effect...
The Impact of Test Ownership and Team Structure on the Reliability and Effect...The Impact of Test Ownership and Team Structure on the Reliability and Effect...
The Impact of Test Ownership and Team Structure on the Reliability and Effect...
Kim Herzig
 
It's Not a Bug, It's a Feature — How Misclassification Impacts Bug Prediction
It's Not a Bug, It's a Feature — How Misclassification Impacts Bug PredictionIt's Not a Bug, It's a Feature — How Misclassification Impacts Bug Prediction
It's Not a Bug, It's a Feature — How Misclassification Impacts Bug Prediction
sjust
 
System verilog verification building blocks
System verilog verification building blocksSystem verilog verification building blocks
System verilog verification building blocks
Nirav Desai
 

Tendances (20)

Model-Based Testing: Theory and Practice. Keynote @ MoTiP (ISSRE) 2012.
Model-Based Testing: Theory and Practice. Keynote @ MoTiP (ISSRE) 2012.Model-Based Testing: Theory and Practice. Keynote @ MoTiP (ISSRE) 2012.
Model-Based Testing: Theory and Practice. Keynote @ MoTiP (ISSRE) 2012.
 
system verilog
system verilogsystem verilog
system verilog
 
Rv11
Rv11Rv11
Rv11
 
Verification challenges and methodologies - SoC and ASICs
Verification challenges and methodologies - SoC and ASICsVerification challenges and methodologies - SoC and ASICs
Verification challenges and methodologies - SoC and ASICs
 
Formal Verification
Formal VerificationFormal Verification
Formal Verification
 
SOC Verification using SystemVerilog
SOC Verification using SystemVerilog SOC Verification using SystemVerilog
SOC Verification using SystemVerilog
 
Bangalore march07
Bangalore march07Bangalore march07
Bangalore march07
 
Bristol 2009 q1_blackmore_tim
Bristol 2009 q1_blackmore_timBristol 2009 q1_blackmore_tim
Bristol 2009 q1_blackmore_tim
 
Automated Traceability for Software Engineering Tasks
Automated Traceability for Software Engineering TasksAutomated Traceability for Software Engineering Tasks
Automated Traceability for Software Engineering Tasks
 
Software Defect Prediction on Unlabeled Datasets
Software Defect Prediction on Unlabeled DatasetsSoftware Defect Prediction on Unlabeled Datasets
Software Defect Prediction on Unlabeled Datasets
 
System verilog important
System verilog importantSystem verilog important
System verilog important
 
The Impact of Test Ownership and Team Structure on the Reliability and Effect...
The Impact of Test Ownership and Team Structure on the Reliability and Effect...The Impact of Test Ownership and Team Structure on the Reliability and Effect...
The Impact of Test Ownership and Team Structure on the Reliability and Effect...
 
Introduction to Software Testing
Introduction to Software TestingIntroduction to Software Testing
Introduction to Software Testing
 
Hands-on Experience Model based testing with spec explorer
Hands-on Experience Model based testing with spec explorer Hands-on Experience Model based testing with spec explorer
Hands-on Experience Model based testing with spec explorer
 
Verification Engineer - Opportunities and Career Path
Verification Engineer - Opportunities and Career PathVerification Engineer - Opportunities and Career Path
Verification Engineer - Opportunities and Career Path
 
Functional verification techniques EW16 session
Functional verification techniques EW16 sessionFunctional verification techniques EW16 session
Functional verification techniques EW16 session
 
SE2018_Lec 20_ Test-Driven Development (TDD)
SE2018_Lec 20_ Test-Driven Development (TDD)SE2018_Lec 20_ Test-Driven Development (TDD)
SE2018_Lec 20_ Test-Driven Development (TDD)
 
It's Not a Bug, It's a Feature — How Misclassification Impacts Bug Prediction
It's Not a Bug, It's a Feature — How Misclassification Impacts Bug PredictionIt's Not a Bug, It's a Feature — How Misclassification Impacts Bug Prediction
It's Not a Bug, It's a Feature — How Misclassification Impacts Bug Prediction
 
Issre2014 test defectprediction
Issre2014 test defectpredictionIssre2014 test defectprediction
Issre2014 test defectprediction
 
