WHITE PAPER

Advanced Static Analysis Techniques for DO-178 Verification

Static analysis refers to techniques able to automatically derive properties of programs by solely looking at source code. Static analysis is one of the most important, value-added verification techniques performed on safety critical software. Other verification techniques include:

• Review of Models
• Review of source code
• Unit testing by the developer
• Functional (requirements) based testing
• Robustness testing
• Software structural coverage analysis
• Traceability analysis

Of the above verification techniques, static analysis and unit testing are considered the most subjective hence is not formally required by deterministic safety-critical software standards such as DO-178. However, static analysis is often considered to provide the largest return (effectiveness) for time spent since static analysis is automated thus required relatively little human intervention.

This paper describes how recent developments in static analysis techniques, so called Static Verification, can be efficiently used in conjunction with functional testing techniques in order to substantially reduce debugging, code inspection, and robustness testing efforts. The paper elaborated on the key features static analyzers should have for bringing software engineers actual added value during their software development process (exhaustiveness and in-depth analysis to handle both “false positive” and “false negative” issues). As a result, this paper discusses how Static Verification streamlines the functional tests by simply showing errors before they cause disruptions later on while these tests are performed. Static Verification techniques then offer new opportunities to software engineers who may now see where software problems occur instead of debugging them later on. Better prevent than care.