Scribd
Upload
4 views

Automated Sw Static Verification Using Polyspace Server and Access

The document discusses the implementation of automated static code analysis for automotive software using Polyspace Server and Access products at Mando. It outlines the project's goals, challenges, and the integration of continuous integration tools like Bamboo for efficient code analysis and collaborative review. The conclusion highlights the benefits of using Polyspace for static analysis while also noting some challenges in customization and performance.

Uploaded by

Daeyun James Kwon
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
4 views

Automated Sw Static Verification Using Polyspace Server and Access

The document discusses the implementation of automated static code analysis for automotive software using Polyspace Server and Access products at Mando. It outlines the project's goals, challenges, and the integration of continuous integration tools like Bamboo for efficient code analysis and collaborative review. The conclusion highlights the benefits of using Polyspace for static analysis while also noting some challenges in customization and performance.

Uploaded by

Daeyun James Kwon
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 29

Polyspace Server Products 및 Polyspace Access Products를

활용한 SW 정적검증 자동화

이민채, ㈜만도

0
Contents

1. Introduction to Mando and Presenter

2. Project Overview

3. Project Goals and Challenges

4. How did we get the “Automated Static Analysis and Collaborative Review” platform

5. Achievements and Outlook

6. Future Works

7. Conclusions

1
Mando - ADAS BU

Front Camera

Active
Safety

Brake System, ESC


Front Radar

Automated
Driving

Electric Power Steering Ultrasonic Sensors & ECU


for Automatic Parking

2
Development Process with MBD and Hand Code

Simulink Requirements

User
Requirements Acceptance
Testing

Unit Testing/
System Design Simulink Test
Integration Testing

Simulink

Code Verification &


Component Design Polyspace
Validation

Polyspace Server CI tool


Polyspace Access (Bamboo)
Code Generation &
Embedded Coder
Implementation

3
발표자 소개
▪ 연구 분야
– ADAS 및 자율주행 주행상황 판단 시스템
– 차량동역학 기반 제어시스템 설계 및 구현
– 자동차 SW 플랫폼, C/C++/Python, SW 검증

▪ 학력
이민채 책임연구원
– 한양대학교 전자전기컴퓨터공학부 학사
㈜만도 / ADAS BU
– 한양대학교 자동차공학과 석사
– 한양대학교 자동차공학과 박사

▪ 경력
– 한양대학교 자동차공학과 자동차전자제어연구소 (ACE Lab, 2006~2013)
– 자율주행자동차 경진대회 우승 (현대자동차, 2010/2012)
– 2013 무인 자율주행 자동차 경진대회 대상 (한국자동차공학회, 2013)
– ㈜만도 Global R&D Center 책임연구원 (2014 ~ 현재)

4
Project Overview
Static Code Analysis for Automotive Software

What is Static Code Analysis?

▪ Coding Guidelines
– MISRA C: Software development guidelines for the C programming language developed
by MISRA (Motor Industry Software Reliability Association)

▪ Run-Time Error Detection


– Run-Time Error: Problems that appear during the execution of a program
– Division by Zero, Overflow/Underflow, Use of Uninitialized Variables, …

▪ Code Metrics
– A statistical measurement of code complexity, size, coupling and cohesion

5
Project Overview
Polyspace Products

▪ Polyspace Bug Finder and Polyspace Code Prover


– Polyspace® Bug Finder™ identifies run-time errors, concurrency issues, security
vulnerabilities, and other defects in C and C++ embedded software.
– Polyspace® Code Prover™ is a sound static analysis tool that proves the absence of
overflow, divide-by-zero, out-of-bounds array access, and other run-time errors in
C and C++ source code.
for this project

Desktop Server Web

Polyspace Bug Finder Polyspace Bug Finder Server Polyspace Bug Finder Access

Polyspace Code Prover Polyspace Code Prover Server Polyspace Code Prover Access

6
Project Overview
Continuous Integration and Static Code Analysis

▪ Continuous Integration
– Automating the integration of code changes from multiple contributors
– Jenkins, Bamboo, GitLab, …
▪ Integrating Polyspace with continuous integration environment

7
Project Goals and Challenges
Conventional Development Process

▪ SW developer used standalone static code analysis tools

→ Static code analysis is required to perform early in development, before


software testing begins.

8
Project Goals and Challenges
Development Process with CI and Polyspace

▪ Atlassian Bitbucket® and Bamboo® are used for continuous integration


platform
– Bitbucket(GIT) for software code repository
– Bamboo for build and static code analysis triggering and scheduling

▪ Mathworks Polyspace products are used for static code analysis tool
– Polyspace Bug Finder Server for static code analysis with CI tools
– Polyspace Bug Finder Access for web based result review

9
Project Goals and Challenges
Development Process with CI and Polyspace

▪ System architecture of automated static code analysis platform

Push Trigger

Static Analysis Request

Review Static Analysis Results

10
Automated Static Analysis and Collaborative Review
Preparations for automated static analysis

▪ Hardware for analysis and web server


– A CI server(Jenkins, Bamboo, …) is required to trigger a static analysis
– An analysis server is required to run Polyspace Bug Finder Server (w/ license server)
– A web server is required to run Polyspace Bug Finder Access

▪ Software for static analysis


– Software compile options or compile environments for Polyspace project setup

11
Automated Static Analysis and Collaborative Review
Preparations for automated static analysis

▪ Installation of Polyspace Server and Access


– https://www.mathworks.com/help/polyspace_bug_finder_server/gs/install-products-
required-for-polyspace-analysis-on-server.html

Polyspace Bug Finder Server Polyspace Bug Finder Access

Upload Results

Windows Workstation Linux Server


(with Docker)