System verilog verification building blocks
System verilog verification building blocksSystem verilog verification building blocks
System verilog verification building blocks
 

En vedette

Reverse Architecting of a Medical Device Software
Reverse Architecting of a Medical Device SoftwareReverse Architecting of a Medical Device Software
Reverse Architecting of a Medical Device Software
Dharmalingam Ganesan
 
Architecture Analysis of Systems based on Publish-Subscribe Systems
Architecture Analysis of Systems based on Publish-Subscribe SystemsArchitecture Analysis of Systems based on Publish-Subscribe Systems
Architecture Analysis of Systems based on Publish-Subscribe Systems
Dharmalingam Ganesan
 
Automated testing of NASA Software - part 2
Automated testing of NASA Software - part 2Automated testing of NASA Software - part 2
Automated testing of NASA Software - part 2
Dharmalingam Ganesan
 

En vedette (9)

Testing of C software components using Models
Testing of C software components using ModelsTesting of C software components using Models
Testing of C software components using Models
 
Exploiting Cryptographic Misuse - An Example
Exploiting Cryptographic Misuse - An ExampleExploiting Cryptographic Misuse - An Example
Exploiting Cryptographic Misuse - An Example
 
Load-time Hacking using LD_PRELOAD
Load-time Hacking using LD_PRELOADLoad-time Hacking using LD_PRELOAD
Load-time Hacking using LD_PRELOAD
 
Linux binary analysis and exploitation
Linux binary analysis and exploitationLinux binary analysis and exploitation
Linux binary analysis and exploitation
 
Reverse Architecting of a Medical Device Software
Reverse Architecting of a Medical Device SoftwareReverse Architecting of a Medical Device Software
Reverse Architecting of a Medical Device Software
 
Explaining my Phd Thesis to layman
Explaining my Phd Thesis to laymanExplaining my Phd Thesis to layman
Explaining my Phd Thesis to layman
 
Architecture Analysis of Systems based on Publish-Subscribe Systems
Architecture Analysis of Systems based on Publish-Subscribe SystemsArchitecture Analysis of Systems based on Publish-Subscribe Systems
Architecture Analysis of Systems based on Publish-Subscribe Systems
 
Automated testing of NASA Software - part 2
Automated testing of NASA Software - part 2Automated testing of NASA Software - part 2
Automated testing of NASA Software - part 2
 
Automated Test Case Generation and Execution from Models
Automated Test Case Generation and Execution from ModelsAutomated Test Case Generation and Execution from Models
Automated Test Case Generation and Execution from Models
 

Similaire à Interface-Implementation Contract Checking

Lean Model-Driven Development through Model-Interpretation: the CPAL design ...
Lean Model-Driven Development through Model-Interpretation: the CPAL design ...Lean Model-Driven Development through Model-Interpretation: the CPAL design ...
Lean Model-Driven Development through Model-Interpretation: the CPAL design ...
Nicolas Navet
 
How Virtual Compilation Transforms Static Code Analysis
How Virtual Compilation Transforms Static Code AnalysisHow Virtual Compilation Transforms Static Code Analysis
How Virtual Compilation Transforms Static Code Analysis
Checkmarx
 
How to Do Code Reviews at Massive Scale For DevOps
How to Do Code Reviews at Massive Scale For DevOpsHow to Do Code Reviews at Massive Scale For DevOps
How to Do Code Reviews at Massive Scale For DevOps
Perforce
 
Planning and Control Algorithms Model-Based Approach (State-Space)
Planning and Control Algorithms Model-Based Approach (State-Space)Planning and Control Algorithms Model-Based Approach (State-Space)
Planning and Control Algorithms Model-Based Approach (State-Space)
M Reza Rahmati
 
Rhapsody Software
Rhapsody SoftwareRhapsody Software
Rhapsody Software
Bill Duncan
 
5 Ways to Accelerate Standards Compliance with Static Code Analysis
5 Ways to Accelerate Standards Compliance with Static Code Analysis 5 Ways to Accelerate Standards Compliance with Static Code Analysis
5 Ways to Accelerate Standards Compliance with Static Code Analysis
Perforce
 
Rapid software testing and conformance with static code analysis
Rapid software testing and conformance with static code analysisRapid software testing and conformance with static code analysis
Rapid software testing and conformance with static code analysis
Rogue Wave Software
 

Similaire à Interface-Implementation Contract Checking (20)

Lean Model-Driven Development through Model-Interpretation: the CPAL design ...
Lean Model-Driven Development through Model-Interpretation: the CPAL design ...Lean Model-Driven Development through Model-Interpretation: the CPAL design ...
Lean Model-Driven Development through Model-Interpretation: the CPAL design ...
 
