Towards an Industrial Use of FLUCTUAT on Safety-Critical Avionics Software

Most modern safety-critical control programs, such as those embedded in fly-by-wire control systems, perform a lot of floating-point computations. The well-known pitfalls of IEEE 754 arithmetic make stability and accuracy analyses a requirement for this type of software. This need is traditionally addressed through a combination of testing and sophisticated intellectual analyses, but such a process is both costly and error-prone. FLUCTUAT is a static analyzer developed by CEA-LIST for studying the propagation of rounding errors in C programs. After a long time research collaboration with CEA-LIST on this tool, Airbus is now willing to use FLUCTUAT industrially, in order to automate part of the accuracy analyses of some control programs. In this paper, we present the IEEE 754 standard, the FLUCTUAT tool, the types of codes to be analyzed and the analysis methodology, together with code examples and analysis results.

[1]  Matthieu Martel Validation of assembler programs for DSPs: a static analyzer , 2004, PASTE '04.

[2]  Baudin,et al.  Proving Temporal Properties at Code Level for Basic Operators of Control/command Programs , .

[3]  Xavier Rival,et al.  Symbolic transfer function-based approaches to certified compilation , 2004, POPL.

[4]  Xavier Leroy,et al.  Formal certification of a compiler back-end or: programming a compiler with a proof assistant , 2006, POPL '06.

[5]  Eric Goubault,et al.  Static Analysis of Numerical Algorithms , 2006, SAS.

[6]  Jean Souyris,et al.  Astrée: From Research to Industry , 2007, SAS.

[7]  Reinhold Heckmann,et al.  Computing the Worst Case Execution Time of an Avionics Program by Abstract Interpretation , 2007 .

[8]  Eric Goubault,et al.  Static Analysis of the Accuracy in Control Systems: Principles and Experiments , 2007, FMICS.

[9]  Patrick Cousot,et al.  Basic concepts of abstract interpretation , 2004, IFIP Congress Topical Sessions.

[10]  Gilberto Filé,et al.  Static Analysis, 14th International Symposium, SAS 2007, Kongens Lyngby, Denmark, August 22-24, 2007, Proceedings , 2007, SAS.

[11]  Reinhard Wilhelm,et al.  An abstract interpretation-based timing validation of hard real-time avionics software , 2003, 2003 International Conference on Dependable Systems and Networks, 2003. Proceedings..

[12]  Brian R. Hunt,et al.  A Guide to MATLAB®: For Beginners and Experienced Users , 2014 .

[13]  Eric Goubault,et al.  The Zonotope Abstract Domain Taylor1+ , 2009, CAV.

[14]  David Clark,et al.  Safety and Security Analysis of Object-Oriented Models , 2002, SAFECOMP.

[15]  Eric Goubault,et al.  Space Software Validation using Abstract Interpretation , 2009 .

[16]  Eric Goubault,et al.  HybridFluctuat: A Static Analyzer of Numerical Programs within a Continuous Environment , 2009, CAV.

[17]  Jérôme Feret,et al.  Static Analysis of Digital Filters , 2004, ESOP.

[18]  Patrick Cousot,et al.  Abstract Interpretation Based Formal Methods and Future Challenges , 2001, Informatics.

[19]  Eric Goubault,et al.  Under-Approximations of Computations in Real Numbers Based on Generalized Affine Arithmetic , 2007, SAS.

[20]  Brian Campbell,et al.  Amortised Memory Analysis Using the Depth of Data Structures , 2009, ESOP.

[21]  Amey Karkare,et al.  Heap reference analysis using access graphs , 2006, ACM Trans. Program. Lang. Syst..

[22]  Jean Souyris,et al.  Experimental Assessment of Astrée on Safety-Critical Avionics Software , 2007, SAFECOMP.

[23]  Patrick Cousot,et al.  The ASTREÉ Analyzer , 2005, ESOP.

[24]  Eric Goubault,et al.  Perturbed affine arithmetic for invariant computation in numerical program analysis , 2008, ArXiv.

[25]  Patrick Cousot,et al.  The ASTR ´ EE Analyzer , 2005 .

[26]  J. Stolfi,et al.  Aane Arithmetic and Its Applications to Computer Graphics , 1990 .

[27]  François-Xavier Dormoy,et al.  SCADE 6 A Model Based Solution For Safety Critical Software Development , 2007 .