AMartignano, Maurizio
doi: 10.1145/3394514.3394516pmid: N/A
While in the past in the C/C++ world compilers and static analyzers took two separate paths and were two separate lines of tools, nowadays they are coming back together, especially the Clang compiler and its Clang/LLVM based static analyzers. The paper will show why and how this "reunion" is beneficial, especially when analyzing large codebases. In particular the paper first will present these relatively new analyzers, then it will show how these tools are currently integrated in code quality platforms - e.g. SonarQube; finally, the paper will describe the author's recent results in terms of improving the analyzers - code quality platforms integration and facilitating the adoption and execution of static analysis in software projects.
Verification of Ada Programs with AdaHornBeyene, Tewodros A.; Herrera, Christian; Nigam, Vivek
doi: 10.1145/3394514.3394517pmid: N/A
We propose AdaHorn, a model checker for verification of Ada programs with respect to correctness properties given as assertions. AdaHorn translates an Ada program together with its assertion into a set of Constrained Horn Clauses, and feeds it to a Horn constraints solver. We evaluate the performance of AdaHorn on a set of Ada programs inspired by C programs from the software verification competition (SV-COMP). Our experimental results show that AdaHorn outputs correct results in more cases than GNATProve, which is a widely used Ada verification framework.
RCLAda, or Bringing Ada to the Robot Operating SystemMosteo, Alejandro R.
doi: 10.1145/3394514.3394518pmid: N/A
The Robot Operating System (ROS) is a commonly used framework in many fields of robotics research, with increasing presence in the industry. The next iteration of this framework, ROS2, aims to improve observed shortcomings of its predecessor like deterministic memory allocation and real-time characteristics. The officially supported languages in ROS2 are C++ and Python, although several other contributed APIs for other languages exist. RCLAda is an API and accompanying tools for the ROS2 framework that enable the programming of ROS2 nodes in pure Ada with seamless integration into the ROS2 workflow.
Co-engineering of Safety and Security Life Cycles for Engineering of Automotive SystemsBramberger, Robert; Martin, Helmut; Gallina, Barbara; Schmittner, Christoph
doi: 10.1145/3394514.3394519pmid: N/A
Nowadays systems are becoming more and more connected. Consequently, the co-engineering of (cyber)security and safety life cycles becomes paramount. Currently, no standard provides a structured co-engineering process to facilitate the communication between safety and security engineers. In this paper, we propose a process for co-engineering safety and security by the explicit systematization and management of commonalities and variabilities, implicitly stated in the requirements of the different standards. Our process treats the safety and security life cycles as members of a security-informed safety-oriented process line and so it forces safety and security engineers to come together and brainstorm on what might be considered a commonality and what might be considered a variability. We illustrate the usage of our process by systematizing commonalities and variabilities at risk analysis phase in the context of ISO 26262 and SAE J3061. We then draw lessons learnt. Finally, we sketch some directions for future work.