BY John Keller
Complex application software increasingly is finding its way into mission- and life-critical applications, like medical equipment, surveillance and reconnaissance systems, and even high-end passenger cars. Despite the importance of this software, however, much of today’s sophisticated code is developed in somewhat of a haphazard manner with little foolproof debugging going on, and even less code verification based on formal methods.
“The modern car has more lines of code than a typical commercial jetliner,” says Robert Dewar, president and chief executive officer of AdaCore Technologies Inc. in New York. “Medical instrumentation has critical software that also is written in a haphazard way,” he says.
Software in these kinds of mission- and life-critical systems could learn a thing or two from aerospace and defense technology, such as avionics and military systems in which formal certification is mandatory, and where the use of software verification tools are seeing increasing use not only to find software bugs, but also to exercise the software automatically in a wide variety of scenarios to ensure the code will work every time.
Approaches to software verifi- cation tools are widely varied, but tend to segment into static tools, which work with the source code itself, and dynamic test tools, which execute the code with test cases to verify that the software works correctly. New kinds of dynamic software code verification tools seek to automate the process of following software verification requirements.
In addition, software engineers are working on developing formal, mathematical proof techniques to ensure code quality. Among the companies invested in formal mathematical proof techniques for software code verification is The MathWorks in Natick, Mass.
“There is a new class of verification tools that actually analyzes the code to check to make sure there won’t be a certain class of runtime errors,” says Jon Friedman, aerospace and defense industry marketing manager at The MathWorks. “These check to make sure that the engineer hasn’t left openings for those kinds of problems.”
Formal, mathematically provable methods are absolutely essential for removing all doubt that software will work when called on, says Jay Abraham, product marketing manager at The MathWorks. “You cannot do exhaustive software testing without formal methods,” Abraham says. “Formal mathematics can boil down these complicated problems into smaller problems that you can prove.”
AdaCore’s Dewar says use of mathematical proof techniques is a major trend in software verification tools today. He says this technology should be mature within the next five years. “It is being used today, but it is not yet standard industry practice,” Dewar says.
Today’s high-performance and relatively inexpensive computing is helping software engineers implement formal methods in software code verification. In years past, the kind of computing necessary to run formal methods was unavailable to most engineers.
Following a set process for soft- ware code verification is not new, but in the recent past has been a laborious process. Today, software engineers are trying to automate that process of tracing requirements all the way down to testing on a target, says Chris Murray, vice president of business development at LDRA Ltd. U.S. office in San Bruno, Calif.
“It is most important to be able to find out which software artifact is connected upstream or downstream to another artifact,” Murray says. “You need to do that quickly and efficiently. LDRA does that with a tool called Object Box, which is a component of the LDRA Tool Suite that includes static and dynamic software testing and requirements traceability.”