12
Automated Static Analysis and Collaborative Review
Preparations for automated static analysis

▪ Configuration of Polyspace Access


– Installation command: admin-docker-agent
– Open web browser and go to URL specified in the command-line output

or LDAP

for upload user authentication


13
Automated Static Analysis and Collaborative Review
First step – Command line based static analysis

▪ Polyspace Bug Finder Server is used for command line based static analysis
(w/o GUI)

▪ To check if the installation of Polyspace Bug Finder Server was successful


– Open a command window. Navigate to polyspaceserverroot\polyspace\bin
– Run “polyspace-bug-finder-server –help”

C:\Program Files\Polyspace Server\R2021a\polyspace\bin>

C:\Program Files\Polyspace Server\R2021a\polyspace\bin>polyspace-bug-


finder-server -help

14
Automated Static Analysis and Collaborative Review
First step – Command line based static analysis

▪ Syntax for Polyspace Bug Finder Server


– sources sourceFiles [OPTIONS]
– sources-list-file listOfSources [OPTIONS]
– option-file optFile

> polyspace-bug-finder-server –source-list-file source_files.txt –option-file options.txt

15
Automated Static Analysis and Collaborative Review
First step – Command line based static analysis

▪ Create ‘source_files.txt’ file with your options


– Specify your sources in the text file, on each line, specify the path to a source file
– You can specify an absolute path or a path relative to the folder from which you are
running the analysis

C:\Sources\myfile.c
C:\Sources2\myfile2.c

16
Automated Static Analysis and Collaborative Review
First step – Command line based static analysis

▪ Create ‘options.txt’ file with your options

#These are the options for MyBugFinderProject


-lang c
-prog MyBugFinderProject
-author jsmith
-sources "mymain.c,funAlgebra.c,funGeometry.c" We don’t need these lines.
-target x86_64 See next pages…
-compiler generic
-dos
-misra2 required-rules
-do-not-generate-results-for all-headers
-checkers default
-disable-checkers concurrency
-results-dir C:\Polyspace\MyBugFinderProject

17
Automated Static Analysis and Collaborative Review
First step – Command line based static analysis

▪ Combining command line arguments and option files

Branch name as a project name

> SET project_name=${bamboo.planRepository.branch}

> polyspace-bug-finder-server -prog %project_name% –source-list-file ./source_files.txt


–option-file ./project_options.txt –option-file ./include_path.txt -results-dir ./Result

Multiple option files to separate options with respect to characteristics

18
Automated Static Analysis and Collaborative Review
Second step – Upload the results to Polyspace Access server

▪ Create project to Polyspace Access server

> polyspace-access -host hostName -port portNumber -login username -encrypted-


password pwd -create-project testProject

▪ Upload results to Polyspace Access server

> polyspace-access -host hostName -port portNumber -login


username -encrypted-password pwd -upload . -project
myFirstProject -parent-project testProject

19
Automated Static Analysis and Collaborative Review
Second step – Upload the results to Polyspace Access server

▪ Create project to Polyspace Access server


> ${bamboo.polyspace_access_app} -host ${bamboo.polyspace_server_ip} -port ${bamboo.polyspace_server_port} -
protocol http -api-key ${bamboo.polyspace_api_key} -create-project ${bamboo.polyspace_location_on_access}

> ${bamboo.polyspace_access_app} -host ${bamboo.polyspace_server_ip} -port ${bamboo.polyspace_server_port} -


protocol http -api-key ${bamboo.polyspace_api_key} -upload .\Result -parent-project
${bamboo.polyspace_location_on_access} -project %project_name%

▪ Bamboo user defined variables


– bamboo.polyspace_access_app
– bamboo.polyspace_server_ip, bamboo.polyspace_server_port
– bamboo.polyspace_api_key
– bamboo.polyspace_location_on_access

20
Automated Static Analysis and Collaborative Review
Third step – Generate report

▪ Run report generator


> ${bamboo.polyspace_report_generator} -generate-results-list-file -results-dir ./result

> ${bamboo.polyspace_report_generator} -template ${bamboo.polyspace_report_template_dir}/developer.rpt -results-


dir ./result

> ${bamboo.polyspace_report_generator} -template


${bamboo.polyspace_report_template_dir}/bug_finder/BugFinderSummary.rpt -results-dir ./result

▪ Report template
– C:\Program Files\Polyspace\R2021a\toolbox\polyspace\psrptgen\templates

21
Automated Static Analysis and Collaborative Review
Integration with Bamboo

▪ Bamboo plan configuration

22
Achievements and Outlook
Web based result review and report generation

▪ Polyspace Server uploads the results to Polyspace Access


– The generated documents are registered to bamboo server as an artifact.
Static Analysis Report (For OEM and developers)

Web based static analysis review

23
Achievements and Outlook
Web based result review and report generation

▪ Open web browser and go to ‘Polyspace Access’ web site

24
Future Works
Polyspace as You Code

▪ Polyspace as You Code is a Visual Studio Code extension


– Run a single-file analysis on software developer’s computer
– Analysis results appears on VS Code window

25
Conclusions

▪ Pros
– Polyspace can analyze MISRA and defects at once
– Various interface to analyze/review static analysis results
– No additional costs for many lines of code or component extension

▪ Cons
– Customization of MISRA rules categories such as Mandatory, Required, and Advisory
– More detailed configuration for interrupts priority in Multitasking
– Slow Polyspace Code Prover makes adoption difficult

26
Conclusions

▪ Improved development process with Polyspace and CI


– Bamboo and Polyspace based SW static analysis is applied
▪ Static analysis script runs automatically after code push

▪ Collaborative review on web site


– Software developers can review the results on Polyspace Access web site
▪ Analysis reports are generated for developers and OEMs
– Findings can be assigned to relevant person on JIRA
▪ JIRA issues can be created in Polyspace Access

27
Questions?

28

You might also like