NVMe Conformance Tool for SSD Testing
NVMe Conformance Tool for SSD TestingNVMe Conformance Tool for SSD Testing
NVMe Conformance Tool for SSD Testing
 
Discover DoDAF problems early in the lifecycle with model execution
Discover DoDAF problems early in the lifecycle with model executionDiscover DoDAF problems early in the lifecycle with model execution
Discover DoDAF problems early in the lifecycle with model execution
 
How Virtual Compilation Transforms Static Code Analysis
How Virtual Compilation Transforms Static Code AnalysisHow Virtual Compilation Transforms Static Code Analysis
How Virtual Compilation Transforms Static Code Analysis
 
Onos overview meetup sdn paris - redux
Onos overview meetup sdn paris - reduxOnos overview meetup sdn paris - redux
Onos overview meetup sdn paris - redux
 
How to Do Code Reviews at Massive Scale For DevOps
How to Do Code Reviews at Massive Scale For DevOpsHow to Do Code Reviews at Massive Scale For DevOps
How to Do Code Reviews at Massive Scale For DevOps
 
Tech trends 2018 2019
Tech trends 2018 2019Tech trends 2018 2019
Tech trends 2018 2019
 
Planning and Control Algorithms Model-Based Approach (State-Space)
Planning and Control Algorithms Model-Based Approach (State-Space)Planning and Control Algorithms Model-Based Approach (State-Space)
Planning and Control Algorithms Model-Based Approach (State-Space)
 
Oracle sun studio
Oracle sun studioOracle sun studio
Oracle sun studio
 
Learn more about the tremendous value Open Data Plane brings to NFV
Learn more about the tremendous value Open Data Plane brings to NFVLearn more about the tremendous value Open Data Plane brings to NFV
Learn more about the tremendous value Open Data Plane brings to NFV
 
Critical Preflight Checks for Your EPM Applications
Critical Preflight Checks for Your EPM ApplicationsCritical Preflight Checks for Your EPM Applications
Critical Preflight Checks for Your EPM Applications
 
Rhapsody Software
Rhapsody SoftwareRhapsody Software
Rhapsody Software
 
Real World Java Compatibility
Real World Java CompatibilityReal World Java Compatibility
Real World Java Compatibility
 
Throwing Laravel into your Legacy App™
Throwing Laravel into your Legacy App™Throwing Laravel into your Legacy App™
Throwing Laravel into your Legacy App™
 
5 Ways to Accelerate Standards Compliance with Static Code Analysis
5 Ways to Accelerate Standards Compliance with Static Code Analysis 5 Ways to Accelerate Standards Compliance with Static Code Analysis
5 Ways to Accelerate Standards Compliance with Static Code Analysis
 
Automate and customise application services and deployment
Automate and customise application services and deploymentAutomate and customise application services and deployment
Automate and customise application services and deployment
 
Automate and customise application services and deployment
Automate and customise application services and deploymentAutomate and customise application services and deployment
Automate and customise application services and deployment
 
Software Testing includes Performance testing with Load Runner and the JMeter
Software Testing includes Performance testing with Load Runner and the JMeter Software Testing includes Performance testing with Load Runner and the JMeter
Software Testing includes Performance testing with Load Runner and the JMeter
 
Rapid software testing and conformance with static code analysis
Rapid software testing and conformance with static code analysisRapid software testing and conformance with static code analysis
Rapid software testing and conformance with static code analysis
 
Laravel Load Testing: Strategies and Tools
Laravel Load Testing: Strategies and ToolsLaravel Load Testing: Strategies and Tools
Laravel Load Testing: Strategies and Tools
 

