Upload File

interface-implementation contract checking: a case study on nasa’s osal

  • Home
  • Documents
  • Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL
26
© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL Dharmalingam Ganesan, Mikael Lindvall Fraunhofer Center for Experimental Software Engineering College Park Maryland 1

Upload: abe

Post on 25-Feb-2016

82 views

Category:

Documents


3 download

Report

DESCRIPTION

Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL. Dharmalingam Ganesan, Mikael Lindvall Fraunhofer Center for Experimental Software Engineering College Park Maryland. Agenda. Context: NASA OSAL Static equivalence analysis Static contract checking Conclusion. - PowerPoint PPT Presentation

TRANSCRIPT

Page 1: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 1

Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

Dharmalingam Ganesan, Mikael Lindvall

Fraunhofer Center for Experimental Software EngineeringCollege Park

Maryland

Page 2: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 2

Agenda• Context: NASA OSAL• Static equivalence analysis• Static contract checking• Conclusion

Page 3: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 3

Context: NASA OSAL• Operating System Abstraction Layer• Isolates flight software from real time operating

systems and hardware.• Implementation for the real time systems RTEMS and

vxWorks and posix compliant non-real time systems.• Provides “Write once, run everywhere (somewhere)” at

compile level• Used for mission critical embedded systems• Provides support for file-system, tasks, queues,

semaphores, interrupts, hardware abstraction, I/O ports and exception handling

Page 4: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 4

NASA OSAL

• Why is it important that OSAL is bug free?– flight software is mission critical and needs to

be of very high quality– OSAL is the foundation of the CFE which CFS

runs on top of– OSAL is used in many NASA missions, e.g.

the Lunar Renaissance Orbit– If OSAL has issues, it might result in

catastrophic failure

Page 5: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 5

NASA OSAL in CFS

Page 6: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 6

NASA OSAL – Architecture

Page 7: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 7

Agenda• Context: NASA OSAL• Static equivalence analysis• Static contract checking• Conclusion

Page 8: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 8

Static equivalence analysis

• Currently OSAL has implementations for Rtems, vxWorks and Posix operating systems

• All implementations should work the same– Perform same operation regardless of OS– Return same error-codes when errors occur

Page 9: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 9

Static equivalence analysis

• Used to find differences between implementations of OSAL – Posix, RTEMS, vxWorks

• Extracts return codes from function bodies• Return codes of each implementation

compared to find differences

Page 10: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 10

Static equivalence analysis• Enables us to easily find otherwise subtle and hard to

find errors

Posix implementation Rtems implementation

Page 11: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 11

Static equivalence analysis - example

Page 12: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering

Runtime Issues # Issues

Precondition Checking Diffs. 13

Return Code Diffs. 24

Global Variable Writing Diffs. 15

Parameter Writing Diffs. 3

Parameter Checking 2

Σ 57

12

Which defects can be found in OSAL when analyzing function pairs for functional equivalence?

Minor Issues # Issues

Configuration Issues 9*

Output Differences 18*

Σ 27

Acknowledged and/or Fixed

Page 13: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 13

Agenda• Context: NASA OSAL• Static equivalence analysis• Static contract checking• Conclusion

Page 14: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 14

Static contract checking without a formal contract

• API‘s are supposed to fulfill a “contract”• A contract is:

– Specification of what each function does and– How it responds to errors and what the function

should return

• Programmers program to a API using the contract as a guide.

• A function not written according to the contract can cause hard to find errors

Page 15: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 15

Static contract checking without a formal contract

Example of function fulfilling contract

Contract

Implementation

Page 16: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 16

Static contract checking without a formal contract

Example of function fulfilling contract

Page 17: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 17

Static contract checking without a formal contract

Example of function fulfilling contract

Page 18: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 18

Static contract checking without a formal contract

Example of function not fulfilling contract

Page 19: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 19

Static contract checking without a formal contract

• Regular expressions to create simple and fast perl programs

• Compatible with C and C++• Extracts return codes from function bodies and contract

comments• Compares the return codes of contract comments and

function bodies to find mismatches

Page 20: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 20

Static contract checking without a formal contract

Page 21: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 21

Static contract checking without a formal contract...and the other way around.

• To find if functions implement more than the contracts implies

• To identify an uncomplete contract that could result in implementation mismatches between wrappers

• Extract return codes from the function bodies, instead of the contract comments

• Compare the extracted returns to the contract comments to find undocumented behavior

Page 22: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 22

Static contract checking without a formal contract

Page 23: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 23

static contract checking without a formal contract

A part of the 61 issues found in the Posix implementation.

All issues reported and taken care now.

Page 24: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 24

SummaryStatic equivalence analysis:• A lightweight technique • powerful for detecting inconsistencies between wrappers• Found several inconsistencies (addressed in OSAL)Static contract checking without a formal contract:• A lightweight technique• Found a lot of inconsistencies between documentation

and code (addressed in OSAL)• Does not need any modeling or rigor

– (but neither sound nor complete)

Page 25: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 25

Thank you!

