In recent years, domestic electron company and chip design business attack in force the Gao Ke such as car, medical treatment and industry to rely on to apply (Mission-critical) domain, discovered the new field that casts off the Red Sea for oneself. But majority of tall reliable application needs functional security attestation, control in electron of such as car, aviation, medical treatment and industry in a lot of industries wait for an industry, it is very common it is even must the job. These attestations fill in through necessary technological process and test functional security detailed list, all the time since the thing that is a special difficulty, but the attestation that a few methods can accelerate you.

Although can undertake many fine tuning to process of research and development in order to accelerate your attestation, but systems of all contemporary electron information from software namely code quality begins. But how can you ensure code quality? Fortunately, use a few simple methods, can promote your code quality instantly almost, reduce anguish as far as possible.

Obtain a help from inside the standard

Taste as one family property by the whole world nearly 50 thousand enterprises / what the orgnaization uses is embedded development tool provider, the engineer of research and development of IAR is evaluated in C99, there are about 190 kinds of amphibolous places in code standard. It is namely in C99, have 190 kinds of different C structures accord with syntax, did not explain clearly in C language standard. Actually, enter C18, the circumstance can become have a bit what bad luck, in C++ , the situation will be more bad, need introduces here accede more and fictitious and successive concept. Of course, compile implement must turn your source code into specific code, so it must choose a kind of explanation to the meaning of code, move next with it.

This is meant in practice, you can get be compilinged differently implement, they have different explanation to source code. In the system that in Gao Ke relies on, this is one as the setting like nightmare; Pass functional security attestation as soon as possible for pursuit as a result of a lot of companies especially, on many platform for convenient test across compiles their code. Can imagine, this obtains the time of attestation to be able to have the effect of how special how terrible to you, because of you must around all these circumstances have a test, with proving code but repeatability and dependability.

How is ability defeated solve this difficult problem? Brief answer is, avoid amphibolous circumstance to appear in your code. But how to accomplish this? Use like MISRA such encode standard can solve this difficult problem quickly, because these standards are to let you,avoid the pitfall of those common types in code. These standards still advocate encode to want on the safe side, in order to reduce the flaw amount in your code. But, how does ability ensure we follow these standards? Fortunately, functional safety standard provided a kind of means.

The standard needs code analysis

Almost standard of each function safety needs you to undertake to your code the static state is analysed, when and suggest you undertake to your code strongly carrying (or dynamic) analysis. The influence in these standards is the most extensive is IEC 61508, covered general the system related to safety. The C.4.2 in this standard this one is medium, to safe integrality grade (SIL) the product of 1 above, do not suggest to use did not eliminate amphibolous the C language of the encode standard with dangerous behavior.

In other words, if you think the product that is you obtains the attestation of SIL 2-4 grade, you must use static analysis to make your code more firm. Is this why? These static states analyse a tool to be able to force developer to implement the encode standard of such as MISRA. In addition, static state and carry time analyse can help you improve code quality, point out you quickly when encode action has a risk, put in the amphibolous circumstance in afore-mentioned encode standards especially.

However, when you use tool of this kind of automation, also meet tremendous to generation of your attestation time line influence. A lot of organizations use the code that uses configuration, hard hard to analyse a tool, these tools are built in compose move on the server, regard daily form as the one part that build. This is not very big to your help, because individual developer did not get instant feedback, the code that they do not know to they just are written has what problem. In addition, sometimes the admonitory information that these tools issue understands hard, developer people should be being cleared up is what meaning, and how to amend code ability to let a warning disappear, this wasted their time.

In other words, security attestation is not the good point that wants outstanding project (high-powered) , the weakness that should find out a project as far as possible however (flaw) , want to choose the development tool that is crossed by test and verify of group of maximum development staff as far as possible so, or " experienced and knowledgeable " development tool system. The tool of development of IAR Embedded Workbench that the whole world has more than 150 thousand to develop personnel to be offerred in use IAR will finish its all sorts of embedded project, through rather in a lot of " ace " development staff communicates discovery: If you can undertake in developing a process code is analysed- - before formal compose is built- - so flaw resembles is like never passing. The leak of your project will be smaller, machine conception wants attestation this, because this means you,have the development organization of a special maturity.