Plus de Dharmalingam Ganesan

Analysis of Short RSA Secret Exponent d
Analysis of Short RSA Secret Exponent dAnalysis of Short RSA Secret Exponent d
Analysis of Short RSA Secret Exponent d
Dharmalingam Ganesan
 

Plus de Dharmalingam Ganesan (20)

.NET Deserialization Attacks
.NET Deserialization Attacks.NET Deserialization Attacks
.NET Deserialization Attacks
 
Reverse Architecting using Relation Algebra.pdf
Reverse Architecting using Relation Algebra.pdfReverse Architecting using Relation Algebra.pdf
Reverse Architecting using Relation Algebra.pdf
 
How to exploit rand()?
How to exploit rand()?How to exploit rand()?
How to exploit rand()?
 
Cyclic Attacks on the RSA Trapdoor Function
Cyclic Attacks on the RSA Trapdoor FunctionCyclic Attacks on the RSA Trapdoor Function
Cyclic Attacks on the RSA Trapdoor Function
 
An Analysis of RSA Public Exponent e
An Analysis of RSA Public Exponent eAn Analysis of RSA Public Exponent e
An Analysis of RSA Public Exponent e
 
An Analysis of Secure Remote Password (SRP)
An Analysis of Secure Remote Password (SRP)An Analysis of Secure Remote Password (SRP)
An Analysis of Secure Remote Password (SRP)
 
Thank-a-Gram
Thank-a-GramThank-a-Gram
Thank-a-Gram
 
Active Attacks on DH Key Exchange
Active Attacks on DH Key ExchangeActive Attacks on DH Key Exchange
Active Attacks on DH Key Exchange
 
Can I write to a read only file ?
Can I write to a read only file ?Can I write to a read only file ?
Can I write to a read only file ?
 
How do computers exchange secrets using Math?
How do computers exchange secrets using Math?How do computers exchange secrets using Math?
How do computers exchange secrets using Math?
 
On the Secrecy of RSA Private Keys
On the Secrecy of RSA Private KeysOn the Secrecy of RSA Private Keys
On the Secrecy of RSA Private Keys
 
Computing the Square Roots of Unity to break RSA using Quantum Algorithms
Computing the Square Roots of Unity to break RSA using Quantum AlgorithmsComputing the Square Roots of Unity to break RSA using Quantum Algorithms
Computing the Square Roots of Unity to break RSA using Quantum Algorithms
 
Analysis of Short RSA Secret Exponent d
Analysis of Short RSA Secret Exponent dAnalysis of Short RSA Secret Exponent d
Analysis of Short RSA Secret Exponent d
 
Dependency Analysis of RSA Private Variables
Dependency Analysis of RSA Private VariablesDependency Analysis of RSA Private Variables
Dependency Analysis of RSA Private Variables
 
Analysis of Shared RSA Modulus
Analysis of Shared RSA ModulusAnalysis of Shared RSA Modulus
Analysis of Shared RSA Modulus
 
RSA Game using an Oracle
RSA Game using an OracleRSA Game using an Oracle
RSA Game using an Oracle
 
RSA Two Person Game
RSA Two Person GameRSA Two Person Game
RSA Two Person Game
 
RSA without Integrity Checks
RSA without Integrity ChecksRSA without Integrity Checks
RSA without Integrity Checks
 
RSA without Padding
RSA without PaddingRSA without Padding
RSA without Padding
 
Solutions to online rsa factoring challenges
Solutions to online rsa factoring challengesSolutions to online rsa factoring challenges
Solutions to online rsa factoring challenges
 

Dernier

Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Angeliki Cooney
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 

Dernier (20)

Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
Apidays New York 2024 - Passkeys: Developing APIs to enable passwordless auth...
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 