[email protected]@fc-md.umd.edu

Page 26: Interface-Implementation Contract Checking: A Case Study on NASA’s OSAL

© 2013 Fraunhofer USA, Inc. Center for Experimental Software Engineering 26

Acknowledgement• Gunnar Cortes• Henning Femmer• Dave McComas• Alan Cudmore• Wesley Deadrick


Preliminary Investigations into a Microkernel OSAL for cFSflightsoftware.jhuapl.edu/files/2017/cFS-Day/cFS17-B2-Presentation... · Preliminary Investigations into a Microkernel OSAL

NASA’s Exploration Architecture

NASA’s Lunar Discovery and Exploration Program · NASA’s Lunar Discovery and Exploration Program Sarah Noble NASA HQ. Overview of NASA’s Current Activities •Renewed emphasis

on NASA’s

A Prop osal - University of Maryland, Baltimore County

osal - New York State Department of Agriculture and · PDF fileNYS Department of Agriculture & Markets osal AG U L T T Introduction Agricultural operations produce a wide variety of

OSAL Libraries Help - ww1.microchip.com

Operating System Abstraction Layer (OSAL) - NASA · What Is The OSAL And What Are Its Benefits? What is the Operating System Abstraction Layer? - A small layer of software that allows

Osal Bulletin Dt 16.09.13

PhD Thesis Prop osal CUCS - COnnecting REpositories · PDF fileOn the Managemen t of Distributed Learning Agen ts PhD Thesis Prop osal CUCS Andreas L Pro dromidis andreascscolumbiaedu

NASA’s Pathfinder Technology Demonstrator

Update of APHIS 3 D Projects: Deppp ,opulation, Dispp,osal ... · PDF fileUpdate of APHIS 3‐D Projects: Deppp ,opulation, Dispp,osal, Decontamination Darrel K. Styles, DVM, PhD USDA

NASA’s BEST Activities

Author Index - IEEE Computer Society · Experience Report: Model-based Testing of NASA’s OSAL API Cukic, Bojan ... A Case Study of the Eclipse Project Author Index file:///L:

Thesis Prop osal - Pennsylvania State University

National Aeronautics and Space Administration NASA’s … · – NASA Agency Asset for Spacecraft ... (cFE) and open source O perating System Abstraction Layer (OSAL) for common

Scanned Document · evaluate th1S ro osal usm the criteria as noted in General Conditlons #8'? Is ro osal submitted with the date and time s ecified? Are all proposals submitted in

Implementing NASA’s Capability-Driven Approach: … NASA’s Capability-Driven Approach: Insight into NASA’s Processes for Maturing Exploration Systems. Julie Williams-Byrd NASA

udy osal Works

NASA’s Future Plans

NASA’s Centennial Challenges program NASA’s

Re uest for Pro osal ireless AN Data Communications System · PDF fileRequest for Proposal-Wireless WAN Data Communications System Re uest for Pro osal ireless AN Data Communications

Ph.D. Thesis Prop osal: T ransp ortable Agen tsdfk/agents/papers/gray:proposal.pdfPh.D. Thesis Prop osal: T ransp ortable Agen ts Rob ert S. Gra y Departmen t of Computer Science Dartmouth

NASA/GSFC’s Flight Software Core Flight Systemflightsoftware.jhuapl.edu/files/2012/FSW12_McComas.pdf · NASA / GSFC ATLAS Instrument OSAL, cFE Instrument using OSAL on a RAD750,

Operating System Abstraction Layer (OSAL)

Christiannes008497}.pdfMy initial prop osal fo cused exclusiv ely on blac k threat. When the prop osal w as accepted w e added \c hristian fundamen talist threat" after considering

Re nest for Pro osal · 2020-05-26 · Re nest for Pro osal Government of Tripura Directorate of Skill Development Department of Industries & ommerce lndranagar, Agartala-799006 Phone:

FITS Chec ksum Prop osal - IRAFiraf.noao.edu/iraf/ftp/misc/checksum/checksum.pdf · FITS Chec ksum Prop osal R.L. Seaman y W.D. P ence 24 August 1995 Abstract This pap er describ

El Mayo argentino Titulo Tarcus, Horacio - Autor/a Autor(es) OSAL

Characterization of NASA’s

MPLAB® Harmony Help - OSAL Library

CBD Chemical Production Building osal

NASA’s Operating Earth Science Satellite Missions · NASA’s Operating Earth Science Satellite Missions (including partnerships, as of May 2018) This graphic depicts NASA’s operating

Propulsion Progress for NASA’s Space Launch System · Propulsion Progress for NASA’s Space Launch System ... Leaders from NASA’s Space Launch System ... Integrated Teams with

Osal Bulletin 01.04.13