c-stat: static code analysis - iar systems...• why use code analysis? – iec61508 v2 requires the...
TRANSCRIPT
Code analysis at your desk vs. in the field
Michael Fuhrmann, Field Application Engineer
Agenda
• C-STAT: Static code analysis • C-RUN: Runtime code analysis • C-RUN in ”standalone-mode”
C-STAT: Static code analysis
C-STAT: Static code analysis • Why use code analysis?
– C is not safe – All software contains bugs – The later you find a bug, the more expensive
it gets
C-STAT: Static code analysis • Why use code analysis?
– IEC61508 v2 requires the use of static analysis for SIL 2 – 4
• Section C.4.2 lays out the need for analysis • Without static analysis, the standard does not
recommend using C – Section B.6.5 strongly recommends dynamic
analysis
C-STAT: Static code analysis • C-STAT is an optional complete
static analysis tool
• It includes rule-sets for: – MISRA-C: 2004 – MISRA-C: 2012 – MISRA-C++: 2008 – 200+ additional checks from CWE & CERT
C-STAT: Static code analysis • C-STAT is fully integrated into IAR Embedded
Workbench (many targets) for daily use by every developer
• Export / Import of individual rule-settings
• Generation of HTML reports
• “F1” help with code examples available
C-STAT: Static code analysis • C-STAT offers a flexible message filter and
suppression management
• It is available in our Eclipse plugin
• It can be used via command line for: – Continuous integration with Jenkins / Bamboo – Regression tests
C-STAT: Static code analysis • Available targets:
IAR Embedded Workbench for Arm ≥ v7.40 IAR Embedded Workbench for MSP430 ≥ v6.30 IAR Embedded Workbench for AVR32 ≥ v4.30 IAR Embedded Workbench for AVR ≥ v6.60 IAR Embedded Workbench for RX ≥ v2.80 IAR Embedded Workbench for V850 ≥ v4.20
C-STAT: Static code analysis • Available targets:
IAR Embedded Workbench for CR16C ≥ v3.30 IAR Embedded Workbench for STM8 ≥ v2.20 IAR Embedded Workbench for 8051 ≥ v9.30 IAR Embedded Workbench for RL78 ≥ v2.20 IAR Embedded Workbench for RH850 ≥ v1.30
Demonstration
C-RUN: Runtime code analysis
C-RUN: Runtime analysis
• C-RUN is an optional runtime code analysis tool for C and C++
• It is fully integrated into IAR Embedded Workbench (some targets) for daily use by every developer
C-RUN: Runtime analysis • C-RUN checks your code during execution
on the target or in the simulator • It can be used for:
– Arithmetic operations checking – Bounds checking – Heap checking – Check of unhandled switch cases
C-RUN: Runtime analysis • C-RUN offers efficient instrumentation
of diagnosis routines inside your code
• It has a flexible error filter management
• C-RUN is available trough our Eclipse plugin
C-RUN: Runtime analysis
• Available targets: IAR Embedded Workbench for Arm ≥ v7.20 IAR Embedded Workbench for RX ≥ v3.10
Demonstration
C-RUN in ”standalone-mode”
C-RUN in ”standalone-mode” • C-RUN is a handy tool, but what if:
– the problem occurs only sporadically after days / weeks of operation?
– reproducing the problem needs “real-world” operating conditions that are hard to simulate on your desk or in the lab?
C-RUN in ”standalone-mode” • Solution: use C-RUN standalone
– Build and deploy a test firmware for a unit with the necessary C-RUN tests enabled
– Redirect the output of C-RUN to a serial interface and log the messages
– Parse the recorded cryptic messages offline to plaintext with CSPYBAT.EXE
Demonstration
Summary • C-STAT and C-RUN are fully integrated into
IAR Embedded Workbench*
• Easy to use ”turn-key” solutions for daily code analysis tasks
• C-RUN can be used standalone to find ”hard to detect” problems in the field
* available for selected architectures
• Get scanned to have this presentation emailed to you.
• Visit IAR Demo Space to get a demo of our technology.
Want to learn more?
Thank you for your attention!
Backup slides
C-RUN in ”standalone-mode” Select the required tests from the C-RUN options.
C-RUN in ”standalone-mode” Redirect the output messages to a serial terminal. The required ReportCheckFailedStdout.c can be found in the EW installation
C-RUN in ”standalone-mode” Log the messages with a data recorder or a terminal program
C-RUN in ”standalone-mode” Modify the *.CSPY.BAT file with the --rtc_filter option and start it with the reference to the *.out file of the project
C-RUN in ”standalone-mode” Copy ‘n’ paste the error message
C-RUN in ”standalone-mode” Get a detailed info: - what C-RUN test
was triggered - what file is affected - what line and
column caused the error
• Get scanned to have this presentation emailed to you.
• Visit IAR Demo Space to get a demo of our technology.
Want to learn more?
Thank you for your attention!