Interface-Implementation Contract Checking

  • 1. Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL Dharmalingam Ganesan, Mikael Lindvall Fraunhofer Center for Experimental Software Engineering College Park Maryland © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 1
  • 2. Agenda • Context: NASA OSAL • Static equivalence analysis • Static contract checking • Conclusion © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 2
  • 3. Context: NASA OSAL • Operating System Abstraction Layer • Isolates flight software from real time operating systems and hardware. • Implementation for the real time systems RTEMS and vxWorks and posix compliant non-real time systems. • Provides “Write once, run everywhere (somewhere)” at compile level • Used for mission critical embedded systems • Provides support for file-system, tasks, queues, semaphores, interrupts, hardware abstraction, I/O ports and exception handling © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 3
  • 4. NASA OSAL • Why is it important that OSAL is bug free? – flight software is mission critical and needs to be of very high quality – OSAL is the foundation of the CFE which CFS runs on top of – OSAL is used in many NASA missions, e.g. the Lunar Renaissance Orbit – If OSAL has issues, it might result in catastrophic failure © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 4
  • 5. NASA OSAL in CFS © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 5
  • 6. NASA OSAL – Architecture © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 6
  • 7. Agenda • Context: NASA OSAL • Static equivalence analysis • Static contract checking • Conclusion © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 7
  • 8. Static equivalence analysis • Currently OSAL has implementations for Rtems, vxWorks and Posix operating systems • All implementations should work the same – Perform same operation regardless of OS – Return same error-codes when errors occur © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 8
  • 9. Static equivalence analysis • Used to find differences between implementations of OSAL – Posix, RTEMS, vxWorks • Extracts return codes from function bodies • Return codes of each implementation compared to find differences © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 9
  • 10. Static equivalence analysis • Enables us to easily find otherwise subtle and hard to find errors Posix implementation Rtems implementation © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 10
  • 11. Static equivalence analysis - example © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 11
  • 12. Which defects can be found in OSAL when analyzing function pairs for functional equivalence? Runtime Issues # Issues Minor Issues # Issues Precondition Checking Diffs. 13 Configuration Issues 9* Return Code Diffs. 24 Output Differences 18* Global Variable Writing Diffs. 15 Parameter Writing Diffs. 3 Parameter Checking 2 Σ Σ 27 57 Acknowledged and/or Fixed © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 12
  • 13. Agenda • Context: NASA OSAL • Static equivalence analysis • Static contract checking • Conclusion © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 13
  • 14. Static contract checking without a formal contract • API‘s are supposed to fulfill a “contract” • A contract is: – Specification of what each function does and – How it responds to errors and what the function should return • Programmers program to a API using the contract as a guide. • A function not written according to the contract can cause hard to find errors © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 14
  • 15. Static contract checking without a formal contract Example of function fulfilling contract Contract Implementation © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 15
  • 16. Static contract checking without a formal contract Example of function fulfilling contract © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 16
  • 17. Static contract checking without a formal contract Example of function fulfilling contract © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 17
  • 18. Static contract checking without a formal contract Example of function not fulfilling contract © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 18
  • 19. Static contract checking without a formal contract • Regular expressions to create simple and fast perl programs • Compatible with C and C++ • Extracts return codes from function bodies and contract comments • Compares the return codes of contract comments and function bodies to find mismatches © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 19
  • 20. Static contract checking without a formal contract © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 20
  • 21. Static contract checking without a formal contract ...and the other way around. • To find if functions implement more than the contracts implies • To identify an uncomplete contract that could result in implementation mismatches between wrappers • Extract return codes from the function bodies, instead of the contract comments • Compare the extracted returns to the contract comments to find undocumented behavior © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 21
  • 22. Static contract checking without a formal contract © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 22
  • 23. static contract checking without a formal contract A part of the 61 issues found in the Posix implementation. All issues reported and taken care now. © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 23
  • 24. Summary Static equivalence analysis: • A lightweight technique • powerful for detecting inconsistencies between wrappers • Found several inconsistencies (addressed in OSAL) Static contract checking without a formal contract: • A lightweight technique • Found a lot of inconsistencies between documentation and code (addressed in OSAL) • Does not need any modeling or rigor – (but neither sound nor complete) © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 24
  • 25. Thank you! dganesan@fc-md.umd.edu mlindvall@fc-md.umd.edu © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 25
  • 26. Acknowledgement • Gunnar Cortes • Henning Femmer • Dave McComas • Alan Cudmore • Wesley Deadrick © 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 26