Let code analyse the one part that makes routine circuit

The engineers of IAR had seen a lot of companies that come from all trades and professions, what we notice is, the code analysis tool that configuration rises to be used more easily is simpler, development staff uses them more likely, can help development staff finish a project more quickly to realize a product to appear on the market so. Let these automation tools make the one part of developer kit, mean you when to can writing applied program, be checked and improve code quality, can be in at the same time " area " inside understand this part code to want to do what and it how to undertake with the other module in the system alternant. To accomplish this effectively, these tools must be gone to by conformity in routine flow.

When the view that analyses to integrated code in the someone else that browse, the engineer of IAR discovers Gu Ge published an article on ACM publication, discussed the merit that code analyses. Although the article is right their whole code library, included C, C++ and Java to undertake making an on-the-spot investigation in the round, but their result is very clear:

"What developing a process is inchoate can discover compile implement mistake, and can conformity arrives in the working technological process that develops personnel. Our discovery expands compile implement examination collect is right the code quality that improves Google is effective.

The author says, the static state analytic examination conformity reachs compile implement in working flow, make its appear as the mistake, rose to be spent to the attention of tool findings greatly, the code quality that this means them will be very high finally. Look downward again, they spoke of an investigation, this investigation faces encounter recently compile implement mistake and had received repair the developer of same question patch:

"Cereal song developer thinks, the problem that labels when compile (differ with the code patch that already referred) can catch more serious flaw; For example, there is 74% to be considered as by investigation participator inside the problem of the mark in compiling a process ' real problem ' , under photograph comparing, the problem that discovers in the code that already referred has 21% only. The problem that discovers in the code that already referred has 21% only..

The article still spoke of the importance that regards working flow as one part code analysis, point out analyse a tool to run referred code automatically to invite an engineer to examine instrument for analysis through the static state when them board when, follow-up of very rare engineer after all. The instant feedback in compiling a process lets static analysis use rise simpler, be ignored harder also. Accordingly, they choose to add static analysis in the acquiesce in the working flow of everybody. Cereal song group thinks, code analyses a tool to want to gain a success, must let develop personnel to feel they used these tools, be benefited from which, and very enjoy benefit from these tools.

But, code analysis is added in working flow, do you expect what to kind of result see? Having a thing can expect to come true, that enhances the integral security that uses a program namely, because high quality code can eliminate flaw to use such as buffer to spill over to wait for an opportunity with illegal finger, if this article place is narrated. Although this itself is a when use code analyses very good reason, but persuade people very hard to believe sometimes " stitch does not fill, 10 needles are seamed hard " this is gnomic, you need more remarkable result to persuade developer and administrative layer, yield the benefit that code of their be convinced analyses.

The data of a paper use experience of the person such as Stefan Wagner will calculate code analysis tool and the dominant position that the tradition checks to go up in different code library. Their result is very convincing: In 769 flaw that are identified, 76% be be discovered by code analysis tool, having 4% only is discover in conventional test, the others 20% in code the discovery in examining. If can eliminate the flaw of 75% before beginning a test, so the mean time between failure that realizes software quickly (MTTF) target? The answer is " very fast " . It is to see a test save the time that come down and money merely, can discover the investment that analyses a tool to code is worthiness, prep let alone shortens the product appears on the market the time below periodic province. These are the flow kinds that orgnaization of functional security attestation likes to see, because it reduced end item greatly,still contain leaky risk.

The code of high quality makes you fast on the road that leads to functional security advance

The key of the way that mends functional security attestation is to improve code quality. Improve code quality, the product flaw that can reduce you is led, this is meant can achieve software quickly to issue a standard, the development organization that lets you looks very mature in orgnaization of functional security attestation. Although you know exactly to be returned in an application process forever,have how many flaw, but the measure that uses code as early as possible to analyse a tool to be able to reduce flaw more.