Landing a Spacecraft on Mars

Lecture Notes in Computer Science, 2008

Computer, 2006

2008 IEEE International Conference on Software Maintenance, 2008

In spite of the widespread use of coding standards and tools enforcing their rules, there is little empirical evidence supporting the intuition that they prevent the introduction of faults in software. Not only can compliance with a set of rules having little impact on the number of faults be considered wasted effort, but it can actually result in an increase in faults, as any modification has a non-zero probability of introducing a fault or triggering a previously concealed one. Therefore, it is important to build a body of empirical knowledge, helping us understand which rules are worthwhile enforcing, and which ones should be ignored in the context of fault reduction. In this paper, we describe two approaches to quantify the relation between rule violations and actual faults, and present empirical data on this relation for the MISRA C 2004 standard on an industrial case study.

AIAA Infotech@Aerospace (I@A) Conference, 2013

Coding standards are an integral part of today's safety-critical computer systems. Software verification and validation (V&V) practices significantly impact the cost of achieving human-rated levels of system integrity. The choices of software used to meet realtime, hard deadline requirements in onboard flight critical systems are relatively narrow. The stringent technical demands and expertise of the domain and the limited and specialized availability of industrial grade software products are the primary limiting factors. Robustness of software is influenced by choices in what programming languages, coding standards and testing, which is the primary form of V&V practice, are used. As a result, in these systems the state-of-the-art software uses less current programming features and techniques than those found, on the whole, in the software industry. Application of coding standards in high integrity systems software development is central to such practices. The goal of these is to make the software robust and safe and thereby contributing to overall system integrity. This paper examines the role and impact of interactions between use of the C++ programming language, the organization's own coding standards, and how these fit within V&V processes and procedures on robustness and testing as recently observed in NASA's EFT-1 project. These observations will help future flight software managers and engineers to make better application of coding standards throughout the V&V life cycle and optimize their impact on robustness and affordability.

2019 IEEE 24th Pacific Rim International Symposium on Dependable Computing (PRDC), 2019

Coding conventions are a means to improve the reliability of software systems. They can be established for many reasons, ranging from improving the readability of code to avoiding the introduction of security flaws. However, coding conventions often come in the form of textual documents in natural language, which makes them hard to manage and to enforce. Following model-driven engineering principles, in this paper we propose an approach and language for specifying coding conventions using structured models. We ran a feasibility study, in which we applied our language for specifying 215 coding rules from two popular rulesets. The obtained results are promising and suggest that the proposed approach is feasible. However, they also highlight that many challenges still need to be overcome. We conclude with an overview on the ongoing work for generating automated checkers from such models, and we discuss directions for an objective evaluation of the methodology.

2009 6th IEEE International Working Conference on Mining Software Repositories, 2009

In spite of the widespread use of coding standards and tools enforcing their rules, there is little empirical evidence supporting the intuition that they prevent the introduction of faults in software. In previous work, we performed a pilot study to assess the relation between rule violations and actual faults, using the MISRA C 2004 standard on an industrial case. In this paper, we investigate three different aspects of the relation between violations and faults on a larger case study, and compare the results across the two projects. We find that 10 rules in the standard are significant predictors of fault location.

IEEE Access

Coding conventions are a means to improve the reliability of software systems, and they are especially useful to avoid the introduction of known bugs or security flaws. However, coding rules typically come in the form of text written in natural language, which makes them hard to manage and to enforce. Following the model-driven engineering principles, in this paper we propose an approach for the management and enforcement of coding conventions using structured models. We define the Coding Conventions Specification Language (CCSL), a language to define coding rules as structured specifications, from which checkers are derived automatically by code generation. To evaluate our approach, we run a thorough experiment on 8 real open-source projects and 77 coding rules for the Java language, comparing the violations identified by our checkers with those reported by the PMD static analysis tool. The obtained results are promising and confirm the feasibility of the approach. The experiment also revealed that textual coding rules rarely document all the necessary information to write a reliable checker. INDEX TERMS Coding standards, coding conventions, model-driven engineering, domain-specific languages, static analysis.

2011 27th IEEE International Conference on Software Maintenance (ICSM)

Maintainability is a desired property of software, and a variety of metrics have been proposed for measuring it, focusing on different notions of complexity and code readability. Many practices have been proposed to improve maintainability through code refactorings: improving the cohesion, simplification of interfaces, renamings to improve understandability. Code conventions are a body of advice on lexical and syntactic aspects of code, aiming to standardize low-level code design under the assumption that such a systematic approach will make code easier to read, understand, and maintain. We present the first stage in our examination of code-convention adherence practices as a proxy measurement for maintainability. Based on a preliminary survey of software engineers, we identify a set of coding conventions that most relate to maintainability. Then we devise a "convention adherence" metric, based on the number and severity of violations of a defined coding convention. Finally, we analyze several open-source projects according to this metric to better understand how consistent different teams are with respect to adopting and conforming to code conventions.

Electronic Notes in Theoretical Computer Science, 2009

Coding rules are often used in industry for codifying software best practices and avoiding the many hazardous constructions present in languages such as C or C++. Predictable and customisable tools are needed to automatically measure adherence to these practices. Many of the properties about software needed for rule conformance analysis are calculated by modern compilers. We present an extension of the GNU Compiler Collection (GCC) that flags those code fragments that do not conform to a given set of rules. The user can define coding rules using a high-level declarative language based on logic programming.

Enforcing Coding Standards is part of the traditional concerns of industrial software developments. In this paper, we present a framework based on the open source Frama-C platform for easily developing syntactic, typing (and even some semantic) analyses of C source code, among which conformance to Coding Standards. We report on our successful attempt to develop a Frama-C plug-in named Taster, in order to replace a commercial, offthe-shelf, legacy tool in the verification process of several Airbus avionics software products. We therefore present the types of coding rules to be verified, the Frama-C platform and the Taster plug-in. We also discuss ongoing industrial deployment and qualification activities.