论文信息 - Safety-Critical Software Development in C++

Safety-Critical Software Development in C++

The choice of the programming language is a fundamental decision to be made when defining a safety-oriented software development process. It has significant impact on code quality and performance, but also on the achievable level of safety, the development and verification effort, and on the cost of tool qualification. Traditionally, safety-critical systems have been programmed in C or ADA. In recent years, also C++ has entered into the discussion. C++ enables elegant programming, but its inherent language complexity is much higher compared to C. This has implications for testability, structural coverage, performance, and code analysis. Further issues to be considered are tool chain diversity, the role of the standard library, and tool qualification for compilers, analyzers and other development tools. This article summarizes the requirements of different safety norms, illustrates development and verification challenges and addresses tool qualification.

[1] Xavier Leroy,et al. CompCert: Practical Experience on Integrating and Qualifying a Formally Verified Optimizing Compiler , 2018 .

[2] Xavier Leroy,et al. CompCert - A Formally Verified Optimizing Compiler , 2016 .

[3] Xavier Leroy,et al. Formal C Semantics: CompCert and the C Standard , 2014, ITP.

[4] Laurent Mauborgne,et al. Analyze This! Sound Static Analysis for Integration Verification of Large-Scale Automotive Software , 2019 .

[5] Patrick Cousot,et al. Abstract interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints , 1977, POPL.

[6] Daniel Kästner,et al. Proving the Absence of Stack Overflows , 2014, SAFECOMP.

[7] Xavier Rival,et al. A relational shape abstract domain , 2017, Formal Methods in System Design.