Software Analysis: A Roadmap

1
Software Analysis A Roadmap

• CSCI 589 presentation
• Joshua Garcia Eric Johnson
• 10/16/07

2
Overview

• Driving force
• What is analysis?
• Verification vs. Refutation
• Model Driven Code Analysis
• Comparing Java and C
• Simulation vs. Checking
• Static vs. Dynamic
• Modeling Solutions
• Analysis Tools
• Parallel vs. Sequential
• Ten Years From Now
• Strengths and Weakness of Paper
• How this relates to Embedded Software
• Resources

3
Driving Force

• Growth in size and complexity of software systems
• A desire to create composable code
• A need to be able to quickly and more effectively
  find errors in code
• Movement from sequential to parallel programming
  constructs (local vs. distributed)
• Better Faster Cheaper- we want it all

4
What is Analysis?

• Analysis- the extraction of behavior information
  from the software, represented as an abstract
  model or code
• Analyze using models
• More succinct
• Separate concerns and articulate key properties
• Can find errors earlier
• Code is poor by model
• Analyze complexity
• Code Coverage

5
Verification vs. Refutation

• Verification attempt to find a proof for a given
  property is the method of choice
• Very critical in embedded choices
• Refutation attempt to find a proof for the given
  property is the method of choice
• Very critical in embedded choices
• Proof by contradiction

6
Model Driven Code Analysis

• Weakened by modularity
• Increasing role in both static and dynamic
  analysis
• Giving the engineers more control over system
• Modeling is more effective when it is attached to
  code

7
Comparing Java and C

• Analyzability
• Multithreading
• Efficiency
• Portability
• Predictability
• Garbage collection is a problem
• JEPES
• Both satisfy steelman requirements about the
  same. Wheeler, David A. Ada, C, C, and Java
  vs. The Steelman. 1997

8
Simulation vs. Checking

• Simulation
• Advantages
• Reduces likelihood of egregious flaws
• Allows early experimentation and investigation of
  different structures
• Disadvantages
• Sacrifices correctness
• Checking
• Advantages
• Better at finding subtle errors
• Better for safety critical systems
• Establish correspondence between model and code
• Disadvantages
• Exposing subtle errors is rarely cost effective
• Robot simulation

9
Static vs. Dynamic

• Static analysis
• Advantages
• Provides information valid for all runs
• Disadvantages
• Information provided is usually just an
  approximation
• May cause many false positives when detecting
  errors
• Dynamic analysis
• Advantages
• Detailed and precise info for a single run
• Easier to obtain than static analysis
• Disadvantages
• Makes no guarantees about other runs

10
Modeling Solutions

• UML
• Embedded UML
• Architecture Analysis Design Language (AADL)
• Java Modeling Language (JML)
• Z notation
• Formal specification language
• Koala
• ADL for embedded systems

11
Analysis Tools

• KeY
• Deductive verification of OO systems
• ESC/Java
• Static checking and theorem proving
• RealView Profiler
• New dynamic analysis tool for ARM architectures
• MATLAB/Simulink
• PVS theorem prover
• Protoype verification system
• Java PathFinder (JPF)
• Model checking, runtime analysis, static analysis

12
Analysis Tools (cont)
13
Parallel vs. Sequential Execution

• Big push to migrate to parallel execution of
  programs.
• Harness multicore multi processor system
• 64 execution
• More dynamic real world needs
• Single threaded applications
• Way of the past (legacy systems, Fortran)
• Multithreaded applications
• Harder to analyze but gives increased
  functionality

14
Multi Threaded Solutions

• Open Mp
• Application Program Interface (API) that may be
  used to explicitly direct multi-threaded, shared
  memory parallelism
• Pro Active
• Professional open source Middleware solution for
  parallel, distributed and multi-threaded
  computing.

OpenMP uses the fork-join model of parallel
execution
ProActive middleware interfaces with several
standards
15
10 Years From Now

• Java will indeed be prevalent but it will not
  over taking over industry
• Always need multiple languages to have design
  tradeoffs
• Creation of new languages to that is more capable
  of handling designer concerns and limiting cost
• Increased research in optimization
• Large risk of business getting in way

16
Strengths Weaknesses of the Paper

• Strengths
• Very informative (gives a lot of information)
• Very insightful at time it was written (still
  applicable)
• More simulation than model checking
• Reliant upon software in almost every interaction
  of our lives
• Weaknesses
• Broads covers a lot of concepts
• Doesnt directly apply to embedded systems
• Omits evolution of hardware systems
• Doesnt make a clear distinction some dichotomies
• (distributed vs. localized) ignores localized

17
How It Relates to Embedded Software

• Software analysis will yield more robust software
• Cut costs
• Reduces risk
• Embedded software has its own environment
• own set of tools
• Different design tradeoffs
• Wave of future as computing becomes ubiquitous

18
Resources

• Cok, David R. and Kiniry, Joseph R. ESC/Java2
  Uniting ESC/Java and JML. 2004.
• Flanagan et al. Extended Static Checking for
  Java. 2002.
• Graaf et al. Embedded Software Engineering The
  State of the Practice. 2003
• Lindstrom et al. Model Checking Real Time Java
  Using PathFinder. 2005.
• Schmitt et al. A Case Study in Specification and
  Verification using UML in an Avionics
  Application. 2006.
• Schultz et al. Compiling Java for Low-End
  Embedded Systems. 2003.
• Vaandrager, Frits. Does it Pay Off? Model-Based
  Verification and Validation of Embedded Systems!
  2006.
• Visser et al. Model Checking Programs. 2000.